Forgot Password.
Forgot Password Tutorial.
Insert this using phpmyAdmin
It adds a pincode to the user.
Code
ALTER TABLE `members` ADD `pincode` INT( 3 ) NOT NULL DEFAULT '123';
This is our random password generator.
Creates our random sting. to send to our user.
Call it random.php
Code
<?
function generateRandStr($length)
{
$randstr = "";
for($i=0; $i<$length; $i++)
{
$randnum = mt_rand(0,61);
if($randnum < 10)
{
$randstr .= chr($randnum+48);
}
}
return $randstr;
}
?>
This is the actual form where the user can retrieve a lost password.
call this forgotpass.php.
Code
<?php
include ("dbconnect.php");
include("random.php");
switch($_GET[p])
{
default:
echo ("
<form method=\"POST\" action=\"?p=send\">
<center>
<font face=\"Verdana\" size=\"1\">Your Username:</font><br>
<input type=\"text\" name=\"username\"><br>
<font face=\"Verdana\" size=\"1\">Your Pincode:</font><br>
<input type=\"password\" name=\"pincode\" size=\"3\"><br>
<input type=\"submit\" name=\"submit\" value=\"Recover Password\"></center>
</form>
");
break;
case 'send':
$profile = mysql_query("SELECT * from `members` where username = '$_POST[username]'");
$fetch = mysql_fetch_array($profile);
if($_POST[pincode] == $fetch[pincode])
{
$rand = generateRandStr(6);
$username = $_POST[username];
$email = $fetch[email];
$hpassword = sha1(md5(md5(sha1(md5(sha1(sha1(md5($rand))))))));
$emailbody = "
Username: $username
Email Address: $email
New Password: $rand \n
Your new password.
The password is case sesitive so when you enter it make sure you use capital letters where it is displayed so.
And try not to forget it. LOL
";
$update = mysql_query("UPDATE members SET password = '$hpassword' WHERE username = '$username'") or die(mysql_error());
mail("$fetch[email]", "Password Recovery", "$emailbody", "From: no-reply@YOURSITENAME.com");
echo ("<font face=\"Verdana\" size=\"1\">Your Password has been updated and emailed to you</font><meta http-equiv=\"refresh\" content=\"2;url=login.php\">");
}
else
{
echo ("<font face=\"Verdana\" size=\"1\">Incorrect Pin Code</font><meta http-equiv=\"refresh\" content=\"5;url=forgotpass.php\">");
}
break;
}
?>
Thats the end of the codes. Now I will define parts.
Code
$profile = mysql_query("SELECT * from `members` where username = '$_POST[username]'");
$fetch = mysql_fetch_array($profile);
if($_POST[pincode] == $fetch[pincode])
{
This makes sure that the pincode the user entered with its username is the same as in the database.
Code
$rand = generateRandStr(6);
$username = $_POST[username];
$email = $fetch[email];
$hpassword = sha1(md5(md5(sha1(md5(sha1(sha1(md5($rand))))))));
These are our variables $rand defines the length of the string that is returned.
$hpassword secures our new radom string.
Code
$emailbody = "
Username: $username
Email Address: $email
New Password: $rand \n
Your new password.
The password is case sesitive so when you enter it make sure you use capital letters where it is displayed so.
And try not to forget it. LOL
";
This is our email body it determines what we see when we view the email.
Code
$update = mysql_query("UPDATE members SET password = '$hpassword' WHERE username = '$username'") or die(mysql_error());
This inserts the new password into the database overwriting the old one.
Code
mail("$fetch[email]", "Password Recovery", "$emailbody", "From: no-reply@YOURSITENAME.com");
This string send our email out.
The first section is where the email is sent.
The second is the subject.
The third is our email body.
And fourth is who its from.
Be sure to change YOURSITENAME and enter your site in.
Code
echo ("<font face=\"Verdana\" size=\"1\">Your Password has been updated and emailed to you</font><meta http-equiv=\"refresh\" content=\"2;url=login.php\">");
}
else
{
echo ("<font face=\"Verdana\" size=\"1\">Incorrect Pin Code</font><meta http-equiv=\"refresh\" content=\"5;url=forgotpass.php\">");
}
Shows the email has been sent and the database has been updated.
Otherwise it will show that the pincode you entered is incorrect.
Thats it for my tut on forgot password.
Be sure to look out for more from me.