How to Maintain Password History Using PHP and Mysql

-

In this article, you will learn How to Maintain Password History Using PHP and Mysql. In this user change their password can’t reuse. New Password should not be the same as any of the previous 3 Passwords.

In this tutorial having three pages

  • db.php
  • index.php
  • change_password.php

db.php

<?php define('DB_HOST','localhost'); define('DB_USER','root'); define('DB_PASS',''); define('DB_NAME','pwdhistory'); try { $dbh = new PDO("mysql:host=".DB_HOST.";dbname=".DB_NAME,DB_USER, DB_PASS,array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'utf8'")); } catch (PDOException $e) { exit("Error: " . $e->getMessage()); } ?>

index.php

<?php session_start(); error_reporting(0); include('db.php'); if(isset($_POST['submit'])) { $fullname=$_POST['fname']; $email=$_POST['email']; $password=md5($_POST['password']); // Code for check email availability $rt="SELECT * from registration where email=:email"; $query2= $dbh -> prepare($rt); $query2->bindParam(':email', $email, PDO::PARAM_STR); $query2-> execute(); $results = $query2->fetchAll(PDO::FETCH_OBJ); if($query2->rowCount() > 0) { $error="Email id already registered "; } else{ $sql="INSERT INTO registration(FullName,email,Password) VALUES(:fullname,:email,:password)"; $query = $dbh->prepare($sql); $query->bindParam(':fullname',$fullname,PDO::PARAM_STR); $query->bindParam(':email',$email,PDO::PARAM_STR); $query->bindParam(':password',$password,PDO::PARAM_STR); $query->execute(); $lastInsertId = $dbh->lastInsertId(); if($lastInsertId) { $ret="INSERT INTO password_history(useremail,password) VALUES(:email,:password)"; $query1 = $dbh->prepare($ret); $query1->bindParam(':email',$email,PDO::PARAM_STR); $query1->bindParam(':password',$password,PDO::PARAM_STR); $query1->execute(); $msg="Your info submitted successfully"; } else { $error="Something went wrong. Please try again"; } } } // code for login if(isset($_POST['login'])) { $email=$_POST['emailid']; $password=md5($_POST['password']); $sql ="SELECT email,Password,FullName FROM registration WHERE email=:email and Password=:password"; $query= $dbh -> prepare($sql); $query-> bindParam(':email', $email, PDO::PARAM_STR); $query-> bindParam(':password', $password, PDO::PARAM_STR); $query-> execute(); $results=$query->fetchAll(PDO::FETCH_OBJ); if($query->rowCount() > 0) { foreach ($results as $result) { $_SESSION['fname']=$result->FullName; $_SESSION['login']=$_POST['emailid']; echo "<script type='text/javascript'> document.location ='change_password.php'; </script>"; } } else{ echo "<script>alert('Invalid Details');</script>"; } } ?> <html> <head> <title>Register and Login</title> <style> li{ list-style:none; } h1{ text-align:center; } </style> </head> <body> <div class="main"> <div class="header" > <h1>Login or Create a Free Account!</h1> </div> <form method="post"> <ul class="left-form"> <h2>Create Account</h2> <li> <input type="text" placeholder="Full Name" name="fname" id="fname" required/> <div class="clear"> </div> </li> <li> <input type="email" placeholder="Email" name="email" id="email" required/> <div class="clear"> </div> </li> <li> <input type="password" name="password" id="password" placeholder="password" autocomplete="off" required/> <div class="clear"> </div> </li> <input type="submit" name="submit" value="Create Account"> <div class="clear"> </div> </ul> </form> <form method="post"> <ul class="right-form"> <h3>Login</h3> <div> <li><input type="text" placeholder="Reg Email" name="emailid" autocomplete="off" required/></li> <li> <input type="password" placeholder="Password" name="password" required/></li> <h4>I forgot my Password!</h4> <input type="submit" name="login" value="Login" > </div> <div class="clear"> </div> </ul> <div class="clear"> </div> </form> </div> </body> </html>

