0

I have been searching around for solution but could not find anyone. before i show my code things i want to let you know are. I have used gmail email to receive email from not worked even created email in domain still that did not worked. code is working fine even mail is getting send but i cannot receive it.

if(isset($_POST['forget'])) {
        $myemail = "admin@study-material.info";
        $email = $_POST['email'];
        $password = $_POST['password'];
        include("../functions/backend.php");
        $obj = new Crud;

        $uemail = $obj->forget($email);


    if(mysqli_num_rows($uemail) > 0){
        foreach($uemail as $show){
             $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()_-=+;:,.?";
$password = substr( str_shuffle( $chars ), 0, 8 );

            $obj->updatepassword($password,$show['Email']);



    $to = $show['Email'];
    $subject = "Your Recovered Password";

    $message = "Please use this password to login <br> password: " .   $password. "<br>Email: " . $show['Email'];
    $headers = "From: $myemail";

    if(mail($to, $subject, $message, $headers)){
        echo "Your Password has been sent to your ".$show['Email']."";
    }else{
        echo "Failed to Recover your password, try again";
    }

        }


    }



            else
        {

            echo "<script>alert('Email you intered not registered.');</script>";
        }
  }
kamraan
  • 17
  • 6
  • Did you check your spam folder? – Sehdev Jun 19 '18 at 11:25
  • What have you tried to debug this? How did you determine that the mail was really sent? – Nico Haase Jun 19 '18 at 11:25
  • @NicoHaase In if condition i echo confirmation of mail function if that work it give proper response within echo mail is sent to email. – kamraan Jun 19 '18 at 11:27
  • And how did you determine that the mail was **really** sent? Have you had a look at your server's mail log? – Nico Haase Jun 19 '18 at 11:28
  • 1
    Unrelated: It seems your code shows a "forgot password"-function. Usually you would send out a reset link with a token, which can be used to reset the password. But in your case you seem to reset the password and send out this new one. The problem with this method: If someone else enters my email address here, I will get a new password and can no longer log in with my old one (without checking my inbox). So this is a type of DoS that's possible with this method. – Karsten Koop Jun 19 '18 at 11:29

0 Answers0