From 3445472049362ef9652ebc96107027db179b7eec Mon Sep 17 00:00:00 2001
From: Michael Kaufmann <d00p@froxlor.org>
Date: Wed, 7 Jun 2023 16:18:05 +0200
Subject: [PATCH] combine change-password, change-theme and change-language
 into 'my profile'

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
---
 admin_index.php                               | 167 +++++++------
 customer_index.php                            | 223 +++++++++---------
 lng/de.lng.php                                |   1 +
 lng/en.lng.php                                |   1 +
 .../Froxlor/user/change_language.html.twig    |  34 ---
 .../Froxlor/user/change_password.html.twig    |  57 -----
 templates/Froxlor/user/change_theme.html.twig |  34 ---
 templates/Froxlor/user/profile.html.twig      | 142 +++++++++++
 templates/Froxlor/userarea.html.twig          |  14 +-
 9 files changed, 337 insertions(+), 336 deletions(-)
 delete mode 100644 templates/Froxlor/user/change_language.html.twig
 delete mode 100644 templates/Froxlor/user/change_password.html.twig
 delete mode 100644 templates/Froxlor/user/change_theme.html.twig
 create mode 100644 templates/Froxlor/user/profile.html.twig

diff --git a/admin_index.php b/admin_index.php
index f5479e4e..91ea51a5 100644
--- a/admin_index.php
+++ b/admin_index.php
@@ -31,6 +31,7 @@ use Froxlor\Api\Commands\Froxlor as Froxlor;
 use Froxlor\CurrentUser;
 use Froxlor\Database\Database;
 use Froxlor\FroxlorLogger;
+use Froxlor\Language;
 use Froxlor\Settings;
 use Froxlor\System\Cronjob;
 use Froxlor\System\Crypt;
@@ -38,7 +39,6 @@ use Froxlor\UI\Panel\UI;
 use Froxlor\UI\Request;
 use Froxlor\UI\Response;
 use Froxlor\Validate\Validate;
-use Froxlor\Language;
 
 $id = (int)Request::any('id');
 
@@ -196,107 +196,104 @@ if ($page == 'overview') {
 		'outstanding_tasks' => $outstanding_tasks,
 		'cron_last_runs' => $cron_last_runs
 	]);
-} elseif ($page == 'change_password') {
-	if (isset($_POST['send']) && $_POST['send'] == 'send') {
-		$old_password = Validate::validate($_POST['old_password'], 'old password');
+} elseif ($page == 'profile') {
+	$languages = Language::getLanguages();
 
-		if (!Crypt::validatePasswordLogin($userinfo, $old_password, TABLE_PANEL_ADMINS, 'adminid')) {
-			Response::standardError('oldpasswordnotcorrect');
-		}
+	if (!empty($_POST)) {
+		if ($_POST['send'] == 'changepassword') {
+			$old_password = Validate::validate($_POST['old_password'], 'old password');
 
-		try {
-			$new_password = Crypt::validatePassword($_POST['new_password'], 'new password');
-			$new_password_confirm = Crypt::validatePassword($_POST['new_password_confirm'], 'new password confirm');
-		} catch (Exception $e) {
-			Response::dynamicError($e->getMessage());
-		}
+			if (!Crypt::validatePasswordLogin($userinfo, $old_password, TABLE_PANEL_ADMINS, 'adminid')) {
+				Response::standardError('oldpasswordnotcorrect');
+			}
 
