diff --git a/src/app/components/app/app_page.php b/src/app/components/app/app_page.php
index e74a7afc70728c6ee19126be6371533b3069db1d..62933b5248b8fad16034258a90ece162b139af8f 100644
--- a/src/app/components/app/app_page.php
+++ b/src/app/components/app/app_page.php
@@ -17,8 +17,10 @@
<link rel="stylesheet" type="text/css" href="<?= BASE_URL ?>/styles/dashboard/pages/episode.css">
<link rel="stylesheet" type="text/css" href="<?= BASE_URL ?>/styles/dashboard/components/button.css">
<!-- JavaScript Library -->
+ <script type="module" src="<?= BASE_URL ?>/javascript/toast.mjs" defer></script>
<script type="text/javascript" src="<?= BASE_URL ?>/javascript/player.js" defer></script>
<script type="text/javascript" src="<?= BASE_URL ?>/javascript/util/debounce.js" defer></script>
+ <script type="text/javascript" src="<?= BASE_URL ?>/javascript/profile/profile.js" defer></script>
<script type="module" src="<?= BASE_URL ?>/javascript/dashboard/layout.mjs" defer></script>
<script type="module" src="<?= BASE_URL ?>/javascript/app/app.js" defer></script>
<!-- Google Fonts -->
diff --git a/src/app/components/common/profile.php b/src/app/components/common/profile.php
index f6416c0e9ae9a32ba58097f21bd5a4b89a6c2ba9..b8d496db44f4090ecd341d21846008ec2fd41f04 100644
--- a/src/app/components/common/profile.php
+++ b/src/app/components/common/profile.php
@@ -18,19 +18,17 @@
<img class="profpic-edit" src="<?= STORAGE_URL . $this->data["url_profpic"] ?>" alt="image">
<div class="edit-info">
<div class="sh5">Nama</div>
- <input type="text">
+ <input type="text" value="<?=$this->data["name"] ?>" id="name-form">
<div class="sh5">Username</div>
- <input type="text">
- <div class="sh5">Password</div>
- <input type="text">
+ <input type="text"value="<?=$this->data["username"]?>" id="username-form">
</div>
</div>
- <button class="sh4">Submit</button>
+ <button class="sh3" id="submit-profile">Save</button>
+ <p id="save-profile-alert"></p>
</div>
</div>
<?php endif; ?>
</section>
-<script type="text/javascript" src="<?= BASE_URL ?>/javascript/profile/profile.js" defer></script>
<script>
const logoutBtn = document.getElementById("logout");
logoutBtn.addEventListener("click", (e) => {
diff --git a/src/app/controllers/login/post_login.php b/src/app/controllers/login/post_login.php
index 3313dd01942ab091ed23ac9c3c26968a38f30d06..96f4fa80a789bb461b32dfda85178075a5b771d2 100644
--- a/src/app/controllers/login/post_login.php
+++ b/src/app/controllers/login/post_login.php
@@ -23,7 +23,7 @@ class PostLoginController
} else {
if (password_verify($password, $user['password'])) {
$_SESSION["start"] = time();
- $_SESSION["expire"] = time() + 60 * 1000;
+ $_SESSION["expire"] = time() + 60 * 600;
$_SESSION["user_id"] = $user['id_user'];
if ($username == "premium") {
diff --git a/src/app/controllers/profile/get_profile.php b/src/app/controllers/profile/get_profile.php
index 755ce3d3d0b751d755bfe99aeb31e08eb2f02509..0ae440f317af7450a3abeaafd0bed1f892528c4c 100644
--- a/src/app/controllers/profile/get_profile.php
+++ b/src/app/controllers/profile/get_profile.php
@@ -4,37 +4,35 @@ class getProfileController
{
public function call()
{
- require_once __DIR__ . "/../../views/login/login.php";
session_start();
- // print_r($_SESSION);
- // if (isset($_SESSION['user_id'])) {
- $user_id = "4";
- // if (isset($_GET["user_id"])) {
- // $user_id = $_GET["user_id"];
- // }
+
+ if (isset($_SERVER["HTTP_API_KEY"])) {
+ if ($_SERVER["HTTP_API_KEY"] != $_ENV["API_KEY"]) {
+ http_response_code(403);
+ session_destroy();
+ return;
+ }
+ }
- $userModel = new UserModel();
- $profile = $userModel->getUserInfo(4);
