PHP Question
compare password stored in php session variable with new entered password using js
How can I compare new entered password with old password stored in php session variable.
I am using the following code. Result of this code is always "password entered is not correct" i.e if loop is not working when entering right password.
<!DOCTYPE html>
<html lang="en">
<div id="dom-target" style="display: none;">
<?php
session_start();
$oldPsassword=$_SESSION['storpass'];
echo htmlspecialchars($oldPsassword);
?>
</div>
<form name="myForm2" method ="post" action = "index-login.php" onsubmit="return PasswordMatch()">
<div class="form-group">
<label>Old Password</label>
<input type="password" name = "op" placeholder="old Password" id = "opass" class="form-control" >
</div>
</form>
</html>
JavaScript
function PasswordMatch() {
var div = document.getElementById("dom-target");
var oldPass =div.textContent;
var oldPass1 =document.getElementById("op").value;
if (oldPass1 == oldPass) {
alert("password entered is correct");
}
else
{
alert("password entered is not correct");
return false;
}
}
Recommended for you: Get network issues from WhatsUp Gold. Not end users.
Answer Source
Two things:
The id of your input is
opassnotop. Change thegetElementById()call.The container
dom-targethas whitespace before and after the password which will cause it not to match. You can trim it to solve that
Add trim:
var oldPass = div.textContent.trim();
However, storing the old password in the HTML is insecure. Anyone can inspect the HTML to find the password. You should do the comparison on the server side instead.
Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download