/home/awneajlw/www/codestechvista.com/user/profile.php
<?php
require_once '../config/database.php';
require_once '../includes/auth.php';
requireLogin();
$database = new Database();
$db = $database->getConnection();
$user_id = $_SESSION['user_id'];
$error = '';
$success = '';
// Get user info
$query = "SELECT * FROM users WHERE id = ?";
$stmt = $db->prepare($query);
$stmt->execute([$user_id]);
$user = $stmt->fetch(PDO::FETCH_ASSOC);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$name = sanitizeInput($_POST['name']);
$email = sanitizeInput($_POST['email']);
$phone = sanitizeInput($_POST['phone']);
$current_password = $_POST['current_password'];
$new_password = $_POST['new_password'];
$confirm_password = $_POST['confirm_password'];
if (empty($name) || empty($email) || empty($phone)) {
$error = 'Please fill in all required fields.';
} else {
// Check if email is being changed and if it already exists
if ($email !== $user['email']) {
$query = "SELECT id FROM users WHERE email = ? AND id != ?";
$stmt = $db->prepare($query);
$stmt->execute([$email, $user_id]);
if ($stmt->fetch()) {
$error = 'Email already exists.';
}
}
if (!$error) {
$update_query = "UPDATE users SET name = ?, email = ?, phone = ?";
$params = [$name, $email, $phone];
// Update password if provided
if (!empty($new_password)) {
if (empty($current_password)) {
$error = 'Please enter current password to change password.';
} elseif (!verifyPassword($current_password, $user['password'])) {
$error = 'Current password is incorrect.';
} elseif ($new_password !== $confirm_password) {
$error = 'New passwords do not match.';
} elseif (strlen($new_password) < 6) {
$error = 'New password must be at least 6 characters long.';
} else {
$update_query .= ", password = ?";
$params[] = hashPassword($new_password);
}
}
if (!$error) {
$update_query .= " WHERE id = ?";
$params[] = $user_id;
$stmt = $db->prepare($update_query);
if ($stmt->execute($params)) {
$success = 'Profile updated successfully!';
// Update session data
$_SESSION['name'] = $name;
$_SESSION['email'] = $email;
// Refresh user data
$query = "SELECT * FROM users WHERE id = ?";
$stmt = $db->prepare($query);
$stmt->execute([$user_id]);
$user = $stmt->fetch(PDO::FETCH_ASSOC);
} else {
$error = 'Failed to update profile. Please try again.';
}
}
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Profile - Opti-Vision Eye Clinic</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
<link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css" rel="stylesheet">
<link href="../assets/css/style.css" rel="stylesheet">
</head>
<body class="bg-light">
<!-- Navigation -->
<nav class="navbar navbar-expand-lg navbar-light bg-white shadow-sm">
<div class="container">
<a class="navbar-brand fw-bold text-primary" href="../index.php">
<i class="fas fa-eye me-2"></i>Opti-Vision
</a>
<div class="navbar-nav ms-auto">
<a class="nav-link" href="../index.php">Home</a>
<a class="nav-link" href="dashboard.php">Dashboard</a>
<a class="nav-link" href="../logout.php">Logout</a>
</div>
</div>
</nav>
<div class="container py-5">
<div class="row justify-content-center">
<div class="col-lg-8">
<div class="card dashboard-card">
<div class="card-header bg-primary text-white">
<h4 class="mb-0"><i class="fas fa-user me-2"></i>Profile Settings</h4>
</div>
<div class="card-body p-4">
<?php if ($error): ?>
<div class="alert alert-danger"><?php echo $error; ?></div>
<?php endif; ?>
<?php if ($success): ?>
<div class="alert alert-success"><?php echo $success; ?></div>
<?php endif; ?>
<form method="POST">
<div class="row">
<div class="col-md-6 mb-3">
<label for="name" class="form-label">Full Name</label>
<div class="input-group">
<span class="input-group-text"><i class="fas fa-user"></i></span>
<input type="text" class="form-control" id="name" name="name"
value="<?php echo htmlspecialchars($user['name']); ?>" required>
</div>
</div>
<div class="col-md-6 mb-3">
<label for="phone" class="form-label">Phone Number</label>
<div class="input-group">
<span class="input-group-text"><i class="fas fa-phone"></i></span>
<input type="tel" class="form-control" id="phone" name="phone"
value="<?php echo htmlspecialchars($user['phone']); ?>" required>
</div>
</div>
</div>
<div class="mb-3">
<label for="email" class="form-label">Email Address</label>
<div class="input-group">
<span class="input-group-text"><i class="fas fa-envelope"></i></span>
<input type="email" class="form-control" id="email" name="email"
value="<?php echo htmlspecialchars($user['email']); ?>" required>
</div>
</div>
<hr class="my-4">
<h5 class="mb-3">Change Password</h5>
<p class="text-muted small">Leave password fields empty if you don't want to change password.</p>
<div class="mb-3">
<label for="current_password" class="form-label">Current Password</label>
<div class="input-group">
<span class="input-group-text"><i class="fas fa-lock"></i></span>
<input type="password" class="form-control" id="current_password" name="current_password">
</div>
</div>
<div class="row">
<div class="col-md-6 mb-3">
<label for="new_password" class="form-label">New Password</label>
<div class="input-group">
<span class="input-group-text"><i class="fas fa-lock"></i></span>
<input type="password" class="form-control" id="new_password" name="new_password">
</div>
</div>
<div class="col-md-6 mb-4">
<label for="confirm_password" class="form-label">Confirm New Password</label>
<div class="input-group">
<span class="input-group-text"><i class="fas fa-lock"></i></span>
<input type="password" class="form-control" id="confirm_password" name="confirm_password">
</div>
</div>
</div>
<div class="d-flex gap-3">
<button type="submit" class="btn btn-primary">
<i class="fas fa-save me-2"></i>Update Profile
</button>
<a href="dashboard.php" class="btn btn-outline-secondary">
<i class="fas fa-arrow-left me-2"></i>Back to Dashboard
</a>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>