How do you send a user's username and password to their email when they forget?

[SauloA]

Can somebody help me make a form that sends a user's username and password to their email when they forget using a code like this:

mysql_select_db($database_connBlog, $connBlog);
$sql="SELECT user_pass, user_email FROM user_tbl WHERE user_sname='".$user_sname."'"; 
$r = mysql_query($sql, $connBlog);

and using a form like this:

<form name="forgot" method="post" action="forgot.php">
  <input name="sname" type="text" value="user_email" size="20"/><br />
  <input type="submit" name="submit" value="submit"/>
</form>

 

I want the user to be able to input their email and when the submit button is pushed they recieve an email with their username and password.

[midi_mick]

From the code you have there, the simple thing would be, in the form process:

 

if (mysql_num_rows($r) == 1) {
  $row = mysql_fetch_assoc($r);
  if (!is_null($row['user_email']) && ! is_null(%row['user_pass'])) {
    $msg = "Dear ". $_POST['sname'] . 
        "\r\n\r\nHere is your lost password : " . $row['user_pass'] . 
        "\r\n\r\nRegards\r\nMe";
    $headers = "From: " . $my_email . "\r\nReply-To: " . $my_email . "\r\n";
    mail($row['user_email'], 'Lost Password", $msg, $headers);
  }
}

 

 

[SauloA]

I inserted your code on my page and it looks like this:

mysql_select_db($database_connBlog, $connBlog);
$sql="SELECT user_pass, user_email FROM user_tbl WHERE user_sname='".$user_sname."'"; 
$r = mysql_query($sql, $connBlog);
if (mysql_num_rows($r) == 1) {
  $row = mysql_fetch_assoc($r);
  if (!is_null($row['user_email']) && ! is_null($row['user_pass'])) {
    $msg = "Dear ". $_POST['user_sname'] . 
        "\r\n\r\nHere is your lost password : " . $row['user_pass'] . 
        "\r\n\r\nRegards\r\nMe";
    $headers = "From: " . $my_email . "\r\nReply-To: " . $my_email . "\r\n";
    mail($row['user_email'], 'Lost Password", $msg, $headers');
  }
}

 

I removed the "%" in this line:

if (!is_null($row['user_email']) && ! is_null(%row['user_pass']))

and changed it to a "$".

 

And I added an ' that was missing in this line:

'Lost Password", $msg, $headers);

 

After doing that the form still doesn't seem to do anything.  I push the submit button and nothing happens.  You got any other ideas?

[midi_mick]

First - sorry about the typos. Was early morning here, and I suffer dyslexic finger syndrome at the best of times.

 

Here is the actual code I am using to send a new password in a forgotten password situation. This does work. Note: Your server does need to be set up to send mail in order for this to work.

 

You will notice the variables used here are different, but you should be able to substitute your user name and e-mail where my code has it in the session, and just pass your retrieved values through to the function (setting up the text as you see fit).

 

Another note: This code is not entirely my own, but a modified part of the security system set defined by Jpmaster77. The full system can be found at http://www.evolt.org/article/PHP_Login_System_with_Admin_Features/17/60384/index.html

 

  function sendNewPass($user, $email, $pass){
      $from = "From: ". $session->$username ." <". $session->$email .">";
      $subject = "Madhouse Staff - Your new password";
      $body = $user.",\n\n"
             ."We've generated a new password for you at your "
             ."request, you can use this new password with your "
             ."username to log in to The Madhouse Staff Resources.\n\n"
             ."Username: ".$user."\n"
             ."New Password: ".$pass."\n\n"
             ."It is recommended that you change your password "
             ."to something that is easier to remember, which "
             ."can be done by going to the My Account page "
             ."after signing in.\n\n"
             ."Regards\n"
		 .$session->$username . "\n";
             
      return mail($email,$subject,$body,$from);
   }