Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Emailing

Status
Not open for further replies.
dugen

dugen

Programmer
Jun 16, 2003
59
0
0
US
I am creating an e-commerce site and am working on the customer profile.

If a customer forgets their password I have an html form that they can enter their email address into. I then have a php form that I would like to check the database for the entered email and if it exists I need to send the customer an email with their password in it.

I have the connection to the database, I just do not know how to send an email that queries the password field in the database.

 
Sort by date Sort by votes
If you can connect to the database, you should be able to retrieve any field, including the password.

A better approach might be to simply reset the password and send the user a one-time password. One advantage is that your customers' passwords don't have to be in plaintext, which is very important in e-commerce.
 
Upvote 0 Downvote
My question is how do I query the database for the password and have it sent to the user? The only input the user will put in is their email address.

Below is the code i have so far. This sends an email to the user, but im not sure about the sql code. How do i include the $result_set in the body of the email?

thanks for any help

<?php
//if {($txt_original_email != "")
$link = mysql_connect($host, $user, $password);
// creating the query string
$query_string = "SELECT password FROM profile WHERE (email = '$txt_original_email')";
// executing the SQL statement
$result_set = mysql_db_query($db_name, $query_string, $link);
$MailTo="$txt_original_email";
mail($MailTo, "$Subject ($vorname $nachname)", $Body ($result_set, "From:

$MailFrom");
}
else
{
mysql_close($link);
header("location:email_process_failed.php");
}
?>
 
Upvote 0 Downvote
One way:

$result = mysql_fetch_assoc($result_set);
$password = $result["password"];

 
Upvote 0 Downvote
I am no pro, but this should work:

Code: 
$myrow = mysql_fetch_array($result_set);	
$password = $myrow["password"];

then include $password in your subject.

Hope it helps.


| Feedback is always appreciated as this will help to further our knowledge as well |
 
Upvote 0 Downvote
I just thought I'd add a note: If you are encrypting the passwords in the database it's one way encryption so you will not be able to tell what the original password was. You should check to see if the passwords are encrypted first before you continue.

The best solution is what lgarner suggested, send a one time password and force the user to reset it when they login.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

JimFL
  • Locked
  • Question
PHP mail command + emailing hotmail issue
Replies
1
Views
15
jpadie
jpadie
TrueJoker
  • Locked
  • Question
emailing form
Replies
3
Views
11
jpadie
jpadie
MrTBC
  • Locked
  • Question
Uploading and Emailing Files - Security Issues
Replies
4
Views
8
MrTBC
MrTBC
maddyyikes
  • Locked
  • Question
Dynamic emailing help
Replies
1
Views
12
sysadmin42
sysadmin42
M2E
  • Locked
  • Question
PHP Emailing
Replies
6
Views
12
jstreich
jstreich

Part and Inventory Search

Sponsor

Back
Top