From 68d630ebadff3921519e5526adf529f3cbe94e01 Mon Sep 17 00:00:00 2001
From: freedomfeather <fadlurohmanakmal@rocketmail.com>
Date: Tue, 3 Oct 2017 23:20:17 +0700
Subject: [PATCH] Menambahkan fungsionalitas upload profile picture dan
memperbaiki header dan link
---
css/default_style.css | 1 -
login/login.php | 15 +++++----
login/logout.php | 3 --
login/sign_up.html | 6 ----
login/sign_up.php | 10 +++---
profile_page/edit_profile.php | 34 +++++++++++++++-----
profile_page/getProfilePict.php | 11 +++++++
profile_page/pencil.png | Bin 2718 -> 0 bytes
profile_page/profile.php | 14 ++++-----
profile_page/update_profile.php | 54 ++++++++++++++++++++++++++++++++
template/header.php | 2 +-
11 files changed, 112 insertions(+), 38 deletions(-)
create mode 100644 profile_page/getProfilePict.php
delete mode 100644 profile_page/pencil.png
create mode 100644 profile_page/update_profile.php
diff --git a/css/default_style.css b/css/default_style.css
index f19d8ffc..b191c07d 100755
--- a/css/default_style.css
+++ b/css/default_style.css
@@ -28,7 +28,6 @@ body {
border: 1px solid rgb(250, 250, 250);
border-radius: 20px;
text-shadow:none;
-
}
input{
width: 90%;
diff --git a/login/login.php b/login/login.php
index 595bfe03..8a6b420c 100755
--- a/login/login.php
+++ b/login/login.php
@@ -1,11 +1,10 @@
<?php
- session_start();
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (!empty($_POST['user_name']) && !empty($_POST['user_password'])) {
include '../database/dbconnect.php';
- $user = $_POST['user_name'];
- $pass = $_POST['user_password'];
- $query=mysql_query("SELECT * FROM user WHERE username='".$user."' AND password='".$pass."'") or die(mysql_error());
+ $username = $_POST['user_name'];
+ $password = $_POST['user_password'];
+ $query = mysql_query("SELECT * FROM user WHERE username='".$username."' AND password='".$password."'") or die(mysql_error());
$numrows=mysql_num_rows($query);
if($numrows!=0)
@@ -14,12 +13,12 @@
{
$dbusername=$row['username'];
$dbpassword=$row['password'];
+ $user_id=$row['user_id'];
}
-
- if($user == $dbusername && $pass == $dbpassword)
+ //echo $user_id;
+ if($username == $dbusername && $password == $dbpassword)
{
- $_SESSION['user'] = $user;
- header("Location: ../order/order.php");
+ header("Location: ../profile_page/profile.php?id=$user_id%26&username=$username");
}
} else {
include("login.html");
diff --git a/login/logout.php b/login/logout.php
index da7dd4cf..3f550200 100644
--- a/login/logout.php
+++ b/login/logout.php
@@ -1,6 +1,3 @@
<?php
- session_start();
- session_unset();
- session_destroy();
header("Location: ../login/login.html");
?>
diff --git a/login/sign_up.html b/login/sign_up.html
index cdc13cec..9a2f648b 100755
--- a/login/sign_up.html
+++ b/login/sign_up.html
@@ -42,12 +42,6 @@
return false;
}
}
- function driver_signup()
- {
- document.getElementById("driversign_status").innerHTML= "Signed as driver";
- document.getElementById("signAs_driver").style.display = "none";
- document.sign_up.is_driver.value = "Yes";
- }
function checkAvailability(name,value)
{
xhttp = new XMLHttpRequest();
diff --git a/login/sign_up.php b/login/sign_up.php
index 2ac634cc..f8e287cd 100644
--- a/login/sign_up.php
+++ b/login/sign_up.php
@@ -1,5 +1,4 @@
<?php
- session_start();
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (!empty($_POST['full_name']) &&
!empty($_POST['username']) &&
@@ -8,7 +7,6 @@
!empty($_POST['confirm_password']) &&
!empty($_POST['user_phone']))
{
- session_start();
include '../database/dbconnect.php';
$fullname = $_POST['full_name'];
$username = $_POST['username'];
@@ -28,11 +26,13 @@
$query = mysql_query("INSERT INTO user (name,email,phone,username,password,status,pict) VALUES ('$fullname', '$email', '$phone', '$username', '$password', '$status',DEFAULT)") or die(mysql_error());
if($query)
{
- $_SESSION['user'] = $username;
+ $getUserID = mysql_query("SELECT user_id FROM user WHERE username='".$username."'") or die(mysql_error());
+ $row=mysql_fetch_assoc($getUserID);
+ $user_id=$row['id'];
if ($status == "customer") {
- header("Location: ../order/order.php");
+ header("Location: ../order/order.php?id=?$user_id&username=$username");
} else {
- header("Location: ../profile_page/profile.php");
+ header("Location: ../profile_page/profile.php?id=?$user_id%26&username=$username");
}
}
mysql_close();
diff --git a/profile_page/edit_profile.php b/profile_page/edit_profile.php
index 15a673dd..203a9409 100755
--- a/profile_page/edit_profile.php
+++ b/profile_page/edit_profile.php
@@ -1,4 +1,3 @@
-<?php //if (!isset($_SESSION['user'])) die("<br /><br />You must be logged in to view this page");?>
<html>
<head>
<title>U Wanna Call Me Beibh?</title>
@@ -17,17 +16,17 @@
</div>
<h1>Edit Profile</h1>
<div class="edit_profile_frame">
- <form name="edit_identity" method="POST" action="" >
+ <form name="edit_identity" method="POST" action="update_profile.php" enctype="multipart/form-data">
<div>
<div style="display: inline-block; position: relative; margin-left: 20px; height: 100px; width: 300px;">
<div class="edit_image_frame">
- <img id="edit_profile_pict" src="default_profile.jpeg">
+ <img id="edit_profile_pict" src="../img/default_profile.jpeg">
</div>
<div class="select_pict">
<input id="file_name" type="text" readonly="readonly">
</div>
<div class="browse_file">
- <input type="file" class="upload_file" onchange="showFileName(this);">
+ <input type="file" name="profile_pictfile" class="upload_file" onchange="showFileName(this);">
</div>
</div>
<div style="display: inline; position: relative; margin-left: 20px; top: 20px;">
@@ -44,14 +43,14 @@
</div>
<div style="display: inline-block; position: absolute; height: 100px; width: 250px;">
<div style="height: 30px; margin-left: 10px;">
- <input name="edit_name" type="text" placeholder="New name" style="height: 20px; width: 260px;">
+ <input id="current_name" name="edit_name" type="text" style="height: 20px; width: 260px;">
</div>
<div style="height: 30px; margin-left: 10px;">
- <input name="edit_phone" type="text" placeholder="New email" style="height: 20px; width: 260px;">
+ <input id="current_phone" name="edit_phone" type="text" style="height: 20px; width: 260px;">
</div>
<div style="height: 30px; margin-left: 10px;">
<label class="switch" style="float: right;">
- <input type="checkbox" value="Yes">
+ <input type="checkbox" name="is_driver" value="true">
<span class="slider round"></span>
</label>
</div>
@@ -65,6 +64,27 @@
</form>
</div>
</div>
+ <?php
+ include '../database/dbconnect.php';
+
+ $username = $_GET['username'];
+ $user_id = $_GET['id'];
+ $query=mysql_query("SELECT * FROM user WHERE username='".$username."'") or die(mysql_error());
+
+ $numrows=mysql_num_rows($query);
+ if($numrows!=0)
+ {
+ while($row=mysql_fetch_assoc($query))
+ {
+ echo "<script>document.getElementById('current_name').value = '".$row['name']."'</script>";
+ echo "<script>document.getElementById('current_phone').value = '".$row['phone']."'</script>";
+ if (isset($row['pict'])) {
+ echo "<script>document.getElementById('edit_profile_pict').src ='getProfilePict.php?username=".$username."'</script>";
+ }
+ }
+ }
+ mysql_close();
+ ?>
<script>
function showFileName(inputFile) {
var arrTemp = inputFile.value.split('\\');
diff --git a/profile_page/getProfilePict.php b/profile_page/getProfilePict.php
new file mode 100644
index 00000000..42ec84f7
--- /dev/null
+++ b/profile_page/getProfilePict.php
@@ -0,0 +1,11 @@
+<?php
+ $user = $_GET['username'];
+ include '../database/dbconnect.php';
+ $query=mysql_query("SELECT pict FROM user WHERE username='".$user."'") or die(mysql_error());
+ $row=mysql_fetch_assoc($query);
+ mysql_close();
+ if (isset($row['pict'])) {
+ header("Content-type: image/jpeg");
+ echo $row['pict'];
+ }
+?>
diff --git a/profile_page/pencil.png b/profile_page/pencil.png
deleted file mode 100644
index 617ae6a6e0d0cadcd56883374a00bdf5149044da..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001
literal 2718
zcmeHI`BPI@6h1Ku4u}C4EQ*L2AZ!{5gHf!4pb$hbC{_)jEXJq=Ft%<`2Wr&{Ve3m!
