CodeCharge Studio
search Register Login  

Visual PHP Web Development

Visually Create Internationalized Web Applications, Web Reports, Calendars, and more.
CodeCharge.com

YesSoftware Forums -> CodeCharge Studio -> Tips & Solutions

 Password Validation / Storage Of Previous Passwords

Print topic Send  topic

Author Message
MichaelMcDonald

Posts: 639
Posted: 10/10/2012, 1:58 AM


Posted: 10/10/2012, 1:45 AM Edit message Delete message Quote message
On Validate
------------------------

$SQL = "SELECT password FROM users WHERE iduser=". CCGetSession("UserID",ccsInteger);
$db->query($SQL);

if($db->next_record()){
$oldpd = $db->f("password");
}

$newpd = (md5($changepwd->newpass->GetValue()));

if ($changepwd->currentpass->GetValue() == NULL){
$changepwd->Errors->addError("Current Password is required.");
}

$currentpass = (md5($changepwd->currentpass->GetValue()));

if ($changepwd->currentpass->GetValue() != NULL){
if ($currentpass != $oldpd){
$changepwd->Errors->addError("Current Password cannot be verified.");
}
}


if ($changepwd->newpass->GetValue() == NULL){
$changepwd->Errors->addError("New Password is required.");
}


if ($changepwd->newpass->GetValue() != NULL){
if (CCStrLen($changepwd->newpass->GetText()) && !preg_match("/(?=^.{10,}\$)((?=.*\d)|(?=.*\W+))(?![.\n])(?=.*[A-Z])(?=.*[a-z]).*\$/", $changepwd->newpass->GetText()))
{
$changepwd->Errors->addError("Must be 10 chars with at least 1 UPPERCASE, 1 lowercase, 1 digit and 1 special character.");
}
}


if ($changepwd->confirmpass->GetValue() == NULL){
$changepwd->Errors->addError("Confirm New Password is required.");
}

if ($changepwd->confirmpass->GetValue() != $changepwd->newpass->GetValue()){
$changepwd->Errors->addError("Confirm New Password.");
}


$SQL = "SELECT pd FROM prevpd WHERE pd = '$newpd' AND userid=" . CCGetSession("UserID",ccsInteger);
$db->query($SQL);

if($db->next_record()){
$pd = $db->f("pd");
}

$db->close();


if ($newpd == $oldpd or $newpd == $pd){
$changepwd->Errors->addError("Cannot Use Previous Password.");
}


Button Submit (not using update function) - all updating manual...
-----------------

$newpass = CCGetParam("newpass");

$db = new clsDBFM();

$now = time();


$SQL = "SELECT password FROM users WHERE iduser=". CCGetSession("UserID",ccsInteger);
$db->query($SQL);

if($db->next_record()){
$pd = $db->f("password");
}

$userid = CCGetSession("UserID",ccsInteger);

$SQL = "INSERT into prevpd(pd, userid, chgtimestamp) VALUES ('$pd', '$userid', '$now')";
$db->query($SQL);


$SQL = "UPDATE users SET password = (md5('$newpass')) WHERE iduser=". CCGetSession("UserID",ccsInteger);
$db->query($SQL);




$db->close();
_________________
Central Coast, NSW, Australia.

View profile  Send private message

Add new topic Subscribe to topic   


These are Community Forums for users to exchange information.
If you would like to obtain technical product help please visit http://support.yessoftware.com.

PHP Reports

Visually create Web Reports in PHP, ASP, .NET, Java, Perl and ColdFusion.
CodeCharge.com

Home   |    Search   |    Members   |    Register   |    Login


Powered by UltraApps Forum created with CodeCharge Studio
Copyright 2003-2004 by UltraApps.com  and YesSoftware, Inc.