public function resetPassword($token, $newPassword) { // Check

1.     public function resetPassword($token, $newPassword)
2.     {
3.         // Check if the token is valid and not expired
4.         $sql = 'SELECT * FROM users WHERE reset_token = :token AND reset_token_expiry > NOW()';
5.         $stmt = $this->pdo->prepare($sql);
6.         $stmt->bindParam(':token', $token);
7.         $stmt->execute();
8.         $user = $stmt->fetch();
9.  
10.         if ($user) {
11.             // Update the password and clear the reset token
12.             $hashedPassword = password_hash($newPassword, PASSWORD_BCRYPT);
13.             $sql = 'UPDATE users SET password = :password, reset_token = NULL, reset_token_expiry = NULL WHERE id = :id';
14.             $stmt = $this->pdo->prepare($sql);
15.             $stmt->bindParam(':password', $hashedPassword);
16.             $stmt->bindParam(':id', $user['id']);
17.             $stmt->execute();
18.  
19.             return 'Your password has been reset successfully.';
20.         }
21.         return 'Invalid or expired token.';
22.     }