Hi Guys,
Im trying to adapt a forgot password script I found in a tutorial. I have changed the variables to suite the fields on my html page and in mysql database. To me everything looks correct and I cannot figure out why this isn’t working. I know its not very secure and after I have the basic code working I plan to implement and md5 code to send out a randomly generated number and update the password to this in the database.
<?php //already connected to database // value sent from form $email_to=$_POST['email']; // retrieve password from table where e-mail = $email_to([email protected]) $sql="SELECT pass FROM login WHERE email='$email_to'"; $result=mysql_query($sql); // if found this e-mail address, row must be 1 row // keep value in variable name "$count" $count=mysql_num_rows($result); // compare if $count =1 row if($count==1){ $rows=mysql_fetch_array($result); // keep password in $your_password $your_password=$rows['pass']; // ---------------- SEND MAIL FORM ---------------- // send e-mail to ... $to=$email_to; // Your subject $subject="Your password here"; // From $header="from: BanterDonkey "; // Your message $messages= "Your password for login to our website \r\n"; $messages.="Your password is $your_password \r\n"; $messages.="more message... \r\n"; // send email $sentmail = mail($to,$subject,$messages,$header); } // else if $count not equal 1 else { echo "Not found your email in our database"; } // if your email succesfully sent if($sentmail){ echo "Your Password Has Been Sent To Your Email Address."; } else { echo "Cannot send password to your e-mail address"; } mysql_close($con); ?>Any suggestions would be greatly appreciated.
Sam