-
Notifications
You must be signed in to change notification settings - Fork 2
/
update_profile.php
121 lines (101 loc) · 4.43 KB
/
update_profile.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
<?php
include 'config.php';
session_start();
$user_id = $_SESSION['user_id'];
if(isset($_POST['update_profile'])){
$update_name = mysqli_real_escape_string($conn, $_POST['update_name']);
$update_email = mysqli_real_escape_string($conn, $_POST['update_email']);
mysqli_query($conn, "UPDATE `users` SET name = '$update_name', email = '$update_email' WHERE id = '$user_id'") or die('query failed');
$old_pass = $_POST['old_pass'];
$update_pass = mysqli_real_escape_string($conn, md5($_POST['update_pass']));
$new_pass = mysqli_real_escape_string($conn, md5($_POST['new_pass']));
$confirm_pass = mysqli_real_escape_string($conn, md5($_POST['confirm_pass']));
if(!empty($update_pass) || !empty($new_pass) || !empty($confirm_pass)){
if($update_pass != $old_pass){
$message[] = 'old password not matched!';
}elseif($new_pass != $confirm_pass){
$message[] = 'confirm password not matched!';
}else{
mysqli_query($conn, "UPDATE `users` SET password = '$confirm_pass' WHERE id = '$user_id'") or die('query failed');
$message[] = 'password updated successfully!';
}
}
$update_image = $_FILES['update_image']['name'];
$update_image_size = $_FILES['update_image']['size'];
$update_image_tmp_name = $_FILES['update_image']['tmp_name'];
$update_image_folder = 'uploaded_img/'.$update_image;
if(!empty($update_image)){
if($update_image_size > 2000000){
$message[] = 'image is too large';
}else{
$image_update_query = mysqli_query($conn, "UPDATE `users` SET image = '$update_image' WHERE id = '$user_id'") or die('query failed');
if($image_update_query){
move_uploaded_file($update_image_tmp_name, $update_image_folder);
}
$message[] = 'image updated succssfully!';
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>update profile</title>
<!-- custom css file link -->
<link rel="stylesheet" href="usercss/userprofile.css">
</head>
<body>
<?php include 'header.php'; ?>
<div class="heading">
<h3>Update Profile</h3>
<p> <a href="home.php">home</a> / update profile </p>
</div>
<div class="update-profile">
<?php
$select = mysqli_query($conn, "SELECT * FROM `users` WHERE id = '$user_id'") or die('query failed');
if(mysqli_num_rows($select) > 0){
$fetch = mysqli_fetch_assoc($select);
}
?>
<form action="" method="post" enctype="multipart/form-data">
<?php
if($fetch['image'] == ''){
echo '<img src="image/default-avatar.png">';
}else{
echo '<img src="uploaded_img/'.$fetch['image'].'">';
}
// if(isset($message)){
// foreach($message as $message){
// echo '<div class="message">'.$message.'</div>';
// }
// }
?>
<div class="flex">
<div class="inputBox">
<span>username :</span>
<input type="text" name="update_name" value="<?php echo $fetch['name']; ?>" class="box">
<span>your email :</span>
<input type="email" name="update_email" value="<?php echo $fetch['email']; ?>" class="box">
<span>update your pic :</span>
<input type="file" name="update_image" accept="image/jpg, image/jpeg, image/png" class="box">
</div>
<div class="inputBox">
<input type="hidden" name="old_pass" value="<?php echo $fetch['password']; ?>">
<span>old password :</span>
<input type="password" name="update_pass" placeholder="enter previous password" class="box">
<span>new password :</span>
<input type="password" name="new_pass" placeholder="enter new password" class="box">
<span>confirm password :</span>
<input type="password" name="confirm_pass" placeholder="confirm new password" class="box">
</div>
</div>
<input type="submit" value="update profile" name="update_profile" class="btn">
<a href="home.php" class="delete-btn">Go back</a>
</form>
</div>
<?php include 'footer.php'; ?>
</body>
</html>