byecorps/id
1
0
Fork 0
mirror of https://github.com/byecorps/id.git synced 2024-09-19 23:20:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
id/account.php
Bye 3118befc0e Dashboard
2024-03-18 20:11:01 +00:00

144 lines
4.7 KiB
PHP
Raw Permalink Blame History

<?php
if (!$_SESSION['auth']) {
header('Location: /signin?callback=/account');
exit;
}
function get_gravatar_url( $email ) {
// Trim leading and trailing whitespace from
// an email address and force all characters
// to lower case
$address = strtolower( trim( $email ) );
// Create an SHA256 hash of the final string
$hash = hash( 'sha256', $address );
// Grab the actual image URL
return 'https://www.gravatar.com/avatar/' . $hash;
}
$stmt = $pdo->prepare('SELECT * FROM accounts WHERE id = ? LIMIT 1');
$stmt->execute([$_SESSION['id']]);
$user = $stmt->fetch();
if ($_SERVER['REQUEST_METHOD'] == "POST") {
if (isset($_POST["old_password"]) && $_POST["old_password"] != "") {
// means password reset is wanted.
if (!password_verify($_POST["old_password"], $user["password"])) {
$password_error = "Incorrect password. (Error 901)";
}
if (password_verify($_POST['new_password'], $user["password"])) {
$password_error = "New password may not be same as old password. (Error 902)";
}
if ($_POST['new_password'] != $_POST['repeat_new_password']) {
$password_error = "The passwords must match. (Error 900)";
}
if (isset($password_error)) {
$message = $password_error;
goto skip_submit;
}
$new_password = password_hash($_POST["new_password"], PASSWORD_DEFAULT);
$sql = "UPDATE accounts SET password = ? WHERE id = ?";
$pdo->prepare($sql)->execute([$new_password, $user["id"]]);
}
if (isset($_POST["display_name"])) {
$sql = "UPDATE accounts SET display_name = ? WHERE id = ?";
$pdo->prepare($sql)->execute([$_POST["display_name"], $user["id"]]);
}
$message = "Updated sucessfully. Changes might take a few minutes to take effect.";
header('Location: /profile');
die("Redirecting...");
}
skip_submit:
?>
<h1>Your account</h1>
<?php
if (isset($message )) {
echo "<div class='flash'>".$message."</div>";
}
?>
<div id="wrapper">
<div id="mini_profile">
<img src="<?= get_gravatar_url($user['email']); ?>">
<div class="details">
<span class="displayname"><?= $user['display_name'] ?></span>
<span class="bcid"><?= format_bcid($user['id']); ?></span>
<time datetime="<?= $user["created_date"] ?>">Since <?= $user["created_date"]; ?></time>
</div>
</div>
<aside>
<form method="post">
<fieldset>
<legend>Profile</legend>
<div class="container">
<label>BCID</label>
<input type="text" disabled value="<?= format_bcid($user['id']) ?>">
</div>
<div class="container">
<input type="checkbox" disabled checked="<?= $user['verified'] ?>" >
<label> Verified email</label>
</div>
<div class="container">
<label for="email">Email address</label>
<input type="email" name="email" id="email" value="<?= $user['email'] ?>">
</div>
<div class="container">
<label for="display_name">Display name</label>
<input type="text" name="display_name" id="display_name" value="<?= $user['display_name'] ?>">
</div>
</fieldset>
<fieldset>
<legend>Password</legend>
<p>You only need to insert values here if you're resetting your password.</p>
<div class="container">
<label for="old_password">Current password</label>
<input type="password" name="old_password" id="old_password">
</div>
<div class="container">
<label for="new_password">New password</label>
<input type="password" name="new_password" id="new_password">
</div>
<div class="container">
<label for="repeat_new_password">Repeat new password</label>
<input type="password" name="repeat_new_password" id="repeat_new_password">
</div>
</fieldset>
<button class="primary" type="submit"><i class="fa-fw fa-solid fa-floppy-disk"></i> Save</button>
</form>
<div class="dangerzone">
<h2>Danger Zone</h2>
<p><a href="/signout" class="button"><i class="fa-fw fa-solid fa-person-through-window"></i> Sign out</a>
<a href="/dangerous/delete_account" class="button danger"><i class="fa-fw fa-solid fa-trash"></i> Delete account</a></p>
</div>
</aside>
</div>
Reference in a new issue View git blame Copy permalink