In this article, you will learn How to Maintain Password History Using PHP and Mysql. In this user change their password can’t reuse. New Password should not be the same as any of the previous 3 Passwords.
In this tutorial having three pages
- db.php
- index.php
- change_password.php
db.php
<?php
define('DB_HOST','localhost');
define('DB_USER','root');
define('DB_PASS','');
define('DB_NAME','pwdhistory');
try
{
$dbh = new PDO("mysql:host=".DB_HOST.";dbname=".DB_NAME,DB_USER, DB_PASS,array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'utf8'"));
}
catch (PDOException $e)
{
exit("Error: " . $e->getMessage());
}
?>
index.php
<?php
session_start();
error_reporting(0);
include('db.php');
if(isset($_POST['submit']))
{
$fullname=$_POST['fname'];
$email=$_POST['email'];
$password=md5($_POST['password']);
// Code for check email availability
$rt="SELECT * from registration where email=:email";
$query2= $dbh -> prepare($rt);
$query2->bindParam(':email', $email, PDO::PARAM_STR);
$query2-> execute();
$results = $query2->fetchAll(PDO::FETCH_OBJ);
if($query2->rowCount() > 0)
{
$error="Email id already registered ";
}
else{
$sql="INSERT INTO registration(FullName,email,Password) VALUES(:fullname,:email,:password)";
$query = $dbh->prepare($sql);
$query->bindParam(':fullname',$fullname,PDO::PARAM_STR);
$query->bindParam(':email',$email,PDO::PARAM_STR);
$query->bindParam(':password',$password,PDO::PARAM_STR);
$query->execute();
$lastInsertId = $dbh->lastInsertId();
if($lastInsertId)
{
$ret="INSERT INTO password_history(useremail,password) VALUES(:email,:password)";
$query1 = $dbh->prepare($ret);
$query1->bindParam(':email',$email,PDO::PARAM_STR);
$query1->bindParam(':password',$password,PDO::PARAM_STR);
$query1->execute();
$msg="Your info submitted successfully";
}
else
{
$error="Something went wrong. Please try again";
}
}
}
// code for login
if(isset($_POST['login']))
{
$email=$_POST['emailid'];
$password=md5($_POST['password']);
$sql ="SELECT email,Password,FullName FROM registration WHERE email=:email and Password=:password";
$query= $dbh -> prepare($sql);
$query-> bindParam(':email', $email, PDO::PARAM_STR);
$query-> bindParam(':password', $password, PDO::PARAM_STR);
$query-> execute();
$results=$query->fetchAll(PDO::FETCH_OBJ);
if($query->rowCount() > 0)
{
foreach ($results as $result) {
$_SESSION['fname']=$result->FullName;
$_SESSION['login']=$_POST['emailid'];
echo "<script type='text/javascript'> document.location ='change_password.php'; </script>";
}
}
else{
echo "<script>alert('Invalid Details');</script>";
}
}
?>
<html>
<head>
<title>Register and Login</title>
<style>
li{
list-style:none;
}
h1{
text-align:center;
}
</style>
</head>
<body>
<div class="main">
<div class="header" >
<h1>Login or Create a Free Account!</h1>
</div>
<form method="post">
<ul class="left-form">
<h2>Create Account</h2>
<li>
<input type="text" placeholder="Full Name" name="fname" id="fname" required/>
<div class="clear"> </div>
</li>
<li>
<input type="email" placeholder="Email" name="email" id="email" required/>
<div class="clear"> </div>
</li>
<li>
<input type="password" name="password" id="password" placeholder="password" autocomplete="off" required/>
<div class="clear"> </div>
</li>
<input type="submit" name="submit" value="Create Account">
<div class="clear"> </div>
</ul>
</form>
<form method="post">
<ul class="right-form">
<h3>Login</h3>
<div>
<li><input type="text" placeholder="Reg Email" name="emailid" autocomplete="off" required/></li>
<li> <input type="password" placeholder="Password" name="password" required/></li>
<h4>I forgot my Password!</h4>
<input type="submit" name="login" value="Login" >
</div>
<div class="clear"> </div>
</ul>
<div class="clear"> </div>
</form>
</div>
</body>
</html>
change_password.php
<?php
session_start();
error_reporting(0);
include('db.php');
if(strlen($_SESSION['login'])==0)
{
header("Location: index.php");
}
else{
// full Code for change password
if(isset($_POST['change']))
{
$email=$_SESSION['login'];
$oldpass=md5($_POST['oldpass']);
$newpass=md5($_POST['newpass']);
// Code for vefify current Password
$query2 = $dbh->prepare("SELECT Password FROM registration WHERE email =:email and Password=:oldpass");
$query2->bindParam(':email', $email, PDO::PARAM_STR);
$query2->bindParam(':oldpass', $oldpass, PDO::PARAM_STR);
$query2-> execute();
$results = $query2->fetchAll(PDO::FETCH_OBJ);
if($query2->rowCount() > 0)
{
$query=$dbh->prepare("SELECT * FROM password_history WHERE useremail=:email order by id desc limit 3");
$query->bindParam(':email', $email, PDO::PARAM_STR);
$query-> execute();
$resultss = $query->fetchAll(PDO::FETCH_OBJ);
$cnt=1;
$passwrd=array();
foreach($resultss as $rt)
{
array_push($passwrd,$rt->password);
}
if(in_array($newpass,$passwrd))
{
$error="Your new Password should not be same as any of the previous 3 Passwords";
}
else {
$con="update registration set Password=:cmppass where email=:email";
$chngpwd1 = $dbh->prepare($con);
$chngpwd1->bindParam(':cmppass', $newpass, PDO::PARAM_STR);
$chngpwd1->bindParam(':email', $email, PDO::PARAM_STR);
$chngpwd1->execute();
