[phplib] forgotten password in auth.inc From: Josh Udall (jaudall <email protected>)
Date: 09/02/00

All -

I'd like a forgotten password function to my login page. I created a field on
the login form with the submit button name = cancel_login and one other text
field (forgot_email) containing the users input email address like so,
(plantbreeding.org login page):

<?php
echo "<form action=\"";
$sess->purl("index.php3");
# pself_url(); BTW, why won't this work here?
echo "\" method=post>";
?>
<table border=0 bgcolor="#eeeeee" align="center" cellspacing=0
cellpadding=4>
 <tr valign=top align=left>
  <td>If you forgot your password, enter you email address:</td>
  <td><input type="text" name="forgot_email" size=32></td></tr>
 </tr>
  <td>&nbsp;</td>
  <td align=right><input type="submit" name="cancel_login" value="Send
Password"></td>
 </tr>
</table>
</form>

Then I modified auth.inc to look like this so that my email functionality goes
right before the cancel login does it's thing to the state in auth.inc - but it
doesn't seem to work. I'm not getting any error messages but I'm not getting
my password either. I put the valid_email_forward function at the top of the
auth.inc file. Any suggestions how to better implement this? Will I have to
change things if I use the Auth_Challenge class extension of auth_sql?

          # Login in progress
          if ($$cl) {
                 # $$cl is set if password is forgotten
            # If $$cl is set, delete all auth info
            # and set state to "Not logged in", so eventually
            # default or automatic authentication may take place
            if (valid_email_forward($forgot_email)) {
                $this->db->query(sprintf("select username, password, perms from
%s
                        where email = '%s'", $this->database_table, $forgot_email));
                while ($this->db->next_record()) {
                $username = $this->db->f("username");
                $password = $this->db->f("password");
                $perms = $this->db->f("perms");
                }
$message = $username . ", here is your forgotten password: " .
$password . " for Plantbreeding.org. Your permission setting is: " . $perms .
".
Thanks for registering. Feedback and comments are welcome";
                print $message;
                mail($forgot_email, "Your Plantbreeding.org info", $message,
                "From: editor <email protected>\nReply-To:
editor <email protected>\nX-Mailer: PHP/" . phpversion());
                }
        $this->unauth();
        $state = 1;

---------------------------------------------------------------------
To unsubscribe, e-mail: phplib-unsubscribe <email protected>
For additional commands, e-mail: phplib-help <email protected>