Re: Sometime the code works and sometimes doesn't

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I would also suggest that you hash the passwords at least (better even with
a salt value) and then reset the password to something random before sending
it to the user. Email can be sniffed relatively easily and this would expose
a possible carefully chosen password by the user and then they have to think
of something new which they probably forget (although, they probably forgot
the password in the first case :-).

Maybe there is a possibility that you have 2 or more user records with the
same email address? because then the result count would not be 1.

Cheers,
Tim

Tim-Hinnerk Heuer

http://www.ihostnz.com


On Sat, Jan 17, 2009 at 5:21 AM, Chris Carter <chandan9sharma@xxxxxxxxx>wrote:

>
> Hi,
>
> Here is a code for PHP password sending. There is some strange thing
> happening. This code DOES WORK but not always. So I might be able to get
> the
> password in my mailbox once but not always. What could be wrong.
>
> <?
>   // database information
>   $host = 'xxx';
>   $user = 'xxx';
>   $password = 'xxx';
>   $dbName = 'xxx';
>
>   // connect and select the database
>                $conn = mysql_connect($host, $user, $password) or
> die(mysql_error());
>                $db = mysql_select_db($dbName, $conn) or die(mysql_error());
>
> // value sent from form
> $emailAddress=$_POST['emailAddress'];
>
> $sql="SELECT password FROM mytable WHERE emailAddress='$emailAddress'";
> $result=mysql_query($sql);
>
> // keep value in variable name "$count"
> $count=mysql_num_rows($result);
>
> // compare if $count =1 row
> if($count==1){
>
> $rows=mysql_fetch_array($result);
>
> // keep password in $your_password
> $your_password=$rows['password'];
>
> $subject="Your password is retrieved";
>
> $header="from: Great Site<no-reply@xxxxxxxxxxxx>";
>
> $messages= "Hi \n\n Your password for login to our website is
> retrieved.\n\n";
> $messages.="Your password is '$your_password' \n\n";
> $messages.="You can use this password";
>
> // send email
> $sentmail = mail($emailAddress, $subject, $messages, $header);
> }
> // else if $count not equal 1
> else {
> echo "Not found your email in our database";
> }
>
> // if your email succesfully sent
> if($sentmail){
> echo "Your Password Has Been Sent To Your Email Address.";
> }
> else {
> echo "Cannot send password to your e-mail address";
> }
>  ?>
>
> There must be something that I am doing wrong. Otherwise I could have
> always
> gotten the password in my mailbox. Please help.
>
> Thanks in advance,
>
> Chris
> --
> View this message in context:
> http://www.nabble.com/Sometime-the-code-works-and-sometimes-doesn%27t-tp21502951p21502951.html
> Sent from the PHP - General mailing list archive at Nabble.com.
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux