BreizhHardware/ProjetS4COMWEB
1
0
Fork 0
mirror of https://github.com/BreizhHardware/ProjetS4COMWEB.git synced 2026-03-18 21:40:41 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into Yanis

Browse Source
This commit is contained in:
sinbad
2024-04-17 16:40:50 +02:00
parent a162cf463f f75d1a0bba
commit 2fd891b260
9 changed files with 423 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
src/API/requests.php
View File

@@ -7,6 +7,7 @@ require_once '../php/db/Search.php';
require_once '../php/db/Login.php';
require_once '../php/db/Signup.php';
require_once '../php/db/Calendrier.php';
require_once '../php/db/Patient.php';
require_once 'test/database.php';
ini_set('display_errors', 1);
error_reporting(E_ALL);
@@ -81,6 +82,41 @@ $router->PUT('/api/signup/medecin', ["name", "surname", "mail", "password", "spe
SignupMedecin::insertMedecin($pdo, $name, $surname, $mail, $password, $specialite, $phone, $postal);
});
$router->PUT('/api/change/all', ["id", "currentPassword", "newPassword", "currentMail", "newMail", "currentPhone", "newPhone"], function($id, $currentPassword, $newPassword, $currentMail, $newMail, $currentPhone, $newPhone){
global $pdo;
Patient::updateAll($pdo, $id, $currentPassword, $newPassword, $currentPhone, $newPhone, $currentMail, $newMail);
});
$router->PUT('/api/change/mailphone', ["id", "currentMail", "newMail", "currentPhone", "newPhone"], function($id, $currentMail, $newMail, $currentPhone, $newPhone){
global $pdo;
Patient::updatePhoneAndMail($pdo, $id, $currentPhone, $newPhone, $currentMail, $newMail);
});
$router->PUT('/api/change/mailpassword', ["id", "currentMail", "newMail", "currentPassword", "newPassword"], function($id, $currentMail, $newMail, $currentPassword, $newPassword){
global $pdo;
Patient::updatePasswordAndMail($pdo, $id, $currentPassword, $newPassword, $currentMail, $newMail);
});
$router->PUT('/api/change/phonepassword', ["id", "currentPhone", "newPhone", "currentPassword", "newPassword"], function($id, $currentPhone, $newPhone, $currentPassword, $newPassword){
global $pdo;
Patient::updatePasswordAndPhone($pdo, $id, $currentPassword, $newPassword, $currentPhone, $newPhone);
});
$router->PUT('/api/change/password', ["id", "currentPassword", "newPassword"], function($id, $currentPassword, $newPassword){
global $pdo;
Patient::updatePassword($pdo, $id, $currentPassword, $newPassword);
});
$router->PUT('/api/change/phone', ["id", "currentPhone", "newPhone"], function($id, $currentPhone, $newPhone){
global $pdo;
Patient::updatePhone($pdo, $id, $currentPhone, $newPhone);
});
$router->PUT('/api/change/mail', ["id", "currentMail", "newMail"], function($id, $currentMail, $newMail){
global $pdo;
Patient::updateMail($pdo, $id, $currentMail, $newMail);
});
$router->PUT('/api/requests', ["test"], function($test){
echo json_encode($test);
});

14
src/css/styles.css
View File

@@ -16,6 +16,19 @@ body{
cursor: pointer;
}
.dropdown-menu{
flex-direction: row;
display: none;
}
.dropdown-menu.show{
display: flex;
}
.dropdown-item {
white-space: nowrap;
}
.login-ui{
height: 78vh;
background-color: #EEF2F7;
@@ -97,6 +110,7 @@ body{
position: fixed;
right: 0;
top: 9vh;
z-index: 0;
}
#cardPos{

