Improve company productivity with a Business Account.Sign Up

x
?
Solved

How to Compare new password to existing password to prevent using the same one.

Posted on 2008-06-11
2
Medium Priority
?
186 Views
Last Modified: 2010-04-06
I have a page where users are redirected to change their password.  The logic I would like to add is to prevent them from re-using their existing password.  The existing password is stored in recordset  
rsLoginData and the field name is Password.  The field name on form1 for their new password is NewPassword.

Input appreciated.
0
Comment
Question by:drelinger
2 Comments
 
LVL 6

Accepted Solution

by:
ysfx earned 1000 total points
ID: 21763697
You can have another field which requests the old password, thus requiring that the user entering the new password knows the old password. This way you can verify the old password with the new password immediately.

Otherwise, you will have to pull the information from  your database to validate the the password is not the same, or you can modify the update statement's criteria (ie where) by adding passwordcolumn <> 'newpassword'.
0
 
LVL 2

Assisted Solution

by:kszurek
kszurek earned 1000 total points
ID: 21820881

<?PHP
if (strlen($_POST['old']) > 0 && strlen($_POST['new']) > 0)
{
	$old = trim($_POST['old']);
	$new = trim($_POST['new']);
	mysql_connect('localhost', 'user', 'password');
	mysql_select_db('expert');
	$result = mysql_query("SELECT password FROM rsLoginData WHERE user = 'username' LIMIT 1");
	$row = mysql_fetch_array($result, MYSQL_ASSOC);
	if ($row['password'] == $old)
	{
		if ($new == $_POST['new2'])
		{
			mysql_query("UPDATE rsLoginData SET password = '".mysql_real_escape_string($new)."' WHERE user = 'username' LIMIT 1");
			echo 'Password changed';
		} else echo 'Password mishmash';
	} else echo 'Old password is incorrect';
 
}
?>
<form method="post" action="a.php">
Old: <input type="password" name="old"><br />
New: <input type="password" name="new"><br />
Retype new: <input type="password" name="new2"><br />
<input type="submit" name="submit" value="Change!">
</form>

Open in new window

0

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

This article discusses how to implement server side field validation and display customized error messages to the client.
Originally, this post was published on Monitis Blog, you can check it here . In business circles, we sometimes hear that today is the “age of the customer.” And so it is. Thanks to the enormous advances over the past few years in consumer techno…
Viewers will learn one way to get user input in Java. Introduce the Scanner object: Declare the variable that stores the user input: An example prompting the user for input: Methods you need to invoke in order to properly get  user input:
The viewer will the learn the benefit of plain text editors and code an HTML5 based template for use in further tutorials.

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question