diff --git a/src/app/components/common/profile.php b/src/app/components/common/profile.php
index f6416c0e9ae9a32ba58097f21bd5a4b89a6c2ba9..fca927afc956675b8fe79054550a933c0f903d85 100644
--- a/src/app/components/common/profile.php
+++ b/src/app/components/common/profile.php
@@ -18,14 +18,12 @@
<img class="profpic-edit" src="<?= STORAGE_URL . $this->data["url_profpic"] ?>" alt="image">
<div class="edit-info">
<div class="sh5">Nama</div>
- <input type="text">
+ <input type="text" value="<?=$this->data["name"] ?>" id="name-form">
<div class="sh5">Username</div>
- <input type="text">
- <div class="sh5">Password</div>
- <input type="text">
+ <input type="text"value="<?=$this->data["username"]?>" id="username-form">
</div>
</div>
- <button class="sh4">Submit</button>
+ <button class="sh4" id="submit-profile">Submit</button>
</div>
</div>
<?php endif; ?>
diff --git a/src/app/controllers/login/post_login.php b/src/app/controllers/login/post_login.php
index 3420ec65da11819faf8d126c5d47d6e63b4b720a..96f4fa80a789bb461b32dfda85178075a5b771d2 100644
--- a/src/app/controllers/login/post_login.php
+++ b/src/app/controllers/login/post_login.php
@@ -23,7 +23,7 @@ class PostLoginController
} else {
if (password_verify($password, $user['password'])) {
$_SESSION["start"] = time();
- $_SESSION["expire"] = time() + 60 * 10;
+ $_SESSION["expire"] = time() + 60 * 600;
$_SESSION["user_id"] = $user['id_user'];
if ($username == "premium") {
diff --git a/src/app/controllers/profile/get_profile.php b/src/app/controllers/profile/get_profile.php
index a44450a44a35c6b0243cbc51953d7906f4a413e4..0ae440f317af7450a3abeaafd0bed1f892528c4c 100644
--- a/src/app/controllers/profile/get_profile.php
+++ b/src/app/controllers/profile/get_profile.php
@@ -26,7 +26,6 @@ class getProfileController
"name" => $profile->name,
"username" => $profile->username,
"url_profpic" => $profile->url_profpic,
- "password" => $profile->password,
];
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Credentials: true");
diff --git a/src/app/controllers/profile/update_profile.php b/src/app/controllers/profile/update_profile.php
index a414503d79ebe8e7f3fe2429f05b23fe6d2d54ad..03822569f8c4e96070b980dad0d53238cf62ac08 100644
--- a/src/app/controllers/profile/update_profile.php
+++ b/src/app/controllers/profile/update_profile.php
@@ -4,31 +4,43 @@ class UpdateProfileController
{
public function call()
{
-
if (isset($_SERVER["HTTP_API_KEY"])) {
- if ($_SERVER["HTTP_API_KEY"] != $_ENV["API_KEY"]) {
- http_response_code(403);
- return;
+ if ($_SERVER["HTTP_API_KEY"] != $_ENV["REST_PHP_KEY"]) {
+ http_response_code(403);
+ echo json_encode(["message" => "Invalid API key"]);
+ return;
}
}
+ header("Access-Control-Allow-Origin: *");
+ header("Access-Control-Allow-Credentials: true");
+ header("Max-Age: 86400");
+ header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS");
if (isset($_SERVER["QUERY_STRING"])) {
+ if (!isset($_POST['name']) || !isset($_POST['username'])) {
+ http_response_code(403);
+ echo json_encode(["message" => "invalid username or name"]);
+ exit;
+ }
$name = $_POST['name'];
$username = $_POST['username'];
- $password = $_POST['password'];
try {
- if (!isset($_SERVER["user_id"])) {
- http_response_code(401);
- echo json_encode(["message" => "Disni"]);
+ if (!isset($_GET["user_id"])) {
+ http_response_code(400);
+ echo json_encode(["message" => "Invalid user id"]);
exit;
} else {
- $model = new UserModel();
- $status = $model->updateProfile($_SESSION["user_id"], $name, $username, $password);
+ $userModel = new UserModel();
+ $status = $userModel->updateProfile($_GET["user_id"], $name, $username);
if ($status == 200) {
- http_response_code(200);
- echo json_encode(["message" => "Profile updated successfully"]);
+ if ($name== "woy") {
+ http_response_code(500);
+ } else {
+ }
+ http_response_code(500);
+ echo json_encode(["message" => "Profile updated successfully!", "name" => $name, "username" => $username]);
exit;
} else {
http_response_code(500);
diff --git a/src/app/models/user.php b/src/app/models/user.php
index 015dd9d6c1495f9368f9a9f34d8fd775be74aac2..3bf84867d0cefb393260a4ef6d9160394c5e54d3 100644
--- a/src/app/models/user.php
+++ b/src/app/models/user.php
@@ -68,15 +68,14 @@ class UserModel
return $rowAffected;
}
- public function updateProfile($id_user, $name, $username, $password) {
- $query = "UPDATE user( name, username, password)
- SET user=:name, username=:username, password=:password
+ public function updateProfile($id_user, $name, $username) {
+ $query = "UPDATE user
+ SET name=:name, username=:username
WHERE id_user=:id_user";
$this->db->query($query);
$this->db->bind('name', $name);
$this->db->bind('username', $username);
- $this->db->bind('password', $password);
$this->db->bind('id_user', $id_user);
$status = 200;
diff --git a/src/public/javascript/profile/profile.js b/src/public/javascript/profile/profile.js
index 9ff5d5761ba20e1a791353291686f235e6958915..e6239b77072f13a79bcc8aff90db56902b57d0f1 100644
--- a/src/public/javascript/profile/profile.js
+++ b/src/public/javascript/profile/profile.js
@@ -1,3 +1,5 @@
+import { showErrorToast, showSuccessToast } from "../toast.mjs";
+
const profile = document.querySelector(".profile");
const profileMenu = document.querySelector(".profile-menu");
console.log("masuk");
@@ -27,3 +29,41 @@ window.addEventListener("click", function (e) {
editProfile.style.display = "none";
}
});
+
+
+// Handle submit
+const nameForm = document.getElementById("name-form");
+const usernameForm = document.getElementById("name-form");
+const submitProfileButton = document.getElementById("submit-profile");
+
+submitProfileButton.addEventListener("click", (e) => {
+ e.preventDefault();
+ const name = nameForm.value;
+ const username = usernameForm.value;
+
+ const formData = new FormData();
+ formData.append("name", name);
+ formData.append("username", username);
+
+ const xhr = new XMLHttpRequest();
+ xhr.open("POST", "/public/profile", true);
+
+ xhr.onload = function () {
+ if (xhr.readyState === XMLHttpRequest.DONE) {
+ if (xhr.status === 200) {
+ nameForm.value = JSON.parse(xhr.responseText).name;
+ usernameForm.value = JSON.parse(xhr.responseText).username;
+ showSuccessToast(JSON.parse(xhr.responseText).message);
+ } else {
+ showErrorToast(JSON.parse(xhr.responseText).message);
+ }
+ }
+ };
+
+ xhr.send(formData);
+});
+
+
+
+
+