user1829823
Reputation: 375
Comparing two passwords PHP
Here's my code it seems to work fine, how ever it doesn't look right. I know I'm vulnerable to injections. Just want to know if the this is the best way of comparing two passwords ?
if (empty($_POST['password'])) {
$errors[] = "Please enter a password";
} else {
if ($_POST['password'] != $_POST['password1']) {
$errors[] = "Your password did not match the confirmed password";
} else {
$p = $_POST['password'];
}
}
Upvotes: 0
Views: 140
Answers (2)
Mubin
Reputation: 4455
I suggest You must check both $_POST['password'] and $_POST['password1'] at very beginning.
if (!empty($_POST['password']) && !empty($_POST['password1'])) {
if (strcmp($_POST['password'], $_POST['password1']) === 0) {
$p = $_POST['password'];
} else {
$errors[] = "Your password did not match the confirmed password";
}
} else {
$errors[] = "Please enter a password";
}
Upvotes: 0
Naftali
Reputation: 146360
Your code is fine, I would just write it a bit differently:
if (empty($_POST['password'])) {
$errors[] = "Please enter a password";
} elseif($_POST['password'] !== $_POST['password1']) {
$errors[] = "Your password did not match the confirmed password";
} else {
$p = $_POST['password'];
}
Upvotes: 5
Related Questions
- php comparing two password strings
- PHP & MySQL compare password
- Comparing two Passwords in Registration form
- MySQL and PHP - Password Compare
- Using PHP to compare MySql Password()
- Check if password values are identical
- php password, compare, return true or false
- MySQL password comparison from PHP
- Comparing passwords in php and sending it to a database
- How to compare user passwords for login with this code?