diff --git a/css/default_style.css b/css/default_style.css
index f19d8ffca646ddcb4b3a65b5bf97141d2f5490bd..b191c07db3791b64e0c0fd6a764de0fb632401bf 100755
--- a/css/default_style.css
+++ b/css/default_style.css
@@ -28,7 +28,6 @@ body {
border: 1px solid rgb(250, 250, 250);
border-radius: 20px;
text-shadow:none;
-
}
input{
width: 90%;
diff --git a/login/login.php b/login/login.php
index 595bfe03d17dc467ad158ec1d4f7c6873a463c80..8a6b420cb9d834848c37473ee2973112ea9854c8 100755
--- a/login/login.php
+++ b/login/login.php
@@ -1,11 +1,10 @@
<?php
- session_start();
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (!empty($_POST['user_name']) && !empty($_POST['user_password'])) {
include '../database/dbconnect.php';
- $user = $_POST['user_name'];
- $pass = $_POST['user_password'];
- $query=mysql_query("SELECT * FROM user WHERE username='".$user."' AND password='".$pass."'") or die(mysql_error());
+ $username = $_POST['user_name'];
+ $password = $_POST['user_password'];
+ $query = mysql_query("SELECT * FROM user WHERE username='".$username."' AND password='".$password."'") or die(mysql_error());
$numrows=mysql_num_rows($query);
if($numrows!=0)
@@ -14,12 +13,12 @@
{
$dbusername=$row['username'];
$dbpassword=$row['password'];
+ $user_id=$row['user_id'];
}
-
- if($user == $dbusername && $pass == $dbpassword)
+ //echo $user_id;
+ if($username == $dbusername && $password == $dbpassword)
{
- $_SESSION['user'] = $user;
- header("Location: ../order/order.php");
+ header("Location: ../profile_page/profile.php?id=$user_id%26&username=$username");
}
} else {
include("login.html");
diff --git a/login/logout.php b/login/logout.php
index da7dd4cfa2c5ad8c3aa1f51ef99abc13adef9a73..3f5502008b65a541a2dc4b80dd8fd02e180bdc3f 100644
--- a/login/logout.php
+++ b/login/logout.php
@@ -1,6 +1,3 @@
<?php
- session_start();
- session_unset();
- session_destroy();
header("Location: ../login/login.html");
?>
diff --git a/login/sign_up.html b/login/sign_up.html
index cdc13cecdf026a4e4abe929116a61fbd6483d38a..9a2f648b756a6d2f03db0d5f2a2f9df851e7b8a7 100755
--- a/login/sign_up.html
+++ b/login/sign_up.html
@@ -42,12 +42,6 @@
return false;
}
}
- function driver_signup()
- {
- document.getElementById("driversign_status").innerHTML= "Signed as driver";
- document.getElementById("signAs_driver").style.display = "none";
- document.sign_up.is_driver.value = "Yes";
- }
function checkAvailability(name,value)
{
xhttp = new XMLHttpRequest();
diff --git a/login/sign_up.php b/login/sign_up.php
index 2ac634cc9c28cdde376a68464b5df7ea955c9ed3..f8e287cd76c6ffc280fe04aa173677d37d82ee41 100644
--- a/login/sign_up.php
+++ b/login/sign_up.php
@@ -1,5 +1,4 @@
<?php
- session_start();
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (!empty($_POST['full_name']) &&
!empty($_POST['username']) &&
@@ -8,7 +7,6 @@
!empty($_POST['confirm_password']) &&
!empty($_POST['user_phone']))
{
- session_start();
include '../database/dbconnect.php';
$fullname = $_POST['full_name'];
$username = $_POST['username'];
@@ -28,11 +26,13 @@
$query = mysql_query("INSERT INTO user (name,email,phone,username,password,status,pict) VALUES ('$fullname', '$email', '$phone', '$username', '$password', '$status',DEFAULT)") or die(mysql_error());
if($query)
{
- $_SESSION['user'] = $username;
+ $getUserID = mysql_query("SELECT user_id FROM user WHERE username='".$username."'") or die(mysql_error());
+ $row=mysql_fetch_assoc($getUserID);
+ $user_id=$row['id'];
if ($status == "customer") {
- header("Location: ../order/order.php");
+ header("Location: ../order/order.php?id=?$user_id&username=$username");
} else {
- header("Location: ../profile_page/profile.php");
+ header("Location: ../profile_page/profile.php?id=?$user_id%26&username=$username");
}
}
mysql_close();
diff --git a/profile_page/edit_profile.php b/profile_page/edit_profile.php
