PHPDeveloper: PHP News, Views and Community

Subscribe

@phpdeveloper.org

News Archive

Community News: Latest PECL Releases (03.05.2024)

Community News: Latest PECL Releases (02.27.2024)

Community News: Latest PEAR Releases (02.26.2024)

Community News: Latest PECL Releases (02.20.2024)

Community News: Latest PECL Releases (02.13.2024)

Community News: Latest PEAR Releases (02.12.2024)

Community News: Latest PECL Releases (02.06.2024)

Community News: Latest PECL Releases (01.30.2024)

Community News: Latest PECL Releases (01.23.2024)

Community News: Latest PEAR Releases (01.22.2024)

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PHPEasyStep.com:
Sending forgotten password

byChris Cornutt May 29, 2006 @ 09:43:44

On PHPEasyStep.com, there's a new tutorial talking about adding "send forgotten password" functionality to your member site.

Mark Jackson is one of our member but he forgot his password for login to our website. We'll send him password to his e-mail address.

In this tutorial create 2 file and 1 database - forgot_password.php, send_password_ac.php and the members database.

The rest of the tutorial is all code and SQL statements, including the HTML for the form the users fill out. Basically, it just grabs the password value from the database and sends it along in an email.

Of course, the structure is here for the application, but it's not very secure - sending the password in plain-text like that. Personally, I'd have md5 hashed passwords and reset the password to a new one each time the "request my password" was made. Then, they can come in and reset the paasword when they log in.