164
src/js/AJAX/home.js
View File

@@ -19,6 +19,7 @@ function displayHomeTopBar() {
<button type="button" class="btn btn-danger" style="top: 0.4375em;" id="login-praticien">Vous êtes praticien ?</button> <button type="button" class="btn btn-danger" style="top: 0.4375em;" id="login-user">Se connecter</button><p> </p>
</div>
</div>
<div id="searchbar"></div>
`;
attachLoginUserDisplayEventListener();
attachLoginPraticienDisplayEventListener();
@@ -37,13 +38,20 @@ function displayHomeTopBar() {
</a>
<div class="d-flex position-fixed end-0 flex-row align-items-center gap-3 mt-2 top-0">
<img src="https://www.gravatar.com/avatar/${mailMD5}?s=64" alt="avatar" id="avatar" style="width: 14.3%; height: auto; border-radius: 50%">
<div>
<a class="text-white" id="user-name-disconect">${user.name} ${user.surname}</a>
<div class="dropdown">
<a class="text-white dropdown-toggle" id="user-name-dropdown" data-bs-toggle="dropdown">${user.name} ${user.surname}</a>
<div class="dropdown-menu">
<button class="dropdown-item" id="user-name-disconect">Déconnexion</button>
<button class="dropdown-item z-3" id="user-name-profile">Profil</button>
</div>
</div>
<p class="text-white fw-bold link-underline-opacity-75-hover link-underline link-underline-opacity-0 link-offset-3-hover link-underline-light" id="my-rdv">Mes rendez-vous</p>
<p class="text-white fw-bold link-underline-opacity-75-hover link-underline link-underline-opacity-0 link-offset-3-hover link-underline-light" id="user-calendar">Mes rendez-vous</p>
</div>
</div>`;
</div>
<div id="searchbar"></div>`;
attachDisconnectEventListener();
attachProfileEventListener();
horizontalDropdown();
}
else if (user.type === "medecin") {
topbar.innerHTML = `
@@ -55,13 +63,20 @@ function displayHomeTopBar() {
</a>
<div class="d-flex position-fixed end-0 flex-row align-items-center gap-3 mt-2 top-0">
<img src="https://www.gravatar.com/avatar/${mailMD5}?s=64" alt="avatar" id="avatar" style="width: 14.3%; height: auto; border-radius: 50%">
<div>
<a class="text-white" id="user-name-disconect">${user.name} ${user.surname}</a>
<div class="dropdown">
<a class="text-white dropdown-toggle" id="user-name-dropdown" data-bs-toggle="dropdown">${user.name} ${user.surname}</a>
<div class="dropdown-menu">
<button class="dropdown-item" id="user-name-disconect">Déconnexion</button>
<button class="dropdown-item z-3" id="user-name-profile">Profil</button>
</div>
</div>
<p class="text-white fw-bold link-underline-opacity-75-hover link-underline link-underline-opacity-0 link-offset-3-hover link-underline-light" id="my-rdv-medecin">Mes rendez-vous practicien</p>
<p class="text-white fw-bold link-underline-opacity-75-hover link-underline link-underline-opacity-0 link-offset-3-hover link-underline-light" id="praticien-calendar">Mes rendez-vous practicien</p>
</div>
</div>`;
</div>
<div id="searchbar"></div>`;
attachDisconnectEventListener();
attachProfileEventListener();
horizontalDropdown();
}
else {
topbar.innerHTML = `
@@ -127,4 +142,137 @@ function displayHome(text) {
}
}
function displayProfile() {
let user = TokenDecode(sessionStorage.getItem("token"));
if (user !== null) {
let container = document.getElementById("content");
container.innerHTML = "";
container.innerHTML = `
<div class="d-flex flex-column justify-content-center text-center w-100">
<h2>Profile</h2>
<form id="profile-form" class="h-100 d-flex flex-column gap-3 justify-content-center text-center w-50 mx-25">
<label for="name" class="form-label">Nom:</label>
<input type="text" id="name" name="name" value="${user.name}" class="form-control" readonly>
<label for="surname" class="form-label">Prénom:</label>
<input type="text" id="surname" name="surname" value="${user.surname}" class="form-control" readonly>
<label for="mail" class="form-label">Mail:</label>
<input type="email" id="mail" name="mail" value="${user.mail}" class="form-control" readonly>
<label for="new-mail" class="form-label">Nouveau mail:</label>
<input type="email" id="new-mail" name="new-mail" class="form-control">
<label for="password" class="form-label">Mot de passe actuel:</label>
<input type="password" id="password" name="password" class="form-control">
<label for="new-password" class="form-label">Nouveau mot de passe:</label>
