Page 1 of 1

Forgot password help

Posted: Tue Apr 26, 2005 2:22 pm
by Smackie
I made a forgot password script in this code its suppose to send out the username and password if the username and email address is matched up well it matches them up but when it sends i get an error and when it goes to there inbox it say from Nobody and subject is Password and user in the email it shows....

username:
password:

but there isnt anything in there

here is the error
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/haunted/public_html/The_Bored_Game/forgotpassword.php on line 14
line 14
$query = mysql_query($sql);

how can i make it where the it comes from my email address and in the email it would be like

Here is your username and password if you didnt request it dont worry your username and password only goes to your email box..

username: username
password: password


you requested the email from http://blah.com
here is the script...

Code: Select all

<?php
if($go == "1")
{
mysql_connect("localhost","haunted_smackie","*******");
mysql_select_db(haunted_BoringGame);

$sql = @mysql_query("SELECT * FROM dbUsers WHERE username='$name' && email='$email' ");
if(!$sql)
{
echo "The user name and email do not match.";
exit;
}
$query = mysql_query($sql);
$fPass = mysql_fetch_array($query);

mail($email, "Your Password", "User Name: ". $fPass[username] ."\nPassword: ". $fPass[password]);
echo "Your Password has been sent to ". $email .".";
}
?>
<form action="<?= $PHP_SELF ?>" method="post">
Name: <input type="text" name="name" size="24" border="0"><br>
E-mail: <input type="text" name="email" size="24" border="0"><br>
<input type="hidden" name="go" value="1" border="0"><input type="submit" name="submitButtonName" border="0">
</form>

Posted: Tue Apr 26, 2005 4:27 pm
by thegreatone2176
in your mysql_select_db you sho uld have quotes around haunted_BoringGame and also after $sql put or die(mysql_error());

also i dont see the point of your $query because its already queired in $sql,i think that may error also and if you want your emails to be accepted by yahoo and such you should check the php.net mail script with the proper headers

Posted: Wed Apr 27, 2005 1:11 am
by n00b Saibot
Smackie wrote:its suppose to send out the username and password if the username and email address is matched up.
Well, from security's point of view, you aren't supposed to send out the passwords through plain emails... since they may have used it somewhere else also. select any randomly-generated string for password and mail them that so that they can change their passwords after logging in with that one.