I created a profile page and a edit page, to edit the value of the profile page, like his name, surname, mail or even the password.
I have 2 issues, - one is that even if there is nothing in 'Nom' and 'Prénom' it still changes and then I have an empty string at the place of the inputs - and the second one is that it don't change the mail and password, no error are thrown but nothing change thank you for your help
<?php
if(!isset($_SESSION)){
session_start();
}
$bdd = new PDO('mysql:host=localhost;dbname=espace_membres', 'root', '');
//pour afficher les données
if(isset($_SESSION['id']))
{
$requser = $bdd->prepare("SELECT * FROM membres WHERE id = ?");
$requser->execute(array($_SESSION['id']));
$user = $requser->fetch();
//une fois qu'il clique sur bouton confirmer
if(isset($_POST['formParamProfil']))
{
$pwdconnect = sha1($_POST['pwdconnect']);
$requser = $bdd->prepare('SELECT * FROM membres WHERE motdepasse = ?');
$requser->execute(array($pwdconnect));
$userexist = $requser->rowCount();
if($userexist == 1)
{
if(isset($_POST['newnom']) AND !empty($_POST['newnom']) != $user['nom'])
{
$newnom = htmlspecialchars($_POST['newnom']);
$insertnom = $bdd->prepare("UPDATE membres SET nom = ? WHERE id = ?");
$insertnom->execute(array($newnom, $_SESSION['id']));
//header('Location: profil.php?id='.$_SESSION['id']);
} else {
$erreur = "nom erreur";
}
if(isset($_POST['newprenom']) AND !empty($_POST['newprenom']) != $user['prenom'])
{
$newprenom = htmlspecialchars($_POST['newprenom']);
$insertprenom = $bdd->prepare("UPDATE membres SET prenom = ? WHERE id = ?");
$insertprenom->execute(array($newprenom, $_SESSION['id']));
//header('Location: profil.php?id='.$_SESSION['id']);
} else {
$erreur = "prénom erreur";
}
if(isset($_POST['newmail']) AND !empty($_POST['newmail']) AND isset($_POST['newmail2']) AND !empty($_POST['newmail2']) != $user['mail'])
{
if(filter_var($mail, FILTER_VALIDATE_EMAIL)) {
$reqmail = $bdd->prepare("SELECT * FROM membres WHERE mail = ?");
$reqmail->execute(array($mail));
$mailexist = $reqmail->rowCount();
if($mailexist == 0)
{
$newmail = htmlspecialchars($_POST['newmail']);
$insertmail = $bdd->prepare("UPDATE membres SET mail = ? WHERE id = ?");
$insertmail->execute(array($newmail, $_SESSION['id']));
//header('Location: profil.php?id='.$_SESSION['id']);
}
} else {
$erreur = "L'adresse mail existe déjà";
}
}
if(isset($_POST['newmdp']) AND !empty($_POST['newmdp'] AND isset($_POST['newmdp2']) AND !empty($_POST['newmdp2'])) != $user['motdepasse'])
{
$mdp = sha1($_POST['newmdp']);
$mdp2 = sha1($_POST['newmdp2']);
if ($mdp == $mdp2) {
$insertmdp = $bdd->prepare("UPDATE membres SET motdepasse = ? WHERE id = ?");
$insertmdp->execute(array($newmdp, $_SESSION['id']));
header('Location: profil.php?id='.$_SESSION['id']);
} else {
$erreur = "Vos mots de passes ne correspondent pas";
}
}
if(isset($_FILES['avatar']) AND !empty($_FILES['avatar']['name']))
{
$tailleMax = 2097152;
$extensionsValide = array('jpg', 'jpeg', 'gif', 'png');
if($_FILES['avatar']['size'] <= $tailleMax) {
$extensionUpload = strtolower(substr(strrchr($_FILES['avatar']['name'], '.'), 1));
if(in_array($extensionUpload, $extensionsValide)) {
$chemin = "membres/avatars/".$_SESSION['id'].".".$extensionUpload;
$deplacement = move_uploaded_file($_FILES['avatar']['tmp_name'], $chemin);
if($resultat){
$updateavatar = $bdd->prepare("UPDATE membres SET avatar = :avatar WHERE id = :id");
$updateavatar->execute(array(
'avatar' => $_SESSION['id'].".".$extensionUpload,
'id' => $_SESSION['id']
));
header('Location: profil.php?id='.$_SESSION['id']);
} else {
$erreur = "Il y a eu une erreur lors de l'importation de votre photo de profil";
}
} else {
$erreur = "Votre photo de profil doit être aux formats suivants: jpg, jpeg, gif ou png";
}
} else {
$erreur = "Votre photo de profil ne peut dépasser 2Mo";
}
}
} else {
$erreur = "Mot de passe actuel non valide";
}
}
?>
Aucun commentaire:
Enregistrer un commentaire