101 lines
3.9 KiB
PHP
101 lines
3.9 KiB
PHP
<?php
|
|
require_once 'includes/header.php';
|
|
require_once 'db/config.php';
|
|
|
|
// Redirect to login if not authenticated
|
|
if (!isset($_SESSION['user_id'])) {
|
|
header('Location: login.php');
|
|
exit();
|
|
}
|
|
|
|
$error = null;
|
|
$success = null;
|
|
|
|
// Check for flash messages
|
|
if (isset($_SESSION['flash_message'])) {
|
|
$success = $_SESSION['flash_message'];
|
|
unset($_SESSION['flash_message']);
|
|
}
|
|
|
|
$user_id = $_SESSION['user_id'];
|
|
|
|
// Fetch user subscription data
|
|
try {
|
|
$pdo = db();
|
|
$stmt = $pdo->prepare('SELECT subscription_plan, subscription_expires_at FROM users WHERE id = ?');
|
|
$stmt->execute([$user_id]);
|
|
$user = $stmt->fetch(PDO::FETCH_ASSOC);
|
|
} catch (PDOException $e) {
|
|
$error = "Database error: " . $e->getMessage();
|
|
$user = ['subscription_plan' => null, 'subscription_expires_at' => null];
|
|
}
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$password = $_POST['password'] ?? '';
|
|
$password_confirm = $_POST['password_confirm'] ?? '';
|
|
|
|
if (!empty($password) && $password === $password_confirm) {
|
|
try {
|
|
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
|
|
$stmt = $pdo->prepare('UPDATE users SET password = ? WHERE id = ?');
|
|
$stmt->execute([$hashed_password, $user_id]);
|
|
$success = t('profile_updated_successfully');
|
|
} catch (PDOException $e) {
|
|
$error = "Database error: " . $e->getMessage();
|
|
}
|
|
} elseif (!empty($password)) {
|
|
$error = t('passwords_do_not_match');
|
|
}
|
|
}
|
|
?>
|
|
|
|
<main class="container auth-container">
|
|
<div class="card">
|
|
<div class="card-header">
|
|
<h2><?= t('profile_heading') ?></h2>
|
|
</div>
|
|
<div class="card-body">
|
|
<p class="text-center"><?= t('profile_subtitle') ?></p>
|
|
|
|
<?php if ($error): ?>
|
|
<div class="alert alert-danger"><?= $error ?></div>
|
|
<?php endif; ?>
|
|
<?php if ($success): ?>
|
|
<div class="alert alert-success"><?= $success ?></div>
|
|
<?php endif; ?>
|
|
|
|
<div class="card-section">
|
|
<h4><?= t('nav_subscription') ?></h4>
|
|
<?php if ($user && $user['subscription_plan']): ?>
|
|
<p><strong><?= t('plan') ?>:</strong> <?= htmlspecialchars(ucfirst($user['subscription_plan'])) ?></p>
|
|
<p><strong><?= t('expires_on') ?>:</strong> <?= date("F j, Y", strtotime($user['subscription_expires_at'])) ?></p>
|
|
<a href="pricing.php" class="btn btn-secondary btn-sm"><?= t('change_plan') ?></a>
|
|
<?php else: ?>
|
|
<p><?= t('no_active_subscription') ?></p>
|
|
<a href="pricing.php" class="btn btn-primary"><?= t('choose_plan_to_start') ?></a>
|
|
<?php endif; ?>
|
|
</div>
|
|
|
|
<hr>
|
|
|
|
<form action="profile.php" method="POST" id="profile-form" novalidate>
|
|
<div class="form-group">
|
|
<label for="email"><?= t('email') ?></label>
|
|
<input type="email" id="email" name="email" class="form-control" value="<?= htmlspecialchars($_SESSION['user_email'] ?? '') ?>" disabled>
|
|
<small class="form-text text-muted"><?= t('email_cannot_be_changed') ?></small>
|
|
</div>
|
|
<div class="form-group">
|
|
<label for="password"><?= t('new_password') ?></label>
|
|
<input type="password" id="password" name="password" class="form-control">
|
|
</div>
|
|
<div class="form-group">
|
|
<label for="password_confirm"><?= t('confirm_new_password') ?></label>
|
|
<input type="password" id="password_confirm" name="password_confirm" class="form-control">
|
|
</div>
|
|
<button type="submit" class="btn btn-primary"><?= t('update_profile_button') ?></button>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
</main>
|
|
|
|
<?php require_once 'includes/footer.php'; ?>
|