zQldfJ>qZj|gM!2wz(fQK2nK>$j8Y|vM4FfZvF|<o3!L^h-^`o2bG~!WIp5iC?&|1p
zJDce?0AR<62#W<6vl)QUG~No8WQT5&0@!dEVIgbxNM7~S3D`TQHx82K+?kR*fBjfN
zy<3T%R5_kC)<=+-bS*pQ)Otm+-yy%Tf?~}wU)8eM)AqK%k9SNi`D2^b4aMvQmG#N9
zZEhtWu5aQr?&0nju<+|z%(_n7Xd2Bd>C?Tu*Cg)qKplViJ}U!@`ww;yfm(fmkq~8E
z*&hO6x>rK35-yH34(a%azKmRjI0u$ZghY}v+2X1ejx4#;F|$ah<Iy}oDVynGS=2(3
zaf_Zh-W~(K50a1!`99I5Li6sW{-8AG7x?q7fcoS4iYN&I@~JyTxirWjJkP_#l?SU&
zVq)GC>RH?5zCuj4J@-VGM&$&`0~?o%=|rG&JF{<2;R2)@UWR0&3U8b{kr9z8#G@Gi
zsc}Fhs}G@ilrYrL6gO08<A7?@_HI?CVrEo@$OugxPE7DYArD!eEUw+xy}8g@XAQx$
zmK9p0*FaXYh_8u|*f%#%=3cKQF%q1&&jJW~TSH;RN@|0ixB%=*ZlkawB|WpKOF?N+
z6v*6FS|LGBgr;p<M1HfI6P&0)p!986v0;F}i=)&52+O=RnFVqo*_yc73QF7CnH?#T
zubrtrpgi?FPxh$SV9HrY01w)3(La;8OQp5b09F~$JBQ_UcBOWZIO#^AOv5)>a>Quh
ze|l@Y8?^7=<wrsJFCENvUd>@na6hVqa>1TkF#)!m*(kb}Ph(m^04-2+oNUQd_50L|
zDMa{H?50WA51q_=T|kdHNFVmbv^V`mVZB(0n`mlhDq2${`y8;l{@;i$>74kl*^Szx
z4jc%cQyZ=o@jWz<v-!v*&Ki}Niys|1DZPe`SO9loPx7z|8g#9ACD{*;QYLdDc<Znu
zr*{HSwtkC?PaCqZx|bg~USa4YXK-&8Wn91UAjlf1CmvN8o@@8^z2mLI0%%JWU5ax0
z$jD4#EsQX3(OZ_Ij+$aCczLP0{!s43#NrtfhLN+e=b&^b!6FQRFTj7C5_+WZ%3*)3
zF76t%+N*OYlhLLiR78mgFb)T%xc;v|eu3;P!^N{Y^A^?wN~<%6Wp{fq@4Q3}g*6T9
zlf+Pxf12o6kvzt8u@vR+IFN}*X)zMCBXa!W3bBze9LvLdxHb--no6^`3Tqz6epmHf
z*2oWc=_o5@1v|#be%Xiv8B+sFo?>pY{z@91MVb2P9Aim2w^kspOW2WyTJ>$Xbdhu<
zl5e7`Q&TT{p*^|0S}M4GdI#n@kvUPgSpAH!#;^JE3e=G8(7HfdaU?&`RD(6_3n9-X
zpaf?kcpIv)Ejy08;IQvjDqqaU=5lox|Ip9TF?ifYmre0+hVVJ33`8Qre3Ddy19RiA
zzRLE(kLmG>S9NBLN$`R|t?6+p7Dc&FS^DsRA3o>D(iHE_ldz2a-Kyvwy?`^l9`Jp4
z_5=J@RReGMiX)D9Jxu!$hX=<F(gbvmvOemXk6z7{dEtQyw$Dqu&Ew%r9VQ|prKY67
zfaWDGJK6xI_CyT3&Ony{2nLy5jiu;rjxcUR2HKW1sGJ}e`@MQ6K)F5N3hpbJNZl1n
z=4pCXv3?dKLHgz<0W=%ZhL<M1tzE}AtwH9sY|i3zb&rE{{UeGGNBE|F2uWBYZsSw|
zWN~^FAJ`4rDsJbEMUD3eFr?4yux^Xzn^KT@NR6<K+YLbf&U0FL`&zz9D(}~o4lV(>
zZXSqti3`Q{{sP9MmBy}%ZA9=@UE`T%Tv^p?$X@u~bN}w-majnBQ7E@a=giBKcQZz7
z1W5!qVhB-Wt>dxLjYn-|MoY(KCFH+fpza}Oc<w!~J_TS~)n%%Cy{A<F6FDOQdozn9
zk4+y^kzq#qv!Uww=sTi!Ri7kF-K)j=%2)Kyda%D-`jmmm!*+wu4AI5h(Oyi#SRNgA
Jd0FEAe*wA3KIs4e
diff --git a/profile_page/profile.php b/profile_page/profile.php
index eaca70f4..8bb39a14 100755
--- a/profile_page/profile.php
+++ b/profile_page/profile.php
@@ -1,5 +1,6 @@
<?php
- session_start();
+ $username = $_GET['username'];
+ $user_id = $_GET['id'];
?>
<html>
<head>
@@ -11,14 +12,14 @@
<body>
<div class="frame" id="profile_frame">
<div class="header">
- <?php include '../template/header.php';?>
+ <?php include'../template/header.php';?>
</div>
<div class="menu">
- <?php include '../template/menu.php';?>
+ <?php include'../template/menu.php';?>
</div>
<div class="profile_subtitle">
<div class="profile_title"><h1>My Profile</h1></div>
- <div class="edit_profile_button"><a href="edit_profile.php">✎</a></div>
+ <div class="edit_profile_button"><a href=<?php echo 'edit_profile.php?id='.$user_id.'%26&username='.$username; ?>>✎</a></div>
</div>
<div class="myprofile">
<div class="image_frame">
@@ -27,8 +28,7 @@
<?php
