forget password

Hi ;
here is somthing maby help you to get start

<?
$query="select* from users where username=".$username;
If($query>0){
$result="select password,email from users where username=".$username;
foreach ($result as $row){
$email=$row['useremail'];
$password=$row['password'];


$to      = $email;
$subject = 'Your password';
$message = "this your old password ".$password;
$headers = 'From: admin@example.com' . "\r\n" .
    'Reply-To: admin@example.com' . "\r\n" .
    'X-Mailer: PHP/' . phpversion();

mail($to, $subject, $message, $headers);



}
?>
}

There is better methods but this the first thing jumb to my head
also its better to do password update rather than send the old one also it import to store your password in the db with md5 and salt

Here is and example of a script that resets the password and mails new password to the user.

http://www.daveismyname.com/tutorials/php-tutorials/reset-password-script/

I prefer slightly different approach. When user forgets his password he is sent a temporary link to a form where he can create new password. You can find examples by googling a bit (i searched for php forgot password reminder script).

As mentioned by others never keep pw as plaintext. Hashing is a little more secure, salted hashes even more so. Double hash with salts even better again. But that's just a poor man's version of hmac. So, for passwords, you may be better of stoing a keyed hash via the hmac method.

Of course this will be a separate to your reset pw. If you take care to make your passwords secure, you should also make the reset process as secure as possible.