diff options
Diffstat (limited to 'user/update.php')
-rw-r--r-- | user/update.php | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/user/update.php b/user/update.php new file mode 100644 index 0000000..1fe291a --- /dev/null +++ b/user/update.php @@ -0,0 +1,37 @@ +<?php +require '../config.php'; +require_once(TEMPLATES_PATH . "/header.php"); +require_once(TEMPLATES_PATH . "/panel.php"); +require_once(LIBRARY_PATH . "/functions.php"); + +print_r($_POST); + +if (isset($_SESSION['user_id']) && $_SESSION['user_id'] != "") { + $conn = new PDO($config['db']['dsn'], $config['db']['username'], $config['db']['password']); + $query = $conn->prepare("UPDATE users SET username=:username, email=:email WHERE id={$_SESSION['user_id']}"); + $query->bindParam(':username', $_POST['username']); + $query->bindParam(':email', $_POST['email']); + + if($query->execute()) { + echo "<h2>Account updated</h2>"; + } else { + echo "<h2>Account update failed</h2>"; + } + + if($_POST['password'] != "") { + $password = password_hash($_POST['password'], PASSWORD_ARGON2I); + $query = $conn->prepare("UPDATE users SET password=:password WHERE id={$_SESSION['user_id']}"); + $query->bindParam(':password', $password); + + if($query->execute()) { + echo "<p>Password updated</p>"; + } else { + echo "<p>Password update failed</p>"; + } + } + +} + +header("Refresh: 2; URL=$_SERVER[HTTP_REFERER]"); +require_once(TEMPLATES_PATH . "/footer.php"); +?> |