Password Length

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
PlateSpin
Forum Newbie
Posts: 9
Joined: Tue Sep 29, 2009 6:15 am

Password Length

Post by PlateSpin »

I've been landed with a php script that needs to have a minimum password length added to it.
I thought strlen would be the answer but I'm either not putting it in the correct spot or have the syntax wrong - who knows. Attached is the offending part of the code if anyone could assist. Your help would be greatly appreciated.



if ($act == "newpwd")
{
if (($_POST["newpassword"]) && ($_POST["confirmpassword"]) && ($_POST["newpassword"] == $_POST["confirmpassword"]))
{
$result = mysql_query("SELECT * FROM $membersTable WHERE id = '".$_SESSION["userid"]."'", $db);

if ($row = mysql_fetch_array($result))
{
$db_password = md5($_POST["newpassword"]);

$sql = "UPDATE $membersTable SET user_pwd = '$db_password' WHERE id = '".$_SESSION["userid"]."'";
$doit = mysql_query($sql, $db);


$headers .= "Reply-to: $company_email\r\n";
$headers .= "From: $company_email\r\n";
$headers .= "Errors-to: $company_email\r\n";

mail($row["user_email"], "Your change of password", "This is in response to your request to change your password for the XXXXXXXXXX online system \n \nEmail address: ". $row["user_email"] ." \nPassword: ". $_POST["newpassword"] ." \n\nThank You \nAdministrator", $headers);

$error .= "<center><b>THANK YOU</b> <br>Your password has been emailled to your email address . Please check your email for confirmation. </center>";

unset($act);
}
}
else
{
if (($_POST["newpassword"]) != ($_POST["confirmpassword"]))
{
$error = "<br/><center><font color=\"#FF0000\"><b>Your passwords do not match, please try again</b></font></center>";
}
else if (!$_POST["newpassword"])
{
$error = "<br/><center><font color=\"#FF0000\"><b>Please enter a password</b></font></center>";
}
else if (!$_POST["confirmpassword"])
{
$error = "<br/><center><font color=\"#FF0000\"><b>Please confirm your password</b></font></center>";
}
$act = "chgpwd";
}
}

if ($act == "chgpwd")
{
if ($error)
{
$body .= $error;
}

$body .= "<div id=\"calc_change_pwd_menu\">";
$body .= "<form action=\"$urlPath\" method=\"post\">";
$body .= "<input type=\"hidden\" name=\"act\" value=\"newpwd\">";
$body .= "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">";
$body .= "<tr><td>&nbsp;</td></tr>";
$body .= "<tr><br/> <td bgcolor=\"#ffffff\">New Password</td> <td bgcolor=\"#ffffff\"><input type=\"password\" name=\"newpassword\" ></td></tr>";
$body .= "<tr> <td bgcolor=\"#ffffff\" >Confirm Password&nbsp;</td> <td bgcolor=\"#ffffff\"><input type=\"password\" name=\"confirmpassword\" ></td></tr>";
$body .= "<tr><td>&nbsp;</td></tr>";
$body .= "<tr><td bgcolor=\"#f1f1f1\" colspan=\"2\"><input type=\"button\" value=\"Back\" onClick=\"window.location.href='$urlPath'\">&nbsp;&nbsp;<input type=\"submit\" value=\"Submit\"></td></tr>";
$body .= "</table>";
$body .= "</div>";
User avatar
AbraCadaver
DevNet Master
Posts: 2572
Joined: Mon Feb 24, 2003 10:12 am
Location: The Republic of Texas
Contact:

Re: Password Length

Post by AbraCadaver »

The easiest would probably be to add the condition in your main if and then add an else if down with your others:

Code: Select all

if (($_POST["newpassword"]) && ($_POST["confirmpassword"]) &&
    ($_POST["newpassword"] == $_POST["confirmpassword"]) &&
    (strlen($_POST["newpassword"]) >= 8))
{
    
    // etc...
 
}
else if (strlen($_POST["newpassword"]) < 8)
{
    $error = "<br/><center><font color=\"#FF0000\"><b>Password must be at least 8 characters</b></font></center>";
}
mysql_function(): WARNING: This extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQLextension should be used. See also MySQL: choosing an API guide and related FAQ for more information.
PlateSpin
Forum Newbie
Posts: 9
Joined: Tue Sep 29, 2009 6:15 am

Re: Password Length

Post by PlateSpin »

Cheers AbraCadaver, works a treat.
I think I got all confused with the >=8 and <8...... no sorry I'll correct myself, I did get all confused with the >=8 and <8. Hey ho, all sorted now, thanks again!!
Post Reply