PHP user changing password on his account via email and old password

Question

I've made an API in php for users to change their passwords on their account, but I did it so they change it by entering their email, so I find their column in database like that, but for security reason I don't think this is a good idea... So I would like to add it so it find user by email then checks his old entered password does it match the encrypted in the database, so his input would be 1) email 2)old pass 3)new pass. My password is encrypted with hash + salt

This is my php file

<?php
require_once('connection.php');

function forgotPassword($forgotpassword, $newpassword, $salt){
    $result = mysql_query("UPDATE `member` SET `encrypted_password` = '$newpassword',`salt` = '$salt' WHERE `email` = '$forgotpassword'");
    if ($result) {
    return true;
    }
    else
    {
    return false;
    }
}
function hashSSHA($password) {
    $salt = sha1(rand());
    $salt = substr($salt, 0, 10);
    $encrypted = base64_encode(sha1($password . $salt, true) . $salt);
    $hash = array("salt" => $salt, "encrypted" => $encrypted);
    return $hash;
}
function isUserExisted($email) {
    $result = mysql_query("SELECT email from member WHERE email = '$email'");
    $no_of_rows = mysql_num_rows($result);
    if ($no_of_rows > 0) {
        // user existed
        return true;
    } else {
        // user not existed
        return false;
    }
}

$email = $_POST['email'];
$newpassword = $_POST['newpas'];
$hash = hashSSHA($newpassword);
$encrypted_password = $hash["encrypted"]; // encrypted password
$salt = $hash["salt"];
if (isUserExisted($email)) {
        $user = forgotPassword($email, $encrypted_password, $salt);
    if ($user) {
    //pass changed
}
else {
    //error
}
    // user is already existed - error response
}
   else {
    //user not found
}
?>

Could anyone write me a solution for this? So it checks both email and old password in the database.

Answer 1

Okay so if the user is already signed in and intends to change password :

Assuming that you have a Change Password link :

When user clicks Change Password link :

• Display the Change Password form .
• User enters Old Password .
• User enters New Password and Retype New Password .

The user being already signed in , you either have the userId or emailAddress or you can retrieve from the ( user ) table .

So now :

• Validate the Old Password .
• Make sure the New Password and Retype New Password are identical .
• Make sure the new passwords adheres your password criteria .
• Everything being fine save the New Password .

Now if your system allows more than one users to sign in into same account , it is wise to automatically sign out all those users and ask to sign in again .

Answer 2

What is sounds like your looking for is a straightforward password validation. In your case, it would look like:

function checkPass ($salt, $password, $storedPass){
  $encrypted = base64_encode(sha1($password . $salt, true) . $salt);
  if($storedPass==$encrypted){
    return TRUE;
  }
  else{
    return FALSE;
  }

Of course, you have to dig the value for $salt out of your database first.

Answer 3

If I understood correctly you are after a solution for Forgot Password . If this is the case , the obvious scenario is that the user does not remember current password and wants to set a new password .

I assume that you have a Forgot Password link which leads to a Forgot Password page where the user enters Email Address and clicks Next .

If your system already stored secret question(s) and answer(s) , you can add steps to check at least one of those here otherwise just continue further :

• Validate Email Address .
• If the Email Address exists , continue further . Otherwise display message to user .
• Generate a ( lengthy ) Random String .
• Save the Random String in the ( user ) table for that user .
• Make a Link and put Email Address and Random String in it .
• Make an email which includes the Link and send it to the Email Address .

Now user receives the email and clicks the Link :

• Parse the Link to get Email Address and Random String .
• Validate Email Address and Random String .
• If the Email Address and Random String combination exists , continue further . Otherwise display message to user .
• Display a form for the user to enter New Password twice .
• Save the New Password for the user .

Now you can either Sign In the user automatically or show Sing In page for the user to sign in with the new credentials .