Menu
Forums
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Trending
What's new
New posts
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Upgrades
Log in
Register
What's new
Search
Search
Search titles only
By:
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Menu
Log in
Register
Navigation
Install the app
Install
More options
Contact us
Close Menu
Forums
Server Development
Habbo Retros
Habbo Q&A
RevCMS help
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="FirefighterKyle" data-source="post: 259409" data-attributes="member: 22469"><p>Okay I am trying to make a forgot password thing so if one of my lovley users forgets their passwords they can recover it, since it is all hashed I really can't just give be like umm here have the hashed version of it haha. I tired to make a forgot password php but I am getting some errors, it changes the password in the db but when I enter the pass what I receive it just says incorrect password. There is already a thing to set up a forgot password but I really don't know how to set it up around this </p><p>[PHP]/*-------------------------------Loggin forgotten-------------------------------------*/ </p><p> </p><p> final public function forgotten()</p><p> {</p><p> global $template, $_CONFIG, $core;</p><p> </p><p> if(isset($_POST['forgot']))</p><p> {</p><p> </p><p> $template->form->setData();</p><p> unset($template->form->error);</p><p> </p><p> if($this->nameTaken($template->form->for_username))</p><p> {</p><p> if(strlen($template->form->for_password) > 6)</p><p> {</p><p> if($this->getInfo($this->getID($template->form->for_username), 'seckey') == $core->hashed($template->form->for_key))</p><p> {</p><p> $this->updateUser($this->getID($template->form->for_username), 'password', $core->hashed($template->form->for_password));</p><p> $template->form->error = 'Account recovered! Go <b><a href="index">here</a></b> to login!';</p><p> return;</p><p> }</p><p> else</p><p> {</p><p> $template->form->error = 'Secret key is incorrect';</p><p> return;</p><p> }</p><p> }</p><p> else</p><p> {</p><p> $template->form->error = 'Password must have more than 6 characters.';</p><p> return;</p><p> }</p><p> }</p><p> else</p><p> {</p><p> $template->form->error = 'Username does not exist';</p><p> return;</p><p> }</p><p> }</p><p> }[/PHP]</p><p>So I made my own type of thing which used instead of hashed it used md5 which obviously didn't work.</p><p>[PHP]<?php</p><p>error_reporting (E_ALL ^ E_NOTICE);</p><p>session_start();</p><p>$userid = $_SESSION['id'];</p><p>$username = $_SESSION['user'];</p><p>?></p><p><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"></p><p><html xmlns="http://www.w3.org/1999/xhtml"></p><p><head></p><p> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /></p><p> <title>{hotelname}-Forgot Password</title></p><p></head></p><p><body></p><p> <?php</p><p> If (!$username && !$userid){</p><p> // get the user data</p><p> if ($_POST['forgot']){</p><p> </p><p> $user = $_POST['user'];</p><p> $email = $_POST['email'];</p><p> </p><p> // make sure info provided</p><p> if ($user){</p><p> if ($email){</p><p> if ( (strlen($email) > 7) && (strstr($email, "@")) && (strstr($email, ".")) ){</p><p> // connect</p><p> global $_CONFIG;</p><p> </p><p> $query = mysql_query("SELECT * FROM users WHERE name='$user'");</p><p> $numrows = mysql_num_rows($query);</p><p> if ($numrows == 1){</p><p> // get info about account</p><p> $row = mysql_fetch_assoc($query); </p><p> $dbemail = $row['email'];</p><p> </p><p> // make sure email is correct</p><p> if ($email == $dbemail){</p><p> // generate password</p><p> $pass = rand();</p><p> $pass = md5($pass);</p><p> $pass = substr($pass, 0, 15);</p><p> $password = md5(md5("kjfiufj".$pass."Fj56fj"));</p><p> </p><p> // update db with new pass</p><p> mysql_query("UPDATE users SET password='$password' WHERE name='$user'");</p><p> // make sure the password was change</p><p> $query = mysql_query("SELECT * FROM users WHERE name='$user' AND password='$password'");</p><p> $numrows = mysql_num_rows($query);</p><p> if ($numrows == 1){</p><p> </p><p> // create email vars</p><p> $webmaster = "support@grimmrp.net";</p><p> $headers = "From: $webmaster";</p><p> $subject = "Your new password";</p><p> $message = "Hello I see that you requested a new password you can fined your password below. If you did not request a new password please contact an Administrator!\n";</p><p> $message .= "Password: $pass\n";</p><p> </p><p> echo $pass."<br />";</p><p> if( mail($email, $subject, $message, $headers) ){</p><p> echo "Your password has been reset, please check your email.";</p><p> }</p><p> else</p><p> echo "An error has occured and your email was not sent containing your new password";</p><p> }</p><p> else</p><p> echo "An error has occured and the password was not reset.";</p><p> }</p><p> else</p><p> echo "You have entered the wrong email address."; </p><p> }</p><p> else</p><p> echo "Username does not exist.";</p><p> </p><p> mysql_close();</p><p> }</p><p> else</p><p> echo "Please enter a valid email address.";</p><p> }</p><p> else</p><p> echo "Please enter your email.";</p><p> }</p><p> else</p><p> echo "Please enter your username.";</p><p> }</p><p> </p><p> echo "<form action='./forgotpass' method='post'></p><p> <table></p><p> <tr></p><p> <td>Username:</td></p><p> <td><input type='text' name='user' /></td></p><p> </tr></p><p> <tr></p><p> <td>Email:</td></p><p> <td><input type='text' name='email' /></td></p><p> </tr></p><p> <tr></p><p> <td></td></p><p> <td><input type='submit' name='forgot' value='Reset Password' /></td></p><p> </tr></p><p> </p><p> </form>";</p><p> }</p><p> else</p><p> echo "Your account is already logged in. If someone has hacked you please contact an Administrator at ";</p><p> </p><p> ?