[Adv] Forgot Password - Working
This code was completely rewriten from Liquidsteel's code because urban twitch said it couldnt be fixed so iv done a few alterations if you need any help please dont hesitate to post in here also those who have altered there table names ie (users, members, customers) u will have to change the requested tablesCode
<?php
include "config.php";
if (!$_POST['lost_pass']) {//the form hasn't been submitted, we make it
echo ("<strong>Forgot your password?</strong><br \>\n
In order to recover your password need the email address your registered with.\n<br \>
E-Mail Address <form method=post><input type=text name=email><br \>\n
<input type=\"submit\" name=\"lost_pass\" value=\"Recover Password\">\n
</form>");
}else{
$email = $_POST['email']; //this is making the $email the input into the email part in the form
$sql = "SELECT * FROM members WHERE email='$email'"; //this is checking the emails in the database looking for the one posted in the form
$checkmail = mysql_query($sql)
or die(mysql_error());
//the above lines look for the email address in the member table
if (mysql_num_rows($checkmail) == "0") {
exit("We can't find that email address in our member database,
please make sure you entered the correct address");
}//if the email doesn't exist, tell the user it doesn't
$checkmail = mysql_fetch_array($checkmail);
$user = $checkmail['username'];
// *************************
// Random Password Generator
// *************************
$alphanum = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
//shuffles the letters around to create a 16 long code
$code = substr(str_shuffle($alphanum), 0, 7);
$newpassword = sha1(md5(md5(sha1(md5(sha1(sha1(md5($code))))))));
$update = "UPDATE `members` SET `password` = '" . $newpassword . "' WHERE `username` = '" . $user . "'";
mysql_query($update)
or die(mysql_error());
//change the member's password to the new generated one
$subject = "Password Recovery"; //here is the subject of the email
$message = ("Dear $user, The email was generated because it has come to our attention that you have forgot your password.
Please find below your new password once you have logged into your account please go into your control panel and change your password.\n
New Password: " . $code . "\n
Thank you for using the password recovery service, have a nice day"); //this is what is displayed in the email
$sender = "norely@site.co.uk"; //change this to your site
mail($email, $subject, $message, $sender);
echo ("Password Reset Successful - Please login to your email account and find an email from our site with your new password.");
}
?>
include "config.php";
if (!$_POST['lost_pass']) {//the form hasn't been submitted, we make it
echo ("<strong>Forgot your password?</strong><br \>\n
In order to recover your password need the email address your registered with.\n<br \>
E-Mail Address <form method=post><input type=text name=email><br \>\n
<input type=\"submit\" name=\"lost_pass\" value=\"Recover Password\">\n
</form>");
}else{
$email = $_POST['email']; //this is making the $email the input into the email part in the form
$sql = "SELECT * FROM members WHERE email='$email'"; //this is checking the emails in the database looking for the one posted in the form
$checkmail = mysql_query($sql)
or die(mysql_error());
//the above lines look for the email address in the member table
if (mysql_num_rows($checkmail) == "0") {
exit("We can't find that email address in our member database,
please make sure you entered the correct address");
}//if the email doesn't exist, tell the user it doesn't
$checkmail = mysql_fetch_array($checkmail);
$user = $checkmail['username'];
// *************************
// Random Password Generator
// *************************
$alphanum = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
//shuffles the letters around to create a 16 long code
$code = substr(str_shuffle($alphanum), 0, 7);
$newpassword = sha1(md5(md5(sha1(md5(sha1(sha1(md5($code))))))));
$update = "UPDATE `members` SET `password` = '" . $newpassword . "' WHERE `username` = '" . $user . "'";
mysql_query($update)
or die(mysql_error());
//change the member's password to the new generated one
$subject = "Password Recovery"; //here is the subject of the email
$message = ("Dear $user, The email was generated because it has come to our attention that you have forgot your password.
Please find below your new password once you have logged into your account please go into your control panel and change your password.\n
New Password: " . $code . "\n
Thank you for using the password recovery service, have a nice day"); //this is what is displayed in the email
$sender = "norely@site.co.uk"; //change this to your site
mail($email, $subject, $message, $sender);
echo ("Password Reset Successful - Please login to your email account and find an email from our site with your new password.");
}
?>
Posted on Saturday 26th July 2008 at 06:50 PM
Woo thanks!