added settings
This commit is contained in:
@@ -0,0 +1,43 @@
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
$env = parse_ini_file("../config/.env");
|
||||
|
||||
$username = $_SESSION["username"];
|
||||
|
||||
// Connect to db
|
||||
$conn = new mysqli($env["HOST"], $env["DBUSER"], $env["DBPASS"], $env["TABLE"]);
|
||||
|
||||
if ($conn->connect_error) {
|
||||
die("Connection failed: " . $conn->connect_error);
|
||||
}
|
||||
|
||||
if ($_SERVER["REQUEST_METHOD"] == "POST") { // When user posts data
|
||||
$currentpass = $_POST["currentpass"];
|
||||
$newpass = $_POST["newpass"];
|
||||
$repeat = $_POST["repeatnewpass"];
|
||||
|
||||
$user_row = $conn->query("SELECT * FROM users WHERE username = '$username';")->fetch_assoc();
|
||||
|
||||
if($currentpass != $user_row["password"]) {
|
||||
header("Location: /settings.php?wrongold");
|
||||
exit;
|
||||
}
|
||||
|
||||
if($newpass != $repeat) {
|
||||
header("Location: /settings.php?wrongrepeat");
|
||||
exit;
|
||||
}
|
||||
|
||||
$result = $conn->query("UPDATE users SET password = '$newpass' WHERE username = '$username';");
|
||||
|
||||
if(!$result) {
|
||||
die("Error changing password");
|
||||
}
|
||||
|
||||
header("Location: /settings.php?changed");
|
||||
$conn->close();
|
||||
exit;
|
||||
}
|
||||
?>
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
session_start();
|
||||
session_destroy();
|
||||
header("Location: /");
|
||||
if(isset($_GET["deleted"])) { header("Location: /?deleted"); }
|
||||
exit;
|
||||
?>
|
||||
|
||||
|
||||
@@ -0,0 +1,47 @@
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
$env = parse_ini_file("../config/.env");
|
||||
|
||||
$username = $_SESSION["username"];
|
||||
|
||||
// Connect to db
|
||||
$conn = new mysqli($env["HOST"], $env["DBUSER"], $env["DBPASS"], $env["TABLE"]);
|
||||
|
||||
if ($conn->connect_error) {
|
||||
die("Connection failed: " . $conn->connect_error);
|
||||
}
|
||||
|
||||
if ($_SERVER["REQUEST_METHOD"] == "POST") { // When user posts data
|
||||
$password = $_POST["password"];
|
||||
|
||||
$user_row = $conn->query("SELECT * FROM users WHERE username = '$username';")->fetch_assoc();
|
||||
|
||||
$password_confirm = $user_row["password"];
|
||||
|
||||
if($password != $password_confirm) {
|
||||
header("Location: /settings.php?wrongpass");
|
||||
$conn->close();
|
||||
exit;
|
||||
}
|
||||
|
||||
$user_id = $user_row["id"];
|
||||
|
||||
$result = $conn->query("DROP TABLE user$user_id;");
|
||||
|
||||
if(!$result) {
|
||||
die("Error removing data.");
|
||||
}
|
||||
|
||||
$result = $conn->query("DELETE FROM users WHERE username = '$username';");
|
||||
|
||||
if(!$result) {
|
||||
die("Error deleting user.");
|
||||
}
|
||||
|
||||
header("Location: logout.php?deleted");
|
||||
$conn->close();
|
||||
exit;
|
||||
}
|
||||
?>
|
||||
|
||||
Reference in New Issue
Block a user