sadsadsadsad

1. <?php
2.  
3. /*
4. Our "test.php" file connects to database every time we include or require
5. it within a php script.  Since we want this script to add a new user to our db,
6. we will be talking with our database, and therefore,
7. let's require the connection to happen:
8. */
9. //http://php.net/manual/en/ref.classobj.php
10. require("test.php");
11.  
12. /**
13. *
14. */
15. class User{
16.    
17.     function updateCredintials(){
18.         global $db;
19.         $userProfile = '127.0.0.1/roger/images/ic_user_profile';
20.         //if posted data is not empty
21.         if (!empty($_POST)) {
22.             if (isset($_POST['fName'])) {
23.                 $fname = $_POST['fName'];
24.             }
25.             if (isset($_POST['last_name'])) {
26.                 $last_name = $_POST['last_name'];
27.             }
28.             if (isset($_POST['age'])) {
29.                 $age = $_POST['age'];
30.             }
31.             if (isset($_POST['cell_num'])) {
32.                 $cell_num = $_POST['cell_num'];
33.             }
34.             if (isset($_POST['parent_num'])) {
35.                 $parent_num = $_POST['parent_num'];
36.             }
37.             if (isset($_POST['username'])) {
38.                 # code...
39.                $username = $_POST['username'];
40.             }
41.            
42.         //If the username or password is empty when the user submits
43.         //the form, the page will die.
44.         //Using die isn't a very good practice, you may want to look into
45.         //displaying an error message within the form instead.  
46.         //We could also do front-end form validation from within our Android App,
47.         //but it is good to have a have the back-end code do a double check.
48.         if (empty($_POST['username']) || empty($_POST['fName']) || empty($_POST['last_name']) || empty($_POST['age']) || empty($_POST['cell_num']) || empty($_POST['parent_num']) ) {
49.        
50.        
51.         // Create some data that will be the JSON response
52.         $response["success"] = 0;
53.         $response["message"] = "Please fill in all fields.";
54.        
55.         //die will kill the page and not execute any code below, it will also
56.         //display the parameter... in this case the JSON data our Android
57.         //app will parse
58.         die(json_encode($response));
59.         }  
60.         //If we have made it here without dying, then we are in the clear to
61.         //create a new user.  Let's setup our new query to create a user.  
62.         //Again, to protect against sql injects, user tokens such as :user and :pass
63.        // $query = "INSERT INTO User_ ( _UserName, Name_, Surname, PassWord_, Age, Gender, CellNum, ParentNum ) VALUES ( :user, :fname, :last, :pass, :age, :gender, :cell, :pnum ) ";
64.         //$query = "UPDATE User_ SET Name_ = '$fname', Surname = '$last_name', Age = '$age', CellNum = '$cell_num', ParentNum = '$parent_num' WHERE _UserName = '$username'";
65.         $query = "CALL prUpdate_User_Data('$username', '$fname', '$last_name', '$age', '$cell_num', '$parent_num')";
66.  
67.  
68.  
69.         //('$username', '$fname', '$last_name', '$password', '$age', '$gender', '$cell_num', '$parent_num', '$userProfile')";
70.        
71.         //Again, we need to update our tokens with the actual data:
72.         $query_params = array(
73.             ':user' => $_POST['username'],
74.             ':fname' => $_POST['fName'],
75.             ':last' => $_POST['last_name'],
76.             //':pass' => $_POST['password'],
77.             ':age' => $_POST['age'],
78.             //':gender' => $_POST['gender'],
79.             ':cell' => $_POST['cell_num'],
80.             ':pnum' => $_POST['parent_num']
81.         );
82.        
83.         //time to run our query, and create the user
84.         try {
85.             $stmt   = $db->prepare($query);
86.             $result = $stmt->execute($query_params);
87.         }
88.         catch (PDOException $ex) {
89.             // For testing, you could use a die and message.
90.             die("Failed to run query: " . $ex->getMessage());
91.            
92.             //or just use this use this one:
93.             //$response["success"] = 0;
94.             //$response["message"] = "Database Error2. Please Try Again!";
95.             //die(json_encode($response));
96.         }
97.        
98.         //If we have made it this far without dying, we have successfully added
99.         //a new user to our database.  We could do a few things here, such as
100.         //redirect to the login page.  Instead we are going to echo out some
101.         //json data that will be read by the Android application, which will login
102.         //the user (or redirect to a different activity, I'm not sure yet..)
103.         $response["success"] = 1;
104.         $response["message"] = "User Data successfully updated!";
105.         echo json_encode($response);
106.        
107.         //for a php webservice you could do a simple redirect and die.
108.         //header("Location: login.php");
109.         //die("Redirecting to login.php");
110.        
111.        
112.     } else {
113.     ?>
114.         <h1>Register</h1>
115.         <!--  (empty($_POST['username']) || empty($_POST['fName']) || empty($_POST['last_name']) || empty($_POST['password']) || empty($_POST['age']) || empty($_POST['gender']) || empty($_POST['reg_date']) || empty($_POST['cell_num']) || empty($_POST['parent_num']) )-->
116.         <form action="updateCredintials.php" method="post" enctype="multipart/form-data">
117.             Username:<br />
118.             <input type="text" name="username" value="" placeholder="Choose a username" />
119.             <br /><br />
120.             Full Name:<br />
121.             <input type="text" name="fName" placeholder="Full Names" />
122.             <br /><br />
123.             Last Name:<br />
124.             <input type="text" name="last_name" placeholder="Last Name" />
125.             <br /><br />
126.             Password:<br />
127.             <input type="password" name="password" value="" placeholder="Password"/>
128.             <br /><br />
129.             Age:<br />
130.             <input type="number" name="age" placeholder="Please enter your age" />
131.             <br /><br />
132.             Gender<br />
133.             <input type="boolean" name="gender" placeholder="Gender" />
134.             <br /><br />
135.             Cell Number:<br/ >
136.             <input type="phone" name="cell_num" placeholder="Cell Number">
137.             <br /><br />
138.             Parent Cell:<br />
139.             <input type="phone" name="parent_num" placeholder="Parent number" />
140.             <br /><br />
141.             Profile Photo:<br />
142.             <input type="file" name="userProfile">
143.             <input type="submit" value="Update User Data" name="submit"/>
144.         </form>
145.         <?php
146.     }
147.     }
148. }
149. $instance = new user();
150. $instance -> updateCredintials();
151. ?>