Merge branch 'master' of http://gitlab.informatika.org/IF3110-2017-K02-OneHundred/TugasBesar1_2017

23a63b2c · Husnulzaki Wibisono Haryadi · 7d44e03c · b7c69339 · 23a63b2c · 23a63b2c
Commit 23a63b2c authored 7 years ago by Husnulzaki Wibisono Haryadi
--- a/css/profile.css
+++ b/css/profile.css
@@ -6,22 +6,30 @@
    text-align: left;
    margin-top: 0;
 }
-.profile_subtitle {
-    height: 10%;
+.profile_container {
+    height: 70%;
+}
+.profile_header {
+    height: 15%;
 }
 .profile_title {
    float: left;
 }
 .profile_title h1 {
    text-align: left;
-    margin: 0 ;
+    margin: 0;
 }
 .edit_profile_button {
    float: right;
    margin-top: 0;
    margin-right: 10 px;
 }
-.image_frame {
+.myprofile {
+    text-align: center;
+    margin-left: auto;
+    margin-right: auto;
+}
+.profilepict_frame {
    width: 100px;
    height: 100px;
    overflow: auto;
@@ -29,21 +37,18 @@
    margin-left: auto;
    margin-right: auto;
 }
-.image_frame img {
+.profilepict_frame img {
    display: inline;
    margin: 0 auto;
    height: 100%;
    width: 100%;
 }
-.myprofile {
-    text-align: center;
-    margin-left: auto;
-    margin-right: auto;
+.profile_info {
+    height: 100px;
 }
 #edit_profile_page {
    height: 550px;
    width: 400px;
-    overflow-y: scroll;
 }
 #edit_profile_page h1 {
    text-align: left;

--- a/login/login.php
+++ b/login/login.php
@@ -15,10 +15,9 @@
                    $dbpassword=$row['password'];
                    $user_id=$row['user_id'];
                }
-                //echo $user_id;
                if($username == $dbusername && $password == $dbpassword)
                {
-                    header("Location: ../profile_page/profile.php?id=$user_id%26&username=$username");
+                    header("Location: ../profile_page/profile.php?id=$user_id");
                }
            } else {
                include("login.html");

--- a/login/sign_up.php
+++ b/login/sign_up.php
@@ -28,11 +28,12 @@
            {
                $getUserID = mysqli_query($con,"SELECT user_id FROM user WHERE username='".$username."'") or die(mysql_error());
                $row=mysqli_fetch_assoc($getUserID);
-                $user_id=$row['id'];
+                $user_id=$row['user_id'];
+                header("Location: ../profile_page/profile.php?id=?$user_id");
                if ($status == "customer") {
-                    header("Location: ../order/order.php?id=?$user_id&username=$username");
+                    header("Location: ../order/order.php?id=?$user_id");
                } else {
-                    header("Location: ../profile_page/profile.php?id=?$user_id%26&username=$username");
+                    header("Location: ../order/order.php?id=?$user_id");
                }
            }
            mysqli_close($con);

--- a/profile_page/edit_profile.php
+++ b/profile_page/edit_profile.php
@@ -9,7 +9,20 @@
 <body>
    <div class="frame" id="edit_profile_page">
        <div class="header">
-            <?php include '../template/header.php';?>
+            <?php
+                $user_id = $_GET['id'];
+                include '../database/dbconnect.php';
+                
+                $query=mysqli_query($con,"SELECT * FROM user WHERE user_id='".$user_id."'") or die(mysqli_error());
+    
+                if(mysqli_num_rows($query)!=0)
+                {
+                    $row=mysqli_fetch_assoc($query);
+                    $username = $row['username'];
+                    include("../template/header.php");
+                }
+                mysqli_close($con);
+            ?>
        </div>
        <div class="menu">
            <?php include '../template/menu.php';?>
@@ -58,6 +71,7 @@
                    </div>
                </div>
                <div>
+                    <input id="hidden_userid" name="hidden_userid" type="text" style="display:none;">
                    <button class="button" style="float: left;"><a href="profile.php">BACK</a></button>
                    <input type="submit" value="SAVE" style="float: right;" class="button">
                </div>
@@ -65,25 +79,12 @@
        </div>
    </div>
    <?php
-        include '../database/dbconnect.php';
-        
-        $username = $_GET['username'];
-        $user_id = $_GET['id'];
-        $query=mysqli_query($con,"SELECT * FROM user WHERE username='".$username."'") or die(mysqli_error());
-    
-        $numrows=mysqli_num_rows($query);
-        if($numrows!=0)
-        {
-            while($row=mysqli_fetch_assoc($query))
-            {
-                echo "<script>document.getElementById('current_name').value = '".$row['name']."'</script>";
-                echo "<script>document.getElementById('current_phone').value = '".$row['phone']."'</script>";
-                if (isset($row['pict'])) {
-                    echo "<script>document.getElementById('edit_profile_pict').src ='getProfilePict.php?username=".$username."'</script>";
-                }
-            }
+        echo "<script>document.getElementById('current_name').value = '".$row['name']."'</script>";
+        echo "<script>document.getElementById('current_phone').value = '".$row['phone']."'</script>";
+        if (isset($row['pict'])) {
+            echo "<script>document.getElementById('edit_profile_pict').src ='getProfilePict.php?id=".$user_id."'</script>";
        }
-        mysqli_close($con);
+        echo "<script>document.getElementById('hidden_userid').value =".$user_id."</script>";
    ?>
    <script>
        function showFileName(inputFile) {

