IF User Forget His Password ? and Activation Email

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
saqib389
Forum Commoner
Posts: 44
Joined: Wed Nov 30, 2005 2:13 am

IF User Forget His Password ? and Activation Email

Post by saqib389 »

how can user retreive his password if he forget his password ?
any idea or any code you refer.... or tutorials ?


and next question is......
when user registered then one mail send to his email address which he provide during registration... .
and activation link sent to him and when he click on actigviate link then his registration should activate...

please help me...!
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

Both questions have been asked many times before.

As for sending a user their password... don't it's bad and very insecure for two reasons:

a) You're sending someone's password by email (insecure) and they may use that same password for all sorts
b) You'd have to be storing plain text, unhashed password to do this

Simply have a "Secret Question" type of setup, along with perhaps questions such as Date of Birth or Place Of Birth... if those are answered correctly then you allow the user to simply reset their password overwriting the original one.

As for the activiation email.... it's pretty simply.

1. User registers --> details stored in database and email is sent
2. Records for user contain a flag that indicates the email hasn't been read and hence the account is inactive
3. URL in email contains the username (or userid) along with a random hash which you alos stored in the DB at initial registration
4. User clicks link
5. Radom hash is checked to ensure it matches the one created at registration and if it matches, the flag that says the user account isn't active is removed.
saqib389
Forum Commoner
Posts: 44
Joined: Wed Nov 30, 2005 2:13 am

Post by saqib389 »

actually i m new
so its better for me ... if u refer me any code or tutorial ?
Jim_Bo
Forum Contributor
Posts: 390
Joined: Sat Oct 02, 2004 3:04 pm

Post by Jim_Bo »

Post Reply