ini_set("display_errors",1);session_start();$temp=$_SESSION['username'];if(is

1. ini_set("display_errors",1);
2. session_start();
3. $temp=$_SESSION['username'];
4. if(isset($_POST)){
5. require 'db.php';
6. $Destination = '../userfiles/background-images';
7. if(!isset($_FILES['BackgroundImageFile']) || !is_uploaded_file($_FILES['BackgroundImageFile']['tmp_name'])){
8. $BackgroundNewImageName= 'default-background.jpg';
9. move_uploaded_file($_FILES['BackgroundImageFile']['tmp_name'], "$Destination/$BackgroundNewImageName");
10. }
11. else{
12. $RandomNum = rand(0, 9999999999);
13. $ImageName = str_replace(' ','-',strtolower($_FILES['BackgroundImageFile']['name']));
14. $ImageType = $_FILES['BackgroundImageFile']['type'];
15. $ImageExt = substr($ImageName, strrpos($ImageName, '.'));
16. $ImageExt = str_replace('.','',$ImageExt);
17. $ImageName = preg_replace("/.[^.s]{3,4}$/", "", $ImageName);
18. $BackgroundNewImageName = $ImageName.'-'.$RandomNum.'.'.$ImageExt;
19. move_uploaded_file($_FILES['BackgroundImageFile']['tmp_name'], "$Destination/$BackgroundNewImageName");
20. }
21. $sql1="UPDATE signup SET backgroundpicture='$BackgroundNewImageName' WHERE username = '$temp'";
22. $sql2="INSERT INTO signup (backgroundpicture) VALUES ('$BackgroundNewImageName') WHERE username = '$temp'";
23. $result = mysqli_query($db,"SELECT * FROM signup WHERE username = '$temp'");
24. if( mysqli_num_rows($result) > 0) {
25. if(!empty($_FILES['BackgroundImageFile']['name'])){
26. mysqli_query($db,$sql1)or die(mysqli_error($db));
27. header("location:../edit-profile.php?username=$temp");
28. }
29. }
30. else {
31. mysqli_query($db,$sql2)or die(mysqli_error($db));
32. header("location:../edit-profile.php?username=$temp");
33. }
34. $Destination = '../userfiles/avatars';
35. if(!isset($_FILES['ImageFile']) || !is_uploaded_file($_FILES['ImageFile']['tmp_name'])){
36. $NewImageName= 'default.png';
37. move_uploaded_file($_FILES['ImageFile']['tmp_name'], "$Destination/$NewImageName");
38. }
39. else{
40. $RandomNum = rand(0, 9999999999);
41. $ImageName = str_replace(' ','-',strtolower($_FILES['ImageFile']['name']));
42. $ImageType = $_FILES['ImageFile']['type'];
43. $ImageExt = substr($ImageName, strrpos($ImageName, '.'));
44. $ImageExt = str_replace('.','',$ImageExt);
45. $ImageName = preg_replace("/.[^.s]{3,4}$/", "", $ImageName);
46. $NewImageName = $ImageName.'-'.$RandomNum.'.'.$ImageExt;
47. move_uploaded_file($_FILES['ImageFile']['tmp_name'], "$Destination/$NewImageName");
48. }
49. $sql5="UPDATE signup SET avatar='$NewImageName' WHERE username = '$temp'";
50. $sql6="INSERT INTO signup (avatar) VALUES ('$NewImageName') WHERE username = '$temp'";
51. $result = mysqli_query($db,"SELECT * FROM signup WHERE username = '$temp'");
52. if( mysqli_num_rows($result) > 0) {
53. if(!empty($_FILES['ImageFile']['name'])){
54. mysqli_query($db,$sql5)or die(mysqli_error($db));
55. header("location:../edit-profile.php?username=$temp");
56. }
57. }
58. else {
59. mysqli_query($db,$sql5)or die(mysqli_error($db));
60. header("location:../edit-profile.php?username=$temp");
61. }
62. $user_firstname=$_REQUEST['firstname'];
63. $user_lastname=$_REQUEST['lastname'];
64. $user_email=$_REQUEST['email'];
65. $user_password=$_REQUEST['password'];
66.  
67. $user_address=$_REQUEST['address'];
68.  
69. $user_dob=$_REQUEST['dob'];
70. $user_gender=$_REQUEST['gender'];
71. $user_country=$_REQUEST['country'];
72.  
73. $sql3="UPDATE signup SET firstname='$user_firstname',lastname='$user_lastname',address='$user_address',email='$user_email',password='$user_password',
74. dob='$user_dob',gender='$user_gender',country='$user_country' WHERE username = '$temp'";
75. mysqli_query($db,$sql3)or die(mysqli_error($db));
76. header("location:../edit-profile.php?user_username=$temp&request=profile-update&status=success");
77. }