include '../database/dbconnect.php';
- $user = $_SESSION['user'];
- $query=mysql_query("SELECT * FROM user WHERE username='".$user."'") or die(mysql_error());
+ $query=mysql_query("SELECT * FROM user WHERE username='".$username."'") or die(mysql_error());
$numrows=mysql_num_rows($query);
if($numrows!=0)
@@ -43,7 +43,7 @@
echo $row['email']."</br>";
echo $row['phone']."</br>";
if (isset($row['pict'])) {
- echo "<script>document.getElementById('profile_pict').src = '../img/default_profile.jpeg'</script>";
+ echo "<script>document.getElementById('profile_pict').src ='getProfilePict.php?username=".$username."'</script>";
}
}
}
diff --git a/profile_page/update_profile.php b/profile_page/update_profile.php
new file mode 100644
index 00000000..fa53b43a
--- /dev/null
+++ b/profile_page/update_profile.php
@@ -0,0 +1,54 @@
+<?php
+ session_start();
+ if ($_SERVER["REQUEST_METHOD"] == "POST") {
+ include '../database/dbconnect.php';
+ if (isset($_FILES) && ($_FILES['profile_pictfile']['size'] > 0) && !empty($_POST['edit_name']) && !empty($_POST['edit_phone'])) {
+ $username = $_SESSION['user'];
+ $new_name = $_POST['edit_name'];
+ $new_phone = $_POST['edit_phone'];
+ if(isset($_POST['is_driver']))
+ {
+ $status = 'driver';
+ }
+ else
+ {
+ $status = 'customer';
+ }
+
+ $checkImg = true;
+ $filePath = $_FILES['profile_pictfile']['tmp_name'];
+ $fileName = $_FILES['profile_pictfile']['name'];
+ $fileSize = $_FILES['profile_pictfile']['size'];
+ $fileType = $_FILES['profile_pictfile']['type'];
+ if ($_FILES['profile_pictgile']['error'] || !is_uploaded_file($filePath)) {
+ $checkImg = false;
+ echo "Error: Error in uploading file. Please try again.";
+ }
+ if ($checkImg && !in_array($fileType, array('image/png', 'image/x-png', 'image/jpeg', 'image/pjpeg', 'image/gif'))) {
+ $checkImg = false;
+ echo "Error: Unsupported file extension. Supported extensions are JPG / PNG.";
+ }
+ if ($checkImg && $fileSize > 16000000) {
+ $checkImg = false;
+ echo "Error: File size must be less than 16 MB.";
+ }
+ if ($checkImg) {
+ $fp = fopen($filePath, 'r');
+ $content = fread($fp, filesize($filePath));
+ $content = addslashes($content);
+ fclose($fp);
+
+ if(!get_magic_quotes_gpc())
+ {
+ $fileName = addslashes($fileName);
+ }
+ $query=mysql_query("UPDATE user set name='".$new_name."',phone='".$new_phone."',status='".$status."',pict='".$content."'WHERE username='".$username."'") or die(mysql_error());
+ }
+ if($query)
+ {
+ header("Location: profile.php");
+ }
+ mysql_close();
+ }
+ }
+?>
diff --git a/template/header.php b/template/header.php
index 57dfed50..048cb2fd 100644
--- a/template/header.php
+++ b/template/header.php
@@ -4,7 +4,7 @@
<p>"An ojek for anything you need"</p></br>
</div>
<div class="greeting">
- <p>Hello, '.'"'.$_SESSION['user'].'"'.'</p>
+ <p>Hello, '.'"'.$_GET['username'].'"'.'</p>
<p><a href="../login/logout.php">Logout</a></p>
</div>';
?>
--
GitLab