As I've told you before, just generate the uniqid() when the user CLICKS THE FORGOT PASSWORD LINK.
Then store it in the table and send the email with the link.
When the user clicks it, check the user id in the link, select their record and check that the key from the link matches what is in the reset column. If it is, it's the legitimate user. If not then output an error.
The reason I don't want you to generate a uniqid() when the users register is because if someone hacks your site and gets into your db and grabs your reset column they can screw over every single user of your site. Therefore you only put it there when its needed.
My helpful sig has gone because a mod below the administrator gave me an infraction - despite the administrator personally agreeing to it.
If you need any php tips or tricks you can PM me.