From 60e0719eda818aa09ae308fbaef61b4d0cef3316 Mon Sep 17 00:00:00 2001 From: Agent Date: Sat, 13 Jun 2026 17:37:27 -0400 Subject: [PATCH] fix: allow toggling notifications without password --- src/Controllers/ApiController.php | 35 ++++++++++++++++++------------ src/Controllers/AuthController.php | 29 +++++++++++++++++-------- views/auth/profile.php | 2 +- 3 files changed, 42 insertions(+), 24 deletions(-) diff --git a/src/Controllers/ApiController.php b/src/Controllers/ApiController.php index b4b48fd..5643cf1 100755 --- a/src/Controllers/ApiController.php +++ b/src/Controllers/ApiController.php @@ -592,25 +592,32 @@ class ApiController $input = json_decode(file_get_contents('php://input'), true) ?? $_POST; - $validator = new Validator(); - $rules = [ - 'email' => 'required|email', - ]; - - if (!$validator->validate($input, $rules)) { - $this->view->json([ - 'success' => false, - 'error' => $validator->getFirstError(), - ], 400); - return; - } - - $updateData = ['email' => $input['email']]; + $updateData = []; if (isset($input['notifications_enabled'])) { $updateData['notifications_enabled'] = $input['notifications_enabled'] ? 1 : 0; } + $hasEmail = !empty($input['email']); + $hasPassword = !empty($input['new_password']); + + if (!$hasEmail && !$hasPassword) { + if (!empty($updateData)) { + $userModel = new User(); + $userModel->update((int) $user['id'], $updateData); + } + $this->view->json(['success' => true, 'message' => 'Profile updated successfully.']); + } + + if ($hasEmail) { + $validator = new Validator(); + $rules = ['email' => 'required|email']; + if (!$validator->validate($input, $rules)) { + $this->view->json(['success' => false, 'error' => $validator->getFirstError()], 400); + } + $updateData['email'] = $input['email']; + } + if (!empty($input['new_password'])) { if (strlen($input['new_password']) < 8) { $this->view->json([ diff --git a/src/Controllers/AuthController.php b/src/Controllers/AuthController.php index 21f90e9..10fa48e 100755 --- a/src/Controllers/AuthController.php +++ b/src/Controllers/AuthController.php @@ -171,6 +171,25 @@ class AuthController { $userId = Session::get('user_id'); + $updateData = []; + + if (isset($_POST['notifications_enabled'])) { + $updateData['notifications_enabled'] = 1; + } else { + $updateData['notifications_enabled'] = 0; + } + + $user = $this->userModel->findById($userId); + + $changingEmail = isset($_POST['email']) && $_POST['email'] !== $user['email']; + $changingPassword = !empty($_POST['new_password']); + + if (!$changingEmail && !$changingPassword) { + $this->userModel->update($userId, $updateData); + Session::setFlash('success', 'Profile updated successfully.'); + $this->view->redirect('/profile'); + } + $validator = new Validator(); $rules = [ 'email' => 'required|email', @@ -184,21 +203,13 @@ class AuthController $this->view->redirect('/profile'); } - $user = $this->userModel->findById($userId); - $security = new \ServerManager\Core\Security(); if (!$security->verifyPassword($_POST['current_password'], $user['password_hash'])) { Session::setFlash('error', 'Current password is incorrect.'); $this->view->redirect('/profile'); } - $updateData = ['email' => $_POST['email']]; - - if (isset($_POST['notifications_enabled'])) { - $updateData['notifications_enabled'] = 1; - } else { - $updateData['notifications_enabled'] = 0; - } + $updateData['email'] = $_POST['email']; if (!empty($_POST['new_password'])) { $updateData['password'] = $_POST['new_password']; diff --git a/views/auth/profile.php b/views/auth/profile.php index 988721d..e69e4a5 100755 --- a/views/auth/profile.php +++ b/views/auth/profile.php @@ -41,7 +41,7 @@

Change Password

- +
-- 2.43.0