-
Notifications
You must be signed in to change notification settings - Fork 0
/
update_profile.php
134 lines (99 loc) · 5.07 KB
/
update_profile.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
<html>
<body>
<?php
$objConnect = mysql_connect("localhost","root","root") or die("Error Connect to Database");
$objDB = mysql_select_db("chowtime");
$errmsg = "";
$errmsg1 = "";
$mid = $_GET['mid'];
//echo $mid;
if("" == trim($_POST['fname'])){
$errmsg = "please fill in first name";
}else if("" == trim($_POST['lname'])){
$errmsg = "please fill in last name";
}else if("" == trim($_POST['tel'])){
$errmsg = "please fill in phone number";
}else if("" != trim($_POST['tel'])){
if(!preg_match("/^[0-9]{3}-[0-9]{3}-[0-9]{4}$/", $_POST['tel']) && !preg_match("/^[0-9]{3}[0-9]{3}[0-9]{4}$/", $_POST['tel'])) {
$errmsg = "please fill in valid phone number Ex 011-111-1111,0111111111";
}
}else if("" == ($_POST['email'])){
$errmsg = "please fill in email";
}else if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)){
$errmsg = "your email is incorrect format";
}else if("" == trim($_POST['fname'])){
$errmsg = "please fill in first name";
}else if("" == trim($_POST['lname'])){
$errmsg = "please fill in last name";
}else if("" == trim($_POST['tel'])){
$errmsg = "please fill in phone number";
}else if("" != trim($_POST['tel'])){
if(!preg_match("/^[0-9]{3}-[0-9]{3}-[0-9]{4}$/", $_POST['tel']) && !preg_match("/^[0-9]{3}[0-9]{3}[0-9]{4}$/", $_POST['tel'])) {
$errmsg = "please fill in valid phone number Ex 011-111-1111,0111111111";
}
}
if("" != trim($_POST['email'])){
$query = mysql_query("SELECT email FROM users WHERE user_id != $mid");
while ($row = mysql_fetch_array($query)){
if($row["email"] == $_POST['email']){
$errmsg = "This email have been used.";
}
}
}
if($errmsg1 != "") {
echo "<font size=5 color=red>$errmsg1<p />
<a href=\"javascript: history.back()\">come back to edit</a></font>";
}else if($errmsg != "" && $errmsg1 == "") {
echo "<font size=5 color=red>$errmsg<p />
<a href=\"javascript: history.back()\">come back to edit</a></font>";
}else{
$query=mysql_query("SELECT profile_pics FROM users WHERE user_id=".$mid);
while ($row = mysql_fetch_array($query)){
$lastpic = $row['profile_pics'];
}
$storeImgPath = "images/member_profile_img/";
if($lastpic!="no picture"){
unlink($storeImgPath.$lastpic);
}
$filetmp = $_FILES["user_picture_file"]["tmp_name"];
$filename = $_FILES["user_picture_file"]["name"];
$filetype = $_FILES["user_picture_file"]["type"];
$filepath = $storeImgPath.$filename;
if($filetmp){
move_uploaded_file($filetmp,$filepath);
}else{
$filepath = "no picture";
}
$gender = isset($_POST["gender"]) ? $_POST["gender"] : "";
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$email = $_POST['email'];
$tel = $_POST['tel'];
$birthdate = $_POST['birthdate'];
$user_des = $_POST['user_des'];
$strSQL = "UPDATE users SET fname = '$fname'
,lname = '$lname'
,email = '$email'
,tel = '$tel'
,gender = '$gender'
,birthdate = '$birthdate'
,user_des = '$user_des'
,profile_pics = '$filepath' WHERE user_id = '$mid' ";
$objQuery = mysql_query($strSQL,$objConnect)or die("Update error :".mysql_error());
// $query=mysql_query("SELECT profile_pics FROM users WHERE user_id=".$mid);
// while ($row = mysql_fetch_array($query)){
// $lastpic = $row['profile_pics'];
//
if($objQuery){
echo "<script type='text/javascript'>window.top.location='profile.php?mid=$mid';</script>"; exit;
//header('Location: profile.php?mid='.$lastID."&"."mname=".$_POST['username']);
}else{
echo "ERROR: Could not able to execute $objQuery. ";
print_r($strSQL);
}
//echo "<a href='./museumhome.php'>Register Complete Go BACK TO Homepage</a>";
}
mysql_close($objConnect);
?>
</body>
</html>