prepare("SELECT email FROM password_resets WHERE token = ?");
$stmt->execute([$token_post]);
$reset = $stmt->fetch();
if ($reset) {
$email = $reset['email'];
$new_hash = password_hash($pass1, PASSWORD_DEFAULT);
// Update User Password
$pdo->prepare("UPDATE users SET password_hash = ? WHERE email = ?")->execute([$new_hash, $email]);
// Delete Token
$pdo->prepare("DELETE FROM password_resets WHERE email = ?")->execute([$email]);
$success = "Password updated successfully! Login Now";
} else {
$error = "Invalid or expired token.";
}
}
}
?>