Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- include("db.php");
- // Connessione al database
- $conn = mysqli_connect($db_host, $db_user, $db_password);
- mysqli_select_db($conn, $db_database);
- mysqli_begin_transaction($conn);
- // Leggo i dati dall'updateinfo
- // evito injection
- $username=mysqli_escape_string($conn,$_POST["username"]);
- $password=mysqli_escape_string($conn,$_POST["password"]);
- $name=mysqli_escape_string($conn,$_POST["name"]);
- $surname=mysqli_escape_string($conn,$_POST["surname"]);
- $email=mysqli_escape_string($conn,$_POST["email"]);
- $birth=mysqli_escape_string($conn,$_POST["birth"]);
- // Cripta password
- $password = md5($password);
- // controllo se l'username inserito รจ presente nel DB
- $query=mysqli_query($conn,"SELECT * FROM account where username ='".$username."'");
- $row=mysqli_fetch_array($query,MYSQLI_ASSOC);
- if($row)
- {
- echo "<html>";
- echo "<body>";
- echo "Username già esistente<br>";
- echo "<a href='Accountinfo.php'> Torna indietro </a><br>";
- echo "</body>";
- echo "</html>";
- }
- else
- {
- mysqli_query($conn,"UPDATE account SET password='".$password."',username='".$username."' WHERE user_id =".$_SESSION["user_id"]);
- mysqli_query($conn,"UPDATE users SET name='".$name."',surname='".$surname."',birth='".$birth."',email='".$email."' WHERE user_id=".$_SESSION["user_id"]);
- }
- mysqli_commit($conn);
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement