prepare("SELECT * FROM users WHERE id = ?");
$stmt->execute([$user_id]);
$user = $stmt->fetch();
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$action = $_POST['action'] ?? '';
if ($action === 'update_profile') {
$email = trim($_POST['email'] ?? '');
$current_password = $_POST['current_password'] ?? '';
$new_password = $_POST['new_password'] ?? '';
$confirm_password = $_POST['confirm_password'] ?? '';
if (empty($email)) {
$error = 'L\'email ne peut pas être vide.';
} elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error = 'Email invalide.';
} elseif (!password_verify($current_password, $user['password'])) {
$error = 'Mot de passe actuel incorrect.';
} else {
// Update password if provided
if (!empty($new_password)) {
if ($new_password !== $confirm_password) {
$error = 'Les nouveaux mots de passe ne correspondent pas.';
} else {
$hashed_password = password_hash($new_password, PASSWORD_DEFAULT);
$stmt = $db->prepare("UPDATE users SET email = ?, password = ? WHERE id = ?");
$stmt->execute([$email, $hashed_password, $user_id]);
$success = 'Profil et mot de passe mis à jour avec succès.';
}
} else {
$stmt = $db->prepare("UPDATE users SET email = ? WHERE id = ?");
$stmt->execute([$email, $user_id]);
$success = 'Profil mis à jour avec succès.';
}
// Refresh user data
$stmt = $db->prepare("SELECT * FROM users WHERE id = ?");
$stmt->execute([$user_id]);
$user = $stmt->fetch();
}
}
}
?>
Mon Profil - Nexus