Source: src/Controllers/AccountController.php
Overview
No class-level docblock. Add one at the top of the file.
Extends: App\Controllers\BaseController
Public methods
showSettings(): void
Display the account settings page.
Shows current user data alongside active session information.
@return void
updateProfile(): void
Update the user's own profile fields (personal info, address, bio, photo).
updateDisplayPreferences(): void
Initiate a password change.
Verifies the current password, validates the new password using PasswordValidator, then sends a verification code to the user's email. The pending change is stored in the session until confirmed.
@return void
updateTheme(): void
Save the user's theme preference via AJAX or form POST. Accepts 'theme' from POST body (JSON or form-encoded).
changePassword(): void
Undocumented.
confirmPasswordChange(): void
Confirm the password change with the emailed verification code.
Verifies the code, updates the password hash, invalidates all other sessions, and records the change in the audit log.
@return void
changeEmail(): void
Initiate an email change.
Sends a verification code to the user's CURRENT email address. The new email is stored in the session for subsequent confirmation.
@return void
confirmEmailChange(): void
Confirm the email change by verifying the code sent to the CURRENT email address. On success, sends a second verification code to the NEW email address.
@return void
finalizeEmailChange(): void
Finalize the email change by verifying the code sent to the NEW email address. Updates the user record and creates an audit log entry.
@return void
showConfirmPassword(): void
GET /account/confirm-password — Form to enter the emailed verification code.
showConfirmEmail(): void
GET /account/confirm-email — Form for the code sent to the current email.
showFinalizeEmail(): void
GET /account/finalize-email — Form for the code sent to the new email.
activeSessions(): void
Return the current user's active sessions as JSON.
@return void
terminateSession(string $sessionId): void
Terminate a specific session by its ID.
Verifies the session belongs to the current user before deletion.
@param string $sessionId The session ID to terminate. @return void
terminateAllSessions(): void
Terminate all of the current user's sessions except the current one.
@return void
showDeleteAccount(): void
Display the account deletion confirmation page.
@return void
deleteAccount(): void
Permanently delete the current user's account.
Requires password confirmation. Deletes all user data following the same pattern as AdminUserController::deleteUser. Destroys the session and redirects to login.
@return void
exportData(): void
Export all personal data as JSON (GDPR compliance).
Collects profile, messages, friends, notifications, and login history. Sets appropriate headers and outputs JSON.
@return void
Auto-generated from source by bin/sync-class-docs.php on 2026-04-18 12:16 CDT. Re-runs overwrite this thread body.
. __ ____ ___ ____ _ _
/ /_| ___| / _ \___ \(_)___| |__
| '_ \___ \| | | |__) | / __| '_ \
| (_) |__) | |_| / __/| \__ \ | | |
\___/____/ \___/_____|_|___/_| |_|
D2sk - Sysop