1 files changed, 57 insertions, 0 deletions

diff --git a/src/http/Controller/User.php b/src/http/Controller/User.php
new file mode 100644
index 0000000..c47e32e
--- /dev/null
+++ b/src/http/Controller/User.php
@@ -0,0 +1,57 @@
+<?php
+
+namespace App\http\Controller;
+
+use App\DB;
+use App\View;
+use App\http\Router;
+use Symfony\Component\HttpFoundation\RedirectResponse;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Attribute\Route;
+
+class User
+{
+  #[Route(path: '/account', methods: ['GET'])]
+  public function account(Request $request): Response
+  {
+    $user = DB::query('select username,email from users where id=:id', ['id' => $_SESSION['user']['id']])->fetch();
+
+    return new Response(View::render('account.twig', [
+      'user' => $user,
+    ]));
+  }
+  #[Route(path: '/account', methods: ['POST'])]
+  public function accountSave(Request $request): Response
+  {
+    $username = $request->get('username');
+    $email = $request->get('email');
+
+    if ($request->get('password')) {
+      $password = password_hash($request->get('password'), PASSWORD_DEFAULT);
+      DB::query(
+        'update users set username=:username, email=:email, password=:password where id=:id',
+        [
+          'username' => $username,
+          'email' => $email,
+          'password' => $password,
+          'id' => $_SESSION['user']['id'],
+        ]
+      );
+    } else {
+      DB::query(
+        'update users set username=:username, email=:email where id=:id',
+        [
+          'username' => $username,
+          'email' => $email,
+          'id' => $_SESSION['user']['id'],
+        ]
+      );
+    }
+
+    $_SESSION['user']['username'] = $request->get('username');
+
+
+    return new RedirectResponse(Router::generate('user.account'));
+  }
+}