fix bug

2025-12-02 07:21:50 +00:00 · 2025-12-02 07:21:50 +00:00 · 3a4edcd08b
commit 3a4edcd08b
parent c72902141f
1 changed files with 53 additions and 25 deletions
--- a/app/Http/Controllers/student/MyProfileController.php
+++ b/app/Http/Controllers/student/MyProfileController.php
@ -86,37 +86,65 @@ class MyProfileController extends Controller
    {
        $user = auth()->user();
        
-        // If password is null, only validate new password and confirm password
+        $rules = [];
+        
+        // Define validation rules
        if (is_null($user->password)) {
-            $request->validate([
-                'new_password' => 'required|min:4',
+            $rules = [
+                'new_password' => 'required|min:8',
                'confirm_password' => 'required|same:new_password',
-            ]);
-
-            // Update password
-            $user->update(['password' => Hash::make($request->new_password)]);
-
-            Session::flash('success', 'Password set successfully.');
-            return redirect()->back();
+            ];
+        } else {
+            $rules = [
+                'current_password' => 'required',
+                'new_password' => 'required|min:8',
+                'confirm_password' => 'required|same:new_password',
+            ];
        }
        
-        // If password exists, use the original validation
-        $request->validate([
-            'current_password' => 'required',
-            'new_password' => 'required|min:4',
-            'confirm_password' => 'required|same:new_password',
+        $validator = Validator::make($request->all(), $rules);
+        
+        // Custom messages with get_phrase
+        $validator->setCustomMessages([
+            'current_password.required' => get_phrase('Current password is required'),
+            'new_password.required' => get_phrase('New password is required'),
+            'new_password.min' => get_phrase('New password must be at least 8 characters'),
+            'confirm_password.required' => get_phrase('Confirm password is required'),
+            'confirm_password.same' => get_phrase('Confirm password does not match'),
        ]);
        
-        // Check if the current password is correct
-        if (!Auth::attempt(['email' => $user->email, 'password' => $request->current_password])) {
-            Session::flash('error', 'Current password is incorrect.');
-            return redirect()->back();
+        // Custom attribute names (optional, makes error messages nicer)
+        $validator->setAttributeNames([
+            'current_password' => get_phrase('Current password'),
+            'new_password' => get_phrase('New password'),
+            'confirm_password' => get_phrase('Confirm password'),
+        ]);
+        
+        if ($validator->fails()) {
+            return redirect()->back()
+                ->withErrors($validator)
+                ->withInput();
+        }
+        
+        // Check current password if exists
+        if (!is_null($user->password)) {
+            // Using Hash::check instead of Auth::attempt for better performance
+            if (!Hash::check($request->current_password, $user->password)) {
+                Session::flash('error', get_phrase('Current password is incorrect'));
+                return redirect()->back();
+            }
        }
        
        // Update password
        $user->update(['password' => Hash::make($request->new_password)]);
        
-        Session::flash('success', 'Password changed successfully.');
+        // Success message
+        $successMessage = is_null($user->password) 
+            ? get_phrase('Password set successfully') 
+            : get_phrase('Password changed successfully');
+        
+        Session::flash('success', $successMessage);
        return redirect()->back();
    }
+    
 }