index 15a673dd3220097da8f83371bfd745095fa29390..203a9409f36f70869fd0c43110ced1b683747b95 100755
--- a/profile_page/edit_profile.php
+++ b/profile_page/edit_profile.php
@@ -1,4 +1,3 @@
-<?php //if (!isset($_SESSION['user'])) die("<br /><br />You must be logged in to view this page");?>
<html>
<head>
<title>U Wanna Call Me Beibh?</title>
@@ -17,17 +16,17 @@
</div>
<h1>Edit Profile</h1>
<div class="edit_profile_frame">
- <form name="edit_identity" method="POST" action="" >
+ <form name="edit_identity" method="POST" action="update_profile.php" enctype="multipart/form-data">
<div>
<div style="display: inline-block; position: relative; margin-left: 20px; height: 100px; width: 300px;">
<div class="edit_image_frame">
- <img id="edit_profile_pict" src="default_profile.jpeg">
+ <img id="edit_profile_pict" src="../img/default_profile.jpeg">
</div>
<div class="select_pict">
<input id="file_name" type="text" readonly="readonly">
</div>
<div class="browse_file">
- <input type="file" class="upload_file" onchange="showFileName(this);">
+ <input type="file" name="profile_pictfile" class="upload_file" onchange="showFileName(this);">
</div>
</div>
<div style="display: inline; position: relative; margin-left: 20px; top: 20px;">
@@ -44,14 +43,14 @@
</div>
<div style="display: inline-block; position: absolute; height: 100px; width: 250px;">
<div style="height: 30px; margin-left: 10px;">
- <input name="edit_name" type="text" placeholder="New name" style="height: 20px; width: 260px;">
+ <input id="current_name" name="edit_name" type="text" style="height: 20px; width: 260px;">
</div>
<div style="height: 30px; margin-left: 10px;">
- <input name="edit_phone" type="text" placeholder="New email" style="height: 20px; width: 260px;">
+ <input id="current_phone" name="edit_phone" type="text" style="height: 20px; width: 260px;">
</div>
<div style="height: 30px; margin-left: 10px;">
<label class="switch" style="float: right;">
- <input type="checkbox" value="Yes">
+ <input type="checkbox" name="is_driver" value="true">
<span class="slider round"></span>
</label>
</div>
@@ -65,6 +64,27 @@
</form>
</div>
</div>
+ <?php
+ include '../database/dbconnect.php';
+
+ $username = $_GET['username'];
+ $user_id = $_GET['id'];
+ $query=mysql_query("SELECT * FROM user WHERE username='".$username."'") or die(mysql_error());
+
+ $numrows=mysql_num_rows($query);
+ if($numrows!=0)
+ {
+ while($row=mysql_fetch_assoc($query))
+ {
+ echo "<script>document.getElementById('current_name').value = '".$row['name']."'</script>";
+ echo "<script>document.getElementById('current_phone').value = '".$row['phone']."'</script>";
+ if (isset($row['pict'])) {
+ echo "<script>document.getElementById('edit_profile_pict').src ='getProfilePict.php?username=".$username."'</script>";
+ }
+ }
+ }
+ mysql_close();
+ ?>
<script>
function showFileName(inputFile) {
var arrTemp = inputFile.value.split('\\');
diff --git a/profile_page/getProfilePict.php b/profile_page/getProfilePict.php
new file mode 100644
index 0000000000000000000000000000000000000000..42ec84f7815a2beb341487811bc41bdb1ff9ee3f
--- /dev/null
+++ b/profile_page/getProfilePict.php
@@ -0,0 +1,11 @@
+<?php
+ $user = $_GET['username'];
+ include '../database/dbconnect.php';
+ $query=mysql_query("SELECT pict FROM user WHERE username='".$user."'") or die(mysql_error());
+ $row=mysql_fetch_assoc($query);
+ mysql_close();
+ if (isset($row['pict'])) {
+ header("Content-type: image/jpeg");
+ echo $row['pict'];
+ }
+?>
diff --git a/profile_page/pencil.png b/profile_page/pencil.png
deleted file mode 100644
index 617ae6a6e0d0cadcd56883374a00bdf5149044da..0000000000000000000000000000000000000000
Binary files a/profile_page/pencil.png and /dev/null differ
diff --git a/profile_page/profile.php b/profile_page/profile.php
index eaca70f42d70fe4be19674e66093d6c760762d89..8bb39a1485d8b093c4092f8a94da7e9c41e8bb01 100755
