prepare("SELECT * FROM users WHERE id = ?");
$stmt->execute([$user_id]);
$user = $stmt->fetch();
$error = "";
$success = "";
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = trim($_POST['username']);
$over18 = isset($_POST['over18']) ? 1 : 0;
// Update username + age
$update = $pdo->prepare("
UPDATE users SET username = ?, is_over_18 = ? WHERE id = ?
");
$update->execute([$username, $over18, $user_id]);
// Update password if provided
if (!empty($_POST['password'])) {
$hash = password_hash($_POST['password'], PASSWORD_DEFAULT);
$passStmt = $pdo->prepare("UPDATE users SET password_hash = ? WHERE id = ?");
$passStmt->execute([$hash, $user_id]);
}
$_SESSION['username'] = $username;
$_SESSION['is_over_18'] = $over18;
$success = "Profile updated.";
}
?>
Edit Profile