<?php
////Imports
require_once 'db/db_conn.php';
require_once 'db/SELECT.php';
require_once 'classes/User.php';
if (!isset($_POST['id']) || !is_numeric($_POST['id'])) {
http_response_code(400);
exit;
}
if (!isset($_POST['oldpassword']) || count($_POST['oldpassword']) === 0) {
http_response_code(400);
exit;
}
$ADK_USER_PASSWORD = $_POST['oldpassword'];
$ADK_USER = new User();
$ADK_USER->id = intval($_POST['id']);
$con = connect_db();
if (!$ADK_USER->isOldPassword($con, $ADK_USER_PASSWORD)) {
$code = 418;
} else {
$code = 200;
}
$con->close;
http_response_code($code);
require_once 'db/db_conn.php';
require_once 'db/UPDATE.php';
require_once 'classes/User.php';
if (!isset($_POST['id']) || !is_numeric($_POST['id'])) {
header('Location: ../');
exit;
}
$con = connect_db();
$ADK_USER_PASSWORD = $_POST['password'];
$ADK_USER_PASSWORD_CONFIRM = $_POST['confirmpassword'];
$ADK_USER = new User();
$ADK_USER->id = intval($_POST['id']);
$ADK_USER->pw = $_POST['password'];
if (isset($_POST['checkold'])) {
require_once 'db/SELECT.php';
if (!$ADK_USER->isOldPassword($con, $_POST['oldpassword'])) {
header('Location: ../profile?e=o');
exit;
}
}
if ($ADK_USER_PASSWORD !== $ADK_USER_PASSWORD_CONFIRM) {
header('Location: ../profile?e=m');
exit;
}
$ADK_USER->updatePW($con);
$con->close();
switch ($_SESSION['ADK_USERGROUP_CDE']) {
case 'COR':
header('Location: ../hikers');
break;
case 'HIK':
