35036-vm/settings.php

<?php
session_start();
if (!isset($_SESSION['user_id'])) {
    header('Location: index.php');
    exit;
}
require_once 'db/config.php';
$user_id = $_SESSION['user_id'];
$username = $_SESSION['username'] ?? 'User';

// Fetch user email (assuming it's stored in the users table)
$email = 'email@example.com'; // Default
try {
    $pdo = db();
    $stmt = $pdo->prepare("SELECT email FROM users WHERE id = ?");
    $stmt->execute([$user_id]);
    $user = $stmt->fetch();
    if ($user && $user['email']) {
        $email = htmlspecialchars($user['email']);
    }
} catch (PDOException $e) {
    // Log error or handle it gracefully
    // For now, we just use the default
}

$page_title = "Settings";

?>
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title><?php echo htmlspecialchars($page_title); ?> - YourApp</title>
    <link rel="stylesheet" href="assets/css/glass-theme.css?v=<?php echo time(); ?>">
    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css">
</head>
<body>

    <div class="app-container">
        <!-- Sidebar -->
        <div class="sidebar">
            <div class="logo">
                AI-App
            </div>
            <ul class="nav-menu">
                <li class="nav-item">
                    <a href="app.php"><i class="fas fa-sticky-note"></i> Notes</a>
                </li>
                <li class="nav-item active">
                    <a href="settings.php"><i class="fas fa-cog"></i> Settings</a>
                </li>
            </ul>
            <div class="logout-link">
                <a href="logout.php"><i class="fas fa-sign-out-alt"></i> Logout</a>
            </div>
        </div>

        <!-- Main Content -->
        <main class="main-content">
            <h1><?php echo htmlspecialchars($page_title); ?></h1>

            <div class="glass-panel">
                <form id="settings-form" action="api/settings.php" method="POST">
                    
                    <h2>Profile Information</h2>
                    <p style="color: var(--text-muted); margin-top: -1rem; margin-bottom: 2rem;">Your profile details are managed by the system.</p>

                    <div class="form-group">
                        <label for="username">Username</label>
                        <input type="text" id="username" name="username" class="form-control" value="<?php echo htmlspecialchars($username); ?>" disabled>
                    </div>

                    <div class="form-group">
                        <label for="email">Email</label>
                        <input type="email" id="email" name="email" class="form-control" value="<?php echo $email; ?>" disabled>
                    </div>

                    <hr style="border: none; border-top: 1px solid var(--glass-border); margin: 2rem 0;">

                    <h2>Change Password</h2>

                    <div class="form-group">
                        <label for="current_password">Current Password</label>
                        <input type="password" id="current_password" name="current_password" class="form-control" required>
                    </div>

                    <div class="form-group">
                        <label for="new_password">New Password</label>
                        <input type="password" id="new_password" name="new_password" class="form-control" required>
                    </div>

                    <div class="form-group">
                        <label for="confirm_password">Confirm New Password</label>
                        <input type="password" id="confirm_password" name="confirm_password" class="form-control" required>
                    </div>

                    <button type="submit" class="btn btn-primary">Save Changes</button>
                </form>
                <div id="settings-message" style="margin-top: 1rem;"></div>
            </div>
        </main>
    </div>

    <script>
        // Simple AJAX for form submission
        document.getElementById('settings-form').addEventListener('submit', function(e) {
            e.preventDefault();
            const form = e.target;
            const messageDiv = document.getElementById('settings-message');
            const formData = new FormData(form);

            fetch(form.action, {
                method: 'POST',
                body: formData
            })
            .then(response => response.json())
            .then(data => {
                messageDiv.style.padding = '1rem';
                messageDiv.style.borderRadius = '8px';
                if (data.success) {
                    messageDiv.textContent = data.success;
                    messageDiv.style.backgroundColor = 'rgba(46, 204, 113, 0.2)';
                    messageDiv.style.color = '#2ecc71';
                    form.reset();
                } else {
                    messageDiv.textContent = data.error || 'An unknown error occurred.';
                    messageDiv.style.backgroundColor = 'rgba(231, 76, 60, 0.2)';
                    messageDiv.style.color = '#e74c3c';
                }
            })
            .catch(error => {
                messageDiv.style.padding = '1rem';
                messageDiv.style.borderRadius = '8px';
                messageDiv.textContent = 'A network error occurred. Please try again.';
                messageDiv.style.backgroundColor = 'rgba(231, 76, 60, 0.2)';
                messageDiv.style.color = '#e74c3c';
            });
        });
    </script>

</body>
</html>