<?php
$path2root = "../../..";
require_once "{$path2root}/assets/inc/session_timeout.inc.php";
require_once "{$path2root}/assets/inc/user_funcs.inc.php";
require_once "{$path2root}/assets/inc/utility_funcs.inc.php";
if (isset($_SESSION['username']) && isset($_SESSION['authenticated'])) {
$loggedin = true;
$user = $_SESSION['username'];
$user_id = queryUserId($user);
// Send a message
if (isset($_POST['send'])) {
$recip = trim($_POST['recip']);
$auth = trim($_POST['auth']);
$subject = trim($_POST['subject']);
$message = trim($_POST['message']);
require_once "{$path2root}/assets/inc/send_message.inc.php";
}
// initialize flags
$OK = false;
$done = false;
// create database connection
$conn = dbConnect('write');
// initialize statement
$stmt = $conn->stmt_init();
// get details of selected record
if (isset($_GET['id']) && !$_POST) {
// prepare SQL query
$sql = 'SELECT id, auth, recip, subject, time, message
FROM messages WHERE id = ?';
$stmt->prepare($sql);
<?php
$path2root = "../..";
require_once "{$path2root}/assets/inc/session_timeout.inc.php";
require_once "{$path2root}/assets/inc/user_funcs.inc.php";
if (isset($_SESSION['username']) && queryUserName($_GET['username'])) {
$loggedin = true;
$username = $_SESSION['username'];
$user_id = queryUserId($username);
$conn = dbConnect('read');
$sql = "SELECT * FROM users WHERE user_id = '" . $user_id . "'";
$result = $conn->query($sql) or die(mysqli_error($conn));
$row = $result->fetch_assoc();
try {
include "{$path2root}/assets/inc/title.inc.php";
//Update General Info
if (isset($_REQUEST['update_info'])) {
$email = trim($_REQUEST['email']);
$website = trim($_REQUEST['website']);
$about = trim($_REQUEST['about']);
$user = trim($_REQUEST['user']);
$twitter = trim($_REQUEST['twitter']);
include "{$path2root}/assets/inc/update_user.inc.php";
}
// Update Password
if (isset($_POST['update_pass'])) {
$password = trim($_POST['pwd']);
$retyped = trim($_POST['conf_pwd']);
include "{$path2root}/assets/inc/update_password.inc.php";
}
// Update Privacy
