Retrieve Username Help

[brentjlaf]

Can't seem to find the bug in here



//Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect to server");
mysql_select_db("$db_name")or die("cannot select DB");

// value sent from form
$email_to=$_POST['email_to'];


// retrieve password from table where e-mail = $email_to(email@home.com)
$sql="SELECT username FROM proteam WHERE email='$email_to'";
$result=mysql_query($sql);

// if found this e-mail address, row must be 1 row
// keep value in variable name "$count"
$count=mysql_num_rows($result);

// compare if $count =1 row
if($count==1){

$rows=mysql_fetch_array($result);

// keep password in $your_password
$your_password=$rows['username'];

// ---------------- SEND MAIL FORM ----------------

// send e-mail to ...
$to=$email_to;

// Your subject
$subject="Your username here";

// From
$header="from: your name <info@silvercup.ca>";

// Your message
$messages= "Your username for login to our website \r\n";
$messages.="Your username is $your_password \r\n";
$messages.="more message... \r\n";

// send email
$sentmail = mail($to,$subject,$messages,$header);

}

// else if $count not equal 1
else {
echo "Not found your email in our database";
}

// if your email succesfully sent
if($sentmail){
echo "Your username Has Been Sent To Your Email Address.";
}
else {
echo "Cannot send username to your e-mail address";
}

[danlefree]

The first problem is that you are not using mysql_real_escape_string() to escape your input before using it in a query.

The second problem is that your script will fail if there are two entries for the e-mail address in the database.