BluePearMedia/profile.php at master · HeyImGary/BluePearMedia · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
<?php

include 'head.php';

if(isset($_POST['updateInfo'])){
    $sql = "UPDATE users SET name='".htmlspecialchars($_POST["name"])."', bio='".htmlspecialchars($_POST["bio"])."' WHERE id=".htmlspecialchars($_GET['id']);
    $stmt = $conn->prepare($sql);
    $stmt->execute();
}

//$stmt = $conn->prepare("SELECT stories.id, stories.title, stories.story, users.firstname, users.lastname, users.bio FROM users INNER JOIN stories ON users.id = stories.author WHERE users.id = ".htmlspecialchars($_GET['id']));
$stmt = $conn->prepare("SELECT name, bio FROM users WHERE id = ".htmlspecialchars($_GET['id']));

$stmt->execute();
$result = $stmt->fetchAll();

foreach($result as $row) {
    $name = $row[0];
    $bio = $row[1];
}
?>
<script>
    function editInfo(){
        document.getElementById("info").style.display = "none";
        document.getElementById("edit").style.display = "block";

        document.getElementById("editName").value = document.getElementById("name").innerHTML;
        document.getElementById("editBio").value = document.getElementById("bio").innerHTML;
    }

    function cancel(){
        document.getElementById("info").style.display = "block";
        document.getElementById("edit").style.display = "none";

    }
</script>

<div class="col-md-6 col-md-offset-3 well" >
    <article class="col-md-4 well" id="info">
            <center><img class="img-circle" src="images/avatar.png" alt="" style="width:80%;"/></center>
            <center><h3 id="name"><?php echo $name ?></h3></center>

            <hr>

            <article class="col-md-12">
                <p id="bio"><?php echo $bio ?></p>
                <?php
                if($_SESSION["id"] == htmlspecialchars($_GET['id'])){
                    echo '<button class="btn btn-default" onclick="editInfo()">Edit Profile</a>';
                }
                ?>
            </article>


    </article>
     <?php if($_SESSION["id"] == htmlspecialchars($_GET['id'])){
         echo'
            <article class="col-md-4 well" id="edit" style="display:none;">
                <center><img class="img-circle" src="images/avatar.png" alt="" style="width:80%;"/></center>
                <form action="" method="post">
                    <div class="form-group">
                      <label for="name">Name:</label>
                      <input type="text" name="name" class="form-control" id="editName">
                    </div>
                        <hr>
                    <div class="form-group">
                        <label for="bio">Bio:</label>
                        <textarea rows="8" name="bio" class="form-control" id="editBio" ></textarea>
                    </div>
                    <button type="submit" name="updateInfo" class="btn btn-success">Update</button>

                        <a href="javascript:;" onclick="cancel()">Cancel</a>

                </form>
            </article>';
        }
    ?>

    <div class="col-md-8">
        <center><h2 style="margin-top:0;">Articles by <?php echo $name ?></h2></center>

        <hr>
        <?php include 'profileStories.php'; ?>
    </div>
</div>


<?php
include 'footer.php';