Solved

Verify the new password

Posted on 2004-04-11
16
511 Views
Last Modified: 2012-05-04
Hi!

I need to enhance the following code so that these conditions are met:

1) That the new_password and verify_new_password are the same and if not notify the user of their mistake.

2) That the new_password is at least 8  characters, and won't allow a password of all digits, or all the same letter and any other easy mistake you can think of.

<form name="form1" onsubmit="if(doSubmit) { return true; } else { return false; }" ACTION="../change-password.asp" METHOD="POST">
     <table>
     
        <tr>
          <td style="text-align: right; font-weight: bold">Old password:</td>
          <td style="text-align: left">
            <input type="password" name="old_password" size="25"/>
          </td>
        </tr>

         <tr>
          <td style="text-align: right; font-weight: bold">New password:</td>
          <td style="text-align: left">
            <input type="password" name="new_password" size="25"/>
          </td>
        </tr>

        <tr>
          <td style="text-align: right; font-weight: bold">Verify new password:</td>
          <td style="text-align: left">
            <input type="password" name="verify_new_password" size="25"/>
          </td>
        </tr>

      </table>            
      <p>
         <input type="submit" value="Change password"/>
         <input type="reset" value="Reset"/>
      </p>
      <p><input type="button" value="Return to Default Page" onclick="history.go(-1)"/></p>
    </form>
0
Comment
Question by:TrueBlue
  • 7
  • 7
  • 2
16 Comments
 
LVL 12

Assisted Solution

by:venkateshwarr
venkateshwarr earned 100 total points
Comment Utility
Try this...

<SCRIPT LANGUAGE="JavaScript">
<!--
function dosubmit()
{
      var new_password=document.forms[0].new_password.value;
      var verify_new_password=document.forms[0].verify_new_password.value;
      var msg="";
      if (verify_new_password!=new_password)      msg="Password dont match";
      else if (new_password.length<8)      msg="Password length less than 8";
      else if (isNaN(new_password)) msg="There should be atleast 1 number";

      if (msg!="")
      {
            alert(msg);
            return false;
      }
      else
            document.forms[0].submit();
}
//-->
</SCRIPT>


<form name="form1" onsubmit="dosubmit()" ACTION="../change-password.asp"  METHOD="POST">
     <table>
     
        <tr>
          <td style="text-align: right; font-weight: bold">Old password:</td>
          <td style="text-align: left">
            <input type="password" name="old_password" size="25"/>
          </td>
        </tr>

         <tr>
          <td style="text-align: right; font-weight: bold">New password:</td>
          <td style="text-align: left">
            <input type="password" name="new_password" size="25"/>
          </td>
        </tr>

        <tr>
          <td style="text-align: right; font-weight: bold">Verify new password:</td>
          <td style="text-align: left">
            <input type="password" name="verify_new_password" size="25"/>
          </td>
        </tr>

      </table>            
      <p>
         <input type="submit" value="Change password"/>
         <input type="reset" value="Reset"/>
      </p>
      <p><input type="button" value="Return to Default Page" onclick="history.go(-1)"/></p>
    </form>
0
 

Author Comment

by:TrueBlue
Comment Utility
Hi!

I placed this line of code between the two head statements:

<SCRIPT LANGUAGE="JavaScript" type="text/javascript" src="../verifypassword.js"></SCRIPT>

And placed the rest of your javascript in a file named verifypassword.js, excluding the script tags.

And edited this line per your suggestion,
<form name="form1" onsubmit="dosubmit()" ACTION="../change-password.asp"  METHOD="POST">

I am not getting any error, however, when I press the submit button after entering two different strings in the new_password and verify_new_password fields I get no warning either.

Any ideas on what I am missing?

Thank you in advance.

0
 
LVL 12

Expert Comment

by:venkateshwarr
Comment Utility
I think the form is submitted to change-password.asp....
0
 

Author Comment

by:TrueBlue
Comment Utility
Hi!

I tried it again and the javascript just seems to be ignored.

I entered the old password entered a new password and a different one for the verify password.

Pressed the submit button and the password was changed and the email created by the called asp page.

Should the script some how be called before the submit button is pressed?

Or is maybe the document part not right?

I looked an example javascript for checking fields on a form and it would look like this:

     var new_password=document.form1.new_password.value;

but this did not work either.

Anyway to trouble shoot this?
0
 
LVL 4

Expert Comment

by:monolith_888
Comment Utility
The ONSUBMIT in the FORM tag needs to be returned:

<form name="form1" onsubmit="return dosubmit()" ACTION="../change-password.asp"  METHOD="POST">

Change the end of the function venkateshwarr wrote to this:

  if (msg!="")
     {
          alert(msg);
          return false;
     }
     else
         return true;
0
 

Author Comment

by:TrueBlue
Comment Utility
Hi monolight 888!

