Board index   FAQ   Search  
Register  Login
Board index php forum :: Database mySQL & php coding

Password Confirmation

Codes here !

Moderators: macek, egami, gesf

Password Confirmation

Postby kelvin24 » Wed Sep 05, 2012 8:43 am

Im trying to add a user and it requires to enter its password once again but when I enter a different password in the re type field it still records the data to the database. Here's my code

Code: Select all
<?php
$con = mysql_connect('mysql16.000webhost.com', 'a1969010_root', 'kelvin0324') OR die("Error: ".mysql_error());
mysql_select_db('a1969010_softeng', $con) OR die("Error: ".mysql_error());
function protect($string){
    $string = mysql_real_escape_string($string);
    $string = strip_tags($string);
    $string = addslashes($string);
    return $string;
} {
    $username = protect($_POST['username']);
    $password = protect($_POST['password']);
    $confirm = protect($_POST['repassword']);
    $name = protect($_POST['name']);
   $type = 'user';
    $errors = array();
        if(!$username){
            $errors[] = "Username is not defined!";
        }
        if(!$password){
            $errors[] = "Password is not defined!";
        }
        if($password){
            if(!$confirm){
                $errors[] = "Confirmation password is not defined!";
            }
         elseif($confirm!=$password){
            $errors[] = "Password did not match!";
            }
        }
      if($password!=$confirm){
           
                $errors[] = "Passwords do not match!";
           
        }
        if(!$name){
            $errors[] = "Name is not defined!";
        }
        if($username){
            if(!ctype_alnum($username)){
                $errors[] = "Username can only contain numbers and letters!";
            }
            $range = range(1,15);
            if(!in_array(strlen($username),$range)){
                $errors[] = "Username must be between 1 and 15 characters!";
            }
        }
       
       
        if($username){
            $sql = "SELECT * FROM `login` WHERE `username`='".$username."'";
            $res = mysql_query($sql) or die(mysql_error());
                if(mysql_num_rows($res) > 0){
                    $errors[] = "The username you supplied is already in use!";
                }
        }
        if($name){
            $sql2 = "SELECT * FROM `login` WHERE `name`='".$name."'";
            $res2 = mysql_query($sql2) or die(mysql_error());
                if(mysql_num_rows($res2) > 0){
                    $errors[] = "The Name you supplied is already in use of another user!";
                }
        }
        if(count($errors) > 0){
            foreach($errors AS $error){
                echo $error . "<br>\n";
            }
        }else {
            $sql4 = "INSERT INTO `login`
                    (`username`,`password`,`name`,`type`)
                    VALUES ('".$username."','".$password."','".$name."','".$type."')";
            $res4 = mysql_query($sql4) or die(mysql_error());
            echo "<font align=\"center\"><br><br>You have successfully registered with the username <b>".$username."</b> and the password <b>".$password."</b>!</font>Click here to return to the <a href='Main.php'>Home Page</a>";
        }
}

?>
kelvin24
New php-forum User
New php-forum User
 
Posts: 12
Joined: Mon Aug 13, 2012 5:11 pm

Re: Password Confirmation

Postby engrmudasirmalik » Thu Oct 04, 2012 10:17 pm

kelvin24 wrote:Im trying to add a user and it requires to enter its password once again but when I enter a different password in the re type field it still records the data to the database. Here's my code

Code: Select all
<?php
$con = mysql_connect('mysql16.000webhost.com', 'a1969010_root', 'kelvin0324') OR die("Error: ".mysql_error());
mysql_select_db('a1969010_softeng', $con) OR die("Error: ".mysql_error());
function protect($string){
    $string = mysql_real_escape_string($string);
    $string = strip_tags($string);
    $string = addslashes($string);
    return $string;
} {
    $username = protect($_POST['username']);
    $password = protect($_POST['password']);
    $confirm = protect($_POST['repassword']);
    $name = protect($_POST['name']);
   $type = 'user';
    $errors = array();
        if(!$username){
            $errors[] = "Username is not defined!";
        }
        if(!$password){
            $errors[] = "Password is not defined!";
        }
        if($password){
            if(!$confirm){
                $errors[] = "Confirmation password is not defined!";
            }
         elseif($confirm!=$password){
            $errors[] = "Password did not match!";
            }
        }
      if($password!=$confirm){
           
                $errors[] = "Passwords do not match!";
           
        }
        if(!$name){
            $errors[] = "Name is not defined!";
        }
        if($username){
            if(!ctype_alnum($username)){
                $errors[] = "Username can only contain numbers and letters!";
            }
            $range = range(1,15);
            if(!in_array(strlen($username),$range)){
                $errors[] = "Username must be between 1 and 15 characters!";
            }
        }
       
       
        if($username){
            $sql = "SELECT * FROM `login` WHERE `username`='".$username."'";
            $res = mysql_query($sql) or die(mysql_error());
                if(mysql_num_rows($res) > 0){
                    $errors[] = "The username you supplied is already in use!";
                }
        }
        if($name){
            $sql2 = "SELECT * FROM `login` WHERE `name`='".$name."'";
            $res2 = mysql_query($sql2) or die(mysql_error());
                if(mysql_num_rows($res2) > 0){
                    $errors[] = "The Name you supplied is already in use of another user!";
                }
        }
        if(count($errors) > 0){
            foreach($errors AS $error){
                echo $error . "<br>\n";
            }
        }else {
            $sql4 = "INSERT INTO `login`
                    (`username`,`password`,`name`,`type`)
                    VALUES ('".$username."','".$password."','".$name."','".$type."')";
            $res4 = mysql_query($sql4) or die(mysql_error());
            echo "<font align=\"center\"><br><br>You have successfully registered with the username <b>".$username."</b> and the password <b>".$password."</b>!</font>Click here to return to the <a href='Main.php'>Home Page</a>";
        }
}

?>


You just need to add one simple thing into your code,
Code: Select all
if($password!=$confirm){
           
                $errors[] = "Passwords do not match!";
                 header('location:samepage.php');
                 exit();
           
        }

Try this hope this would work for your.
User avatar
engrmudasirmalik
New php-forum User
New php-forum User
 
Posts: 14
Joined: Wed Jan 11, 2012 11:39 am
Location: Bahawalpur Pakistan


Return to mySQL & php coding

Who is online

Users browsing this forum: Bing [Bot] and 1 guest

Sponsored by Sitebuilder Web hosting and Traduzioni Italiano Rumeno and antispam for cPanel.