Re: [PHP-DB] Password Question

Fri, 31 Aug 2001 08:24:47 -0700 

Have a registration screen that inserts their names, email etc *and* their choice of 
username + 
password:

$sql = "INSERT INTO <table> (username,realname,password,email) VALUES 
('$username',$realname',password('$password'),'$email')";
$result = mysql_query($sql,$connect);

//and do a check if the username chosen exists already:

$chksql = "SELECT username FROM <table> WHERE username='$username'";
$chkresult = mysql_query($chksql,$connect);
$check = mysql_num_rows($chkresult);
if ($check == 0)
        echo "this username already exists, select another.";
        }
else {
        echo "continue!";
}

if they have fogotton their password after registering, then have a link that sets a 
variable, and 
check or this variable at the top of the page:

<a href=\"$PHP_SELF?id=lostpassword\">go here to retrieve lost password</a>

if '$id' is set then have the user input their password and email address (the one 
they registered 
with) and query the database for a username on the basis of the inputted info, and 
email it using 
mail() to that email address!

Use the same method for a lost username, they can then input their password and email 
and the 
system will mail them the lost details!

Good luck!
Russ

On Fri, 31 Aug 2001 10:38:53 -0500 Jeff Oien <[EMAIL PROTECTED]> wrote:

> I would like users to be able to request to have their password
> sent to their email address if they forget it. I would also like it
> encrypted in the database though. How is this best handled?
> 
> The security isn't real important. But I let users choose their
> own password and if they use a password they use for other
> things I think it would be best for it to be encrypted.
> Jeff Oien
> 
> -- 
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
> 

#-------------------------------------------------------#
                                
  "Believe nothing - consider everything"       
  
  Russ Michell
  Anglia Polytechnic University Webteam
  Room 1C 'The Eastings' East Road, Cambridge
  
  e: [EMAIL PROTECTED]
  w: www.apu.ac.uk/webteam
  t: +44 (0)1223 363271 x 2331

  www.theruss.com
                        
#-------------------------------------------------------#


-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to