fix(public) better structure

2025-12-28 00:23:25 +00:00 · 2024-06-14 10:48:27 +02:00
parent f9d50f5b2b
commit d7cdb94316
45 changed files with 252 additions and 36 deletions
--- a/components/account/main.php
+++ b/components/account/main.php
@@ -0,0 +1,73 @@
+<?php
+
+function getUserDetails($userId) {
+    global $conn;
+    try {
+        $query = $conn->prepare("SELECT email, firstName, lastName FROM users WHERE id = ?");
+        $query->execute([$userId]);
+        return $query->fetch(PDO::FETCH_ASSOC);
+    } catch(PDOException $e) {
+        return null;
+    }
+}
+
+function updateUserDetails($userId, $email, $firstName, $lastName, $password = null) {
+    global $conn;
+    try {
+        if ($password) {
+            $query = $conn->prepare("UPDATE users SET email = ?, firstName = ?, lastName = ?, password = ? WHERE id = ?");
+            $hashedPassword = password_hash($password, PASSWORD_DEFAULT);
+            $query->execute([$email, $firstName, $lastName, $hashedPassword, $userId]);
+        } else {
+            $query = $conn->prepare("UPDATE users SET email = ?, firstName = ?, lastName = ? WHERE id = ?");
+            $query->execute([$email, $firstName, $lastName, $userId]);
+        }
+        return true;
+    } catch(PDOException $e) {
+        return false;
+    }
+}
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $success = updateUserDetails($_SESSION['user_id'], $_POST['email'], $_POST['firstName'], $_POST['lastName'], $_POST['password']);
+
+    if ($success) {
+        $_SESSION['message'] = '<div class="alert alert-success text-center" role="alert">Account updated successfully.</div>';
+    } else {
+        $_SESSION['message'] = '<div class="alert alert-danger text-center" role="alert">Failed to update account.</div>';
+    }
+
+    header("Location: " . $_SERVER['REQUEST_URI']);
+    exit();
+}
+
+$userDetails = getUserDetails($_SESSION['user_id']);
+?>
+
+<div class="container mt-5">
+    <?php
+        echo $_SESSION['message'] ?? '';
+        unset($_SESSION['message']);
+        ?>
+        <h2 class="mb-4">Edit Account</h2>
+        <form method="POST" action="">
+            <div class="mb-3">
+                <label for="email" class="form-label">Email</label>
+                <input type="email" class="form-control" id="email" name="email" value="<?php echo htmlspecialchars($userDetails['email']); ?>" placeholder="Enter your email" required>
+            </div>
+            <div class="mb-3">
+                <label for="firstName" class="form-label">First Name</label>
+                <input type="text" class="form-control" id="firstName" name="firstName" value="<?php echo htmlspecialchars($userDetails['firstName']); ?>" placeholder="Enter your first name" required>
+            </div>
+            <div class="mb-3">
+                <label for="lastName" class="form-label">Last Name</label>
+                <input type="text" class="form-control" id="lastName" name="lastName" value="<?php echo htmlspecialchars($userDetails['lastName']); ?>" placeholder="Enter your last name" required>
+            </div>
+            <div class="mb-3">
+                <label for="password" class="form-label">Password</label>
+                <input type="password" class="form-control" id="password" name="password" placeholder="Enter a new password">
+                <small class="form-text text-muted">Leave blank if you do not want to change the password</small>
+            </div>
+            <button type="submit" class="btn btn-primary">Save Changes</button>
+        </form>
+    </div>