Sending email for forgotten password

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
kennedysee
Forum Newbie
Posts: 14
Joined: Fri Dec 04, 2009 12:17 am

Sending email for forgotten password

Post by kennedysee »

The program works with sending via email with the real password that exists in database...

Can anyone help me with sending a random password to the email instead of showing the real password out?

Thanks...

forgot_password.php
<table width="380" border="0" cellpadding="3" cellspacing="1" >
<tr>
<td width="33%"><strong>Enter your email : </strong></td>
<td width="67%"><form name="form1" method="post" action="send_password_ac.php">
<input name="email_to" type="text" id="mail_to" size="25">
<input type="submit" name="Submit" value="Submit">
</form>
</td>
</tr>
</table>


send_password_ac.php
<?php

$host="localhost"; // Host name
$username="root"; // Mysql username
//$password=""; // Mysql password
$db_name="registration"; // Database name


//Connect to server and select databse.
mysql_connect("$host", "$username")or die("cannot connect to server");
mysql_select_db("$db_name")or die("cannot select DB");

// value sent from form
$email_to=$_POST['email_to'];

// table name
$tbl_name=user;

// retrieve password from table where e-mail = $email_to(mark@phpeasystep.com)
$sql="SELECT password FROM $tbl_name WHERE email='$email_to'";
$result=mysql_query($sql);

// if found this e-mail address, row must be 1 row
// keep value in variable name "$count"
$count=mysql_num_rows($result);

// compare if $count =1 row
if($count==1){

$rows=mysql_fetch_array($result);

// keep password in $your_password
$your_password=$rows['password'];

// ---------------- SEND MAIL FORM ----------------

// send e-mail to ...
$to=$email_to;

// Your subject
$subject="Your password here";

// From
$header="from: your name <your email>";

// Your message
$messages= "Your password for login to our website \r\n";
$messages.="Your password is $your_password \r\n";
$messages.="more message... \r\n";

// send email
$sentmail = mail($to,$subject,$messages,$header);

}

// else if $count not equal 1
else {
echo "Not found your email in our database";
}

// if your email succesfully sent
if($sentmail){
echo "Your Password Has Been Sent To Your Email Address.";
}
else {
echo "Cannot send password to your e-mail address";
}

?>
manojsemwal1
Forum Contributor
Posts: 217
Joined: Mon Jun 29, 2009 4:13 am
Location: India

Re: Sending email for forgotten password

Post by manojsemwal1 »

Why u use random password..............
kennedysee
Forum Newbie
Posts: 14
Joined: Fri Dec 04, 2009 12:17 am

Re: Sending email for forgotten password

Post by kennedysee »

For security purpose, its not nice to reveal out the password..
User avatar
kaisellgren
DevNet Resident
Posts: 1675
Joined: Sat Jan 07, 2006 5:52 am
Location: Lahti, Finland.

Re: Sending email for forgotten password

Post by kaisellgren »

Many websites generate a random token, send it to the email as a link (like http://www.site.com/reset.php?token=...) and then they are offered a form to reset their password.

This token should time out after certain period, be only usable to a certain account and may be used only once.
penkomitev
Forum Newbie
Posts: 6
Joined: Sat Dec 26, 2009 10:40 am
Location: Plovdiv, Bulgaria

Re: Sending email for forgotten password

Post by penkomitev »

You have a bigger problem than the random password generation. You are storing password as plain text which is very crappy.
You have to use some sort of hashing or encryption to boost security.

I would recommend the following and you choose whichever way to go:

First suggestion:

By the time users sign up, you generate a tokeb and store it in a special column so that it is located in the user data.

As a user requests a password recovery, you send him a link where the token is a parameter. When the user successfully changes their password, it is advisable that you generate a new token.

I do not really fancy the idea of using random passwords, but if you want that, the only difference with the example above is that you have to generate new password, overwrite it to the password field. I suppose you have a password change form, the user could use it to change the temporary password.
Post Reply