PHP Password Validation

  • (2 Pages)
  • +
  • 1
  • 2

20 Replies - 2476 Views - Last Post: 10 October 2012 - 10:48 AM Rate Topic: -----

#1 hugoriffic  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 185
  • Joined: 16-September 09

PHP Password Validation

Posted 10 October 2012 - 06:19 AM

I have a question in regards to how to verify that a second password entered into a form is equal to a first. I've Googled the proper way to go about this but all of the examples I've seen are for Javascript validation, which I've already done.
What I need to do, using PHP, is verify that the second password entered matches the first. If the passwords do not match I need to send the user back to the form (CreateAccount.php) to re-enter the data. If the passwords match I need to allow the info to pass through to another webpage stating that all the information was entered properly and in the correct format.
I've figured out how to verify phone numbers, ZIP codes, states, and the like but am running into issues on how to do so with passwords using PHP. I wanted to post my code here to see if I have coded properly. Here is the code I've come up with:

if ($_GET['txtPasswordCheck']) !== ($GET_['txtPassword'])
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$PasswordCheck = $_GET['txtPasswordCheck'];
}



Is this the proper format for checking to see if the passwords match?

Is This A Good Question/Topic? 0
  • +

Replies To: PHP Password Validation

#2 Dormilich  Icon User is offline

  • 痛覚残留
  • member icon

Reputation: 3554
  • View blog
  • Posts: 10,332
  • Joined: 08-June 10

Re: PHP Password Validation

Posted 10 October 2012 - 06:26 AM

so, does it work (assuming $GET_ is just a typo)?

yea, essentially it boils down to $a == $b
Was This Post Helpful? 0
  • +
  • -

#3 hugoriffic  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 185
  • Joined: 16-September 09

Re: PHP Password Validation

Posted 10 October 2012 - 06:39 AM

Dormilich,
As of now it does not work properly. When I submit the form, with the above code, it automatically sends me back to the form and all fields are blank. Even when the passwords match. When I comment out the above code my form is submitted to the validation page and no information entered into the fields is lost.
We are purposefully using the GET method for the purposes of allowing the professor to check all validations. He is changing the info within the URL on the validation page, after the form is submitted, and then hitting refresh. Once the information is changed it should send the user back to the form.
I've tested all the other fields by changing the info within the URL and all other validations work properly. So, I know the other validations are set up properly.
If you'd like I can submit the entire PHP validation code for you to look at if you feel this might be helpful.
Was This Post Helpful? 0
  • +
  • -

#4 Dormilich  Icon User is offline

  • 痛覚残留
  • member icon

Reputation: 3554
  • View blog
  • Posts: 10,332
  • Joined: 08-June 10

Re: PHP Password Validation

Posted 10 October 2012 - 06:41 AM

so that typo is also in your real code?

you might have to turn on error reporting to see, if PHP notices any errors, though.

This post has been edited by Dormilich: 10 October 2012 - 06:42 AM

Was This Post Helpful? 0
  • +
  • -

#5 hugoriffic  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 185
  • Joined: 16-September 09

Re: PHP Password Validation

Posted 10 October 2012 - 06:57 AM

The typo has been fixed. Still does not work. In fact, I've deleted the above code to see if all other validations work properly, hit save, and then re-checked my website. Now, none of my code executes. I am getting the same issue. It sends me directly to the blank form. I didn't touch any of my other code.
Also, I'm working in Visual Studio.NET and attempting to debug but it states the current version of Windows does not use debugging. I'm on Firefox.
Was This Post Helpful? 0
  • +
  • -

#6 CTphpnwb  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 3034
  • View blog
  • Posts: 10,582
  • Joined: 08-August 08

Re: PHP Password Validation

Posted 10 October 2012 - 07:03 AM

When you tell the browser to switch to the new site: CreateAccount.htm you don't provide it any information, so why wouldn't it produce an empty form? If you included the php page then it would retain the variables so it could populate the form.
Was This Post Helpful? 0
  • +
  • -

#7 hugoriffic  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 185
  • Joined: 16-September 09

Re: PHP Password Validation

Posted 10 October 2012 - 07:16 AM

What I mean is when I re-enter all fields properly and hit the submit button it no longer takes me to the validation page as it should. It did before I entered the password check code. Now, even with the password validation code deleted, the file saved and uploaded to the server, and refreshing the website before entering new info I still am automatically directed to the blank form. This shouldn't be happening since I am entering all the other fields properly. I should be taken to the validation page.
Was This Post Helpful? 0
  • +
  • -

