I'm trying to create a social network and I'm having a problem with my "Update Profile" page, I'm trying to have the user upload a photo and edit information
Here is my php code
<?php
session_start();
include("connection.php");
include("function.php");
if($_SESSION['login'] != 'true'){
header("location:index.php");
}
$id = $_SESSION['member_id'];
$select = mysqli_query($dbc,"SELECT * FROM members WHERE member_id = '$id'");
$object = mysqli_fetch_array($select);
$username=$object['username'];
$first=$object['firstname'];
$last=$object['lastname'];
$pass=$object['password'];
$email=$object['email'];
if(isset($_POST['insert']))
{
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$password = $_POST['password'];
$email = $_POST['email'];
$sql = mysqli_query($dbc,"UPDATE members SET firstname = '$firstname', lastname = '$lastname', password = '$password', email = '$email', WHERE member_id = '$id'") or die(mysqli_error($dbc));
$result = mysqli_query($dbc,$sql);
if ($result){
$success = '<p style="color:blue;text-align:center;"> Records saved!</p>';
}
header("location:profiletest.php");
}
if(isset($_POST['Submit'])){
$member_id=$_SESSION['member_id'];
$name = $_FILES["image"] ["name"];
$type = $_FILES["image"] ["type"];
$size = $_FILES["image"] ["size"];
$temp = $_FILES["image"] ["tmp_name"];
$error = $_FILES["image"] ["error"];
mysqli_query($dbc,"UPDATE members SET photo = '$name' WHERE member_id = '$member_id'") or die(mysqli_error($dbc));
if ($error > 0){
die("Error uploading file! Code $error.");
}else{
if($size > 10000000) //conditions for the file
{
die("Format is not allowed or file size is too big!");
}
else
{
move_uploaded_file($temp,"image/members/".$name);
}
}
}
?>
And here are my html forms
<form name="" method="post" enctype='multipart/form-data'>
<input id="browse" type="file" name="image">
<input id="upload" type="submit" name="Submit"
value="Change your primary picture" /> <br> <br> <br>
</form> <form name="insert" method="post"><br>
<p>
Firstname: <input type="text" name="firstname" id="inputtype"
value="<?php echo $first; ?>">
Lastname:
<input type="text" name="lastname" id="inputtype"
value="<?php echo $last; ?>">
</p> <br>
<p>
Change Password: <input type="text" name="password" id="inputtype"
value="<?php echo $pass; ?>">
</p> <br>
<p>
EmailAddress:<input type="text" name="email" id="inputtype"
value="<?php echo $email; ?>">
</p> <br>
<p>
</p>
<br> <br>
<p align="right"style="padding-right: 129px; width: 121px; height: 48px;">
<input type="submit" id="inputsubmit" name="insert" value="Save" id="save" width="10px">
</p> <br />
</form>
<div class="art-blockcontent-body">
<h2 class="art-postheader"></h2>
<div class="cleared"></div>
<div>
<form method='post' action='profiletest.php'></form>
</div>
I get this error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE member_id = ''' at line 1
Line one has the beginning php tag so I'm very confused :/
That's because you have error in this query:
UPDATE members SET firstname = '$firstname', lastname = '$lastname', password = '$password', email = '$email', WHERE member_id = '$id'
There is an obsolete comma before WHERE
PS: learn to debug your trivial issues yourself, debugging is what each social network developers do every day! ;-)
Related
I am building a three part signup system using sessions. The first part is on the homepage, there is a login here called form1 and a signup called form2. This question is about signup form2. In form2 the user inserts email and password into the DB table, and the iduser is created auto automatically. A sessions is created, this part works fine. In signup_part2.php using sessions I echo out the iduser and email to prove that the info was inserted into the database. Then in signup_part2.php there is a second form, however when I hit submit nothing is inserted into the database table into those user's fields. How can I insert data into the DB table during a user's session?
