on your website you should have a login register & forgot password. place a link under login page or login form for forgot password. use the php mailer to send the email to the user that the account is registered under with a unique code. you may have to modify your database to do this so it should look like username, password, "key" or something like that, on request to reset password the script will create a random key, it will also insert the key into the database. the url may be something like
. then the email will have the same link on clicking that link it would remove hence key from database and have a separate form for creating new password. please ready your php manual. that is just the jist of it please do not follow exactly.