-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathprofile.php
More file actions
93 lines (82 loc) · 2.56 KB
/
profile.php
File metadata and controls
93 lines (82 loc) · 2.56 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
<?php
// This page allows users to change their user information.
// Initialize the session
session_start();
// Check if the user is logged in, if not then redirect to login page
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){
header("location: login.php");
exit;
}
// Include config file
require_once "config.php";
// Define variables and initalized with empty values
$email = $_SESSION["email"];
$email_err = "";
// Processing form data when form is submitted
if($_SERVER["REQUEST_METHOD"] == "POST") {
// Validate email
if(empty(trim($_POST["email"]))){
$email_err = "Please enter a email.";
} elseif(!filter_var($_POST["email"], FILTER_VALIDATE_EMAIL)) {
$email_err = "Invalid email format";
} else {
$email = trim($_POST["email"]);
}
// Check input errors before updating the database
if(empty($email_err)){
// Preprare and insert statement
$sql = "UPDATE users SET email = ? WHERE id = ?";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "si", $email, $param_id);
// Set paramters
$param_id = $_SESSION["id"];
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
// Redirect to welcome page
$_SESSION["email"] = $email;
header("location: welcome.php");
} else{
echo "Oops! Something went wrong. Please try again later.";
}
// Close statement
mysqli_stmt_close($stmt);
}
}
}
?>
<!DOCTYPE html>
<?php include_once("menu.php"); ?>
<html lang="en">
<head>
<title>Profile Page - MWAdmin</title>
</head>
<body>
<h1 class="my-5">Hi, <b><?php echo htmlspecialchars($_SESSION["username"]); ?></b>.</h1>
<div class="content">
<p>Your Account details are below:</p>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
<table>
<tr>
<td>Username:</td>
<td><?=$_SESSION["username"]?></td>
</tr>
<tr>
<td>Password:</td>
<td><a href="changepassword.php" class="btn btn-primary">Change password</a></td>
</tr>
<tr>
<td>Email:</td>
<td><div class="form-group">
<input type="text" name="email" class="form-control <?php echo (!empty($email_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $email; ?>">
<span class="invalid-feedback"><?php echo $email_err; ?></span></div></td>
</tr>
</table>
<div class="form-group">
<input type="submit" class="btn btn-primary" value="Submit">
<input type="reset" class="btn btn-secondary ml-2" value="Reset">
</div>
</form>
</div>
</body>
</html>