<input type="password" id="new-password" name="new-password" class="form-control">
<label for="phone" class="form-label">Current Phone Number:</label>
<input type="tel" id="phone" name="phone" value="${user.phone}" class="form-control" readonly>
<label for="new-phone" class="form-label">New Phone Number:</label>
<input type="tel" id="new-phone" name="new-phone" class="form-control">
<input type="submit" value="Submit" class="btn btn-danger">
</form>
</div>`;
document.getElementById("profile-form").addEventListener("submit", function (event) {
event.preventDefault();
let currentPassword = document.getElementById("password").value;
let newPassword = document.getElementById("new-password").value;
let currentMail = document.getElementById("mail").value;
let newMail = document.getElementById("new-mail").value;
let currentPhone = document.getElementById("phone").value;
let newPhone = document.getElementById("new-phone").value;
changePasswordMailAndPhone(currentPassword, newPassword, currentMail, newMail, currentPhone, newPhone);
});
}
}
function changePasswordMailAndPhone(currentPassword, newPassword, currentMail, newMail, currentPhone, newPhone) {
let user = TokenDecode(sessionStorage.getItem("token"));
if (currentPassword && newPassword){
if (currentPhone && newPhone){
if(currentMail && newMail) {
let data = "id=" + user.id + "&currentMail=" + currentMail + "&newMail=" + newMail + "&currentPhone=" + currentPhone + "&newPhone=" + newPhone + "&currentPassword=" + currentPassword + "&newPassword=" + newPassword;
ajaxRequest('PUT', "src/API/requests.php/api/change/all", function (data) {
sessionStorage.clear();
displayHome("Profile mis à jour, veuillez vous reconnecter");
}, data);
return;
}
let data = "id=" + user.id + "&currentPhone=" + currentPhone + "&newPhone=" + newPhone + "&currentPassword=" + currentPassword + "&newPassword=" + newPassword;
ajaxRequest('PUT', "src/API/requests.php/api/change/phonepassword", function (data) {
sessionStorage.clear();
displayHome("Profile mis à jour, veuillez vous reconnecter");
}, data);
return;
}
if (currentMail && newMail){
let data = "id=" + user.id + "&currentMail=" + currentMail + "&newMail=" + newMail + "&currentPassword=" + currentPassword + "&newPassword=" + newPassword;
ajaxRequest('PUT', "src/API/requests.php/api/change/mailpassword", function (data) {
sessionStorage.clear();
displayHome("Profile mis à jour, veuillez vous reconnecter")
}, data);
return;
}
let data = "id=" + user.id + "&currentPassword=" + currentPassword + "&newPassword=" + newPassword;
ajaxRequest('PUT', "src/API/requests.php/api/change/password", function (data) {
sessionStorage.clear();
displayHome("Profile mis à jour, veuillez vous reconnecter")
}, data);
return;
}
if (currentPhone && newPhone){
if(currentMail && newMail) {
let data = "id=" + user.id + "&currentMail=" + currentMail + "&newMail=" + newMail + "&currentPhone=" + currentPhone + "&newPhone=" + newPhone;
ajaxRequest('PUT', "src/API/requests.php/api/change/mailphone", function (data) {
sessionStorage.clear();
displayHome("Profile mis à jour, veuillez vous reconnecter")
}, data);
return;
}
let data = "id=" + user.id + "&currentPhone=" + currentPhone + "&newPhone=" + newPhone;
ajaxRequest('PUT', "src/API/requests.php/api/change/phone", function (data) {
sessionStorage.clear();
displayHome("Profile mis à jour, veuillez vous reconnecter")
}, data);
return;
}
if(currentMail && newMail) {
let data = "id=" + user.id + "&currentMail=" + currentMail + "&newMail=" + newMail;
ajaxRequest('PUT', "src/API/requests.php/api/change/mail", function (data) {
sessionStorage.clear();
displayHome("Profile mis à jour, veuillez vous reconnecter");
}, data);
return;
}
}
function attachProfileEventListener() {
try {
document.getElementById("user-name-profile").addEventListener("click", function () {
displayProfile();
});
}
catch (e) {
//Do nothing
//console.error(e);
}
}
function horizontalDropdown(){
document.getElementById("user-name-profile").addEventListener("click", function() {
let dropdownMenu = document.querySelector(".dropdown-menu");
if (dropdownMenu.style.display === "none") {
dropdownMenu.style.display = "flex";
} else {
dropdownMenu.style.display = "none";
}
});
}
export {displayHome, displayHomeTopBar};

