1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 3:30 am Apr 28, 2026

Forum Moderators: coopster

Message Too Old, No Replies

mail blunder

         

Gilead

8:00 pm on Nov 17, 2011 (gmt 0)

10+ Year Member



In this case, the user has forgotten their login and or password. This script will email it to them or will email an admin because the email was not found. The update part works fine, but something is not right with the mail part.

newmemberpassword.html
<FORM METHOD="POST" ACTION="newpassword.php">
<P><font color="#0080C0"><strong><font size="2" face="Verdana">Email Address</font></strong><font face="Verdana"><STRONG><font size="2">:</font></STRONG><BR>
</font></font><font color="#0080C0" face="Verdana">
<INPUT TYPE="text" NAME="email" SIZE=25 MAXLENGTH=50></font></p>

<P>
<font color="#0080C0">
<INPUT TYPE="submit" NAME="submit" VALUE="Submit" style="font-family: Verdana"></font></P>
</FORM>


newpassword.php
include ('config.php');
$table_name="users";
$usermail=$_POST['email'];

//build and issue the query
$sql ="SELECT * FROM $table_name WHERE email = '$usermail'";
$result = @mysql_query($sql) or die(mysql_error());

//get the number of rows in the result set
$num = mysql_num_rows($result);

//If match was found, get username and email from database
if ($num != 0)
{
while ($sql = mysql_fetch_object($result))
{
$usermail= $sql -> email;
$uname= $sql -> member_login;
}
echo $usermail;
echo '<br />';
echo $uname;
echo '<br />';
//Update database with new password
$newpass = substr(md5(time()),0,6);
$chng = "UPDATE $table_name SET
member_password = '$newpass'
WHERE email = '$usermail'";

$result2 = @mysql_query($chng) or die(mysql_error());
echo $newpass;
echo '<br />';//these echo just fine, so I know this part is working.
$to = "$usermail";
$subject = "Your Username & Password";
$headers = "From: Customer Service \r\n";
$body = "Your username is $uname.\n";
$body .= "Your password is $newpass.\n";

if(mail($to,$subject,$body,$headers))
{
$msg = "<p>Your username & temporary password has been emailed to you.</p>";
$msg .= "<p>You must change this password immediately after your next login.</p>";
$msg .= "<p></p>";
echo $msg;
}
else
{
echo "Message Not Sent";
}

}
else
{

//If no email was found in the database send a notification to the admin
$to = "admin@mydomain.com";
$subject = "Missing Member Email";
$headers = "From: <www.domain.com>\n";
$body = "A user with the email address of $usermail has requested a username and password reminder.\n";
$body .= "$usermail could not be located in the database.\n";

if(mail($to,$subject,$body,$headers))
{
$msg = "<p>Your email address could not be located</p>";
$msg .="<p>The Website Administrator has been emailed, you should be contacted by them shortly.</p>";
echo $msg;
}
else
{
echo "Message Not Sent";
}


}

The results- it echos the username, password and email
and goes with the first message: Your username & temporary password has been emailed to you.

You must change this password immediately after your next login.

no email comes through.
Thanks!

Matthew1980

11:25 pm on Nov 17, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Hi there Gilead,

Well, all I can say really is that when using the mail function in php there is no guarantee that the email actually gets to the recipient. You will have to check the junk folder in the mail addresses' junk box, as this is where most of them end up.

Also I strongly suggest that you turn on error reporting, as this will catch errors that are in your code. (error_reporting(E_ALL|E_NOTICE))

And as your using the error suppressor operator (@) on your mysql functions, this is a really bad habit that needs nipping now, though, granted, php themselves advocate using this for certain function in the php arsenal - I forget what they are but I have answered questions like this before.

But as you tell us that the success message is displayed, this means that the function has been executed, you may need to check the formatting of the content of email you're sending, strip it back to the bare minimum - even if you put the string directly into the function, this will then get rid of any ambiguity there.

And not meaning to pick too many holes in your hard work, but the html side of things, your attributes/tags need not be in CAPITALS as they get parsed in lowercase too :) and look into the security of your script; check out strip_tags() and mysql_real_escape_string() as database protection, this prevention of attacks is a good thing to invest time in.

Have fun coding,

Cheers,
MRb

penders

11:48 pm on Nov 17, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month 



$headers = "From: Customer Service \r\n";


$headers = "From: <www.domain.com>\n";


The From: header must contain an email address.

Gilead

3:10 pm on Nov 18, 2011 (gmt 0)

10+ Year Member



Thank you! It now works!

rocknbil

5:50 pm on Nov 18, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Just a FYI . . . was going to mention this in your recent posts on email problems . . if you want an elegant mail "from" header that uses the user's/company name, you were really close but the format is like this:

From: "John Doe" <email@example.com>

in code . . .

$headers = "From: \$fname $lname \" <$email>\n";

if you really want it trouble free, accomodate both - with or without a name - so you never have to touch this block again (if you put it in a function) ... 


$name=null; 
if (isset($fname) and ! empty($fname)) { $name .= $fname; } 
if (isset($lname) and ! empty($lname)) {  
 // if no $fname, it will be NULL 
 if ($name) { $name .= ' '; } 
 $name .= $lname;  
}

$from = (isset($name))?'"' .$name . '" <' . $email . '>':$email;

// Build your headers, if no from it will come from "nobody", the default Apache user (I think), then

if ($from) { $headers = "From: $from\n"; }
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 3:30 am Apr 28, 2026