PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
What I want to know is if there is a way in PHP to find if the password that the user has submitted is in use by someone else?
I tried googling and looking round a few forums but I couldn't find anything. I'm relatively new to PHP, that meaning I'm only building a localhost project site to learn. I have all of the basics sorted and some of the advanced.
Possible? Sure. If you're using per-user salts -- and if you're not, you should be -- it's also likely going to be considerably more trouble than it's worth. Moreover, what happens if a match is found? Alerting the using is giving them someone else's password. Sure, you're not saying whose password, but it still strikes me as a pretty bad idea.
To see if it's easier to check in JavaScript than it is in PHP. The only reason I don't want to do it in JavaScript is because I haven't learnt it yet.
It won't be any easier in JS, nor will it be any better an idea. If you insist on doing it, just run the submitted password through whatever hashing algorithm you're using and query the database for matches. Per-user salts are going to complicate this, mind you.
Rather than -- or, better still, in addition to -- using one predefined salt for every user, each user can have their own salt. time() of account creation works as an example. So rather than hash_function(salt + password), you would have hash_function(common salt + password + individual salt).
You seem to have breezed over the very good point that ~Celauran made - if you say a password can't be used because it already exists, then you are giving out someone's password. 50% of you security has just been thrown out the window. It's not the uniqueness of the password that matters, but the uniqueness of the username/password combination.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.