-		if ($old_password == '') {
-			Response::standardError([
-				'stringisempty',
-				'changepassword.old_password'
-			]);
-		} elseif ($new_password == '') {
-			Response::standardError([
-				'stringisempty',
-				'changepassword.new_password'
-			]);
-		} elseif ($new_password_confirm == '') {
-			Response::standardError([
-				'stringisempty',
-				'changepassword.new_password_confirm'
-			]);
-		} elseif ($new_password != $new_password_confirm) {
-			Response::standardError('newpasswordconfirmerror');
-		} else {
 			try {
-				Admins::getLocal($userinfo, [
-					'id' => $userinfo['adminid'],
-					'admin_password' => $new_password
-				])->update();
+				$new_password = Crypt::validatePassword($_POST['new_password'], 'new password');
+				$new_password_confirm = Crypt::validatePassword($_POST['new_password_confirm'], 'new password confirm');
 			} catch (Exception $e) {
 				Response::dynamicError($e->getMessage());
 			}
-			$log->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, 'changed password');
+
+			if ($old_password == '') {
+				Response::standardError([
+					'stringisempty',
+					'changepassword.old_password'
+				]);
+			} elseif ($new_password == '') {
+				Response::standardError([
+					'stringisempty',
+					'changepassword.new_password'
+				]);
+			} elseif ($new_password_confirm == '') {
+				Response::standardError([
+					'stringisempty',
+					'changepassword.new_password_confirm'
+				]);
+			} elseif ($new_password != $new_password_confirm) {
+				Response::standardError('newpasswordconfirmerror');
+			} else {
+				try {
+					Admins::getLocal($userinfo, [
+						'id' => $userinfo['adminid'],
+						'admin_password' => $new_password
+					])->update();
+				} catch (Exception $e) {
+					Response::dynamicError($e->getMessage());
+				}
+				$log->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, 'changed password');
+				Response::redirectTo($filename);
+			}
+		} elseif ($_POST['send'] == 'changetheme') {
+			if (Settings::Get('panel.allow_theme_change_admin') == 1) {
+				$theme = Validate::validate($_POST['theme'], 'theme');
+				try {
+					Admins::getLocal($userinfo, [
+						'id' => $userinfo['adminid'],
+						'theme' => $theme
+					])->update();
+				} catch (Exception $e) {
+					Response::dynamicError($e->getMessage());
+				}
+
+				$log->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "changed his/her theme to '" . $theme . "'");
+			}
+			Response::redirectTo($filename);
+		} elseif ($_POST['send'] == 'changelanguage') {
+			$def_language = Validate::validate($_POST['def_language'], 'default language');
+
+			if (isset($languages[$def_language])) {
+				try {
+					Admins::getLocal($userinfo, [
+						'id' => $userinfo['adminid'],
+						'def_language' => $def_language
+					])->update();
+					CurrentUser::setField('language', $def_language);
+				} catch (Exception $e) {
+					Response::dynamicError($e->getMessage());
+				}
+			}
+			$log->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "changed his/her default language to '" . $def_language . "'");
 			Response::redirectTo($filename);
 		}
 	} else {
-		UI::view('user/change_password.html.twig');
-	}
-} elseif ($page == 'change_language') {
-	$languages = Language::getLanguages();
-	if (isset($_POST['send']) && $_POST['send'] == 'send') {
-		$def_language = Validate::validate($_POST['def_language'], 'default language');
-
-		if (isset($languages[$def_language])) {
-			try {
-				Admins::getLocal($userinfo, [
-					'id' => $userinfo['adminid'],
-					'def_language' => $def_language
-				])->update();
-				CurrentUser::setField('language', $def_language);
-			} catch (Exception $e) {
-				Response::dynamicError($e->getMessage());
-			}
+		// change theme
+		$default_theme = Settings::Get('panel.default_theme');
+		if ($userinfo['theme'] != '') {
+			$default_theme = $userinfo['theme'];
 		}
-		$log->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "changed his/her default language to '" . $def_language . "'");
-		Response::redirectTo($filename);
-	} else {
+		$themes_avail = UI::getThemes();
+
+		// change language
 		$default_lang = Settings::Get('panel.standardlanguage');
 		if ($userinfo['def_language'] != '') {
 			$default_lang = $userinfo['def_language'];
 		}
 
-		UI::view('user/change_language.html.twig', [
-			'languages' => $languages,
-			'default_lang' => $default_lang
-		]);
-	}
-} elseif ($page == 'change_theme') {
-	if (isset($_POST['send']) && $_POST['send'] == 'send') {
-		$theme = Validate::validate($_POST['theme'], 'theme');
-		try {
-			Admins::getLocal($userinfo, [
-				'id' => $userinfo['adminid'],
-				'theme' => $theme
-			])->update();
-		} catch (Exception $e) {
-			Response::dynamicError($e->getMessage());
-		}
-
-		$log->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "changed his/her theme to '" . $theme . "'");
-		Response::redirectTo($filename);
-	} else {
-		$default_theme = Settings::Get('panel.default_theme');
-		if ($userinfo['theme'] != '') {
-			$default_theme = $userinfo['theme'];
-		}
-
-		$themes_avail = UI::getThemes();
-
-		UI::view('user/change_theme.html.twig', [
+		UI::view('user/profile.html.twig', [
 			'themes' => $themes_avail,
-			'default_theme' => $default_theme
+			'default_theme' => $default_theme,
+			'languages' => $languages,
+			'default_lang' => $default_lang,
 		]);
 	}
 } elseif ($page == 'send_error_report' && Settings::Get('system.allow_error_report_admin') == '1') {
diff --git a/customer_index.php b/customer_index.php
index 4d0d2a6f..17b48486 100644
--- a/customer_index.php
+++ b/customer_index.php
@@ -27,18 +27,18 @@ const AREA = 'customer';
 require __DIR__ . '/lib/init.php';
 
 use Froxlor\Api\Commands\Customers as Customers;
+use Froxlor\Cron\TaskId;
 use Froxlor\CurrentUser;
 use Froxlor\Database\Database;
 use Froxlor\Froxlor;
 use Froxlor\FroxlorLogger;
+use Froxlor\Language;
 use Froxlor\Settings;
+use Froxlor\System\Cronjob;
 use Froxlor\System\Crypt;
 use Froxlor\UI\Panel\UI;
 use Froxlor\UI\Response;
 use Froxlor\Validate\Validate;
-use Froxlor\Language;
-use Froxlor\System\Cronjob;
-use Froxlor\Cron\TaskId;
 
 if ($action == 'logout') {
 	$log->logAction(FroxlorLogger::USR_ACTION, LOG_INFO, 'logged out');
@@ -115,13 +115,13 @@ if ($page == 'overview') {
 
 	if ($usages) {
 		$userinfo['diskspace_bytes_used'] = $usages['webspace'] * 1024;
-		$userinfo['mailspace_used']  = $usages['mail'] * 1024;
+		$userinfo['mailspace_used'] = $usages['mail'] * 1024;
 		$userinfo['dbspace_used'] = $usages['mysql'] * 1024;
 		$userinfo['total_bytes_used'] = ($usages['webspace'] + $usages['mail'] + $usages['mysql']) * 1024;
 	} else {
 		$userinfo['diskspace_bytes_used'] = 0;
 		$userinfo['total_bytes_used'] = 0;
-		$userinfo['mailspace_used']  = 0;
+		$userinfo['mailspace_used'] = 0;
 		$userinfo['dbspace_used'] = 0;
 	}
 
@@ -130,141 +130,138 @@ if ($page == 'overview') {
 		'domains' => $domainArray,
 		'stdsubdomain' => $stdsubdomain
 	]);
-} elseif ($page == 'change_password') {
-	if (isset($_POST['send']) && $_POST['send'] == 'send') {
-		$old_password = Validate::validate($_POST['old_password'], 'old password');
+} elseif ($page == 'profile') {
+	$languages = Language::getLanguages();
 
-		if (!Crypt::validatePasswordLogin($userinfo, $old_password, TABLE_PANEL_CUSTOMERS, 'customerid')) {
-			Response::standardError('oldpasswordnotcorrect');
-		}
+	if (!empty($_POST)) {
+		if ($_POST['send'] == 'changepassword') {
+			$old_password = Validate::validate($_POST['old_password'], 'old password');
 
-		try {
-			$new_password = Crypt::validatePassword($_POST['new_password'], 'new password');
-			$new_password_confirm = Crypt::validatePassword($_POST['new_password_confirm'], 'new password confirm');
-		} catch (Exception $e) {
-			Response::dynamicError($e->getMessage());
-		}
+			if (!Crypt::validatePasswordLogin($userinfo, $old_password, TABLE_PANEL_CUSTOMERS, 'customerid')) {
+				Response::standardError('oldpasswordnotcorrect');
+			}
 
-		if ($old_password == '') {
-			Response::standardError([
-				'stringisempty',
-				'changepassword.old_password'
-			]);
-		} elseif ($new_password == '') {
-			Response::standardError([
-				'stringisempty',
-				'changepassword.new_password'
-			]);
-		} elseif ($new_password_confirm == '') {
-			Response::standardError([
-				'stringisempty',
-				'changepassword.new_password_confirm'
-			]);
-		} elseif ($new_password != $new_password_confirm) {
-			Response::standardError('newpasswordconfirmerror');
-		} else {
-			// Update user password
 			try {
-				Customers::getLocal($userinfo, [
-					'id' => $userinfo['customerid'],
-					'new_customer_password' => $new_password
-				])->update();
+				$new_password = Crypt::validatePassword($_POST['new_password'], 'new password');
+				$new_password_confirm = Crypt::validatePassword($_POST['new_password_confirm'], 'new password confirm');
 			} catch (Exception $e) {
 				Response::dynamicError($e->getMessage());
 			}
-			$log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, 'changed password');
 
