Password trouble with a registration script- please help

need_help_php

Hello. I'm buildin a simple website, that requires a registration. I have a registration form, and it works fine, inserting the neccessary data into the database. However, the password has to be encrypted. (sha1). Here are my issues: 1.After the user is registered, i want them to get an automatic email with their username and password. 2. If the user forgets the password, then what?
I would really apreciate help/links/examples, etc.
Thanks in advance.
By the way, here is the code for my registration page. I've worked very long on it, but since i'm not a pro in php, its not perfect. i would really appreciate any constructive critisism and suggestions on making it better. Here it is:

<?php require_once('Connections/videomail.php'); ?>
<?php
$error = array();
// Validate form input
$MM_flag="MM_insert";
if (isset($_POST[$MM_flag])) {
  // Check name
  if (empty($_POST['first_name']) || empty($_POST['last_name'])) {
    $error['name'] = 'Please enter both first name and last name';
    }
  // set a flag that assumes the password is OK
  $pwdOK = true;
  // trim leading and trailing white space
  $_POST['pwd'] = trim($_POST['pwd']);
  // if less than 6 characters, create alert and set flag to false
  if (strlen($_POST['pwd']) < 6) {
    $error['pwd_length'] = 'Your password must be at least 6 characters';
    $pwdOK = false;
    }
  // if no match create alert, and set flag to false
  if ($_POST['pwd'] != trim($_POST['conf_pwd'])) {
    $error['pwd'] = 'Your passwords don\'t match';
    $pwdOK = false;
    }
  // if password OK, encrypt it
  if ($pwdOK) {
    $_POST['pwd'] = sha1($_POST['pwd']);
    }
  // check for valid email address
  $pattern = '/^[^@]+@[^\s\r\n\'";,@%]+$/';
  if (!preg_match($pattern, trim($_POST['email']))) {
    $error['email'] = 'Please enter a valid email address';
    }  

  // check username
  $_POST['username'] = trim($_POST['username']);
  $loginUsername = $_POST['username'];
  if (strlen($loginUsername) < 6) {
    $error['length'] = 'Please select a username that contains at least 6 characters';
    }
  $LoginRS__query = "SELECT username FROM users WHERE username='" . $loginUsername . "'";
  mysql_select_db($database_videomail, $videomail);
  $LoginRS=mysql_query($LoginRS__query, $videomail) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);

  //if there is a row in the database, the username was found - can not add the requested username
  if($loginFoundUser){
    $error['username'] = "$loginUsername is already in use. Please choose a different username.";
  }
}

function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    

    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if (!$error) {
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "newUser")) {
  $insertSQL = sprintf("INSERT INTO users (username, pwd, first_name, last_name, email) VALUES (%s, %s, %s, %s, %s)",
                       GetSQLValueString($_POST['username'], "text"),
                       GetSQLValueString($_POST['pwd'], "text"),
                       GetSQLValueString($_POST['first_name'], "text"),
                       GetSQLValueString($_POST['last_name'], "text"),
                       GetSQLValueString($_POST['email'], "text"));

  mysql_select_db($database_videomail, $videomail);
  $Result1 = mysql_query($insertSQL, $videomail) or die(mysql_error());
}
}
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>VideoMail</title>
<link href="css/stylesheetdiv.css" rel="stylesheet" type="text/css" />
<style type="text/css">
<!--
#Layer1 {
	position:absolute;
	left:190px;
	top:222px;
	width:141px;
	height:78px;
	z-index:1;
}
-->
</style>
</head>
<body>
<div id="wrapper">

  <div id="content">
    <h1>Registration for VideoMail </h1>
<?php
if ($error) {
  echo '<ul>';
  foreach ($error as $alert) {
    echo "<li class='warning'>$alert</li>\n";
    }
  echo '</ul>';
  }
?>
    <form action="<?php echo $editFormAction; ?>" id="newUser" name="newUser" method="POST">
      <table width="408" cellpadding="4">
        <tr>
          <td width="181"><font color="#FF0000">*</font>First Name:</td>
          <td width="203"><input value="<?php
 if (isset($_POST['first_name'])){
echo $_POST['first_name'];
}
 ?>" name="first_name" type="text" id="first_name" size="30" /></td>
        </tr>
        <tr>
          <td><font color="#FF0000">*</font>Last Name:         </td>
          <td><input value="<?php
 if (isset($_POST['last_name'])){
echo $_POST['last_name'];
}
 ?>" name="last_name" type="text" id="last_name" size="30" /></td>
        </tr>
        <tr>
          <td><font color="#FF0000">*</font>E-mail:</td>
          <td><input value="<?php
 if (isset($_POST['email'])){
echo $_POST['email'];
}
 ?>" name="email" type="text" id="email" size="30" /></td>
        </tr>
        <tr>
          <td><font color="#FF0000">*</font>Username:</td>
          <td><input value="<?php
 if (isset($_POST['username'])){
echo $_POST['username'];
}
 ?>" name="username" type="text" id="username" size="30" maxlength="20" /></td>
        </tr>
        <tr>
          <td><font color="#FF0000">*</font>Password:</td>
          <td><input name="pwd" type="password" id="pwd" size="20" maxlength="8" /></td>
        </tr>
        <tr>
          <td><font color="#FF0000">*</font>Confrim Password:</td>
          <td><input name="conf_pwd" type="password" id="conf_pwd" size="20" maxlength="8" /></td>
        </tr>
        <tr>
          <td><input name="Register" type="submit" id="Register" value="Register" /></td>
          <td>&nbsp;</td>
        </tr>
      </table>
      <input type="hidden" name="MM_insert" value="newUser">
    </form>
  </div>
  <p>&nbsp;</p>
</div>
</body>
</html>

Krik

1.After the user is registered, i want them to get an automatic email with their username and password

Simple you have the original variable that held the password before you did the SHA1 encrpytion in the script that passed the information to the database. It looks to be $_POST['pwd']. Just pass it with the username to a mail() function after it is validated and submited to the database.

2. If the user forgets the password, then what?

Well like everyone else you put an "Forgot Password" link on your site. It simply takes the user to a page with a form where they can enter there e-mail address and when the form submits it just checks if any user has that email address it then generates a new password and emails that to the address they typed in if it matched an email in the database. And of course you should allways allow the user to change there password.