Forgot password script. Posting of login details by email

If you are developing a member sign up system, you must think of a forgot password facility for your members. Members will use this facility to get their lost or forgot password with login user-id. To verify the details of the member we will ask for the email address. Here the intention is to send the login details to the members email address. We will not display the login details to the screen. Definitely the owner of the email address can only open the mail and read the login details. Here first we will ask the member to enter email address by submitting a form. Then we will check the format of the email address and if correct then we will collect the id and password from the member table. If email address is not there then we will display one error message saying that email address is not there with us, so the visitor can signup as a new member. Here we have used the same member table plus_signup which we have used in our signup tutorial and login tutorial, so this can be used as a single script.

Sending activation key to reset password

You can download the full script with login , signup and forgot password scripts at the end of this tutorial. All steps are explained with PHP comments between the steps. Use the PHP forum to post your bugs,errors etc.
 Forgot Password ?
Enter your email address
 Email    
 Login New Member Sign UP

$email=$_POST['email'];
$email=mysql_real_escape_string($email);
$status = "OK";
$msg="";
//error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR);
// You can supress the error message by un commenting the above line
if (!stristr($email,"@") OR !stristr($email,".")) {
$msg="Your email address is not correct<BR>";
$status= "NOTOK";}


echo "<br><br>";
if($status=="OK"){ // validation passed now we will check the tables
$query="SELECT email,userid,password FROM plus_signup WHERE plus_signup.email = '$email'";
$st=mysql_query($query);
$recs=mysql_num_rows($st);
$row=mysql_fetch_object($st);
$em=$row->email;// email is stored to a variable
if ($recs == 0) { // No records returned, so no email address in our table
// let us show the error message
echo "<center><font face='Verdana' size='2' color=red><b>No Password</b><br>
Sorry Your address is not there in our database . You can signup and login to use our site.
<BR><BR><a href='signup.php'> Sign UP </a> </center>";
exit;}

// formating the mail posting
// headers here
$headers4="admin@sitename.com"; // Change this address within quotes to your address
$headers.="Reply-to: $headers4\n";
$headers .= "From: $headers4\n";
$headers .= "Errors-to: $headers4\n";
//$headers = "Content-Type: text/html; charset=iso-8859-1\n".$headers;// for html mail

// mail funciton will return true if it is successful
if(mail("$em","Your Request for login details","This is in response to your request for login detailst at
site_name \n \nLogin ID: $row->userid \n
Password: $row->password \n\n Thank You \n \n siteadmin","$headers"))
{echo "<center><b>THANK YOU</b> <br>Your password is posted to your emil address .
Please check your mail after some time. </center>";}

else{// there is a system problem in sending mail
echo " <center>There is some system problem in sending login details to your address.
Please contact site-admin. <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center>";}
}

else {// Validation failed so show the error message
echo "<center>$msg
<br><br><input type='button' value='Retry' onClick='history.go(-1)'></center>";}

As you have seen here we can send the lost password to the email address of the member. But if the password is encrypted and stored then we can't retrieve the lost password, so we will generate one activation key and ask the member to use that to reset the forgot password.

Resetting lost password by activation key


This is a basic script only for easy understanding
Read the tutorial on online membership management script with encrypted password system

Number of User Comments : 14


Google+
Sipence

26-07-2012

yah!! this article is really helpful for me.
macky

10-08-2012

Hi ahm is this script running 100%? coz ahm i will be using this script
Nathan

15-08-2012

I used the script above (I am not encrypting at this time). However, when I place my email address in my forgot password form, I receive the message "Your email address is not correct". I checked the database and my email address is there. Help!
smo

16-08-2012

The checking of email address is done by ensuring presence of @ and . in you email address. So it should work. Just try to print once above the checking conditions.
luisa

28-08-2012

is this really working... i need this tutorial for our website thank you.
jaharlal

03-04-2013

Yes!! Really a fantastic script without any fees.
Tank You
Martin Britton

29-04-2013

My database has multiple tables in it. How do I get the script to access the right table? It keeps returning saying email address is not correct even though it is.
mannyloz

30-09-2013

I have tried and tried to make this script work in our website however, it keeps displaying "There is some system problem in sending login details to your address. Please contact site-admin." Please HELP!
smo

04-10-2013

Contact your host asking about sending mail. Or Just check if mail function is working in your site or not.
Ramya

27-11-2013

Every thing works fine except forgot password. Is there any alternative way to give site_url ???
rahiman

23-08-2014

its good
FalconCoder

11-09-2014

if my passwords in database hash(encrypted) what i should i do?
senthil

28-10-2014

hi gud concept
Owen

09-12-2014

Then what is the answer

Post Comment This is for short comments only. Use the forum for more discussions.






OPINION POLL

How you handle Search Engine Optimization ( SEO ) for your website
HTML . MySQL. PHP. JavaScript. ASP. Photoshop. Articles. FORUM Contact us
©2000-2015 plus2net.com All rights reserved worldwide Privacy Policy Disclaimer