prepare("SELECT * FROM Users WHERE email = ?");
$stmt->execute([$email]);
$user = $stmt->fetch();
if ($user) {
$token = bin2hex(random_bytes(50));
$expires = new DateTime('now');
$expires->add(new DateInterval('PT1H')); // 1 hour expiration
$stmt = $pdo->prepare("UPDATE Users SET reset_token = ?, reset_token_expires = ? WHERE email = ?");
$stmt->execute([$token, $expires->format('Y-m-d H:i:s'), $email]);
$reset_link = "http://" . $_SERVER['HTTP_HOST'] . "/auth/reset-password.php?token=" . $token;
$subject = "Password Reset Request";
$body_html = "Click the following link to reset your password: {$reset_link}";
$body_text = "Click the following link to reset your password: {$reset_link}";
MailService::sendMail($email, $subject, $body_html, $body_text);
$message = "A password reset link has been sent to your email address.";
} else {
$message = "No user found with that email address.";
}
}
?>