prepare("SELECT email, firstName, lastName FROM users WHERE id = ?");
$query->execute([$userId]);
return $query->fetch(PDO::FETCH_ASSOC);
} catch(PDOException $e) {
return null;
}
}
function updateUserDetails($userId, $email, $firstName, $lastName, $password = null) {
global $conn;
try {
if ($password) {
$query = $conn->prepare("UPDATE users SET email = ?, firstName = ?, lastName = ?, password = ? WHERE id = ?");
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
$query->execute([$email, $firstName, $lastName, $hashedPassword, $userId]);
} else {
$query = $conn->prepare("UPDATE users SET email = ?, firstName = ?, lastName = ? WHERE id = ?");
$query->execute([$email, $firstName, $lastName, $userId]);
}
return true;
} catch(PDOException $e) {
return false;
}
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$success = updateUserDetails($_SESSION['user_id'], $_POST['email'], $_POST['firstName'], $_POST['lastName'], $_POST['password']);
if ($success) {
$_SESSION['message'] = 'Account updated successfully.
';
} else {
$_SESSION['message'] = 'Failed to update account.
';
}
header("Location: " . $_SERVER['REQUEST_URI']);
exit();
}
$userDetails = getUserDetails($_SESSION['user_id']);
?>
prepare("SELECT logs.ip, logs.date, users.email FROM logs JOIN users ON logs.userId = users.id");
$query->execute();
$logDetails = $query->fetchAll(PDO::FETCH_ASSOC);
?>