How to Get Forgot Password and Reset Password Using PHP OOP Concept and PDO for Database
Today I will explain how to Forgot password and Reset password using PHP and OOP concept and PDO database, in this tutorial i will implement.
Before moving towards the tutorial we need first User Account Activation using email Verification using Php user registration and login script in php, so if you do first that same Gmail verification process on that tutorial also Its is a very important feature on membership website is password and reset system because some users are forget their password very quickly.
This Article demonstrate to build an get forgot password and reset password .This is a continue tutorial and previous tutorial is how to verify email on Gmail account using PHP and PDO for database read before this tutorial
Previous tutorial to Read first:>>send verify mail to gmail account and activate account using php oop concept and pdo for database
and then know we are create two empty PHP file named as
1.forgotpassword.php
2.resetpassword.php
1.forgotpassword.php
As a developer your priority is given to this process of forget password because of users something spend much time to reset the password and forgot it . and they try to recovery .
<?php
session_start();
require_once 'user.php';
$user = new USER();
if($user->is_logged_in()!="")
{
$user->redirect('home.php');
}
if(isset($_POST['submit']))
{
$email = $_POST['email'];
$stmt = $user->query("SELECT userID FROM users WHERE userEmail=:email LIMIT 1");
$stmt->execute(array(":email"=>$email));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if($stmt->rowCount() == 1)
{
$id = base64_encode($row['userID']);
$code = md5(uniqid(rand()));
$stmt = $user->query("UPDATE tbl_users SET mdCode=:code WHERE userEmail=:email");
$stmt->execute(array(":code"=>$code,"email"=>$email));
$message= "
Hello , $email
<br /><br />
Click Following Link To Reset Your Password
<br /><br />
<a href='http://localhost/testsignup1.php/resetpassword.php?userid=$id&mdcode=$code'>
click here to reset your password</a>
<br /><br />
thank you :)
";
$subject = "password reset";
$user->send_mail($email,$message,$subject);
$msg = " We have sent an email to $email.Please click on the password reset link in the email to generate new password.";
}
else
{
$msg = "<strong>Sorry!</strong> this email not found. ";
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Forgot Password</title>
</head>
<body id="login">
<div class="container">
<form method="post">
<h2>Forgot Password</h2><hr />
<?php
if(isset($msg)) {echo $msg;}
else
{
?>
<div>
Please enter your email address. You will receive a link to create a new password via email.!
</div>
<?php
}
?>
<input type="email" placeholder="Email address" name="email" required />
<hr />
<button type="submit" name="submit">Generate new Password</button>
</form>
</body>
</html>
In this step we get the user entered email and check if user exist in database or not but before check always validate user entered data or you can check our email .And if the user exist in our database then we send hashed email and password on link to his registered email id you can check send mail using php
2.resetpassword.php
<?php
require_once 'user.php';
$user = new USER();
if(empty($_GET['userID']) && empty($_GET['mdcode']))
{
$user->redirect('index.php');
}
if(isset($_GET['userID']) && isset($_GET['mdcode']))
{
$id = base64_decode($_GET['userID']);
$code = $_GET['mdcode'];
$stmt = $user->query("SELECT * FROM users WHERE userID=:uid AND mdcode=:code");
$stmt->execute(array(":uid"=>$id,":code"=>$code));
$rows = $stmt->fetch(PDO::FETCH_ASSOC);
if($stmt->rowCount() == 1)
{
if(isset($_POST['resetpass']))
{
$pass = $_POST['pass'];
$cpass = $_POST['confirm-pass'];
if($cpass!==$pass)
{
$msg = " <strong>Sorry!</strong> Password Mismatch. ";
}
else
{
$stmt = $user->query("UPDATE users SET userPass=:upass WHERE userID=:uid");
$stmt->execute(array(":upass"=>$cpass,":uid"=>$rows['userID']));
$msg = "Password Changed.";
header("refresh:5;index.php");
}
}
}
else
{
exit;
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Password Reset</title>
</head>
<body >
<div>
<strong>Hello !</strong> <?php echo $rows['userEmail'] ?> you are here to reset your forgetton password.
</div>
<form method="post">
<h3>Password Reset.</h3><hr />
<?php
if(isset($msg))
{
echo $msg;
}
?>
<input type="password" placeholder="New Password" name="pass" required />
<input type="password" placeholder="Confirm New Password" name="confirm-pass" required />
<button type="submit" name="resetpass">Reset Your Password</button>
</form>
</body>
</html>
In this step we get the new password and update the password.
That's all, this is how to Create Password Reset System Using PHP. You can customize this code further as per your requirement. And please feel free to give comments on this tutorial.