recupera password via mail salva pasword password_hash

[Imperor]

buongiorno sono riuscito a resettare la password via mail ma la salva in chiaro sto tentando di inserire password_hash per salvarla criptata ma non riesco chiedo aiuto grazie

<?php
require_once 'db.php';
$kode=$_GET['code'];
$username = $_GET['username'];

//check link vorrei inserire //$password = password_hash($password, PASSWORD_DEFAULT);
 if (isset($kode) && isset($username)){
 $db_user = user($username);
 $row = mysqli_fetch_assoc($db_user);
 $codice = $row ['codice'];
 $db_username = $row ['username'];

//check between tokens & usernames that are in links and databases
if ($codice==$kode && $db_username==$username){
  //check submit
  if  (isset($_POST['submit'])) {
  $password = $_POST['password'];
  $konfir_pass = $_POST['konfir_password'];
  //check password
  if ($password==$konfir_pass) {
  echo "le password sono state aggiornate";
    update_pass($konfir_pass, $username);
    header('location:index.php');
  }else {echo "password non corrisponde";}
  }
}else{echo "codice & username non corrisponde";}
}else{echo "il collegamento è sbagliato";}

?>
<!DOCTYPE html>
<html>
<head>
<title>Send Email</title>
</head>
<body>
<h3>Change your password</h3>
<form action=""  method="post">
<label>password</label><br>
<input type="text" name="password" placeholder="password"><br>
<label>new password</label><br>
<input type="text" name="konfir_password" placeholder="new password"><br>
<input type="submit" name="submit">
</form>
</body>
</html>

 

[Imperor]

risolto

 

[Imperor]

aribuon di e buon primo maggio è vero ho risolto ma mi da 2 errori

<?php
require_once 'db.php';
$kode=$_GET['code'];
$username = $_GET['username'];

//check link
 if (isset($kode) && isset($username)){
 $db_user = user($username);
 $row = mysqli_fetch_assoc($db_user);
 $codice = $row ['codice'];
 $db_username = $row ['username'];

//check between tokens & usernames that are in links and databases
if ($codice==$kode && $db_username==$username){
  //check submit
  if  (isset($_POST['submit'])) {
  $password = $_POST['password'];
  $konfir_pass = $_POST['konfir_password'];
  //check password
  if ($password==$konfir_pass) { //qui da errore
  $konfir_pass = password_hash($password, PASSWORD_DEFAULT); 
  echo "le password sono state aggiornate";
    update_pass($konfir_pass, $username);
    header('location:index.php'); //qui da errore
  }else {echo "password non corrisponde";}
  }
}else{echo "codice & username non corrisponde";}
}else{echo "il collegamento è sbagliato";}

?>
<!DOCTYPE html>
<html>
<head>
<title>Send Email</title>
</head>
<body>
<h3>Change your password</h3>
<form action=""  method="post">
<label>password</label><br>
<input type="text" name="password" placeholder="password"><br>
<label>new password</label><br>
<input type="text" name="konfir_password" placeholder="new password"><br>
<input type="submit" name="submit">
</form>
</body>
</html>