1.
CREATE
TABLE
user
(
2.
username
varchar
(30),
3.
password
varchar
(32),
4.
email
varchar
(100),
5.
PRIMARY
KEY
(username)
6.
)
register.htm
01.
<
form
action
=
"submit.php"
method
=
"post"
>
02.
<
table
border
=
"0"
>
03.
<
tbody
>
04.
<
tr
>
05.
<
td
>Masukkan Usernametd
>
06.
<
td
>
07.
<
input
name
=
"username"
type
=
"text"
/>td
>
08.
tr
>
09.
<
tr
>
10.
<
td
>Masukkan E-mailtd
>
11.
<
td
>
12.
<
input
style
=
"background-color: #ffffa0;"
name
=
"email"
type
=
"text"
/>td
>
13.
tr
>
14.
<
tr
>
15.
<
td
>Masukkan Passwordtd
>
16.
<
td
>
17.
<
input
name
=
"pass1"
type
=
"password"
/>td
>
18.
tr
>
19.
<
tr
>
20.
<
td
>Ulangi Passwordtd
>
21.
<
td
>
22.
<
input
name
=
"pass2"
type
=
"password"
/>td
>
23.
tr
>
24.
<
tr
>
25.
<
td
>td
>
26.
<
td
>
27.
<
input
name
=
"Submit"
type
=
"submit"
value
=
"Submit"
/>td
>
28.
tr
>
29.
tbody
>table
>
30.
form
>
submit.php
01.
02.
$username
=
$_POST
[
'username'
];
03.
$password1
=
$_POST
[
'pass1'
];
04.
$password2
=
$_POST
[
'pass2'
];
05.
$email
=
$_POST
[
'email'
];
06.
07.
// cek kesamaan password
08.
if
(
$password1
==
$password2
)
09.
{
10.
mysql_connect(
"namahost"
,
"dbuser"
,
"dbpass"
);
11.
mysql_select_db(
"dbname"
);
12.
13.
// perlu dibuat sebarang pengacak
14.
$pengacak
=
"NDJS3289JSKS190JISJI"
;
15.
16.
// mengenkripsi password dengan md5() dan pengacak
17.
$password1
= md5(
$pengacak
. md5(
$password1
) .
$pengacak
);
18.
19.
// menyimpan username dan password terenkripsi ke database
20.
$query
=
"INSERT INTO user VALUES('$username', '$password1', '$email')"
;
21.
$hasil
= mysql_query(
$query
);
22.
23.
// menampilkan status pendaftaran
24.
if
(
$hasil
)
echo
"User sudah berhasil terdaftar"
;
25.
else
echo
"Username sudah ada yang memiliki"
;
26.
27.
}
28.
else
echo
"Password yang dimasukkan tidak sama"
;
29.
30.
?>
Selanjutnya kita bikin form login user.
login.htm
01.
<
form
action
=
"..."
method
=
"post"
>
02.
<
table
border
=
"0"
>
03.
<
tbody
>
04.
<
tr
>
05.
<
td
>Masukkan Usernametd
>
06.
<
td
>
07.
<
input
name
=
"username"
type
=
"text"
/>td
>
08.
tr
>
09.
<
tr
>
10.
<
td
>Masukkan Passwordtd
>
11.
<
td
>
12.
<
input
name
=
"pass"
type
=
"password"
/>td
>
13.
tr
>
14.
<
tr
>
15.
<
td
>td
>
16.
<
td
>
17.
<
input
name
=
"Submit"
type
=
"submit"
value
=
"Submit"
/>td
>
18.
tr
>
19.
<
tr
>
20.
<
td
><
a
href
=
"lostpassword.htm"
>Lost Passworda
>td
>
21.
<
td
>td
>
22.
tr
>
23.
tbody
>table
>
24.
form
>
Sekarang, kita buat form untuk lost password. Dalam form ini, user diminta memasukkan usernamenya.
lostpassword.htm
01.
<
form
action
=
"kirimpassword.php"
method
=
"post"
>
02.
