mysql - how to decrypt a password and send mail in php -

-

i had encrypted password in register.php

    <?php // set error message blank upon arrival page $errormsg = ""; // first check see if form has been submitted  if (isset($_post['username'])){     //connect database through our include      include_once "connect_to_mysql.php";     // filter posted variables     $username = ereg_replace("[^a-za-z0-9]", "", $_post['username']); // filter numbers , letters     $country = ereg_replace("[^a-z a-z0-9]", "", $_post['country']); // filter spaces, numbers, , letters     $state = ereg_replace("[^a-z a-z0-9]", "", $_post['state']); // filter spaces, numbers, , letters     $city = ereg_replace("[^a-z a-z0-9]", "", $_post['city']); // filter spaces, numbers, , letters     $accounttype = ereg_replace("[^a-z]", "", $_post['accounttype']); // filter lowercase letters     $email = stripslashes($_post['email']);     $email = strip_tags($email);     $email = mysql_real_escape_string($email);     $password = ereg_replace("[^a-za-z0-9]", "", $_post['password']); // filter numbers , letters     // check see if user filled fields     // "required"(*) symbol next them in join form     // , print out them have forgotten put in     if((!$username) || (!$country) || (!$state) || (!$city) || (!$accounttype) || (!$email) || (!$password)){          $errormsg = "you did not submit following required information!<br /><br />";         if(!$username){             $errormsg .= "--- user name";         } else if(!$country){             $errormsg .= "--- country";          } else if(!$state){              $errormsg .= "--- state";         } else if(!$city){             $errormsg .= "--- city";         } else if(!$accounttype){             $errormsg .= "--- account type";         } else if(!$email){             $errormsg .= "--- email address";         } else if(!$password){             $errormsg .= "--- password";         }     } else {     // database duplicate fields check     $sql_username_check = mysql_query("select id members username='$username' limit 1");     $sql_email_check = mysql_query("select id members email='$email' limit 1");     $username_check = mysql_num_rows($sql_username_check);     $email_check = mysql_num_rows($sql_email_check);      if ($username_check > 0){          $errormsg = "<u>error:</u><br />your user name in use inside our system. please try another.";     } else if ($email_check > 0){          $errormsg = "<u>error:</u><br />your email address in use inside our system. please try another.";     } else {         // add md5 hash password variable        $hashedpass = md5($password);          // add user info database table, claim fields values          $sql = mysql_query("insert members (username, country, state, city, accounttype, email, password, signupdate)          values('$username','$country','$state','$city','$accounttype','$email','$hashedpass', now())") or die (mysql_error());         // inserted id here use in activation email         $id = mysql_insert_id();         // create directory(folder) hold each user files(pics, mp3s, etc.)          mkdir("memberfiles/$id", 0755);          // start assembly of email member activation link         $to = "$email";         // change site admin email         $from = "geetha.victor@tryteksolutions.co.in";         $subject = "complete registration";         //begin html email message need change activation url inside         $message = '<html>         <body bgcolor="#ffffff">         hi ' . $username . ',         <br /><br />         must complete step activate account us.         <br /><br />         please click here activate &gt;&gt;         <a href="http://www.trytek.tryteksolutions.co.in/activation.php?id=' . $id . '">         activate now</a>         <br /><br />         login data follows:          <br /><br />         e-mail address: ' . $email . ' <br />         password: ' . $password . '          <br /><br />          thanks!          </body>         </html>';         // end of message         $headers = "from: $from\r\n";         $headers .= "content-type: text/html\r\n";         $to = "$to";         // send activation email member         mail($to, $subject, $message, $headers);         // print message browser joiner          print "<br /><br /><br /><h4>ok $firstname, 1 last step verify email identity:</h4><br />         sent activation link to: $email<br /><br />         <strong><font color=\"#990000\">please check email inbox in moment</font></strong> click on activation <br />         link inside message. after email activation can log in.";         exit(); // exit form , page not display, success message     } // close else after database duplicate field value checks   } // close else after missing vars check } //close if $_post ?> <!doctype html public "-//w3c//dtd xhtml 1.0 transitional//en" "http://www.w3.org/tr/xhtml1/dtd/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1" /> <title>member registration</title> </head> <body> <table width="600" align="center" cellpadding="4">   <tr>     <td width="7%">register member here </td>   </tr> </table> <table width="600" align="center" cellpadding="5">   <form action="join_form.php" method="post" enctype="multipart/form-data">     <tr>       <td colspan="2"><font color="#ff0000"><?php echo "$errormsg"; ?></font></td>     </tr>     <tr>       <td width="163"><div align="right">user name:</div></td>       <td width="409"><input name="username" type="text" value="<?php echo "$username"; ?>" /></td>     </tr>     <tr>       <td><div align="right">country:</div></td>       <td><select name="country">       <option value="<?php echo "$country"; ?>"><?php echo "$country"; ?></option>       <option value="australia">australia</option>       <option value="canada">canada</option>       <option value="mexico">mexico</option>       <option value="united kingdom">united kingdom</option>       <option value="united states">united states</option>       <option value="zimbabwe">zimbabwe</option>       </select></td>     </tr>     <tr>       <td><div align="right">state: </div></td>       <td><input name="state" type="text" value="<?php echo "$state"; ?>" /></td>     </tr>     <tr>       <td><div align="right">city: </div></td>       <td>         <input name="city" type="text" value="<?php echo "$city"; ?>" />       </td>     </tr>     <tr>       <td><div align="right">account type: </div></td>       <td><select name="accounttype">         <option value="<?php echo "$accounttype"; ?>"><?php echo "$accounttype"; ?></option>         <option value="a">normal user</option>         <option value="b">expert user</option>         <option value="c">super user</option>       </select></td>     </tr>     <tr>       <td><div align="right">email: </div></td>       <td><input name="email" type="text" value="<?php echo "$email"; ?>" /></td>     </tr>     <tr>       <td><div align="right"> password: </div></td>       <td><input name="password" type="password" value="<?php echo "$password"; ?>" />        <font size="-2" color="#006600">(letters or numbers only, no spaces no symbols)</font></td>     </tr>     <tr>       <td><div align="right"> captcha: </div></td>       <td>add captcha here security</td>     </tr>         <tr>       <td><div align="right"></div></td>       <td><input type="submit" name="submit" value="submit form" /></td>     </tr>   </form> </table> </body> </html>

