Trouble with password recovery emal script

Question

dottomm -2 Junior Poster in Training

16 Years Ago

Hello and thanks in advance to anyone that can help. I trying a simple password recovery script that emails the password after a registered user enters their email. For testing purposes I have been able to get the variable to display on the page after submission, but the email that is sent is missing them.
*note that I have a function called getvar that retreives the variables

<?php
include 'common/useful_stuff.php'; //db connection script
  if (!db_connect())
	die();

$errmsg = "";
$teamname =getvar("teamname");
$teampassword=getvar("teampassword")
      
$mailmssg ="Your password is" . $teamname . $teampassword; //<--these are  the //variables I  am trying to get displayed in the sent email.
$email = getvar("email");
$doit = getvar("doit");
if ($doit == "yes"){

	if ( $email == ""){
		$errmsg = "You must enter an email address!";
	}
	else {
		// go see if they are in the db
		$em = mysql_real_escape_string($email);
		$res = mysql_query("select team_ID,teamname,teampassword from teams where teamemail='{$email}'");
		$row = mysql_fetch_assoc($res);
		if (!$row){
			$errmsg = "No account with that email address!";
		}
		else {
			mail("$em", "Lost Password",$mailmssg,"FROM:$em");
			echo"
			<p>Your username and password have been sent to {$em} for {$row['teamname']} The Password is: {$row['teampassword']}.<br> Once you have received your password you may <a href='teamlogin.php'>log in</a>.</p>";
			
			
		}
	}
}
?>
<html>
<head>
<link href="css/style.css" rel="stylesheet" type="text/css">
</head>
<body>
<?php
include 'common/header.php';

echo "
<div id='content'>
<h1>Team Log-In</h1>
<p><font color='red'><b>{$errmsg}&nbsp;</b></font></p>
<p>Please enter the email account your team registered with.</p>
<p>&nbsp;</p>

<p><form action='{$_SERVER['PHP_SELF']}' method='post'>
<input type='hidden' name='doit' value='yes'>
	email<br><input type='text' name='email' value='{$email}'>


<br><input type='submit' value='Retrieve Password'>
</form>
</div>

";

?>

</body>
</html>

to summarize. The email is sent correctly it just doesn't contain the necessary variables.

thanks in advance!

php

5 Contributors
10 Replies
1K Views
2 Days Discussion Span
Latest Post 16 Years Ago Latest Post by dottomm

All 10 Replies

ShawnCplus 456 Code Monkey

16 Years Ago

If it's not containing the necessary variables then your "getvar" function isn't working correctly, which you don't have posted here.

pritaeas 2,194 ¯\_(ツ)_/¯

16 Years Ago

The echo after your mail() displays different variables then those you use in generating the email mesasge body. So are you really sure it works ?

effu 13 Junior Poster in Training

16 Years Ago

Hello and thanks in advance to anyone that can help. I trying a simple password recovery script that emails the password after a registered user enters their email. For testing purposes I have been able to get the variable to display on the page after submission, but the email that is sent is missing them.
*note that I have a function called getvar that retreives the variables

<?php
include 'common/useful_stuff.php'; //db connection script
  if (!db_connect())
	die();

$errmsg = "";
$teamname =getvar("teamname");
$teampassword=getvar("teampassword")
      
$mailmssg ="Your password is" . $teamname . $teampassword; //<--these are  the //variables I  am trying to get displayed in the sent email.
$email = getvar("email");
$doit = getvar("doit");
if ($doit == "yes"){

	if ( $email == ""){
		$errmsg = "You must enter an email address!";
	}
	else {
		// go see if they are in the db
		$em = mysql_real_escape_string($email);
		$res = mysql_query("select team_ID,teamname,teampassword from teams where teamemail='{$email}'");
		$row = mysql_fetch_assoc($res);
		if (!$row){
			$errmsg = "No account with that email address!";
		}
		else {
			mail("$em", "Lost Password",$mailmssg,"FROM:$em");
			echo"
			<p>Your username and password have been sent to {$em} for {$row['teamname']} The Password is: {$row['teampassword']}.<br> Once you have received your password you may <a href='teamlogin.php'>log in</a>.</p>";
			
			
		}
	}
}
?>
<html>
<head>
<link href="css/style.css" rel="stylesheet" type="text/css">
</head>
<body>
<?php
include 'common/header.php';

echo "
<div id='content'>
<h1>Team Log-In</h1>
<p><font color='red'><b>{$errmsg}&nbsp;</b></font></p>
<p>Please enter the email account your team registered with.</p>
<p>&nbsp;</p>

<p><form action='{$_SERVER['PHP_SELF']}' method='post'>
<input type='hidden' name='doit' value='yes'>
	email<br><input type='text' name='email' value='{$email}'>


<br><input type='submit' value='Retrieve Password'>
</form>
</div>

";

?>

</body>
</html>

to summarize. The email is sent correctly it just doesn't contain the necessary variables.

thanks in advance!

