Rifts Posted March 14, 2010 Share Posted March 14, 2010 hey everyone, when you register on my site your password is stored using .md5($_POST['password']). when using my "forgot password" link what is the code i need to email their passwords but decrypted? Link to comment https://forums.phpfreaks.com/topic/195160-md5-password-recovery/ Share on other sites More sharing options...
trq Posted March 14, 2010 Share Posted March 14, 2010 You cannot decrypt an md5 hash. You will need to reset the users password with a new temporary one and send them that. Link to comment https://forums.phpfreaks.com/topic/195160-md5-password-recovery/#findComment-1025777 Share on other sites More sharing options...
jacko_162 Posted March 14, 2010 Share Posted March 14, 2010 i usually just get user to enter email address, then check that against username in database, and auto generate a random password using "rand" then email the user there password. might find the following usefull, i just finished coding that part of my script; <?php session_start(); // Start Session session_register("session"); // This is displayed if all the fields are not filled in $empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back"; // Convert to simple variables $email = $_POST['email']; if (!isset($_POST['email'])) { ?> <?php } elseif (empty($email)) { echo $empty_fields_message; } else { $email=mysql_real_escape_string($email); $status = "OK"; $msg=""; //error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR); if (!stristr($email,"@") OR !stristr($email,".")) { $msg="Your email address is not correct<BR>"; $status= "NOTOK";} echo "<br><br>"; if($status=="OK"){ $query="SELECT email,login FROM members WHERE email = '$email'"; $st=mysql_query($query); $recs=mysql_num_rows($st); $row=mysql_fetch_object($st); $em=$row->email;// email is stored to a variable if ($recs == 0) { //Redirect to denied page. print "<script language='Javascript'>document.location.replace('forgotenpass_denied.php');</script>"; } function makeRandomPassword() { $salt = "abchefghjkmnpqrstuvwxyz0123456789"; srand((double)microtime()*1000000); $i = 0; while ($i <= 7) { $num = rand() % 33; $tmp = substr($salt, $num, 1); $pass = $pass . $tmp; $i++; } return $pass; } $random_password = makeRandomPassword(); $password = md5($random_password); $sql = mysql_query("UPDATE members SET passwd='$password' WHERE email='$email'"); $subject = "Your Password Has been reset"; $message = "Hi, we have reset your password. Your New Password is: $random_password http://www.yoursite.com/login Once logged in you can change your password Thanks! Admin This is an automated response, DO NOT REPLY!"; mail($email, $subject, $message, "From: yoursite.com Webmaster<[email protected]>\n X-Mailer: PHP/" . phpversion()); print "<script language='Javascript'>document.location.replace('forgotenpass_sucess.php');</script>"; } else {echo "<center><font face='Verdana' size='2' color=red >$msg <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";} } ?> apologies for the messy code. im quite new to all this Link to comment https://forums.phpfreaks.com/topic/195160-md5-password-recovery/#findComment-1025780 Share on other sites More sharing options...
Rifts Posted March 14, 2010 Author Share Posted March 14, 2010 thank you guys for the help! Link to comment https://forums.phpfreaks.com/topic/195160-md5-password-recovery/#findComment-1026064 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.