Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    New Coder
    Join Date
    Jan 2011
    Posts
    87
    Thanks
    8
    Thanked 0 Times in 0 Posts

    sending email to users for forgotten password

    Hi,

    I am trying to send e-mail for the users for forgotten password. when user enters his user name it searches in the database for the same and fetch the password for the same. then it will e-mail to the user.

    i am doing like this

    login.html

    <form action="sendpsw.php" method="post">
    <h2 align="center">User login</h2>
    <table align="center">
    <tr><td>UserName:</td>
    <td><input type="text" name="username" /></td>
    </tr>
    <tr>
    <td>password::</td>
    <td><input type="password" name="password" /></td>
    </tr>
    <tr>
    <td><a href="sendpsw.php">Forgot password</a></td>
    <td><input type="submit" name="submit" value="Log In" /></td>
    </tr>
    </table>
    </form>


    sendpsw.php
    Code:
    include('connect.php');
    $urname=$_POST['username'];
    
    //echo $uname;
    $sql = "select email from company_user where uname = $urname ";
    
    $result = mysql_query($sql) or die (mysql_error());
    echo $result;
    
    
    
    
    
    $num_row=mysql_num_rows($result);
    
    if($num_row <= 0)
    {
    	echo "Invalid User";
    }
    else
    {
    $pass="select password from $table where email = '".$email."';";
    $n = mysql_num_rows($pass);
    $psw=mysql_fetch_assoc($pass);
    //*/
    //	$to=$email;
    //	$subject="Forgot Password";
    //	$headers="";
    //	$message="YOU R Requsted that U forgot U r password <br>
    //                    Password: <b>".$email["password"]."<b>";
    //	mail($to,$subject,$headers,$message);	
    //	 echo 'Password sent to <b>'.$email.'</b>';			
    }
    ?>
    but it says "Unknown column name .... "

    please tell me where i am doing wrong

  • #2
    Master Coder felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, Australia
    Posts
    6,459
    Thanks
    0
    Thanked 632 Times in 622 Posts
    $_POST['username'] doesn't exist when you call the page that way - unless someone has hacked the page to insert something into it so as to capture all the email addresses in your table.
    Stephen
    Learn Modern JavaScript - http://javascriptexample.net/
    Helping others to solve their computer problem at http://www.felgall.com/

    Don't forget to start your JavaScript code with "use strict"; which makes it easier to find errors in your code.

  • #3
    Banned
    Join Date
    Mar 2013
    Posts
    139
    Thanks
    0
    Thanked 9 Times in 9 Posts
    at the very least, your query syntax wrong

    Code:
    $sql = "select email from company_user where uname = $urname ";
    $urname needs to be in single quotes if it is a string.

  • #4
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,090
    Thanks
    51
    Thanked 506 Times in 493 Posts
    Seriously you shouldn't be storing passwords in your database. You should be storing the HASH of the password.

    When a user looses their password, send them an email with a link to a password reset page where they can supply a new password.

    Never store actual passwords in your database.
    My helpful sig is on vacation trying to loose some weight. It got a bit fat and caused a few problems but it will be back at some point!


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •