-
Notifications
You must be signed in to change notification settings - Fork 1
/
user_proces_data.php
78 lines (71 loc) · 3.39 KB
/
user_proces_data.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
<?php
include 'config/functions.php';
include 'admin_page/csrf-protect.php';
$nis = addslashes(htmlspecialchars(trim($_POST['nis'])));
$username = addslashes(htmlspecialchars(trim($_POST['username'])));
$password = addslashes(htmlspecialchars(trim($_POST['password'])));
$namalengkap = addslashes(htmlspecialchars(trim($_POST['nama_lengkap'])));
$namaorangtua = addslashes(htmlspecialchars(trim($_POST['nama_orangtua'])));
$status = addslashes(htmlspecialchars(trim($_POST['status'])));
$notelp = addslashes(htmlspecialchars(trim($_POST['no_telp'])));
$jeniskelamin = addslashes(htmlspecialchars(trim($_POST['jenis_kelamin'])));
$tanggallahir = addslashes(htmlspecialchars(trim($_POST['tanggal-lahir'])));
$tempatlahir = addslashes(htmlspecialchars(trim($_POST['tempat_lahir'])));
$alamat = addslashes(htmlspecialchars(trim($_POST['alamat'])));
$kota = addslashes(htmlspecialchars(trim($_POST['kota'])));
$provinsi = addslashes(htmlspecialchars(trim($_POST['provinsi'])));
$foto = addslashes(htmlspecialchars(trim($_FILES['file']['name'])));
$csrf = addslashes(htmlspecialchars(trim($_POST['csrf'])));
$asalsekolah = addslashes(htmlspecialchars(trim($_POST['asal_sekolah'])));
$id = addslashes(htmlspecialchars(trim($_POST['idsiswa'])));
$imagebefore = htmlspecialchars(addslashes(trim($_POST['imagebefore'])));
$csrf = htmlspecialchars(addslashes(trim($_POST['csrf'])));
// location Upload
$localtion = "assets/img/$foto";
// File Extension
$file_ext = pathinfo($localtion, PATHINFO_EXTENSION);
$file_ext = strtolower($file_ext);
// Valid Image Extension
$image_ext = array('jpg', 'jpeg', 'png');
if (isset($_POST['editprofile'])) {
$query = "UPDATE tbsiswa SET username = '$username',password = '$password',nis = '$nis', foto = '$foto' WHERE id = '$id'";
if (check_csrf($csrf)) {
if (in_array($file_ext, $image_ext)) {
if (unlink("assets/img/$imagebefore")) {
if (move_uploaded_file($_FILES['file']['tmp_name'], $localtion)) {
if (mysqli_query($con, $query)) {
echo 'success';
} else {
echo 'failed';
}
}
}
} else {
echo 'file not jpg';
}
}
} else if (isset($_POST['editdata'])) {
$query = "UPDATE tbsiswa SET
nis = '$nis',
username = '$username',
password = '$password',
nama_siswa = '$namalengkap',
tempat_lahir = '$tempatlahir',
tanggal_lahir = '$tanggallahir',
no_tlp = '$notelp',
jenis_kelamin = '$jeniskelamin',
sekolah = '$asalsekolah',
orang_tua = '$namaorangtua',
alamat = '$alamat',
kota = '$kota',
provinsi = '$provinsi',
status_siswa = '$status' WHERE id = '$id'
";
if (check_csrf($csrf)) {
if (mysqli_query($con, $query)) {
echo 'success';
} else {
echo 'failed';
}
}
}