Jump to content

Need a "canned" password/logon script


rscott7706

Recommended Posts

Hi all, I have a MYSQL database for a an organization, with Name, Company, logon name, password and email.

The organization does not want new user validation, they will assign a logon name and password when someone joins.

What we do need is a script that would allow them, armed with their Name, Company Name and email, to either change their password, or retrieve if forgotton.

This is a little different then most scripts out there that have a whole user validation process up front.

Does any one know of a free or low-cost routine out there?
Link to comment
Share on other sites

[!--quoteo(post=375408:date=May 19 2006, 05:54 PM:name=Crayon Violent)--][div class=\'quotetop\']QUOTE(Crayon Violent @ May 19 2006, 05:54 PM) [snapback]375408[/snapback][/div][div class=\'quotemain\'][!--quotec--]
umm, just look for virtually any login script and remove the register linkie?
[/quote]

I hear you, but I did not explain my main issue - the users of this site are at best computer illiterate.

I would like a script that will "recover' the password, not send an new crytic looking one.
All of the routines I seen so far only allow a "new" password to be sent, I need to recover the original.

I know security is lower in this scenario, but not a hugh issue.
Link to comment
Share on other sites

okay, i'll help you out on the password bit and you can work with this making your own update info form using the mysql --> UPDATE users set name='$name', company='$company' where id='$id' <-- etc
Come back for spesific help on this when you are working on it.

Work with this to retrieve password (assume the stored password is stored without encryption):
[code]
<?php

$show_pass_form = 1;

if(isset($_POST['change']))
{
if(!empty($_POST['cname']) OR !empty($_POST['uname']) OR !empty($_POST['umail']))
{
foreach( $_POST as $key => $value )
{
${$key} = htmlspecialchars($value);
}
// change table info to your own
$sql = mysql_query("select password from table_users where email = '$umail' and name = '$uname' and company = '$cname'") or die(mysql_error());

if(mysql_num_rows($sql)<>1)
{
  print "Sorry, no unique user found with your provided information <br />";
}
else
{
$row = mysql_fetch_array($sql);
$pass = $row["password"]; // col name in db storing the password

  print "Your password is: $pass <br />";
// or preferred is to email it, remove the line above this printing out the password
$send_it = mail($umail,"Your password","Your password is: $pass","From: Secret site <info@site.net>");
if($send_it)
{
  print "Your password is sendt to $umail";
}
else
{
  print "Password was NOT sendt as the email procedure failed...";
}

// now we dont need to show the form again
$show_pass_form = 0;
}
}
else
{
  print "All fields needs to be filled in... <br />";
}
}

if($show_pass_form == 1)
{
echo <<<__HTML_END

<form action="this.php" method="post">

Company:<br />
<input type="text" name="cname" size="25" value="" />
<br />
Logon Name:<br />
<input type="text" name="uname" size="25" value="" />
<br />
Email:<br />
<input type="text" name="umail" size="25" value="" />
<br />
<br />
<input type="submit" name="forgot" value="Retrieve my password" />

</form>

__HTML_END;
}
?>
[/code]
Link to comment
Share on other sites

[!--quoteo(post=375408:date=May 19 2006, 05:54 PM:name=Crayon Violent)--][div class=\'quotetop\']QUOTE(Crayon Violent @ May 19 2006, 05:54 PM) [snapback]375408[/snapback][/div][div class=\'quotemain\'][!--quotec--]
umm, just look for virtually any login script and remove the register linkie?
[/quote]

I hear you, but I did not explain my main issue - the users of this site are at best computer illiterate.

I would like a script that will "recover' the password, not send an new crytic looking one.
All of the routines I seen so far only allow a "new" password to be sent, I need to recover the original.

I know security is lower in this scenario, but not a hugh issue.


Thanks alpine, I sure appreciate the help.

I can't get to it this morning, but will start working on it later today.

Please indulge me a little, I am still so new to this - and maybe a little dull in the cranium...

It looks like you have the users form and the php action script together here. Maybe I am way off, but on the bottom I see the form actions as "this.php" - wouldn't that be the code above saved as a separate file?

Or am I still not understanding all this? Gads - hate being a novice. I know just like everything else I will start picking this up, but PHP has been a slower curve for me.

Link to comment
Share on other sites

just rename the form action to the same name as you choose on that file, example getpass.php - nothing is to be splitted up. Remember to correct the table and col names, + ofcourse you will need to include a connection to your mysql db.
Link to comment
Share on other sites

[!--quoteo(post=375499:date=May 20 2006, 07:19 AM:name=alpine)--][div class=\'quotetop\']QUOTE(alpine @ May 20 2006, 07:19 AM) [snapback]375499[/snapback][/div][div class=\'quotemain\'][!--quotec--]
just rename the form action to the same name as you choose on that file, example getpass.php - nothing is to be splitted up. Remember to correct the table and col names, + ofcourse you will need to include a connection to your mysql db.
[/quote]


Cool!! Thanks alpine!!
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.