header('Location: index.php?action=editpost');
$_SESSION['error'] = "sorry! there was an error while updating";
}
} else {
if (isset($_POST['editprofile'])) {
$tmp_name = $_FILES["avatar"]["tmp_name"];
$name = $_FILES["avatar"]["name"];
//var_dump($name);die;
move_uploaded_file($tmp_name, "uploads/{$name}");
$id = $_SESSION['userid'];
$user = new User();
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
$query = "update users set username='******', email='{$email}', password='******', pic='{$name}' where userid= '{$id}'";
$result = $user->edituser($query);
if ($result) {
$_SESSION['success'] = "Congrats! the profile has been updated sucessfully";
header('Location: index.php?action=profile');
} else {
$_SESSION['success'] = "sorry! the profile could updated sucessfully";
header('Location: index.php?action=profile');
}
} else {
if (isset($_POST['messages'])) {
//$_SESSION['pagetitle'] = 'newarticle';
if (filter_var($_POST['fname'], FILTER_SANITIZE_STRING)) {
$_SESSION['error'] = "sorry! the fname is not valid";
} else {
if (filter_var($_POST['phoneno'], FILTER_VALIDATE_INT)) {
$_SESSION['error'] = "sorry! the phone no is not valid";
