Script will not stop!!!

bo0

I've coded a forgot password script, which generates a new password depending on if the user typed in a valid email address, it looks like this:

<?

// Forgot password

if (isset($_POST['request'])) {

@extract($_POST);

$query="SELECT * FROM users WHERE email='$Email' LIMIT 1";
$result=mysql_query($query);
$num=mysql_numrows($result);

$ii=0;
while ($ii < $num) {
$id=mysql_result($result,$ii,"id");

$pw = generate_password(); 
$md5pw = md5($pw);

$query = "UPDATE users SET password='$md5pw' WHERE id='$id' LIMIT 1";
mysql_query($query) or die("Could not insert data because ".mysql_error()); 

	$subject=("TouringNet Password");
	$text=("Your new TouringNet password is $pass\n To login please goto [url]http://touringnet.co.uk/chris\n[/url] If you did not request this password change please ignore this email.");
	$name=("TouringNet");
	mail($Email,$subject,$text,"From: $name <$Email>");

			echo("<script language=\"JavaScript\" type=\"text/JavaScript\">");
			echo("<!--");
			echo("function MM_popupMsg(msg) { //v1.0");
			echo("  alert(msg);");
			echo("}");
			echo("//-->");
			echo("</script>");
			echo("<body onLoad=\"MM_popupMsg('Your new password has been sent to the email you signed upto TouringNet with. Press Ok to return to our homepage.')\">");
			echo("<meta http-equiv=\"refresh\" content=\"0;URL=./?q=news\">");

}
if(mysql_num_rows($result) == 0)
{
			echo "<strong>There is no user registered with that email address, please go back and try again!</strong></span>";
}

} else {

			echo("<table width=\"700\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\" >");
			echo("            <tr>");
			echo("              <td height=\"19\" colspan=\"2\" valign=\"top\" class=\"unnamed1\"><span class=\"style3\">Forgot password form</span></td>");
			echo("            </tr>");
			echo("            <tr>");
			echo("              <td width=\"6\" height=\"4\"></td>");
			echo("              <td width=\"518\"></td>");
			echo("            </tr>");
			echo("            <tr>");
			echo("              <td height=\"57\"></td>");
			echo("              <td valign=\"top\"><span class=\"style7\">");
			echo("To have your password emailed to your registered TouringNet email address please use the following form:<br>");
			echo("<br>");
			echo("<form name=\"forgotpass\" method=\"post\" action=\"\">");
			echo("  <p>");
			echo("    E-Mail address: ");
			echo("    <input name=\"Email\" class=\"forms\" type=\"text\" id=\"Email\">");
			echo("    <input type=\"submit\" class=\"forms\" name=\"request\" value=\"Submit\">");
			echo("  </p>");
			echo("  </form></span></td>");
			echo("            </tr>");
			echo("          </table>");

}

?>

In _functions.php there is the function:

function generate_password()
{
	for($i=0; $i<8; $i++) {
	  if(rand(0,1))
	   $pass[$i] = chr(rand(48,57));
	  else
	   $pass[$i] = chr(rand(65,90));
	}
	shuffle($pass);
	return implode("",$pass);
}

For some reason it doesn't generate a new password and emails me about 1million times and until I manually stop the script it keeps sending them! It's as if it's in a loop! HELP! 😕

Skull

mysql_numrows($result);

change that to mysql_num_rows

and for debugging purposes, comment out the redirection and e-mail send and just echo out what the e-mail would contain. That way if something goes wrong in testing you don't get millions of e-mail and can catch what the error is.

bo0

Originally posted by Skull
mysql_numrows($result); 
change that to mysql_num_rows [/B]

Nope 🙁 No change.

bo0

I've got it! I had a while statement in there :s

So it just kept looping.

Skull

also
$text=("Your new TouringNet password is $pass\n

I don't see where the variable $pass has been set, could be earlier in your code but as far as i'm aware shouldn't you be telling them $pw ?