require_once 'includes/header.php';
require_once 'includes/mailer.php';

$message = '';
$error = '';

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$email = trim($_POST['email']);

if (empty($email)) {
$error = $lang === 'ar' ? 'الرجاء إدخال البريد الإلكتروني.' : 'Please enter your email address.';
} else {
// Check if email exists
$stmt = $pdo->prepare("SELECT id, full_name FROM users WHERE email = ?");
$stmt->execute([$email]);
$user = $stmt->fetch();

if ($user) {
// Generate Token
$token = bin2hex(random_bytes(32));
$expires = date('Y-m-d H:i:s', strtotime('+1 hour'));

// Save to DB
$stmt = $pdo->prepare("UPDATE users SET reset_token = ?, reset_expires = ? WHERE id = ?");
$stmt->execute([$token, $expires, $user['id']]);

// Send Email
$resetLink = "https://liftmeup.ae/reset-password.php?token=" . $token;
$subject = "Password Reset - Lift Me Up / إعادة تعيين كلمة المرور";
require_once 'includes/email_templates.php';
$body = getPasswordResetEmailHtml($user['full_name'], $resetLink);

if (sendEmail($email, $subject, $body)) {
$message = $lang === 'ar'
? 'تم إرسال رابط إعادة تعيين كلمة المرور إلى بريدك الإلكتروني.'
: 'A password reset link has been sent to your email address.';
} else {
$error = $lang === 'ar' ? 'حدث خطأ أثناء إرسال البريد الإلكتروني.' : 'An error occurred while sending the email.';
}
} else {
// Security: show same message even if email doesn't exist to prevent email enumeration
$message = $lang === 'ar'
? 'إذا كان هذا البريد مسجلاً لدينا، فستتلقى رابطاً لإعادة تعيين كلمة المرور.'
: 'If this email is registered, you will receive a password reset link.';
}
}
}
?>

<div class="min-h-screen bg-gray-50 flex flex-col justify-center py-12 sm:px-6 lg:px-8">
    <div class="sm:mx-auto sm:w-full sm:max-w-md">
        <h2 class="mt-6 text-center text-3xl font-extrabold text-[#3E2723]">
            Forgot Password?        </h2>
        <p class="mt-2 text-center text-sm text-gray-600">
            Enter your email address and we will send you a link to reset your password.        </p>
    </div>

    <div class="mt-8 sm:mx-auto sm:w-full sm:max-w-md">
        <div class="bg-white py-8 px-4 shadow sm:rounded-lg sm:px-10">

            
            
            <form class="space-y-6" action="" method="POST">

                <!-- Email -->
                <div>
                    <label for="email" class="block text-sm font-medium text-gray-700">
                        Email address                    </label>
                    <div class="mt-1">
                        <input id="email" name="email" type="email" autocomplete="email" required
                            class="appearance-none block w-full px-3 py-2 border border-gray-300 rounded-md shadow-sm placeholder-gray-400 focus:outline-none focus:ring-[#3E2723] focus:border-[#3E2723] sm:text-sm">
                    </div>
                </div>

                <div>
                    <button type="submit"
                        class="w-full flex justify-center py-2 px-4 border border-transparent rounded-md shadow-sm text-sm font-medium text-white bg-[#3E2723] hover:bg-[#2C1810] focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-[#3E2723]">
                        Send Reset Link                    </button>
                </div>
            </form>

            <div class="mt-6">
                <div class="relative">
                    <div class="absolute inset-0 flex items-center">
                        <div class="w-full border-t border-gray-300"></div>
                    </div>
                    <div class="relative flex justify-center text-sm">
                        <span class="px-2 bg-white text-gray-500">
                            Remember your password?                        </span>
                    </div>
                </div>

                <div class="mt-6 text-center">
                    <a href="/login" class="font-medium text-[#3E2723] hover:text-[#2C1810]">
                        Back to Sign in                    </a>
                </div>
            </div>

        </div>
    </div>
</div>