Search code examples
phpvalidationpasswordspassword-confirmation

Validate password with confirm password during sign up in php

We are using below code for "sign up". we have only password field , we want to add confirm password field.

signup.php

if(isset($_POST['btn-signup']))
{
    $uname = trim($_POST['txtuname']);
    $email = trim($_POST['txtemail']);
    $upass = trim($_POST['txtpass']);
    $code = md5(uniqid(rand()));

    $stmt = $reg_user->runQuery("SELECT * FROM tbl_users WHERE userEmail=:email_id");
    $stmt->execute(array(":email_id"=>$email));
    $row = $stmt->fetch(PDO::FETCH_ASSOC);

    if($stmt->rowCount() > 0)
    {
        $msg = "
              email allready exists 
              ";
    }
    else
    {
        if($reg_user->register($uname,$email,$upass,$code))
        {           
            $id = $reg_user->lasdID();      
            $key = base64_encode($id);
            $id = $key;

            $message = "                    
                        some message";

            $subject = "Confirm Registration";

            $reg_user->send_mail($email,$message,$subject); 
            $msg = "
                    some message
                    ";
        }
        else
        {
            echo "sorry , Query could no execute...";
        }       
    }
}

class.usr.php

public function register($uname,$email,$upass,$code)
    {
        try
        {                           
            $password = md5($upass);
            $stmt = $this->conn->prepare("INSERT INTO tbl_users(userName,userEmail,userPass,tokenCode) 
                                                         VALUES(:user_name, :user_mail, :user_pass, :active_code)");
            $stmt->bindparam(":user_name",$uname);
            $stmt->bindparam(":user_mail",$email);
            $stmt->bindparam(":user_pass",$password);
            $stmt->bindparam(":active_code",$code);
            $stmt->execute();   
            return $stmt;
        }
        catch(PDOException $ex)
        {
            echo $ex->getMessage();
        }
    }

I tried adding below code, but it did't worked for me.

$cpass = trim($_POST['txtpass']);

/* Afer if statement */

elseif($pass != $cpass){
             $msg = "passwords doesn't match";
        }

also tried in class.usr.php file, but no luck.....

Solution 
  • First of all you have not mentioned confirm password field. 
Lets assume your confirm password field is "txtConfirmPass"

Before redirect to register function need to check password and confirm password like

$upass = trim($_POST['txtpass']);
$uConfirmPass = trim($_POST['txtConfirmPass']);

if($upass != $uConfirmPass){

    // Password not match your code here
}else{
    if($reg_user->register($uname,$email,$upass,$code)){           
        $id = $reg_user->lasdID();      
        $key = base64_encode($id);
        $id = $key;

        $message = "some message";

        $subject = "Confirm Registration";

        $reg_user->send_mail($email,$message,$subject); 
        $msg = "some message";
    }
    else
    {
        echo "sorry , Query could no execute...";
    }
}

Hopefully it help you out.