Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include_once 'includes/db_connect.php';
- include_once 'includes/functions.php';
- sec_session_start();
- ?>
- <?php
- if(isset($_POST['submit'])){
- move_uploaded_file($_FILES['file']['tmp_name'],"pictures/".$_FILES['file']['name']);
- $con = mysqli_connect("localhost","root","","secure_login");
- $q = mysqli_query($con,"UPDATE users SET image = '".$_FILES['file']['name']."' WHERE username = '".$_SESSION['username']."'");
- }
- ?>
- <!DOCTYPE html>
- <html>
- <head>
- <meta charset="UTF-8">
- <title>Secure Login: Protected Page</title>
- <link rel="stylesheet" href="css/me.css" />
- <link href='http://fonts.googleapis.com/css?family=Open+Sans:400italic,400,300,700' rel='stylesheet' type='text/css'>
- </head>
- <body>
- <div id="wrap">
- <?php if (login_check($mysqli) == true) : ?>
- <p id="meusername"><?php echo htmlentities($_SESSION['username']); ?>!</p>
- <p>
- This is an example protected page. To access this page, users
- must be logged in. At some stage, we'll also check the role of
- the user, so pages will be able to determine the type of user
- authorised to access the page.
- <form action="" method="post" enctype="multipart/form-data">
- <input type="file" name="file">
- <input type="submit" name="submit">
- </form>
- <?php
- $con = mysqli_connect("localhost","root","","secure_login");
- $q = mysqli_query($con,"SELECT * FROM members");
- while($row = mysqli_fetch_assoc($q)){
- echo $row['username'];
- if ($row['image'] == ""){
- echo "<img width='100' height='100' src='pictures/default.jpg' alt='Default Profile Pic'>";
- } else {
- echo "<img width='100' height='100' src='pictures/".$row['image']."' alt='Profile Pic'>";
- }
- echo "<br>";
- }
- ?>
- </p>
- <p>Return to <a href="includes/logout">login page</a></p>
- <?php else : ?>
- <p>
- <span class="error">You are not authorized to access this page.</span> Please <a href="index">login</a>.
- </p>
- <?php endif; ?>
- </div>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement