diff --git a/app/views/changeinformation.php b/app/views/changeinformation.php
index 0bbeb09cc694a0088f99791209332e31f38983c5..18d0810a3852a222918a59533d08d2d6f618702d 100644
--- a/app/views/changeinformation.php
+++ b/app/views/changeinformation.php
@@ -38,6 +38,6 @@
</div>
<button type="submit" name="submit" id="submit">Change</button>
</div>
- <script src="../../public/js/changeinformation.js"></script>
+ <script src="../../public/js/changeinfo.js"></script>
</body>
</html>
\ No newline at end of file
diff --git a/public/js/changeinfo.js b/public/js/changeinfo.js
new file mode 100644
index 0000000000000000000000000000000000000000..0bb2ff1e48ed7aa6b00dc0470fe5db985db407c3
--- /dev/null
+++ b/public/js/changeinfo.js
@@ -0,0 +1,38 @@
+function validateEmail(email) {
+ const emailPattern = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+ return emailPattern.test(email);
+}
+
+document.getElementById("submit").addEventListener("click", function () {
+ const newUsername = document.getElementById("username").value;
+ const newPassword = document.getElementById("password").value;
+ const newFirstname = document.getElementById("firstname").value;
+ const newLastname = document.getElementById("lastname").value;
+ const newEmail = document.getElementById("email").value;
+ const newPhone = document.getElementById("phone").value;
+
+ const confirmChange = confirm("Yakin mau ganti informasi akun?");
+
+ if (confirmChange) {
+ if (newEmail.trim() !== "" && !validateEmail(newEmail)) {
+ alert("Masukin emailnya yang bener dong!");
+ return;
+ }
+
+ if (newUsername.trim() !== "" || newPassword.trim() !== "" || newFirstname.trim() !== "" || newLastname.trim() !== "" || newEmail.trim() !== "" || newPhone.trim() !== "") {
+ const formData = new FormData();
+ formData.append("username", newUsername);
+ formData.append("password", newPassword);
+ formData.append("firstname", newFirstname);
+ formData.append("lastname", newLastname);
+ formData.append("email", newEmail);
+ formData.append("phone", newPhone);
+ fetch('/api/profile', {
+ method: 'POST',
+ body: formData
+ });
+ }
+ window.location.href = "profile";
+
+ }
+});
\ No newline at end of file
diff --git a/src/profileController.php b/src/profileController.php
index 63d77284a39598f0f2c0a75366d9e62d9797d1e6..8d651c6f5893fbf02c8f75f60ac5ce81c33f12ab 100644
--- a/src/profileController.php
+++ b/src/profileController.php
@@ -33,7 +33,49 @@ if ($_SERVER["REQUEST_METHOD"] == "GET") {
echo json_encode($res);
}
}
-}
+}
+
+elseif ($_SERVER["REQUEST_METHOD"] == "POST") {
+ if (!isset($_SESSION["Username"])) {
+ $res = ['message' => 'Access denied'];
+ echo json_encode($res);
+ } else {
+
+ $username = $_POST['username'];
+ $password = $_POST['password'];
+ $firstname = $_POST['firstname'];
+ $lastname = $_POST['lastname'];
+ $email = $_POST['email'];
+ $phone = $_POST['phone'];
+
+ $host = "172.21.0.3";
+ $port = "3306";
+ $dbusername = "root";
+ $dbpassword = "1234";
+ $dbname = "travelution_database";
+
+ try {
+ $pdo = new PDO("mysql:host=$host;port=$port;dbname=$dbname", $dbusername, $dbpassword);
+
+ // Set PDO to throw exceptions on errors
+ $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+ $oldUsername = 'wfabler4';
+ $sql = "UPDATE Account SET Password='$password', FirstName='$firstname', LastName='$lastname', Email='$email', PhoneNumber='$phone' WHERE Username = '$oldUsername'"; // Change this to your table name
+ $stmt = $pdo->prepare($sql);
+ $stmt->execute();
+
+ $data = $stmt->fetch(PDO::FETCH_ASSOC);
+
+ $res = ['data' => $data, 'message' => 'Information changed'];
+ echo json_encode($res);
+
+
+ } catch (PDOException $e) {
+ $res = ['message' => $e];
+ echo json_encode($res);
+ }
+ }
+}
else {
$res = ['message' => 'Access denied'];