$database = new DatabaseHandler();
$session = new SessionHandler();
//Mendapatkan semua informasi yang telah divalidasi di client-side
$fullname = $_POST['fullname'];
$username = $session->username;
$password = md5($_POST['password']);
$birthdate = $_POST['birthdate'];
$location = $_POST['location'];
$img_src = "./res/upload/";
$img_extension = substr($_FILES["profpict"]["name"], strrpos($_FILES["profpict"]["name"], '.'));
$new_img_location;
if ($img_extension == "") {
$query = "SELECT img_location FROM {$database->t_user}\n WHERE username='******'";
$result = $database->execQuery($query);
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$new_img_location = $row['img_location'];
} else {
move_uploaded_file($_FILES["profpict"]["tmp_name"], "../res/upload/" . $username . $img_extension);
$new_img_location = $img_src . $username . $img_extension;
}
$query = "UPDATE {$database->t_user}\n SET\n fullname='{$fullname}',\n password='******',\n birthdate='{$birthdate}',\n location='{$location}',\n img_location = '{$new_img_location}'\n WHERE\n username='******' ";
if ($database->execQuery($query)) {
$query = "SELECT * FROM " . $database->t_user . " WHERE username='******' ";
$result = $database->execQuery($query);
$result = mysql_fetch_array($result);
$session->setSession($result);
header("location:../profile.php?ref=editSuccess");
} else {
header("location:../profile.php?ref=editFailed");
die;
}
