Email PHP script

  • Celest
  • Born
  • Born
  • Celest
  • Posts: 2

Post 3+ Months Ago

Hi,

I am doing a Login PHP program.
I am trying to do a forget password function where upon button clicked, password will be sent to the respective email stored in my database.
How should i do that?

Please help. Thanks :D
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • Truce
  • Guru
  • Guru
  • Truce
  • Posts: 1477
  • Loc: Washington DC

Post 3+ Months Ago

Retrieve their password from the database and send it to them via email. If you know how to setup the login I'm assuming you know how to use your database. If you're confused on how to email with PHP, google it...

http://www.google.com/search?q=php%20email
  • spork
  • Brewmaster
  • Silver Member
  • User avatar
  • Posts: 6250
  • Loc: Seattle, WA

Post 3+ Months Ago

You shouldn't be storing passwords in plain text in your database in the first place. Give your users the option to reset, not retrieve, their password by sending them randomized string as a temporary password and have them change it upon first login.
  • righteous_trespasser
  • Scuffle
  • Genius
  • User avatar
  • Posts: 6230
  • Loc: South-Africa

Post 3+ Months Ago

spork wrote:
You shouldn't be storing passwords in plain text in your database in the first place. Give your users the option to reset, not retrieve, their password by sending them randomized string as a temporary password and have them change it upon first login.

I agree ...
  • Bogey
  • Genius
  • Genius
  • Bogey
  • Posts: 8388
  • Loc: USA

Post 3+ Months Ago

You could do something like this.

Ask for their username AND for their email address.

Set a different randomized password for that account and send it to the email.

Once the user receives the email, have them change their password.


You should encrypt your password with md5(); or something else... you shouldn't be storing them as strings (like spork said).
  • righteous_trespasser
  • Scuffle
  • Genius
  • User avatar
  • Posts: 6230
  • Loc: South-Africa

Post 3+ Months Ago

Which one do you guys think is better ... using md5() to store the password or using MySql's PASSWORD() to store the password?
  • casablanca
  • Proficient
  • Proficient
  • User avatar
  • Posts: 481

Post 3+ Months Ago

I don't know what algorithm MySQL's PASSWORD uses, so MD5 is probably better since it's a standard.
  • mishka
  • Novice
  • Novice
  • mishka
  • Posts: 20
  • Loc: Toronto

Post 3+ Months Ago

http://dev.mysql.com/doc/refman/5.0/en/ ... n_password

so yeah password() is not recommended ... moreover it would be less efficient (even redundant) causing unnecessary additional hit on mysql engine.

so probably the best is:
1) generate pw on application layer;
2) store it with db user table
3) on-storage success generate respective e-mail to user
4) onSent success pop some message to screen like: your pw has been reset.. please look at your e-mail box.

notice that md5() generates 64 char string; crypt() is 32 char length ...

Post Information

  • Total Posts in this topic: 8 posts
  • Users browsing this forum: No registered users and 161 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.