Location: PHPKode > projects > Vehicle Service Tracker > VST/forgotpasswd.php
// forgotpasswd.php
// Form to email the user his login password
// Copyright (c) 2006 Kenneth J. Snyder
// Licensed under the GNU GPL. For full terms see the file LICENSE
// -------------------------------------------------------------------------
// Created: 02Apr2006 Snyder, Kenneth J. hide@address.com 
// Revised: 23Feb2007 Snyder, Kenneth J hide@address.com v2.1.0
//   - Updated because passwords are now encrypted
//     Reset the users password to a random string and mail that to him

 // Get the Version
 // -----------------

   Vehicle Service Tracker :: Forgot Password
 <link rel='stylesheet' type='text/css' href='vst.css'>
   <P CLASS='Header1'>Vehicle Service Tracker - Forgotton Password</P>

function generatePassword ($length = 8)

  // start with a blank password
  $password = "";

  // define possible characters
  $possible = "0123456789abcdfghjkmnpqrstvwxyzABCDEFGHIJKMNPQRSTUVWXYZ@!"; 
  // set up a counter
  $i = 0; 
  // add random characters to $password until $length is reached
  while ($i < $length) { 

    // pick a random character from the possible ones
    $char = substr($possible, mt_rand(0, strlen($possible)-1), 1);
    // we don't want this character if it's already in the password
    if (!strstr($password, $char)) { 
      $password .= $char;


  // done!
  return $password;


 if (isset($FP) && $FP!="") {
   if ($USERNAME=='demo') { 
     header("Location: login.php?rc=40");
      $dbconn = odbc_connect("$dbname","$dbuid","$dbpasswd");
      if (!$dbconn) {
        die("No Connection to database. Please try later");
       } else {
        // Generate a new password and mail it 
        $Select="select email from vst.clients where usrname='$USERNAME'";
        if (odbc_fetch_row($Result)) {
           $Insert="update VST.CLIENTS set PASSWD='$epasswd' where USRNAME='$USERNAME'";
           if ($InsertResult!=0) {

              $subject="Your password for Vehicle Service Tracker at $orgname";

              $message="Your password for $orgname's Vehicle Service Tracker has been reset to ";
              $message.="Your User ID [$USERNAME]\r\n\r\n";
              $message.="You can Login with your new password\r\n";
              $message.="Feel free to change it with the \"Update Profile\" on the main page\r\n\r\n";
              $message.="You are recieving this notification because a request has been";
              $message.=" made for a forgotton password. If the request was not ";
              $message.="initiated by you, please notify $orgname's administrator ";
              $message.="at $adminemail. Rest assured your information has not been ";
              $message.="compromised. The password is only shown in this mail and ";
              $message.="was never displayed during the request.\r\nThank you.\r\n\r\n";
              $message.="As always, you can access the tracker at: $homepage$webpath";
              $headers = "MIME-Version:1.0\r\n";
              $headers .= "Content-type: text/plain; charset=iso-8859-1\r\n";
              $headers .= "From: Vehicle Service Tracker Admin <$adminemail>";

              echo "<br>";
              echo "<center>";
              echo "<b>Your password has been reset and mailed to your email address on file<b>";
              echo "<center>";
            } else {
              echo "<center><font color=#ff0000><b>";
              echo "Something went wrong with DB2 Insert of new passwd";
              echo "</b></font></center><br>";
           } // if insert ok
          } else {
           echo "<center><font color=#ff0000><b>";
           echo "The UserName [$USERNAME] is not on file";
           echo "</b></font></center><br>";
         } // if (odbc_fetch_row($Result)) if there was a user by that anme 
      } // if dbconn
     } else {

    if ($formpresent) {
   <small><center>Enter your UserName and we will email your 
   password to the email address on file</center></small><br>
   <form method=post action=forgotpasswd.php>
   <tr><td><B>UserName</B><td><input name=USERNAME type=text size=30 value=
         <?php if (isset($USERNAME)) echo $USERNAME; ?> ></td></tr>
   <CENTER><B><input type=submit name="FP" value="Email me my password"
   <hr noshade size=5 width=90% >
   if (isset($USERNAME) && $USERNAME!="") {
    } else {
   <a href="<?php echo $LoginURL ?>">
     Back to Login</a> 
   </center><hr noshade size=5 width=90% >
<?php footer($PHP_SELF,$adminemail); ?>
Return current item: Vehicle Service Tracker