It seems you were trying to call the variables from getvar, but you wanted the variables from the database to be echoed in the e-mail. I have moved the $mailmsg just above the mail() function, and replace the old variables with the new ones. Let me know how it goes.

<?php
include 'common/useful_stuff.php'; //db connection script
  if (!db_connect())
	die();

$errmsg = "";
/* these were probably not posted via your form
$teamname =getvar("teamname");
$teampassword=getvar("teampassword")
*/
      
$email = getvar("email");
$doit = getvar("doit");
if ($doit == "yes"){

	if ( $email == ""){
		$errmsg = "You must enter an email address!";
	}
	else {
		// go see if they are in the db
		$em = mysql_real_escape_string($email);
		$res = mysql_query("select team_ID,teamname,teampassword from teams where teamemail='{$email}'");
		$row = mysql_fetch_assoc($res);
		if (!$row){
			$errmsg = "No account with that email address!";
		}
		else {

//the new mail message containing the database teampassword and teamname
$mailmssg ="Your password is $row[teampassword] for $row[teamname]";

			
mail("$em", "Lost Password",$mailmssg,"FROM:$em");
			echo"
			<p>Your username and password have been sent to {$em} for {$row['teamname']} The Password is: {$row['teampassword']}.<br> Once you have received your password you may <a href='teamlogin.php'>log in</a>.</p>";
			
			
		}
	}
}
?>
<html>
<head>
<link href="css/style.css" rel="stylesheet" type="text/css">
</head>
<body>
<?php
include 'common/header.php';

echo "
<div id='content'>
<h1>Team Log-In</h1>
<p><font color='red'><b>{$errmsg}&nbsp;</b></font></p>
<p>Please enter the email account your team registered with.</p>
<p>&nbsp;</p>

<p><form action='{$_SERVER['PHP_SELF']}' method='post'>
<input type='hidden' name='doit' value='yes'>
	email<br><input type='text' name='email' value='{$email}'>


<br><input type='submit' value='Retrieve Password'>
</form>
</div>

";

?>

</body>
</html>

dottomm commented: Super Awesome! +1

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

dottomm -2 Junior Poster in Training · Answer 1 · 2008-04-08T04:39:27+00:00

Thank you for replying, however the getvar script seems to be working as it display's the correct variables in an echo statement on the web page, just not in the email.

Here is the getvar function

function getvar($varname)
{
	if (isset($_REQUEST[$varname])){
		if (get_magic_quotes_gpc()){
			return trim($_REQUEST[$varname]);
		}
		else {
			return trim(addslashes($_REQUEST[$varname]));
		}
	}

	// variable didnt exist
	return "";
}

nav33n 472 Purple hazed! Team Colleague Featured Poster · Answer 2 · 2008-04-08T15:38:38+00:00

$teampassword=getvar("teampassword")

Missing ; at the end. Didn't you get any parse error ? Hmm! And

select team_ID,teamname,teampassword from teams where teamemail='{$email}'

shouldn't that be

select team_ID,teamname,teampassword from teams where teamemail='$email'

And also here,

<input type='text' name='email' value='{$email}'>

Why is value='{$email'} ? When you query the table, it will look for email, for example, {test@test.com} !

pritaeas 2,194 ¯\_(ツ)_/¯ Moderator Featured Poster · Answer 3 · 2008-04-08T17:46:58+00:00

No. '{$email}' is a legitimate way to insert a value into a string. It is meant for use on more complex vars, like {$array["key"]} or {$object->my_field}

nav33n 472 Purple hazed! Team Colleague Featured Poster · Answer 4 · 2008-04-08T17:54:06+00:00

Oh thanks.. But wouldn't it affect the query if we do it like

select team_ID,teamname,teampassword from teams where teamemail='{$email}'

Because, anything between ' ' will be considered as a value.. isn't it ?

dottomm -2 Junior Poster in Training · Answer 5 · 2008-04-08T21:59:54+00:00

The echo after your mail() displays different variables then those you use in generating the email mesasge body. So are you really sure it works ?

Now after some testing last night, that no, I am not sure it is working. (Thank you ShawnCplus).

So I guess my question is how do I retrieve the 'teampassword' and set it as a variable? What am I doing wrong?

pritaeas 2,194 ¯\_(ツ)_/¯ Moderator Featured Poster · Answer 6 · 2008-04-09T19:56:33+00:00

I think you have to move your code which sets the email body, to directly above the mail() function. Check that the variables you use are the same as in the echo, and you're done.

dottomm -2 Junior Poster in Training · Answer 7 · 2008-04-09T22:31:07+00:00

Yes! Yes! Yes! Thank you. This has been a true learning experience.

I really appreciate everybody's help. Thank you.

Trouble with password recovery emal script

Recommended Answers Collapse Answers

All 10 Replies

Recommended Answers