| Server IP : 43.241.58.20 / Your IP : 216.73.216.25 Web Server : Apache/2 System : Linux ns1-1556229.dragonhispeed.com 3.16.0 #1 SMP Fri Mar 29 22:50:14 MSK 2024 x86_64 User : ratsitne ( 1130) PHP Version : 5.6.40 Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /home/ratsitne/.trash/files/admin/ |
Upload File : |
<?php
include '../config.php';
include 'auth.php';
$page_title = 'แก้ไขข้อมูลส่วนตัว';
ob_start();
if (!isset($_SESSION['admin_id'])) {
header('Location: login.php');
exit();
}
$user_id = $_SESSION['admin_id'];
$result = mysqli_query($conn, "SELECT * FROM users WHERE id = $user_id");
$user = mysqli_fetch_assoc($result);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$username = $_POST['username'];
$password = !empty($_POST['password']) ? password_hash($_POST['password'], PASSWORD_BCRYPT) : $user['password'];
$email = $_POST['email'];
$fullname = $_POST['fullname'];
$updated_at = date('Y-m-d H:i:s');
// Check for duplicate username
$username_check_query = "SELECT id FROM users WHERE username = '$username' AND id != $user_id";
$username_check_result = mysqli_query($conn, $username_check_query);
if (mysqli_num_rows($username_check_result) > 0) {
$error_message = 'Username นี้มีอยู่ในระบบแล้ว';
}
// Check for duplicate email
$email_check_query = "SELECT id FROM users WHERE email = '$email' AND id != $user_id";
$email_check_result = mysqli_query($conn, $email_check_query);
if (mysqli_num_rows($email_check_result) > 0) {
$error_message = 'Email นี้มีอยู่ในระบบแล้ว';
}
if (!isset($error_message)) {
// Handle image upload
$profile_image = $user['profile_image'];
if (isset($_FILES['profile_image']) && $_FILES['profile_image']['error'] == 0) {
$target_dir = "../uploads/images/";
$file_extension = pathinfo($_FILES["profile_image"]["name"], PATHINFO_EXTENSION);
$unique_file_name = 'user_' . date('YmdHis') . rand(1000, 9999) . '.' . $file_extension;
$target_file = $target_dir . $unique_file_name;
if (move_uploaded_file($_FILES["profile_image"]["tmp_name"], $target_file)) {
// Remove old image
if ($profile_image && file_exists($target_dir . $profile_image)) {
unlink($target_dir . $profile_image);
}
$profile_image = $unique_file_name;
}
}
$query = "UPDATE users SET username = '$username', password = '$password', email = '$email', fullname = '$fullname', profile_image = '$profile_image', updated_at = '$updated_at' WHERE id = $user_id";
mysqli_query($conn, $query);
$_SESSION['username'] = $username;
$_SESSION['success_message'] = 'ข้อมูลถูกบันทึกเรียบร้อยแล้ว';
header('Location: ' . $admin_url . '/account.php');
} else {
$_SESSION['error_message'] = $error_message;
}
}
?>
<form method="POST" enctype="multipart/form-data">
<div class="card">
<div class="card-header">
<h3 class="card-title">แก้ไขข้อมูลส่วนตัว</h3>
</div>
<div class="card-body">
<?php if (isset($_SESSION['success_message'])): ?>
<div class="alert alert-success alert-dismissible fade show">
<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
<i class="bi bi-check-circle me-1"></i>
<?php echo $_SESSION['success_message']; unset($_SESSION['success_message']); ?>
</div>
<?php endif; ?>
<?php if (isset($_SESSION['error_message'])): ?>
<div class="alert alert-danger alert-dismissible fade show">
<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
<i class="bi bi-exclamation-triangle me-1"></i>
<?php echo $_SESSION['error_message']; unset($_SESSION['error_message']); ?>
</div>
<?php endif; ?>
<div class="form-group">
<label for="username">username</label>
<input type="text" name="username" id="username" class="form-control" value="<?php echo $user['username']; ?>" required>
</div>
<div class="form-group">
<label for="password">password (leave blank to keep current password)</label>
<input type="password" name="password" id="password" class="form-control">
</div>
<div class="form-group">
<label for="email">อีเมล์</label>
<input type="email" name="email" id="email" class="form-control" value="<?php echo $user['email']; ?>" required>
</div>
<div class="form-group">
<label for="fullname">ชื่อ</label>
<input type="text" name="fullname" id="fullname" class="form-control" value="<?php echo $user['fullname']; ?>" required>
</div>
<div class="form-group">
<label for="profile_image">รูปภาพ</label>
<input type="file" name="profile_image" id="profile_image" class="form-control">
<?php if ($user['profile_image']): ?>
<img src="<?php echo $base_url . '/uploads/images/' . $user['profile_image']; ?>" alt="User Image" class="img-thumbnail mt-2" width="150">
<?php endif; ?>
</div>
</div>
<div class="card-footer">
<button type="submit" class="btn btn-primary"><i class="bi bi-floppy me-1"></i>บันทึกข้อมูล</button>
</div>
</div>
</form>
<?php
$content = ob_get_clean();
$js_script = '';
include 'template_master.php';
?>