Are you sure you want to delete this ticket? This action cannot be undone.
Problem: if a user selects the "lost password " link after a password link has been sent, then the token-id is different and the user can not change the password. you need to make sure the first token expire. or the use is notified that a token was sent and will expire at certain point