It still doesn't work!
And When I Go to ..../profile.php?uid=098347
It just shows the profile...even if there is no user with that id.
My scripts : (profile.php)
<?php
include('core/init.inc.php');
$user_info = fetch_user_info($_GET['uid']);
?>
<html>
<head><title><?php echo $user_info ['username'] ;?>'s Profile</title></head>
<body>
<div>
<?php
if ($user_info === false ) {
echo 'That user does not exist.' ;
} else {
?>
<h1><?php echo $user_info ['firstname'] ;?> <?php $user_info ['lastname'] ;?></h1>
<img src="<?php echo $user_info ['avatar']?>" alt="Avatar" />
<p>Username : <?php echo $user_info ['username'] ;?></p>
<p>Gender : <?php echo ($user_info ['gender'] == 1 ? 'Male' : 'Female') ;?></p>
<p>Email : <?php echo $user_info ['email'] ;?></p>
<p>Location : <?php echo $user_info ['location'] ;?></p>
<?php echo $user_info ['about'] ;?>
<?php
}
?>
</div>
</body>
</html>
edit_profile.php
<?php
include('core/init.inc.php');
if (isset ($_POST ['email'], $_POST ['location'], $_POST ['about'])) {
$errors = array () ;
if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)=== false) {
$errors [] = 'The email address you entered is invalid.' ;
}
if (preg_match('#^[a-z0-9]+$#i', $_POST['location']) === 0) {
$errors[] = 'Your location must only contain \'a-z\', \'0-9\' and spaces.' ;
}
if (empty($_FILES['avatar']['tmp_name']) === false) {
$file_ext = end(explode('.', $_FILES['avatar']['name'])) ;
if (in_array (strtolower($file_ext), array('jpg','jpeg','png','gif')) === false) {
$errors[] = 'Your profile picture must be an image.' ;
}
}
if (empty($errors)) {
set_profile_info ($_POST['email'],$_POST['about'],$_POST ['location'], (empty($_FILES['avatar']['tmp_name']) ? false : $_FILES['avatar']['tmp_name']));
}
$user_info = array (
$email => htmlentities($_POST ['email']),
$about => htmlentities($_POST ['about']),
$location => htmlentities($_POST ['location'])
) ;
} else {
$user_info = fetch_user_info ($_SESSION['uid']);
}
?>
<html>
<head></head>
<body>
<div>
<?php
if (isset ($errors)=== false) {
echo 'Click the update button to edit your profile.' ;
} else if (empty ($errors)){
echo 'Your profile has been updated.' ;
} else {
echo '<ul><li>', implode ('</li><li>', $errors), '</li></ul>' ;
}
?>
</div>
<form action="" method="POST" enctype = "multipart/form-data">
<div>
<label for="email">Email:</label>
<input type="text" name="email" id="email" value="<?php echo $_POST ['email'] ; ?>"/>
</div>
<div>
<label for="location">Location:</label>
<input type="text" name="location" id="location" value="<?php echo $_POST ['location'] ; ?>" />
</div>
<div>
<label for="about">About Me:</label>
<textarea name="about" id="about" rows="14" cols="50"><?php echo strip_tags($_POST ['about']) ; ?></textarea>
</div>
<div>
<label for="avatar">Avatar</label>
<input type="file" name="avatar" id="avatar" />
</div>
<div>
<input type="submit" value="Update"/>
</div>
</form>
</body>
</html>
user_list.php
<?php
error_reporting(E_ALL ^ E_WARNING) ;
include 'core/init.inc.php' ;
?>
<html>
<head>
<title>Registered Users!</title>
</head>
<body>
<div>
<?php
foreach (fetch_users() as $user) {
?>
<p>
<a href="profile.php?uid=<?php echo $user['id'] ?>" ><?php echo $user ['username'] ; ?></a>
</p>
<?php
}
?>
<div>
</body>
</html>
init.inc.php
<?php
error_reporting (E_ALL ^ E_NOTICE) ;
session_start () ;
mysql_connect ('localhost','root','shahlin') ;
mysql_select_db ('user_profile') ;
$path = dirname (__FILE__);
include ("{$path}/inc/user.inc.php") ;
$_SESSION ['uid']= 1 ;
?>
user.inc.php
<?php
// fetches all of the users from the table!
function fetch_users() {
$result = mysql_query ("SELECT `user_id` AS `id`, `user_username` AS `username` FROM `users`") ;
$users = array () ;
while (($row = mysql_fetch_assoc($result)) !== false) {
$users [] = $row ;
}
return $users ;
}
function fetch_user_info ($uid) {
$uid = (int)$uid;
$sql = "SELECT
`user_username` AS `username`,
`user_firstname` AS `firsntame`,
`user_lastname` AS `lastname`,
`user_email` AS `email`,
`user_about` AS `about`,
`user_location` AS `location`,
`user_gender` AS `gender`
FROM `users`
WHERE `user_id`= ($uid)" ;
$result = mysql_query($sql) ;
$info = mysql_fetch_assoc($result) ;
$info ['avatar'] = (file_exists("{$GLOBAL ['path']}/user_avatars/{$info['id']}.jpg")) ? "core/user_avatars/{$info['id']}.jpg" : "core/user_avatars/default.jpg" ;
return $info ;
}
//updates the current users proifle
function set_profile_info ($email, $about, $location, $avatar){
$email = mysql_real_escape_string (htmlentities($email)) ;
$about = mysql_real_escape_string (nl2br(htmlentities($about))).
$location = mysql_real_escape_string ($location) ;
if (file_exists($avatar)){
$src_size = getimagesize($avatar) ;
if ($src_size ['mime'] === 'image/jpeg') {
$src_img = imagecreatefromjpeg ($avatar) ;
} else if ($src_size ['mime'] === 'image/png') {
$src_img = imagecreatfrompng ($avatar) ;
} else if ($src_size ['mime'] === 'image/gif') {
$src_img = imagecreatfromgif ($avatar) ;
} else {
$src_img = false ;
}
if ($src_img !== false) {
$thumb_width = 100 ;
if ($src_size[0] <= $thumb_width) {
$thumb = $src_img ;
} else {
$new_size [0] = $thumb_width ;
$new_size [1] = ($src_size[1] / $src_size [0]) * $thumb_width ;
$thumb = imagecreatetruecolor ($new_size[0], $new_size [1]) ;
imagecopyresampled ($thumb, $src_img, 0, 0, 0, 0, $new_size[0], $new_size[1], $src_size[0], $src_size[1]) ;
}
imagejpeg ($thumb, "{$GLOBALS['path']}/user_avatars/{$_SESSION['uid']}.jpg") ;
}
}
$sql = "UPDATE `users` SET
`user_email` = '{$email}' ,
`user_about` = '{$about}',
`user_location` = '{$location}'
WHERE `user_id` = {$_SESSION ['uid']}" ;
mysql_query ($sql) ;
}
?>