pixeltrace Posted February 22, 2007 Share Posted February 22, 2007 guys, i need help, i have a login form and needs to have a forgot password page. what i wanted to happen is that the user will input his/her username to the forgot password field and a new password will be submitted to his/her email once he/she click on the get new password button. on the process page there should be some verifications, like to verify if the username exsists, if not it should go back to the index page if yes process will continue and will send a new password to the user. need help on this since i dont have idea how to do this since the password that i have in my database is in md5 thanks in advance! Quote Link to comment Share on other sites More sharing options...
mmarif4u Posted February 22, 2007 Share Posted February 22, 2007 Do u make some code show us we will help u. Quote Link to comment Share on other sites More sharing options...
redarrow Posted February 22, 2007 Share Posted February 22, 2007 The proper way to do this is to ask the user when he/she join's for a specil word or provide a drop down box to collect that word this way you can reset the md5 password this is more secure ok. when that's done then provide a form for lost password and ask the user for that specil word then if the word match the database then provide the form to update that password thay forgot. Once the update of new password has be provided you could send an email to get that user to activate there account agin via another enum column set to 0 or 1 from the database and use an update query to a page ok. once the user press the email link goes to the update page and updates to a 1 meaning login is now reset ok. Quote Link to comment Share on other sites More sharing options...
pixeltrace Posted February 22, 2007 Author Share Posted February 22, 2007 the form page is just simple i have one field <form action="process.php" method="POST"> <b class="text3">Username:</b> <input type="text" name="username" maxlength="30"> <input type="submit" value="Get New Password"> </form> and a process.php page wherein the validation and sending of new password will happen. i made a process.php page i dont know if this is correct or if it will work because honestly, i still can't, write php well yet. below is the codes that i have made <? include 'db_connect.php'; $username = $_POST['username']; $query = mysql_query("SELECT password, email FROM admin_users WHERE username= '$username'") or die(mysql_error()); $row = mysql_fetch_array( $query ); //print_r($row); // to print the values of the row $password = $row["password"]; $email = $row["email"]; $sql_username_check = mysql_query("SELECT username, email FROM admin_user WHERE username='$username'"); $username_check = mysql_num_rows($sql_username_check); if($username_check > 0){ $db_password = md5($password); } $Message = ""; $Message .= "An Email from: Administrator\n"; $Message .= "New password has been created\n"; $Message .= "For: $username\n"; $Message .= "Your new password is: $newpassword\n"; $Message .= "\n\n"; $Header = administator@email.com; $To = "$email"; $Subject = "New Password"; } else { echo '<script language=javascript> alert("Username doesnt exist!");top.location = "index.php";</script>'; } ?> hope you could help me with this. thanks a lot! Quote Link to comment Share on other sites More sharing options...
redarrow Posted February 22, 2007 Share Posted February 22, 2007 I understand your code but if somone put the name of another user then the password will be changed that no good is it. That why i said ask the user to select a specil name or provide a drop down box on registration. Quote Link to comment Share on other sites More sharing options...
pixeltrace Posted February 22, 2007 Author Share Posted February 22, 2007 i understand, but the database is already there, maybe for the existing user, i will just ask them for the pencil word that you told me then i will just update the database hope you wont mind, assuming i have the form and process page hope its ok if i'll ask the codes for that, since i really haven't tried this kind of function thanks in advance! Quote Link to comment Share on other sites More sharing options...
redarrow Posted February 22, 2007 Share Posted February 22, 2007 <?php include("db_connect.php"); $query1 = mysql_query("SELECT * FROM `admin_users` WHERE specil_name= '$specil_name'") or die(mysql_error()); $row = mysql_fetch_array( $query1 )or die("mysql_error()"); while($rec=mysql_fetch_assoc($resul2)){ if(mysql_num_rows($row)==1){ $password=md5($password); $query2="update `admin_users` set `password`='$password' where `specil_name`=''".$rec['specil_name']."''"; $result=mysql_query($query2)or die("mysql_error()"); echo " Thank you password changed<br> We also sent a copy to ur email address cheers!"; exit; } $to = $rec['email']; $subject = 'new password '; $message = 'your new password is: $password'; $headers = "From: administator@email.com\r\n" . 'X-Mailer: PHP/' . phpversion() . "\r\n" . "MIME-Version: 1.0\r\n" . "Content-Type: text/html; charset=utf-8\r\n" . "Content-Transfer-Encoding: 8bit\r\n\r\n"; mail($to, $subject, $message, $headers); echo"<form action=' ' method='POST'> <b class="text3">New password:</b> <input type="text" name="password" maxlength="30"> <input type="submit" value="New Password"> </form>"; } } } ?> <form action=" " method="POST"> <b class="text3">Specil name:</b> <input type="text" name="specil_name" maxlength="30"> <input type="submit" value="Get New Password"> </form> Quote Link to comment Share on other sites More sharing options...
