Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived General Discussion Users and Profiles DB and Forgotten password
Users and Profiles DB and Forgotten password
  • El Forum
    Guest
  •  
#1
06-08-2009, 11:37 PM

[eluser]Dregond Rahl[/eluser]
Iv noticed in several authentication libraries, the profile table is separated from the users table. Why is that ?



Im also working on a forgotten password system, when someone has lost their password they type in their username or email address, and it check the database if it exists it will send an email with something like:
Code:
domain.com/forgottenpassword/(Sha1 hash)

the sha1 hash consists of a random key and in the 'users' table is updated with that key in a "reset_password" field. when the user visits the link he/she is asked to type in the new password and confirmation password.and the person is auto logged in, and the "reset_password" field is reset to blank.

Is this a safe method ?


Messages In This Thread
Users and Profiles DB and Forgotten password - by El Forum - 06-08-2009, 11:37 PM
Users and Profiles DB and Forgotten password - by El Forum - 06-09-2009, 07:05 AM
Users and Profiles DB and Forgotten password - by El Forum - 06-09-2009, 08:21 AM
Users and Profiles DB and Forgotten password - by El Forum - 06-09-2009, 08:26 AM
Users and Profiles DB and Forgotten password - by El Forum - 06-09-2009, 09:14 AM
Users and Profiles DB and Forgotten password - by El Forum - 06-09-2009, 09:39 AM
Users and Profiles DB and Forgotten password - by El Forum - 06-09-2009, 10:05 AM



Theme © iAndrew 2016 - Forum software by © MyBB