etutorialspoint
  • Home
  • PHP
  • MySQL
  • MongoDB
  • HTML
  • Javascript
  • Node.js
  • Express.js
  • Python
  • Jquery
  • R
  • Kotlin
  • DS
  • Blogs
  • Theory of Computation

Recover forgot password using PHP and MySQL

In this article, you will learn how to recover forgot password using PHP and MySQL (MySQLi improved version).

There are more and more organizations that providing online internet services. This requires users to create many accounts on many different platforms to get online services. It is also not recommended for them to use the same password and it becomes a burden for them to remember password for different accounts. So, it is mandatory to provide forgot password option in login system. It helps the user to easily recover the password they have forgotten.

For this, we have created a forgot password form in HTML. This file contains three fields for username, new password and confirm new password and a Submit button. When user submits the form, this form will be redirected to handler.php page.

Suppose, we have a 'users' TABLE in Database with one user record as follows. You can use your database if you have OR you can copy paste this code for practice purpose.

CREATE TABLE IF NOT EXISTS `users` (
  `userid` int(11) NOT NULL AUTO_INCREMENT,
  `name` varchar(100) NOT NULL,
  `username` varchar(100) NOT NULL,
  `password` varchar(100) NOT NULL,
  PRIMARY KEY (`userid`)
)
INSERT INTO `users` (`userid`, `name`, `username`, `password`) VALUES
(1, 'John', 'msjohn', 'ed9e5563452feebf93b94f8b00f74280');

Here is the main PHP file 'index.php' that we will call on the browser. At the top of this page, we have started the session to show the successful password set message.





1. index.php

This HTML code shows the forgot password form -

<?php 
session_start();
if($_SESSION['msg']) {
echo $_SESSION['msg'].'<br/>';
}
?>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" />
<div class="wrapper" style="width: 35%; margin: 0 auto;">
<form class="form-signin" action='handler.php' method="post">       
<h2 class="form-signin-heading">Forgot Password</h2><br/>
<input type="text" class="form-control" name="username" placeholder="Email Your Username" required="" autofocus="" />
<br/> <input type="password" class="form-control" name="newpassword" placeholder="New Password" required=""/><br/> <input type="password" class="form-control" name="confirmpassword" placeholder="Confirm New Password" required=""/>
<br/> <button class="btn btn-small btn-primary btn-block" type="submit">Submit</button> <input type="hidden" name="object" value="forgot"/> </form> </div>

Once this forgot password form is submitted, the entered data is sent in post to 'handler.php' file.

On handler.php file, we have written code to first match the entered new password and confirm password. If both will be same, the script will encrypt the entered password using 'sodium_crypto_pwhash_str()' hashing method and update the database. This method generates an ASCII encoded hash for password storage.

If you think to use md5() and crypt() functions for password encryption. Please don't use them, both are deprecated in latest PHP versions and also they are not much more secure. PHP7 Sodium Cryptography Library is a modern hash function that considered more secure. To know more about this, please visit -
PHP7 Password Hashing





2. handler.php

<?php 
$req = $_POST; 
$username = $req['username'];
$conn = mysqli_connect('hostname', 'username', 'password', 'database');
session_start();
if($req['object'] == 'forgot'){ 
if($req['newpassword'] == $req['confirmpassword']) {
		$hash = sodium_crypto_pwhash_str(
			$password,
			SODIUM_CRYPTO_PWHASH_OPSLIMIT_INTERACTIVE,
			SODIUM_CRYPTO_PWHASH_MEMLIMIT_INTERACTIVE
		); 
        $update = "UPDATE `users` SET 'password' = '$hash' WHERE username = '$username' ";
        $result = mysqli_query($conn, $update);
        $_SESSION['msg'] = 'Your new password has reset successfully, you can now login.';
        header("Location: index.php");
    } else {
        $_SESSION['msg'] = 'Password does not match';
        header("Location: index.php");
    }
}
?>

The above code gets the user details from the database, update the encrypted password and sets value in 'msg' session variable. Please make sure to replace 'hostname', 'username', 'password' and 'database' with your database credentials.





Related Articles

Preventing Cross Site Request Forgeries(CSRF) in PHP
PHP code to send email using SMTP
Simple pagination in PHP
Simple PHP File Cache
PHP Connection and File Handling on FTP Server
Sending form data to an email using PHP
Print section of page using javascript
Submit a form data without page refresh using PHP, Ajax and Javascript
How to display PDF file in PHP from database
How to read CSV file in PHP and store in MySQL
Create And Download Word Document in PHP
PHP SplFileObject Standard Library
Simple File Upload Script in PHP
Complete HTML Form Validation in PHP
How to send emojis in email subject and body using PHP
PHP7.3 New Features, Functions and Deprecated Functions




