BROOKO UK NETWORK
Where code meets creativity & adventure
File viewer
profile.php
Type
php
Size
8.46 KB
Modified
15 May
profile.php
8.46 KB
<?php
require_once __DIR__ . '/../bootstrap.php';
requireAuth();
$pageTitle = 'My Account';
$currentUser = getCurrentUser();
// Settings has been consolidated into the About page.
if (($_GET['tab'] ?? '') === 'settings' || isset($_GET['s'])) {
app_redirect('settings');
}
// Account is view-only by default.
$mode = (isset($_GET['edit']) && $_GET['edit'] === '1') ? 'edit' : 'view';
$successMsg = null;
$errors = [];
if (isset($_GET['updated']) && $_GET['updated'] === '1') {
$successMsg = 'Account updated successfully!';
}
// Handle profile update (only in edit mode)
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$mode = 'edit';
$displayName = trim($_POST['display_name'] ?? '');
$email = trim($_POST['email'] ?? '');
if ($displayName === '') {
$errors[] = 'Display name is required';
}
if ($email === '') {
$errors[] = 'Email is required';
} elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$errors[] = 'Invalid email format';
}
if (empty($errors)) {
global $pdo;
try {
// Check if email is already taken by another user
$stmt = $pdo->prepare("SELECT id FROM users WHERE email = ? AND id != ?");
$stmt->execute([$email, $_SESSION['user_id']]);
if ($stmt->fetch()) {
$errors[] = 'Email is already taken by another user';
} else {
// Update profile
$stmt = $pdo->prepare("UPDATE users SET display_name = ?, email = ?, updated_at = NOW() WHERE id = ?");
$stmt->execute([$displayName, $email, $_SESSION['user_id']]);
// Update session
$_SESSION['user_display_name'] = $displayName;
$_SESSION['user_email'] = $email;
// Log activity
logActivity('account.update', 'user', $_SESSION['user_id'], 'Updated account information');
// Redirect back to view mode (prevents double submit)
header('Location: ' . app_url('account') . '?updated=1');
exit;
}
} catch (Throwable $e) {
$errors[] = 'Failed to update profile';
}
}
}
include __DIR__ . '/../partials/header.php';
?>
<div class="content-header">
<div>
<h1 class="content-title">đ¤ My Account</h1>
<p class="content-subtitle"><?= $mode === 'edit' ? 'Edit your account details' : 'View your account details' ?></p>
</div>
<?php if ($mode !== 'edit'): ?>
<a href="<?= e(app_url('account')) ?>?edit=1" class="btn btn-primary">
âī¸ Edit Account
</a>
<?php endif; ?>
</div>
<?php if ($successMsg): ?>
<div class="alert alert-success"><?= htmlspecialchars($successMsg) ?></div>
<?php endif; ?>
<?php if (!empty($errors)): ?>
<div class="alert alert-error">
<?php foreach ($errors as $error): ?>
<div><?= htmlspecialchars($error) ?></div>
<?php endforeach; ?>
</div>
<?php endif; ?>
<div class="grid grid-2">
<div class="card">
<div class="card-header d-flex align-center justify-between">
<h3 class="card-title" style="margin:0;">Personal Information</h3>
<?php if ($mode !== 'edit'): ?>
<a href="<?= e(app_url('account')) ?>?edit=1" class="btn btn-secondary btn-left btn-xs">
<span>âī¸</span><span>Edit Account</span>
</a>
<?php endif; ?>
</div>
<?php if ($mode === 'edit'): ?>
<form method="POST" action="<?= e(app_url('account')) ?>?edit=1" class="form">
<div class="form-group">
<label for="username">Username</label>
<input class="input" type="text" id="username" value="<?= htmlspecialchars($currentUser['username']) ?>" disabled style="opacity:.6; cursor:not-allowed;">
<small class="text-muted">Username cannot be changed</small>
</div>
<div class="form-group">
<label for="display_name">Display Name</label>
<input class="input" type="text" id="display_name" name="display_name" value="<?= htmlspecialchars($currentUser['display_name']) ?>" required>
</div>
<div class="form-group">
<label for="email">Email Address</label>
<input class="input" type="email" id="email" name="email" value="<?= htmlspecialchars($currentUser['email']) ?>" required>
</div>
<div class="form-group">
<label for="role">Role</label>
<input class="input" type="text" id="role" value="<?= ucfirst(htmlspecialchars($currentUser['role'])) ?>" disabled style="opacity:.6; cursor:not-allowed;">
<small class="text-muted">Contact an administrator to change your role</small>
</div>
<div class="d-flex gap-sm mt-md" style="flex-wrap:wrap;">
<button type="submit" class="btn btn-primary btn-left"><span>đž</span><span>Save Changes</span></button>
<a href="<?= e(app_url('account')) ?>" class="btn btn-secondary">Cancel</a>
</div>
</form>
<?php else: ?>
<table class="table-compact" style="width:100%;">
<tr>
<th style="width:180px;">Username</th>
<td><?= htmlspecialchars($currentUser['username']) ?></td>
</tr>
<tr>
<th>Display Name</th>
<td><?= htmlspecialchars($currentUser['display_name']) ?></td>
</tr>
<tr>
<th>Email</th>
<td><?= htmlspecialchars($currentUser['email']) ?></td>
</tr>
<tr>
<th>Role</th>
<td><span class="badge badge-info"><?= ucfirst(htmlspecialchars($currentUser['role'])) ?></span></td>
</tr>
</table>
<div class="mt-md">
<p class="small text-muted" style="margin:0;">To make changes, click <strong>Edit Account</strong>.</p>
</div>
<?php endif; ?>
</div>
<div>
<div class="card mb-lg">
<div class="card-header">
<h3 class="card-title">Account Security</h3>
</div>
<p class="mb-md">Keep your account secure by using a strong password and changing it regularly.</p>
<a href="<?= e(app_url('password-change')) ?>" class="btn btn-secondary btn-block">đ Change Password</a>
</div>
<div class="card">
<div class="card-header">
<h3 class="card-title">Account Information</h3>
</div>
<table class="table-compact" style="width:100%;">
<tr>
<th style="width:180px;">User ID</th>
<td><?= (int)$currentUser['id'] ?></td>
</tr>
<tr>
<th>Last Login</th>
<td>
<?php
global $pdo;
$lastLogin = null;
try {
$stmt = $pdo->prepare("SELECT created_at FROM login_logs WHERE user_id = ? AND success = 1 ORDER BY created_at DESC LIMIT 1");
$stmt->execute([$_SESSION['user_id']]);
$lastLogin = $stmt->fetch();
} catch (Throwable $e) {}
echo $lastLogin ? date('M d, Y H:i', strtotime($lastLogin['created_at'])) : 'N/A';
?>
</td>
</tr>
</table>
<?php if (($_SESSION['user_role'] ?? '') === 'administrator'): ?>
<div class="mt-md">
<a href="<?= e(app_url('admin')) ?>" class="btn btn-secondary btn-block btn-left"><span>đ§</span><span>Open Admin Dashboard</span></a>
</div>
<?php endif; ?>
</div>
<div class="card mt-lg">
<div class="card-header">
<h3 class="card-title">About & Updates</h3>
</div>
<p class="text-muted">View system info, latest changes, and past updates.</p>
<a href="<?= e(app_url('settings')) ?>" class="btn btn-secondary btn-block btn-left"><span>âšī¸</span><span>Settings</span></a>
</div>
</div>
</div>
<?php include __DIR__ . '/../partials/footer.php'; ?>