-			// Update ftp password
-			if (isset($_POST['change_main_ftp']) && $_POST['change_main_ftp'] == 'true') {
-				$cryptPassword = Crypt::makeCryptPassword($new_password);
-				$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
+			if ($old_password == '') {
+				Response::standardError([
+					'stringisempty',
+					'changepassword.old_password'
+				]);
+			} elseif ($new_password == '') {
+				Response::standardError([
+					'stringisempty',
+					'changepassword.new_password'
+				]);
+			} elseif ($new_password_confirm == '') {
+				Response::standardError([
+					'stringisempty',
+					'changepassword.new_password_confirm'
+				]);
+			} elseif ($new_password != $new_password_confirm) {
+				Response::standardError('newpasswordconfirmerror');
+			} else {
+				// Update user password
+				try {
+					Customers::getLocal($userinfo, [
+						'id' => $userinfo['customerid'],
+						'new_customer_password' => $new_password
+					])->update();
+				} catch (Exception $e) {
+					Response::dynamicError($e->getMessage());
+				}
+				$log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, 'changed password');
+
+				// Update ftp password
+				if (isset($_POST['change_main_ftp']) && $_POST['change_main_ftp'] == 'true') {
+					$cryptPassword = Crypt::makeCryptPassword($new_password);
+					$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
 					SET `password` = :password
 					WHERE `customerid` = :customerid
 					AND `username` = :username");
-				$params = [
-					"password" => $cryptPassword,
-					"customerid" => $userinfo['customerid'],
-					"username" => $userinfo['loginname']
-				];
-				Database::pexecute($stmt, $params);
-				$log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, 'changed main ftp password');
-			}
+					$params = [
+						"password" => $cryptPassword,
+						"customerid" => $userinfo['customerid'],
+						"username" => $userinfo['loginname']
+					];
+					Database::pexecute($stmt, $params);
+					$log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, 'changed main ftp password');
+				}
 
-			// Update statistics password
-			if (isset($_POST['change_stats']) && $_POST['change_stats'] == 'true') {
-				$new_stats_password = Crypt::makeCryptPassword($new_password, true);
+				// Update statistics password
+				if (isset($_POST['change_stats']) && $_POST['change_stats'] == 'true') {
+					$new_stats_password = Crypt::makeCryptPassword($new_password, true);
 
-				$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_HTPASSWDS . "`
+					$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_HTPASSWDS . "`
 					SET `password` = :password
 					WHERE `customerid` = :customerid
 					AND `username` = :username");
-				$params = [
-					"password" => $new_stats_password,
-					"customerid" => $userinfo['customerid'],
-					"username" => $userinfo['loginname']
-				];
-				Database::pexecute($stmt, $params);
-				Cronjob::inserttask(TaskId::REBUILD_VHOST);
-			}
+					$params = [
+						"password" => $new_stats_password,
+						"customerid" => $userinfo['customerid'],
+						"username" => $userinfo['loginname']
+					];
+					Database::pexecute($stmt, $params);
+					Cronjob::inserttask(TaskId::REBUILD_VHOST);
+				}
 
+				Response::redirectTo($filename);
+			}
+		} elseif ($_POST['send'] == 'changetheme') {
+			if (Settings::Get('panel.allow_theme_change_customer') == 1) {
+				$theme = Validate::validate($_POST['theme'], 'theme');
+				try {
+					Customers::getLocal($userinfo, [
+						'id' => $userinfo['customerid'],
+						'theme' => $theme
+					])->update();
+				} catch (Exception $e) {
+					Response::dynamicError($e->getMessage());
+				}
+
+				$log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "changed default theme to '" . $theme . "'");
+			}
+			Response::redirectTo($filename);
+		} elseif ($_POST['send'] == 'changelanguage') {
+			$def_language = Validate::validate($_POST['def_language'], 'default language');
+			if (isset($languages[$def_language])) {
+				try {
+					Customers::getLocal($userinfo, [
+						'id' => $userinfo['customerid'],
+						'def_language' => $def_language
+					])->update();
+					CurrentUser::setField('language', $def_language);
+				} catch (Exception $e) {
+					Response::dynamicError($e->getMessage());
+				}
+			}
+			$log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "changed default language to '" . $def_language . "'");
 			Response::redirectTo($filename);
 		}
 	} else {
-		UI::view('user/change_password.html.twig');
-	}
-} elseif ($page == 'change_language') {
-	$languages = Language::getLanguages();
-	if (isset($_POST['send']) && $_POST['send'] == 'send') {
-		$def_language = Validate::validate($_POST['def_language'], 'default language');
-		if (isset($languages[$def_language])) {
-			try {
-				Customers::getLocal($userinfo, [
-					'id' => $userinfo['customerid'],
-					'def_language' => $def_language
-				])->update();
-				CurrentUser::setField('language', $def_language);
-			} catch (Exception $e) {
-				Response::dynamicError($e->getMessage());
-			}
+		// change theme
+		$default_theme = Settings::Get('panel.default_theme');
+		if ($userinfo['theme'] != '') {
+			$default_theme = $userinfo['theme'];
 		}
-		$log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "changed default language to '" . $def_language . "'");
-		Response::redirectTo($filename);
-	} else {
+		$themes_avail = UI::getThemes();
+
+		// change language
 		$default_lang = Settings::Get('panel.standardlanguage');
 		if ($userinfo['def_language'] != '') {
 			$default_lang = $userinfo['def_language'];
 		}
 
