Comparing two password fields for insertion into database

I have two form fields a ‘password’ and ‘confirmpassword’ field I just want to make sure the two text strings match. So on my validation page before the password is submitted I want to compare the two.

Code From my form

<td width="150" align="left" valign="top" class="FormText"> 
<div align="right">Password</div></td>
<td width="250"> <input name="password" type="password" id="password" class="FormText"></td>
</tr>
<tr> 
<td width="150" align="left" valign="top" class="FormText"> 
<div align="right">Confirm Password</div></td>
<td width="250"> 
<input name="confirmpassword" type="password" id="confirmpassword" class="FormText"></td>

Code From the Validation Page


// Define post fields into simple variables
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$email_address = $_POST['email_address'];
$username = $_POST['username'];
$password = $_POST['password'];
$confirmpassword = $_POST['confirmpassword'];
$info = $_POST['info'];
/* Let's strip some slashes in case the user entered
any escaped characters. */
$first_name = stripslashes($first_name);
$last_name = stripslashes($last_name);
$email_address = stripslashes($email_address);
$username = stripslashes($username);
$password = stripslashes($password);
$confirmpassword = stripslashes($confirmpassword);
$info = stripslashes($info);

Where Im at with the function for comparing the two string:

 function confirmthepasswords($password,$confirmpassword){
if($password == $confirmpassword){
$passwordOK = $password;
}
else{
$passwordOK

return $passwordOK;
}

And from there I plan to use the $passwordOK variable to insert the password into the database. My logic I dont think makes sense here Any ideas?

I would do something like this…


function confirmthepasswords($password,$confirmpassword)
{

  $passwordOK = "";

  if($password == $confirmpassword)
    {
    $passwordOK = $password;
    }

  return $passwordOK;
}

And when you call confirmthepasswords, check the return value, if it’s blank, then the passwords don’t match, else, everything’s cool.

HTH,

David

It seems ok to me. I would use something easier to compare the passwords though. Something like…


<?php
 
if ($password != $confirmpassword) {
echo("Error... Passwords do not match");
exit;
}
 
?>

Then just insert the $password variable into the dbase.