Solved

How to Compare new password to existing password to prevent using the same one.

Posted on 2008-06-11
2
181 Views
Last Modified: 2010-04-06
I have a page where users are redirected to change their password.  The logic I would like to add is to prevent them from re-using their existing password.  The existing password is stored in recordset  
rsLoginData and the field name is Password.  The field name on form1 for their new password is NewPassword.

Input appreciated.
0
Comment
Question by:drelinger
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 6

Accepted Solution

by:
ysfx earned 250 total points
ID: 21763697
You can have another field which requests the old password, thus requiring that the user entering the new password knows the old password. This way you can verify the old password with the new password immediately.

Otherwise, you will have to pull the information from  your database to validate the the password is not the same, or you can modify the update statement's criteria (ie where) by adding passwordcolumn <> 'newpassword'.
0
 
LVL 2

Assisted Solution

by:kszurek
kszurek earned 250 total points
ID: 21820881

<?PHP
if (strlen($_POST['old']) > 0 && strlen($_POST['new']) > 0)
{
	$old = trim($_POST['old']);
	$new = trim($_POST['new']);
	mysql_connect('localhost', 'user', 'password');
	mysql_select_db('expert');
	$result = mysql_query("SELECT password FROM rsLoginData WHERE user = 'username' LIMIT 1");
	$row = mysql_fetch_array($result, MYSQL_ASSOC);
	if ($row['password'] == $old)
	{
		if ($new == $_POST['new2'])
		{
			mysql_query("UPDATE rsLoginData SET password = '".mysql_real_escape_string($new)."' WHERE user = 'username' LIMIT 1");
			echo 'Password changed';
		} else echo 'Password mishmash';
	} else echo 'Old password is incorrect';
 
}
?>
<form method="post" action="a.php">
Old: <input type="password" name="old"><br />
New: <input type="password" name="new"><br />
Retype new: <input type="password" name="new2"><br />
<input type="submit" name="submit" value="Change!">
</form>

Open in new window

0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you tried to learn about Unicode, UTF-8, and multibyte text encoding and all the articles are just too "academic" or too technical? This article aims to make the whole topic easy for just about anyone to understand.
This article demonstrates how to create a simple responsive confirmation dialog with Ok and Cancel buttons using HTML, CSS, jQuery and Promises
Viewers will learn one way to get user input in Java. Introduce the Scanner object: Declare the variable that stores the user input: An example prompting the user for input: Methods you need to invoke in order to properly get  user input:
The viewer will the learn the benefit of plain text editors and code an HTML5 based template for use in further tutorials.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question