' . "Someone has requested a password reset email (IP: $ip)
" . "To recover your password, click here: http://{$wsa}/forgotpass.php?key=$rkey&username=$username
" . "If this was not you, no further action is needed. If you are constantly receiving these emails, but did not request
" . "a new password, please contact us with the IP printed above.
" . "
" . "Cheers,
" . "The {$wsn} Team
"; $sgmail->sendmail($to, $subject, $message); //actually send the email } public function hash($pass) { $opts = [ 'cost' => 10, ]; $hashed = password_hash($pass, PASSWORD_BCRYPT, $opts); return $hashed; } public function changepass($newpass, $username) { global $mysqli; $username = $mysqli->real_escape_string($username); $hashpass = $this->hash($newpass); $qr = "UPDATE auth SET password='{$hashpass}' WHERE username='{$username}';"; $e = $mysqli->query($qr) or showerror(); return true; } }