0

i created a forgot password. It checks if the email is existing or not in the database and it creates an activiation code. However, i dont receive any mail from the email i typed. Do i have to install something to make this work? if you found this as duplicate, it is not because others who posted this forgot password is working for them, but in my case i dont receive emails.

Here is the code:

<?php 
error_reporting(0);
if($_POST['submit']=='Send')
{
//keep it inside
$email=$_POST['email'];
$code = $_GET['activation_code'];
$con=mysqli_connect("localhost","root","","test");
// Check connection
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }
$query = mysqli_query($con,"select * from users where user_email='$email'")
or die(mysqli_error($con)); 

 if (mysqli_num_rows ($query)==1) 
 {
$code=rand(100,999);
$message="You activation link is: http://192.168.0.108/resetpass.php?email=$email&code=$code";
mail($email, "daleii.calderon@yahoo.com", $message);    
echo 'Email sent';
$query2 = mysqli_query($con,"update users set activation_code='$code' where user_email='$email' ")
or die(mysqli_error($con)); 
}
else
{
echo 'No user exist with this email id';

}}

?>
<form action="forgot.php" method="post">
Enter you email ID: <input type="text" name="email">
<input type="submit" name="submit" value="Send">
</form>
dalecalderon
  • 27
  • 1
  • 7
  • Are you on shared hosting? The `mail()` function is really slow, especially on free hosting. Try something like PEAR mail. http://pear.php.net/package/Mail/redirected – display-name-is-missing Feb 04 '14 at 17:42
  • i'm just using the localhost sir.. why cant i receive email? and if i receive the email who would be the sender? im sorry i just followed this on a tutorial sir im just a newbie.. – dalecalderon Feb 04 '14 at 17:46
  • Checkout the manual http://us3.php.net/manual/en/function.mail.php and this http://stackoverflow.com/questions/18288007/php-send-mail-from-localhost – Ant Feb 04 '14 at 18:09
  • **By building SQL statements with outside variables, you are leaving yourself open to SQL injection attacks.** Also, any input data with single quotes in it, like a name of "O'Malley", will blow up your SQL query. Please learn about using parametrized queries, preferably with the PDO module, to protect your web app. My site http://bobby-tables.com/php has examples to get you started, and [this question](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) has many examples in detail. – Andy Lester Feb 04 '14 at 19:14

2 Answers2

0

You can't send an email on localhost. If you want to test your code, you need to test it on a free hosting website which allows sending emails. And you have some mistakes in your mail() function. Better:

<?php
$to      = 'nobody@example.com';
$subject = 'the subject';
$message = 'hello';
$headers = 'From: webmaster@example.com' . "\r\n" .
    'Reply-To: webmaster@example.com' . "\r\n" .
    'X-Mailer: PHP/' . phpversion();
mail($to, $subject, $message, $headers);
?>
artur99
  • 818
  • 6
  • 18
0

Do you have a local mail server installed? There are many free ones. XAMPP, for example contains 2 good ones (fake-sendmail and Mercury). For development, it is typically enough to store the mail locally, especially to be sure not to annoy people when using real email addresses.

You can find more information in this question: How to configure XAMPP to send mail from localhost?

Community
  • 1
  • 1
Gogowitsch
  • 1,181
  • 1
  • 11
  • 32