emailing a forgotten password
Posted: Tue Jul 25, 2006 5:09 pm
feyd | Please use
My question is, when I insert the password into the database, I use the following syntax in the SQL INSERT statement:
INSERT into users_table values ( ... password('userPassword'), .... );
Is there a similar function you need to use to "decode" the password when getting it OUT of the database???? if there isn't a function to use, how do you do it????
Thank you,
Rob
feyd | Please use
Code: Select all
,Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
I have a simple script which I would like to use to e-mail someone who forgets their password. The script is logically fine, except for one minor detail: when I email the password, it is the hash stored in the mySQL database, not the password itself.
Here is the codeCode: Select all
// Create the SQL statement
$sqlSearchStmt = "SELECT userName, password, email FROM user_table WHERE firstname = '$_POST[firstname]' AND lastname = '$_POST[lastname]'";
$result = mysql_query($sqlSearchStmt,$conn) or die (mysql_error());
if (mysql_num_rows($result) == 1 ) { // there's a match, send an email to the user
$userEmail = mysql_result( $result, 0, 'email'); // OK
$userName = mysql_result( $result, 0, 'userName'); // OK
$password = mysql_result( $result, 0, 'password' ); // PROBLEM: this comes to the hash of the password, not the password itself.
$subject = "Password for the Forum";
$msg = "Your username is $userName and your password is $password.";
mail( $userEmail, $subject, $msg);INSERT into users_table values ( ... password('userPassword'), .... );
Is there a similar function you need to use to "decode" the password when getting it OUT of the database???? if there isn't a function to use, how do you do it????
Thank you,
Rob
feyd | Please use
Code: Select all
,Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]