add edit profile feature

controllers/edit_profile.inc.php

@@ -0,0 +1,40 @@
+<?php
+//Controllers handle the logic of the application
+
+declare(strict_types=1);
+
+
+function is_edit_form_empty(string $fullname, string $email, string $username)
+{
+    if (empty($fullname) && empty($email) && empty($username)) {
+        return true;
+    }
+    return false;
+}
+
+// is the email new and different from the old one?
+function is_email_new(string $new_email, string $old_email)
+{
+    if ($new_email !== $old_email) {
+        return true;
+    }
+    return false;
+}
+
+// is the username new and different from the old one?
+function is_username_new(string $new_username, string $old_username)
+{
+    if ($new_username !== $old_username) {
+        return true;
+    }
+    return false;
+}
+
+// is the name new and different from the old one?
+function is_name_new(string $new_name, string $old_name)
+{
+    if ($new_name !== $old_name) {
+        return true;
+    }
+    return false;
+}

css/profile.css

@@ -9,19 +9,18 @@
   min-width: 450px;
   max-width: 600px;
   margin: 20px auto;
-  background: #0f2027; /* fallback for old browsers */
-  background: -webkit-linear-gradient(
-    to top,
-    #2c5364,
-    #203a43,
-    #0f2027
-  ); /* Chrome 10-25, Safari 5.1-6 */
-  background: linear-gradient(
-    to top,
-    #2c5364,
-    #203a43,
-    #0f2027
-  ); /* W3C, IE 10+/ Edge, Firefox 16+, Chrome 26+, Opera 12+, Safari 7+ */
+  background: #0f2027;
+  /* fallback for old browsers */
+  background: -webkit-linear-gradient(to top,
+      #2c5364,
+      #203a43,
+      #0f2027);
+  /* Chrome 10-25, Safari 5.1-6 */
+  background: linear-gradient(to top,
+      #2c5364,
+      #203a43,
+      #0f2027);
+  /* W3C, IE 10+/ Edge, Firefox 16+, Chrome 26+, Opera 12+, Safari 7+ */
 }
 
 .profile__title {
@@ -68,7 +67,21 @@
   font-size: 1.25rem;
   border-radius: 5px;
 }
+
 .profile__btn:hover {
   background-color: whitesmoke;
   color: #0f2027;
 }
+
+.profile__form {
+  display: flex;
+  flex-direction: column;
+  gap: 1rem;
+  width: 75%;
+  font-size: 1.5rem;
+}
+
+.profile__btn--edit {
+  background-color: transparent;
+  cursor: pointer;
+}

includes/edit_profile.inc.php

@@ -0,0 +1,89 @@
+<?php
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $new_email = $_POST['email'];
+    $new_name = $_POST['name'];
+    $new_username = $_POST['username'];
+
+    try {
+        require_once "./db_handler.inc.php";
+        require_once "./config_session.inc.php";
+        require_once "../models/edit_profile.inc.php";
+        require_once "../models/register.inc.php";
+        require_once "../controllers/edit_profile.inc.php";
+        require_once "../controllers/register.inc.php";
+
+        $current_user = get_current_user_details($pdo, $_SESSION['user_id']);
+
+        // Error handlers
+
+        $errors = [];
+
+
+
+        // Check for empty inputs
+        if (is_edit_form_empty($new_name, $new_email, $new_username)) {
+            // make sure to use local variables here
+            $errors["empty_input"] = "Please fill in all fields";
+        } else {
+            // Check if atleast one field is different from the old one
+            if (!is_email_new($new_email, $current_user['email']) && !is_username_new($new_username, $current_user['username']) && !is_name_new($new_name, $current_user['full_name'])) {
+                $errors["no_changes"] = "No changes were made";
+            }
+
+
+            // Check if email is invalid
+            else if (is_email_invalid($new_email) && !empty($new_email)) {
+                $errors["invalid_email"] = "Please enter a valid email address";
+            }
+
+            // Check if username is taken
+            else if (is_username_taken($pdo, $new_username) && !empty($new_username)) {
+                $errors["username_taken"] = "Username is already taken";
+            }
+
+            // Check if email is already registered
+            else if (is_email_registered($pdo, $new_email) && !empty($new_email)) {
+                $errors["email_taken"] = "Email is already registered";
+            }
+        }
+
+        // the fields that are still empty should be filled with the old values
+        if (empty($new_name)) {
+            $new_name = $current_user['full_name'];
+        }
+        if (empty($new_email)) {
+            $new_email = $current_user['email'];
+        }
+        if (empty($new_username)) {
+            $new_username = $current_user['username'];
+        }
+
+
+
+
+        if ($errors) {
+            $_SESSION["errors_edit_profile"] = $errors;
+            header('Location: ../pages/edit_profile.php');
+            die();
+        }
+
+        // Update user details
+        update_user_details($pdo, $_SESSION['user_id'], $new_name, $new_email, $new_username);
+
+        // log out the user
+        session_start();
+        session_unset();
+        session_destroy();
+        header('Location: ../pages/login.php?edit=success');
+
+        $pdo = null;
+        $stmt = null;
+        die();
+    } catch (PDOException $e) {
+        die("Query failed: " . $e->getMessage());
+    }
+} else {
+    header('Location: ../index.php');
+    die();
+}

