Jump to content

md5 password recovery


Rifts

Recommended Posts

i usually just get user to enter email address, then check that against username in database, and auto generate a random password using "rand" then email the user there password.

 

might find the following usefull, i just finished coding that part of my script;

<?php
session_start();  // Start Session
session_register("session");
// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back";
// Convert to simple variables  
$email = $_POST['email'];
if (!isset($_POST['email'])) {
?>

 

 

                <?php
}
elseif (empty($email)) {
    echo $empty_fields_message;
}
else {
$email=mysql_real_escape_string($email);
$status = "OK";
$msg="";
//error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR);
if (!stristr($email,"@") OR !stristr($email,".")) {
$msg="Your email address is not correct<BR>"; 
$status= "NOTOK";}

echo "<br><br>";
if($status=="OK"){  $query="SELECT email,login FROM members WHERE email = '$email'";
$st=mysql_query($query);
$recs=mysql_num_rows($st);
$row=mysql_fetch_object($st);
$em=$row->email;// email is stored to a variable
if ($recs == 0) {
//Redirect to denied page.
print "<script language='Javascript'>document.location.replace('forgotenpass_denied.php');</script>";
}
function makeRandomPassword() { 
          $salt = "abchefghjkmnpqrstuvwxyz0123456789"; 
          srand((double)microtime()*1000000);  
          $i = 0; 
          while ($i <= 7) { 
                $num = rand() % 33; 
                $tmp = substr($salt, $num, 1); 
                $pass = $pass . $tmp; 
                $i++; 
          } 
          return $pass; 
    } 
    $random_password = makeRandomPassword();  
    $password = md5($random_password); 
     
    $sql = mysql_query("UPDATE members SET passwd='$password'  WHERE email='$email'"); 
     
    $subject = "Your Password Has been reset"; 
    $message = "Hi, we have reset your password. 
     
    Your New Password is: $random_password 
     
    http://www.yoursite.com/login
    Once logged in you can change your password 
     
    Thanks! 
    Admin 
     
    This is an automated response, DO NOT REPLY!"; 
     
    mail($email, $subject, $message, "From: yoursite.com Webmaster<[email protected]>\n 
        X-Mailer: PHP/" . phpversion()); 
    print "<script language='Javascript'>document.location.replace('forgotenpass_sucess.php');</script>"; 
} 
else {echo "<center><font face='Verdana' size='2' color=red >$msg <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";}
}
?>

 

apologies for the messy code. im quite new to all this :)

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.