ponepaste/profile.php

<?php
define('IN_PONEPASTE', 1);
require_once('includes/common.php');
require_once('includes/functions.php');
require_once('includes/passwords.php');

// UTF-8
header('Content-Type: text/html; charset=utf-8');

$date = date('jS F Y');
$ip = $_SERVER['REMOTE_ADDR'];


$p_title = $lang['myprofile']; //"My Profile";

// Check if already logged in
if ($current_user === null) {
    header("Location: ./login.php");
    die();
}

$user_username = $current_user->username;

$query = $conn->query('SELECT * FROM users WHERE id = ?', [$current_user->user_id]);
$row = $query->fetch();
$user_id = $row['id'];
$user_platform = Trim($row['platform']);
$user_date = $row['date'];
$user_ip = $row['ip'];
$user_password = $row['password'];

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    if (isset($_POST['cpassword'])) {
        $user_new_full = trim(htmlspecialchars($_POST['full']));
        $user_old_pass = $_POST['old_password'];
        if (pp_password_verify($user_old_pass, $user_password)) {
            $user_new_cpass = pp_password_hash($_POST['password']);

            $conn->prepare('UPDATE users SET password = ? WHERE id = ?')
                ->execute([$user_new_cpass, $user_id]);

            $success = $lang['profileupdated']; //"  Your profile information is updated ";
        } else {
            $error = $lang['oldpasswrong']; // "  Your old password is wrong.";
        }
    } else {
        $error = $lang['error']; //"Something went wrong.";
    }
}

updatePageViews($conn);

$total_user_pastes = getTotalPastes($conn, $current_user->user_id);

// Theme
$page_template = 'profile';
require_once('theme/' . $default_theme . '/common.php');
Initial commit Initial commit 2021-07-10 19:18:17 +01:00			`<?php`
More cleanup, mostly surrounding ads 2021-07-10 18:21:03 -04:00			`define('IN_PONEPASTE', 1);`
			`require_once('includes/common.php');`
Initial commit Initial commit 2021-07-10 19:18:17 +01:00			`require_once('includes/functions.php');`
Various fixes and improvements, implement remember me (I think) 2021-07-24 14:45:46 -04:00			`require_once('includes/passwords.php');`
Initial commit Initial commit 2021-07-10 19:18:17 +01:00
			`// UTF-8`
			`header('Content-Type: text/html; charset=utf-8');`

Run formatter on all PHP code; should not change behaviour in any way 2021-07-12 09:03:02 -04:00			`$date = date('jS F Y');`
			`$ip = $_SERVER['REMOTE_ADDR'];`
Initial commit Initial commit 2021-07-10 19:18:17 +01:00

			`$p_title = $lang['myprofile']; //"My Profile";`

			`// Check if already logged in`
Introduce User and DatabaseHandle class 2021-07-17 18:17:29 -04:00			`if ($current_user === null) {`
Run formatter on all PHP code; should not change behaviour in any way 2021-07-12 09:03:02 -04:00			`header("Location: ./login.php");`
Introduce User and DatabaseHandle class 2021-07-17 18:17:29 -04:00			`die();`
Initial commit Initial commit 2021-07-10 19:18:17 +01:00			`}`
Introduce User and DatabaseHandle class 2021-07-17 18:17:29 -04:00
			`$user_username = $current_user->username;`
Work on user.php; untested 2021-07-11 12:44:31 -04:00
Various fixes and improvements, implement remember me (I think) 2021-07-24 14:45:46 -04:00			`$query = $conn->query('SELECT * FROM users WHERE id = ?', [$current_user->user_id]);`
Work on user.php; untested 2021-07-11 12:44:31 -04:00			`$row = $query->fetch();`
Run formatter on all PHP code; should not change behaviour in any way 2021-07-12 09:03:02 -04:00			`$user_id = $row['id'];`
			`$user_platform = Trim($row['platform']);`
			`$user_date = $row['date'];`
			`$user_ip = $row['ip'];`
			`$user_password = $row['password'];`
Initial commit Initial commit 2021-07-10 19:18:17 +01:00
			`if ($_SERVER['REQUEST_METHOD'] == 'POST') {`
			`if (isset($_POST['cpassword'])) {`
Run formatter on all PHP code; should not change behaviour in any way 2021-07-12 09:03:02 -04:00			`$user_new_full = trim(htmlspecialchars($_POST['full']));`
			`$user_old_pass = $_POST['old_password'];`
Implement password peppering. 2021-07-17 12:33:08 -04:00			`if (pp_password_verify($user_old_pass, $user_password)) {`
			`$user_new_cpass = pp_password_hash($_POST['password']);`
Work on user.php; untested 2021-07-11 12:44:31 -04:00
Various fixes and improvements, implement remember me (I think) 2021-07-24 14:45:46 -04:00			`$conn->prepare('UPDATE users SET password = ? WHERE id = ?')`
			`->execute([$user_new_cpass, $user_id]);`
Work on user.php; untested 2021-07-11 12:44:31 -04:00
			`$success = $lang['profileupdated']; //" Your profile information is updated ";`
Initial commit Initial commit 2021-07-10 19:18:17 +01:00			`} else {`
			`$error = $lang['oldpasswrong']; // " Your old password is wrong.";`
			`}`
			`} else {`
			`$error = $lang['error']; //"Something went wrong.";`
			`}`
			`}`

Work on user.php; untested 2021-07-11 12:44:31 -04:00			`updatePageViews($conn);`
Initial commit Initial commit 2021-07-10 19:18:17 +01:00
Various fixes and improvements, implement remember me (I think) 2021-07-24 14:45:46 -04:00			`$total_user_pastes = getTotalPastes($conn, $current_user->user_id);`
Initial commit Initial commit 2021-07-10 19:18:17 +01:00
			`// Theme`
New page template system kinda. 2021-08-22 21:45:26 -04:00			`$page_template = 'profile';`
			`require_once('theme/' . $default_theme . '/common.php');`