-		UI::view('user/change_language.html.twig', [
-			'languages' => $languages,
-			'default_lang' => $default_lang
-		]);
-	}
-} elseif ($page == 'change_theme') {
-	if (isset($_POST['send']) && $_POST['send'] == 'send') {
-		$theme = Validate::validate($_POST['theme'], 'theme');
-		try {
-			Customers::getLocal($userinfo, [
-				'id' => $userinfo['customerid'],
-				'theme' => $theme
-			])->update();
-		} catch (Exception $e) {
-			Response::dynamicError($e->getMessage());
-		}
-
-		$log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "changed default theme to '" . $theme . "'");
-		Response::redirectTo($filename);
-	} else {
-		$default_theme = Settings::Get('panel.default_theme');
-		if ($userinfo['theme'] != '') {
-			$default_theme = $userinfo['theme'];
-		}
-
-		$themes_avail = UI::getThemes();
-
-		UI::view('user/change_theme.html.twig', [
+		UI::view('user/profile.html.twig', [
 			'themes' => $themes_avail,
-			'default_theme' => $default_theme
+			'default_theme' => $default_theme,
+			'languages' => $languages,
+			'default_lang' => $default_lang,
 		]);
 	}
 } elseif ($page == 'send_error_report' && Settings::Get('system.allow_error_report_customer') == '1') {
diff --git a/lng/de.lng.php b/lng/de.lng.php
index 46b64892..ce712eb4 100644
--- a/lng/de.lng.php
+++ b/lng/de.lng.php
@@ -1236,6 +1236,7 @@ Vielen Dank, Ihr Administrator',
 			'description' => 'Wähle das zu durchsuchende Feld aus'
 		],
 		'upload_import' => 'Hochladen und importieren',
+		'profile' => 'Mein Profil',
 	],
 	'phpfpm' => [
 		'vhost_httpuser' => 'Lokaler Benutzer für PHP-FPM (Froxlor-Vhost)',
diff --git a/lng/en.lng.php b/lng/en.lng.php
index 2a20e567..8994dbc0 100644
--- a/lng/en.lng.php
+++ b/lng/en.lng.php
@@ -1351,6 +1351,7 @@ Yours sincerely, your administrator',
 			'description' => 'Select the field you want to search in'
 		],
 		'upload_import' => 'Upload and import',
+		'profile' => 'My profile',
 	],
 	'phpfpm' => [
 		'vhost_httpuser' => 'Local user to use for PHP-FPM (Froxlor vHost)',
diff --git a/templates/Froxlor/user/change_language.html.twig b/templates/Froxlor/user/change_language.html.twig
deleted file mode 100644
index c035f1f9..00000000
--- a/templates/Froxlor/user/change_language.html.twig
+++ /dev/null
@@ -1,34 +0,0 @@
-{% extends "Froxlor/userarea.html.twig" %}
-
-{% block content %}
-	<div class="container">
-		<div class="row justify-content-center">
-			<form action="{{ linker({'section':'index'}) }}" class="col-12 max-w-420 d-flex flex-column" method="post" enctype="application/x-www-form-urlencoded">
-				<div class="card shadow">
-					<div class="card-body">
-						<h5 class="card-title">{{ lng('menue.main.changelanguage') }}</h5>
-
-						<div>
-							<label for="def_language" class="col-form-label">{{ lng('login.language') }}</label>
-							<select class="form-select" name="def_language" id="def_language" required>
-								<option value="profile">{{ lng('login.profile_lng') }}</option>
-								{% for val,lang in languages %}
-									<option value="{{ val }}" {% if default_lang == val %} selected="selected" {% endif %}>{{ lang|raw }}</option>
-								{% endfor %}
-							</select>
-						</div>
-					</div>
-
-					<div class="card-body d-grid gap-2">
-						<input type="hidden" name="csrf_token" value="{{ csrf_token }}"/>
-						<input type="hidden" name="page" value="{{ page }}"/>
-						<input type="hidden" name="send" value="send"/>
-						<button class="btn btn-primary rounded-top-0" type="submit" name="dosave">
-							<i class="fa-regular fa-floppy-disk"></i>
-							{{ lng('menue.main.changelanguage') }}</button>
-					</div>
-				</div>
-			</form>
-		</div>
-	</div>
-{% endblock %}
diff --git a/templates/Froxlor/user/change_password.html.twig b/templates/Froxlor/user/change_password.html.twig
deleted file mode 100644
index 49d49761..00000000
--- a/templates/Froxlor/user/change_password.html.twig
+++ /dev/null
@@ -1,57 +0,0 @@
-{% extends "Froxlor/userarea.html.twig" %}
-
-{% block content %}
-	<div class="container">
