4
Contributors
3
Replies
15
Views
3 Years
Discussion Span
Last Post by diafol
1

Hi ;
here is somthing maby help you to get start

<?
$query="select* from users where username=".$username;
If($query>0){
$result="select password,email from users where username=".$username;
foreach ($result as $row){
$email=$row['useremail'];
$password=$row['password'];


$to      = $email;
$subject = 'Your password';
$message = "this your old password ".$password;
$headers = 'From: admin@example.com' . "\r\n" .
    'Reply-To: admin@example.com' . "\r\n" .
    'X-Mailer: PHP/' . phpversion();

mail($to, $subject, $message, $headers);



}
?>
}

There is better methods but this the first thing jumb to my head
also its better to do password update rather than send the old one also it import to store your password in the db with md5 and salt

1

As mentioned by others never keep pw as plaintext. Hashing is a little more secure, salted hashes even more so. Double hash with salts even better again. But that's just a poor man's version of hmac. So, for passwords, you may be better of stoing a keyed hash via the hmac method.

Of course this will be a separate to your reset pw. If you take care to make your passwords secure, you should also make the reset process as secure as possible.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.