Hi there people. I am trying to find out some code, or even a script I would be able to use for our website members if they forget their password, they can just request that it get's sent to their email. The passwords are not stored encripted in the database, so just need to pull that line for the email supplied and email to that address..... Is that hard?
Not hard at all. Mine generates a random link then e-mails it to the user. the user clicks the link and then they can change their password.
or just have them enter their email address and then search for it in the database and then send an email to it containing the password to the email that is stored.
Thats a bit scary... Try including a test question at least. Anyone who knows someones email will enter it there and get their password. Eg: Scammer gets to know userA on the site, asks for their email, send a password recovery. Log into their bank account, take all their money.
exactly why it says to send to the email address that is stored. say i know userA's email address, i enter it, it sends to the email address of userA. no harm done userB can't access it.