<a href="profile?ref=password" title="Change Password" style="cursor: pointer;">
<i class="fa fa-fw fa-lock"></i>
<span class="hidden-sm hidden-xs">Change Password</span>
</a>
</li>
</ul>
<!-- // END Tabs -->
<!-- Panes -->
<div class="tab-content">
<div id="account" class="tab-pane active">
<?php
if (isset($_POST['old_pwd'])) {
$old = securePwd($_POST['old_pwd']);
$new = securePwd($_POST['new_pwd']);
$q = $conn->prepare("SELECT * FROM staff WHERE password = :old");
$q->bindParam(':old', $old);
$q->execute();
$row = $q->fetch();
if ($row['password'] == $old) {
$update = $conn->prepare("UPDATE staff SET password = :pwd WHERE username = :user");
$update->bindParam(':pwd', $new);
$update->bindParam(':user', $user);
if ($update->execute()) {
?>
<div class="alert alert-success">
<strong>Your password have been successfully changed.</strong>
</div>
<?php
} else {
<!-- Panes -->
<div class="tab-content">
<div id="account" class="tab-pane active">
<?php
if (isset($_POST['user'])) {
$name = secureTxt($_POST['name']);
$user = secureTxt($_POST['user']);
$pwd = securePwd($_POST['pwd']);
$address = secureTxt($_POST['address']);
$gender = secureTxt($_POST['gender']);
$role = secureTxt($_POST['role']);
$email = secureTxt($_POST['email']);
$phone = secureTxt($_POST['phone']);
$target_dir = "uploads/profile/";
$target_file = $target_dir . basename($_FILES["image"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file, PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
if (isset($_POST["name"])) {
$check = getimagesize($_FILES["image"]["tmp_name"]);
if ($check !== false) {
$uploadOk = 1;
} else {
echo "<div class='alert alert-warning'>File is not an image.</div>";
$uploadOk = 0;
}
}
// Check if file already exists
if (file_exists($target_file)) {
echo "<div class='alert alert-warning'>Sorry, photo already exists.</div>";
<h2 class="home_text_head">LETS RATE YOU</h2>
<section class="">
<p class="home_text_body">Knot and Rings is the world's first online wedding rating magazine, focused on showcasing iconic wedding moments.</p>
<ul class="social">
<li class="social_item"><a href="#" class="fb homefb"><span class="socicon socicon-facebook"></span> Sign Up with Facebook</a></li>
</ul>
<?php
if (isset($_POST['email'])) {
$user = secureTxt($_POST['user']);
$email = secureTxt($_POST['email']);
$pwd = securePwd($_POST['pwd']);
$code = rand('1642853729', '9356782341');
$verification_code = securePwd($code);
$q = $conn->prepare("SELECT * FROM account WHERE username = :user");
$q->bindParam(':user', $user);
$q->execute();
$row = $q->fetch();
if ($row['username'] == $user) {
?>
<div class="alert alert-warning">
<strong>This username is already registered</strong>
</div>
<?php
} else {
$insert = $conn->prepare("INSERT INTO account (username, email, password, signup_date, signup_time, verification_code) VALUES (:user, :email, :pwd, :signup_date, :signup_time, :code)");
$insert->bindParam(':user', $user);
$insert->bindParam(':email', $email);
$insert->bindParam(':pwd', $pwd);