<
table
border
=
"0"
>
03.
<
tbody
>
04.
<
tr
>
05.
<
td
>Masukkan Username Andatd
>
06.
<
td
>
07.
<
input
name
=
"username"
type
=
"text"
/>td
>
08.
tr
>
09.
<
tr
>
10.
<
td
>td
>
11.
<
td
>
12.
<
input
name
=
"Submit"
type
=
"submit"
value
=
"Submit"
/>td
>
13.
tr
>
14.
tbody
>table
>
15.
form
>
Form untuk lost password sudah dibuat, berikutnya kita buat script pengolah lost passwordnya.
kirimpassword.php
01.
02.
03.
mysql_connect(
"namahost"
,
"dbuser"
,
"dbpass"
);
04.
mysql_select_db(
"dbname"
);
05.
06.
$username
=
$_POST
[
'username'
];
07.
08.
function
randomPassword()
09.
{
10.
// function untuk membuat password random 6 digit karakter
11.
12.
$digit
= 6;
13.
$karakter
=
"ABCDEFGHJKLMNPQRSTUVWXYZ23456789"
;
14.
15.
srand((double)microtime()*1000000);
16.
$i
= 0;
17.
$pass
=
""
;
18.
while
(
$i
<=
$digit
-1)
19.
{
20.
$num
= rand() % 32;
21.
$tmp
=
substr
(
$karakter
,
$num
,1);
22.
$pass
=
$pass
.
$tmp
;
23.
$i
++;
24.
}
25.
return
$pass
;
26.
}
27.
28.
// membuat password baru secara random -> memanggil function randomPassword
29.
$newPassword
= randomPassword();
30.
31.
// perlu dibuat sebarang pengacak
32.
$pengacak
=
"NDJS3289JSKS190JISJI"
;
33.
34.
// mengenkripsi password dengan md5() dan pengacak
35.
$newPasswordEnkrip
= md5(
$pengacak
. md5(
$newPassword
) .
$pengacak
);
36.
37.
// mencari alamat email si user
38.
$query
=
"SELECT * FROM user WHERE username = '$username'"
;
39.
$hasil
= mysql_query(
$query
);
40.
$data
= mysql_fetch_array(
$hasil
);
41.
$alamatEmail
=
$data
[
'email'
];
42.
43.
// title atau subject email
44.
$title
=
"New Password"
;
45.
46.
// isi pesan email disertai password
47.
$pesan
=
"Username Anda : "
.
$username
.
". \nPassword Anda yang baru adalah "
.
$newPassword
;
48.
49.
// header email berisi alamat pengirim
50.
$header
=
"From: admin@situsku.com"
;
51.
52.
// mengirim email
53.
$kirimEmail
= mail(
$alamatEmail
,
$title
,
$pesan
,
$header
);
54.
55.
// cek status pengiriman email
56.
if
(
$kirimEmail
) {
57.
58.
// update password baru ke database (jika pengiriman email sukses)
59.
$query
=
"UPDATE user SET password = '$newPasswordEnkrip' WHERE username = '$username'"
;
60.
$hasil
= mysql_query(
$query
);
61.
62.
if
(
$hasil
)
echo
"Password baru telah direset dan sudah dikirim ke email Anda"
;
63.
}
64.
else
echo
"Pengiriman password baru ke email gagal"
;
65.
66.
?>
Nah… password baru yang dikirm ke email user adalah password random yang dihasilkan function randomPassword().
Oya, perhatikan pula pada proses update password baru ke database. Apabila kita perhatikan, maka proses update ini dilakukan setelah pengiriman email sukses. Mengapa demikian? Ya… bagaimana seandainya pengiriman email gagal, tapi password yang baru sudah terupdate di database? Tentu si user bingung
Satu lagi yang penting, gunakan pengacak enkripsi yang sama ketika pada proses registrasi user dan juga pada waktu proses login. Jika tidak sama.. hmmm… repot, karena user nantinya gak bisa login.
Download Script
Tags
PHP