change_password.php

<?php session_start(); error_reporting(0); include('db.php'); if(strlen($_SESSION['login'])==0) { header("Location: index.php"); } else{ // full Code for change password if(isset($_POST['change'])) { $email=$_SESSION['login']; $oldpass=md5($_POST['oldpass']); $newpass=md5($_POST['newpass']); // Code for vefify current Password $query2 = $dbh->prepare("SELECT Password FROM registration WHERE email =:email and Password=:oldpass"); $query2->bindParam(':email', $email, PDO::PARAM_STR); $query2->bindParam(':oldpass', $oldpass, PDO::PARAM_STR); $query2-> execute(); $results = $query2->fetchAll(PDO::FETCH_OBJ); if($query2->rowCount() > 0) { $query=$dbh->prepare("SELECT * FROM password_history WHERE useremail=:email order by id desc limit 3"); $query->bindParam(':email', $email, PDO::PARAM_STR); $query-> execute(); $resultss = $query->fetchAll(PDO::FETCH_OBJ); $cnt=1; $passwrd=array(); foreach($resultss as $rt) { array_push($passwrd,$rt->password); } if(in_array($newpass,$passwrd)) { $error="Your new Password should not be same as any of the previous 3 Passwords"; } else { $con="update registration set Password=:cmppass where email=:email"; $chngpwd1 = $dbh->prepare($con); $chngpwd1->bindParam(':cmppass', $newpass, PDO::PARAM_STR); $chngpwd1->bindParam(':email', $email, PDO::PARAM_STR); $chngpwd1->execute(); //Code for insertion new password in tblpassword history $sql="INSERT INTO password_history(useremail,password) VALUES(:email,:newpassrd)"; $query = $dbh->prepare($sql); $query->bindParam(':email',$email,PDO::PARAM_STR); $query->bindParam(':newpassrd',$newpass,PDO::PARAM_STR); $query->execute(); $lastInsertId = $dbh->lastInsertId(); if($lastInsertId) { $msg="Password changed successfully "; } } } else{ $error="Current password not matched "; } } ?> <html> <head> <style> li{ list-style:none; } </style> <script type="text/javascript"> function valid() { if(document.chngpwd.newpass.value!= document.chngpwd.confirmpassword.value) { alert("New Password and Confirm Password Field do not match !!"); document.chngpwd.newpass.focus(); return false; } return true; } </script> </head> <body> <div class="main"> <form name="chngpwd" method="post" onSubmit="return valid();"> <ul class="left-form"> <h2>Change Password</h2> <li> <input type="password" placeholder="Current Password" name="oldpass" id="oldpass" autocomplete="off" required/> <div class="clear"> </div> </li> <li> <input type="password" placeholder="New Password" name="newpass" id="newpass" autocomplete="off" required/> <div class="clear"> </div> </li> <li> <input type="password" name="confirmpassword" id="confirmpassword" placeholder="Confirm Password" autocomplete="off" required/> <div class="clear"> </div> </li> <input type="submit" name="change" value="Change"> <div class="clear"> </div> </ul> </form> <div class="clear"> </div> </div> </body> </html>

 

Comments

Post a Comment

Popular posts from this blog

Student Result Management System

-
Image
Students can see the result in this system. After the training and Exam, it's very easy to shows the result to students with the help of student roll no. This application is also used for the college management system. Modules of Student Result Management System: Students:- You can add the student detail ie. fields (Student Name, Roll No, Email ID, Gender, Class, and DOB). Student Classes: - In this Module can easily create the class with the section option. Also, you can manage all classes and the section. Subjects:- you can create the subject with the subject code. A very simple method to manage the subjects. You can also assign the subject to the class in a simple way. Result:- Result Section is a very important part of the application. you have to select the class then select the student name after that you will see the subjects than just ad the marks in the subjects fields. Admin Features Change password:- Admin can change the password any time. Dashboard:- On the Dashb
Read more

What Is The Job Role Of A Customer Support Executive?

-
Image
Customer service representatives are the backbone of any company that interacts with its clients frequently. These specialists assist businesses in establishing and maintaining great customer and client connections. You can determine whether or not you would like to follow this career path by learning more about it. In this article, we will talk in detail about  customer support jobs  and support representatives, and go into their primary and high-level responsibilities, as also the scope for success in this field. A consumer service executive listens to customers’ problems and offers them appropriate solutions. They are among the most significant aspects of any company because they reflect the true essence of an organization. They are in charge of maintaining clients by assisting them and developing positive relationships with them. They are the ones who are in direct touch with the customer, hence a Client Service Executive could either make or break the sale. In addition, they are f
Read more

TOP RECRUITMENT COMPANIES IN INDIA

-
Image
Placement organization plays a vital role in matching potential candidates to employers. Today, the whole scenario of recruiting talented people has changed drastically as every company approaches placement agencies to hire candidates that would be valuable assets in the future. Every agency thoroughly checks the background details of candidates, interviews them, and trains them with professionals. Before going into detail about the top recruitment companies, we need to see the advantages of hiring through these organizations. Benefits For Recruiting Through Agencies:-  For the past, many year’s recruitment companies are taking the road map of agencies to hire the workforce, which has proven helpful as follow, 1. Quick hiring process 2. Meeting the purposes 3. Negotiate salary TOP RECRUITMENT COMPANIES IN INDIA 1. RANSSTAD INDIA Keeping the legacy of 28 years, the company has 57K+ temporary employees on-site and over 500K placement to date. The Ransstad is one of the best recruitment a
Read more