TutorialNinja Logo
Forgot PasswordRegisterLogin
PHP 47 Visual Basic 15 Javascript 14 HTML 12 Adobe Photoshop 10
Adobe Fireworks 1 Adobe Photoshop 10 Adobe Illustrator 0 Adobe InDesign 0 Gimp 0
C/C++ 3 Python 1 Visual Basic 15 Visual C# 1
Adobe Dreamweaver 0 Adobe Muse 0 ASP.net 0 .htaccess 6 CSS 5 Perl 0 PHP 47 PHP - User System 2 HTML 12 Java 0 Javascript 14 Ruby on Rails 0 General Web Development 4
CentOS 4 Debian 0 Ubuntu 0 Macintosh 1 Windows 7 Unraid 1
Adobe After Effect 0 Adobe Premiere 0 Adobe Audition 0 Final Cut 0 FruityLoops 0 iMovie 0 Windows Movie Maker 0
Apple Swift 0
Arduino 0 Raspberry Pi 3
ChatGPT 1
Site Statistics
Total Members
525
Total Tutorials
138
Newest User
cucumber2025
Todays Guests
562
0 Users 5 Guests Online

Forgot Password.


Forgot Password Tutorial.
Insert this using phpmyAdmin
It adds a pincode to the user.
PHP Code 
  1. ALTER TABLE `members` ADD `pincode` INT( 3 ) NOT NULL DEFAULT '123';


This is our random password generator.
Creates our random sting. to send to our user.
Call it random.php
PHP Code 
  1. <?
  2. function generateRandStr($length)
  3. {
  4. $randstr = "";
  5. for($i=0; $i<$length; $i++)
  6. {
  7. $randnum = mt_rand(0,61);
  8. if($randnum < 10)
  9. {
  10. $randstr .= chr($randnum+48);
  11. }
  12. }
  13. return $randstr;
  14. }
  15. ?>


This is the actual form where the user can retrieve a lost password.
call this forgotpass.php.
PHP Code 
  1. <?php
  2. include ("dbconnect.php");
  3. include("random.php");
  4. switch($_GET[p]) 
  5. { 
  6. default: 
  7. echo ("
  8. <form method=\"POST\" action=\"?p=send\">
  9. <center>
  10. <font face=\"Verdana\" size=\"1\">Your Username:</font><br>
  11. <input type=\"text\" name=\"username\"><br>
  12. <font face=\"Verdana\" size=\"1\">Your Pincode:</font><br>
  13. <input type=\"password\" name=\"pincode\" size=\"3\"><br>
  14. <input type=\"submit\" name=\"submit\" value=\"Recover Password\"></center>
  15. </form>
  16. ");
  17. break; 
  18. case 'send':
  19. $profile = mysql_query("SELECT * from `members` where username = '$_POST[username]'");
  20. $fetch = mysql_fetch_array($profile);
  21. if($_POST[pincode] == $fetch[pincode])
  22. {
  23. $rand = generateRandStr(6);
  24. $username = $_POST[username];
  25. $email = $fetch[email];
  26. $hpassword = sha1(md5(md5(sha1(md5(sha1(sha1(md5($rand)))))))); 
  27.  
  28. $emailbody = "
  29. Username: $username 
  30. Email Address: $email 
  31. New Password: $rand \n
  32. Your new password. 
  33. The password is case sesitive so when you enter it make sure you use capital letters where it is displayed so.
  34. And try not to forget it. LOL
  35. ";
  36.  
  37. $update = mysql_query("UPDATE members SET password = '$hpassword' WHERE username = '$username'") or die(mysql_error());
  38. mail("$fetch[email]", "Password Recovery", "$emailbody", "From: no-reply@YOURSITENAME.com");
  39. echo ("<font face=\"Verdana\" size=\"1\">Your Password has been updated and emailed to you</font><meta http-equiv=\"refresh\" content=\"2;url=login.php\">"); 
  40. }
  41. else
  42. {
  43. echo ("<font face=\"Verdana\" size=\"1\">Incorrect Pin Code</font><meta http-equiv=\"refresh\" content=\"5;url=forgotpass.php\">");
  44. }
  45. break; 
  46. }
  47. ?>

Thats the end of the codes. Now I will define parts.

