-
Notifications
You must be signed in to change notification settings - Fork 0
/
profile.php
120 lines (110 loc) · 4.45 KB
/
profile.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
<?php
session_start();
if(!isset($_SESSION['userid'])){
header('Location:login.php');
}
include_once 'header.php';
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
include_once 'include/dbh.inc.php';
if (isset($_SESSION['userid'])){
$sql = "SELECT firstName,lastName,useremail,userPhone,userPwd FROM users WHERE usersId=".$_SESSION['userid'];
$result=mysqli_query($conn,$sql);
$row = mysqli_fetch_array($result);
if(isset($_POST['update'])){
$newfirstname = $_POST['firstname'];
$newlastname = $_POST['lastname'];
$newemail = $_POST['email'];
$newphone = $_POST['phone'];
$currentpassword = $_POST['currentpassword'];
$newpassword = $_POST['newpassword'];
if(password_verify($currentpassword,$row['userPwd'])){
$hashedPwd =password_hash($newpassword,PASSWORD_DEFAULT);
$update = "UPDATE users SET firstName='$newfirstname',lastName='$newlastname',useremail='$newemail',userPhone='$newphone',userPwd='$hashedPwd'
WHERE usersId=".$_SESSION['userid'];
$up = mysqli_query($conn,$update);
if(!isset($sql)){
die("Error $sql".mysqli_connect_error());
}
else{
$message = "Profile updated";
header("Location: profile.php?message=$message");
}
}
else{
$message = "Current password is incorrect";
header("Location: profile.php?message=$message");
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<link rel="stylesheet" href="style/profile.css?v=<?php echo time(); ?>">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Profile</title>
</head>
<body>
<div class="flex-container">
<div class="box">
<div class="profile-pic">
<form enctype="multipart/form-data">
<div class="image">
<img src="img/user.png">
</div>
<!--<div class="addPhoto">
<input type="file" name="profilepicture" id="profilepicture" accept="image/jpg, image/jpeg, image/png" >
<label for="profilepicture"><i class="fa fa-plus" aria-hidden="true"><p>Click to add photo</p></i></label>
</div>
<div class="button">
<input type="submit" name="saveimage" value="saveimage" >
</div>-->
</form>
</div>
<div class="user-details">
<form action="" method="post">
<div class="input-group">
<label>First Name</label>
<input type="text" name="firstname" value="<?php echo $row['firstName'] ?>">
</div>
<div class="input-group">
<label>Last Name</label>
<input type="text" name="lastname" value="<?php echo $row['lastName'] ?>">
</div>
<div class="input-group">
<label>Email</label>
<input type="text" name="email" value="<?php echo $row['useremail'] ?>">
</div>
<div class="input-group">
<label>Phone</label>
<input type="text" name="phone" value="<?php echo $row['userPhone'] ?>">
</div>
<div class="input-group">
<label>Current Password</label>
<input type="text" name="currentpassword">
</div>
<div class="input-group">
<label>New Password</label>
<input type="text" name="newpassword">
</div>
<div class="button">
<input type="submit" name="update">
</div>
<div class="message">
<?php if(isset($_GET['message'])): ?>
<p><?php echo $_GET['message']; ?></p>
<?php endif; ?>
</div>
</form>
</div>
</div>
</div>
</body>
</html>
<?php
include_once 'footer.php';
?>