redarrow Posted February 22, 2007 Share Posted February 22, 2007 edited <?php include("db_connect.php"); $query1 = mysql_query("SELECT * FROM `admin_users` WHERE `specil_name`= '$specil_name'") or die(mysql_error()); $row = mysql_fetch_array( $query1 )or die("mysql_error()"); while($rec=mysql_fetch_assoc($resul2)){ if(mysql_num_rows($row)==1){ $password=md5($password); if($_POST['submit']){ $query2="update `admin_users` set `password`='$password' where `specil_name`=''".$rec['specil_name']."''"; $result=mysql_query($query2)or die("mysql_error()"); echo " Thank you password changed<br> We also sent a copy to ur email address cheers!"; exit; } $to = $rec['email']; $subject = 'new password '; $message = 'your new password is: $password'; $headers = "From: administator@email.com\r\n" . 'X-Mailer: PHP/' . phpversion() . "\r\n" . "MIME-Version: 1.0\r\n" . "Content-Type: text/html; charset=utf-8\r\n" . "Content-Transfer-Encoding: 8bit\r\n\r\n"; mail($to, $subject, $message, $headers); echo"<form action=' ' method='POST'> <b class='text3'>New password:</b> <input type='text' name='password' maxlength='30'> <input type='submit' name='submit' value='New Password'> </form>"; } } ?> <form action=" " method="POST"> <b class="text3">Specil name:</b> <input type="text" name="specil_name" maxlength="30"> <input type="submit" value="Get New Password"> </form> Quote Link to comment Share on other sites More sharing options...
pixeltrace Posted February 22, 2007 Author Share Posted February 22, 2007 hi, i am getting a mysql_error() this the code that i used for the entire page <?php include("db_connect.php"); $query1 = mysql_query("SELECT * FROM admin_user WHERE specil_name = '$specil_name'") or die(mysql_error()); $row = mysql_fetch_array( $query1 )or die("mysql_error()"); while($rec=mysql_fetch_assoc($resul2)){ if(mysql_num_rows($row)==1){ $password=md5($password); if($_POST['submit']){ $query2="update `admin_users` set `password`='$password' where `specil_name`=''".$rec['specil_name']."''"; $result=mysql_query($query2)or die("mysql_error()"); echo " Thank you password changed<br> We also sent a copy to ur email address cheers!"; exit; } $to = $rec['test@gmail.com']; $subject = 'new password '; $message = 'your new password is: $password'; $headers = "From: test@email.com\r\n" . 'X-Mailer: PHP/' . phpversion() . "\r\n" . "MIME-Version: 1.0\r\n" . "Content-Type: text/html; charset=utf-8\r\n" . "Content-Transfer-Encoding: 8bit\r\n\r\n"; mail($to, $subject, $message, $headers); echo"<form action=' ' method='POST'> <b class='text3'>New password:</b> <input type='text' name='password' maxlength='30'> <input type='submit' name='submit' value='New Password'> </form>"; } } ?> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>:: Testpage :: Administration Page</title> <style type="text/css"> <!-- body { margin-left: 0px; margin-top: 10px; margin-right: 0px; margin-bottom: 0px; } --> </style> <link href="css.css" rel="stylesheet" type="text/css"> </head> <body> <table width="778" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td colspan="2" background="images/headerbg.gif"><table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="226" align="left"><img src="images/header.gif" width="226" height="148"></td> <td> </td> </tr> </table></td> <td background="images/headerbg.gif"><img src="images/headeright.gif" width="16" height="148"></td> </tr> <tr> <td width="16" rowspan="2" align="left" valign="top" background="images/left.gif"><img src="images/left.gif" width="16" height="14"></td> <td width="745" valign="top"><table width="739" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="739"> </td> </tr> <tr> <td align="center"><h1 class="text4">Forgot Password</h1> <span class="text8">A new password will be generated for you and sent to the email address<br> associated with your account, all you have to do is enter your specil name.<br> Specil name is the secret word that your web administrator gave you<br> together with your username and password. </span><br> <br> <form action=" " method="POST"> <b class="text3">Specil name:</b> <input type="text" name="specil_name" maxlength="30"> <input type="submit" value="Get New Password"> </form> </td> </tr> <tr> <td> </td> </tr> </table></td> <td width="16" rowspan="2" align="right" valign="top" background="images/right.gif"><img src="images/spacer.gif" width="1" height="1"><img src="images/right.gif" width="16" height="14"></td> </tr> <tr> <td valign="top"><img src="images/spacer.gif" width="746" height="10"></td> </tr> <tr> <td background="images/footerbg.gif"><img src="images/footerleft.gif" width="16" height="43"></td> <td background="images/footerbg.gif"><table width="100%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td height="10" colspan="2" align="left"><img src="images/spacer.gif" width="12" height="10"></td> </tr> <tr> <td width="746" align="center" valign="top" class="footer">Copyright © 2007 www.jobhirings.com. All Rights Reserved</td> </tr> </table></td> <td background="images/footerbg.gif"><img src="images/footeright.gif" width="16" height="43"></td> </tr> </table> </body> </html> what could be the problem here? thanks! Quote Link to comment Share on other sites More sharing options...