PHP Code 
  1. $profile = mysql_query("SELECT * from `members` where username = '$_POST[username]'");
  2. $fetch = mysql_fetch_array($profile);
  3. if($_POST[pincode] == $fetch[pincode])
  4. {

This makes sure that the pincode the user entered with its username is the same as in the database.

PHP Code 
  1. $rand = generateRandStr(6);
  2. $username = $_POST[username];
  3. $email = $fetch[email];
  4. $hpassword = sha1(md5(md5(sha1(md5(sha1(sha1(md5($rand))))))));

These are our variables $rand defines the length of the string that is returned.
$hpassword secures our new radom string.

PHP Code 
  1. $emailbody = "
  2. Username: $username 
  3. Email Address: $email 
  4. New Password: $rand \n
  5. Your new password. 
  6. The password is case sesitive so when you enter it make sure you use capital letters where it is displayed so.
  7. And try not to forget it. LOL
  8. ";

This is our email body it determines what we see when we view the email.

PHP Code 
  1. $update = mysql_query("UPDATE members SET password = '$hpassword' WHERE username = '$username'") or die(mysql_error());

This inserts the new password into the database overwriting the old one.

PHP Code 
  1. mail("$fetch[email]", "Password Recovery", "$emailbody", "From: no-reply@YOURSITENAME.com");

This string send our email out.
The first section is where the email is sent.
The second is the subject.
The third is our email body.
And fourth is who its from.
Be sure to change YOURSITENAME and enter your site in.

PHP Code 
  1. echo ("<font face=\"Verdana\" size=\"1\">Your Password has been updated and emailed to you</font><meta http-equiv=\"refresh\" content=\"2;url=login.php\">"); 
  2. }
  3. else
  4. {
  5. echo ("<font face=\"Verdana\" size=\"1\">Incorrect Pin Code</font><meta http-equiv=\"refresh\" content=\"5;url=forgotpass.php\">");
  6. }

Shows the email has been sent and the database has been updated.
Otherwise it will show that the pincode you entered is incorrect.


Thats it for my tut on forgot password.
Be sure to look out for more from me.
SkillMaster's Avatar
Views:
2,629
Rating:
Posted on Tuesday 29th May 2007 at 01:33 AM
MCP
MCP's Avatar
One question. How does the user know their pincode to begin with?
Posted on Saturday 12th May 2007 at 10:40 PM
SkillMaster
SkillMaster's Avatar
I added a pincode change script if you were wondering.
Posted on Monday 7th May 2007 at 11:03 PM
Diablosblizz
Diablosblizz's Avatar
Edit: I rechecked the Password code above, I just figured out that 1. The password thingy was not Sha1 (thats a one) and MD5 format, so I did that, then.. I figured out that there is no variable $pass so I changed it to $rand.

I shoulda just re looked the code.

But anyways, it works!
Posted on Monday 7th May 2007 at 10:27 PM
Diablosblizz
Diablosblizz's Avatar
Also, I received the email, but when I tried to login with the username and pass, it gives me an invalid password.

Also, in the code you must change the word "users" to "members" if you are using RMB's member system..

Anybody have any comments on the password problem?
Posted on Monday 7th May 2007 at 07:26 PM
Diablosblizz
Diablosblizz's Avatar
You should, because the default PinCode is 123. I don't want to tell every single member their pincode, so you should make a page where it allows them to change their pincode.

Would be a good idea.
Posted on Monday 7th May 2007 at 05:36 AM
SkillMaster
SkillMaster's Avatar
If you want ill add lol.
Posted on Monday 7th May 2007 at 04:14 AM
gbt91
gbt91's Avatar
yeah, u r right..
i have a more better way for who forgot his password..
i will post it as soon as possibile
Posted on Monday 7th May 2007 at 12:54 AM
Diablosblizz
Diablosblizz's Avatar
One question for this... how does the users change his/her pincode?