-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathprofile.php
97 lines (85 loc) · 2.78 KB
/
profile.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
<?php
session_start();
include 'includes/DatabaseConnection.php';
include 'includes/DatabaseFunctions.php';
require_once 'includes/session.php';
if (!$user_id) {
header("Location: login.php");
exit;
}
$success = '';
$error = '';
$user = getUser($pdo, $user_id);
$savedQuestions = getUserSavedQuestions($pdo, $user_id);
// Handle profile image
if (isset($_POST['upload_image']) && isset($_FILES['profile_image'])) {
$stmt = $pdo->prepare("SELECT image FROM user WHERE user_id = :user_id");
$stmt->execute(['user_id' => $user_id]);
$currentImage = $stmt->fetchColumn();
// Upload new image and update the database
$newImageName = uploadImage(
$pdo,
$_FILES['profile_image'],
'avatar_uploads/',
"UPDATE user SET image = :image WHERE user_id = :user_id",
['user_id' => $user_id],
$currentImage
);
if ($newImageName) {
$_SESSION['image'] = $newImageName;
$user['image'] = $newImageName;
$success = "The image has been uploaded and updated successfully.";
} else {
$error = "Sorry, there was an error uploading your file.";
}
}
// Handle profile name
if (isset($_POST['change_name'])) {
$newUsername = trim($_POST['username']);
if (!empty($newUsername)) {
updateUserName($pdo, $user_id, $newUsername);
$_SESSION['username'] = $newUsername;
$user['username'] = $newUsername;
$success = "Username updated successfully!";
} else {
$error = "Username cannot be empty.";
}
}
if (isset($_POST['change_email'])) {
$newEmail = trim($_POST['email']);
if (!empty($newEmail)) {
updateUserEmail($pdo, $user_id, $newEmail);
$_SESSION['email'] = $newEmail;
$user['email'] = $newEmail;
$success = "Email updated successfully.";
} else {
$error = "Email cannot be empty.";
}
}
if (isset($_POST['change_password'])) {
$newPassword = trim($_POST['new_password']);
$confirmPassword = trim($_POST['confirm_password']);
if ($newPassword === $confirmPassword) {
updateUserPassword($pdo, $user_id, $newPassword);
$success = "Password changed successfully.";
} else {
$error = "Passwords do not match.";
}
}
if (isset($_POST['delete_account']) && $isLoggedIn) {
if (deleteUser($pdo, $user_id)) {
$profileImagePath = !empty($user['image']) ? 'avatar_uploads/' . $user['image'] : null;
if ($profileImagePath && file_exists($profileImagePath)) {
unlink($profileImagePath);
}
session_destroy();
header("Location: login.php");
exit;
} else {
$error = "There was an error deleting your account.";
}
}
ob_start();
include 'templates/profile.html.php';
$output = ob_get_clean();
include 'templates/layout.html.php';