I incorporated your suggestions and I still do not get a message window after pressing the submit button.

Any other ideas?

Thank you in advance.
0
 
LVL 4

Expert Comment

by:monolith_888
Comment Utility
Here is the completed file.  I have added an alert also when user the will have succeeded.  If this does not work for you, please let me know.  I will re-write it in a better fashion.  Also, what browser / version are you using?

Thanks,
Blake
0
 

Author Comment

by:TrueBlue
Comment Utility
Hi!

I am using IE version 6.0x and NS 7.01x.

I can not see an attached file.

Thank you in advance.

0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 4

Expert Comment

by:monolith_888
Comment Utility
oops!

lol - here it is:

<SCRIPT LANGUAGE="JavaScript">
<!--
function dosubmit()
{
     var new_password=document.forms[0].new_password.value;
     var verify_new_password=document.forms[0].verify_new_password.value;
     var msg="";
     if (verify_new_password!=new_password)     msg="Password dont match";
     else if (new_password.length<8)     msg="Password length less than 8";
     else if (isNaN(new_password)) msg="There should be atleast 1 number";

     if (msg!="")
     {
          alert(msg);
          return false;
     }
     else
     {
          alert('success, now going to change-password.asp')
          return true;
     }
      
}
//-->
</SCRIPT>
<form name="form1" onsubmit="return dosubmit()" ACTION="../change-password.asp"  METHOD="POST">
     <table>
        <tr>
          <td style="text-align: right; font-weight: bold">Old password:</td>
          <td style="text-align: left">
            <input type="password" name="old_password" size="25"/>
          </td>
        </tr>

         <tr>
          <td style="text-align: right; font-weight: bold">New password:</td>
          <td style="text-align: left">
            <input type="password" name="new_password" size="25"/>
          </td>
        </tr>

        <tr>
          <td style="text-align: right; font-weight: bold">Verify new password:</td>
          <td style="text-align: left">
            <input type="password" name="verify_new_password" size="25"/>
          </td>
        </tr>

      </table>            
      <p>
         <input type="submit" value="Change password"/>
         <input type="reset" value="Reset"/>
      </p>
      <p><input type="button" value="Return to Default Page" onclick="history.go(-1)"/></p>
    </form>


===========
sorry bout that!
0
 
LVL 4

Expert Comment

by:monolith_888
Comment Utility
fyi - Here's how I would do it:

<SCRIPT LANGUAGE="JavaScript">
<!--
var msg =
  {
  blank : "Please complete all fields before submitting.\n",
  short : "Password must be at least 8 characters long.\n",
  nonum : "Password should contain at least 1 numeric digit.\n",
  nomat : "The New password and Verify new passwords do not match.  Please retry.\n"
  };

var errors =
  {
  blank : true,
  short : true,
  nonum : true,
  nomat : true
  };

function dosubmit()
  {
  var oldPass = document.getElementById("oldPW");
  var newPass = document.getElementById("newPW");
  var verPass = document.getElementById("verPW");
  var nums    = /[0-9]/;
      
  if(oldPass.value != "" && newPass.value != "" && verPass.value != "")
    errors.blank = false;
            
  if(newPass.value == verPass.value)
    errors.nomat = false;
            
  if(newPass.value.length >= 8)
    errors.short = false;
            
  if(newPass.value.match(nums))
    errors.nonum = false;

  if(errors.blank || errors.short || errors.nonum || errors.nomat)
    {
    var errMsg = "";
    if(errors.blank)
      errMsg += msg.blank;
    if(errors.short)
      errMsg += msg.short;
    if(errors.nonum)
      errMsg += msg.nonum;
    if(errors.nomat)
      errMsg += msg.nomat;

    alert(errMsg);
    resetErrors();
    return false;
    }

resetErrors();
alert('will return true');
return false;
}

function resetErrors()
  {
  errors.blank = true;
  errors.short = true;
  errors.nonum = true;
  errors.nomat = true;
  }
//-->
</SCRIPT>
<form name="form1" onsubmit="return dosubmit()" ACTION="../change-password.asp"  METHOD="POST">
     <table>
        <tr>
          <td style="text-align: right; font-weight: bold">Old password:</td>
          <td style="text-align: left">
            <input type="password" name="old_password" size="25" id="oldPW"/>
          </td>
        </tr>

         <tr>
          <td style="text-align: right; font-weight: bold">New password:</td>
          <td style="text-align: left">
            <input type="password" name="new_password" size="25" id="newPW"/>
          </td>
        </tr>

        <tr>
          <td style="text-align: right; font-weight: bold">Verify new password:</td>
          <td style="text-align: left">
            <input type="password" name="verify_new_password" size="25" id="verPW"/>
          </td>
        </tr>

      </table>            
      <p>
         <input type="submit" value="Change password"/>
         <input type="reset" value="Reset"/>
      </p>
      <p><input type="button" value="Return to Default Page" onclick="history.go(-1)"/></p>
    </form>
0
 

Author Comment

by:TrueBlue
Comment Utility
Hi Monolith 888!

