60 lines
1.7 KiB
PHP
60 lines
1.7 KiB
PHP
<?php
|
|
session_start();
|
|
|
|
if (!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true) {
|
|
header("location: login.php");
|
|
exit;
|
|
}
|
|
|
|
require_once 'db/config.php';
|
|
|
|
$user_id = $_SESSION["id"];
|
|
|
|
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
|
$name = trim($_POST["name"]);
|
|
$email = trim($_POST["email"]);
|
|
$new_password = $_POST["new_password"];
|
|
$confirm_password = $_POST["confirm_password"];
|
|
|
|
$pdo = db();
|
|
$sql = "UPDATE users SET name = :name, email = :email";
|
|
|
|
// Password update logic
|
|
if (!empty($new_password)) {
|
|
if (strlen($new_password) < 6) {
|
|
$_SESSION['error_message'] = "Password must have at least 6 characters.";
|
|
header("location: profile.php");
|
|
exit;
|
|
} elseif ($new_password != $confirm_password) {
|
|
$_SESSION['error_message'] = "Passwords do not match.";
|
|
header("location: profile.php");
|
|
exit;
|
|
}
|
|
$sql .= ", password = :password";
|
|
$hashed_password = password_hash($new_password, PASSWORD_DEFAULT);
|
|
}
|
|
|
|
$sql .= " WHERE id = :id";
|
|
|
|
if ($stmt = $pdo->prepare($sql)) {
|
|
$stmt->bindParam(":name", $name, PDO::PARAM_STR);
|
|
$stmt->bindParam(":email", $email, PDO::PARAM_STR);
|
|
$stmt->bindParam(":id", $user_id, PDO::PARAM_INT);
|
|
|
|
if (!empty($new_password)) {
|
|
$stmt->bindParam(":password", $hashed_password, PDO::PARAM_STR);
|
|
}
|
|
|
|
if ($stmt->execute()) {
|
|
$_SESSION['success_message'] = "Your profile has been updated successfully.";
|
|
} else {
|
|
$_SESSION['error_message'] = "Oops! Something went wrong. Please try again later.";
|
|
}
|
|
unset($stmt);
|
|
}
|
|
unset($pdo);
|
|
|
|
header("location: profile.php");
|
|
exit;
|
|
}
|
|
?>
|