From fbd52277809ed8d388bdbf766149e76c15f472a7 Mon Sep 17 00:00:00 2001
From: marian1010 <79144276+marian1010@users.noreply.github.com>
Date: Wed, 5 May 2021 19:46:10 +0200
Subject: [PATCH] encryptpass

---
 assets/php/common/manager_dao.php | 17 +++++++++++++----
 panel_admin/manage_managers.php   | 15 +++++++++------
 2 files changed, 22 insertions(+), 10 deletions(-)

diff --git a/assets/php/common/manager_dao.php b/assets/php/common/manager_dao.php
index 67d4f71..d4002e4 100644
--- a/assets/php/common/manager_dao.php
+++ b/assets/php/common/manager_dao.php
@@ -15,14 +15,22 @@
 
         //Create a new user Manager.
 		public function createManager($id, $username, $email, $pass, $rol){
-			$sql = sprintf( "INSERT INTO `users`( `id`, `username`, `email`, `password`, `rol`) 
+			$password = $this->encryptPass($pass);
+			$sql = sprintf( "INSERT INTO `users`( `id`, `username`, `email`, `passwd`, `rol`) 
 								VALUES ( '%d', '%s', '%s', '%s', '%s')", 
-									$id, $username, $email, $pass, $rol);
+									$id, $username, $email, $password, $rol);
 			
 			$resul = mysqli_query($this->mysqli, $sql) or die ('Error into query database');
 			return $resul;
 		}
 		
+		private function encryptPass($password){
+			//$password = hash('sha256', $password);
+			$password = password_hash($password, PASSWORD_DEFAULT);
+
+			return $password;
+		}
+
 		
 	    //Returns a query to get All the managers.
 		public function allManagersData(){
@@ -72,9 +80,10 @@
 		
 		//Edit manager.
 		public function editManager($id, $username, $email, $pass, $rol){
-			$sql = sprintf( "UPDATE users SET email = '%s' , pass = '%s',
+			$password = $this->encryptPass($pass);
+			$sql = sprintf( "UPDATE users SET email = '%s' , passwd = '%s',
 								WHERE users.id = '%d';", 
-									 $email, $pass, $id);
+									 $email, $password, $id);
 
 			$resul = mysqli_query($this->mysqli, $sql) or die ('Error into query database');
 
diff --git a/panel_admin/manage_managers.php b/panel_admin/manage_managers.php
index 34c88b2..12ca0a9 100644
--- a/panel_admin/manage_managers.php
+++ b/panel_admin/manage_managers.php
@@ -84,10 +84,10 @@
     function addManager(){
         echo'   <div class="column side"></div>
                 <div class="column middle">
-                    <h2>Añadir promoción</h2>
+                    <h2>Añadir gerente</h2>
                     <form method="post" action="index.php?state=mp">
-                        <fieldset id="promotion_form">
-                        <legend>Datos dela Promoción</legend>
+                        <fieldset id="manager_form">
+                        <legend>Datos del manager </legend>
                         <div>
                             <input type="text" name="username" id="username" placeholder="Nombre" />
                         </div>
@@ -95,7 +95,10 @@
                             <input type="email" name="email" id="email" placeholder="email" />
                         </div>
                         <div>
-                            <input type="text" name="password" id="pass" placeholder="pass" />
+                            <input type="text" name="pass" id="pass" placeholder="password" />
+                        </div>
+                        <div>
+                            <input type="text" name="pass2" id="pass2" placeholder="confirm password" />
                         </div>
                         </fieldset>
                         <div class="actions"> 
@@ -111,7 +114,7 @@
     function deleteManager() {
         echo'<div class="column side"></div>
             <div class="column middle">
-                <h2>Editar Promoción</h2>
+                <h2>Borrar gerente</h2>
                 <form method="post" action="index.php?state=mp">
                     <div class="row">
                         <fieldset id="promotion_form">
@@ -136,7 +139,7 @@
     function editManager() {
         echo'<div class="column side"></div>
             <div class="column middle">
-                <h2>Editar promoción</h2>
+                <h2>Editar gerente</h2>
                 <form method="post" action="index.php?state=mp">
                 <div class="row">
                 <fieldset id="promotion_form">