Untitled

<?php
session_start();
$servername = "localhost";
$username = "admin1";
$password = "angelo123";
$dbname = "taskydb";
// Create a connection to the database
$conn = new mysqli($servername, $username, $password, $dbname);
if($conn->connect_error){
    die("Could no reach database");
}

if(isset($_GET['code'])){
    $code = $_GET['code'];
    $verifyq = $conn->query("SELECT * FROM users WHERE code = '$code'");

    if($verifyq->num_rows == 0){
        header("Location: ../index.php");
        exit();
    }
        
    if(isset($_POST['submit'])){
        $email = $_POST['email'];
        $new_password = $_POST['new_password'];

        $changeq = $conn->query("UPDATE users SET password = '$new_password' WHERE email = '$email' and code = '$code'");

        if($changeq){
            echo "<script>alert('An Email has been Sent to you for reseting your password!');</script>";
            echo "<script>setTimeout(function(){window.location.href='../index.php';}, 3000);</script>";
        }
    }
    $conn->close();
}
else{
    echo "<script>alert('There was a problem changing your password');</script>";
    echo "<script>setTimeout(function(){window.location.href='../index.php';}, 3000);</script>";
}
?>