prepare("SELECT id, username FROM users WHERE email = ?");
$stmt->execute([$email]);
$user = $stmt->fetch(PDO::FETCH_ASSOC);
if ($user) {
$token = bin2hex(random_bytes(32));
$expires_at = date('Y-m-d H:i:s', time() + PASSWORD_RESET_EXPIRE);
$pdo->prepare("DELETE FROM password_resets WHERE email = ?")->execute([$email]);
$stmt = $pdo->prepare("INSERT INTO password_resets (email, token, expires_at) VALUES (?, ?, ?)");
if ($stmt->execute([$email, $token, $expires_at])) {
if (sendPasswordResetEmail($email, $user['username'], $token)) {
$success = t('reset_link_sent');
} else {
$reset_link = SITE_URL . "/reset-password.php?token=" . $token;
$success = t('reset_link_generated') . "
$reset_link";
}
} else {
$error = t('system_error');
}
} else {
$error = t('email_not_registered');
}
}
}
?>
<?php echo t('forgot_password'); ?> - <?php echo SITE_NAME; ?>