How to generate a "password reset" type of "one-time link"

How to generate a "password reset" type of "one-time link"
Rt.
Just like some websites used to give forgotten passwords to users, provide a link to the password reset.

Send to the user registered mailbox of the kind, can only be triggered once, once used once can not be used.

Sometimes there are time limits, such as links that work within 24 hours.

Who knows how this is implemented with PHP.

Thank you.

------Solution--------------------
Time axis control. Make a connection, record the generation time, and then set the time of death. Over 24 hours or more after one click
------Solution--------------------
Based on the timestamp of what the generation of a reversible encrypted string is obtained and then the restore verifies whether the validation time expires.
------Solution--------------------
To achieve a one-time, it is necessary to record the encryption string, each receive a connection request to the record to check
------Solution--------------------
"Disposable"???
It's simple, you just have to check the table, pass it in the table, or reject it.

Only one field in the table char (32) is set as the primary key
Store only MD5 values that require verification of content
Operation is also very simple, execute delete from tbl_name where key= ' value '
If Mysql_affected_rows returns 0, it means it failed.

This scheme can verify any "one-time", as long as you get the MD5 to validate the object. No scruples about verifying the real content of the object
------Solution--------------------
Nonsense.

Click Reset Password, you will be inserted into the database line, there is a self-increment ID to do key, and have a user name, whether to complete the validation, the creation date Time_stamp, unique identifier MD5. (For database security, generate a MD5 value for identification to the user, MD5 (ID. Username. time)).
Then send a URL in the mail: Xxxx.com?id=md5 can.

When the user accesses this URL, the MD5 is found in the database and the tag is completed.
------Solution--------------------
= = also use a table? This kind of data is supposed to make trouble for DBAs ...

Just use Username + Unixtimestamp + A key and then hash it out for a few bits, okay? ....

When the validation time-out, extract the Unixtimestamp field, you can do the time limit ...
------Solution--------------------
I'm talking about my train of thought. Actually, it's simple.
Because the session is a lifetime, the session expires at the same time the link automatically expires.
Ideas:
After the user identity is determined. Generate a unique identity using the session id+ user name

PHP Code

$_session[' Forget_code ']=md5 (session_id (). ' XXX ');        XXX is the user name to reset the password/* generated link as follows */$href = "http://www.domain.com/forget.php?code={$_session[' Forget_code '}";
------Solution--------------------
1, the user's application time can be recorded in the database
