aboutsummaryrefslogtreecommitdiff
path: root/user/update.php
diff options
context:
space:
mode:
Diffstat (limited to 'user/update.php')
-rw-r--r--user/update.php37
1 files changed, 37 insertions, 0 deletions
diff --git a/user/update.php b/user/update.php
new file mode 100644
index 0000000..1fe291a
--- /dev/null
+++ b/user/update.php
@@ -0,0 +1,37 @@
+<?php
+require '../config.php';
+require_once(TEMPLATES_PATH . "/header.php");
+require_once(TEMPLATES_PATH . "/panel.php");
+require_once(LIBRARY_PATH . "/functions.php");
+
+print_r($_POST);
+
+if (isset($_SESSION['user_id']) && $_SESSION['user_id'] != "") {
+ $conn = new PDO($config['db']['dsn'], $config['db']['username'], $config['db']['password']);
+ $query = $conn->prepare("UPDATE users SET username=:username, email=:email WHERE id={$_SESSION['user_id']}");
+ $query->bindParam(':username', $_POST['username']);
+ $query->bindParam(':email', $_POST['email']);
+
+ if($query->execute()) {
+ echo "<h2>Account updated</h2>";
+ } else {
+ echo "<h2>Account update failed</h2>";
+ }
+
+ if($_POST['password'] != "") {
+ $password = password_hash($_POST['password'], PASSWORD_ARGON2I);
+ $query = $conn->prepare("UPDATE users SET password=:password WHERE id={$_SESSION['user_id']}");
+ $query->bindParam(':password', $password);
+
+ if($query->execute()) {
+ echo "<p>Password updated</p>";
+ } else {
+ echo "<p>Password update failed</p>";
+ }
+ }
+
+}
+
+header("Refresh: 2; URL=$_SERVER[HTTP_REFERER]");
+require_once(TEMPLATES_PATH . "/footer.php");
+?>
generated by cgit v1.2.1 (git 2.18.0) at 2024-05-03 23:39:35 +0000