how to code the "forgot your password?" in php???
i have a login account where i want to display also the "forgot your password?" but i dont know how to code it in PHP...can u help me?
6  5127 
how to code the "forgot your password?" in php???
i have a login account where i want to display also the "forgot your password?" but i dont know how to code it in PHP...can u help me?
You could take them to a page which asks the user for their email address, then search the database for the address, if email is found in database get the relevant password and email it to the email address.
how to code the "forgot your password?" in php???
i have a login account where i want to display also the "forgot your password?" but i dont know how to code it in PHP...can u help me?
I presume that you already have coded the login script, so it cannot be that hard to code that piece to search for the password and email it.
We, at this site and forum, are a group of IT speciliast and programmers helping other programmers with questions or problems. We do not provide tailor made code solutions.
So the thing left for you: start developing some code for this lost password solution and, when you have problems which you cannot solve, come back here and we will try to help you. But the coding has to be done by you.
Ronald
Marcus, your suggestions is a good one but that doesn't prove the person requesting the password is actually the person trying to log in (identity theft as an example).
What I would suggest is set up another column in your user table and save a secret answer or code. When the account is set up or the password is changed they are assigned a question/answer or a generated code. When "request a password" is clicked, display a secret question or textbox to enter this saved code and answer. Then check if email and the additional secret code matches.
No idea how much security you're looking for but every little bit helps and adding this code shouldn't be too hard. IMO email verification is not enough.
Usually simply requesting the email of the user, or the login even, and then emailing them the password is sufficient security. The user should get the email, if their email address has been changed without their knowledge, their account has already been hacked.
If you don't store their email address... well you should. It can be an invaluable resource at times, and is easily the simplest way to give people forgotten passwords
Another option that some people who like better security might like is instead of "what is my password" a "password reset" where it asks them for login and email, sets their password as some obtuse unique ID, and emails it to them, they can then log in and change it. This prevents someone from somehow hacking into someones account on the backend (or simply sitting at their computer where their password may be remembered) requesting the password, opening their email, and then knowing their common password that they use for 2 dozen sites.
how to code the "forgot your password?" in php???
i have a login account where i want to display also the "forgot your password?" but i dont know how to code it in PHP...can u help me?
You could look at other websites that have the feature.
take a look a phpbb they have the feature.
this site might even have it, I don't know because I have it bookmark for java
nomad
Marcus, your suggestions is a good one but that doesn't prove the person requesting the password is actually the person trying to log in (identity theft as an example).
What I would suggest is set up another column in your user table and save a secret answer or code. When the account is set up or the password is changed they are assigned a question/answer or a generated code. When "request a password" is clicked, display a secret question or textbox to enter this saved code and answer. Then check if email and the additional secret code matches.
No idea how much security you're looking for but every little bit helps and adding this code shouldn't be too hard. IMO email verification is not enough.
Wrong.
Yes, anyone could request the password, but the password would be sent to the owner of that password - not to any randomly given email address.
I'm not stupid ;)
Sign in to post your reply or Sign up for a free account.
Similar topics
by: yurps |
last post by:
Hello, I installed both, 1st mysql 4.1.7 but heard there was a change
with password hashing so now got 4.0.9
Basically when I choose a page with php_info() I can load it fine,
but when I call a...
|
by: mc kim via .NET 247 |
last post by:
What I am trying to is automatic bidding process in Ebay site...
WebClient class can uploads form data easily.
I have collected ebay url & form data to uploads..
Most of process is quite easy...
|
by: |
last post by:
I found similiar issues in MS-KB but nothing that helped
me; got the Windows and Office updates from the MS website
but that hasn't changed the behavior of this problem, and
I don't see anything...
|
by: Chris Barrow |
last post by:
Hi everyone,
Does anyone know if there is a problem populating a
system.web.ui.htmlcontrols.htmlinputtext control when the
control's type is set to "password?" I am attempting to
retreive a...
|
by: whosyodaddy1019 |
last post by:
Does anyone have any code that can do this. From what I understand,
these are flags in the "userAccountControl" properties but unsure how
to get it unchecked. Can anyone help?
Imports System...
|
by: btguser |
last post by:
Visual Basic 6
Access 97
Windows 2000
I created a database programmatically with vb. My application is able to create and open the database with the password I set. However, when I manually...
|
by: FrankieBakerJr |
last post by:
Hello all
I have an ASP.NET 2003 application (running Windows XP) that allows user to change and reset their Active Directory password. I'm using an admin account to query and reset the passwords...
|
by: =?Utf-8?B?QXhlbCBEYWhtZW4=?= |
last post by:
Hi,
we've got a strange problem here:
We've created an ASP.NET 2.0 web application using Membership.ValidateUser()
to manually authenticate users with our website.
The problem is: If the...
|
by: groupie |
last post by:
Hi,
I'd like to know how to implement the "Forgot Password" feature on
many websites which require a login, exactly like this ebay example:...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
| |
