Password recovery

Comment, please.

//  
error_reporting(E_ALL);
// 
$table = 'users';
//  
mysql_connect("localhost", "root") or die("Error connect to server");
mysql_select_db("aaa") or die("Error select db");
if (isset($_POST['ok'])) {
    $email = !empty($_POST['email']) ? trim($_POST['email']) : NULL;
    $sql   = mysql_query("SELECT `email` FROM " . $table . " WHERE `email` = '" . mysql_real_escape_string($email) . "'");
    if (mysql_num_rows($sql) < 1)
        echo '  ';
    else {
        $row    = mysql_fetch_assoc($sql);
        $to     = $row["email"];
        $from   = '[email protected]';
        $tema   = "=?utf-8?b?" . base64_encode(" ") . "?=";
        $header = "Content-type:text/html; charset=\"windows-1251\"\n";
        $header .= "From: <" . $from . ">\n";
        $header .= "MIME-Version: 1.0\n";
        $msg  = "       <a href=\"\">  </a>";
        $mail = mail($to, $tema, $msg, $header);
        if ($mail !== FALSE)
            echo '<p>      </p>';
    }
}

Answer 1, authority 100%

And what is the link for the user?
The table should probably have a flag indicating that the user is requesting password recovery, which means he needs to write something down somewhere.
and then it turns out

$msg = "       <a href=\"\">  </a>";

You can find out the soap of the beast, just stupidly follow any such link, change the password, then change the soap and your account.

What checks and how will the email link be sent? do some thread CRC in MD5


Answer 2, authority 67%

Well, again, checking if there is soap, it is not done if the soap is empty!!!
Next, you need to bind the verification GETcode, which will be written to the database, otherwise you will miss the recovery. Moreover, the code should be done, for example, md5 (random string to write to the database, just check that there is no duplicate)! Do not check MD5 (soap or login) in any case!


Answer 3

Just two comments.

First of all, you don’t need to say whether this soap is in the base or not. Even if not, do not write about it, write that they say everything has been sent to your mail, you know less – you sleep better.

Second, you don’t need to burden the user with creating a new password, clicking on some links, creating a new password – all this just infuriates. Requested recovery, generate a new password, update it in the database and send it to his mailbox, that’s all.

By entering all these checks, you make life difficult for the user, but at the same time you do not increase the security of your system in the slightest, the question is for what?