LMS/profile_update.php at main · Laurel23/LMS · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
<?php
session_start();
require_once "connection.php";

header('Content-Type: application/json');

if (!isset($_SESSION['student_reg_no'])) {
    echo json_encode(['success' => false, 'message' => 'Unauthorized']);
    exit();
}

$student_reg_no = $_SESSION['student_reg_no'];

if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
    echo json_encode(['success' => false, 'message' => 'Invalid request method']);
    exit();
}

$new_first_name = trim($_POST['first_name'] ?? '');
$new_last_name = trim($_POST['last_name'] ?? '');
$new_email = trim($_POST['email'] ?? '');
$new_password = $_POST['password'] ?? '';

if (empty($new_first_name) || empty($new_last_name) || empty($new_email)) {
    echo json_encode(['success' => false, 'message' => 'All fields except password are required.']);
    exit();
}

if (!filter_var($new_email, FILTER_VALIDATE_EMAIL)) {
    echo json_encode(['success' => false, 'message' => 'Please enter a valid email address.']);
    exit();
}

if (!empty($new_password)) {
    $hashed_password = password_hash($new_password, PASSWORD_DEFAULT);
    $query = "UPDATE users SET first_name=?, last_name=?, email=?, password=? WHERE registration_no=?";
    $update_stmt = $db->prepare($query);
    $update_stmt->bind_param("sssss", $new_first_name, $new_last_name, $new_email, $hashed_password, $student_reg_no);
} else {
    $query = "UPDATE users SET first_name=?, last_name=?, email=? WHERE registration_no=?";
    $update_stmt = $db->prepare($query);
    $update_stmt->bind_param("ssss", $new_first_name, $new_last_name, $new_email, $student_reg_no);
}

if ($update_stmt->execute()) {
    echo json_encode(['success' => true, 'message' => 'Profile updated successfully!']);
} else {
    echo json_encode(['success' => false, 'message' => 'An error occurred. Please try again.']);
}

$update_stmt->close();
?>