pixeltrace Posted February 22, 2007 Author Share Posted February 22, 2007 hi, i am getting this errors now Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in c:\hosting\webhost4life\member\diorgrace\admean\forgotpass.php on line 7 Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in c:\hosting\webhost4life\member\diorgrace\admean\forgotpass.php on line 9 this is my code <?php include("db_connect.php"); $query1 = mysql_query("SELECT * FROM admin_user WHERE specil_name= '$specil_name'") or die(mysql_error()); $row = mysql_fetch_array( $query ); while($rec=mysql_fetch_assoc($result)){ if(mysql_num_rows($row)==1){ $password=md5($password); if($_POST['submit']){ $query2="UPDATE admin_user SET password ='$password' where 'specil_name'='".$rec['specil_name']."''"; $result=mysql_query($query2)or die("mysql_error()"); echo " Thank you password changed<br> We also sent a copy to ur email address cheers!"; exit; } $to = $rec['email']; $subject = 'new password '; $message = 'your new password is: $password'; $headers = "From: pixeltrace@email.com\r\n" . 'X-Mailer: PHP/' . phpversion() . "\r\n" . "MIME-Version: 1.0\r\n" . "Content-Type: text/html; charset=utf-8\r\n" . "Content-Transfer-Encoding: 8bit\r\n\r\n"; mail($to, $subject, $message, $headers); echo"<form action=' ' method='POST'> <b class='text3'>New password:</b> <input type='text' name='password' maxlength='30'> <input type='submit' name='submit' value='New Password'> </form>"; } } ?> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>:: Testpage :: Administration Page</title> <style type="text/css"> <!-- body { margin-left: 0px; margin-top: 10px; margin-right: 0px; margin-bottom: 0px; } --> </style> <link href="css.css" rel="stylesheet" type="text/css"> </head> <body> <table width="778" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td colspan="2" background="images/headerbg.gif"><table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="226" align="left"><img src="images/header.gif" width="226" height="148"></td> <td> </td> </tr> </table></td> <td background="images/headerbg.gif"><img src="images/headeright.gif" width="16" height="148"></td> </tr> <tr> <td width="16" rowspan="2" align="left" valign="top" background="images/left.gif"><img src="images/left.gif" width="16" height="14"></td> <td width="745" valign="top"><table width="739" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="739"> </td> </tr> <tr> <td align="center"><h1 class="text4">Forgot Password</h1> <span class="text8">A new password will be generated for you and sent to the email address<br> associated with your account, all you have to do is enter your specil name.<br> Specil name is the secret word that your web administrator gave you<br> together with your username and password. </span><br> <br> <form action="" method="POST"> <b class="text3">Specil name:</b> <input type="text" name="specil_name" maxlength="30"> <input type="submit" value="Get New Password"> </form> </td> </tr> <tr> <td> </td> </tr> </table></td> <td width="16" rowspan="2" align="right" valign="top" background="images/right.gif"><img src="images/spacer.gif" width="1" height="1"><img src="images/right.gif" width="16" height="14"></td> </tr> <tr> <td valign="top"><img src="images/spacer.gif" width="746" height="10"></td> </tr> <tr> <td background="images/footerbg.gif"><img src="images/footerleft.gif" width="16" height="43"></td> <td background="images/footerbg.gif"><table width="100%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td height="10" colspan="2" align="left"><img src="images/spacer.gif" width="12" height="10"></td> </tr> <tr> <td width="746" align="center" valign="top" class="footer">Copyright © 2007 www.jobhirings.com. All Rights Reserved</td> </tr> </table></td> <td background="images/footerbg.gif"><img src="images/footeright.gif" width="16" height="43"></td> </tr> </table> </body> </html> need help please! Quote Link to comment Share on other sites More sharing options...