#8 Dormilich  Icon User is offline

  • 痛覚残留
  • member icon

Reputation: 3554
  • View blog
  • Posts: 10,332
  • Joined: 08-June 10

Re: PHP Password Validation

Posted 10 October 2012 - 07:22 AM

how do you determine where the submit *should* take you? programmes only do what they’re told to, not what they’re intended to do. without some code this will become just stabbing in the dark.
Was This Post Helpful? 0
  • +
  • -

#9 CTphpnwb  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 3034
  • View blog
  • Posts: 10,582
  • Joined: 08-August 08

Re: PHP Password Validation

Posted 10 October 2012 - 07:22 AM

Since all we have to go on is code that you say you've deleted it's impossible to say what's wrong.
Was This Post Helpful? 0
  • +
  • -

#10 hugoriffic  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 185
  • Joined: 16-September 09

Re: PHP Password Validation

Posted 10 October 2012 - 07:36 AM

Here is the entire PHP response page. This is the validation page that should appear if all data is entered correctly.

<?php

if (empty($_GET['txtFName']) == true)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$FName = $_GET['txtFName'];
}

if (empty($_GET['txtLName']) == true)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$FName = $_GET['txtLName'];
}

if (empty($_GET['txtEmail']) == true)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$FName = $_GET['txtEmail'];
}

if (strpos($Email, "@") === false)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$FName = $_GET['txtEmail'];
}

if (strpos($Email, ".") === false)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$FName = $_GET['txtEmail'];
}

if (empty($_GET['txtPhone']) == true)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$FName = $_GET['txtPhone'];
}

$PhonePattern = "\(\d\d\d\) \d\d\d-\d\d\d\d";
if (!preg_match($PhonePattern, $Phone))
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$FName = $_GET['txtPhone'];
}

if (empty($_GET['txtAddress']) == true)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$FName = $_GET['txtAddress'];
}

if (empty($_GET['txtCity']) == true)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$FName = $_GET['txtCity'];
}

include('StateArray.php');
if (!in_array($State, $StateCodes))
{
	header('location:CreateAccount.htm');
	exit();
}
else
{
	$State = $_GET['lstState'];
}

if (empty($_GET['txtZip']) == true)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$FName = $_GET['txtZip'];
}

if (is_numeric($Zip))
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$FName = $_GET['txtZip'];
}

if (strlen($Zip) != 5)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$FName = $_GET['txtZip'];
}

if (empty($_GET['txtPassword']) == true)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$FName = $_GET['txtPassword'];
}

if (empty($_GET['txtPasswordCheck']) == true)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$FName = $_GET['txtPasswordCheck'];
}

?>


<html>
	
	<head>
		<title>Account Submission</title>
	</head>
	
	<body>
		
		<h2>You have submitted the following data:</h2>
		
		<?php
		
		echo("<h3>First Name: $FName<h3>");
		echo("<h3>Last Name: $LName<h3>");
		echo("<h3>Email: $Email<h3>");
		echo("<h3>Phone: $Phone<h3>");
		echo("<h3>Address: $Address<h3>");
		echo("<h3>City: $City<h3>");
		echo("<h3>State: $State<h3>");
		echo("<h3>Zip: $Zip<h3>");
		echo("<h3>Password: $Password<h3>");
		echo("<h3>Re-Enter Password: $PasswordCheck<h3>");
		
		?>
		
	</body>
</html>



UGH!! Upon posting this I see all of my errors. Everything points back to $FName and not the correct variables.
Was This Post Helpful? 0
  • +
  • -

#11 hugoriffic  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 185
  • Joined: 16-September 09

Re: PHP Password Validation

Posted 10 October 2012 - 07:45 AM

OK, changed all variable to the appropriate names and still nothing works properly. Not sure how, but at school this did work. Even with all the variables pointing to $FName. Here is my adjusted code:

<?php

if (empty($_GET['txtFName']) == true)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$FName = $_GET['txtFName'];
}

if (empty($_GET['txtLName']) == true)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$LName = $_GET['txtLName'];
}

if (empty($_GET['txtEmail']) == true)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$Email = $_GET['txtEmail'];
}

if (strpos($Email, "@") === false)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$Email = $_GET['txtEmail'];
}

if (strpos($Email, ".") === false)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$Email = $_GET['txtEmail'];
}

if (empty($_GET['txtPhone']) == true)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$Phone = $_GET['txtPhone'];
}

