prepare( "SELECT c.* FROM credentials c " . "JOIN clients cl ON c.client_id = cl.client_id " . "WHERE c.credential_id = ? AND cl.user_id = ?" ); $stmt->execute([$credential_id, $_SESSION['user_id']]); $credential = $stmt->fetch(PDO::FETCH_ASSOC); if (!$credential) { // Credential not found header('Location: dashboard.php'); exit; } $client_id = $credential['client_id']; // For redirecting back // Handle form submission if ($_SERVER['REQUEST_METHOD'] === 'POST') { $name = trim($_POST['name']); $username = trim($_POST['username']); $password = $_POST['password']; // Don't trim password $url = trim($_POST['url']); $notes = trim($_POST['notes']); // Basic validation if (empty($name) || empty($username)) { $error = "Credential Name and Username are required."; } else { // To securely update, we must join against the clients table to check the user_id. $sql = "UPDATE credentials c " . "JOIN clients cl ON c.client_id = cl.client_id " . "SET c.name = ?, c.username = ?, c.url = ?, c.notes = ?, c.updated_at = NOW()"; $params = [$name, $username, $url, $notes]; if (!empty($password)) { $sql .= ", c.password = ?"; $params[] = $password; } $sql .= " WHERE c.credential_id = ? AND cl.user_id = ?"; $params[] = $credential_id; $params[] = $_SESSION['user_id']; $updateStmt = $pdo->prepare($sql); $updateStmt->execute($params); log_audit_event('credential_edit', $_SESSION['user_id'], 'credential', $credential_id); // Redirect back to the client detail page with a success message header("Location: dashboard.php?client_id=$client_id&status=credential_updated"); exit; } } $displayName = $_SESSION['user_display_name'] ?? 'User'; ?> Edit Credential - FlexPass

Edit Credential

Enter a new password only if you want to change it.
Cancel