File Manager
Editing: edit_profile.php
<?php // Include the shared functions file require_once 'functions.php'; ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL); session_start(); if (!isset($_SESSION['user_id'])) { header("Location: login.php"); exit(); } $user_id = $_SESSION['user_id']; $host = "127.0.0.1:3306"; $username = "u404542307_dacotywebsites"; $password = "daCotywebs1te5"; $database = "u404542307_eizon"; try { // Establish database connection $pdo = new PDO("mysql:host=$host;dbname=$database", $username, $password); $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); } catch (PDOException $e) { die("Could not connect to the database: " . $e->getMessage()); } // Handle form submission if ($_SERVER['REQUEST_METHOD'] === 'POST') { $username = $_POST['username']; $description = $_POST['description']; $country_code = $_POST['country_code']; $phoneNumber = $_POST['phone_number']; // Phone number without country code $location = $_POST['location']; // Validate the phone number if (!preg_match('/^[0-9]{6,15}$/', $phoneNumber)) { die("Invalid phone number format."); } // Handle file uploads $profile_image = null; $banner_image = null; if (!empty($_FILES['profile_image']['name'])) { $profile_image = "uploads/" . basename($_FILES['profile_image']['name']); move_uploaded_file($_FILES['profile_image']['tmp_name'], $profile_image); } if (!empty($_FILES['banner_image']['name'])) { $banner_image = "uploads/" . basename($_FILES['banner_image']['name']); move_uploaded_file($_FILES['banner_image']['tmp_name'], $banner_image); } // Check if the profile exists $stmt = $pdo->prepare("SELECT id FROM profiles WHERE user_id = :user_id"); $stmt->bindParam(':user_id', $user_id, PDO::PARAM_INT); $stmt->execute(); $profile = $stmt->fetch(PDO::FETCH_ASSOC); if ($profile) { // Update profile $stmt = $pdo->prepare("UPDATE profiles SET profile_image = COALESCE(:profile_image, profile_image), banner_image = COALESCE(:banner_image, banner_image), username = :username, description = :description, country_code = :country_code,phone_number = :phone_number, location = :location WHERE user_id = :user_id"); $stmt->bindParam(':profile_image', $profile_image); $stmt->bindParam(':banner_image', $banner_image); $stmt->bindParam(':username', $username); $stmt->bindParam(':description', $description); $stmt->bindParam(':country_code', $country_code); $stmt->bindParam(':phone_number', $phoneNumber); // Store without country code $stmt->bindParam(':location', $location); $stmt->bindParam(':user_id', $user_id, PDO::PARAM_INT); } else { // Insert new profile $stmt = $pdo->prepare("INSERT INTO profiles (user_id, profile_image, banner_image, username, description, country_code, phone_number, location) VALUES (:user_id, :profile_image, :banner_image, :username, :description, :country_code, :phone_number, :location)"); $stmt->bindParam(':user_id', $user_id, PDO::PARAM_INT); $stmt->bindParam(':profile_image', $profile_image); $stmt->bindParam(':banner_image', $banner_image); $stmt->bindParam(':username', $username); $stmt->bindParam(':description', $description); $stmt->bindParam(':country_code', $country_code); $stmt->bindParam(':phone_number', $phoneNumber); // Store without country code $stmt->bindParam(':location', $location); } if ($stmt->execute()) { echo "Profile updated successfully!"; // Redirect to dashboard.php immediately after success header("Location: dashboard.php"); exit(); // Ensure the script stops executing after redirect } else { echo "Error: " . $stmt->errorInfo()[2]; } } // Fetch the user's current profile $stmt = $pdo->prepare("SELECT * FROM profiles WHERE user_id = :user_id"); $stmt->bindParam(':user_id', $user_id, PDO::PARAM_INT); $stmt->execute(); $profile = $stmt->fetch(PDO::FETCH_ASSOC); // Fetch the username from the users table $stmt = $pdo->prepare("SELECT username FROM users WHERE id = :user_id"); $stmt->bindParam(':user_id', $user_id, PDO::PARAM_INT); $stmt->execute(); $userData = $stmt->fetch(PDO::FETCH_ASSOC); ?