Jump to content

retreive password from being in md5


Recommended Posts

when a user forgets his or her password they can retreive it by sending an email to their account and the password is given to them.  unfortunatly the password they recieve is in md5:


for example the password 'the' is given in an email like so:




Please change your password as soon as you logon


could someone please advise me what i am doing wrong so the password would be converted back to plain text.


here is the code for the email:


$query="Select pw from user where uname='$name'" or die(mysql_error());
$result= mysql_query($query); 

for ($i=0; $i<mysql_num_rows($result); $i++) {
$row = mysql_fetch_assoc($result);

$pass= md5($row['pw']);
$from="From: Admin@asdesigns.co.uk\r\n";
$msg .="Username:$name\r\n";
$msg .="Please change your password as soon as you logon\r\n";
$subject="From Admin re:Your Login Password\r\n";


thanks in advance


i know im doing something really silly by missing something out but i cant see where it is

Link to comment
Share on other sites

Whichever method you choose to do this, don't automatically update the existing password in the user table until the user performs some action using information you send him in the email. Otherwise, someone can just go through a list of likely/actual usernames requesting a new password and screw up the accounts of your users.

Link to comment
Share on other sites

This thread is more than a year old.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.