models/edit_profile.inc.php

@@ -0,0 +1,25 @@
+<?php
+
+declare(strict_types=1);
+
+
+function get_current_user_details(object $pdo, int $user_id): array
+{
+    $query = "SELECT * FROM users WHERE user_id = :user_id";
+    $stmt = $pdo->prepare($query);
+    $stmt->bindParam(":user_id", $user_id, PDO::PARAM_INT);
+    $stmt->execute();
+    $result = $stmt->fetch(PDO::FETCH_ASSOC);
+    return $result;
+}
+
+function update_user_details(object $pdo, int $user_id, string $new_name, string $new_email, string $new_username): void
+{
+    $query = "UPDATE users SET full_name = :new_name, email = :new_email, username = :new_username WHERE user_id = :user_id";
+    $stmt = $pdo->prepare($query);
+    $stmt->bindParam(":new_name", $new_name, PDO::PARAM_STR);
+    $stmt->bindParam(":new_email", $new_email, PDO::PARAM_STR);
+    $stmt->bindParam(":new_username", $new_username, PDO::PARAM_STR);
+    $stmt->bindParam(":user_id", $user_id, PDO::PARAM_INT);
+    $stmt->execute();
+}

pages/edit_profile.php

@@ -0,0 +1,60 @@
+<?php
+require_once "../includes/db_handler.inc.php";
+require_once "../includes/config_session.inc.php";
+require_once "../models/edit_profile.inc.php";
+require_once "../views/edit_profile.inc.php";
+?>
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Quirx - My Profile</title>
+    <link rel="stylesheet" href="../css/global.css" />
+    <link rel="stylesheet" href="../css/profile.css" />
+    <link rel="stylesheet" href="../css/navbar.css" />
+</head>
+
+<body>
+    <?php include_once('../includes/components/navbar.inc.php') ?>
+
+    <?php
+    // check if user is logged in
+    if (!isset($_SESSION['user_id'])) {
+        // if not, redirect to login page
+        header('Location: ./login.php');
+        exit();
+    }
+
+    $current_user = get_current_user_details($pdo, $_SESSION['user_id'])
+    ?>
+    <main class="profile">
+        <h1 class="profile__title">Edit your profile <br>
+            <span class="subheading">Enter values you want to update</span>
+        </h1>
+
+        <form action="../includes/edit_profile.inc.php" class="profile__form" method="post">
+
+            <input type="text" name="name" placeholder="<?php
+                                                        echo $current_user['full_name'];
+                                                        ?>">
+            <input type=" email" name="email" placeholder="<?php
+                                                            echo $current_user['email'];
+                                                            ?>">
+            <input type="text" name="username" placeholder="<?php
+                                                            echo $current_user['username'];
+                                                            ?>">
+            <button type="submit" class="profile__btn profile__btn--edit">Update</button>
+        </form>
+
+    </main>
+
+    <?php
+    check_and_print_edit_profile_errors();
+    ?>
+
+    <script src="../js/close_modal.js"></script>
+</body>
+
+</html>

pages/login.php

@@ -43,6 +43,15 @@
         HTML;
   }
 
+  if (isset($_GET["edit"]) && $_GET["edit"] === "success") {
+    echo <<<HTML
+          <section class="modal modal--success">
+            <h1 class="modal__title">Profile updated successfully! Please log in again.</h1>
+            <span class="modal__close modal__close--success">X</span>
+          </section>
+        HTML;
+  }
+
   if (isset($_GET["reset"]) && $_GET["reset"] === "true") {
     echo <<<HTML
           <section class="modal modal--success">

pages/user_profile.php

@@ -55,7 +55,7 @@
                 <p>Role: Admin</p>
             <?php } ?>
         </section>
-        <a href="#" class="profile__btn">Edit Profile</a>
+        <a href="./edit_profile.php" class="profile__btn">Edit Profile</a>
         <a href="#" class="profile__btn">Dashboard</a>
     </main>
 </body>

views/edit_profile.inc.php

@@ -0,0 +1,22 @@
+<?php
+//Views are responsible for displaying the data to the user
+
+declare(strict_types=1);
+
+
+function check_and_print_edit_profile_errors()
+{
+    if (isset($_SESSION["errors_edit_profile"])) {
+        $errors = $_SESSION["errors_edit_profile"];
+        if (count($errors) > 0) {
+            echo "<section class='modal modal--error'>";
+            echo "<h1 class='modal__title'>Errors while updating profile: </h1>";
+            echo "<span class='modal__close modal__close--error'>X</span>";
+            foreach ($errors as $error) {
+                echo "<p class='modal__item'>$error</p>";
+            }
+            echo "</section>";
+            unset($_SESSION["errors_edit_profile"]);
+        }
+    }
+}