prepare('SELECT password_hash FROM users WHERE id = ?'); $stmt->execute([auth_user_id()]); $user = $stmt->fetch(); $errors = []; // Anzeigename aktualisieren if ($displayName !== '' && $displayName !== auth_display_name()) { $stmt = $pdo->prepare("UPDATE users SET display_name = ?, updated_at = datetime('now') WHERE id = ?"); $stmt->execute([$displayName, auth_user_id()]); $_SESSION['display_name'] = $displayName; flash('success', 'Anzeigename aktualisiert.'); } // Passwort ändern (nur wenn ausgefüllt) if ($newPassword !== '') { if (!password_verify($currentPassword, $user['password_hash'])) { $errors[] = 'Aktuelles Passwort ist falsch.'; } if (strlen($newPassword) < 10) { $errors[] = 'Neues Passwort muss mindestens 10 Zeichen lang sein.'; } if ($newPassword !== $confirmPassword) { $errors[] = 'Passwörter stimmen nicht überein.'; } if (empty($errors)) { $hash = password_hash($newPassword, PASSWORD_DEFAULT); $stmt = $pdo->prepare("UPDATE users SET password_hash = ?, updated_at = datetime('now') WHERE id = ?"); $stmt->execute([$hash, auth_user_id()]); flash('success', 'Passwort geändert.'); } } foreach ($errors as $err) { flash('error', $err); } redirect('/admin/profile.php'); } $stmt = $pdo->prepare('SELECT display_name, username FROM users WHERE id = ?'); $stmt->execute([auth_user_id()]); $user = $stmt->fetch(); $pageTitle = 'Profil'; $currentPage = 'profile'; ob_start(); ?>

Profil bearbeiten

Passwort ändern