◀ Previous Article
Preventing Cross Site Request Forgeries(CSRF) in PHP
Next Article ▶
PHP Secure User Registration with Login/logout
Most Popular Development Resources
Retrieve Data From Database Without Page refresh Using AJAX, PHP and Javascript
-----------------
Characteristics of a Good Computer Program
-----------------
How to get data from XML file in PHP
-----------------
PHP code to send email using SMTP
-----------------
PHP Create Word Document from HTML
-----------------
Hypertext Transfer Protocol Overview
-----------------
PHP MySQL PDO Database Connection and CRUD Operations
-----------------
Create Dynamic Pie Chart using Google API, PHP and MySQL
-----------------
How to encrypt password in PHP
-----------------
Splitting MySQL Results Into Two Columns Using PHP
-----------------
How to get current directory, filename and code line number in PHP
-----------------
Dynamically Add/Delete HTML Table Rows Using Javascript
-----------------
Get current visitor\'s location using HTML5 Geolocation API and PHP
-----------------
How to Sort Table Data in PHP and MySQL
-----------------
PHP MYSQL Advanced Search Feature
-----------------
Simple star rating system using PHP, jQuery and Ajax
-----------------
Simple pagination in PHP with MySQL
-----------------
Fibonacci Series Program in PHP
-----------------
How to add multiple custom markers on google map
-----------------
jQuery loop over JSON result after AJAX Success
-----------------
PHP user registration and login/ logout with secure password encryption
-----------------
Submit a form data using PHP, AJAX and Javascript
-----------------
Recover forgot password using PHP7 and MySQLi
-----------------
Php file based authentication
-----------------
PHP Secure User Registration with Login/logout
-----------------
jQuery File upload progress bar with file size validation
-----------------
Polling system using PHP, Ajax and MySql
-----------------
Simple PHP File Cache
-----------------
How to generate QR Code in PHP
-----------------
SQL Injection Prevention Techniques
-----------------
Simple File Upload Script in PHP
-----------------
PHP User Authentication by IP Address
-----------------
Calculate the distance between two locations using PHP
-----------------
To check whether a year is a leap year or not in php
-----------------
Preventing Cross Site Request Forgeries(CSRF) in PHP
-----------------
CSS Simple Menu Navigation Bar
-----------------
PHP Server Side Form Validation
-----------------
Detect Mobile Devices in PHP
-----------------
Simple way to send SMTP mail using Node.js
-----------------
Set and Get Cookies in PHP
-----------------
Date Timestamp Formats in PHP
-----------------
Get Visitor\'s location and TimeZone
-----------------
Convert MySQL to JSON using PHP
-----------------
Simple Show Hide Menu Navigation
-----------------
PHP Programming Error Types
-----------------
PHP Sending HTML form data to an Email
-----------------
How to print specific part of a web page in javascript
-----------------
Driving route directions from source to destination using HTML5 and Javascript
-----------------
Google Street View API Example
-----------------
How to select/deselect all checkboxes using Javascript
-----------------
How to add google map on your website and display address on click marker
-----------------
PHP Getting Document of Remote Address
-----------------
PHP Connection and File Handling on FTP Server
-----------------
File Upload Validation in PHP
-----------------
R Plot Types
-----------------


Most Popular Blogs
Most in demand programming languages
Best mvc PHP frameworks in 2019
MariaDB vs MySQL
Most in demand NoSQL databases for 2019
Best AI Startups In India
Kotlin : Android App Development Choice
Kotlin vs Java which one is better
Top Android App Development Languages in 2019
Web Robots
Data Science Recruitment of Freshers - 2019


Interview Questions Answers
Basic PHP Interview
Advanced PHP Interview
MySQL Interview
Javascript Interview
HTML Interview
CSS Interview
Programming C Interview
Programming C++ Interview
Java Interview
Computer Networking Interview
NodeJS Interview
ExpressJS Interview
R Interview


Popular Tutorials
PHP Tutorial (Basic & Advance)
MySQL Tutorial & Exercise
MongoDB Tutorial
Python Tutorial & Exercise
Kotlin Tutorial & Exercise
R Programming Tutorial
HTML Tutorial
jQuery Tutorial
NodeJS Tutorial
ExpressJS Tutorial
Theory of Computation Tutorial
Data Structure Tutorial
Javascript Tutorial




General Knowledge

listen
listen
listen
listen
listen
listen
listen
listen
listen


Learn Popular Language

listen
listen
listen
listen
listen

Blogs

  • Jan 3

    Stateful vs Stateless

    A Stateful application recalls explicit subtleties of a client like profile, inclinations, and client activities...

  • Dec 29

    Best programming language to learn in 2021

    In this article, we have mentioned the analyzed results of the best programming language for 2021...

  • Dec 20

    How is Python best for mobile app development?

    Python has a set of useful Libraries and Packages that minimize the use of code...

  • July 18

    Learn all about Emoji

    In this article, we have mentioned all about emojis. It's invention, world emoji day, emojicode programming language and much more...

  • Jan 10

    Data Science Recruitment of Freshers

    In this article, we have mentioned about the recruitment of data science. Data Science is a buzz for every technician...

Follow us

  • etutorialspoint facebook
  • etutorialspoint twitter
  • etutorialspoint linkedin
etutorialspoint youtube
About Us      Contact Us


  • eTutorialsPoint©Copyright 2016-2021. All Rights Reserved.