<?php
session_start();
require_once __DIR__ . '/includes/db.php';
require_once __DIR__ . '/includes/functions.php';
$email = $_GET['email'] ?? ($_POST['email'] ?? '');
$token = $_GET['token'] ?? ($_POST['token'] ?? '');
$error = '';
$success = '';
$valid = false;
if ($email && $token) {
    try {
        $stmt = $pdo->prepare("SELECT * FROM users WHERE email = ? LIMIT 1");
        $stmt->execute([$email]);
        $user = $stmt->fetch(PDO::FETCH_ASSOC);
        if ($user) {
            $tokenCol = null; $expCol = null;
            $candidatesToken = ['password_reset_token','reset_token','reset_password_token','verification_token'];
            $candidatesExp = ['password_reset_expires_at','reset_expires_at','reset_password_expires_at','verification_expires_at'];
            foreach ($candidatesToken as $c) { if (function_exists('tableHasColumn') && tableHasColumn('users',$c)) { $tokenCol = $c; break; } }
            foreach ($candidatesExp as $c) { if (function_exists('tableHasColumn') && tableHasColumn('users',$c)) { $expCol = $c; break; } }
            $provided = hash('sha256', $token);
            $stored = $tokenCol ? ($user[$tokenCol] ?? null) : null;
            $notExpired = true;
            if ($expCol && !empty($user[$expCol])) { $notExpired = strtotime($user[$expCol]) >= time(); }
            if ($stored && hash_equals($stored, $provided) && $notExpired) { $valid = true; }
            if (!$tokenCol && isset($_SESSION['pwd_reset'][$email])) {
                $session = $_SESSION['pwd_reset'][$email];
                if (!empty($session['hash']) && hash_equals($session['hash'], $provided) && time() <= ($session['exp'] ?? 0)) { $valid = true; }
            }
        }
    } catch (Exception $e) {
        $error = "Invalid or expired link.";
    }
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $pass = $_POST['password'] ?? '';
    $confirm = $_POST['confirm'] ?? '';
    if (!$valid) {
        $error = "Invalid or expired link.";
    } elseif (strlen($pass) < 8 || $pass !== $confirm) {
        $error = "Passwords must match and be at least 8 characters.";
    } else {
        try {
            $hash = password_hash($pass, PASSWORD_BCRYPT);
            $stmt = $pdo->prepare("SELECT id FROM users WHERE email = ? LIMIT 1");
            $stmt->execute([$email]);
            $uid = $stmt->fetchColumn();
            if ($uid) {
                $tokenCol = null; $expCol = null;
                $candidatesToken = ['password_reset_token','reset_token','reset_password_token','verification_token'];
                $candidatesExp = ['password_reset_expires_at','reset_expires_at','reset_password_expires_at','verification_expires_at'];
                foreach ($candidatesToken as $c) { if (function_exists('tableHasColumn') && tableHasColumn('users',$c)) { $tokenCol = $c; break; } }
                foreach ($candidatesExp as $c) { if (function_exists('tableHasColumn') && tableHasColumn('users',$c)) { $expCol = $c; break; } }
                $sql = "UPDATE users SET password = ?";
                $params = [$hash];
                if ($tokenCol) { $sql .= ", $tokenCol = NULL"; }
                if ($expCol) { $sql .= ", $expCol = NULL"; }
                $sql .= " WHERE id = ?";
                $params[] = $uid;
                $upd = $pdo->prepare($sql);
                $upd->execute($params);
                unset($_SESSION['pwd_reset'][$email]);
                header("Location: login.php?toast=" . urlencode("Password updated. You can now sign in.") . "&type=success");
                exit;
            } else {
                $error = "Account not found.";
            }
        } catch (Exception $e) {
            $error = "Could not update password.";
        }
    }
}
$sysCompanyName = getSetting('company_name', 'Aiben Properties');
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Reset Password | <?= htmlspecialchars($sysCompanyName) ?></title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
</head>
<body class="auth-page">
<div class="container py-5">
  <div class="row justify-content-center">
    <div class="col-md-6">
      <div class="card shadow-sm">
        <div class="card-body p-4">
          <h5 class="mb-3">Reset Password</h5>
          <?php if ($error): ?><div class="alert alert-danger"><?= htmlspecialchars($error) ?></div><?php endif; ?>
          <?php if ($success): ?>
            <div class="alert alert-success"><?= htmlspecialchars($success) ?></div>
            <a href="login.php" class="btn btn-primary">Go to Sign In</a>
          <?php elseif ($valid): ?>
            <form method="POST">
              <input type="hidden" name="email" value="<?= htmlspecialchars($email) ?>">
              <input type="hidden" name="token" value="<?= htmlspecialchars($token) ?>">
              <div class="mb-3">
                <label class="form-label">New Password</label>
                <input type="password" class="form-control" name="password" required>
              </div>
              <div class="mb-3">
                <label class="form-label">Confirm Password</label>
                <input type="password" class="form-control" name="confirm" required>
              </div>
              <div class="d-flex gap-2">
                <button type="submit" class="btn btn-primary">Set Password</button>
                <a href="login.php" class="btn btn-outline-secondary">Cancel</a>
              </div>
            </form>
          <?php else: ?>
            <div class="alert alert-warning">Invalid or expired link.</div>
            <a href="forgot-password.php" class="btn btn-outline-secondary">Request a new link</a>
          <?php endif; ?>
        </div>
      </div>
    </div>
  </div>
</div>
</body>
</html>