this forgot password script in have problem in sending encrypt password in mail. how decrypt password , send decrypted password in mail.

<?php session_start(); include "connect_to_mysql.php"; //connects database if (isset($_post['email'])){     $email = $_post['email'];     $query="select * members email='$email'";     $result   = mysql_query($query);     $count=mysql_num_rows($result);     // if count equal one, send message other wise display error message.     if($count==1)     {         $rows=mysql_fetch_array($result);         $password  =  $rows['password'];//fetching pass         //echo "your pass ::".($pass)."";         $to = $rows['email'];         //echo "your email ::".$email;         //details sending e-mail         $from = "geetha.victor@tryteksolutions.co.in";         $url = "http://abc.co.in/";         $body  =  "tryteksolutions password recovery <br />         ---------------------------------------------------------- <br />         url : $url;<br />         email details : $to;<br />         here password  : $password;<br /> <br />         sincerely, <br />         tryteksolutions";         $from = "abc@tryteksolutions.co.in";         $subject = "tryteksolutions password recovered";         $headers1 = "from: $from\n";         $headers1 .= "content-type: text/html;charset=iso-8859-1\r\n";         $headers1 .= "x-priority: 1\r\n";         $headers1 .= "x-msmail-priority: high\r\n";         $headers1 .= "x-mailer: server\r\n";         $sentmail = mail ( $to, $subject, $body, $headers1 );     } else {     if ($_post ['email'] != "") {     echo "<span style='color: #ff0000;'> not found email in our database</span>";         }     }     //if message sent successfully, display sucess message otherwise display error message.     if($sentmail==1)     {         echo "<span style='color: #ff0000;'> password has been sent email address.</span>";     }         else         {         if($_post['email']!="")         echo "<span style='color: #ff0000;'> cannot send password e-mail address.problem sending mail...</span>";     } } ?>

help me friends how decrypt password , send mail.

don't. should never able convert stored password data actual password. should hashed, not encrypted.

md5 hashing algorithm, weak 1 entirely unsuitable protecting passwords today. need take better care of users' passwords.

if loses password, generate time-limited random reset token , email user.

when enter token (usually following link in email token embedded in it) allow them choose new password.


Comments

Post a Comment

Popular posts from this blog

python - Subclassed QStyledItemDelegate ignores Stylesheet -

-
i'm trying subclass qstyleditemdelegate remove focus rectangle in qcombobox . even though i'm calling base implementation of paint function , nothing else, result different. looks if parts of style-sheet influence bounding box of item taken consideration. class pstyleditemdelegate(qstyleditemdelegate): def __init__(self, *args, **kwds): super(pstyleditemdelegate, self).__init__(*args, **kwds) def paint(self, *args, **kwargs): qstyleditemdelegate.paint(*args, **kwargs) what have paint unmodified qstyleditemdelegate ? as suggested tried replacing pyside pyqt4 , works, appears bug. update pyside 1.1.2 1.2.1 result same. unfortunately switch breaks other parts of code, if there no other suggestions i'm going accept answer. edit bug tracked here
Read more

java - HttpClient 3.1 Connection pooling vs HttpClient 4.3.2 -

-
i have used httpclient3.1(java) connection pooling below : import org.apache.commons.httpclient.httpclient; import org.apache.commons.httpclient.multithreadedhttpconnectionmanager; import org.apache.commons.httpclient.params.httpclientparams; import org.apache.commons.httpclient.params.httpmethodparams; import org.apache.log4j.logger; public class httpclientmanager { private static logger logger = logger.getlogger(httpclientmanager.class); private static multithreadedhttpconnectionmanager connectionmanager = new multithreadedhttpconnectionmanager(); private static httpclientparams clientparams = new httpclientparams(); static { try { clientparams.makelenient(); clientparams.setauthenticationpreemptive(false); clientparams.setparameter(httpmethodparams.so_timeout, new integer(30000)); // set so_timeout clientparams.setparameter(httpmethodparams.head_body_check_timeout, new integer(3000)); // head responses
Read more

SQL: Divide the sum of values in one table with the count of rows in another -

-
is possible to, in single query, sum bunch of values in 1 table, , divide count of rows in another? there common id/key in both tables... fyi, win points least info provided in question. answer it's possible...here psuedo code since i'm guessing @ tables , columns select summing / counting whynot (select id, sum(whatever) summing where_ever ) inner join (select id, count(1) counting what_ever)b on a.id = b.id question = 'vague' group a.id
Read more