gilizama
05-13-2006, 03:01 AM
I have this lost password form. But when I test it, it doesn't send a password at all. I also understand that it resets a password, and then sends it to the user. But I don't want it to reset the password. I just want it to send the current password to the user. Can someone help me out on why it's not showing a password in the email, and if it does reset the password, how can you change it to where it doesn't reset a user's password.
Here's the script: lostpassword.php
<html>
<head>
<title>My Invoice</title>
<link rel="stylesheet" href="inc/style.css" type="text/css">
</head>
<body>
<p><img src="inc/title.gif" width="308" height="82"></p>
<blockquote>
<h1>Lost Password</h1>
<?php
include("inc/config.php");
$connection = mysql_connect($hostname, $user, $pass) or die ("Unable to connect!");
?>
<?php
$action = $HTTP_GET_VARS['action'];
if(!$action)
{
?>
<p> </p>
<form name="form1" method="post" action="<?$PHP_SELF?>?action=yes">
<table width="350" border="0" cellspacing="2" cellpadding="2" align="center">
<tr>
<td><b>Username:</b></td>
<td>
<input type="text" name="username">
</td>
</tr>
<tr>
<td><b>E-mail Address:</b></td>
<td>
<input type="text" name="email">
</td>
<td>
<input type="Submit" name="submit" value="Enter">
</td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
</table>
</form>
<?php
}
else
{
$username = $HTTP_POST_VARS['username'];
$email = $HTTP_POST_VARS['email'];
$query = "SELECT * FROM clients WHERE name = '$username' AND email = '$email'";
$result = mysql_db_query($database, $query, $connection);
if (mysql_num_rows($result) == 1)
{
$npass = $username;
$usql = "update clients set password=PASSWORD('$username') where email='$email' and name='$username'";
$uqry = mysql_query($usql);
$subject = "Lost password for $username";
$extra = "From: host@hostingcompany.com\r\n";
$recipient = "$email";
$message = "Dear Customer,\n\n A new password for your username \"$username\" have been issued. Your new password is: \n$password\n Regards, \n$yourtitle";
mail ($recipient, $subject, $message, $extra);
echo("A new password have been issued and e-mailed to you.");
}
else
{
echo("<font color='red' size='2' face='verdana'>Sorry! but there is no such username and e-mail combination in our member database.");
exit();
}
}
?>
<?
include "inc/nav.inc";
include "inc/footer.inc";
?>
</body>
</html>
<!--
Copyright Notice:
This add-on created by omair@omair-haroon.com.
This script was written by Rob Minto, and is free for you to use.
Any improvements, please email rob@widgetmonkey.com.
Keep software free.
And please leave this copyright notice. Thanks.
-->
Here's the script: lostpassword.php
<html>
<head>
<title>My Invoice</title>
<link rel="stylesheet" href="inc/style.css" type="text/css">
</head>
<body>
<p><img src="inc/title.gif" width="308" height="82"></p>
<blockquote>
<h1>Lost Password</h1>
<?php
include("inc/config.php");
$connection = mysql_connect($hostname, $user, $pass) or die ("Unable to connect!");
?>
<?php
$action = $HTTP_GET_VARS['action'];
if(!$action)
{
?>
<p> </p>
<form name="form1" method="post" action="<?$PHP_SELF?>?action=yes">
<table width="350" border="0" cellspacing="2" cellpadding="2" align="center">
<tr>
<td><b>Username:</b></td>
<td>
<input type="text" name="username">
</td>
</tr>
<tr>
<td><b>E-mail Address:</b></td>
<td>
<input type="text" name="email">
</td>
<td>
<input type="Submit" name="submit" value="Enter">
</td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
</table>
</form>
<?php
}
else
{
$username = $HTTP_POST_VARS['username'];
$email = $HTTP_POST_VARS['email'];
$query = "SELECT * FROM clients WHERE name = '$username' AND email = '$email'";
$result = mysql_db_query($database, $query, $connection);
if (mysql_num_rows($result) == 1)
{
$npass = $username;
$usql = "update clients set password=PASSWORD('$username') where email='$email' and name='$username'";
$uqry = mysql_query($usql);
$subject = "Lost password for $username";
$extra = "From: host@hostingcompany.com\r\n";
$recipient = "$email";
$message = "Dear Customer,\n\n A new password for your username \"$username\" have been issued. Your new password is: \n$password\n Regards, \n$yourtitle";
mail ($recipient, $subject, $message, $extra);
echo("A new password have been issued and e-mailed to you.");
}
else
{
echo("<font color='red' size='2' face='verdana'>Sorry! but there is no such username and e-mail combination in our member database.");
exit();
}
}
?>
<?
include "inc/nav.inc";
include "inc/footer.inc";
?>
</body>
</html>
<!--
Copyright Notice:
This add-on created by omair@omair-haroon.com.
This script was written by Rob Minto, and is free for you to use.
Any improvements, please email rob@widgetmonkey.com.
Keep software free.
And please leave this copyright notice. Thanks.
-->