From 861cbf493591ec876f71ba200a844ed6177026f9 Mon Sep 17 00:00:00 2001 From: Evangelos Foutras Date: Thu, 12 Nov 2009 17:21:59 +0200 Subject: Implement 'Password Reset' facility (FS#3061) This works by adding a new field to the 'Users' table called 'ResetKey', which is a 32 characters long, random string. When the user requests a password reset, a new 'reset key' is generated and sent to the user's e-mail address in the form of a link in the following format: http://aur.archlinux.org/passreset.php?resetkey= When the above link is followed, the user is presented with a form to verify his/her e-mail address and specify the new desired password. If the e-mail address matches the reset key in the database, the new password is assigned to the account. If there is an error, a relevant message is displayed and the user is prompted to re-enter the required information. Upon successful completion of this procedure, the ResetKey field in the database is blanked and the specific key cannot be reused. One SQL query is needed to add the ResetKey field to the 'Users' table: ALTER TABLE `Users` ADD `ResetKey` CHAR(32) NOT NULL DEFAULT ''; Signed-off-by: Loui Chang --- web/template/login_form.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'web/template') diff --git a/web/template/login_form.php b/web/template/login_form.php index d0df370..5cf708d 100644 --- a/web/template/login_form.php +++ b/web/template/login_form.php @@ -25,6 +25,6 @@ else { " /> +[Forgot Password] - -- cgit v1.2.3-70-g09d2