Jump to content
xisto Community
Eggie

Password Recovery Script

Recommended Posts

While trying to make password recovery script for "bhupinunder" i run into a problem...
i made this:

<?php$dbh = mysql_connect('localhost','jaskaran_gc','gc') or die ("Cannot Connect: " . mysql_error());mysql_select_db('jaskaran_gc',$dbh);?><form method=post action=restore.php?recover=answer><?php print"Email:</td><td><input type=text name=email></td></tr>";?><P><INPUT TYPE=submit VALUE=Submit!></P></form><?phpif ($recover=answer) print"$email";?>
and it doesn't print anything...but if i put it like this
<?php$dbh = mysql_connect('localhost','jaskaran_gc','gc') or die ("Cannot Connect: " . mysql_error());mysql_select_db('jaskaran_gc',$dbh);?><form method=post action=restore.php?recover=answer><?php print"Email:</td><td><input type=text name=email></td></tr>";?><P><INPUT TYPE=submit VALUE=Validate it!></P></form><?phpif ($recover=answer) print"ssss";?>

it just shows that form and prints

ssss

how do i make it that i type email and click submit that the email is stored in "$email"
if someone help me with that i don't think that i'll have any problems storing it in mysql! ;)
pls respond

Share this post


Link to post
Share on other sites

It's one of the worst things I ever saw in a while, but anyway, I just fixed some things, it might work, I didn't test anything by myself, but I guess it should work, even though I think you're still learning and are just practicing, this is why I just fixed some stuff.

<?php$dbh = mysql_connect('localhost','jaskaran_gc','gc') or die("Cannot Connect: " . mysql_error());mysql_select_db('jaskaran_gc',$dbh);?><form method="post" action="restore.php?recover=answer"><tr><td>Email:</td><td><input type="text" name="email"></td></tr><p><input type="submit" value="Submit!"></p></form><?phpif ($_GET['recover'] == 'answer') echo $_POST['email'];?>

Share this post


Link to post
Share on other sites
<?php$dbh = mysql_connect('localhost','jaskaran_gc','gc') or die("Cannot Connect: " . mysql_error());mysql_select_db('jaskaran_gc',$dbh);?><form method="post" action="restore.php?recover=answer"><tr><td>Email:</td><td><input type="text" name="email"></td></tr><tr><td>pass:</td><td><input type="password" name="pass"></td></tr><p><input type="submit" value="Submit!"></p></form><?phpif ($_GET['recover'] == 'answer') mysql_query("update users set userpass=$_POST['pass'] where email=$_POST['email']") or die(mysql_error());?>

whats wrong now?(i should have asked from the start for someone to solve it now now when no one will answer)

Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/jaskaran/public_html/restore.php on line 11
Edited by Eggie (see edit history)

Share this post


Link to post
Share on other sites

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'email=jurica@mail.com' at line 1

Share this post


Link to post
Share on other sites

solved again ;)))

mysql_query("UPDATE users SET userpass = '".md5($_POST['pass'])."' WHERE email = '".$_POST['email']."'") or die(mysql_error());

pls put [sOLVED] in the topic name(and delete this)

Share this post


Link to post
Share on other sites

well their really isn't any confirmation.. Like what happened after you enter the user and pass.. It just changes the username and pass without verification.. So you could just put anyone's user and pass in..

-reply by nate

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.