I have a question regarding my password reset link. So far I have managed to generate a random token using sha256, append it to the URL - domain.com/reset/randomtoken - and email the link to the respective user. My question is, which function would I use to have this go to reset.php instead of it thinking there's a directory called domain.com/reset/randomtoken. Thanks in advance, I'm still a noobie at this.
Either configure your web server (Apache, nginx, etc) to redirect that path to your PHP file, or make your life easier and generate a link that looks like this instead:
domain.com/reset.php?token=randomtoken
Then use $_GET['token'] to retrieve the value.