-
Notifications
You must be signed in to change notification settings - Fork 0
/
userdetails.php
74 lines (65 loc) · 2.5 KB
/
userdetails.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
<?php
include ("db_connect.inc");
session_start();
include ("header.inc");
include ("navbar.inc");
echo "<article id='main'>";
if ($_SERVER["REQUEST_METHOD"] == "POST" AND $_POST['submitCode']=="User_Details" AND isset($_SESSION['user_name'])) {
if ($_POST['Button']=="Update") {
$firstName = $_POST['ffirstname'];
$lastName = $_POST['flastname'];
$userName = $_SESSION['user_name'];
$error_style = "style='background-color:pink'";
$error_count = 0;
if (!preg_match("/^[A-Za-z\-\'\ ]{1,100}$/", $firstName)) {
$err_count++;
$ffirstname_style=$error_style;
$message .= "<div class='error'>First Name input ERROR: You may only use letters, hyphens, spaces or apostraphes! Minumum length is 1, maximum length is 100!</div><p>\r\n";
}
if (!preg_match("/^[A-Za-z\-\'\ ]{1,100}$/", $lastName)) {
$err_count++;
$flastname_style=$error_style;
$message .= "<div class='error'>Last Name input ERROR: You may only use letters, hyphens, spaces or apostraphes! Minumum length is 1, maximum length is 100!</div><p>\r\n";
}
if ($err_count==0) {
$query2 = "UPDATE `Users` SET `First_Name`='$firstName',`Last_Name`='$lastName' WHERE `User_Name`='$userName'";
mysqli_query($cxn,$query2);
$url1 = "usersettings.php";
$location = "Location: ".$url1;
header($location);
die();
}
} elseif ($_POST['Button']=="Cancel") {
$url = "usersettings.php";
$location = "Location: ".$url;
header($location);
die();
}
}
if (isset($_SESSION['user_name'])) {
$userName = $_SESSION['user_name'];
$query1 = "SELECT `First_Name`, `Last_Name`, `User_Name` FROM `Users` WHERE `User_Name`='$userName'";
$result1 = mysqli_query($cxn,$query1);
$row1 = mysqli_fetch_assoc($result1);
$firstName = $row1['First_Name'];
$lastName = $row1['Last_Name'];
echo "$message\r\n
<h3>User Details</h3>\r\n
<div>\r\n
<form action='".htmlentities($_SERVER['PHP_SELF'])."' method='post'>\r\n
<table>\r\n
<tr><td>First Name: </td><td><input $ffirstname_style type='text' name='ffirstname' value='$firstName'></td></tr>\r\n
<tr><td>Last Name: </td><td><input $flastname_style type='text' name='flastname' value='$lastName'></td></tr>\r\n
</table>\r\n
<input type='hidden' id='submitCode' name='submitCode' value='User_Details'>\r\n
<input type='submit' name='Button' value='Update' />\r\n
<input type='submit' name='Button' value='Cancel' />\r\n
</form>\r\n
<br>\r\n
</div>\r\n";
} else {
echo "<div class='error'>This is a restricted area. You must log in to access!</div>";
}
echo "</article>";
include ("footer.inc");
?>