RestaurantReviews Worcester - first_edit.php

1. <?php
2. require_once 'includes/accountassets/class.user.php';
3. $user = new USER();
4.  
5.  
6.  
7. if(isset($_GET['id']) && isset($_GET['code']))
8. {
9.     $id = base64_decode($_GET['id']);
10.     $code = $_GET['code'];
11.    
12.     $stmt = $user->runQuery("SELECT * FROM customer WHERE user_id=:uid AND tokenCode=:token");
13.     $stmt->execute(array(":uid"=>$id,":token"=>$code));
14.     $rows = $stmt->fetch(PDO::FETCH_ASSOC);
15.    
16.     if($stmt->rowCount() == 1)
17.     {
18.         if(isset($_POST['btn-reset-pass']))
19.         {
20.             $sfname = $_POST['sub_fname'];
21. $slname = $_POST['sub_lname'];
22. $suni = $_POST['sub_uni'];
23. $ssnum = $_POST['sub_snum'];
24. $sac = $_POST['sub_ac'];
25. $sdob = $_POST['sub_dob'];
26.  
27.  
28.            
29.            
30.             {
31.        
32.              $stmt = $user->runQuery("UPDATE customer SET fname=:ufname, lname=:ulname, CustomerUniversity=:uuni, CustomerStudentNumber=:usnum, CustomerAcademicYear=:uac, CustomerDOB=:udob WHERE user_id=:"uid");
33.                 $stmt->execute(array(":ufname"=>$sfname,":ulname"=>$slname,":uuni"=>$suni,":usnum"=>$ssnum,":uac"=>$sac,":udob"=>$sdob,
34. :uid"=>$rows['user_id']));
35.  
36.  
37.  
38.  
39.                
40.                 $msg = "<div class='alert alert-success'>
41.                         <button class='close' data-dismiss='alert'>&times;</button>
42.                         Password Changed.
43.                         </div>";
44.                 header("refresh:5;signin.php");
45.             }
46.         }  
47.     }
48.     else
49.     {
50.         $msg = "<div class='alert alert-success'>
51.                 <button class='close' data-dismiss='alert'>&times;</button>
52.                 No Account Found, Try again
53.                 </div>";
54.                
55.     }
56.    
57.    
58. }
59.  
60. ?>
61.  
62.   <?php include_once("includes/header.php"); ?>
63.  
64.     <?php include_once("includes/membersdata.php"); ?>
65.  
66.       <title>Welcome to
67.         <?php include_once("includes/brandname.php"); ?>
68.       </title>
69.  
70.  
71.  
72.  
73.       <!-- Main jumbotron for a primary marketing message or call to action -->
74.       <div class="jumbotron" style="background-image: url(images/pages/forks.png);">
75.         <div class="container">
76.           <p>&nbsp;</p>
77.           <p>&nbsp;</p>
78.           <h1>Welcome</h1>
79.           <h2>As this is your first time you signed into your account, please take the time to update your  information</h2>
80.           <p>&nbsp;</p>
81.           <p>&nbsp;</p>
82.  
83.           <form class="form-signin" method="post">
84.             <table style="width:100%">
85.               <tr>
86.                 <td>
87.                   <input type="text" name="sub_fname" class="form-control" placeholder="First Name" aria-describedby="basic-addon1" required>
88.                 </td>
89.                 <td>
90.                   <p>&nbsp; &nbsp;</p>
91.                 </td>
92.                 <td>
93.                   <input type="text" class="form-control" name="sub_lname" placeholder="Last Name" aria-describedby="basic-addon1">
94.                 </td>
95.  
96.               </tr>
97.               <tr>
98.                 <td>
99.                   <input type="text" class="form-control" name="sub_uni" placeholder="University or HEI Name" aria-describedby="basic-addon1" required>
100.                 </td>
101.                 <td>
102.                   <p>&nbsp; &nbsp;</p>
103.                 </td>
104.                 <td>
105.                   <input type="password" class="form-control" name="sub_snum" placeholder="Student Number" aria-describedby="basic-addon1" required>
106.                 </td>
107.               </tr>
108.  
109.               <tr>
110.                 <td>
111.                   <select name="sub_ac" class="form-control">
112.                     <option value="unknown">Current academic year</option>
113.                     <option value="1st year">1st year</option>
114.                     <option value="2nd year">2nd year</option>
115.                     <option value="3rd year">3rd year</option>
116.                     <option value="4th year">4th year</option>
117.                     <option value="5th year">5th year</option>
118.                     <option value="Over 5th year">Over 5th year</option>
119.  
120.                   </select>
121.                 </td>
122.                 <td>
123.                   <p>&nbsp; &nbsp;</p>
124.                 </td>
125.                 <td>
126.                   <input type="date" class="form-control" name="sub_dob" placeholder="<?php echo $row['CustomerDOB']; ?>" aria-describedby="basic-addon1">
127.                 </td>
128.               </tr>
129.             </table>
130.  
131.             <p>&nbsp;</p>
132.             <input type="submit" class="btn ban-primary" name="btn-reset-pass">
133.           </form>
134.  
135.  
136.  
137.  
138.         </div>
139.       </div>
140.  
141.  
142.  
143.       <div class="container">
144.         <p>&nbsp;</p>
145.         <ol class="breadcrumb" style="align:left; text-align:left;">
146.           <p>You are here:</p>
147.           <li><a href="index.php">Home</a></li>
148.           <li><a href="members.php">Members Home</a></li>
149.           <li class="active">Edit your details</li>
150.         </ol>
151.         <!-- Example row of columns -->
152.         <div class="row">
153.           <div class="col-md-2">
154.  
155.           </div>
156.         </div>
157.  
158.  
159.         <?php include_once("includes/footer.php"); ?>
160.  
161.  
162.  
163. ****
164.  
165. Page URL with errors: http://jburford.worcestercomputing.com/rrworc/first_edit.php
166.  
167. /home/skjsfdnm/public_html/rrworc/first_edit.php
168.  
169. email: test@worc.ac.uk
170. password: Example2016