29 lines
929 B
PHP
29 lines
929 B
PHP
<?php
|
|
require_once 'auth/session.php';
|
|
header('Content-Type: application/json');
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$user = getCurrentUser();
|
|
if (!$user) {
|
|
echo json_encode(['success' => false, 'error' => 'Unauthorized']);
|
|
exit;
|
|
}
|
|
|
|
$username = $_POST['username'] ?? $user['username'];
|
|
$avatar_url = $_POST['avatar_url'] ?? $user['avatar_url'];
|
|
|
|
try {
|
|
$stmt = db()->prepare("UPDATE users SET username = ?, avatar_url = ? WHERE id = ?");
|
|
$stmt->execute([$username, $avatar_url, $user['id']]);
|
|
|
|
$_SESSION['username'] = $username; // Update session if stored (though getCurrentUser fetches from DB)
|
|
|
|
echo json_encode(['success' => true]);
|
|
} catch (Exception $e) {
|
|
echo json_encode(['success' => false, 'error' => $e->getMessage()]);
|
|
}
|
|
exit;
|
|
}
|
|
|
|
echo json_encode(['success' => false, 'error' => 'Invalid request']);
|