Forgot Password [pt2]
Insert this in your database
Code
ALTER TABLE `members` ADD `pincode` INT( 3 ) NOT NULL DEFAULT '123';
Then create pwdreminder.php
PHP Code
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
<?PHP
session_start(); //allows session
include('config.php');
/*
Forgot Password script
*/
if ($_POST['Submit']) //Proceed if the submit button was pressed.
{
$Username = htmlspecialchars($_POST['username']); //Variable that contains the posted username.
$Pincode = htmlspecialchars($_POST['pincode']); //Variable that contains the posted username.
if (empty($Username)) //If the username field was left empty exit the script(with reason).
{
die("Username field blank");
}
if (empty($Pincode)) //If the Pincode field was left empty exit the script(with reason).
{
die("Pincode field blank");
}
$Search_Query = "SELECT `email` FROM `members` WHERE `username` = '$Username' && `pincode` = '$Pincode'";
$Search_User = mysql_query($Search_Query) or die(mysql_error()); //This will search for the row that matches the username given.
if (mysql_num_rows($Search_User) == 0) //If no data was returned we exit(with reason), because the username didn't match any in the database.
{
die("Username or Pincode incorret");
}
$DB_Results = mysql_fetch_array($Search_User); //Fetch the("Email") results from the query.
$Email = $DB_Results['email']; //I'm putting the email address in it's own variable, just cause i wanna :P
$New_Password = str_shuffle('D4gh7g55CdoP'); //Generates a password for the user.
usleep(600000);
//Replace "email@yoursite.com" with your email address. Explanation: mail("RECEIVER EMAIL", "MESSAGE", "YOUR EMAIL")
mail($Email, 'Password Recovery', 'You requested a new password, Your New Password is '.$New_Password.'', 'staff@gbt91.net');
$New_Password = sha1(md5(md5(sha1(md5(sha1(sha1(md5($New_Password)))))))); //The password will be hashed before inserted into the database
$Update_Password_Query = "UPDATE `members` SET `password` = '$New_Password' WHERE `email` = '$Email'"; //Query information for password update
$Update_Password = mysql_query($Update_Password_Query) or die(mysql_error()); //Updates the current password with the NEW one.
die("New Password Sent"); //If everything runs smoothly we display a success message to the user
} else {
//Display the form(HTML)
?>
ok that's all folks, this is just a more simple way for password reminder since Skill's have a lot of errors meanwhile check the addon :P
cya