File: /home/durgeshpandey215/public_html/zeeroprice.skilladders.com/editprofile.php
<? require "application_top.php";
if(isset($_SESSION['token']) && isset($_POST['token']) && ($_POST['token']==$_SESSION['token'])){
$fullname = ucwords($_REQUEST['fullname']);
$emailid = $_REQUEST['emailid'];
$mobno = $_REQUEST['mobileno'];
if($mobno < 7000000000){
$_SESSION['msg'] = "Please enter valid mobile number";
header('location:'.$_SERVER["HTTP_REFERER"]);exit;
}
$db->where('userid',$_SESSION['useridsess'],'!=');
$db->where('mobno',$mobno);
$rowu = $db->getOne('register');
if(!$rowu){ //register user in db
$dbdataArr = array(
'fullname'=>$fullname,
'emailid'=>$emailid,
'mobno'=>$mobno
);
//-----------------UPLOAD PIC DATA-----------------------
for($i=1;$i<=1;$i++){
${'inputpic'.$i} = (isset($_REQUEST['inputpic'.$i])&&($_REQUEST['inputpic'.$i]))? $_REQUEST['inputpic'.$i] : "";
if(${'inputpic'.$i}){
$extension = pathinfo($_REQUEST['filename'.$i], PATHINFO_EXTENSION);
${'filename'.$i} = date('dmHis').rand(100,999).".".$extension;
if (strpos(${'inputpic'.$i}, 'data:image/jpeg;base64,') === 0) {
${'inputpic'.$i} = str_replace('data:image/jpeg;base64,', '', ${'inputpic'.$i});
}
if (strpos(${'inputpic'.$i}, 'data:image/png;base64,') === 0) {
${'inputpic'.$i} = str_replace('data:image/png;base64,', '', ${'inputpic'.$i});
}
if (strpos(${'inputpic'.$i}, 'data:image/bmp;base64,') === 0) {
${'inputpic'.$i} = str_replace('data:image/bmp;base64,', '', ${'inputpic'.$i});
}
${'inputpic'.$i} = str_replace(' ', '+', ${'inputpic'.$i});
$data = base64_decode(${'inputpic'.$i});
$file = 'images/users/'.${'filename'.$i};
if (file_put_contents($file, $data)){
//update db table
$dbdataArr['pic'.$i] = ${'filename'.$i};
}
}
}
//----------------------------------------
if(isset($dbdataArr['pic1'])){ $_SESSION['dpsess'] = $dbdataArr['pic1']; }
$db->where('userid',$_SESSION['useridsess']);
$db->update('register',$dbdataArr);
$userid = $db->getInsertId();
$messagetosent ="
Dear ".$fullname." <br/>
Your Profile has been successfully edited <br/>
From IP: ".$_SERVER['REMOTE_ADDR']."
<br/>
<br/>
Thank You!<br/>
Team<br/>
".HTTP_SERVER."
<br/><br/>
</td>
</tr>
</table>";
$subjecttosend = "Profile edited";
$sendtoname = $fullname;
$successmesage = "";
if(($_SERVER['SERVER_NAME'] != "localhost") && $emailid){
sendemail($emailid,$subjecttosend,$messagetosent,$sendtoname,$successmesage);
}
$_SESSION['msg']="Your profile updated successfully";
}else{
$_SESSION['msg'] = "Mobile number already exists.";
}
header("Location:".$_SERVER['HTTP_REFERER']);
exit;
}
//form token below
$token = md5(uniqid(rand(), true));
$_SESSION['token'] = $token;
$db->where("userid",$_SESSION['useridsess']);
$rowcust = $db->getOne('register');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta charset="utf-8">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title></title>
<? require "scripts.php";?>
</head>
<body>
<? $pagename = "register"; require "header.php";?>
<h1>Edit Profile</h1>
<br/>
<div class="w3-card w3-white">
<div class="w3-black w3-container w3-padding">Edit Your Profile</div>
<form action="<?=$_SERVER['PHP_SELF'];?>" method="post" id="commonform" enctype="multipart/form-data">
<div class="w3-row w3-padding">
<div class="w3-col m6">
<!--following 2 lines prevent chrome to autofil saved username n password -->
<input style="display:none">
<input type="password" style="display:none">
<center>
Your Display Pic
<br/>
<script type="text/javascript">
$(function() {
<? for($i=1;$i<=3;$i++){?>
$("#pic<?=$i;?>").on("change", function()
{
var files = !!this.files ? this.files : [];
