update encrypted password in MySQL database

Question

I have installed this addon: https://github.com/RainLoop/rainloop-webmail/tree/master/plugins/change-password-custom-sql into rainloop webmail. I am trying to get so that users can update their passwords themselves. When i deployed the webmail, mysql etc i followed this tutorial: https://www.cyberpunk.rs/mail-server-setup-postfix

When adding users i use:

INSERT INTO `EMAIL_DB`.`virtual_users`
(`id`, `domain_id`, `password` , `email`)
 VALUES
 ('1', '1', ENCRYPT('password for the user', CONCAT('$6$', 
SUBSTRING(SHA(RAND()), -16))), 'email@domain.com');

So when i try to configure the addon i use this as my query:

UPDATE :table SET password = ENCRYPT(':newpass', CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))) WHERE email = :email

But i cant seem to get it to work

UPDATE :table SET password = ENCRYPT(':newpass', CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))) WHERE email = :email

I get no other error message except that password cant be updated...

Possible duplicate of [Can PHP PDO Statements accept the table or column name as parameter?](https://stackoverflow.com/questions/182287/can-php-pdo-statements-accept-the-table-or-column-name-as-parameter) — aynber, Jun 10 '19 at 13:32
@panther no its not the problem, rather the query that seems to be wrong, ive tried update trough phpmyadmin aswell but it seems i cant get it right — Per Källström, Jun 10 '19 at 17:01

score 0 · Answer 1 · edited Jun 10 '19 at 21:07

0

UPDATE :table SET password = ENCRYPT(':newpass', CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))) WHERE email = ':email'

... i was missint the '' around :email :sigh:

edited Jun 10 '19 at 21:07

prieber

554
3
16

answered Jun 10 '19 at 19:47

Per Källström

39
1
6

update encrypted password in MySQL database

1 Answers1