ProFinder/update_profile.php at master · Leks2000/ProFinder · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
<?php

@include 'config.php';
session_start();

$user_id = $_SESSION['user_id'];

if(isset($_POST['update_profile'])){

    $update_name = mysqli_real_escape_string($conn, $_POST['update_name']);
    $update_email = mysqli_real_escape_string($conn, $_POST['update_email']);

    mysqli_query($conn, "UPDATE `user_form` SET name = '$update_name', email =
    '$update_email' WHERE id = '$user_id'") or die('query failed');


    $old_pass = $_POST['old_pswd'];
    $update_pass = mysqli_real_escape_string($conn, md5($_POST['update_pass']));
    $new_pass = mysqli_real_escape_string($conn, md5($_POST['new_pass']));
    $confirm_pass = mysqli_real_escape_string($conn, md5($_POST['confirm_pass']));

    if(!empty($update_pass) || !empty($new_pass) || !empty($confirm_pass)){
        if($update_pass != $old_pass){
            $messagein[] = 'не правильный старый пароль';
        }elseif($new_pass != $confirm_pass){
            $messagein[] = 'пароли не совпадают';
        }else{
            mysqli_query($conn, "UPDATE `user_form` SET password = '$confirm_pass' WHERE id = '$user_id'") or die('query failed');
            $message[] = 'пароль был обновлён';
        }
    }

    $update_image = $_FILES['update_image']['name'];
    $update_image_size = $_FILES['update_image']['size'];
    $update_image_tmp_name = $_FILES['update_image']['tmp_name'];
    $update_image_folder = 'uploaded_img/'.$update_image;

    if(!empty($update_image)){
        if($update_image_size > 2000000){
            $messagein[] = 'Слишком большой размер';
        }else{
            $image_udpate_query = mysqli_query($conn, "UPDATE `user_form` SET image = '$update_image' WHERE id = '$user_id'") or die('query failed');
            if($image_udpate_query){
                move_uploaded_file($update_image_tmp_name, $update_image_folder);
            }
            $message[] = 'Картинка заменена успешна!';
        }
    }
}

?>

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>update profile</title>
    <link rel="stylesheet" href="/css/style.css">

</head>
<body>

<div class="update-profile">

    <?php
        $select = mysqli_query($conn, "SELECT * FROM `user_form` WHERE id = '$user_id' ")
        or die('query failed');
        if(mysqli_num_rows($select) > 0){
            $fetch = mysqli_fetch_assoc($select);
        }

    ?>

    <form action="" method="post" enctype="multipart/form-data">
        <?php
            if($fetch['image'] == ''){
               echo '<img src="images/default-image.jpg">';
            }else{
               echo '<img src="uploaded_img/'.$fetch['image'].'">';
            }
            if(isset($message)){
               foreach($message as $message){
                  echo '<div class="message">'.$message.'</div>';
               }
            }
            if(isset($messagein)){
                foreach($messagein as $messagein){
                   echo '<div class="messagein">'.$messagein.'</div>';
                }
             }
          ?>
         <div class="flex">
            <div class="inputBox">
                <span>Имя :</span>
                <input type="text" name="update_name" value="<?php echo $fetch['name']; ?>" class="box" placeholder="Введите новое имя">
                <span>Изменить Email :</span>
                <input type="email" name="update_email" value="<?php echo $fetch['email']; ?>" class="box"placeholder="Введите Email">
                <span>Изменить ваше изображение :</span>
                <input type="file" name="update_image" accept="image/jpg, image/jpeg, image/png" class="box">
            </div>

            <div class="inputBox">
                <input type="hidden" name="old_pswd" value="<?php echo $fetch['password']; ?>">
                <span>Старый пароль :</span>
                <input type="password" name="update_pass" placeholder="Введите старый пароль"
                class ="box">
                <span>Новый пароль:</span>
                <input type="password" name="new_pass" placeholder="Введите пароль"
                class ="box">
                <span>Повторите новый пароль:</span>
                <input type="password" name="confirm_pass" placeholder="Повторите новый пароль"
                class ="box">
            </div>

         </div>
         <input type="submit" value="Обновить" name="update_profile" class="butun">
         <a href="home.php" class="delete-btn">Назад</a>
    </form>

</div>

</body>
</html>