Thank you Bastien
It works fine, but i do have a problem with login. MySQL does not allowed the user to login.
I did try to use sending email without using the change_password(), but it is sending different password each time:
1. Why is it sending different password for one user? 2. How could I get a user password without changing a user password?
kind regards m
>From: "Bastien Koert" <bastien_k@xxxxxxxxxxx>
>To: mmoses@xxxxxxxxxxx, php-db@xxxxxxxxxxxxx
>Subject: RE: MySQLPHP decrypt(password)
>Date: Fri, 25 Feb 2005 14:04:30 -0500
>
>You can't. Its an MD5 hash, not an encryption...I reset the password to a random one, and email it to the user, also flag the account to force them to change the password upon login...
>
>[code]
>function mail_password()
>{
> global $err_msg;
> //get the variables from the form
> if ((isset($_POST['email']))&&(isset($_POST['lg_name']))){
> $email = $_POST['email'];
> $mid = $_POST['lg_name'];
> $date_cookie = $_COOKIE['last_time'];
> }else{
> $err_msg = "<b>Please enter both your email address and your username. Thank you.</b>";
> show_form();
> die();
> }//end if
>
> //create the sql and run the query
> $sql = "SELECT * FROM users WHERE user_email='$email' and user_name = '$mid'";
>
> $result = connect($sql);
>
> //check the query results
> if (mysql_num_rows($result)!=1){
> $err_msg = "<font color=red>No results found. Please re-enter your username and email address to try again.</font>";
> show_form();
>
> }else{
>
> $row = mysql_fetch_array($result);
> $email2 = $row['cust_email'];
> $pass = $row['cust_pw'];
>
> //call the change password function and pass it the information related to the record to create the temp password
> $new_pass = change_password($mid, $pass);
>
> $sendto = $email2;
> $from = "WebMaster <webmaster@xxxxxxxxxxxxxxxxxxx>";
> $subject = "Forgotten Password";
> $message = "Dear $email2,
>
> Your password is $new_pass.
>
> Regards,
> Webmaster";
> echo $message;
>
> $headers = "MIME-Version: 1.0\n";
> $headers .= "Content-type: text/plain; charset=iso-8859-1\n";
> $headers .= "X-Priority: 3\n";
> $headers .= "X-MSMail-Priority: Normal\n";
> $headers .= "X-Mailer: php\n";
> $headers .= "From: \"".$from."\" <".$from.">\n";
>
> if (!mail($sendto, $subject, $message, $headers)){
> echo "Mail failed to send";
> }else{
> header("location:confirm1.htm");
> }//end if
> }//end if
>}//end function
>
>//---------------------------------------------------------------------------------------
>// change password function
>//---------------------------------------------------------------------------------------
>function change_password($id, $password)
>{
> //generate a random password
> $pass = "";
> $salt = "abchefghjkmnpqrstuvwxyz0123456789";
> srand((double)microtime()*1000000);
> $i = 0;
> while ($i <= 7) {
> $num = rand() % 33;
> $tmp = substr($salt, $num, 1);
> $pass = $pass . $tmp;
> $i++;
> }
> //change the password in the db
> $sql = "update cust_info set cust_pw ='".md5($pass)."', temp_pass = 1 where cust_lg = '$id' and cust_pw = '$password'";
> $result = connect($sql);
> if ($result){
> return $pass;
> }else{
> change_password($id, $password);
> }
>}//end function
>[/code]
>
>
>bastien
>
>
>
> >From: "moses Woldeselassie" <mmoses@xxxxxxxxxxx>
> >To: php-db@xxxxxxxxxxxxx
> >Subject: MySQLPHP decrypt(password)
> >Date: Fri, 25 Feb 2005 10:20:55 +0000
> >
> >hi all
> >
> >I am using password() to crypt a user password online. but how do i decrypt a user password, when user forgot his/her password?
> >
> >
> >kind regards
> >m
> >
> >--
> >PHP Database Mailing List (http://www.php.net/)
> >To unsubscribe, visit: http://www.php.net/unsub.php
> >
>
-- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php