4
src/js/AJAX/lib.js
View File

@@ -8,8 +8,8 @@ function TokenDecode(token){
id: decodedToken[1],
name: decodedToken[2],
surname: decodedToken[3],
mail: decodedToken[4]
mail: decodedToken[4],
phone : decodedToken[5]
};
}
export {TokenDecode};

31
src/js/AJAX/take-rdv.js
View File

@@ -1,5 +1,7 @@
console.log("take-rdv.js loaded");
import {displayHome} from "./home.js";
import {TokenDecode} from "./lib.js";
console.log("take-rdv.js loaded");
function displayRDVForDate(data) {
let container = document.getElementById("rdv-list");
@@ -104,7 +106,7 @@ function displayCalendar(data) {
document.getElementById("date-selection-form").addEventListener("submit", function(event) {
event.preventDefault();
let date = document.getElementById("date").value;
let id = data[0].m_id; // Assuming 'data' is accessible in this scope and contains the doctor's details
let id = data[0].m_id;
ajaxRequest('GET', "src/API/requests.php/api/rdv-date?date=" + date + "&id=" + id, function (data) {
displayRDVForDate(data);
});
@@ -133,15 +135,22 @@ function attachPrendreRDVEventListener() {
displayHome("Vous devez être connecté pour prendre un rendez-vous");
}
else{
let RDVid = event.target.id.split("-")[2];
let data = "rdv_id=" + RDVid + "&patient_id=" + 1;
ajaxRequest('PUT', "src/API/requests.php/api/rdv", function (returnData){
if (returnData.success) {
displayHome("Rendez-vous pris avec succès");
} else {
alert("Erreur lors de la prise de rendez-vous");
}
}, data);
let decodedToken = TokenDecode(sessionStorage.getItem("token"));
if(decodedToken.type !== "patient") {
displayHome("Vous devez être un patient pour prendre un rendez-vous");
}
else {
let RDVid = event.target.id.split("-")[2];
const id = decodedToken.id;
let data = "rdv_id=" + RDVid + "&patient_id=" + id;
ajaxRequest('PUT', "src/API/requests.php/api/rdv", function (returnData){
if (returnData.success) {
displayHome("Rendez-vous pris avec succès");
} else {
alert("Erreur lors de la prise de rendez-vous");
}
}, data);
}
}
});
});

1
src/js/AJAX/utils.js
View File

@@ -18,7 +18,6 @@ function ajaxRequest(type, url, callback, data = null)
{
case 200:
case 201:
//console.log(xhr.responseText);
callback(JSON.parse(xhr.responseText));
break;
default:

43
src/js/signup.js
View File

@@ -1,43 +0,0 @@
function checkMailMatch(mailContainer, mailConfirmContainer, signupButton) {
if (mailContainer.value !== mailConfirmContainer.value) {
signupButton.classList.add("disabled");
document.getElementById("mail-error").innerHTML = "Emails don't match";
} else {
signupButton.classList.remove("disabled");
document.getElementById("mail-error").innerHTML = "";
}
}
function checkPasswordMatch(passwordContainer, passwordConfirmContainer, signupButton) {
if (passwordContainer.value !== passwordConfirmContainer.value) {
signupButton.classList.add("disabled");
document.getElementById("password-error").innerHTML = "Passwords don't match";
} else {
signupButton.classList.remove("disabled");
document.getElementById("password-error").innerHTML = "";
}
}
document.addEventListener("DOMContentLoaded", function() {
const mailContainer = document.getElementById("mail");
const mailConfirmContainer = document.getElementById("mailConfirmation");
const passwordContainer = document.getElementById("password");
const passwordConfirmContainer = document.getElementById("passwordConfirmation");
const signupButton = document.getElementById("signupButton");
mailContainer.addEventListener("keyup", function() {
checkMailMatch(mailContainer, mailConfirmContainer, signupButton);
});
mailConfirmContainer.addEventListener("keyup", function() {
checkMailMatch(mailContainer, mailConfirmContainer, signupButton);
});
passwordContainer.addEventListener("keyup", function() {
checkPasswordMatch(passwordContainer, passwordConfirmContainer, signupButton);
});
passwordConfirmContainer.addEventListener("keyup", function() {
checkPasswordMatch(passwordContainer, passwordConfirmContainer, signupButton);
});
});

