Page 1 of 1

forgot password help

Posted: Tue Feb 08, 2005 11:06 pm
by Smackie
Alright i need help i made a login script and all and im having trouble on getting a forgot password script can someone help me on that part?

and also i need some help on sending ip to the mysql and receiveing the ip on my Admin page* i want to see all my users ip from my admin page i hope somone can help me with both thank you...


Smackie

~Fear the one they call Smackie for thy self will pass on to the next life if thy try to kill thy Smackie Death 10:1~

Posted: Tue Feb 08, 2005 11:12 pm
by feyd
create a "new_password" field in your users' table. Find an random password generator and email the new password to the user's email address. Update their record with this generated password. In the email, provide them a link to deny the new password request so that the field is nulled again.

research database sessions to show you a who's online list with ip information.

Posted: Tue Feb 08, 2005 11:19 pm
by Smackie
I mean i want a simple password retreaver (how ever you spell it) like one that ask for a email that the user uses and send them and email that has the user name and password and the ip where it came from..

Smackie

~Fear the one they call Smackie for thy self will pass on to the next life if thy try to kill thy Smackie Death 10:1~

Posted: Tue Feb 08, 2005 11:21 pm
by feyd
how are your passwords stored?

Posted: Tue Feb 08, 2005 11:23 pm
by Smackie
They are stored in mysql


Smackie

~Fear the one they call Smackie for thy self will pass on to the next life if thy try to kill thy Smackie Death 10:1~

Posted: Tue Feb 08, 2005 11:24 pm
by feyd
how not where.

Posted: Tue Feb 08, 2005 11:28 pm
by Smackie
um you got me on that im rarely am a newbie at some of this lol i just had a friend show me the basics of working with php before he past away last year so i finally learned alot and made most of my login all i need is the forgot password codes and the users ip on my admin page and well thats my hard spot on this stuff... so i really dont really know what you mean on the how is my passwords are stored...


Smackie

~Fear the one they call Smackie for thy self will pass on to the next life if thy try to kill thy Smackie Death 10:1~

Posted: Tue Feb 08, 2005 11:29 pm
by feyd
are they run through MD5 or SHA1 or PASSWORD or what? what's the insert query for adding a new user?

Posted: Tue Feb 08, 2005 11:34 pm
by Smackie
here is a code from the signup page

Code: Select all

//  Setup query
	$q = "INSERT INTO `dbUsers` (`username`,`password`,`email`) "
		."VALUES ('".$_POSTї"username"]."', "
		."PASSWORD('".$_POSTї"password"]."'), "
		."'".$_POSTї"email"]."')";
	//  Run query
	$r = mysql_query($q);
	
	// Make sure query inserted user successfully
	if ( !mysql_insert_id() )
Smackie

~Fear the one they call Smackie for thy self will pass on to the next life if thy try to kill thy Smackie Death 10:1~



Posted: Tue Feb 08, 2005 11:47 pm
by feyd
I don't believe password() is reversable.. or at the least, MySQL doesn't provide functionality as such. In fact, MySQL documentation specifically says to not use the password function for your own uses, as I've noted recently in another thread. You should either use a decryptable value, or implement the new password field I talked about originally.

Posted: Tue Feb 08, 2005 11:50 pm
by Smackie
Alright and could you help me with the IP part now? i asked about it a while back on a different posting on this form and you posted back on it.. and well i was wondering if you could help me set up a few codes and help me with the mysql part and get that work and ill figure out a way to do the password part on my own or try and find me a PHP worker that will help me rescript that part.....


Smackie

~Fear the one they call Smackie for thy self will pass on to the next life if thy try to kill thy Smackie Death 10:1~

Posted: Tue Feb 08, 2005 11:53 pm
by feyd
I mentioned what to use.