solocla/trf_certest
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
trf_certest/public/userarea/update-profile.php
solocla 0645a0c675 update profile
2026-03-25 11:02:27 +01:00

94 lines
2.3 KiB
PHP
Raw Blame History

<?php
require_once(__DIR__ . '/class/db-functions.php');
include('../../extra/auth.php');
if (!Auth::check()) {
redirectTo('../public/login');
}
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
header('Location: user-profile.php');
exit;
}
$user = Auth::user();
$id = isset($_POST['iduserlogin']) ? (int)$_POST['iduserlogin'] : 0;
$first_name = trim($_POST['first_name'] ?? '');
$last_name = trim($_POST['last_name'] ?? '');
$email = trim($_POST['email'] ?? '');
$password = trim($_POST['password'] ?? '');
$lims_user_id = isset($_POST['lims_user_id']) && $_POST['lims_user_id'] !== ''
? (int)$_POST['lims_user_id']
: null;
$lims_global_user_id = isset($_POST['lims_global_user_id']) && $_POST['lims_global_user_id'] !== ''
? (int)$_POST['lims_global_user_id']
: null;
if ($id <= 0) {
die('Invalid user ID');
}
$db = DBHandlerSelect::getInstance()->getConnection();
// Current avatar
$avatar = $user->present()->avatar;
// Avatar upload
if (isset($_FILES['avatar']) && $_FILES['avatar']['error'] === UPLOAD_ERR_OK) {
$originalName = basename($_FILES['avatar']['name']);
$safeName = preg_replace('/[^A-Za-z0-9_\.-]/', '_', $originalName);
$avatar = time() . '_' . $safeName;
$uploadDir = __DIR__ . '/../../public/upload/users/';
if (!is_dir($uploadDir)) {
mkdir($uploadDir, 0755, true);
}
move_uploaded_file($_FILES['avatar']['tmp_name'], $uploadDir . $avatar);
}
// Update main user data
$sql = "UPDATE auth_users
SET first_name = ?,
last_name = ?,
email = ?,
avatar = ?,
lims_user_id = ?,
lims_global_user_id = ?
WHERE id = ?";
$stmt = $db->prepare($sql);
$stmt->execute([
$first_name,
$last_name,
$email,
$avatar,
$lims_user_id,
$lims_global_user_id,
$id
]);
// Update password only if provided
if ($password !== '') {
$hashedPassword = password_hash($password, PASSWORD_BCRYPT);
$sql = "UPDATE auth_users SET password = ? WHERE id = ?";
$stmt = $db->prepare($sql);
$stmt->execute([$hashedPassword, $id]);
}
// Update session
if (session_status() === PHP_SESSION_NONE) {
session_start();
}
$_SESSION["nameuser"] = $first_name;
$_SESSION["surnameuser"] = $last_name;
$_SESSION["emailuser"] = $email;
$_SESSION["photouser"] = $avatar;
header('Location: user-profile.php');
exit;
Reference in New Issue View Git Blame Copy Permalink