form to access record

dani

Hello.

I'm a complete newbie at PHP. I'm using Dreamweaver and I've been building sort of a learning site. I've created a log in interface and it's working just fine. I'd like to have a 'retrieve password' link. I've set up the page, but I'm stumped. It's probably a silly question, but I'm still struggling with the logic of it all.
I've set up a simple form to enter the email address and a thankyou page with a mail code. I can't figure out what kind of behaviour to use to send the information though. If I use the Insert Record, it works perfectly, but it's inserting a new record which I don't want. If I just use a recordset then I don't know what kind of action I would need so that the information is forwarded to the thankyou page. I just want the email from the form to access the database and link to the thankyou page and mail the information.
Can anyone help? I'd really appreciate it.

Roger_Ramjet

Well now, the first thing I have to say is that you need to think about the users' security. So your send password procedure should ask the user for the username and email address they registered with. You then check both of these against their details in the database and only send the password to that email.

process form input for sql injection attack
look up details in db for username and verify email address against them
use mail() function to send email with password
output message saying 'email sent' or 'wrong email' accordingly

To make things more secure, many sites have an additional check such as 'secret question' in addition to the registration email. Doing this can also allow for users who have changed their email address since registering.