home.php
<?php
session_start();
require('connect.php');
require('header.php');
$form1 = <<<EOT
<div id="homebox1">
<div id="logohome">
<h2>Welcome</h2></br>
</div>
<div id="homecolumn1">
<p>Login</p></br>
<form id="login" action="home.php" method="POST">
<input name="emaillogin" placeholder="email" type="email" rows="20"> </input></br>
<input name="passwordlogin" placeholder="password" type="password" rows="20"> </input></br>
<input type="submit" name="submita" value="Log In"> </input>
</form>
</div>
EOT;
$form2 = <<<EOT
<div id="homecolumn2">
<p>Sign Up</p></br>
<form id="signuppart1" action="home.php" method="post">
<input name="signupemail" placeholder="email" type="email" rows="20" required> </input></br>
<input pattern="(?=^.{8,50}$)((?=.*\d)|(?=.*\W+))(?![.\n])(?=.*[A-Z])(?=.*[a-z]).*$" name="signuppassword" placeholder="password" type="password" rows="20" required> </input></br>
<input name="submitb" type="submit" value="Sign Up"> </input>
</form>
</div>
EOT;
$footer = <<<EOT
<div id="footerhome1">
</div>
</div>
EOT;
/*-------------------------------------form1----------------------------------------*/
if(isset($_POST['submita'])){
$email = mysql_escape_string($_POST['emaillogin']);
$pass = mysql_escape_string($_POST['passwordlogin']);
$salt = '458mn$8n#bty67mg%563!&78fj^543*41s';
$pass = md5($pass . $salt);
$sql = mysql_query ("SELECT * FROM `profile` WHERE `email` = '$email' AND `password`= '$pass' ");
if(mysql_num_rows($sql) > 0){
// ADDITIONAL CODE //pull userdata from db
while($row = mysql_fetch_array($sql)){
$_SESSION['logged_in']['fnlname'] = $row['fnlname'];
$_SESSION['logged_in']['username'] = $row['username'];
$_SESSION['logged_in']['gender'] = $row['gender'];
}
// END ADDITIONAL CODE
header('location: profile.php');
}else{
echo <<<EOT
<div id="homebox1">
<div id="logohome">
<h2>Welcome</h2></br>
</div>
<div id="homecolumn1">
<p>Login</p></br>
<form id="login" action="home.php" method="POST">
<input name="emaillogin" placeholder="email" type="email" rows="20"> </input></br>
<input name="passwordlogin" placeholder="password" type="password" rows="20"> </input></br>
<input type="submit" name="submita" value="Log In"> </input>
<p style="color:red;">"Wrong password or username"</p>
</form>
</div>
EOT;
}
}else{
echo $form1;
}
/*-------------------------------------form2----------------------------------------*/
if(isset($_POST['submitb'])){
//perform verification
$email1 = $_POST['signupemail'];
$pass1 = $_POST['signuppassword'];
if ($pass1 == NULL){
echo <<<EOT
<p style="color:red;">"Enter a password"</p>
EOT;
exit();
}
$email1 = mysql_escape_string($email1);
$password = mysql_escape_string($pass1);
$salt = 'justasalt';
$password = md5($password . $salt);
$sql2 = mysql_query("SELECT * FROM `profile` WHERE `email` = '$email1' ");
if(mysql_num_rows($sql2) > 0){
echo $form2;
echo <<<EOT
<p style="color:red;">"Sorry, that email already exists!"</p>
EOT;
exit();
}
else{
mysql_query("INSERT INTO `profile` (`iduser`, `password`, `email`)VALUES(NULL, '$password', '$email1')");
$sql = mysql_query ("SELECT * FROM `profile` WHERE `email` = '$email1' AND `password`= '$password' ");
if(mysql_num_rows($sql) > 0){
// ADDITIONAL CODE //pull userdata from db
while($row = mysql_fetch_array($sql)){
$_SESSION['logged_in']['iduser'] = $row['iduser'];
$_SESSION['logged_in']['fnlname'] = $row['fnlname'];