--- a/profile_page/getProfilePict.php
+++ b/profile_page/getProfilePict.php
 <?php
-    $user = $_GET['username'];
+    $user_id = $_GET['id'];
    include '../database/dbconnect.php';
-    $query=mysqli_query($con,"SELECT pict FROM user WHERE username='".$user."'") or die(mysqli_error());
+    $query=mysqli_query($con,"SELECT pict FROM user WHERE user_id='".$user_id."'") or die(mysqli_error());
    $row=mysqli_fetch_assoc($query);
    mysqli_close($con);
    if (isset($row['pict'])) {

--- a/profile_page/profile.php
+++ b/profile_page/profile.php
 <?php
-    $username = $_GET['username'];
-    $user_id = $_GET['id'];
+    
 ?>
 <html>
 <head>
@@ -12,29 +11,35 @@
 <body>
    <div class="frame" id="profile_frame">
        <div class="header">
-            <?php include'../template/header.php';?>
+            <?php
+                $user_id = $_GET['id'];
+                include '../database/dbconnect.php';
+                
+                $query=mysqli_query($con,"SELECT * FROM user WHERE user_id='".$user_id."'") or die(mysqli_error());
+                
+                if(mysqli_num_rows($query)!=0)
+                {
+                    $row=mysqli_fetch_assoc($query);
+                    $username = $row['username'];
+                    include("../template/header.php");
+                }
+                mysqli_close($con);
+            ?>
        </div>
        <div class="menu">
            <?php include'../template/menu.php';?>
        </div>
-        <div class="profile_subtitle">
-            <div class="profile_title"><h1>My Profile</h1></div>
-            <div class="edit_profile_button"><a href=<?php echo 'edit_profile.php?id='.$user_id.'%26&username='.$username; ?>>✎</a></div>
-        </div>
-        <div class="myprofile">
-            <div class="image_frame">
-                <img id="profile_pict" src="../img/default_profile.jpeg">
+        <div class="profile_container">
+            <div class="profile_header">
+                <div class="profile_title"><h1>My Profile</h1></div>
+                <div class="edit_profile_button"><a href=<?php echo 'edit_profile.php?id='.$user_id; ?>>✎</a></div>
            </div>
-            <?php
-                include '../database/dbconnect.php';
-                
-                $query=mysqli_query($con,"SELECT * FROM user WHERE username='".$username."'") or die(mysqli_error());
-    
-                $numrows=mysqli_num_rows($query);
-                if($numrows!=0)
-                {
-                    while($row=mysqli_fetch_assoc($query))
-                    {
+            <div class="myprofile">
+                <div class="profilepict_frame">
+                    <img id="profile_pict" src="../img/default_profile.jpeg">
+                </div>
+                <div class="profile_info">
+                    <?php
                        echo "</br><strong>".$row['username']."</strong></br>";
                        echo $row['name']."</br>";
                        if ($row['status'] == "driver") {
@@ -43,12 +48,11 @@
                        echo $row['email']."</br>";
                        echo $row['phone']."</br>";
                        if (isset($row['pict'])) {
-                            echo "<script>document.getElementById('profile_pict').src ='getProfilePict.php?username=".$username."'</script>";
+                            echo "<script>document.getElementById('profile_pict').src ='getProfilePict.php?id=".$user_id."'</script>";
                        }
-                    }
-                }
-                mysqli_close($con);
-            ?>
+                    ?>
+                </div>
+            </div>
        </div>
    </div>
 </body>

--- a/profile_page/update_profile.php
+++ b/profile_page/update_profile.php
@@ -2,8 +2,8 @@
    session_start();
    if ($_SERVER["REQUEST_METHOD"] == "POST") {
        include '../database/dbconnect.php';
-        if (isset($_FILES) && ($_FILES['profile_pictfile']['size'] > 0) && !empty($_POST['edit_name']) && !empty($_POST['edit_phone'])) {
-            $username = $_SESSION['user'];
+        if (isset($_FILES) && ($_FILES['profile_pictfile']['size'] > 0) && !empty($_POST['edit_name']) && !empty($_POST['edit_phone']) && !empty($_POST['hidden_userid'])) {
+            $user_id = $_POST['hidden_userid'];
            $new_name = $_POST['edit_name'];
            $new_phone = $_POST['edit_phone'];
            if(isset($_POST['is_driver']))
@@ -42,11 +42,11 @@
                {
                    $fileName = addslashes($fileName);
                }
-                $query=mysqli_query($con,"UPDATE user set name='".$new_name."',phone='".$new_phone."',status='".$status."',pict='".$content."'WHERE username='".$username."'") or die(mysqli_error());
+                $query=mysqli_query($con,"UPDATE user set name='".$new_name."',phone='".$new_phone."',status='".$status."',pict='".$content."'WHERE user_id='".$user_id."'") or die(mysqli_error());
            }
            if($query)
            {
-                header("Location: profile.php?id=$user_id%26&username=$username");
+                header("Location: profile.php?id=$user_id");
            }
            mysqli_close($con);
        }

--- a/template/header.php
+++ b/template/header.php
@@ -4,7 +4,7 @@
            <p>"An ojek for anything you need"</p></br>
            </div>
            <div class="greeting">
-                <p>Hello, '.'"'.$_GET['username'].'"'.'</p>
-                <p><a href="../login/logout.php">Logout</a></p>
+                <p>Hello,'.'"'.$username.'!"</p>
+                <p><a href="../login/logout.php">Logout </a></p>
            </div>';
 ?>