prepare('SELECT * FROM accounts WHERE id = ? LIMIT 1'); $stmt->execute([$_SESSION['id']]); $user = $stmt->fetch(); if ($_SERVER['REQUEST_METHOD'] == "POST") { if (isset($_POST["old_password"]) && $_POST["old_password"] != "") { // means password reset is wanted. if (!password_verify($_POST["old_password"], $user["password"])) { $password_error = "Incorrect password. (Error 901)"; } if (password_verify($_POST['new_password'], $user["password"])) { $password_error = "New password may not be same as old password. (Error 902)"; } if ($_POST['new_password'] != $_POST['repeat_new_password']) { $password_error = "The passwords must match. (Error 900)"; } if (isset($password_error)) { $message = $password_error; goto skip_submit; } $new_password = password_hash($_POST["new_password"], PASSWORD_DEFAULT); $sql = "UPDATE accounts SET password = ? WHERE id = ?"; $pdo->prepare($sql)->execute([$new_password, $user["id"]]); } if (isset($_POST["display_name"])) { $sql = "UPDATE accounts SET display_name = ? WHERE id = ?"; $pdo->prepare($sql)->execute([$_POST["display_name"], $user["id"]]); } $message = "Updated sucessfully. Changes might take a few minutes to take effect."; } skip_submit: ?>

Your account

".$message.""; } ?>
Profile
Password

You only need to insert values here if you're resetting your password.

Danger Zone

Sign out Delete account