-		<div class="row justify-content-center">
-			<form action="{{ linker({'section':'index'}) }}" class="col-12 max-w-420 d-flex flex-column" method="post" enctype="application/x-www-form-urlencoded">
-				<div class="card shadow">
-					<div class="card-body">
-						<h5 class="card-title">{{ lng('menue.main.changepassword') }}</h5>
-
-						<div class="mb-3">
-							<label for="old_password" class="col-form-label">{{ lng('changepassword.old_password') }}</label>
-							<input class="form-control" type="password" name="old_password" id="old_password" value="" required/>
-						</div>
-						<div class="mb-3">
-							<label for="new_password" class="col-form-label">{{ lng('changepassword.new_password') }}</label>
-							<input class="form-control" type="password" name="new_password" id="new_password" value="" required/>
-						</div>
-						<div class="mb-3">
-							<label for="new_password_confirm" class="col-form-label">{{ lng('changepassword.new_password_confirm') }}</label>
-							<input class="form-control" type="password" name="new_password_confirm" id="new_password_confirm" value="" required/>
-						</div>
-
-						{% if userinfo.adminsession == 0 %}
-
-							<div class="mb-3">
-								<label for="change_main_ftp" class="col-form-label">{{ lng('changepassword.also_change_ftp') }}</label>
-								<div class="form-check form-switch">
-									<input type="hidden" name="change_main_ftp" value="false">
-									<input class="form-check-input" type="checkbox" name="change_main_ftp" id="change_main_ftp" value="true" checked>
-								</div>
-							</div>
-
-							<div class="mb-3">
-								<label for="change_stats" class="col-form-label">{{ lng('changepassword.also_change_stats') }}</label>
-								<div class="form-check form-switch">
-									<input type="hidden" name="change_stats" value="false">
-									<input class="form-check-input" type="checkbox" name="change_stats" id="change_stats" value="true" checked>
-								</div>
-							</div>
-
-						{% endif %}
-					</div>
-
-					<div class="card-body d-grid gap-2">
-						<input type="hidden" name="csrf_token" value="{{ csrf_token }}"/>
-						<input type="hidden" name="page" value="{{ page }}"/>
-						<input type="hidden" name="send" value="send"/>
-						<button class="btn btn-primary rounded-top-0" type="submit" name="dosave">
-							<i class="fa-regular fa-floppy-disk"></i>
-							{{ lng('menue.main.changepassword') }}</button>
-					</div>
-				</div>
-			</form>
-		</div>
-	</div>
-{% endblock %}
diff --git a/templates/Froxlor/user/change_theme.html.twig b/templates/Froxlor/user/change_theme.html.twig
deleted file mode 100644
index 12ecae79..00000000
--- a/templates/Froxlor/user/change_theme.html.twig
+++ /dev/null
@@ -1,34 +0,0 @@
-{% extends "Froxlor/userarea.html.twig" %}
-
-{% block content %}
-	<div class="container">
-		<div class="row justify-content-center">
-			<form action="{{ linker({'section':'index'}) }}" class="col-12 max-w-420 d-flex flex-column" method="post" enctype="application/x-www-form-urlencoded">
-				<div class="card shadow">
-					<div class="card-body">
-						<h5 class="card-title">{{ lng('menue.main.changetheme') }}</h5>
-
-						<div>
-							<label for="theme" class="col-form-label">{{ lng('panel.theme') }}</label>
-							<select class="form-select" name="theme" id="theme" required>
-								{% for val,t in themes %}
-									<option value="{{ val }}" {% if default_theme == val %} selected="selected" {% endif %}>{{ t|raw }}</option>
-								{% endfor %}
-							</select>
-						</div>
-					</div>
-
-					<div class="card-body d-grid gap-2">
-						<input type="hidden" name="csrf_token" value="{{ csrf_token }}"/>
-						<input type="hidden" name="page" value="{{ page }}"/>
-						<input type="hidden" name="send" value="send"/>
-						<button class="btn btn-primary rounded-top-0" type="submit" name="dosave">
-							<i class="fa-regular fa-floppy-disk"></i>
-							{{ lng('menue.main.changetheme') }}
-						</button>
-					</div>
