Rashid Thattayil Rashid Thattayil - 1 year ago 47
PHP Question

compare password stored in php session variable with new entered password using js

How can I compare new entered password with old password stored in php session variable.

I am using the following code. Result of this code is always "password entered is not correct" i.e if loop is not working when entering right password.

<!DOCTYPE html>
<html lang="en">
<div id="dom-target" style="display: none;">
echo htmlspecialchars($oldPsassword);

<form name="myForm2" method ="post" action = "index-login.php" onsubmit="return PasswordMatch()">
<div class="form-group">
<label>Old Password</label>
<input type="password" name = "op" placeholder="old Password" id = "opass" class="form-control" >


function PasswordMatch() {
var div = document.getElementById("dom-target");
var oldPass =div.textContent;

var oldPass1 =document.getElementById("op").value;

if (oldPass1 == oldPass) {
alert("password entered is correct");
alert("password entered is not correct");
return false;

Answer Source

Two things:

  1. The id of your input is opass not op. Change the getElementById() call.

  2. The container dom-target has whitespace before and after the password which will cause it not to match. You can trim it to solve that

Add trim:

var oldPass = div.textContent.trim();

However, storing the old password in the HTML is insecure. Anyone can inspect the HTML to find the password. You should do the comparison on the server side instead.