Php check password and password confirmation

Question

I'm making a sort of instagram and therefor I need a register page. I want to check of the password is equal or longer than 8 characters and if password and passwordconfirmation are the samen.

I've tried making a new class Security or a try - catch.

register.php

if ( !empty($_POST)) {

    $user = new User();
        $user->setFullname($_POST['fullname']);
        $user->setUsername($_POST['username']);        
        $user->setEmail($_POST['email']);
        $user->setPassword($_POST['password']);
        $user->setPasswordConfirmation($_POST['password_confirmation']);

        if( $user->passwordsAreSecure()) {
                if($user->register()) {
                    session_start();
                    $_SESSION['email'] = $user->getEmail();
                    header('location: index.php');
                } else {
                    $error = true;  
                }
        } else {
            $error2 = true;
        }
    }

My user class

public function passwordIsStrongEnough(){
                if( strlen( $this->password ) <= 8 ){
                    return false;
                }
                else {
                    return true;
                }
        }
        public function passwordsAreEqual(){
                if( $this->password == $this->passwordConfirmation ){
                    return true;
                }
                else {
                    return false;
                }
        }

        public function passwordsAreSecure(){
                if( $this->passwordIsStrongEnough() 
                    && $this->passwordsAreEqual() ){
                    return true;
                }
                else {
                    return false;
                }
        }

function register

public function register() {

                $password = Security::hash($this->password);

                try {
                    $conn = Db::getInstance();
                    $statement = $conn->prepare('INSERT INTO users (fullname, username, email, password) values (:fullname, :username, :email, :password)');
                    $statement->bindParam(':fullname', $this->fullname);
                    $statement->bindParam(':username', $this->username);
                    $statement->bindParam(':email', $this->email);
                    $statement->bindParam(':password', $password);  
                    $result = $statement->execute();
                    return($result);

                } catch ( Throwable $t ) {
                    return false;

                }

        }

I want to get to the if( $user->passwordsAreSecure()) { so there is a session but now the form fields go empty and nothing happens.

might help https://stackoverflow.com/questions/17242346/php-session-lost-after-redirect — netzding, Apr 12 '19 at 13:50

score 0 · Answer 1 · answered Apr 12 '19 at 13:26

I'm not sur to understand where is you problem. You haven't ask any question... But you can do all your code just like this :

if (!empty($_POST)) {
    $user = new User();
    $user->setFullname($_POST['fullname']);
    $user->setUsername($_POST['username']);        
    $user->setEmail($_POST['email']);
    $user->setPassword($_POST['password']);
    $user->setPasswordConfirmation($_POST['password_confirmation']);

    if ($_POST['password'] == $_POST['password_confirmation'] 
            && strlen($_POST['password']) > 8) {
        if ($user->register()) {
            session_start();
            $_SESSION['email'] = $user->getEmail();
            header('location: index.php');
        } else {
            $error = true;  
        }
    } else {
        $error2 = true;
    }
}

Thanks for responding! The problem is that when i try to register and press on submit it stays on the page register and does not go to index.php. So there is no session and the data doesn't go in my database! — aRoyaleWithCheese, Apr 12 '19 at 15:16

Php check password and password confirmation

1 Answers1