1) This is not in conflict with what I stated.
The tutorial has "Email new unencrypted password"
I stated: "You can't email an encrypted password."
The directions don't say "Email new encrypted password" because that isn't possible as I have stated... The tutorial covers scenarios where the password is not encrypted... that is the difference.
Since it uses one way encryption you can't unencrypt once it is encrypted. It is either stored unencrypted or encrypted and if it is encrypted it won't help to email it.
You can set a random variable in the user table and email that to the user in a link back to a page where they are allowed to update their password by specifying a new one. You match the userID to the random variable and allow them to then update the password and encrypt it and store it in the database again. The tutorial should cover this.