4WDCSA.co.za/send_reset_link.php

<?php
require_once("connection.php");
require_once("functions.php");

$response = array('status' => 'error', 'message' => 'Something went wrong');

if (isset($_POST['email'])) {
    $email = $_POST['email'];

    // Check if the email exists
    $sql = "SELECT user_id FROM users WHERE email = ?";
    $stmt = $conn->prepare($sql);
    $stmt->bind_param("s", $email);
    $stmt->execute();
    $result = $stmt->get_result();

    if ($result->num_rows > 0) {
        $user = $result->fetch_assoc();
        $user_id = $user['user_id'];
        
        // Generate a unique token
        $token = bin2hex(random_bytes(50));

        // Store the token and expiration time in the database
        $expiry = date("Y-m-d H:i:s", strtotime('+3 hour')); // Token expires in 1 hour
        $sql = "INSERT INTO password_resets (user_id, token, expires_at) VALUES (?, ?, ?)
                ON DUPLICATE KEY UPDATE token = VALUES(token), expires_at = VALUES(expires_at)";
        $stmt = $conn->prepare($sql);
        $stmt->bind_param("iss", $user_id, $token, $expiry);
        $stmt->execute();

        // Send the reset link to the user
        $reset_link = "https://www.4wdcsa.co.za/reset_password.php?token=$token";
        $subject = "Password Reset Request";
        $message = "Click the following link to reset your password: $reset_link";
        sendEmail($email, $subject, $message);

        $response['status'] = 'success';
        $response['message'] = 'Password reset link has been sent to your email.';
    } else {
        $response['message'] = 'Email not found.';
    }
}

echo json_encode($response);
?>