public function update()
{
$link = Data_Provider::connect();
$sets = '';
foreach ($this->attributes as $key => $value) {
if ('id' != $key) {
$value = mysqli_escape_string($link, $value);
if ($key != end_key($this->attributes)) {
$sets .= " `{$key}` = '{$value}' , ";
} else {
$sets .= " `{$key}` ='{$value}' ";
}
}
}
$sql = 'update `' . self::$table . "` set {$sets} where `id`={$this->id}";
if ($link->query($sql)) {
if ($link->affected_rows > 0) {
return true;
}
return false;
}
}
public function password_post($params)
{
if (!isset($_SESSION['user'])) {
ob_end_clean();
header('Location:' . Path::go_to('user/login'));
exit;
}
$msg = array();
$msg = $this->validate_password($params['password'], $params['cf-password']);
if (sizeof($msg) > 0) {
$this->render('views/user/password.php', ['msg' => $msg]);
return;
}
if ($result = User::query(['`id`', '`password`'])->where([['`email`', '=', "'{$_SESSION['user']}'"]])->get()) {
if ($row = $result->fetch_assoc()) {
$user = new User($row);
$link = Data_Provider::connect();
if ($user->password == hash('sha384', mysqli_escape_string($link, $params['current-password']) . SECRET_KEY)) {
$user->password = hash('sha384', mysqli_escape_string($link, $params['password']) . SECRET_KEY);
if ($user->update()) {
$this->render('views/user/password_success.php');
return;
} else {
array_push($msg, 'Password hasn\'t been updated yet, try again later');
}
} else {
array_push($msg, 'Your password was incorrect');
}
} else {
array_push($msg, 'Error! Please try again');
}
} else {
array_push($msg, 'Database is dead "T-T');
}
$this->render('views/user/password.php', ['msg' => $msg]);
}
