<?php

checkUsernameFormat($_POST['new-username']);

$username = hashUsername($_POST['new-username']);

if (usernameExists($username) !== false)
	output(403, 'Ce nom de compte est déjà utilisé.');

DB->prepare('UPDATE users SET username = :username WHERE id = :id')
->execute([':username' => $username, ':id' => $_SESSION['id']]);

$_SESSION['display-username'] = htmlspecialchars($_POST['new-username']);

output(200, 'Identifiant changé.');