$_SESSION['logged_in']['username'] = $row['username'];
$_SESSION['logged_in']['gender'] = $row['gender'];
$_SESSION['logged_in']['location'] = $row['location'];
$_SESSION['logged_in']['website'] = $row['website'];
$_SESSION['logged_in']['age'] = $row['age'];
$_SESSION['logged_in']['joined'] = $row['joined'];
$_SESSION['logged_in']['email'] = $row['email'];
}
header("location: signup_part2.php");
}
}
}
else{
echo $form2;
}
?>
signup_part2.php
<?php
session_start();
include "connect.php";
include "header.php";
$iduser=$_SESSION['logged_in']['iduser'];
$sql = mysql_query("SELECT * FROM `profile` WHERE `iduser` = '$iduser' ");
while($row = mysql_fetch_array($sql)){
$iduser = $row['iduser'];
$password = $row['password'];
$email = $row['email'];
$fnlname = $row['fnlname'];
$username = $row['username'];
$joineddate = $row['joineddate'];
$gender = $row['gender'];
$age = $row['age'];
$location = $row['location'];
$website = $row['website'];
}
echo "$iduser $password $email";
$form1 = <<<EOT
<div id="homebox1">
<div id="logohome">
<h2>Welcome</h2></br>
</div>
<div id="signupcolumn1">
<p>Please fillout your info</p>
<form id="signup2" action="signup_part2.php" method="POST">
<p><input name="fnlname" placeholder="First and Last Name" type="text" size="50" required>*</br>
<input name="username" placeholder="Username" type="text" size="50" required>*</br>
<input name="age" placeholder="Your Age" type="" size="50" required>*</br></p>
<p><input style="text-align:left;" type="radio" name="gender" value="male"/>Male</br>
<input style="text-align:left;" type="radio" name="gender" value="female"/>Female</br>
<input style="text-align:left;" type="radio" name="gender" value="blank"/>Leave Blank</br></p>
<p><input name="location" placeholder="Location" type="" size="50" >Opt.</br>
<input name="website" placeholder="Website" type="" size="50">Opt. </br></p>
<input name="joineddate" placeholder="joineddate" type="hidden" size="50">
<input type="submit" name="submita" value="Next">
</div>
</form>
EOT;
if(isset($_POST['submita'])){
//perform verification
$fnlname = $_POST['fnlname'];
$username = $_POST['username'];
$age = $_POST['age'];
$gender = $_POST['gender'];
$location = $_POST['location'];
$website = $_POST['website'];
$joineddate = $_POST['joineddate'];
$iduser=$_SESSION['logged_in']['iduser'];
/*$fnlname = mysql_escape_string($fnlname);
$username = mysql_escape_string($username);
$age = mysql_escape_string($age);
$gender = mysql_escape_string($gender);
$location = mysql_escape_string($location);
$website = mysql_escape_string($website); */
$sql1 = mysql_query("SELECT * FROM `profile` WHERE `username` = '$username' ");
if(mysql_num_rows($sql1) > 0){
echo "Sorry, that username already exists!";
}else{
mysql_query("UPDATE profile SET fnlname='$fnlname' joineddate='$joineddate' gender='$gender' age='$age' location='$location' website='$website' WHERE iduser=$iduser ");
}
}else{
echo $form1;
}
?>
Found my mistake
if(isset($_POST['submit']))
should be
if(isset($_POST['submita']))
I'm currently logged in using a session, I want the user to be able to update their info. However on submit nothing happens. The session works because when I check the iduser email and password echo out. I think I might be writing the query wrong or I'm using the session incorrectly.Can someone explain why nothing in the database is being updated?
