RE: MySQLPHP decrypt(password)

"Bastien Koert" <bastien_k@xxxxxxxxxxx> · Fri, 25 Feb 2005 14:04:30 -0500

You can't. Its an MD5 hash, not an encryption...I reset the password to a 
random one, and email it to the user, also flag the account to force them to 
change the password upon login...

[code]

function mail_password()

{

	global $err_msg;

	//get the variables from the form

	if ((isset($_POST['email']))&&(isset($_POST['lg_name']))){

		$email = $_POST['email'];

		$mid	 = $_POST['lg_name'];

		$date_cookie = $_COOKIE['last_time'];

	}else{

		$err_msg = "<b>Please enter both your email address and your username. 
Thank you.</b>";

		show_form();

		die();

	}//end if

	//create the sql and run the query

	$sql = "SELECT * FROM users WHERE user_email='$email' and user_name = 
'$mid'";

	$result = connect($sql);

	//check the query results

	if (mysql_num_rows($result)!=1){

		$err_msg = "<font color=red>No results found. Please re-enter your 
username and email address to try again.</font>";

		show_form();

	}else{

		$row = mysql_fetch_array($result);
		$email2 = $row['cust_email'];
		$pass 	= $row['cust_pw'];

		//call the change password function and pass it the information related to 
the record to create the temp password

		$new_pass = change_password($mid, $pass);

		$sendto 	= $email2;
		$from 		= "WebMaster <webmaster@xxxxxxxxxxxxxxxxxxx>";
		$subject	= "Forgotten Password";
		$message	= "Dear $email2,

		Your password is $new_pass.

		Regards,
		Webmaster";
		echo $message;

		$headers = "MIME-Version: 1.0\n";
		$headers .= "Content-type: text/plain; charset=iso-8859-1\n";
		$headers .= "X-Priority: 3\n";
		$headers .= "X-MSMail-Priority: Normal\n";
		$headers .= "X-Mailer: php\n";
		$headers .= "From: \"".$from."\" <".$from.">\n";

		if (!mail($sendto, $subject, $message, $headers)){
			echo "Mail failed to send";
		}else{
			header("location:confirm1.htm");
		}//end if
	}//end if
}//end function

//---------------------------------------------------------------------------------------

//										change password function

//---------------------------------------------------------------------------------------

function change_password($id, $password)

{

	//generate a random password

	$pass = "";

	$salt = "abchefghjkmnpqrstuvwxyz0123456789";

	srand((double)microtime()*1000000);

			$i = 0;

			while ($i <= 7) {

						$num = rand() % 33;

						$tmp = substr($salt, $num, 1);

						$pass = $pass . $tmp;

						$i++;

			}

	//change the password in the db

	$sql = "update cust_info set cust_pw	='".md5($pass)."', temp_pass = 1 where 
cust_lg = '$id' and cust_pw = '$password'";

	$result = connect($sql);

	if ($result){

		return $pass;

	}else{

		change_password($id, $password);

	}

}//end function

[/code]

bastien

From: "moses Woldeselassie" <mmoses@xxxxxxxxxxx>
To: php-db@xxxxxxxxxxxxx
Subject:  MySQLPHP decrypt(password)
Date: Fri, 25 Feb 2005 10:20:55 +0000

hi all

I am using password() to crypt a user password online. but how do i decrypt 
a user password, when user forgot his/her password?

kind regards
m

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php