Jump to content

Trouble with Password Recovery Script

starfish888

By starfish888
in PHP Coding Help

 Share

Recommended Posts

starfish888 Newbie

starfish888

Posted
Posted

Hi,

 

I'm very new to PHP.

 

I've been working on this code for password recovery for a week and I'm pretty close, but I'm having problems understanding why I keep getting the:

 

"Can not send password to your email address".  I know for certain that it has found the email in the table, but why is it still having problems sending? There are no other error messages thrown.

 

 

function frm_lostpass()
{
	global $skn,$In,$db,$Film,$Url,$Date,$module,$userinfo;
	if(isset($_GET['check']) and trim($_GET['check'])=='ok')
		{
			$email = $In->get('email',0,'');
			$sql_check ="SELECT Count(m.Email) AS numrows FROM tbl_member AS m\n"
					."WHERE m.Email =  '$email'\n";
			$numrow=$db->sql_get_first($sql_check);		
			if($numrow['numrows']!=1)
				{
					return "<center>Email not found !</center>";
				}
			else
				{

					global $skn,$In,$db,$Film,$Url,$Date,$module,$userinfo;

					// value sent from form
					$email_to=$_POST['email_to'];

					// retrieve password from table where e-mail = $email_to
					$sql ="SELECT m.Password FROM tbl_member AS m\n"
					."WHERE m.Email =  '$email'\n";
					$result=mysql_query($sql);

					// if found this e-mail address, row must be 1 row
					// keep value in variable name "$count"
					$count=mysql_num_rows($result);

					// compare if $count =1 row
					if($count==1){

					$rows=mysql_fetch_array($result);

					// keep password in $your_password
					$your_password=$rows['password'];

				// ---------------- SEND MAIL FORM ----------------

					// send e-mail to ...
					$to=$email_to;

					// Your subject
					$subject="Your password here";

					// From
					$header="example@example.com";

					// Your message
					$messages= "Your password for login to our website \r\n";
					$messages.="Your password is $your_password \r\n";
					$messages.="more message... \r\n";

					// send email
					$sentmail = mail($to,$subject,$messages,$header);

				}

					// else if $count not equal 1
				else {
				return "That email address is not found in our database";
					}

					// if your email succesfully sent
				if($sentmail){
				return "  Your Password Has Been Sent To Your Email Address.";
							}
				else {
				return "  Cannot send password to your e-mail address";
					}



				}	
		}
	else
		{	
			$skn ->set_file( 'lost_pass', 'member/frm_lostpass.html' );	
			return $skn -> output('lost_pass');
		}
}

Link to comment
Share on other sites
jcbones Newbie

jcbones

Posted
Posted

Wow, at the globals batman.  There are lots of functions in your script, that I do not know what they return.  There are also lots of different variables, and while PHP can handle them quite well, the end_user(you) can sometimes run into a problem of "forgetting what the variable is".  So, try to keep you variables to a minimum to avoid this problem.

 

// send e-mail to ...
$to=$email_to;

 

There is no "email_to" variable.  There is an email variable.

 

 

Link to comment
Share on other sites
jcbones Newbie

jcbones

Posted
Posted

I would also suggest getting rid of repetitive coding, it makes it easier to read, and less headache to de-bug.

 

function frm_lostpass($email)
{
	if(isset($_GET['check']) and trim($_GET['check'])=='ok')	{ //your checks.
			$sql_check ="SELECT m.Password AS numrows FROM tbl_member AS m 
					WHERE m.Email =  '$email'"; //need only 1 database check, if it returns a password, then it is correct for this email.  You should be generating a new password instead of retrieving one, but that is another subject.
			$result = mysql_query($sql_check) or trigger_error('ERROR: ' . mysql_error() . '<br />Run the following string 
																							in your MySQL console: <br />' . $sql_check);		//if the databse errors, you will get a notice on your screen.
			if(mysql_num_rows($result) != 1) //if the rows returned are less or more than 1, then tell them the email isn't found.  You could add checks for more than 1, but you shouldn't have that problem anyway, as you should check that on signup.
				{
					return "<center>Email not found !</center>"; //returns the message and ends the function execution.
				}
			else //else continue with the email.
				{
					$rows = mysql_fetch_assoc($result); //get the result.
					// keep password in $your_password
					$your_password=$rows['Password'];

				// ---------------- SEND MAIL FORM ----------------

					// send e-mail to ...
					$to=$email; //use the email that was sent to the function, it was found in the database, so it should be good.

					// Your subject
					$subject="Your password here";

					// From
					$header="example@example.com";

					// Your message
					$messages= "Your password for login to our website \r\n";
					$messages.="Your password is $your_password \r\n";
					$messages.="more message... \r\n";

					// send email
					if(mail($to,$subject,$messages,$header)) { //if mail was sent to the SMTP server, tell the user it was sent.
						return "  Your Password Has Been Sent To Your Email Address."; //return the string, and end script execution.
					}
					return "  Cannot send password to your e-mail address"; //if the script gets this far, return the string and end execution.

				}
	}
	return '  Form submitted improperly.'; //If the checks are not in place, the form will not be processed.
}

 

Hope this helps in clarification.

Link to comment
Share on other sites
starfish888 Newbie

starfish888

Posted
  • Author
Posted

OK all,

 

thank you all so very much. I was thoroughly confused, so I decided to try a different and simpler way. Although I get a successful send message, I do not receive the message in the test email.  What am I missing? :'(

 

function frm_lostpass()
{
	global $skn,$In,$db,$Film,$Url,$Date,$module,$userinfo;
	if(isset($_GET['check']) and trim($_GET['check'])=='ok')
		{
			$email = $In->get('email',0,'');
			$sql_check ="SELECT Count(m.Email) AS numrows FROM tbl_member AS m\n"
					."WHERE m.Email =  '$email'\n";
			$numrow=$db->sql_get_first($sql_check);		
			if($numrow['numrows']!=1)
				{
					return "<center>Email not found !</center>";
				}
			else
				{


					global $skn,$In,$db,$Film,$Url,$Date,$module,$userinfo;

					$username = $_POST['username'];
					$sql="SELECT * FROM tbl_member AS m\n"
					."WHERE m.Email =  '$email'\n";
					$query = mysql_query($sql);

					if(!$query)
						{
						die(mysql_error());
						}
    
					if(mysql_num_rows($query) != 0)
					{
						$row=mysql_fetch_array($query);
						$password=$row["password"];
						$email=$row["email"];
						$subject="your password";
						$header="From: example@example.com";
						$content="your password is " .$password;
						mail($email, $subject, $content, $header);
					return "   An email containing the password has been sent to you";
				}
			else
				{
					return "   no such login in the system. please try again.";
				} 
				}	
		}
	else
		{	
			$skn ->set_file( 'lost_pass', 'member/frm_lostpass.html' );	
			return $skn -> output('lost_pass');
		}
}

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.