fix: allow toggling notifications without password
This commit is contained in:
@@ -592,25 +592,32 @@ class ApiController
|
||||
|
||||
$input = json_decode(file_get_contents('php://input'), true) ?? $_POST;
|
||||
|
||||
$validator = new Validator();
|
||||
$rules = [
|
||||
'email' => 'required|email',
|
||||
];
|
||||
|
||||
if (!$validator->validate($input, $rules)) {
|
||||
$this->view->json([
|
||||
'success' => false,
|
||||
'error' => $validator->getFirstError(),
|
||||
], 400);
|
||||
return;
|
||||
}
|
||||
|
||||
$updateData = ['email' => $input['email']];
|
||||
$updateData = [];
|
||||
|
||||
if (isset($input['notifications_enabled'])) {
|
||||
$updateData['notifications_enabled'] = $input['notifications_enabled'] ? 1 : 0;
|
||||
}
|
||||
|
||||
$hasEmail = !empty($input['email']);
|
||||
$hasPassword = !empty($input['new_password']);
|
||||
|
||||
if (!$hasEmail && !$hasPassword) {
|
||||
if (!empty($updateData)) {
|
||||
$userModel = new User();
|
||||
$userModel->update((int) $user['id'], $updateData);
|
||||
}
|
||||
$this->view->json(['success' => true, 'message' => 'Profile updated successfully.']);
|
||||
}
|
||||
|
||||
if ($hasEmail) {
|
||||
$validator = new Validator();
|
||||
$rules = ['email' => 'required|email'];
|
||||
if (!$validator->validate($input, $rules)) {
|
||||
$this->view->json(['success' => false, 'error' => $validator->getFirstError()], 400);
|
||||
}
|
||||
$updateData['email'] = $input['email'];
|
||||
}
|
||||
|
||||
if (!empty($input['new_password'])) {
|
||||
if (strlen($input['new_password']) < 8) {
|
||||
$this->view->json([
|
||||
|
||||
@@ -171,6 +171,25 @@ class AuthController
|
||||
{
|
||||
$userId = Session::get('user_id');
|
||||
|
||||
$updateData = [];
|
||||
|
||||
if (isset($_POST['notifications_enabled'])) {
|
||||
$updateData['notifications_enabled'] = 1;
|
||||
} else {
|
||||
$updateData['notifications_enabled'] = 0;
|
||||
}
|
||||
|
||||
$user = $this->userModel->findById($userId);
|
||||
|
||||
$changingEmail = isset($_POST['email']) && $_POST['email'] !== $user['email'];
|
||||
$changingPassword = !empty($_POST['new_password']);
|
||||
|
||||
if (!$changingEmail && !$changingPassword) {
|
||||
$this->userModel->update($userId, $updateData);
|
||||
Session::setFlash('success', 'Profile updated successfully.');
|
||||
$this->view->redirect('/profile');
|
||||
}
|
||||
|
||||
$validator = new Validator();
|
||||
$rules = [
|
||||
'email' => 'required|email',
|
||||
@@ -184,21 +203,13 @@ class AuthController
|
||||
$this->view->redirect('/profile');
|
||||
}
|
||||
|
||||
$user = $this->userModel->findById($userId);
|
||||
|
||||
$security = new \ServerManager\Core\Security();
|
||||
if (!$security->verifyPassword($_POST['current_password'], $user['password_hash'])) {
|
||||
Session::setFlash('error', 'Current password is incorrect.');
|
||||
$this->view->redirect('/profile');
|
||||
}
|
||||
|
||||
$updateData = ['email' => $_POST['email']];
|
||||
|
||||
if (isset($_POST['notifications_enabled'])) {
|
||||
$updateData['notifications_enabled'] = 1;
|
||||
} else {
|
||||
$updateData['notifications_enabled'] = 0;
|
||||
}
|
||||
$updateData['email'] = $_POST['email'];
|
||||
|
||||
if (!empty($_POST['new_password'])) {
|
||||
$updateData['password'] = $_POST['new_password'];
|
||||
|
||||
@@ -41,7 +41,7 @@
|
||||
<h3>Change Password</h3>
|
||||
<div class="form-group">
|
||||
<label for="current_password">Current Password</label>
|
||||
<input type="password" id="current_password" name="current_password" class="form-input" required>
|
||||
<input type="password" id="current_password" name="current_password" class="form-input">
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="new_password">New Password (leave blank to keep current)</label>
|
||||
|
||||
Reference in New Issue
Block a user