I have a webiste and would like to send an email to someone, and myself, when they request their lost password. For some reason, I can't get the mail() function to work, no matter what I do. I unsuccessfully tried to model it after the listserv I created and am at a loss. Please help if you can.

<!DOCTYPE html>

$subject='Rounsworld lost information';
$from='Password retrieval at rounsworld.com';
$headers="From:" . $from;

$result=mysql_query("SELECT login,password FROM demo WHERE Name='$user'") or die(mysql_error());
$mresult=mysql_query("SELECT email FROM maillist WHERE name='$user'") or die(mysql_error());
$message= 'Your login id is ' . $row['login'] . '<br>' . 'Your password is ' . $row['password'];


echo 'Your request has been sent to the email address on file.  If you do not receive an email, please let me know <br>';

4 Years
Discussion Span
Last Post by david.roun.7_1

Before anything else, why do you want to email yourself? Can't you log it somewhere else?

Is this a local site or is it live on a host?

Edited by diafol


I just want a copy of the lost password request so I can ask the person if they really did send it or if someone else did. It's a small live site that only my family goes on. I used to use the security from the host but I'm trying to learn more about doing it myself (starting to look at .ht access).


I think the problem is in the '$mrow['email']' command. When I take that out, it sends the email to me, it's just not selecting the email address from the database.


Not sure if this is exactly the issue but it appears your 3rd and 4th paramaters are backwards. See http://us3.php.net/manual/en/function.mail.php
bool mail ( string $to , string $subject , string $message [, string $additional_headers [, string $additional_parameters ]] )

$message should go before $headers. If you think $mrow['email'] is the problem, try echoing out the value of that right before the mail() function and see what it says.

Also on a security side note, storing passwords in plaintext is generally regarded as bad practice. They should be in a hashed/encrypted form and you should be giving the users a token to reset the password.


It doesn't echo anything and I don't get any error messages, it's just ignoring the email address. I'm learning about encryption and other securities.


I got it. I had an error in the database so the php file didn't find a match. Feel kinda stupid I didn't catch it earlier.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.