php - SQL result not being sent in email -
i have forgot password php page sends user password if email in database. code working password in sent email blank. think it's cause haven't converted string cant find how so. have salted passwords in database, affecting anything?
the salt:
<?php $salt1 = "qm&h*"; $salt2 = "pg!@"; $token = hash('ripemd128', "$salt1$pass$salt2"); ?>
the forgot password php page:
<?php $error = $email = ""; if (isset($_post['email'])) { $email = sanitizestring($_post['email']); if ($email == "") $error = "not fields entered<br>"; else if (!filter_var($email, filter_validate_email)) $error='email invalid'; else { $resulte = querymysql("select email users email='$email'"); $result_pass = querymysql("select * users email='$email'"); $row = $result_pass->fetch_array(mysqli_assoc); $user_pass = $row['[pass]']; if ($resulte->num_rows == 0) { $error = "<span class='error'>email error</span><br><br>"; }else { $mail_to = $email; $subject = 'this registered password '; $body_message = 'password: '."\n\n".$user_pass; //convert string $mail_status = mail($mail_to, $subject, $body_message); if(isset($_session['url'])) $url = $_session['url']; else $url = "../../index.php"; header("location:$url"); } } } ?>
i have replaced error code
$user_pass = $row['pass'];
Comments
Post a Comment