Jump to content

Forgot Password form not working, need another set of eyes.


Recommended Posts

Hey,

 

I am trying to add the feature to reset a password based on a username,  or email doesn't matter.  just trying to get this to work.  Found some stuff online and came up with this.

 

forgot-password.php

<?php
$sheet_name = "users-signup";
include ("../inc/control.php"); //main inc dir.
include ("inc/tbnl-functions.php"); //users inc dir.
include ("inc/tbnl-header.php");
include ("../inc/page-top.php");
echo $content;

echo <<< _END
<form name="myform" action="tbnl-login.php" method="post">
Username: <input type="text" name="user" size="15" /><br />
<input type="submit" name="submit" value="Submit" />
</form>
_END;
include ("../inc/page-bot.php");
?>

 

send-password.php

 

<?php
$sheet_name = "users-signup";
include ("../inc/control.php"); //main inc dir.
include ("inc/tbnl-functions.php"); //users inc dir.

$username = $_POST["user"];
$res = mysql_query("select * from tbnlmembers where user='$username'") or die("cannot select from email");
$row = mysql_fetch_array($res);
$email = $row["email"];
srand((double)microtime() * 1000000);
$random = rand(1234, 2343);
$password = $row["name"] . $random;

$upassword = md5($password);

mysql_query("update tbnlmembers set pass='$upassword' where pass='$pass'") or
    die("cannot send your password");

$headers = "From: myemail@email.com\n"; //from address
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/html; charset=iso-8859-1 \n";
$subject = "Password Recovery - Do Not Reply Back To This Email";

$body = "<div align=center><br><br>----------------------------- Password Recovery--------------------------------<br><br><br><br>
Your Temporary Password is: $password<br><br>Remember your password this time!</div>";

if (mail($email, $subject, $body, $headers)) {
    echo "<font class=tblackb>Your password has been send to your Private Email</font>";
} else {
    echo "<font class=tblackb>Password Not Send.<br><Br>Please Try Again Later!...</font>";
}
?>

 

When I try forgot-password.php it goes to my login page, with the user field filled out, no email is sent, and right above the login inputs it says"Not all fields were entered"

 

Here is my login script

 

<?php
$sheet_name = "users-signup";
include ("../inc/control.php"); //main inc dir.
include ("inc/tbnl-functions.php"); //users inc dir.
include ("inc/tbnl-header.php");
include ("../inc/page-top.php");
echo $content;
$error = $user = $pass = "";
if (isset($_POST['user'])) {
    $user = sanitizeString($_POST['user']);
    $pass = sanitizeString($_POST['pass']);
    if ($user == "" || $pass == "") {
        $error = "Not all fields were entered<br />";
    } else {
        $query = "SELECT user,pass FROM tbnlmembers WHERE user = '$user' AND pass = MD5('$pass')";
        if (mysql_num_rows(queryMysql($query)) == 0) {
            $error = "Username/Password invalid<br />";
        } else {
            $_SESSION['user'] = $user;
            $_SESSION['pass'] = $pass;
            die("You are now logged in. Please
<a href='tbnl-members.php?view=$user'>click here</a>.");
        }
    }
}
echo <<< _END


<form method='post' action='tbnl-login.php'>$error
<ul class="single">
	<li><label>Username</label><input type='text' maxlength='16' name='user'value='$user' /></li>
	<li><label>Password</label><input type='password' maxlength='16' name='pass'value='$pass' /></li>
	<li><input type='submit' value='Login' /></li>
</ul>
</form>
<a href="forgot-password.php">Forgot Password</a>
_END;
include ("../inc/page-bot.php");
?>

 

And here is what i used to setup my tables

 

