From fb2fd0644c4f74e09a9fe6b8cc1af931c77b04df Mon Sep 17 00:00:00 2001
From: ilotterytea <iltsu@alright.party>
Date: Sat, 10 May 2025 18:42:16 +0500
Subject: upd: hide current password field if there is no password

---
 public/account/index.php | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

(limited to 'public/account/index.php')

diff --git a/public/account/index.php b/public/account/index.php
index 97c5942..e5a609b 100644
--- a/public/account/index.php
+++ b/public/account/index.php
@@ -190,8 +190,14 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
                     <form action="/account/security.php" method="post">
                         <h2>Security & Privacy</h2>
                         <div>
-                            <label for="password-current">Current password:</label>
-                            <input type="password" name="password-current" id="form-password-current">
+                            <?php
+                            $stmt = $db->prepare("SELECT CASE WHEN password IS NOT NULL THEN 1 ELSE 0 END as set_password FROM users WHERE id = ?");
+                            $stmt->execute([$_SESSION["user_id"]]);
+                            $set_password = $stmt->fetch()[0];
+                            if ($set_password): ?>
+                                <label for="password-current">Current password:</label>
+                                <input type="password" name="password-current" id="form-password-current" required>
+                            <?php endif; ?>
                             <label for="password-new">New password:</label>
                             <input type="password" name="password-new" id="form-password-new">
                         </div>
-- 
cgit v1.2.3