s1
This commit is contained in:
ns77@siliconpin.com
85
CONTENT/ROOT_URI/Admin/profile.php
Normal file
85
CONTENT/ROOT_URI/Admin/profile.php
Normal file
@@ -0,0 +1,85 @@
|
||||
<?php
|
||||
// Session check
|
||||
if (!isset($_SESSION['user_id'])) {
|
||||
die("Unauthorized access. Please login first.");
|
||||
}
|
||||
$conn = new mysqli($GLOBALS['host'], $GLOBALS['user'], $GLOBALS['pass'], $GLOBALS['db']);
|
||||
$conn->set_charset("utf8");
|
||||
if ($conn->connect_error) {
|
||||
die("Connection failed: " . $conn->connect_error);
|
||||
}
|
||||
|
||||
$user_id = $_SESSION['user_id'];
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
$current_pass = $_POST['current_password'] ?? '';
|
||||
$new_pass = $_POST['new_password'] ?? '';
|
||||
$confirm_pass = $_POST['confirm_password'] ?? '';
|
||||
|
||||
if (empty($current_pass) || empty($new_pass) || empty($confirm_pass)) {
|
||||
$error = "All fields are required.";
|
||||
} elseif ($new_pass !== $confirm_pass) {
|
||||
$error = "New passwords do not match.";
|
||||
} else {
|
||||
$table = $GLOBALS['arif_users'] ?? 'arif_users';
|
||||
|
||||
// Check current password
|
||||
$sql = "SELECT password FROM `$table` WHERE user_id = ?";
|
||||
$stmt = $conn->prepare($sql);
|
||||
$stmt->bind_param("s", $user_id);
|
||||
$stmt->execute();
|
||||
$stmt->bind_result($hashed_password);
|
||||
$stmt->fetch();
|
||||
$stmt->close();
|
||||
|
||||
if (!$hashed_password || !password_verify($current_pass, $hashed_password)) {
|
||||
$error = "Current password is incorrect.";
|
||||
} else {
|
||||
// Update password
|
||||
$new_hashed = password_hash($new_pass, PASSWORD_DEFAULT);
|
||||
$sql = "UPDATE `$table` SET password=? WHERE user_id=?";
|
||||
$stmt = $conn->prepare($sql);
|
||||
$stmt->bind_param("ss", $new_hashed, $user_id);
|
||||
|
||||
if ($stmt->execute()) {
|
||||
$success = "Password updated successfully!";
|
||||
} else {
|
||||
$error = "Failed to update password. Try again.";
|
||||
}
|
||||
|
||||
$stmt->close();
|
||||
}
|
||||
}
|
||||
}
|
||||
?>
|
||||
<div class="bg-light">
|
||||
<div class="container mt-5">
|
||||
<div class="card shadow p-4">
|
||||
<h3 class="mb-3">Update Password</h3>
|
||||
|
||||
<?php if (isset($error)): ?>
|
||||
<div class="alert alert-danger"><?= htmlspecialchars($error) ?></div>
|
||||
<?php endif; ?>
|
||||
|
||||
<?php if (isset($success)): ?>
|
||||
<div class="alert alert-success"><?= htmlspecialchars($success) ?></div>
|
||||
<?php endif; ?>
|
||||
|
||||
<form method="POST">
|
||||
<div class="form-group">
|
||||
<label>Current Password</label>
|
||||
<input type="password" name="current_password" class="form-control" required>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label>New Password</label>
|
||||
<input type="password" name="new_password" class="form-control" required>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label>Confirm New Password</label>
|
||||
<input type="password" name="confirm_password" class="form-control" required>
|
||||
</div>
|
||||
<button type="submit" class="btn btn-primary">Update Password</button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
Reference in New Issue
Block a user