php,
shown in Listing 14-13, executes.
Listing 14-13. Resetting a User??™s Password
// Create a pseudorandom password five characters in length
$pswd = substr(md5(uniqid(rand())),5);
// User's hash value
$id = $_GET[id];
// Update the user table with the new password
$query = "UPDATE logins SET pswd='$pswd' WHERE hash='$id'";
$result = mysql_query($query);
// Display the new password
echo "
Your password has been reset to $pswd.
";
?>
Of course, this is only one of many recovery mechanisms. For example, you could
use a similar script to provide the user with a form for resetting his own password.
Summary
This chapter introduced PHP??™s authentication capabilities, features that are practically
guaranteed to be incorporated into many of your future applications. In addition to
discussing the basic concepts surrounding this functionality, several common authentication
methodologies were investigated. Decreasing password guessability by using
PHP??™s CrackLib extension was also examined. Finally, this chapter offered a discussion of
recovering passwords using one-time URLs.
The next chapter discusses another popular PHP feature??”handling file uploads via
the browser.
387
?– ?– ?–
C H A P T E R 1 5
Handling File Uploads
While most people tend to equate the Web with Web pages only, HTTP actually
facilitates the transfer of any kind of file, such as Microsoft Office documents, PDFs,
executables, MPEGs, zip files, and a wide range of other file types.
Pages:
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466