$PhonePattern = "\(\d\d\d\) \d\d\d-\d\d\d\d";
if (!preg_match($PhonePattern, $Phone))
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$Phone = $_GET['txtPhone'];
}

if (empty($_GET['txtAddress']) == true)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$Address = $_GET['txtAddress'];
}

if (empty($_GET['txtCity']) == true)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$City = $_GET['txtCity'];
}

include('StateArray.php');
if (!in_array($State, $StateCodes))
{
	header('location:CreateAccount.htm');
	exit();
}
else
{
	$State = $_GET['lstState'];
}

if (empty($_GET['txtZip']) == true)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$Zip = $_GET['txtZip'];
}

if (is_numeric($Zip))
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$Zip = $_GET['txtZip'];
}

if (strlen($Zip) != 5)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$Zip = $_GET['txtZip'];
}

if (empty($_GET['txtPassword']) == true)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$Password = $_GET['txtPassword'];
}

if (empty($_GET['txtPasswordCheck']) == true)
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$PasswordCheck = $_GET['txtPasswordCheck'];
}

?>


<html>
	
	<head>
		<title>Account Submission</title>
	</head>
	
	<body>
		
		<h2>You have submitted the following data:</h2>
		
		<?php
		
		echo("<h3>First Name: $FName<h3>");
		echo("<h3>Last Name: $LName<h3>");
		echo("<h3>Email: $Email<h3>");
		echo("<h3>Phone: $Phone<h3>");
		echo("<h3>Address: $Address<h3>");
		echo("<h3>City: $City<h3>");
		echo("<h3>State: $State<h3>");
		echo("<h3>Zip: $Zip<h3>");
		echo("<h3>Password: $Password<h3>");
		echo("<h3>Re-Enter Password: $PasswordCheck<h3>");
		
		?>
		
	</body>
</html>


Was This Post Helpful? 0
  • +
  • -

#12 hugoriffic  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 185
  • Joined: 16-September 09

Re: PHP Password Validation

Posted 10 October 2012 - 08:21 AM

Found and fixed another error in my code. Had this:

if (is_numeric($Zip))
{
	header('location:CreateAccount.htm');
	exit();
}
else 
{
	$Zip = $_GET['txtZip'];
}



Fixed it to this:

if (is_numeric($Zip))
{
	$Zip = $_GET['txtZip'];
}
else 
{
	header('location:CreateAccount.htm');
	exit();
}



So, I had that validation working incorrectly because the Zip is supposed to be numeric. And since I was checking to see if it was numeric and then sending it to the CreateAccount.htm page if it was I was being directed to the form again. So, I changed it to accept a numeric Zip and pass the form to the validation page or if not numeric then send to the CreateAccount.htm page. Still not working.
Was This Post Helpful? 0
  • +
  • -

#13 CTphpnwb  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 3034
  • View blog
  • Posts: 10,582
  • Joined: 08-August 08

Re: PHP Password Validation

Posted 10 October 2012 - 08:42 AM

Repetitive code is difficult to debug, so don't write it:

$expected = array("txtFName", "txtLName", "txtEmail");

// Check for empty values
foreach($expected as $key) {
	if(empty($_GET[$key])) {
		header('location:CreateAccount.htm');
		exit();
	}
}


Was This Post Helpful? 0
  • +
  • -

#14 JackOfAllTrades  Icon User is offline

  • Saucy!
  • member icon

Reputation: 6078
  • View blog
  • Posts: 23,546
  • Joined: 23-August 08

Re: PHP Password Validation

Posted 10 October 2012 - 08:43 AM

Your preg_match regex is wrong. Read the manual page again; you don't have delimiters.

You need to learn to debug, instead of continually returning here with the ever helpful "still not working". Print things! Log things!
Was This Post Helpful? 0
  • +
  • -

#15 hugoriffic  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 185
  • Joined: 16-September 09

Re: PHP Password Validation

Posted 10 October 2012 - 08:57 AM

View PostCTphpnwb, on 10 October 2012 - 09:42 AM, said:

Repetitive code is difficult to debug, so don't write it:

$expected = array("txtFName", "txtLName", "txtEmail");

// Check for empty values
foreach($expected as $key) {
	if(empty($_GET[$key])) {
		header('location:CreateAccount.htm');
		exit();
	}
}


CTphpnwb,
Sorry for the repetitive code, but this is for an intro to PHP class. The prof specifically asked for each verification to be written out separately. Later on in the semester we will learn how to check for multiple items in one block of code as you've shown above.
Was This Post Helpful? 0
  • +
  • -

  • (2 Pages)
  • +
  • 1
  • 2