I decided to try your second method. I am still not getting a window giving an error.

Is there a way for me to see if the variables are actually being passed to the javascript?

Thank you in advance.
0
 
LVL 4

Expert Comment

by:monolith_888
Comment Utility
TrueBlue,

Please forgive me if this seems silly, but I need to understand how this is not working for you.  Can you take my last post with the code in it, and paste it as-is into a new HTML file and try it?

If that works, we need to figure out the difference between that and the way in which you were trying it where it does not work.

To check and see if you are getting into the function, put something like:
alert('here I am');
at the top of the dosubmit function.

Also, is this being parsed by something else, is it added as an include?  If so, put that alert at the top of the included script file to see if it's even being loaded.

If this is the line you are using to include the Javascript:
<SCRIPT LANGUAGE="JavaScript" type="text/javascript" src="../verifypassword.js"></SCRIPT>

verify that the 'verifypassword.js' file is sitting one directory above the HTML including it.  If the .js file is in the *same* directory, use:
<SCRIPT LANGUAGE="JavaScript" type="text/javascript" src="verifypassword.js"></SCRIPT>

Try some of that and let me know.  We're close, but I think the problem is that the error checking script is never being hit at all (not loaded properly)
0
 

Author Comment

by:TrueBlue
Comment Utility
Hi!

Ok. I got your second suggestion to work. It now displays the warnings.
I tried alot of things, but I think it was that I had the script statement in the head section instead of the body section.

The only problem I have now is if both the new and revised passwords match I get a window saying "will return true" instead of calling my changepassword.asp procedure in the action part of the form statement.

Any ideas?

Thank you in advance.
0
 
LVL 4

Accepted Solution

by:
monolith_888 earned 400 total points
Comment Utility
Yes,

Just find this section of the code:

resetErrors();
alert('will return true');
return false;

and change it to this:

resetErrors();
return true;

I had altered it so you would see the correct messages.

-blake
0
 

Author Comment

by:TrueBlue
Comment Utility
Hi Blake:

That worked perfectly.

I have one other question on the called asp page.

I have the following code:

If ( (rs.EOF = TRUE)  AND  (rs.BOF = TRUE) ) Then
       Call NoRecordsFound()
         Else
          If rs.Fields("LoginPassword") = Request("Old_Password") Then
             rs.Fields("LoginPassword") = Request("New_Password")
             rs.update
               Else
                 msgbox "Entered Wrong Old Password - Please try again"
                 Response.redirect("/html/changepassword.htm")
          End If

If a user enters the wrong old password I want to display an error window with an ok button and then return them to the change password form. I have the return part working, but the msgbox statement is giving me the following error:

Microsoft VBScript runtime error '800a0046'

Permission denied: 'msgbox'

Any ideas what I am missing?


0
 
LVL 4

Expert Comment

by:monolith_888
Comment Utility
Though not an ASP expert, I know that msgbox cannot be used on the server-side... here's something I found - maybe it will help you out or perhaps you could use a Response.Write with a link?

=======
You can use parens with a sub if you use the Call keyword:

Call MsgBox ("Hello World!", 65, "MsgBox Example")

However, that's not the problem.

You can't use MsgBox in server-side script - it's not a valid function in that context. The ASP script is executed on the server-side and popping a MsgBox on the web server via ASP isn't really appropriate.

What you can do is have your ASP Response.Write out a block of client-side script that prodocues a JavaScript Alert or VBScript MsgBox that pops up the message you want your user to see. If you did something like:

Response.Write "<script language=vbscript>" & vbcrlf
Response.Write "MsgBox ""Date Error!""" & vbcrlf
Response.Write "</script>" & vbcrlf
=======
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Deprecated and Headed for the Dustbin By now, you have probably heard that some PHP features, while convenient, can also cause PHP security problems.  This article discusses one of those, called register_globals.  It is a thing you do not want.  …
Foreword (July, 2015) Since I first wrote this article, years ago, a great many more people have begun using the internet.  They are coming online from every part of the globe, learning, reading, shopping and spending money at an ever-increasing ra…
In this tutorial viewers will learn how add a full-size background image to a webpage using CSS3. Create a new HTML document with an internal stylesheet.: In CSS, define the html element to have a background image. Use a high resolution image.: In t…
The viewer will learn the benefit of using external CSS files and the relationship between class and ID selectors. Create your external css file by saving it as style.css then set up your style tags: (CODE) Reference the nav tag and set your prop…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now