init.inc.php
<?php
session_start();
mysql_connect('localhost','root','');
mysql_select_db('login');
$path = dirname('_FILE_');
include("{$path}/core/inc/user.inc.php");
$_SESSION['uid'] = 1
?>]
Profile.php
<?php
include('core/init.inc.php');
$user_info = fetch_user_info($_GET['uid']);
?>
<html>
<head>
<title><?php echo $user_info['firstname']; ?> <?php echo $user_info['lastname']; ?>'s Profile</title>
</head>
<body>
<div>
<?php
if ($user_info === false){
echo 'That User Does not exist';
}else{
?>
<font size="7px"><?php echo $user_info['firstname']; ?> <?php echo $user_info['lastname']; ?></font> <a href="edit_profile.php">Edit Profile</a><hr />
<p>Username: <?php echo $user_info['username']; ?></p>
<p>Gender: <?php echo ($user_info['gender'] == 0) ? 'Male' : 'Female'; ?></p>
<p>Email: <?php echo $user_info['email']; ?></p>
<p>Location: <?php echo $user_info['location']; ?></p>
<p>About: <?php echo $user_info['about']; ?></p>
<p><?php echo $user_info['about']; ?></p>
<?php
}
?>
</div>
</body>
</html>
user.inc.php
<?php
// Fetches All of the users from the table
function fetch_users(){
$result = mysql_query('SELECT `user_id` AS `id`,`username` AS `username` FROM `users`');
$users = array();
while(($row = mysql_fetch_assoc($result)) !== false){
$users[] = $row;
}
return $users;
}
// fetches profile information for the given user.
function fetch_user_info($uid){
$uid = (int)$uid;
$sql = "SELECT
`username` AS `username`,
`firstname` AS `firstname`,
`lastname` AS `lastname`,
`gender` AS `gender`,
`email` AS `email`,
`about` AS `about`,
`location` AS `location`
FROM `users`
WHERE `user_id` = {$uid}";
$result = mysql_query($sql);
return mysql_fetch_assoc($result);
}
// updates the current users profile info.
function set_profile_info($email, $about, $location, $avatar){
$email = mysql_real_escape_string(htmlentities($email));
$about = mysql_real_escape_string(nl2br(htmlentities($about)));
$location = mysql_real_escape_string($location);
if (file_exists($avatar)){
$src_size = getimagesize($avatar);
if ($src_size['mime'] === 'image/jpeg'){
$src_img = imagecreatefromjpeg($avatar);
}else if ($src_size['mime'] === 'image/png'){
$src_img = imagecreatefrompng($avatar);
}else if ($src_size['mime'] === 'image/gif'){
$src_img = imagecreatefromgif($avatar);
}else{
$src_img = false;
}
if ($src_img !== false){
$thumb_width = 200;
if ($src_size[0] <= $thumb_width){
$thumb = $src_img;
}else{
$new_size[0] = $thumb_width;
$new_size[1] = ($src_size[1] / $src_size[0]) * $thumb_width;
$thumb = imagecreatetruecolor($new_size[0], $new_size[1]);
imagecopyresampled($thumb, $src_img, 0, 0, 0, 0, $new_size[0], $new_size[1], $src_size[0], $src_size[1]);
}
imagejpeg($thumb, "{$GLOBALS['$path']}/user_avatars/{$_SESSION['uid']}.jpeg");
}
}
$sql = "UPDATE `users` SET
`email` = '{$email}',
`about` = '{$about}',
`location` = '{$location}'
WHERE `user_id` = '{$_SESSION['uid']}'";
mysql_query($sql);
}
?>
Edit_profile.php
<?php
include('core/init.inc.php');
if (isset($_POST['email'], $_POST['location'], $_POST['about'])){
$errors = array();
if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false){
$errors[] = 'The email address you have submited is not valid.';
}
if (preg_match('#^[a-z0-9 ]+$#i', $_POST['location']) === 0){
$errors[] = 'Your location must only contain a-z, 0-9 and spaces.';
}
if (empty($_FILES['avatar']['tmp_name']) === false){
$file_ext = end(explode('.', $_FILES['avatar']['name']));
if(in_array(strtolower($file_ext), array('jpg', 'jpeg', 'png', 'gif')) === false){
$errors[] = 'Your Avatar Must Be An Image.';
}
}
if (empty($errors)){
set_profile_info($_POST['email'], $_POST['about'], $_POST['location'], (empty($_FILES['avatar']['tmp_name'])) ? false : $_FILES['avatar']['tmp_name']);
}
$user_info = array(
'email' => htmlentities($_POST['email']),
'about' => htmlentities($_POST['about']),
'location' => htmlentities($_POST['location'])
);
}else{
$user_info = fetch_user_info('uid');
}
?>
<html>
<head>
<title> Kuhnect.com - Edit Profile </title>
</head>
<body>
<a href="user_list.php">Back to Profile</a>
<div>
<?php
if (isset($errors) === false){
echo 'Click Update to edit your profile.';
}else if (empty($errors)) {
echo 'Your profile has been updated.';
}else{
echo '<ul><li>', implode('</li><li>', $errors), '</li></ul>';
}
?>
</div>
<form action="" method="post" enctype="multipart/form-data">
<div>
<label for="email">Email:</label><br />
<input type="text" name="email" id="email" value="<?php echo $user_info['email'];?>" />
</div>
<div>
<label for="location">Location:</label><br />
<input type="text" name="location" id="location" value="<?php echo $user_info['location'];?>" />
</div>
<div>
<label for="about">About Me:</label><br />
<textarea name="about" id="about" rows="14" cols="50"><?php echo strip_tags($user_info['about']);?></textarea>
</div>
<div>
<label for="avatar">Avatar:</label><br />
<input type="file" name="avatar" id="avatar" />
</div>
<div>
<input type="Submit" value="Update" />
</div>
</form>
</body>
</html>
