0) {
$token_data = mysqli_fetch_assoc($token_validation_query);
if ($token_data['used'] == 1) {
$error_message = "This password reset link has already been used. Please request a new one if needed.";
} elseif (strtotime($token_data['expires_at']) <= strtotime($current_time_str)) {
$error_message = "This password reset link has expired. Please request a new one if needed.";
// Optionally, delete the purely expired token now to keep the table clean
// mysqli_query($con, "DELETE FROM password_reset_tokens WHERE token='$token_from_url'");
} else {
// Token is valid and can be used
$show_form = true;
}
} else {
// Token was not found in the database
$error_message = "Invalid password reset token. It may not exist in our system or has been cleaned up. Please request a new one if needed.";
}
} else {
$error_message = "No reset token provided. Please use the link sent to your email.";
}
// Set success flag if applicable
if (isset($_SESSION['info_reset_password'])) {
$is_success = (strpos(strtolower($_SESSION['info_reset_password']), 'success') !== false);
}
?>