<?php
session_start();
include "connect.php";
include "header.php";
$iduser=$_SESSION['logged_in']['iduser'];
$sql = mysql_query("SELECT * FROM `profile` WHERE `iduser` = '$iduser' ");
while($row = mysql_fetch_array($sql)){
$iduser = $row['iduser'];
$password = $row['password'];
$email = $row['email'];
$fnlname = $row['fnlname'];
$username = $row['username'];
$joineddate = $row['joineddate'];
$gender = $row['gender'];
$age = $row['age'];
$location = $row['location'];
$website = $row['website'];
}
echo "$iduser $password $email";
$form1 = <<<EOT
<div id="homebox1">
<div id="logohome">
<h2>Welcome</h2></br>
</div>
<div id="signupcolumn1">
<p>Please fillout your info</p>
<form id="signup2" action="signup_part2.php" method="POST">
<p><input name="fnlname" placeholder="First and Last Name" type="text" size="50" required>*</br>
<input name="username" placeholder="Username" type="text" size="50" required>*</br>
<input name="age" placeholder="Your Age" type="" size="50" required>*</br></p>
<p><input style="text-align:left;" type="radio" name="gender" value="male"/>Male</br>
<input style="text-align:left;" type="radio" name="gender" value="female"/>Female</br>
<input style="text-align:left;" type="radio" name="gender" value="blank"/>Leave Blank</br></p>
<p><input name="location" placeholder="Location" type="" size="50" >Opt.</br>
<input name="website" placeholder="Website" type="" size="50">Opt. </br></p>
<input name="joineddate" placeholder="joineddate" type="hidden" size="50">
<input type="submit" name="submita" value="Next">
</div>
</form>
EOT;
if(isset($_POST['submita'])){
//perform verification
$fnlname = $_POST['fnlname'];
$username = $_POST['username'];
$age = $_POST['age'];
$gender = $_POST['gender'];
$location = $_POST['location'];
$website = $_POST['website'];
$joineddate = $_POST['joineddate'];
$iduser=$_SESSION['logged_in']['iduser'];
$fnlname = mysql_escape_string($fnlname);
$username = mysql_escape_string($username);
$age = mysql_escape_string($age);
$gender = mysql_escape_string($gender);
$location = mysql_escape_string($location);
$website = mysql_escape_string($website);
$sql1 = mysql_query("SELECT * FROM `profile` WHERE `username` = '$username' ");
if(mysql_num_rows($sql1) > 0){
echo "Sorry, that username already exists!";
}else{
mysql_query("UPDATE profile SET fnlname='$fnlname' joineddate='$joineddate' gender='$gender' age='$age' location='$location' website='$website' WHERE iduser=$iduser ");
}
}else{
echo $form1;
}
?>
Your query should be like this
UPDATE profile SET fnlname='$fnlname', joineddate='$joineddate', gender='$gender', age='$age' ,location='$location', website='$website' WHERE iduser='$iduser'
You missed commas And if $iduser is a string you must encapsulate with single quote
Hi i am new to PHP and i am trying to submit a registration form and it works fine but the problem is that when it gives some error like username already exists or password too short in an alert box and then it reloads the form page again and the user has to fill the whole form again i want the fields that are correct to remain unchanged
here is the form page code
<!DOCTYPE HTML>
<html>
<head>
<title>Details</title>
<link rel="stylesheet" type="text/css" href="reg.css">
</head>
<body id="body">
<div id="mmw"> <span> MAP MY WAY </span></div>
<form name="reg" id="reg" method="post" action="insert.php">
<h2>Kindly fill up your Information</h2>
<p>
<input name="username" required class="name" placeholder="Type Your User name" />
<input name="password" placeholder="Type Your Password" class="name" type="password" required />
<input name="first_name" required class="name" placeholder="Type Your First name" />
<input name="last_name" required class="name" placeholder="Type Your Last name" />
<input name="email" required class="email" placeholder="Type a valid E-Mail address" />
<input name="m_no" class="name" placeholder="Type Your Mobile #"/>
<input name="v_name" required class="name" placeholder="Type Your Vahical model and name"/>
<input name="capacity" required class="name" placeholder="Seating capacity"/>
<input name="fuel_type" required class="name" placeholder="Runs on what fuel type"/>
</p>
<p>
<input name="submit" class="btn" type="submit" value="Register" />
</p>
</form>
