prepare("SELECT role FROM users WHERE id = ?"); $stmt->execute([$adminId]); $adminUser = $stmt->fetch(PDO::FETCH_ASSOC); if (!$adminUser || $adminUser['role'] !== 'admin') { die("Access Denied."); } if (!isset($_GET['user_id'])) { die("User ID not specified."); } $userIdToReset = $_GET['user_id']; // Generate a new random password $newPassword = bin2hex(random_bytes(8)); // 16 characters $hashedPassword = password_hash($newPassword, PASSWORD_DEFAULT); // Update the user's password $stmt = $db->prepare("UPDATE users SET password = ? WHERE id = ?"); $stmt->execute([$hashedPassword, $userIdToReset]); // Fetch user name for display $stmt = $db->prepare("SELECT name, email FROM users WHERE id = ?"); $stmt->execute([$userIdToReset]); $userToReset = $stmt->fetch(PDO::FETCH_ASSOC); ?> Password Reset - Admin

Password Reset Successful!

The password for user () has been reset.

New Password:

Security Warning: This is a temporary and insecure password reset method. Please advise the user to change their password immediately. A proper, secure password reset flow (e.g., via email with a token) should be implemented.
Back to Admin Panel