diff --git a/src/js/account/login.js b/src/js/account/login.js
index 9da6be9..298d241 100644
--- a/src/js/account/login.js
+++ b/src/js/account/login.js
@@ -146,6 +146,7 @@ export function updateAccountData(userData) {
action: 'set-user-data',
userData,
}, successData => {
+ document.getElementById('accountSettingsNewPassword').value = '';
addMessage('Successfully Updated Account Data');
}, error => {
addMessage(error, undefined, 'error');
diff --git a/src/js/account/render.js b/src/js/account/render.js
index f076260..4e44120 100644
--- a/src/js/account/render.js
+++ b/src/js/account/render.js
@@ -58,7 +58,9 @@ export function renderAccountSettings() {
const accountSettingsHTML = `
Account Settings
- `;
+
+
+ `;
accountSettingsColumn.innerHTML = accountSettingsHTML;
}
diff --git a/src/js/settings.js b/src/js/settings.js
index f7f7f2c..61f5ad4 100644
--- a/src/js/settings.js
+++ b/src/js/settings.js
@@ -42,7 +42,9 @@ export function saveSettingsModal() {
window.account.publicName = removeTags(publicName.value).trim();
window.account.allowEmails = document.getElementById('accountSettingsAllowEmails').checked;
- account.editAccount(window.account);
+ const newPassword = document.getElementById('accountSettingsNewPassword').value;
+
+ account.editAccount(Object.assign({ newPassword }, window.account));
});
}
diff --git a/src/php/api/User.php b/src/php/api/User.php
index 2cf569f..629e9a2 100644
--- a/src/php/api/User.php
+++ b/src/php/api/User.php
@@ -87,13 +87,18 @@ VALUES (?, ?, ?, ?, ?)';
$token_data = $this->token->decode($token);
if ($token_data !== false) {
$user_id = $token_data->id;
- $query = 'UPDATE users SET email=?, public_name=?, allow_email=? WHERE id=?';
+ $query = 'UPDATE users SET email=?, public_name=?, allow_email=?';
$properties = array(
$user_data['email'],
$user_data['publicName'],
$user_data['allowEmails'],
- $user_id,
);
+ if (isset($user_data['newPassword']) && $user_data['newPassword'] !== '') {
+ $query .= ', password=?';
+ $properties[] = password_hash($user_data['newPassword'], PASSWORD_DEFAULT);
+ }
+ $query .= ' WHERE id=?';
+ $properties[] = $user_id;
$update_success = $this->db->execute($query, $properties);
if ($update_success) {
return true;