--- a/profile_page/profile.php
+++ b/profile_page/profile.php
@@ -1,5 +1,6 @@
<?php
- session_start();
+ $username = $_GET['username'];
+ $user_id = $_GET['id'];
?>
<html>
<head>
@@ -11,14 +12,14 @@
<body>
<div class="frame" id="profile_frame">
<div class="header">
- <?php include '../template/header.php';?>
+ <?php include'../template/header.php';?>
</div>
<div class="menu">
- <?php include '../template/menu.php';?>
+ <?php include'../template/menu.php';?>
</div>
<div class="profile_subtitle">
<div class="profile_title"><h1>My Profile</h1></div>
- <div class="edit_profile_button"><a href="edit_profile.php">✎</a></div>
+ <div class="edit_profile_button"><a href=<?php echo 'edit_profile.php?id='.$user_id.'%26&username='.$username; ?>>✎</a></div>
</div>
<div class="myprofile">
<div class="image_frame">
@@ -27,8 +28,7 @@
<?php
include '../database/dbconnect.php';
- $user = $_SESSION['user'];
- $query=mysql_query("SELECT * FROM user WHERE username='".$user."'") or die(mysql_error());
+ $query=mysql_query("SELECT * FROM user WHERE username='".$username."'") or die(mysql_error());
$numrows=mysql_num_rows($query);
if($numrows!=0)
@@ -43,7 +43,7 @@
echo $row['email']."</br>";
echo $row['phone']."</br>";
if (isset($row['pict'])) {
- echo "<script>document.getElementById('profile_pict').src = '../img/default_profile.jpeg'</script>";
+ echo "<script>document.getElementById('profile_pict').src ='getProfilePict.php?username=".$username."'</script>";
}
}
}
diff --git a/profile_page/update_profile.php b/profile_page/update_profile.php
new file mode 100644
index 0000000000000000000000000000000000000000..fa53b43a99ea6c7681eb8a27760a3ae9c6011b55
--- /dev/null
+++ b/profile_page/update_profile.php
@@ -0,0 +1,54 @@
+<?php
+ session_start();
+ if ($_SERVER["REQUEST_METHOD"] == "POST") {
+ include '../database/dbconnect.php';
+ if (isset($_FILES) && ($_FILES['profile_pictfile']['size'] > 0) && !empty($_POST['edit_name']) && !empty($_POST['edit_phone'])) {
+ $username = $_SESSION['user'];
+ $new_name = $_POST['edit_name'];
+ $new_phone = $_POST['edit_phone'];
+ if(isset($_POST['is_driver']))
+ {
+ $status = 'driver';
+ }
+ else
+ {
+ $status = 'customer';
+ }
+
+ $checkImg = true;
+ $filePath = $_FILES['profile_pictfile']['tmp_name'];
+ $fileName = $_FILES['profile_pictfile']['name'];
+ $fileSize = $_FILES['profile_pictfile']['size'];
+ $fileType = $_FILES['profile_pictfile']['type'];
+ if ($_FILES['profile_pictgile']['error'] || !is_uploaded_file($filePath)) {
+ $checkImg = false;
+ echo "Error: Error in uploading file. Please try again.";
+ }
+ if ($checkImg && !in_array($fileType, array('image/png', 'image/x-png', 'image/jpeg', 'image/pjpeg', 'image/gif'))) {
+ $checkImg = false;
+ echo "Error: Unsupported file extension. Supported extensions are JPG / PNG.";
+ }
+ if ($checkImg && $fileSize > 16000000) {
+ $checkImg = false;
+ echo "Error: File size must be less than 16 MB.";
+ }
+ if ($checkImg) {
+ $fp = fopen($filePath, 'r');
+ $content = fread($fp, filesize($filePath));
+ $content = addslashes($content);
+ fclose($fp);
+
+ if(!get_magic_quotes_gpc())
+ {
+ $fileName = addslashes($fileName);
+ }
+ $query=mysql_query("UPDATE user set name='".$new_name."',phone='".$new_phone."',status='".$status."',pict='".$content."'WHERE username='".$username."'") or die(mysql_error());
+ }
+ if($query)
+ {
+ header("Location: profile.php");
+ }
+ mysql_close();
+ }
+ }
+?>
diff --git a/template/header.php b/template/header.php
index 57dfed508b1e5fd93e81de2382affb46b8f274f8..048cb2fd654f7240aacaf7a6ce7069c6979e5338 100644
--- a/template/header.php
+++ b/template/header.php
@@ -4,7 +4,7 @@
<p>"An ojek for anything you need"</p></br>
</div>
<div class="greeting">
- <p>Hello, '.'"'.$_SESSION['user'].'"'.'</p>
+ <p>Hello, '.'"'.$_GET['username'].'"'.'</p>
<p><a href="../login/logout.php">Logout</a></p>
</div>';
?>