added logic for updating user profile plus other bug fixes

user_password_migration.md

@@ -0,0 +1,9 @@
+Steps for Lazy Migration:
+Add a Column: Add a hash_version or new_password column to your database to differentiate between legacy (MD5) and new hashes.
+Update Login Logic:
+User enters plaintext_password.
+Check if password_hash is MD5.
+If yes, check if (md5(plaintext_password) == stored_md5_hash).
+If matches, compute new_hash = password_hash(plaintext_password, PASSWORD_DEFAULT).
+Update database with new_hash and set hash_version to "new".
+Handle Remaining Users: After a set period, force a password reset for any remaining accounts still using the MD5 hash.