-
- $data = [
- "name" => $profile->name,
- "username" => $profile->username,
- "url_profpic" => $profile->url_profpic,
- "is_admin" => $profile->is_admin,
- ];
- header("Access-Control-Allow-Origin: http://localhost:3000");
- header("Access-Control-Allow-Credentials: true");
- header("Max-Age: 86400");
- header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS");
- // header("Access-Control-Allow-Headers: $_SERVER[HTTP_ACCESS_CONTROL_REQUEST_HEADERS]");
- echo json_encode($data);
- // } else {
- // session_destroy();
+ $user_id = "";
+ if (isset($_GET["user_id"])) {
+ $user_id = $_GET["user_id"];
+ }
- // http_response_code(403);
- // header("Location: " . BASE_URL . "/login");
+ $userModel = new UserModel();
+ $profile = $userModel->getUserInfo(4);
- // return;
- // }
+ $data = [
+ "name" => $profile->name,
+ "username" => $profile->username,
+ "url_profpic" => $profile->url_profpic,
+ ];
+ header("Access-Control-Allow-Origin: *");
+ header("Access-Control-Allow-Credentials: true");
+ header("Max-Age: 86400");
+ header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS");
+ // header("Access-Control-Allow-Headers: $_SERVER[HTTP_ACCESS_CONTROL_REQUEST_HEADERS]");
+ http_response_code(200);
+ echo json_encode($data);
}
}
\ No newline at end of file
diff --git a/src/app/controllers/profile/update_profile.php b/src/app/controllers/profile/update_profile.php
new file mode 100644
index 0000000000000000000000000000000000000000..b75829b06cb9b68977de57decc97b5ff31ecf698
--- /dev/null
+++ b/src/app/controllers/profile/update_profile.php
@@ -0,0 +1,69 @@
+<?php
+
+class UpdateProfileController
+{
+ public function call()
+ {
+ if (isset($_SERVER["HTTP_API_KEY"])) {
+ if ($_SERVER["HTTP_API_KEY"] != $_ENV["REST_PHP_KEY"]) {
+ http_response_code(403);
+ echo json_encode(["message" => "Invalid API key"]);
+ return;
+ }
+ }
+
+ header("Access-Control-Allow-Origin: *");
+ header("Access-Control-Allow-Credentials: true");
+ header("Max-Age: 86400");
+ header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS");
+ if (isset($_SERVER["QUERY_STRING"])) {
+ if ((!isset($_POST['name']) || !isset($_POST['username'])) && !(file_get_contents('php://input') != null)) {
+ http_response_code(403);
+ echo json_encode(["message" => "invalid username or name"]);
+ exit;
+ }
+ $name = "";
+ $username = "";
+ if (isset($_POST['name']) && isset($_POST['username'])){
+ $name = $_POST['name'];
+ $username = $_POST['username'];
+ } else if ((file_get_contents('php://input') != null)){
+ $data = json_decode(file_get_contents('php://input'), true);
+ $name = $data['name'];
+ $username = $data['username'];
+ }
+
+ try {
+ if (!isset($_GET["user_id"]) && !isset($_SESSION["user_id"])) {
+ http_response_code(400);
+ echo json_encode(["message" => "Invalid user id"]);
+ exit;
+ } else {
+ $user_id = "";
+ if (isset($_GET["user_id"])) {
+ $user_id = $_GET["user_id"];
+ } else {
+ $user_id = $_SESSION["user_id"];
+ }
+ $userModel = new UserModel();
+ $status = $userModel->updateProfile($user_id, $name, $username);
+
+ if ($status == 200) {
+ http_response_code(200);
+ echo json_encode(["message" => "Profile updated successfully!", "name" => $name, "username" => $username]);
+ exit;
+ } else {
+ http_response_code(500);
+ echo json_encode(["message" => "Internal server error"]);
+ exit;
+ }
+ }
+ } catch (PDOException $e) {
+ echo $e->getCode();
+ http_response_code(500);
+ echo json_encode(["message" => "Internal server error"]);
+ exit;
+ }
+ }
+ }
+}
diff --git a/src/app/core/app.php b/src/app/core/app.php
index 6daecb620a2edc0a4fca8174f2f5d795ec7300a6..f56be79b84e7dfa7a01f04c48955b13897c79210 100644
