prepare("SELECT * FROM users WHERE id = ?"); $stmt->execute([$_SESSION['user_id']]); $user = $stmt->fetch(); $message = ''; $error = ''; if ($_SERVER['REQUEST_METHOD'] === 'POST') { $type = $_POST['type']; // login or trading $old_pass = $_POST['old_password']; $new_pass = $_POST['new_password']; $confirm_pass = $_POST['confirm_password']; if ($new_pass !== $confirm_pass) { $error = "New passwords do not match"; } else { if ($type === 'login') { if (password_verify($old_pass, $user['password'])) { $hashed = password_hash($new_pass, PASSWORD_DEFAULT); $stmt = $db->prepare("UPDATE users SET password = ? WHERE id = ?"); $stmt->execute([$hashed, $_SESSION['user_id']]); $message = "Login password updated successfully"; } else { $error = "Old login password incorrect"; } } else { // Trading password (simple for demo, but should be hashed in production) if ($old_pass === $user['trading_password']) { $stmt = $db->prepare("UPDATE users SET trading_password = ? WHERE id = ?"); $stmt->execute([$new_pass, $_SESSION['user_id']]); $message = "Trading password updated successfully"; } else { $error = "Old trading password incorrect"; } } } } ?>

Profile

Security Settings

Change Login Password

Change Trading Password

Default trading password is 123456