Well from what it looks like everything in my coding seems to be working except the part where the reminder e-mail is sent. Can someone maybe tell what I am missing, or doing wrong here?
<?php
$con = mysql_connect("localhost","root","password");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("csops", $con);
?>
<form method="post" action="password_reminder.php">
<h1>E-mail Password Reminder</h1>
<p>
Forgot your password? Just enter your e-mail address, and we'll e-mail
your password to you!
</p>
<p>
E-mail Address:<br />
<input type="text" id="e-mail" name="e-mail" />
</p>
<p>
<input type="submit" class="submit" name="action" value="Send my reminder!" />
</p>
</form>
<?php
$con = mysql_connect("localhost","root","password");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("csops", $con);
if (isset($_POST['e-mail'])) {
$sql = "SELECT password FROM userinfo " .
"WHERE email_address='" . $_POST['e-mail'] . "'";
$result = mysql_query($sql,$con)
or die('Could not look up password; ' . mysql_error());
if (mysql_num_rows($result)) {
$row = mysql_fetch_array($result);
$subject = 'Call Tracker Password Reminder';
$body = "Just a reminder, your password for the " .
"Call Tracker site is: " . $row['password'] .
"\
\
You can use this to log in at http://" .
$_SERVER['HTTP_HOST'] .
dirname($_SERVER['PHP_SELF']) . '/';
mail($_POST['e-mail'],$subject,$body)
or die('Could not send reminder e-mail.');
}
}
redirect('login.php');
break;
?>
Ok I solved my problem. I was an idiot, my php.ini file wasn’t configured to send mail. But now that I have sorted that out. How can I make the password reminder email be a html email so that I can make it look nice?
Note that it’s generally not a very good idea to store passwords in the database plain text, because people tend to use the same password on different websites. So if I know someone that is a user on your website, and I somehow manage to get my hands on your database, and thus their password, I might use that password to log in to other sites they’re members of, inclusing possibly their bank account!
It would be better to store the password as a hash (eg md5 or sha1) and then hash the password they entered when logging in and compare the result to the hashed password in the database. That way you know they entered the correct password without the need to know what their password actually is.
When a user forgets their password you can just generate a new one at random, e-mail that to them, and store the hash of that password in the database.
Well, it seems to process all the cade and returns my error at the end of my code “Could not send reminder e-mail”. So it seems as if everything is running except for the e-mail being generated and sent to the user.
Sorry I need to learn to be a little more specific on these