--- a/src/app/core/app.php
+++ b/src/app/core/app.php
@@ -10,6 +10,8 @@ class App
// Pages routes
$router->get("public/login", new GetLoginController());
$router->get("public/signup", new GetSignupController());
+ $router->get("public/profile", new getProfileController());
+ $router->post("public/profile", new UpdateProfileController());
$router->get("public", new AppController());
$router->get("public/home", new AppController());
diff --git a/src/app/init.php b/src/app/init.php
index ae520202e15d14e6b01f3d94f5b3001a2693e38e..8e23e625f841cc0d0798e1ffbd2f44eb3249f4d0 100644
--- a/src/app/init.php
+++ b/src/app/init.php
@@ -43,6 +43,7 @@ require_once __DIR__ . "/controllers/signup/get_signup.php";
require_once __DIR__ . "/controllers/signup/post_signup.php";
require_once __DIR__ . "/controllers/search/get_search.php";
require_once __DIR__ . "/controllers/profile/get_profile.php";
+require_once __DIR__ . "/controllers/profile/update_profile.php";
require_once __DIR__ . "/controllers/app/app_controller.php";
diff --git a/src/app/models/user.php b/src/app/models/user.php
index 0f8bf19ebd2b8bb3d3e147b8affc97fe10e677c5..3bf84867d0cefb393260a4ef6d9160394c5e54d3 100644
--- a/src/app/models/user.php
+++ b/src/app/models/user.php
@@ -67,4 +67,24 @@ class UserModel
return $rowAffected;
}
+
+ public function updateProfile($id_user, $name, $username) {
+ $query = "UPDATE user
+ SET name=:name, username=:username
+ WHERE id_user=:id_user";
+
+ $this->db->query($query);
+ $this->db->bind('name', $name);
+ $this->db->bind('username', $username);
+ $this->db->bind('id_user', $id_user);
+
+ $status = 200;
+ try {
+ $user = $this->db->execute();
+ } catch (PDOException $e) {
+ $status = 500;
+ }
+
+ return $status;
+ }
}
diff --git a/src/public/javascript/profile/profile.js b/src/public/javascript/profile/profile.js
index 9ff5d5761ba20e1a791353291686f235e6958915..dede16f7187c6d789fd9e88a0504c5f6a11dc12d 100644
--- a/src/public/javascript/profile/profile.js
+++ b/src/public/javascript/profile/profile.js
@@ -1,5 +1,6 @@
const profile = document.querySelector(".profile");
const profileMenu = document.querySelector(".profile-menu");
+const SaveProfileAlert = document.getElementById("save-profile-alert");
console.log("masuk");
profile &&
profile.addEventListener("click", (e) => {
@@ -25,5 +26,46 @@ menuProfile &&
window.addEventListener("click", function (e) {
if (!editSection.contains(e.target) && !menuProfile.contains(e.target)) {
editProfile.style.display = "none";
+ SaveProfileAlert.innerHTML = "";
}
});
+
+
+// Handle submit
+const nameForm = document.getElementById("name-form");
+const usernameForm = document.getElementById("username-form");
+const submitProfileButton = document.getElementById("submit-profile");
+
+submitProfileButton.addEventListener("click", (e) => {
+ e.preventDefault();
+ const name = nameForm.value;
+ const username = usernameForm.value;
+
+ const formData = new FormData();
+ formData.append("name", name);
+ formData.append("username", username);
+
+ const xhr = new XMLHttpRequest();
+ xhr.open("POST", "/public/profile", true);
+
+ xhr.onload = function () {
+ if (xhr.readyState === XMLHttpRequest.DONE) {
+ if (xhr.status === 200) {
+ nameForm.value = JSON.parse(xhr.responseText).name;
+ usernameForm.value = JSON.parse(xhr.responseText).username;
+ SaveProfileAlert.color = "green";
+ SaveProfileAlert.innerHTML = JSON.parse(xhr.responseText).message;
+ } else {
+ SaveProfileAlert.color = "red";
+ SaveProfileAlert.innerHTML = JSON.parse(xhr.responseText).message;
+ }
+ }
+ };
+
+ xhr.send(formData);
+});
+
+
+
+
+