$database = new DatabaseHandler(); $session = new SessionHandler(); //Mendapatkan semua informasi yang telah divalidasi di client-side $fullname = $_POST['fullname']; $username = $session->username; $password = md5($_POST['password']); $birthdate = $_POST['birthdate']; $location = $_POST['location']; $img_src = "./res/upload/"; $img_extension = substr($_FILES["profpict"]["name"], strrpos($_FILES["profpict"]["name"], '.')); $new_img_location; if ($img_extension == "") { $query = "SELECT img_location FROM {$database->t_user}\n WHERE username='******'"; $result = $database->execQuery($query); $row = mysql_fetch_array($result, MYSQL_ASSOC); $new_img_location = $row['img_location']; } else { move_uploaded_file($_FILES["profpict"]["tmp_name"], "../res/upload/" . $username . $img_extension); $new_img_location = $img_src . $username . $img_extension; } $query = "UPDATE {$database->t_user}\n SET\n fullname='{$fullname}',\n password='******',\n birthdate='{$birthdate}',\n location='{$location}',\n img_location = '{$new_img_location}'\n WHERE\n username='******' "; if ($database->execQuery($query)) { $query = "SELECT * FROM " . $database->t_user . " WHERE username='******' "; $result = $database->execQuery($query); $result = mysql_fetch_array($result); $session->setSession($result); header("location:../profile.php?ref=editSuccess"); } else { header("location:../profile.php?ref=editFailed"); die; }