Lostpassword secret code need some fast help!

General PHP Help
#1

Hey my name is Byllan i search someone who can done my script? I have start a bit but im not the best one in .php im noob.

That i want with the script is the script check if username and that is true if yes it show up the password under the button. If no there will be a message. Something is wrong here please check it.
apelsinen.com/?p=lostpassword

If you enter apelsinen.com/?p=register
I think you will understand the whole thing with my idea!

lostpassword.php
[php]Forgot Password

<?php if (isset($_POST['submit'])){ $user = $_POST['user']; $mail = $_POST['mail']; $name = $_POST['name']; $code = $_POST['code']; $pass = $_POST['pass']; $sql = "SELECT * FROM users WHERE mail='$mail', name='$name', code='$code', user='$user', pass='$pass'"; if(!mysql_query($sql)) { echo "Något är fel! ".mysql_error(); } else { echo "Ditt nya lösenord är ".$pass."!"; }} ?>
Username:

Mail:

Name:

Secret Code:



[/php]
#2

No, I’m sorry, I do not understand what you want. I’ll echo what I think you want:
I’m trying to write something with which users can get their ( and other peoples ) passwords.

Is that correct?
If so, then first you need to get the $pass out of the SQL query. ( People do not know it, so the query won’t return results )
[php]
$sql = “SELECT * FROM users WHERE mail=’$mail’, name=’$name’, code=’$code’, user=’$user’”;
mysql_query( $sql );
[/php]
Then you need to read the results the database returned to you. ( you may want some error-checking…maybe )
[php]
$record = mysql_fetch_assoc();
$pass = $record[‘pass’];
[/php]
now if you echo $pass in the right place in your document, you’ll get what you want… :slight_smile:

But…
Is this really what you want? It’s kind of an open door to peoples accounts ( I didn’t login, I have no account, I don’t know how ‘private’ information on the site is, but I can imagine it’s annoying when someone hijacks your account.)
I thinks a “Reset your password” mechanism that sends a temporary password by email to the user after which the user can login and reset their password is a lot ‘safer’. 8)

Hope it helped ;D

#3

Sorry i forgot to tell i have already fix it this is the orginal code you mabye understand when you read it :stuck_out_tongue:

[PHP]Forgot Password

<?php if (isset($_POST['submit'])){ $user = $_POST['user']; $email = $_POST['email']; $name = $_POST['name']; $code = $_POST['code']; $sql = mysql_query("SELECT * FROM users WHERE email='$email' AND name='$name' AND code='$code' AND user='$user'"); if(mysql_numrows($sql) == 0){ //kollar så användaren som skrivits in finns echo "
Uppgifterna stämmer inte."; }else{ $new_password = rand(50000, 150000); $crypted_password = sha1($new_password); $query = mysql_query("UPDATE `users` SET `pass`='$crypted_password' WHERE `user`='$user'"); echo mysql_error(); echo "
Du kan nu logga in med ditt nya lösenord ". $new_password ."."; } } ?>
Username:

Mail:

Name:

Secret Code:



[/PHP]
Sponsor our Newsletter | Privacy Policy | Terms of Service