xxxxxxxxxx
<?php
require_once('connect.php');
require('config.php');
require('PHPMailer/PHPMailerAutoload.php');
if(isset($_POST) & !empty($_POST)){
$email = mysqli_real_escape_string($connection, $_POST['email']);
$sql = "SELECT * FROM `login` WHERE email = '$email'";
$res = mysqli_query($connection, $sql);
$count = mysqli_num_rows($res);
if($count == 1){
$r = mysqli_fetch_assoc($res);
$password = $r['password'];
$to = $r['email'];
$subject = "Your Recovered Password";
$message = "Please use this password to login " . $password;
$headers = "From : admin@phpflow.com";
if(mail($to, $subject, $message, $headers)){
echo "Your Password has been sent to your email id";
}else{
echo "Failed to Recover your password, try again";
}
}else{
echo "Email does not exist in database";
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Forgot Password in PHP & MySQL</title>
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css">
</head>
<body>
<div class="container">
<?php if(isset($smsg)){ ?><div class="alert alert-success" role="alert"> <?php echo $smsg; ?> </div><?php } ?>
<?php if(isset($fmsg)){ ?><div class="alert alert-danger" role="alert"> <?php echo $fmsg; ?> </div><?php } ?>
<form id="register-form" role="form" autocomplete="off" class="form" method="post">
<div class="form-group">
<div class="input-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-envelope color-blue"></i></span>
<input id="email" name="email" placeholder="email address" class="form-control" type="email">
</div>
</div>
<div class="form-group">
<input name="recover-submit" class="btn btn-lg btn-primary btn-block" value="Reset Password" type="submit">
</div>
<input type="hidden" class="hide" name="token" id="token" value="">
</form>
</div>
</body>
</html>
xxxxxxxxxx
<!-- Step 1.reset_pass.html -->
<html>
<body>
<form method="post" action="send_link.php">
<p>Enter Email Address To Send Password Link</p>
<input type="text" name="email">
<input type="submit" name="submit_email">
</form>
</body>
</html>
<!-- Step 2send_link.php -->
<?php
if(isset($_POST['submit_email']) && $_POST['email'])
{
mysql_connect('localhost','root','');
mysql_select_db('sample');
$select=mysql_query("select email,password from user where email='$email'");
if(mysql_num_rows($select)==1)
{
while($row=mysql_fetch_array($select))
{
$email=md5($row['email']);
$pass=md5($row['password']);
}
$link="<a href='www.samplewebsite.com/reset.php?key=".$email."&reset=".$pass."'>Click To Reset password</a>";
require_once('phpmail/PHPMailerAutoload.php');
$mail = new PHPMailer();
$mail->CharSet = "utf-8";
$mail->IsSMTP();
// enable SMTP authentication
$mail->SMTPAuth = true;
// GMAIL username
$mail->Username = "your_email_id@gmail.com";
// GMAIL password
$mail->Password = "your_gmail_password";
$mail->SMTPSecure = "ssl";
// sets GMAIL as the SMTP server
$mail->Host = "smtp.gmail.com";
// set the SMTP port for the GMAIL server
$mail->Port = "465";
$mail->From='your_gmail_id@gmail.com';
$mail->FromName='your_name';
$mail->AddAddress('reciever_email_id', 'reciever_name');
$mail->Subject = 'Reset Password';
$mail->IsHTML(true);
$mail->Body = 'Click On This Link to Reset Password '.$pass.'';
if($mail->Send())
{
echo "Check Your Email and Click on the link sent to your email";
}
else
{
echo "Mail Error - >".$mail->ErrorInfo;
}
}
}
?>
Step 3. reset_pass.php
<?php
if($_GET['key'] && $_GET['reset'])
{
$email=$_GET['key'];
$pass=$_GET['reset'];
mysql_connect('localhost','root','');
mysql_select_db('sample');
$select=mysql_query("select email,password from user where md5(email)='$email' and md5(password)='$pass'");
if(mysql_num_rows($select)==1)
{
?>
<form method="post" action="submit_new.php">
<input type="hidden" name="email" value="<?php echo $email;?>">
<p>Enter New password</p>
<input type="password" name='password'>
<input type="submit" name="submit_password">
</form>
<?php
}
}
?>
Step 4. submit_new.php
<?php
if(isset($_POST['submit_password']) && $_POST['key'] && $_POST['reset'])
{
$email=$_POST['email'];
$pass=$_POST['password'];
mysql_connect('localhost','root','');
mysql_select_db('sample');
$select=mysql_query("update user set password='$pass' where email='$email'");
}
?>