Validate email address after user changes it

The new email address is temporarily stored in a Token, using a new type
(TOKEN_ACCOUNT_CHANGE_EMAIL), and a confirmation email is sent to the
user (new email_send_email_verification_url() function).

string_get_confirm_hash_url() gets a new optional parameter ($p_page)
to specify the target verification page.

A new verify_email.php page allows the user to confirm that the address
is valid, and update the account.

New language strings to support the new functionality have been defined

ERROR_LOST_PASSWORD_CONFIRM_HASH_INVALID error message has been modified
to remove Please signup again., making it more generic and allowing
its reuse in the email verification context.

Fixes 0036005, CVE-2025-55155