Bad, bad idea. To send the user his password, you have to store it in a readable form. This means that any hack gets access to everything - potentially including other systems given that most people only use one or two passwords for everything. Instead, store the password as a hash value and reset it to a random value then send that to the registered email instead. There is some detail on how to do that here:
Password Storage: How to do it.[
^]