getConnection(); $user_id = $_SESSION['user_id']; if($_POST) { try { // Update general settings if(isset($_POST['dark_mode']) || isset($_POST['language']) || isset($_POST['currency']) || isset($_POST['auto_logout'])) { $dark_mode = isset($_POST['dark_mode']) ? 1 : 0; $language = $_POST['language'] ?? 'en'; $currency = $_POST['currency'] ?? 'KES'; $auto_logout = isset($_POST['auto_logout']) ? 1 : 0; $query = "INSERT INTO user_settings (user_id, dark_mode, language, currency, auto_logout) VALUES (?, ?, ?, ?, ?) ON DUPLICATE KEY UPDATE dark_mode = VALUES(dark_mode), language = VALUES(language), currency = VALUES(currency), auto_logout = VALUES(auto_logout)"; $stmt = $db->prepare($query); $stmt->execute([$user_id, $dark_mode, $language, $currency, $auto_logout]); $_SESSION['success'] = "Settings updated successfully!"; } // Handle password change if(isset($_POST['current_password']) && isset($_POST['new_password'])) { $current_password = $_POST['current_password']; $new_password = $_POST['new_password']; // Verify current password $query = "SELECT password_hash FROM users WHERE id = ?"; $stmt = $db->prepare($query); $stmt->execute([$user_id]); $user = $stmt->fetch(PDO::FETCH_ASSOC); if(password_verify($current_password, $user['password_hash'])) { $new_password_hash = password_hash($new_password, PASSWORD_BCRYPT); $query = "UPDATE users SET password_hash = ? WHERE id = ?"; $stmt = $db->prepare($query); $stmt->execute([$new_password_hash, $user_id]); $_SESSION['success'] = "Password updated successfully!"; } else { $_SESSION['error'] = "Current password is incorrect!"; } } } catch(PDOException $exception) { $_SESSION['error'] = "Error updating settings: " . $exception->getMessage(); } header("Location: ../pages/settings.php"); exit(); } // Get user settings function getUserSettings($db, $user_id) { $query = "SELECT * FROM user_settings WHERE user_id = ?"; $stmt = $db->prepare($query); $stmt->execute([$user_id]); return $stmt->fetch(PDO::FETCH_ASSOC) ?: []; } ?>