<?php ini_set('display_errors', 'On'); error_reporting(E_ALL); $time = microtime(); $time = explode(' ', $time); $time = $time[1] + $time[0]; $start = $time; session_start(); define("DB_HOST","mysql117.loopia.se"); define("DB_USER","normal@i103189"); define("DB_PASS","KungMicke87"); define("DB_NAME","indiehjaerta_com"); ?> <html> <head> <meta http-equiv="Content-Type" content="text/html;charset=UTF-8" /> <title>indiehjaerta.com - Profile</title> <link href="style_test.css" rel="stylesheet" type="text/css" /> </head> <body> <a href="login.php">Login<a/> - <a href="admin.php">Admin<a/> - <a href="members.php">Members<a/> - <a href="register.php">Register<a/> - <a href="blog.php">Blog<a/> - <a href="news.php">News<a/> - <a href="event.php">Event<a/> - <a href="forum.php">Forum<a/> - <a href="profile.php">Profile<a/> - <a href="logout.php">Logout<a/> <br /> <br /> <?php if (isset($_GET['action'])) { if ($_GET['action'] == 'edit') { if (isset($_GET['id'])) { // Connect to MySQLi $sqli = mysqli_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME) or die(mysqli_errno()); // Check connection if (mysqli_connect_errno()) { echo "Failed to connect to MySQL: " . mysqli_connect_error(); } $id = $_GET['id']; $query = mysqli_query($sqli, "SELECT * FROM members WHERE id='$id'") or die("Error: ".mysqli_error($sqli)); $checkuser = mysqli_num_rows($query); // Check if user exists if($checkuser != 1) { // Username not exist echo '<span class="text">Username does not exist in the database!</span><br />'; } else { while ($row = mysqli_fetch_array($query)) { ?> <table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC"> <tr> <form method="post" action=""> <td> <table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF"> <tr> <td colspan="3"><strong>Profile Edit</strong></td> </tr> <tr> <td colspan="3"><?php if(isset($message)) { echo $message; } ?></td> </tr> <tr> <td width="78">Username</td> <td width="6">:</td> <td width="294"><input name="username" type="text" id="username" value="<?php echo $row['username'] ?>" readonly="readonly"></td> </tr> <tr> <td width="78">E-mail</td> <td width="6">:</td> <td width="294"><input name="email" type="text" id="email" value="<?php echo $row['email'] ?>" readonly="readonly"></td> </tr> <tr> <td width="78">New Password</td> <td width="6">:</td> <td width="294"><input name="password" type="text" id="password"></td> </tr> <tr> <td width="78">New Password Repeat</td> <td width="6">:</td> <td width="294"><input name="passwordrepeat" type="text" id="passwordrepeat"></td> </tr> <tr> <td colspan="3"><strong> </strong></td> </tr> <tr> <td colspan="3"><strong>Save</strong></td> </tr> <tr> <td width="78">Current Password</td> <td width="6">:</td> <td width="294"><input name="passwordcurrent" type="text" id="passwordcurrent"></td> </tr> <tr> <td> </td> <td> </td> <td><input type="submit" name="save" value="Save"></td> </tr> </table> </td> </form> </tr> </table> <?php } } } else { echo '<span class="text">No ID!</span><br />'; } } } else { if (isset($_GET['id'])) { // Connect to MySQLi $sqli = mysqli_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME) or die(mysqli_errno()); // Check connection if (mysqli_connect_errno()) { echo "Failed to connect to MySQL: " . mysqli_connect_error(); } $id = $_GET['id']; $query = mysqli_query($sqli, "SELECT * FROM members WHERE id='$id'") or die("Error: ".mysqli_error($sqli)); $checkuser = mysqli_num_rows($query); // Check if user exists if($checkuser != 1) { // Username not exist echo '<span class="text">Username does not exist in the database!</span><br />'; } else { while ($row = mysqli_fetch_array($query)) { echo '<span class="text">Username: '; echo $row['username']; echo '</span> <br/>'; echo '<span class="text">Level: '; echo $row['level']; echo '</span> <br/>'; } } } elseif (isset($_SESSION['username']) && isset($_SESSION['id'])) { // Connect to MySQLi $sqli = mysqli_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME) or die(mysqli_errno()); // Check connection if (mysqli_connect_errno()) { echo "Failed to connect to MySQL: " . mysqli_connect_error(); } $id = $_SESSION['id']; $query = mysqli_query($sqli, "SELECT * FROM members WHERE id='$id'") or die("Error: ".mysqli_error($sqli)); $checkuser = mysqli_num_rows($query); // Check if user exists if($checkuser != 1) { // Username not exist echo '<span class="text">Username does not exist in the database!</span><br />'; } else { while ($row = mysqli_fetch_array($query)) { ?> <table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC"> <tr> <td> <table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF"> <tr> <td width="78">Username</td> <td width="6">:</td> <td width="294"><?php echo $row['username'] ?></td> </tr> <tr> <td width="78">Level</td> <td width="6">:</td> <td width="294"><?php echo $row['level'] ?></td> </tr> <tr> <td colspan="3"><a href="?action=edit&id=<?php .$id. ?>"><strong>Edit Profile</strong></a></td> </tr> </table> </td> </tr> </table> <?php } } } else { echo $_SESSION['username']; echo $_SESSION['id']; echo '<span class="text">No ID!</span><br />'; } } $time = microtime(); $time = explode(' ', $time); $time = $time[1] + $time[0]; $finish = $time; $total_time = round(($finish - $start), 4); echo '<span class="text">Page generated in '.$total_time.' seconds.</span><br />'; ?> </body> </html>
You have javascript disabled. You will not be able to edit any code.