></p><p></body></p><p></html>[/PHP]</p><p>If someone could help me make a page or show me how I could fix my errors in my forgotpass.php that would be great just make the stuff in red and tell me what I should change it too.</p></blockquote><p></p>
[QUOTE="FirefighterKyle, post: 259409, member: 22469"] Okay I am trying to make a forgot password thing so if one of my lovley users forgets their passwords they can recover it, since it is all hashed I really can't just give be like umm here have the hashed version of it haha. I tired to make a forgot password php but I am getting some errors, it changes the password in the db but when I enter the pass what I receive it just says incorrect password. There is already a thing to set up a forgot password but I really don't know how to set it up around this [PHP]/*-------------------------------Loggin forgotten-------------------------------------*/ final public function forgotten() { global $template, $_CONFIG, $core; if(isset($_POST['forgot'])) { $template->form->setData(); unset($template->form->error); if($this->nameTaken($template->form->for_username)) { if(strlen($template->form->for_password) > 6) { if($this->getInfo($this->getID($template->form->for_username), 'seckey') == $core->hashed($template->form->for_key)) { $this->updateUser($this->getID($template->form->for_username), 'password', $core->hashed($template->form->for_password)); $template->form->error = 'Account recovered! Go <b><a href="index">here</a></b> to login!'; return; } else { $template->form->error = 'Secret key is incorrect'; return; } } else { $template->form->error = 'Password must have more than 6 characters.'; return; } } else { $template->form->error = 'Username does not exist'; return; } } }[/PHP] So I made my own type of thing which used instead of hashed it used md5 which obviously didn't work. [PHP]<?php error_reporting (E_ALL ^ E_NOTICE); session_start(); $userid = $_SESSION['id']; $username = $_SESSION['user']; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>{hotelname}-Forgot Password</title> </head> <body> <?php If (!$username && !$userid){ // get the user data if ($_POST['forgot']){ $user = $_POST['user']; $email = $_POST['email']; // make sure info provided if ($user){ if ($email){ if ( (strlen($email) > 7) && (strstr($email, "@")) && (strstr($email, ".")) ){ // connect global $_CONFIG; $query = mysql_query("SELECT * FROM users WHERE name='$user'"); $numrows = mysql_num_rows($query); if ($numrows == 1){ // get info about account $row = mysql_fetch_assoc($query); $dbemail = $row['email']; // make sure email is correct if ($email == $dbemail){ // generate password $pass = rand(); $pass = md5($pass); $pass = substr($pass, 0, 15); $password = md5(md5("kjfiufj".$pass."Fj56fj")); // update db with new pass mysql_query("UPDATE users SET password='$password' WHERE name='$user'"); // make sure the password was change $query = mysql_query("SELECT * FROM users WHERE name='$user' AND password='$password'"); $numrows = mysql_num_rows($query); if ($numrows == 1){ // create email vars $webmaster = "support@grimmrp.net"; $headers = "From: $webmaster"; $subject = "Your new password"; $message = "Hello I see that you requested a new password you can fined your password below. If you did not request a new password please contact an Administrator!\n"; $message .= "Password: $pass\n"; echo $pass."<br />"; if( mail($email, $subject, $message, $headers) ){ echo "Your password has been reset, please check your email."; } else echo "An error has occured and your email was not sent containing your new password"; } else echo "An error has occured and the password was not reset."; } else echo "You have entered the wrong email address."; } else echo "Username does not exist."; mysql_close(); } else echo "Please enter a valid email address."; } else echo "Please enter your email."; } else echo "Please enter your username."; } echo "<form action='./forgotpass' method='post'> <table> <tr> <td>Username:</td> <td><input type='text' name='user' /></td> </tr> <tr> <td>Email:</td> <td><input type='text' name='email' /></td> </tr> <tr> <td></td> <td><input type='submit' name='forgot' value='Reset Password' /></td> </tr> </form>"; } else echo "Your account is already logged in. If someone has hacked you please contact an Administrator at "; ?> </body> </html>[/PHP] If someone could help me make a page or show me how I could fix my errors in my forgotpass.php that would be great just make the stuff in red and tell me what I should change it too. [/QUOTE]
Insert quotes…
Verification
Post reply
Forums
Server Development
Habbo Retros
Habbo Q&A
RevCMS help
Top