prepare("SELECT id, username, reset_token_expiry FROM users WHERE reset_token = ? AND is_deleted = 0 LIMIT 1"); $stmt->execute([$token]); $user = $stmt->fetch(PDO::FETCH_ASSOC); if (!$user || strtotime($user['reset_token_expiry']) < time()) { $error = "This password reset link is invalid or has expired."; } if ($_SERVER['REQUEST_METHOD'] === 'POST' && !$error) { $password = $_POST['password'] ?? ''; $confirmPassword = $_POST['confirm_password'] ?? ''; if (empty($password)) { $error = "Please enter a new password."; } elseif ($password !== $confirmPassword) { $error = "Passwords do not match."; } elseif (strlen($password) < 6) { $error = "Password must be at least 6 characters long."; } else { $hashedPassword = password_hash($password, PASSWORD_DEFAULT); $stmt = $pdo->prepare("UPDATE users SET password = ?, reset_token = NULL, reset_token_expiry = NULL WHERE id = ?"); $stmt->execute([$hashedPassword, $user['id']]); header("Location: login.php?reset=success"); exit; } } ?> Reset Password - <?= htmlspecialchars($settings['company_name']) ?>

Set New Password

Choose a secure password for your account

Request a new reset link