Password Management

The final aspect of the public side of this site is the management of passwords. There are two processes to consider: resetting a forgotten password and changing an existing one.

Resetting a password

It inevitably happens that people forget their login passwords for Web sites, so having a contingency plan for these occasions is important. One option would be to have the user email the administrator when this occurs, but administering a site is difficult enough without this extra hassle. Thus, I will make a script whose purpose is to reset a forgotten password.

Because the passwords stored in the database are encrypted using MySQL’s SHA() function, there’s no way to retrieve an unencrypted version. The alternative is to create ...

Get PHP and MySQL for Dynamic Web Sites: Visual Quickpro Guide, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.