> <!DOCTYPE html> <html lang="en"> <head> <!-- Google tag (gtag.js) --> <script async src="https://www.googletagmanager.com/gtag/js?id=G-Z6RR2PMZW4"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-Z6RR2PMZW4'); </script> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Edit Profile</title> <link rel="stylesheet" href="accounts.css"> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/all.min.css"> <link rel="manifest" href="/manifest.json"> </head> <body> <h1 style="text-align: center;">Welcome to eizon!</h1> <form class="editform" method="POST" enctype="multipart/form-data"> <h2>Please edit your profile</h2> <label>username:</label> <input type="text" name="username" value="<?php echo htmlspecialchars($userData['username'] ?? ''); ?>" required placeholder="Business Name"><br> <div class="profile-banner" style="display: flex;"> <div class="profile-img"> <label>Profile Image:</label> <input type="file" name="profile_image"><br> <?php if (!empty($profile['profile_image'])): ?> <img src="<?php echo htmlspecialchars($profile['profile_image']); ?>" alt="Profile Image" style="width: 100px;"><br> <?php endif; ?> </div> <div class="banner-img"> <label>Banner Image:</label> <input type="file" name="banner_image"><br> <?php if (!empty($profile['banner_image'])): ?> <img src="<?php echo htmlspecialchars($profile['banner_image']); ?>" alt="Banner Image" style="width: 100px;"><br> <?php endif; ?> </div> </div> <label>Description:</label> <textarea name="description" maxlength="200"><?php echo htmlspecialchars($profile['description'] ?? ''); ?></textarea><br> <label for="contact">WhatsApp number:</label> <div class="phone-input"> <select id="country-code" name="country_code" required style="width:40%;"> <option value="+255" selected>Tz (+255)</option> <option value="+254">Keny (+254)</option> <option value="+256">Uga (+256)</option> <option value="+250">Rwnd (+250)</option> <option value="+1">USA (+1)</option> <option value="+44">UK (+44)</option> <!-- Add more country codes as needed --> </select> <input type="tel" id="contact" name="phone_number" value="<?php echo htmlspecialchars($profile['phone_number'] ?? ''); ?>" placeholder="711***675" required pattern="[0-9]{6,15}" style="width:40%;"> </div> <small id="contact-error" style="color: red; display: none;">Please enter a valid phone number.</small> <label>Location:</label> <input type="text" name="location" value="<?php echo htmlspecialchars($profile['location'] ?? ''); ?>"><br> <button type="submit" style="background-color:orange;color:white;">DONE</button> <!-- <a href="dashboard.php">I'll come back later</a> --> </form> <script> document.querySelector("form").addEventListener("submit", function (e) { const countryCode = document.getElementById("country-code").value; let phoneNumber = document.getElementById("contact").value.trim(); const contactError = document.getElementById("contact-error"); // Regular expression to allow only digits with a length between 6 and 15 const phoneRegex = /^[0-9]{6,15}$/; if (!phoneRegex.test(phoneNumber)) { contactError.style.display = "block"; contactError.textContent = "Please enter a valid phone number (digits only, 6-15 characters)."; e.preventDefault(); return; } else { contactError.style.display = "none"; } // Remove leading zero if it exists if (phoneNumber.startsWith("0")) { phoneNumber = phoneNumber.substring(1); } // Create a hidden input for the full phone number const fullNumber = `${countryCode}${phoneNumber}`; let hiddenInput = document.querySelector("input[name='full_contact']"); if (!hiddenInput) { hiddenInput = document.createElement("input"); hiddenInput.type = "hidden"; hiddenInput.name = "full_contact"; this.appendChild(hiddenInput); } hiddenInput.value = fullNumber; }); </script> </body> </html>
💾 Save
⬅ Back