MD5 Function Help

SP8600

Hi, i have a database which contains passwords which have been encrypted using the MD5 function. The problem is i want to have a forgot password area that sends the password to the email address in the database but when it does send it is still encrypted, how can i unencrypt it for sending.

This is the code:

<?php
if ($_GET['forgot_action']=="submit"){

$uname = mysql_escape_string($_POST['uname']);
$email = mysql_escape_string($_POST['email']);

$forgot_info = "SELECT * FROM clients WHERE username = '$uname' OR email = '$email'";

$forgot_info_result = mysql_query($forgot_info);
$forgot_info_number = mysql_num_rows($forgot_info_result);
$forgot_info_row = mysql_fetch_assoc($forgot_info_result);

$password = $forgot_info_row['password'];
$send_email = $forgot_info_row['email'];
$username = $forgot_info_row['username'];


  if ($forgot_info_result){
  mail("$send_email","Requested Information","This is an automatic response for the information you requested.  The information is listed below.

Username: $username
Password: $password");?>
   <span class="maintext">Your information has been sent to <?php echo $forgot_info_row['email']; ?>.</span>
<?php 
}
}
?>

Also if the username or email address does not exist in the database how do i create an error page as it does not seam to work the way i was trying.

Thanks, Darren

bastien

you can;t decrypt it...one solution might be to create a new password and email that to the user instead and have them change it upon login with the first access to the site

as for the 'data not found' error page it would be similar the page you showed, just and an else to the statement

if ($found_user_data){
//change pass word
//email password

}else{
echo 'data not found. please re-register if you can't remember any log in info!";
echo "Click <a hred='/register.php'>here</a>";

}

hth

SP8600

Ok i am now going to email a new password, but still i cant use an ELSE statement to show an error box. In internet explorer if the details entered are not in the database it comes up with a very strange dialog box saying "Unknown has generated errors and will be closed by windows. You will need to restart the program". How can i solve this. Again the code i am useig is below:

<?php
if ($_GET['forgot_action']=="submit"){
$uname = mysql_escape_string($_POST['uname']);
$email = mysql_escape_string($_POST['email']);
$newpass = rand();
$newpassmd5 = md5($newpass);

$forgot_sql = "UPDATE clients SET password='$newpassmd5' WHERE username='$uname' OR email='email'";

  $forgot_result = mysql_select_db("$db_name"); 
  mysql_query("$forgot_sql");
  if ($forgot_result){

$forgot_info = "SELECT username,email FROM clients WHERE username = '$uname' OR email = '$email'";

$forgot_info_result = mysql_query($forgot_info);
$forgot_info_number = mysql_num_rows($forgot_info_result);
$forgot_info_row = mysql_fetch_assoc($forgot_info_result);

$send_email = $forgot_info_row['email'];
$username = $forgot_info_row['username'];


  if ($forgot_info_result){
  mail("$send_email","Requested Information","This is an automatic response for the information you requested.

Username: $username
Password: $newpass");?>
   <span class="maintext">A new password has been sent to <?php echo $forgot_info_row['email']; ?>.</span>

<?php   

}
else{
    echo ("Incorrect details.");
}
}

}
?>

planetsim

Well what i would do it make in the registration. A question for the user. Once that have another for the answer.

Then if someone has forgotten there password they simply type in the username. It then looks for it. and outputs the question. Now id suggest the answer be encrypted as well.

Once they do the answer encrypt it check it with the usernames answer which is encrypted. If it is right then the password will be updated to a random one made by PHP which updates it. Then send an email.

SP8600

Good idea, but i just need to get that ELSE thing fixed for now. Coz it just comes up with that dialog box with the error in it if the username or email address does not exist in the database and not the ELSE statement