email password feature

electricbeat · 07-10-2006, 09:59 AM

PHP Code:

  <?php

include("opendb.php");

?>

<form method="post">

 
 
Forgot your password?

Email address<input type="text" name="email">

<input type="submit" name="lostpass" value="Recover Password">

<?php

if(isset($_POST['lostpass'])) {

$email = $_POST['email'];

 
$select = mysql_query("SELECT * FROM users WHERE email='$email'") or die(mysql_error());

$checkmail = mysql_num_rows($select) or die(mysql_error());

$query = mysql_fetch_object($select) or die(mysql_error());

 
if(empty($email)) {

    echo "<tr><td colspan='2'>You need to fill in an email</td></tr>";

}elseif(!ereg("^[_a-zA-Z0-9-]+(\.[*@([a-zA-Z0-9-]+)*@([a-zA-Z0-9-]+\.)+([a-zA-Z]{2,4})$", $email)) {

    echo "<tr><td colspan='2'>Your email has to be valid</td></tr>";

}elseif($checkmail == 0) {

    echo "<tr><td colspan='2'>This email address was not found in our database</td></tr>";

}else{

 
$username = $query->username;

function createcode($len=6)

    {

        $nps = "";

        mt_srand ((double) microtime() * 1000000);

        while (strlen($nps)<$len) {

        $c = chr(mt_rand (0,255));

????: NamePros.com http://www.namepros.com/programming/215466-email-password-feature.html
        if (eregi("^[a-z0-9]$", $c)) $nps = $nps.$c;

        }

        return ($nps);

    }

$password = createcode();

$hash = md5($password);

 
mysql_query("UPDATE users SET password = '$hash' WHERE username = '$username'");

????: NamePros.com http://www.namepros.com/showthread.php?t=215466
 
        mail($email, "New Password", "

Hi $username,

Here is your password you requested

    

   Username: ".$username."

   Password: ".$password."

    

");

 
echo "<tr><td colspan='2'>Your new password has been send to you</td></tr>";

 
        }

    }

?>

So, if a user enters his email, the password new password will be sent to him.

I was wondering if anyone can add a little bit onto the script, so the user is emailed with a link to reset their password, then when they click the link they are shown a page asking them to 'click here to send a new password'

This way only the owner of the email can get a password change instead of everyone.

tm · 07-10-2006, 10:52 AM

You will need to set up a new verification table.

Insert a new row into the mySQL after the form has been submitted with a randomly generated code, and include the code in a link in the email.

Then on the verification page check the database to see if the code in the link is the same as the email, and reset the password.

Colin

07-10-2006, 09:59 AM	THREAD STARTER #1 (permalink)
electricbeat Account Closed Join Date: Jul 2006 Posts: 81	email password feature PHP Code: <?php include("opendb.php"); ?> <form method="post"> Forgot your password? Email address<input type="text" name="email"> <input type="submit" name="lostpass" value="Recover Password"> <?php if(isset($_POST['lostpass'])) { $email = $_POST['email']; $select = mysql_query("SELECT * FROM users WHERE email='$email'") or die(mysql_error()); $checkmail = mysql_num_rows($select) or die(mysql_error()); $query = mysql_fetch_object($select) or die(mysql_error()); if(empty($email)) { echo "<tr><td colspan='2'>You need to fill in an email</td></tr>"; }elseif(!ereg("^[_a-zA-Z0-9-]+(\.[@([a-zA-Z0-9-]+)@([a-zA-Z0-9-]+\.)+([a-zA-Z]{2,4})$", $email)) { echo "<tr><td colspan='2'>Your email has to be valid</td></tr>"; }elseif($checkmail == 0) { echo "<tr><td colspan='2'>This email address was not found in our database</td></tr>"; }else{ $username = $query->username; function createcode($len=6) { $nps = ""; mt_srand ((double) microtime() * 1000000); while (strlen($nps)<$len) { $c = chr(mt_rand (0,255)); ????: NamePros.com http://www.namepros.com/programming/215466-email-password-feature.html if (eregi("^[a-z0-9]$", $c)) $nps = $nps.$c; } return ($nps); } $password = createcode(); $hash = md5($password); mysql_query("UPDATE users SET password = '$hash' WHERE username = '$username'"); ????: NamePros.com http://www.namepros.com/showthread.php?t=215466 mail($email, "New Password", " Hi $username, Here is your password you requested Username: ".$username." Password: ".$password." "); echo "<tr><td colspan='2'>Your new password has been send to you</td></tr>"; } } ?> So, if a user enters his email, the password new password will be sent to him. I was wondering if anyone can add a little bit onto the script, so the user is emailed with a link to reset their password, then when they click the link they are shown a page asking them to 'click here to send a new password' This way only the owner of the email can get a password change instead of everyone.

07-10-2006, 10:52 AM	#2 (permalink)
tm Senior Member Join Date: Nov 2005 Location: on a oil rig just off Ireland Posts: 1,408	You will need to set up a new verification table. Insert a new row into the mySQL after the form has been submitted with a randomly generated code, and include the code in a link in the email. Then on the verification page check the database to see if the code in the link is the same as the email, and reset the password. Colin __________________ You design in photoshop, I code into valid XHTML/CSS. Professional PSD, PNG or HTML to tableless XHTML/CSS designs. For more info, send me a PM.

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)