Hi Sathia, In practice, it's actually better to give the user a utility to "reset" the password instead of "resending" the password. Easiest steps are:
* Create a system-generated password, make sure it's in cleartext first. * Store the Auth::password() hash of the generated one into the database. * Send the cleartext password to yhe user's email. Of course the user will need to change the password upon logging in. Other websites send a confirmation link to the users email first, to check if the user really want to reset their password, and only then by clicking the link will the web app do the steps stated above. Still, other website do the "Forgot Password?" checking by presenting the user a form where a username (or email address) and two "Secret Questions" (presented in a <select> list) need to be answered. If the user successfully supplied the values in the form, another form will display New Password and Confirm Password fields for the user to fill out. Hope this helps, OJ On May 21, 11:17 pm, Sathia S <[email protected]> wrote: > > You can't; that's what "hash" means. > > >http://en.wikipedia.org/wiki/Cryptographic_hash_function > > > To validate a user who's trying to log in, you hash the password the user > > entered, then compare it with the hashed password in the database. The > > tutorials, demos and documentation should explain this pretty well. > > Thanks for reply . > > But for 'forget password' i need to send email of unhased password to user > , > > so i want to know is there any way > > Thank u > > -- > Regards > > sathiahttp://www.sathia27.wordpress.com -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php
