<?phpinclude ('includes/connection.php');include ('includes/adminheader.php'

1. <?php
2. include ('includes/connection.php');
3. include ('includes/adminheader.php');
4. if (isset($_SESSION['username'])) {
5.     $username = $_SESSION['username'];
6.     $query = "SELECT * FROM users WHERE username = '$username'" ;
7.     $result= mysqli_query($conn , $query) or die (mysqli_error($conn));
8.     if (mysqli_num_rows($result) > 0 ) {
9.         $row = mysqli_fetch_array($result);
10.         $userid = $row['id'];
11.         $usernm = $row['username'];
12.         $userpassword = $row['password'];
13.         $useremail = $row['email'];
14.         $userfirstname = $row['firstname'];
15.         $userlastname = $row['lastname'];
16.  
17.     }
18.  
19. if (isset($_POST['update'])) {
20. require "../gump.class.php";
21. $gump = new GUMP();
22. $_POST = $gump->sanitize($_POST);
23.  
24.  
25. $gump->validation_rules(array(
26.     'firstname'   => 'required|alpha|max_len,30|min_len,2',
27.     'lastname'    => 'required|alpha|max_len,30|min_len,1',
28.     'email'       => 'required|valid_email',
29.     'currentpassword' => 'required|max_len,50|min_len,6',
30.     'newpassword'    => 'max_len,50|min_len,6',
31. ));
32. $gump->filter_rules(array(
33.     'firstname' => 'trim|sanitize_string',
34.     'lastname' => 'trim|sanitize_string',
35.     'currentpassword' => 'trim',
36.     'newpassword' => 'trim',
37.     'email'    => 'trim|sanitize_email',
38.     ));
39. $validated_data = $gump->run($_POST);
40. if($validated_data === false) {
41.     ?>
42.     <center><font color="red" > <?php echo $gump->get_readable_errors(true); ?> </font></center>
43.     <?php
44. }
45.  
46. else if (!password_verify($validated_data['currentpassword'] ,  $userpassword))  
47. {
48.     echo  "<center><font color='red'>Current password is wrong! </font></center>";
49. }
50. else if (empty($_POST['newpassword']) && empty($_POST['confirmnewpassword']))
51. {
52. $userpassword = $row['password'];
53. }
54. else if ($_POST['newpassword'] !== $_POST['confirmnewpassword'])
55. {
56.     echo  "<center><font color='red'>New password and Confirm New password do not match </font></center>";
57.    
58. }
59.  
60. else {
61.       $userfirstname = $validated_data['firstname'];
62.       $userlastname = $validated_data['lastname'];
63.       $useremail = $validated_data['email'];
64.       $pass = $validated_data['newpassword'];
65.       $userpassword = password_hash("$pass" , PASSWORD_DEFAULT);
66.  
67. $updatequery = "UPDATE users SET password = '$userpassword', firstname='$userfirstname' , lastname= '$userlastname' , email= '$useremail' WHERE id='$userid'";
68. $result1 = mysqli_query($conn , $updatequery) or die(mysqli_error($conn));
69. if (mysqli_affected_rows($conn) > 0) {
70.     echo "<script>alert('PROFILE UPDATED SUCCESSFULLY');</script>";
71. }
72. else {
73.     echo "<script>alert('An error occured, Try again!');</script>";
74. }
75. }
76. }
77. }
78. ?>
79. <div id="wrapper">
80.  
81.         <!-- Navigation -->
82.        <?php include 'includes/adminnav.php';?>
83.         <div id="page-wrapper">
84.  
85.             <div class="container-fluid">
86.  
87.                 <!-- Page Heading -->
88.                 <div class="row">
89.                     <div class="col-lg-12">
90.                         <h1 class="page-header">
91.                             Welcome to your Profile
92.                             <small><?php echo $_SESSION['firstname']; ?></small>
93.                         </h1>
94. <form role="form" action="" method="POST" enctype="multipart/form-data">
95.  
96. <div class="form-group">
97.         <label for="user_title">User Name</label>
98.         <input type="text" name="username" class="form-control" value="<?php echo $username; ?>" readonly>
99.     </div>
100.  
101.  
102.  
103.     <div class="form-group">
104.         <label for="user_author">FirstName</label>
105.         <input type="text" name="firstname" class="form-control" value="<?php echo $userfirstname; ?>" required>
106.     </div>
107.  
108.     <div class="form-group">
109.         <label for="user_status">LastName</label>
110.         <input type="text" name="lastname" class="form-control" value="<?php echo $userlastname; ?>" required>
111.     </div>
112.     <div class="form-group">
113.         <label for="user_tag">Email</label>
114.         <input type="email" name="email" class="form-control" value="<?php echo $useremail; ?>" required>
115.     </div>
116.     <div class="form-group">
117.         <label for="usertag">Current Password</label>
118.         <input type="password" name="currentpassword" class="form-control" placeholder="Enter Current password" required>
119.     </div>
120.     <div class="form-group">
121.         <label for="usertag">New Password</label>
122.         <input type="password" name="newpassword" class="form-control" placeholder="Enter New Password">
123.     </div>
124.     <div class="form-group">
125.         <label for="usertag">Confirm New Password</label>
126.         <input type="password" name="confirmnewpassword" class="form-control" placeholder="Re-Enter New Password" >
127.     </div>
128. <hr>
129.  
130.  
131. <button type="submit" name="update" class="btn btn-primary" value="Update User">Update User</button>
132.  
133.                     </div>
134.                 </div>
135.                 <!-- /.row -->
136.  
137.             </div>
138.             <!-- /.container-fluid -->
139.  
140.         </div>
141.         <!-- /#page-wrapper -->
142. <!--
143.    <?php 'includes/admin_footer.php';?> -->
144.     </div>
145.     <!-- /#wrapper -->
146.  
147.     <!-- jQuery -->
148.     <script src="js/jquery.js"></script>
149.  
150.     <!-- Bootstrap Core JavaScript -->
151.     <script src="js/bootstrap.min.js"></script>
152.  
153. </body>
154.  
155. </html>