<?php
include_once 'tbnl-functions.php';
echo '<h3>Setting up</h3>';
createTable('tbnlmembers', 
'id INT UNSIGNED AUTO_INCREMENT PRIMARY KEY, 
user VARCHAR(16), pass VARCHAR(32), fname VARCHAR(16), lname VARCHAR(16), email VARCHAR(16),
INDEX(user(6))');
createTable('tbnlmessages',
'id INT UNSIGNED AUTO_INCREMENT PRIMARY KEY,
auth VARCHAR(16), recip VARCHAR(16), pm CHAR(1),
time INT UNSIGNED, message VARCHAR(4096),
INDEX(auth(6)), INDEX(recip(6))');
createTable('tbnlfriends', 'user VARCHAR(16), friend VARCHAR(16),
INDEX(user(6)), INDEX(friend(6))');
createTable('tbnlprofiles', 'user VARCHAR(16), text VARCHAR(4096),
INDEX(user(6))');
?>

 

 

Any Ideas,  Or anyone have a better reference I can follow,  I have everything setup for creating accounts, i created a page that loops through my table and outputs what's in it.  So it's easy for me to test, jst a bit lost at this point as I have never done this before, and am just learning PHP,

 

Thanks in Advance,

 

 

mysql_query("update tbnlmembers set pass='$upassword' where pass='$pass'") or

 

I dont see anywhere you set the $pass variable, so try using the username instead, like

mysql_query("update tbnlmembers set pass='$upassword' where user='$username'") or

 

Also the action of your reset password form should be the send-password.php page so

 

<form name="myform" action="send-password.php" method="post">
Username: <input type="text" name="user" size="15" /><br />
<input type="submit" name="submit" value="Submit" />
</form>
[/code[

Thankyou,

 

I saw the action after I posted... but the kicker was the username

 

I dont see anywhere you set the $pass variable, so try using the username instead, like

 

mysql_query("update tbnlmembers set pass='$upassword' where user='$username'") or

 

 

Thanks again.

Ok,

 

So I have tried to change this so you input your email address instead of your Username,  And the password updates in the database, but now I cannot get my email to send out.

 

forgot-password.php

 

<?php
$sheet_name = "users-signup";
include ("../inc/control.php"); //main inc dir.
include ("inc/tbnl-functions.php"); //users inc dir.
include ("inc/tbnl-header.php");
include ("../inc/page-top.php");
echo $content;

echo <<< _END
<form name="myform" action="send-password1.php" method="post">
Email: <input type="text" name="email" size="15" /><br />
<input type="submit" name="submit" value="Submit" />
</form>
_END;
include ("../inc/page-bot.php");
?>

 

And here is send-password.php

 

<?php
$sheet_name = "users-signup";
include ("../inc/control.php"); //main inc dir.
include ("inc/tbnl-functions.php"); //users inc dir.

$username = $_POST["email"];
$res = mysql_query("select * from tbnlmembers where email='$email'") or die("cannot select from email");
$row = mysql_fetch_array($res);
$email = $row["email"];
srand((double)microtime() * 1000000);
$random = rand(1234, 2343);
$password = $row["name"] . $random;

$upassword = md5($password);

mysql_query("update tbnlmembers set pass='$upassword' where email='$username'") or
    die("cannot send your password");

$headers = "From: mymail@mail.com\n"; //from address
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/html; charset=iso-8859-1 \n";
$subject = "Password Recovery - Do Not Reply Back To This Email";

$body = "<div align=center><br><br>----------------------------- Password Recovery--------------------------------<br><br><br><br>
Your Temporary Password is: $password<br><br>Remember your password this time!</div>";

if (mail($email, $subject, $body, $headers)) {
    echo "<font class=tblackb>Your password has been send to your Private Email</font>";
} else {
    echo "$email <font class=tblackb>Password Not Send.<br><Br>Please Try Again Later!...</font>";
    
}
?>

 

Right at the bottom(above) I can echo the $subject $body and $headers, and they will all return their values, but email will not.

 

Can anyone pick out what I am missing?

 

Thanks in advance

$username = $_POST["email"];

$res = mysql_query("select * from tbnlmembers where email='$email'") or die("cannot select from email");

 

 

Why are you not doing

$res = mysql_query("select * from tbnlmembers where email='$username'") or die("cannot select from email");

 

You assigned $username to the email but never use the variable. Also assigning the variable $email twice:) Your query is returning nothing.

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.