From 3a4edcd08b6ca47150fab26ef807fba772cce3e2 Mon Sep 17 00:00:00 2001 From: baghizadizn Date: Tue, 2 Dec 2025 07:21:50 +0000 Subject: [PATCH] fix bug --- .../student/MyProfileController.php | 78 +++++++++++++------ 1 file changed, 53 insertions(+), 25 deletions(-) diff --git a/app/Http/Controllers/student/MyProfileController.php b/app/Http/Controllers/student/MyProfileController.php index 75f2d98..1fa0845 100644 --- a/app/Http/Controllers/student/MyProfileController.php +++ b/app/Http/Controllers/student/MyProfileController.php @@ -85,38 +85,66 @@ class MyProfileController extends Controller public function changePassword(Request $request) { $user = auth()->user(); - - // If password is null, only validate new password and confirm password + + $rules = []; + + // Define validation rules if (is_null($user->password)) { - $request->validate([ - 'new_password' => 'required|min:4', + $rules = [ + 'new_password' => 'required|min:8', 'confirm_password' => 'required|same:new_password', - ]); - - // Update password - $user->update(['password' => Hash::make($request->new_password)]); - - Session::flash('success', 'Password set successfully.'); - return redirect()->back(); + ]; + } else { + $rules = [ + 'current_password' => 'required', + 'new_password' => 'required|min:8', + 'confirm_password' => 'required|same:new_password', + ]; } - - // If password exists, use the original validation - $request->validate([ - 'current_password' => 'required', - 'new_password' => 'required|min:4', - 'confirm_password' => 'required|same:new_password', + + $validator = Validator::make($request->all(), $rules); + + // Custom messages with get_phrase + $validator->setCustomMessages([ + 'current_password.required' => get_phrase('Current password is required'), + 'new_password.required' => get_phrase('New password is required'), + 'new_password.min' => get_phrase('New password must be at least 8 characters'), + 'confirm_password.required' => get_phrase('Confirm password is required'), + 'confirm_password.same' => get_phrase('Confirm password does not match'), ]); - - // Check if the current password is correct - if (!Auth::attempt(['email' => $user->email, 'password' => $request->current_password])) { - Session::flash('error', 'Current password is incorrect.'); - return redirect()->back(); + + // Custom attribute names (optional, makes error messages nicer) + $validator->setAttributeNames([ + 'current_password' => get_phrase('Current password'), + 'new_password' => get_phrase('New password'), + 'confirm_password' => get_phrase('Confirm password'), + ]); + + if ($validator->fails()) { + return redirect()->back() + ->withErrors($validator) + ->withInput(); } - + + // Check current password if exists + if (!is_null($user->password)) { + // Using Hash::check instead of Auth::attempt for better performance + if (!Hash::check($request->current_password, $user->password)) { + Session::flash('error', get_phrase('Current password is incorrect')); + return redirect()->back(); + } + } + // Update password $user->update(['password' => Hash::make($request->new_password)]); - - Session::flash('success', 'Password changed successfully.'); + + // Success message + $successMessage = is_null($user->password) + ? get_phrase('Password set successfully') + : get_phrase('Password changed successfully'); + + Session::flash('success', $successMessage); return redirect()->back(); } + }