prepare("SELECT * FROM password_resets WHERE token = ? AND expires_at > NOW() LIMIT 1"); $stmt->execute([$token]); $reset = $stmt->fetch(); if (!$reset) { $error = "This password reset link is invalid or has expired."; } if ($_SERVER['REQUEST_METHOD'] === 'POST' && $reset) { $password = $_POST['password'] ?? ''; $confirm = $_POST['confirm_password'] ?? ''; if (strlen($password) < 8) { $error = "Password must be at least 8 characters long."; } elseif ($password !== $confirm) { $error = "Passwords do not match."; } else { $hashed = password_hash($password, PASSWORD_DEFAULT); db()->beginTransaction(); try { $stmt = db()->prepare("UPDATE users SET password = ?, require_password_change = 0 WHERE email = ?"); $stmt->execute([$hashed, $reset['email']]); $stmt = db()->prepare("DELETE FROM password_resets WHERE email = ?"); $stmt->execute([$reset['email']]); // Log the password change activity $ip = Auth::getIpAddress(); $stmt = db()->prepare("INSERT INTO activity_log (tenant_id, action, details) VALUES (?, ?, ?)"); $stmt->execute([0, 'Password Changed', "Email: {$reset['email']}, IP: $ip"]); db()->commit(); $success = true; } catch (\Exception $e) { db()->rollBack(); $error = "An error occurred while resetting your password."; } } } ?> Reset Password - SR&ED Manager

NEW PASSWORD

Please set your new secure password

Your password has been successfully reset.
Login Now
Request New Link
Minimum 8 characters.