-				</div>
-			</form>
-		</div>
-	</div>
-{% endblock %}
diff --git a/templates/Froxlor/user/profile.html.twig b/templates/Froxlor/user/profile.html.twig
new file mode 100644
index 00000000..842120eb
--- /dev/null
+++ b/templates/Froxlor/user/profile.html.twig
@@ -0,0 +1,142 @@
+{% extends "Froxlor/userarea.html.twig" %}
+
+{% block content %}
+	<h3 class="page-header">{{ lng('panel.profile') }}</h3>
+
+	<div class="row">
+		<div class="col-12 col-md-6 col-lg-4">
+			{# change password #}
+			<form action="{{ linker({'section':'index','page':'profile'}) }}"
+				  class="col-12 max-w-420 d-flex flex-column"
+				  method="post"
+				  enctype="application/x-www-form-urlencoded">
+				<div class="card shadow">
+					<div class="card-body">
+						<h5 class="card-title"><i class="fa-solid fa-lock me-1"></i>{{ lng('menue.main.changepassword') }}</h5>
+
+						<div class="mb-3">
+							<label for="old_password"
+								   class="col-form-label">{{ lng('changepassword.old_password') }}</label>
+							<input class="form-control" type="password" name="old_password" id="old_password"
+								   value=""
+								   required/>
+						</div>
+						<div class="mb-3">
+							<label for="new_password"
+								   class="col-form-label">{{ lng('changepassword.new_password') }}</label>
+							<input class="form-control" type="password" name="new_password" id="new_password"
+								   value=""
+								   required/>
+						</div>
+						<div class="mb-3">
+							<label for="new_password_confirm"
+								   class="col-form-label">{{ lng('changepassword.new_password_confirm') }}</label>
+							<input class="form-control" type="password" name="new_password_confirm"
+								   id="new_password_confirm" value="" required/>
+						</div>
+
+						{% if userinfo.adminsession == 0 %}
+
+							<div class="mb-3">
+								<label for="change_main_ftp"
+									   class="col-form-label">{{ lng('changepassword.also_change_ftp') }}</label>
+								<div class="form-check form-switch">
+									<input type="hidden" name="change_main_ftp" value="false">
+									<input class="form-check-input" type="checkbox" name="change_main_ftp"
+										   id="change_main_ftp" value="true" checked>
+								</div>
+							</div>
+
+							<div class="mb-3">
+								<label for="change_stats"
+									   class="col-form-label">{{ lng('changepassword.also_change_stats') }}</label>
+								<div class="form-check form-switch">
+									<input type="hidden" name="change_stats" value="false">
+									<input class="form-check-input" type="checkbox" name="change_stats"
+										   id="change_stats" value="true" checked>
+								</div>
+							</div>
+
+						{% endif %}
+					</div>
+
+					<div class="card-body d-grid gap-2">
+						<input type="hidden" name="csrf_token" value="{{ csrf_token }}"/>
+						<input type="hidden" name="page" value="{{ page }}"/>
+						<input type="hidden" name="send" value="changepassword"/>
+						<button class="btn btn-primary rounded-top-0" type="submit" name="dosave">
+							<i class="fa-regular fa-floppy-disk"></i>
+							{{ lng('menue.main.changepassword') }}</button>
+					</div>
+				</div>
+			</form>
+		</div>
+		{% if (get_setting('panel.allow_theme_change_admin') == '1' and userinfo.adminsession == 1) or (get_setting('panel.allow_theme_change_customer') == '1' and userinfo.adminsession == 0) %}
+			<div class="col-12 col-md-6 col-lg-4">
+				{# change theme #}
+				<form action="{{ linker({'section':'index','page':'profile'}) }}"
+					  class="col-12 max-w-420 d-flex flex-column" method="post"
+					  enctype="application/x-www-form-urlencoded">
+					<div class="card shadow">
+						<div class="card-body">
+							<h5 class="card-title"><i class="fa-solid fa-image me-1"></i>{{ lng('menue.main.changetheme') }}</h5>
+
+							<div>
+								<label for="theme" class="col-form-label">{{ lng('panel.theme') }}</label>
+								<select class="form-select" name="theme" id="theme" required>
+									{% for val,t in themes %}