4
src/php/db/Login.php
View File

@@ -102,13 +102,13 @@ class LoginPatient {
public static function Login($pdo,$mail,$password) : void
{
if(LoginPatient::checkMail($pdo,$mail)){
$query = $pdo->prepare("SELECT p_id,p_password,p_name,p_surname,p_mail FROM patient where p_mail = :mail");
$query = $pdo->prepare("SELECT p_id,p_password,p_name,p_surname,p_mail,p_phone FROM patient where p_mail = :mail");
$query->bindParam(':mail', $mail);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if(password_verify($password,$result['p_password'])){
Response::HTTP200(['message' => 'Login success', 'token' => base64_encode(bin2hex("patient:".strval($result['p_id']).":".$result['p_name'].":".$result['p_surname'].":".$result['p_mail']))]);
Response::HTTP200(['message' => 'Login success', 'token' => base64_encode(bin2hex("patient:".strval($result['p_id']).":".$result['p_name'].":".$result['p_surname'].":".$result['p_mail'].":".$result['p_phone']))]);
} else {
Response::HTTP401(['message' => 'Login failed', 'token' => 0]);
}

193
src/php/db/Patient.php
View File

@@ -26,6 +26,199 @@ class Patient {
}
public static function updatePassword($pdo, $id, $currentpassword, $newpassword): void
{
$query = $pdo->prepare("SELECT p_password FROM patient WHERE p_id = :id");
$query->bindParam(':id', $id);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if (password_verify($currentpassword, $result['p_password'])) {
$newpassword = password_hash($newpassword, PASSWORD_ARGON2ID);
$query = $pdo->prepare("UPDATE patient SET p_password = :password WHERE p_id = :id");
$query->bindParam(':password', $newpassword);
$query->bindParam(':id', $id);
$query->execute();
}
// Check if the current password is correct
$query = $pdo->prepare("SELECT p_password FROM patient WHERE p_id = :id");
$query->bindParam(':id', $id);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if (password_verify($newpassword, $result['p_password'])) {
Response::HTTP201(['message' => 'Password updated']);
}
else {
Response::HTTP400(['message' => 'Error updating password']);
}
}
public static function updatePhone($pdo, $id, $currentphone, $newphone): void
{
$query = $pdo->prepare("SELECT p_phone FROM patient WHERE p_id = :id");
$query->bindParam(':id', $id);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if ($currentphone == $result['p_phone']) {
$query = $pdo->prepare("UPDATE patient SET p_phone = :phone WHERE p_id = :id");
$query->bindParam(':phone', $newphone);
$query->bindParam(':id', $id);
$query->execute();
}
// Check if the current phone is correct
$query = $pdo->prepare("SELECT p_phone FROM patient WHERE p_id = :id");
$query->bindParam(':id', $id);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if ($newphone == $result['p_phone']) {
Response::HTTP201(['message' => 'Phone updated']);
}
else {
Response::HTTP400(['message' => 'Error updating phone']);
}
}
public static function updateMail($pdo, $id, $currentmail, $newmail): void
{
$query = $pdo->prepare("SELECT p_mail FROM patient WHERE p_id = :id");
$query->bindParam(':id', $id);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if ($currentmail == $result['p_mail']) {
$query = $pdo->prepare("UPDATE patient SET p_mail = :mail WHERE p_id = :id");
$query->bindParam(':mail', $newmail);
$query->bindParam(':id', $id);
$query->execute();
}
// Check if the current mail is correct
$query = $pdo->prepare("SELECT p_mail FROM patient WHERE p_id = :id");
$query->bindParam(':id', $id);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if (password_verify($newmail, $result['p_mail'])) {
Response::HTTP201(['message' => 'Mail updated']);
}
else {
Response::HTTP400(['message' => 'Error updating mail']);
}
}
public static function updatePasswordAndPhone($pdo, $id, $currentpassword, $newpassword, $currentphone, $newphone): void
{
$query = $pdo->prepare("SELECT p_password, p_phone FROM patient WHERE p_id = :id");
$query->bindParam(':id', $id);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if (password_verify($currentpassword, $result['p_password']) && $currentphone == $result['p_phone']) {
$newpassword = password_hash($newpassword, PASSWORD_ARGON2ID);
$query = $pdo->prepare("UPDATE patient SET p_password = :password, p_phone = :phone WHERE p_id = :id");
$query->bindParam(':password', $newpassword);
$query->bindParam(':phone', $newphone);
$query->bindParam(':id', $id);