if (!files.length || !window.FileReader){ // no file selected, or no FileReader support
//imgDiv1
return;
}
if (/^image/.test( files[0].type)){ // only image file
var reader = new FileReader(); // instance of the FileReader
reader.file = files[0];
reader.onload = function(readerEvent) {
var file = this.file;
var image = new Image();
image.onload = function(imageEvent) {
var max_size = 500;
var w = image.width;
var h = image.height;
if (w > h) { if (w > max_size) { h*=max_size/w; w=max_size; }
} else { if (h > max_size) { w*=max_size/h; h=max_size; } }
var canvas = document.createElement('canvas');
canvas.width = w;
canvas.height = h;
canvas.getContext('2d').drawImage(image, 0, 0, w, h);
if (file.type == "image/jpeg") {
var dataURL = canvas.toDataURL("image/jpeg", 1.0);
} else {
var dataURL = canvas.toDataURL("image/png");
}
//document.getElementById('inp_img'+id).value = dataURL;
$("#imgpic<?=$i;?>").attr("src", dataURL);
$("#inputpic<?=$i;?>").val(dataURL);
}
image.src = readerEvent.target.result;
}
reader.readAsDataURL(files[0]); // read the local file
reader.onloadend = function(){ // set image data as background of div
$("#filename<?=$i;?>").val(files[0].name);
//$("#inputpic<?=$i;?>").trigger('change');//onchange sending to ajax submit using class 'picdata'
$("#fileinputDiv<?=$i;?>").hide();
$("#imgDiv<?=$i;?>").show();
}
}
});
<? } ?>
});
function showhideDelete(showid,hideid,extraid,dbid){
$('#'+hideid).hide();
$('#pic'+extraid).val('');
$('#'+showid).show();
$('#inputpic'+extraid).val('');
if(dbid){
var callurl = $('#HTTP_SERVER').val()+"ajax_delpicDP.php?id="+extraid+"&dbid="+dbid;
$.ajax({url: callurl, success:function(result){
//alert(result);
}});
}
}
</script>
<?
for($i=1;$i<=1;$i++){
if(isset($rowcust['pic'.$i]) && $rowcust['pic'.$i]){
$srurl = HTTP_SERVER."images/users/".$rowcust['pic'.$i];
}else{
$srurl = ""; }
?>
<div id="imgDiv<?=$i;?>" class="imguploderDiv" style="display:<?=($srurl)? "":"none";?>;">
<img src="<?=$srurl;?>" id="imgpic<?=$i;?>"/>
<input type="hidden" name="inputpic<?=$i;?>" id="inputpic<?=$i;?>" class="picdata"/>
<input type="hidden" name="filename<?=$i;?>" id="filename<?=$i;?>"/>
<input type="hidden" name="picnum" id="picnum" class="picnum" value="<?=$i;?>"/>
<span onclick="showhideDelete('fileinputDiv<?=$i;?>','imgDiv<?=$i;?>','<?=$i;?>','<?=encode($rowcust['userid']);?>')">DELETE X</span>
</div>
<div id="fileinputDiv<?=$i;?>" class="imguploderDiv" style="background-image:url('<?=HTTP_SERVER;?>images/upload-photo.png');display:<?=($srurl)? "none":"";?>;">
<input id="pic<?=$i;?>" name="pic<?=$i;?>" type="file" class="img" />
<span>PHOTO <?=$i;?></span>
</div>
<? } ?>
</center>
<br/>
</div>
<div class="w3-col m6">
<br/>
Mobile No.* :
<input type="number" value="<?=$rowcust['mobno'];?>" name="mobileno" id="mobileno" class="w3-input number masterTooltip" title="Enter your 10 digits mobile number." placeholder="10 digits Mobile number" maxlength="10" autocomplete="off" required/><div id="mobnoDiv"></div>
Full Name* :<br/>
<input type="text" value="<?=$rowcust['fullname'];?>" name="fullname" id="fullname" placeholder="Full Name" maxlength="40" class="w3-input" required/></td>
Emailid :<br/>
<input type="text" value="<?=$rowcust['emailid'];?>" name="emailid" class="w3-input email" id="email" placeholder="Email id"/>
<br/>
<input type="hidden" name="token" value="<?=$token?>"/>
<input type="hidden" name="id" value="<?=encode($rowcust['userid']);?>"/>
<input type="submit" class="w3-btn w3-pink" id="submitbutton" value="Submit"/>
<br/><br/>
</div>
</div>
</form>
</div>
<br/><br/>
<? include "footer.php";?>
</body>
</html>