Advanced Forgoten Password Script
Ok In this script we are making a forgot password script. that is easily editibale and pretty advanced.
It Works Because I Use It Myself.
Any Problems Let Me Know
PHP Code
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
<?php
require "config.php"; //Depending on what system you use you may need to change the config to connect.
if (!$_POST['lost_pass']) {//the form hasn't been submitted, we make it
echo ("<strong>Forgot your password?</strong><br \>\n
In order to recover your password need need your email address.\n
Please type the email address you used upon registration\n<br \>
E-Mail Address<form method=post><input type=text name=email><br \>\n
<input type=\"submit\" name=\"lost_pass\" value=\"Recover Password\">\n
</form>"); //all that is just the form methord. the bit you see to enter your email and all that. i dont think ill need to explain it.
}else{
$email = $_POST['email']; //this is making the $email the input into the email part in the form
$sql = "SELECT * FROM users WHERE email='$email'"; //this is checking the emails in the database looking for the one posted in the form
$checkmail = mysql_query($sql)
or die(mysql_error());
//the above lines look for the email address in the member table
if (mysql_num_rows($checkmail) == "0") {
exit("We can't find that email address in our member database,
please make sure you entered the correct address");
}//if the email doesn't exist, tell the user it doesn't
$checkmail = mysql_fetch_array($checkmail);
$user = $checkmail['user'];
// *************************
// Random Password Generator
// *************************
$alphanum = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
//shuffles the letters around to create a 16 long code
$code = substr(str_shuffle($alphanum), 0, 7);
$newpassword = sha1(md5(md5(sha1(md5(sha1(sha1(md5($code))))))));
$update = "UPDATE `members` SET `password` = '" . $newpassword . "' WHERE `username` = '" . $user . "'";
mysql_query($update)
or die(mysql_error());
//change the member's password to the new generated one
$subject = "Password Recovery from SITE NAME HERE"; //here is the subject of the email
$message = ("$user, after submitting the password recovery form you this message has been
generated for you. A new password has been generated for you and is included below.\n
Your new password is " . $newpassword . "\n
Thank you for using the password recovery service, have a nice day"); //this is what is displayed in the email
$sender = "no.rely@YOURSITE.COM"; //change this to your site
mail($email, $subject, $message, $sender);//send an email to our user
echo ("Thank you, a new password has been generated. It has been sent to your inbox.
While this service is usually instantanious it can take up to 10 minutes, please be patient"); //this is displayed and the email is sent!
}
?>