Untitled

<?php

session_start();

$user='root';
$server='localhost';
$movies='movie';

mysql_connect($server,$user);
mysql_select_db($movies);
if (isset($_POST['submit'])) {

    $username = mysql_real_escape_string($_POST['username']);
    $password = ($_POST['password']);

    $sql = "SELECT id FROM users
    WHERE username = '$username'
    AND password = '$password'";
    $result = mysql_query($sql);

    //No result from the database
    //Redirect back to login with errormessage
    if (mysql_num_rows($result) == 0) {
  header("Location: index.php?badlogin=");
  exit;
    }

    session_regenerate_id(); //Do something about session fixation...

    //Set sessions with user id and username
    $_SESSION['sess_id'] = mysql_result($result, 0, 'id');
    $_SESSION['sess_user'] = $_POST['username'];
    header("Location: index.php");
    exit;
}

//Logout
if (isset($_GET['logout'])) {
    session_unset();
    session_destroy();
    header("Location: index.php");
    exit;
}

$password=$_POST['password'];
$firstname=$_POST['firstname'];
$email=$_POST['email'];
$contactnum=$_POST['contactnum'];
$uname=$_SESSION['sess_user'];

$sql=mysql_query("UPDATE users SET
	firstname='$firstname',
	password='$password',
	contactnum='$contactnum',
	email='$email'
WHERE username='$uname'");

$result=mysql_query($sql); //or die(mysql_error());

if ($result==true)
{
$firstname=$_POST['firstname'];
$query="SELECT * from users where firstname='$firstname'";
$edited=mysql_query($query) or die(mysql_error());
$userinfo=mysql_fetch_assoc($edited);

echo "<html>";
echo"<head>";
echo "<link rel='stylesheet' href='css/home.css' />";
echo "<link rel='stylesheet' href='css/960.css' />";
echo "<link rel='stylesheet' href='css/login-box.css' />";
echo"</head>";
echo"<body>";

echo "<div class='container_12'>";


 echo "<div class='grid_12'>";
 echo "<ul id='list-nav'>";
  echo "<li><a href='home.php'>Home</a></li>";
 echo " <li><a href='logregister.php'>Register</a></li>";
 echo " <li><a href='showing.php'>Now Showing</a></li>";
  echo "<li><a href='logcontact.php'>Contact Us</a></li>";
  echo "<li><a href='logabout.php'>About Us</a></li>";
echo "</ul>
  </div>

  <div class='grid_3'>

<h2 class='heck'> Welcome </h2>
<div class='urong2'>";


    //Logged in

    echo "Hello " . $_SESSION['sess_user'] . ", how are you today?<br>\n";
    echo "<a href=\"Edit.php\"> My Account</a><br>\n";
    echo "<a href=\"index.php?logout=\">Log out</a>";


echo "</div>
  </div>
  <div class='grid_5'>
    <h2 class='hick'> My Account </h2>
    <div id='stylized' class='myform'>";
echo"<form method='post' action='delete_account.php' class='text'>";
echo"<table border='0'  align='center' width='300px'>";
echo"<tr><td  height='30px'>First Name:</td><td>$userinfo[firstname]</td></tr>";
echo"<tr><td  height='30px'>Last Name:</td><td>$userinfo[lastname]</td></tr>";
echo"<tr><td  height='30px'>Email Address:</td><td>$userinfo[emailadd]</td></tr>";
echo"<tr><td  height='30px'>Contact Number:</td><td>09$userinfo[contactnum]</td></tr>";
echo"<tr><td  height='30px'>Username:</td><td>$userinfo[username]</td></tr>";
echo"<tr><td height='30px'>Password:</td><td>$userinfo[password]</td></tr>";
echo"<tr><td colspan='2' align='center' height='40px'><input type='submit' value='Delete Account' name='submit'/>";

echo"</div>";
echo"</table>";

echo"</form>";
echo "</div> </div>


  <div class='grid_3'>
    <h2 class='hack'> Movies </h2>

    <img src = 'image/movies.gif' width='250px' class='urong'/>


  </div>
  <div class='grid_12'>
    <center>
       <p class='hola'> Copyright &copy; 2012. ReelMovieTicket.com. </p>
  </center>
  </div>
</div>

</body>
</html>";
}
?>