prepare("SELECT * FROM users WHERE email = ?");
$stmt->execute([$email]);
$user = $stmt->fetch();
if ($user) {
// Generate a unique token
$token = bin2hex(random_bytes(32));
// Set expiration date to 1 hour from now
$expires_at = date('Y-m-d H:i:s', strtotime('+1 hour'));
// Store the token in the database
$stmt = $pdo->prepare("INSERT INTO password_resets (email, token, expires_at) VALUES (?, ?, ?)");
$stmt->execute([$email, $token, $expires_at]);
// Send the password reset link
$reset_link = 'http://' . $_SERVER['HTTP_HOST'] . '/reset_password.php?token=' . $token;
// For now, we just display the link. Later we will send it by email.
$message = 'Password reset link: ' . $reset_link . '';
} else {
$message = 'If your email address exists in our database, you will receive a password reset link.';
}
} catch (PDOException $e) {
$message = 'Database error: ' . $e->getMessage();
}
}
}
require_once __DIR__ . '/includes/header.php';
?>
Forgot Password
Please enter your email address to receive a password reset link.