<?php
session_start();
include_once("../includes/configuration.php"); // Adjust the path as needed
header('Content-Type: application/json'); // Set the header for JSON response
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (isset($_POST['token']) && isset($_POST['new_password'])) {
$token = $_POST['token'];
$new_password = $_POST['new_password'];
// Hash the new password securely
$hashed_password = md5($new_password);
// Update the password in the database
$stmt = $conn->prepare("UPDATE users SET password = ? WHERE token = ?");
$stmt->bind_param("ss", $hashed_password, $token);
if ($stmt->execute()) {
echo json_encode(['success' => true, 'message' => 'successfully change this password']);
} else {
echo json_encode(['success' => false, 'message' => 'Failed to update password.']);
}
$stmt->close();
} else {
echo json_encode(['success' => false, 'message' => 'Invalid input.']);
}
} else {
echo json_encode(['success' => false, 'message' => 'Invalid request method.']);
}
$conn->close();
?>