I have Forgot Password Form where users can enter their valid email address. I have no problem in sending mail to user, my only problem is that i want to send to users their account information from database (Username & Password )so that they will know their username and password. But it seems like I'm having hard time on how to display their account information on the user's inbox. I'm new in PHP and it would be great if you could help me on how to figure it out.
Here's my code:
Edited:
<?php
if (isset($_POST['submit'])) {
$email_from = "example@domain.com";
$datesent = date('D m/d/Y, g:i A');
$error_message = "";
$msg = "";
$subject = "Some text here";
//some validations here
$query = "Select * from user_information where EMAIL_ADDRESS = '".$_POST['email']."'";
$result = mysql_query($query) or die("ERROR: ".mysql_error());
$check = mysql_num_rows($result);
if ($check == 0) {
$row = mysql_fetch_assoc($result);
$username = $row['USERNAME'];
$password = $row['PASSWORD'];
$fname = $row['FIRST_NAME'];
}
ob_start(); //Turn on output buffering
?>
Hi <? php echo $fname; ?>!
Here is your Account information:
Username: <? php echo $username; ?>
Password: <? php echo $password; ?>
//some text here
<?php
$message = ob_get_contents();
ob_get_clean();
$email_message = "From: ".clean_string($email_from)."
";
$email_message. = "Sent: ".clean_string($datesent)."
";
$email_message. = "Subject: ".clean_string($subject)."
";
$email_message. = "
".clean_string($message)."
";
$headers = 'From: '.$email_from."
";
$headers. = 'To: '.$email."
";
$headers. = 'Sent: '.$datesent."
";
$email_sent = @mail($sendto, $subject, $email_message, $headers);
} ?>
The following code does not work fpr you:
$check = mysql_num_rows($result);
if($check==0){
...
}
should be:
$check = mysql_num_rows($result);
if($check != false){
...
}
You only set the username, password and fname if there is no resulting row
I assume you posted the entire source file. If so, you lack a session_start() at the beginning of your file. Without it access to $_SESSION is not possible. Or maybe you wanted to use $_POST and wrote $_SESSION instead?
Change
if ($check == 0)
to
if ($check > 0)
Note: Don't use $_POST , $_GET variables without sanitizing them. Using mysql_query is prone to sql injection if you do not validate and sanitize your $_POST and $_GET variables. Use PHP_PDO
Also
if (isset($_SESSION['submit'])) {
to
if (isset($_POST['submit'])) {
first of all start session then only you can use session variables and when fetching array from database , the number of rows should not be zero , like this
if ($check != 0) {
$row = mysql_fetch_assoc($result);
$username = $row['USERNAME'];
$password = $row['PASSWORD'];
$fname = $row['FIRST_NAME'];
}
and there is mistake in this code also
ob_start(); //Turn on output buffering
?>
Hi <?php echo $fname; ?>!
Here is your Account information:
Username: <?php echo $username; ?>
Password: <?php echo $password; ?>
//some text here
you have not used <?php but<? php instead. hope that helps.