Merge pull request 'fix: allow toggling notifications without password' (#81) from feat/version-update-notification into master

Reviewed-on: #81
This commit was merged in pull request #81.
This commit is contained in:
2026-06-13 17:38:55 -04:00
3 changed files with 42 additions and 24 deletions

View File

@@ -592,25 +592,32 @@ class ApiController
$input = json_decode(file_get_contents('php://input'), true) ?? $_POST; $input = json_decode(file_get_contents('php://input'), true) ?? $_POST;
$validator = new Validator(); $updateData = [];
$rules = [
'email' => 'required|email',
];
if (!$validator->validate($input, $rules)) {
$this->view->json([
'success' => false,
'error' => $validator->getFirstError(),
], 400);
return;
}
$updateData = ['email' => $input['email']];
if (isset($input['notifications_enabled'])) { if (isset($input['notifications_enabled'])) {
$updateData['notifications_enabled'] = $input['notifications_enabled'] ? 1 : 0; $updateData['notifications_enabled'] = $input['notifications_enabled'] ? 1 : 0;
} }
$hasEmail = !empty($input['email']);
$hasPassword = !empty($input['new_password']);
if (!$hasEmail && !$hasPassword) {
if (!empty($updateData)) {
$userModel = new User();
$userModel->update((int) $user['id'], $updateData);
}
$this->view->json(['success' => true, 'message' => 'Profile updated successfully.']);
}
if ($hasEmail) {
$validator = new Validator();
$rules = ['email' => 'required|email'];
if (!$validator->validate($input, $rules)) {
$this->view->json(['success' => false, 'error' => $validator->getFirstError()], 400);
}
$updateData['email'] = $input['email'];
}
if (!empty($input['new_password'])) { if (!empty($input['new_password'])) {
if (strlen($input['new_password']) < 8) { if (strlen($input['new_password']) < 8) {
$this->view->json([ $this->view->json([

View File

@@ -171,6 +171,25 @@ class AuthController
{ {
$userId = Session::get('user_id'); $userId = Session::get('user_id');
$updateData = [];
if (isset($_POST['notifications_enabled'])) {
$updateData['notifications_enabled'] = 1;
} else {
$updateData['notifications_enabled'] = 0;
}
$user = $this->userModel->findById($userId);
$changingEmail = isset($_POST['email']) && $_POST['email'] !== $user['email'];
$changingPassword = !empty($_POST['new_password']);
if (!$changingEmail && !$changingPassword) {
$this->userModel->update($userId, $updateData);
Session::setFlash('success', 'Profile updated successfully.');
$this->view->redirect('/profile');
}
$validator = new Validator(); $validator = new Validator();
$rules = [ $rules = [
'email' => 'required|email', 'email' => 'required|email',
@@ -184,21 +203,13 @@ class AuthController
$this->view->redirect('/profile'); $this->view->redirect('/profile');
} }
$user = $this->userModel->findById($userId);
$security = new \ServerManager\Core\Security(); $security = new \ServerManager\Core\Security();
if (!$security->verifyPassword($_POST['current_password'], $user['password_hash'])) { if (!$security->verifyPassword($_POST['current_password'], $user['password_hash'])) {
Session::setFlash('error', 'Current password is incorrect.'); Session::setFlash('error', 'Current password is incorrect.');
$this->view->redirect('/profile'); $this->view->redirect('/profile');
} }
$updateData = ['email' => $_POST['email']]; $updateData['email'] = $_POST['email'];
if (isset($_POST['notifications_enabled'])) {
$updateData['notifications_enabled'] = 1;
} else {
$updateData['notifications_enabled'] = 0;
}
if (!empty($_POST['new_password'])) { if (!empty($_POST['new_password'])) {
$updateData['password'] = $_POST['new_password']; $updateData['password'] = $_POST['new_password'];

View File

@@ -41,7 +41,7 @@
<h3>Change Password</h3> <h3>Change Password</h3>
<div class="form-group"> <div class="form-group">
<label for="current_password">Current Password</label> <label for="current_password">Current Password</label>
<input type="password" id="current_password" name="current_password" class="form-input" required> <input type="password" id="current_password" name="current_password" class="form-input">
</div> </div>
<div class="form-group"> <div class="form-group">
<label for="new_password">New Password (leave blank to keep current)</label> <label for="new_password">New Password (leave blank to keep current)</label>