Specifications
As you can see, this script uses two main functions to do its job: reset_password() and
notify_password(). Let’s look at each of these in turn.
The reset_password() function generates a random password for the user and puts it into the
database. The code for this function is shown in Listing 24.18.
LISTING 24.18 The reset_password() Function from user_auth_fns.php—This Script
Resets a User’s Password to a Random Value and Emails Her the New One
function reset_password($username)
// set password for username to a random value
// return the new password or false on failure
{
// get a random dictionary word b/w 6 and 13 chars in length
$new_password = get_random_word(6, 13);
// add a number between 0 and 999 to it
// to make it a slightly better password
srand ((double) microtime() * 1000000);
$rand_number = rand(0, 999);
$new_password .= $rand_number;
// set user’s password to this in database or return false
if (!($conn = db_connect()))
return false;
$result = mysql_query( “update user
set passwd = password(‘$new_password’)
where username = ‘$username’”);
if (!$result)
return false; // not changed
else
return $new_password; // changed successfully
}
This function generates its random password by getting a random word from a dictionary,
using the get_random_word() function and suffixing it with a random number between 0 and
999. The get_random_word() function is also in the user_auth_fns.php library. This function is
shown in Listing 24.19.
Building User Authentication and Personalization
C
HAPTER 24
24
AUTHENTICATION
AND
PERSONALIZATION
523
30 7842 ch24 3/6/01 3:34 PM Page 523