UQ13A Posted July 1, 2009 Share Posted July 1, 2009 How would i make a forget password scirpt which emails the password to a user but it is only sent when the users security question is correct? example; Windows live hotmail it ask for your secret answer Link to comment https://forums.phpfreaks.com/topic/164408-solved-forgot-password-with-confirmation/ Share on other sites More sharing options...
Brian W Posted July 1, 2009 Share Posted July 1, 2009 Of course when they sign up, they will need to select the question they want to use and they will need to answer it. The questions should be stored in a table in your db with a PRIMARY_KEY you can reference to. The answer should be stored with the user's data and also the reference key to the question used. To pull the question again for them to answer (in order to get their password), something like this SELECT q.question, u.id FROM users u LEFT JOIN questions q ON u.question = q.id WHERE u.email = '$email' That should return their question and their user id so that you can send the answer for form processing and compare it to their answer in the db. Note: Remember to note make the answers case sensitive. Now, you also don't want to output their password right there, that would be a security risk, Email the user their password. Pretty much any one I know knows where I grew up, what my first school was, what my mothers maiden name is, ect. These questions are only a buffer from basic attacks. Link to comment https://forums.phpfreaks.com/topic/164408-solved-forgot-password-with-confirmation/#findComment-867413 Share on other sites More sharing options...
UQ13A Posted July 3, 2009 Author Share Posted July 3, 2009 thanks, kind of got the idea. Shall post more if need help Link to comment https://forums.phpfreaks.com/topic/164408-solved-forgot-password-with-confirmation/#findComment-868497 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.