Lost password with MD5
I have one of my websites using a MD5 on the password but it seems that all the submitters are losing their password and details so I need to add a feature to retreave them.
I did a search for lost passwords but didn't turn up with anything I could learn off.
Here is what I have so far.
$sql = mysql_fetch_array(mysql_query("SELECT email, password FROM login WHERE email='$getemail'"));
$recoveremail = $sql["email"];
$recoverpass = $sql["password"];
// MD5 code here
echo "Your details have been emailed to you";
// mailout code here
<form method="post" action="<?=$PHP_SELF?>">
Your email: <input type="text" name="getemail"> | <input type="submit" name="submit" value="submit">
MD5 is one way encryption. So no lost password retrieval.
But you can create a new password for them update their record( after md5ing new password) and send it to them. Later they can come and login and update password.
Meanwhile exit is not a good idea in the middle of html.
Yep, only non coded Passwords can be just sent back to the user. A md5 password would need brute force / trial and error to retrieve it.