Expand|Select|Wrap|Line Numbers
- <?php
- session_start();
- include "validate.php";
- include "src/header.php";
- include "src/mainmenu.php";
- ?>
- <?php
- if(isset($_POST['update']))
- {
- include("db.php");
- $name = $_POST['name'];
- $password1 = md5($_POST['password1']);
- $password2 = md5($_POST['password2']);
- $date_of_birth = $_POST['date_of_birth'];
- $place_of_birth = $_POST['place_of_birth'];
- $info = $_POST['info'];
- $nationality = $_POST['nationality'];
- echo $_POST['name'];
- echo $name;
- echo $date_of_birth;
- echo $info;
- echo $place_of_birth;
- echo $nationality;
- if ($password1 != $password2) {
- include "src/header.php";
- include "src/mainmenu.php";
- echo '<p>Error: password does not match. Try again</a>';
- echo '<p><a href="EditProfile.php">Try again</p>';
- include "src/footer.php";
- exit;
- }
- //If the name and the other fields are empty
- if($name=='' || $email='' || $password1='' || $password2='' || $date_of_birth= ''|| $place_of_birth= ''|| $info='' || $nationality='' ){
- include "src/header.php";
- include "src/mainmenu.php";
- echo '<p>Error:You didn\'t fill the fields.Try again</a>';
- echo '<p><a href="EditProfile.php">Try again</p>';
- include "src/footer.php";
- exit;
- }
- $email=$_SESSION['email'];
- $sql = "UPDATE users SET name='".mysql_real_escape_string($name)."',
- info= '".mysql_real_escape_string($info)."',
- password=".mysql_real_escape_string($password2)."'
- place_of_birth='".mysql_real_escape_string($place_of_birth)."',
- date_of_birth='".mysql_real_escape_string($date_of_birth)."',
- nationality='".mysql_real_escape_string($nationality)."'
- WHERE email ='$email'";
- $retval = mysql_query($sql,$link);
- if (!$retval|| $retval==false) {
- include "src/header.php";
- include "src/mainmenu.php";
- die('Could not update data: ' . mysql_error());
- echo '<p><a href="EditProfile.php">Try again</a></p>';
- include "src/footer.php";
- mysql_close($link);
- exit;
- }
- else {
- echo "Updated data successfully\n";
- //header('Location: private.php');
- }
- mysql_close($link);
- }
- else
- {
- include("db.php");
- $email=$_SESSION['email'];
- $run = mysql_query("select * from users where email='$email'") or die("Error!");
- $read = mysql_fetch_assoc($run);
- ?>
- <form method="post" action="<?php $_PHP_SELF ?>">
- <fieldset>
- <legend>Update Profile</legend>
- <p>
- <label for="name">Full name:</label> <input type="text" name="name" id="name" value="<?PHP echo $read['name']; ?>"/>
- <br>
- <label for="email">Email:</label> <input type="email" name="email" id="email" value="<?PHP echo $read['email']; ?>"/>
- <br>
- <label for="password1">Password:</label> <input type="password" name="password1" id="password1" />
- <br>
- <label for="password2">Confirm password:</label> <input type="password" name="password2" id="password2" />
- <br>
- <label for="date_of_birth">Date of birth (yyyy-mm-dd):</label> <input type="date" name="date_of_birth" id="date_of_birth" value="<?PHP echo $read['date_of_birth']; ?>"/>
- <br>
- <label for="place_of_birth">Place of birth:</label> <input type="text" name="place_of_birth" id="place_of_birth" value="<?PHP echo $read['place_of_birth']; ?>"/>
- <br>
- <label for="info">Information:</label> <textarea name="info" id="info" rows="5" cols="50" ></textarea>
- <br>
- <label for="nationality">Nationality:</label> <input type="text" name="nationality" id="nationality" value="<?PHP echo $read['nationality']; ?>"/>
- </p>
- <p class="center"><input value="Update" type="submit" name="update" id="update"/></p>
- </fieldset>
- </form>
- <?php
- }
- ?>