pixeltrace Posted February 22, 2007 Author Share Posted February 22, 2007 hi, this is the error message that i am getting now Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in c:\hosting\webhost4life\member\diorgrace\admean\forgotpass.php on line 9 need help on this please! below is my current codes. thanks! <?php include("db_connect.php"); $query1 = mysql_query("SELECT * FROM admin_user WHERE specil_name= '$specil_name'") or die(mysql_error()); $row = mysql_fetch_array( $query1 ); while($rec=mysql_fetch_assoc($result2)){ if(mysql_num_rows($row)==1){ $password=md5($password); if($_POST['submit']){ $query2="UPDATE admin_user SET password ='$password' where 'specil_name'='".$rec['specil_name']."''"; $result2=mysql_query($query2)or die("mysql_error()"); echo " Thank you password has been changed<br> We also sent a copy to ur email address cheers!"; exit; } $to = $rec['email']; $subject = 'new password '; $message = 'your new password is: $password'; $headers = "From: pixeltrace@gmail.com\r\n" . 'X-Mailer: PHP/' . phpversion() . "\r\n" . "MIME-Version: 1.0\r\n" . "Content-Type: text/html; charset=utf-8\r\n" . "Content-Transfer-Encoding: 8bit\r\n\r\n"; mail($to, $subject, $message, $headers); echo"<form action=' ' method='POST'> <b class='text3'>New password:</b> <input type='text' name='password' maxlength='30'> <input type='submit' name='submit' value='New Password'> </form>"; } } ?> Quote Link to comment Share on other sites More sharing options...
JasonLewis Posted February 22, 2007 Share Posted February 22, 2007 what is $result2. try changing $result2 on line 9 to $query1. your code is pretty weird actually. Quote Link to comment Share on other sites More sharing options...
pixeltrace Posted February 22, 2007 Author Share Posted February 22, 2007 after replacing it with $query1 i already lost the error however i am not getting any emails and the echo message echo " Thank you password has been changed<br> We also sent a copy to ur email address cheers!"; is not appearing what seems to be the problem here? thanks! Quote Link to comment Share on other sites More sharing options...
redarrow Posted February 22, 2007 Share Posted February 22, 2007 please change the database infomation. fully working ok. <?php session_start(); $db=mysql_connect("localhost","username","password"); mysql_select_db("mat_website",$db); echo" <html> <head> <title>Dj Phc</title> <body bgcolor='#ff333' vlink='blue' link='blue' alink='blue'>"; include("header.php"); echo"<br><br><h1><div align='center'>Forgot password</h1></div><br>"; $query="select mail,password from blog_register where mail='$mail'"; $result=mysql_query($query); while($rec=mysql_fetch_assoc($result)){ $mail=$_SESSION['mail']=$rec['mail']; } if(mysql_num_rows($result)==1){ if($_GET['cmd']=="update"){ $query2="update `blog_register` set `password`='$password' where `mail` = '$mail' "; $result=mysql_query($query2)or die(mysql_error()); $to = $mail; $subject = 'new password(www.djphc.com)'; $message = '<html><body><h2>please keep this new password in a safe place</h2><br><br>Your new password is: '.$password.'</body></html>'; $headers = "From: administator@email.com\r\n" . 'X-Mailer: PHP/' . phpversion() . "\r\n" . "MIME-Version: 1.0\r\n" . "Content-Type: text/html; charset=utf-8\r\n" . "Content-Transfer-Encoding: 8bit\r\n\r\n"; mail($to, $subject, $message, $headers); echo " <div align='center'><font color='yellow'>Thank you password changed!<br> We have sent a copy to your email address!<div></font><br><br><a href='login.php'>please login</a>"; exit; } if($_GET['cmd']=="pro"){ echo"<div align='center'><form action='forgot_password.php?cmd=update ' method='POST'> <font color='yellow'>Please provide a new password</font><br><br> <input type='text' name='password' maxlength='30'> <br> <br> <input type='submit' name='submit' value='New Password'> </form></div>"; exit; } } ?> <div align='center'> <form action="forgot_password.php?cmd=pro" method="POST"> <font color='yellow'>Please provide registration email address</font><br><br> <input type="text" name="mail" maxlength="30"> <br> <br> <input type="submit" name="protect" value="Confirm email address"> </form> </div> Quote Link to comment Share on other sites More sharing options...
pixeltrace Posted February 22, 2007 Author Share Posted February 22, 2007 what is the include header.php? Quote Link to comment Share on other sites More sharing options...
pixeltrace Posted February 22, 2007 Author Share Posted February 22, 2007 i tried and it work however, the password is not in md5 how do i make the password set to md5? thanks! Quote Link to comment Share on other sites More sharing options...
pixeltrace Posted February 22, 2007 Author Share Posted February 22, 2007 its working fine now i just added $password = md5($password); thanks again! Quote Link to comment Share on other sites More sharing options...
redarrow Posted February 22, 2007 Share Posted February 22, 2007 That ok mate also add $password=addslashes($password) ok. ps. The header was a template for the links ok. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.