103 lines
3.7 KiB
PHP
Executable File
103 lines
3.7 KiB
PHP
Executable File
<?php
|
|
require("../../include/variables.php");
|
|
require("../../include/init.php");
|
|
require("../../include/main-functions.php");
|
|
require("../../include/inputs.php");
|
|
require("../../include/panels.php");
|
|
|
|
$pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlDatabasePass);
|
|
|
|
if (!isset($_SESSION['userID'])) {
|
|
header("Location: /login");
|
|
http_response_code(403);
|
|
}
|
|
|
|
if (isset($_POST['username']) && isset($_POST['email'])) {
|
|
if(empty($_POST['username']) == false) {
|
|
if(preg_match('!\S!u', $_POST['username']) && preg_match('!\S!u', $_POST['email'])) {
|
|
$sqlRequest = "SELECT ID FROM users WHERE username = :username";
|
|
$request = $pdo->prepare($sqlRequest);
|
|
$request->bindParam(":username", htmlspecialchars(substr($_POST['username'], 0, 20)));
|
|
$request->execute();
|
|
$result = $request->fetchAll(PDO::FETCH_ASSOC);
|
|
if($result && $result[0]['ID'] != $_SESSION['userID']) {
|
|
$status = "Le nom d'utilisateur n'est pas disponible";
|
|
} else {
|
|
$sqlRequest = "UPDATE users SET username = :username, email = :email, last_update = now() WHERE ID = :userID";
|
|
$request = $pdo->prepare($sqlRequest);
|
|
$request->bindParam(":username", htmlspecialchars(substr($_POST['username'], 0, 20)));
|
|
$request->bindParam(":email", htmlspecialchars($_POST['email']));
|
|
$request->bindParam(":userID", $_SESSION['userID']);
|
|
if($request->execute()) {
|
|
$status = "Informations mises à jour";
|
|
}
|
|
}
|
|
}
|
|
} else {
|
|
$status = "Le nom d'utilisateur ne peut pas être vide";
|
|
}
|
|
}
|
|
|
|
?>
|
|
|
|
<!DOCTYPE html>
|
|
<html lang="fr">
|
|
|
|
<head>
|
|
<?php fillHead($rootPageURL, $pageTitle, $darkTheme, $lightTheme);?>
|
|
<style>
|
|
.choice {
|
|
display: block;
|
|
}
|
|
.choice a {
|
|
margin: 2em 0;
|
|
display: block;
|
|
}
|
|
</style>
|
|
</head>
|
|
|
|
<body class="body">
|
|
|
|
<header>
|
|
<div class="panel-content">
|
|
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle);?>
|
|
</div>
|
|
</header>
|
|
|
|
<nav>
|
|
<div class="panel-content">
|
|
<?php fillNav($rootPageURL);?>
|
|
</div>
|
|
</nav>
|
|
|
|
<main>
|
|
<div class="content">
|
|
<form action="#" method="post">
|
|
<div class="form">
|
|
<div class="form-title">Options</div>
|
|
<div class="status"><?=$status?></div>
|
|
<?php
|
|
$sqlRequest = "SELECT username, email FROM users WHERE ID = :userID";
|
|
$request = $pdo->prepare($sqlRequest);
|
|
$request->bindParam(":userID", $_SESSION['userID']);
|
|
$request->execute();
|
|
$result = $request->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
textInput("text", "", "username", "username", $result[0]['username']);
|
|
textInput("email", "", "email", "user@e59.fr", $result[0]['email']);
|
|
?>
|
|
<div class="choice">
|
|
<button type="submit">Mettre à jour</button>
|
|
<a href="deleteaccount.php">Supprimer le compte</a>
|
|
</div>
|
|
</div>
|
|
</form>
|
|
</div>
|
|
</main>
|
|
<footer>
|
|
<div class="panel-content">
|
|
<?php fillFooter($footerText);?>
|
|
</div>
|
|
</footer>
|
|
</body>
|
|
</html>
|