From 57472eab3c7b035392c6a5aa240593ecaa7d1ccf Mon Sep 17 00:00:00 2001 From: ilotterytea Date: Mon, 8 Dec 2025 21:53:36 +0500 Subject: upd: moved all /public/ files to the root folder --- public/account/security.php | 52 --------------------------------------------- 1 file changed, 52 deletions(-) delete mode 100644 public/account/security.php (limited to 'public/account/security.php') diff --git a/public/account/security.php b/public/account/security.php deleted file mode 100644 index 5545b60..0000000 --- a/public/account/security.php +++ /dev/null @@ -1,52 +0,0 @@ -prepare("SELECT * FROM users WHERE id = ?"); -$stmt->execute([$_SESSION["user_id"]]); - -$user = $stmt->fetch(); -$current_password = $_POST["password-current"] ?? ""; - -if ($user["password"] != null && !password_verify($current_password, $user["password"])) { - generate_alert("/account", "Password is required to apply changes in 'Security' section"); - exit; -} - -if (!empty($_POST["password-new"])) { - $password = $_POST["password-new"]; - if (ACCOUNT_PASSWORD_MIN_LENGTH > strlen($password)) { - generate_alert("/account", "Your password must be at least " . ACCOUNT_PASSWORD_MIN_LENGTH . " characters"); - exit; - } - - $db->prepare("UPDATE users SET password = ? WHERE id = ?") - ->execute([password_hash($password, PASSWORD_DEFAULT), $user["id"]]); -} - -$private_profile = (int) (intval($_POST["make-private"] ?? "0") == 1); - -$db->prepare("UPDATE user_preferences SET private_profile = ? WHERE id = ?") - ->execute([$private_profile, $user["id"]]); - -if (intval($_POST["signout-everywhere"] ?? "0") == 1) { - $db->prepare("UPDATE users SET secret_key = ? WHERE id = ?") - ->execute([generate_random_string(ACCOUNT_SECRET_KEY_LENGTH), $_SESSION["user_id"]]); - - session_unset(); - session_destroy(); - - setcookie("secret_key", "", time() - 1000); -} - -generate_alert("/account", "Your changes have been applied!", 200); \ No newline at end of file -- cgit v1.2.3