Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How to Compare new password to existing password to prevent using the same one.

Posted on 2008-06-11
2
Medium Priority
?
183 Views
Last Modified: 2010-04-06
I have a page where users are redirected to change their password.  The logic I would like to add is to prevent them from re-using their existing password.  The existing password is stored in recordset  
rsLoginData and the field name is Password.  The field name on form1 for their new password is NewPassword.

Input appreciated.
0
Comment
Question by:drelinger
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 6

Accepted Solution

by:
ysfx earned 1000 total points
ID: 21763697
You can have another field which requests the old password, thus requiring that the user entering the new password knows the old password. This way you can verify the old password with the new password immediately.

Otherwise, you will have to pull the information from  your database to validate the the password is not the same, or you can modify the update statement's criteria (ie where) by adding passwordcolumn <> 'newpassword'.
0
 
LVL 2

Assisted Solution

by:kszurek
kszurek earned 1000 total points
ID: 21820881

<?PHP
if (strlen($_POST['old']) > 0 && strlen($_POST['new']) > 0)
{
	$old = trim($_POST['old']);
	$new = trim($_POST['new']);
	mysql_connect('localhost', 'user', 'password');
	mysql_select_db('expert');
	$result = mysql_query("SELECT password FROM rsLoginData WHERE user = 'username' LIMIT 1");
	$row = mysql_fetch_array($result, MYSQL_ASSOC);
	if ($row['password'] == $old)
	{
		if ($new == $_POST['new2'])
		{
			mysql_query("UPDATE rsLoginData SET password = '".mysql_real_escape_string($new)."' WHERE user = 'username' LIMIT 1");
			echo 'Password changed';
		} else echo 'Password mishmash';
	} else echo 'Old password is incorrect';
 
}
?>
<form method="post" action="a.php">
Old: <input type="password" name="old"><br />
New: <input type="password" name="new"><br />
Retype new: <input type="password" name="new2"><br />
<input type="submit" name="submit" value="Change!">
</form>

Open in new window

0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
Without even knowing it, most of us are using web applications on a daily basis.  In fact, Gmail and Yahoo email, Twitter, Facebook, and eBay are used by most of us daily—and they are web applications. We generally confuse these web applications to…
HTML5 has deprecated a few of the older ways of showing media as well as offering up a new way to create games and animations. Audio, video, and canvas are just a few of the adjustments made between XHTML and HTML5. As we learned in our last micr…
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question