+										<option
+											value="{{ val }}" {% if default_theme == val %} selected="selected" {% endif %}>{{ t|raw }}</option>
+									{% endfor %}
+								</select>
+							</div>
+						</div>
+
+						<div class="card-body d-grid gap-2">
+							<input type="hidden" name="csrf_token" value="{{ csrf_token }}"/>
+							<input type="hidden" name="page" value="{{ page }}"/>
+							<input type="hidden" name="send" value="changetheme"/>
+							<button class="btn btn-primary rounded-top-0" type="submit" name="dosave">
+								<i class="fa-regular fa-floppy-disk"></i>
+								{{ lng('menue.main.changetheme') }}
+							</button>
+						</div>
+					</div>
+				</form>
+			</div>
+		{% endif %}
+		<div class="col-12 col-md-6 col-lg-4">
+			{# change language #}
+			<form action="{{ linker({'section':'index','page':'profile'}) }}"
+				  class="col-12 max-w-420 d-flex flex-column" method="post"
+				  enctype="application/x-www-form-urlencoded">
+				<div class="card shadow">
+					<div class="card-body">
+						<h5 class="card-title"><i class="fa-solid fa-flag me-1"></i>{{ lng('menue.main.changelanguage') }}</h5>
+
+						<div>
+							<label for="def_language" class="col-form-label">{{ lng('login.language') }}</label>
+							<select class="form-select" name="def_language" id="def_language" required>
+								<option value="profile">{{ lng('login.profile_lng') }}</option>
+								{% for val,lang in languages %}
+									<option
+										value="{{ val }}" {% if default_lang == val %} selected="selected" {% endif %}>{{ lang|raw }}</option>
+								{% endfor %}
+							</select>
+						</div>
+					</div>
+
+					<div class="card-body d-grid gap-2">
+						<input type="hidden" name="csrf_token" value="{{ csrf_token }}"/>
+						<input type="hidden" name="page" value="{{ page }}"/>
+						<input type="hidden" name="send" value="changelanguage"/>
+						<button class="btn btn-primary rounded-top-0" type="submit" name="dosave">
+							<i class="fa-regular fa-floppy-disk"></i>
+							{{ lng('menue.main.changelanguage') }}</button>
+					</div>
+				</div>
+			</form>
+		</div>
+
+	</div>
+{% endblock %}
diff --git a/templates/Froxlor/userarea.html.twig b/templates/Froxlor/userarea.html.twig
index 815df808..ddcccda5 100644
--- a/templates/Froxlor/userarea.html.twig
+++ b/templates/Froxlor/userarea.html.twig
@@ -51,25 +51,13 @@
 						</a>
 						<ul class="dropdown-menu dropdown-menu-end" aria-labelledby="navbarOpts">
 							<li>
-								<a class="dropdown-item" href="{{ linker({'section': 'index', 'page': 'change_password'}) }}"><i class="fa-solid fa-lock"></i> {{ lng('login.password') }}</a>
-							</li>
-							<li>
-								<a class="dropdown-item" href="{{ linker({'section': 'index', 'page': 'change_language'}) }}"><i class="fa-solid fa-flag"></i> {{ lng('login.language') }}</a>
+								<a class="dropdown-item" href="{{ linker({'section': 'index', 'page': 'profile'}) }}"><i class="fa-solid fa-user-gear"></i> {{ lng('panel.profile') }}</a>
 							</li>
 							{% if get_setting('2fa.enabled') == 1 %}
 								<li>
 									<a class="dropdown-item" href="{{ linker({'section': 'index', 'page': '2fa'}) }}"><i class="fa-solid fa-shield"></i> {{ lng('2fa.2fa') }}</a>
 								</li>
 							{% endif %}
-							{% if get_setting('panel.allow_theme_change_admin') == '1' and userinfo.adminsession == 1 %}
-								<li>
-									<a class="dropdown-item" href="{{ linker({'section': 'index', 'page': 'change_theme'}) }}"><i class="fa-solid fa-image"></i> {{ lng('panel.theme') }}</a>
-								</li>
-							{% elseif get_setting('panel.allow_theme_change_customer') == '1' and userinfo.adminsession == 0 %}
-								<li>
-									<a class="dropdown-item" href="{{ linker({'section': 'index', 'page': 'change_theme'}) }}"><i class="fa-solid fa-image"></i> {{ lng('panel.theme') }}</a>
-								</li>
-							{% endif %}
 							{% if get_setting('api.enabled') == 1 and userinfo.api_allowed == 1 %}
 								<li><hr class="dropdown-divider"></li>
 								<li>