//Code for insertion new password in tblpassword history
$sql="INSERT INTO password_history(useremail,password) VALUES(:email,:newpassrd)";
$query = $dbh->prepare($sql);
$query->bindParam(':email',$email,PDO::PARAM_STR);
$query->bindParam(':newpassrd',$newpass,PDO::PARAM_STR);
$query->execute();
$lastInsertId = $dbh->lastInsertId();
if($lastInsertId)
{
$msg="Password changed successfully ";
}
}
}
else{
$error="Current password not matched ";
}
}
?>
<html>
<head>
<style>
li{
list-style:none;
}
</style>
<script type="text/javascript">
function valid()
{
if(document.chngpwd.newpass.value!= document.chngpwd.confirmpassword.value)
{
alert("New Password and Confirm Password Field do not match !!");
document.chngpwd.newpass.focus();
return false;
}
return true;
}
</script>
</head>
<body>
<div class="main">
<form name="chngpwd" method="post" onSubmit="return valid();">
<ul class="left-form">
<h2>Change Password</h2>
<li>
<input type="password" placeholder="Current Password" name="oldpass" id="oldpass" autocomplete="off" required/>
<div class="clear"> </div>
</li>
<li>
<input type="password" placeholder="New Password" name="newpass" id="newpass" autocomplete="off" required/>
<div class="clear"> </div>
</li>
<li>
<input type="password" name="confirmpassword" id="confirmpassword" placeholder="Confirm Password" autocomplete="off" required/>
<div class="clear"> </div>
</li>
<input type="submit" name="change" value="Change">
<div class="clear"> </div>
</ul>
</form>
<div class="clear"> </div>
</div>
</body>
</html>
I’m gone to inform my little brother, that he should also go to see this webpage
on regular basis to get updated from most recent information.
you’re in point of fact a excellent webmaster. The site loading velocity is
incredible. It seems that you’re doing any distinctive trick.
Moreover, The contents are masterwork. you have performed a excellent job on this subject!
It’s amazing in support of me to have a site, which is good designed for
my know-how. thanks admin
Helpful information. Fortunate me I discovered your web site unintentionally,
and I’m stunned why this twist of fate did not happened earlier!
I bookmarked it.
Whats up are using WordPress for your blog platform?
I’m new to the blog world but I’m trying to get started and set up my own. Do
you require any coding expertise to make your own blog?
Any help would be really appreciated!
Very descriptive blog, I liked that bit. Will there be a part 2?
That is a great tip especially to those new to the blogosphere.
Short but very precise information… Thanks for sharing this one.
A must read article!
Simply wish to say your article is as astonishing. The clarity in your post is just excellent and i can assume you are an expert
on this subject. Well with your permission allow me
to grab your feed to keep updated with forthcoming
post. Thanks a million and please continue the enjoyable work.
Your style is so unique compared to other folks I’ve read stuff from.
Many thanks for posting when you have the opportunity, Guess I’ll just bookmark this page.
Hello to every one, the contents existing at this web
page are actually awesome for people experience, well, keep
up the good work fellows.
I’d like to thank you for the efforts you have put in writing this site.
I am hoping to view the same high-grade blog posts from you in the future as
well. In truth, your creative writing abilities has motivated me to get
my own, personal blog now 😉
For most up-to-date news you have to go to see web and on web I found
this web page as a finest web site for most up-to-date updates.
This post is really a fastidious one it assists new net viewers, who are wishing in favor of
blogging.
This is really fascinating, You are an overly skilled
blogger. I’ve joined your feed and look ahead to searching for more of your
wonderful post. Additionally, I have shared your web site in my social networks
I was suggested this web site by my cousin. I am not certain whether this post is
written by way of him as nobody else recognise such certain approximately my trouble.
You’re incredible! Thank you!
I’m really enjoying the design and layout of your site.
It’s a very easy on the eyes which makes it much more pleasant for me to come here and visit more often. Did you hire out a developer to create your theme?
Excellent work!
Excellent post. I was checking continuously this blog and I’m inspired!
Extremely helpful information specifically the
closing phase 🙂 I maintain such info much. I used to be looking
for this certain info for a very long time. Thank you and good luck.
Thanks for every other excellent article. Where else may just anybody get that kind of info in such a
perfect manner of writing? I have a presentation subsequent week, and I’m
at the look for such info.
Wow! Finally I got a weblog from where I be capable of
genuinely get valuable facts concerning my study and knowledge.
Generally I don’t read post on blogs, but I would like to say that this write-up very pressured me to try and do so!
Your writing taste has been amazed me. Thank you, quite great post.
Great Post Thanks for sharing.