$query->execute();
}
// Check if the current password and phone are correct
$query = $pdo->prepare("SELECT p_password, p_phone FROM patient WHERE p_id = :id");
$query->bindParam(':id', $id);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if (password_verify($newpassword, $result['p_password']) && $newphone == $result['p_phone']) {
Response::HTTP201(['message' => 'Password and phone updated']);
}
else {
Response::HTTP400(['message' => 'Error updating password and phone']);
}
}
public static function updatePasswordAndMail($pdo, $id, $currentpassword, $newpassword, $currentmail, $newmail): void
{
$query = $pdo->prepare("SELECT p_password, p_mail FROM patient WHERE p_id = :id");
$query->bindParam(':id', $id);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if (password_verify($currentpassword, $result['p_password']) && $currentmail == $result['p_mail']) {
$newpassword = password_hash($newpassword, PASSWORD_ARGON2ID);
$query = $pdo->prepare("UPDATE patient SET p_password = :password, p_mail = :mail WHERE p_id = :id");
$query->bindParam(':password', $newpassword);
$query->bindParam(':mail', $newmail);
$query->bindParam(':id', $id);
$query->execute();
}
// Check if the current password and mail are correct
$query = $pdo->prepare("SELECT p_password, p_mail FROM patient WHERE p_id = :id");
$query->bindParam(':id', $id);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if (password_verify($newpassword, $result['p_password']) && $newmail == $result['p_mail']) {
Response::HTTP201(['message' => 'Password and mail updated']);
}
else {
Response::HTTP400(['message' => 'Error updating password and mail']);
}
}
public static function updatePhoneAndMail($pdo, $id, $currentphone, $newphone, $currentmail, $newmail): void
{
$query = $pdo->prepare("SELECT p_phone, p_mail FROM patient WHERE p_id = :id");
$query->bindParam(':id', $id);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if ($currentphone == $result['p_phone'] && $currentmail == $result['p_mail']) {
$query = $pdo->prepare("UPDATE patient SET p_phone = :phone, p_mail = :mail WHERE p_id = :id");
$query->bindParam(':phone', $newphone);
$query->bindParam(':mail', $newmail);
$query->bindParam(':id', $id);
$query->execute();
}
// Check if the current phone and mail are correct
$query = $pdo->prepare("SELECT p_phone, p_mail FROM patient WHERE p_id = :id");
$query->bindParam(':id', $id);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if ($newphone == $result['p_phone'] && $newmail == $result['p_mail']) {
Response::HTTP201(['message' => 'Phone and mail updated']);
}
else {
Response::HTTP400(['message' => 'Error updating phone and mail']);
}
}
public static function updateAll($pdo, $id, $currentpassword, $newpassword, $currentphone, $newphone, $currentmail, $newmail): void
{
$query = $pdo->prepare("SELECT p_password, p_phone, p_mail FROM patient WHERE p_id = :id");
$query->bindParam(':id', $id);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
$newpassword = password_hash($newpassword, PASSWORD_ARGON2ID);
if(!password_verify($currentpassword, $result['p_password'])){
Response::HTTP401(['message' => 'Current password is incorrect']);
}
if (password_verify($currentpassword, $result['p_password']) && $currentphone == $result['p_phone'] && $currentmail == $result['p_mail']) {
$query = $pdo->prepare("UPDATE patient SET p_password = :password, p_phone = :phone, p_mail = :mail WHERE p_id = :id");
$query->bindParam(':password', $newpassword);
$query->bindParam(':phone', $newphone);
$query->bindParam(':mail', $newmail);
$query->bindParam(':id', $id);
$query->execute();
}
// Check if the current password, phone and mail are correct
$query = $pdo->prepare("SELECT p_password, p_phone, p_mail FROM patient WHERE p_id = :id");
$query->bindParam(':id', $id);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if (password_verify($newpassword, $result['p_password']) && $newphone == $result['p_phone'] && $newmail == $result['p_mail']) {
Response::HTTP201(['message' => 'All updated']);
}
else {
if($newphone != $result['p_phone']){
Response::HTTP400(['message' => 'Error updating phone']);
}
if($newmail != $result['p_mail']){
Response::HTTP400(['message' => 'Error updating mail']);
}
if(!password_verify($newpassword, $result['p_password'])){
Response::HTTP400(['message' => 'Error updating password']);
}
}
}
}
?>