kiit-kaffe / api /update_profile.php
Kush-Singh-26
synced backend and frontend, added more menu items, ui and admin page improvements
56fb0d1
Raw
History Blame Contribute Delete
1.96 kB
<?php
header("Content-Type: application/json");
include "db.php";
$data = json_decode(file_get_contents("php://input"), true);
$user_id = $data["user_id"];
$name = trim($data["name"] ?? "");
$phone = trim($data["phone"] ?? "");
$password = $data["password"] ?? "";
$current_password = $data["current_password"] ?? "";
if (!$user_id) {
echo json_encode(["status" => "error", "message" => "Invalid user ID"]);
exit;
}
// Verify current password if changing password
if ($password) {
if (!$current_password) {
echo json_encode(["status" => "error", "message" => "Current password required"]);
exit;
}
// Verify current password
$stmt = $conn->prepare("SELECT password FROM users WHERE id = ?");
$stmt->execute([$user_id]);
$user = $stmt->fetch();
if (!$user) {
echo json_encode(["status" => "error", "message" => "User not found"]);
exit;
}
if ($current_password !== $user['password']) {
echo json_encode(["status" => "error", "message" => "Current password is incorrect"]);
exit;
}
// Validate new password
if (strlen($password) < 6) {
echo json_encode(["status" => "error", "message" => "Password must be at least 6 characters"]);
exit;
}
}
$updates = [];
$params = [];
if ($name) { $updates[] = "name = ?"; $params[] = $name; }
if ($phone) { $updates[] = "phone = ?"; $params[] = $phone; }
if ($password) { $updates[] = "password = ?"; $params[] = $password; }
if (empty($updates)) {
echo json_encode(["status" => "error", "message" => "No changes to update"]);
exit;
}
$params[] = $user_id;
$sql = "UPDATE users SET " . implode(", ", $updates) . " WHERE id = ?";
$stmt = $conn->prepare($sql);
if ($stmt->execute($params)) {
echo json_encode(["status" => "success", "message" => "Profile updated"]);
} else {
echo json_encode(["status" => "error", "message" => "Update failed"]);
}
?>