Change username & password endpoints

database/changeAccountUsername.php

@@ -0,0 +1,33 @@
+<?php
+require __DIR__ . '/../incl/util.php';
+setJsonHeader();
+checkClientDatabaseVersion();
+$conn = newConnection();
+
+$postData = getPostData();
+$newusername = $post['newusername'] ?? '';
+$token = $post['token'] ?? '';
+$username = $post['username'] ?? '';
+
+if (!preg_match('/^[a-zA-Z0-9]{3,16}$/', $newusername)) {
+    exitWithMessage(json_encode(["success" => false, "message" => "Username must be 3-16 characters, letters and numbers only"]));
+}
+
+$stmt = $conn->prepare("SELECT * FROM users WHERE username = ?");
+$stmt->bind_param("s", $newusername);
+$stmt->execute();
+$result = $stmt->get_result();
+
+if ($result->num_rows > 0) {
+    exitWithMessage(json_encode(["success" => false, "message" => "Invalid session token or username, please refresh login"]));
+}
+
+$stmt = $conn->prepare("UPDATE users SET username = ? WHERE username = ? AND token = ?");
+$stmt->bind_param("sss", $newusername, $username, $token);
+$stmt->execute();
+
+if ($stmt->affected_rows === 0) {
+    exitWithMessage(json_encode(["success" => false, "message" => "Invalid session token or username, please refresh login"]));
+}
+
+echo encrypt(json_encode(["success" => true]));