</div>
</body>
</html>
and here is the page that is processing the data
<?php
$con = mysqli_connect("localhost", "root", "", "map_my_way");
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
// escape variables for security
$username = mysqli_real_escape_string($con, $_POST['username']);
$password = mysqli_real_escape_string($con, $_POST['password']);
$first_name = mysqli_real_escape_string($con, $_POST['first_name']);
$last_name = mysqli_real_escape_string($con, $_POST['last_name']);
$email = mysqli_real_escape_string($con, $_POST['email']);
$m_no = mysqli_real_escape_string($con, $_POST['m_no']);
$v_name = mysqli_real_escape_string($con, $_POST['v_name']);
$fuel_type = mysqli_real_escape_string($con, $_POST['fuel_type']);
$capacity = mysqli_real_escape_string($con, $_POST['capacity']);
$exists = mysqli_num_rows(mysqli_query($con,"SELECT * FROM members WHERE username='" . $username . "'"));
if ($exists > 0) {
echo "<script language=\"JavaScript\">\n";
echo "alert('username already exists!');\n";
echo "window.location='reg.php'";
echo "</script>";
}
if (strlen ($password) < 6){
echo "<script language=\"JavaScript\">\n";
echo "alert('password must be 6 characters');\n";
echo "window.location='reg.php'";
echo "</script>";
}
else{
// if ($password < 6) {
// echo "<script language=\"JavaScript\">\n";
// echo "alert('username already exists!');\n";
// echo "window.location='reg.php'";
// echo "</script>";
// } else{
//insert query
$sql = "INSERT INTO members (username, password, first_name, last_name, email, m_no, v_name, fuel_type, capacity)
VALUES ('$username', '$password', '$first_name', '$last_name', '$email', '$m_no', '$v_name', '$fuel_type', '$capacity')";
}
//}
if (!mysqli_query($con, $sql)) {
die('Error: ' . mysqli_error($con));
}
else{
header("location:pic.php");
}
// Register $username
session_start();
$_SESSION['login'] = true;
$_SESSION['username'] = $username;
mysqli_close($con);
?>
Thanks in advance
header('Location: http://example.com/some/url'); relplace it with the javascript
also try to make a function to the escape string less typing:
function security($danger) {
mysqli_real_escape_string($con, $danger)}
simply call it with the username like $username = security($_POST['username'])
This is a school project and this particular page is to register a new user it does not display errors but it does not fill the MYSQL data base the connection for the database is in another page and I used the require function functions.php is where I am writing the connection function please help :(
<?php
include_once("menu.php");
?>
<form action="login.php" method="POST">
<?php
if ((isset($_POST['username']))&& (isset($_POST['password'])) && (isset($_POST['password2'])) && (isset($_POST['email'])))
{
$username = $_POST['username'];
$password = $_POST['password'];
$password2 = $_POST['password2'];
$email = $_POST['email'];
if ($password == $password2)
{
require_once("functions.php");
$connection = connectToMySQL();
$Query = "SELECT count(*) FROM tbl_users WHERE username='$username'";
$Result = mysqli_query($connection,$Query)
or die("Error in the query :". mysqli_error($connection));
$row = mysqli_fetch_row($Result);
$counter = $row[0];
if ($counter > 0)
{
echo "Username alredy exsist with the movie assosiation website<br/>";
echo "<input type=\"submit\" class=\"button\" value=\"Back\"/>";
}
else
{
$insertQuery = "INSERT INTO 'tbl_users'(username,password,email,role) VALUES ('$username',sha1('$password'),'$email','registered')";
$insertResult = mysqli_query($connection,$insertQuery)
or die("Error in the query :". mysqli_error($connection));
echo "account created !! <br />";
echo "<input type=\"button\" class=\"button\" value=\"Log In\" onclick=\"location.href='login.php'\"> ";
}
}
}
else
{
?>
<label>
<span>Username:</span>
<input id="username" type="text" name="username" placeholder="enter your Username" required />
</label></br>
<label>
<span>Password</span>
<input id="password" type="password" name="password" placeholder="enter your Password" required />
</label></br>
<label>
<span>Re-Enter Password</span>
<input id="password2" type="password" name="password2" placeholder="re-enter your Password" required />
</label></br>
<label>
<span>Email</span>
<input id="email" type="email" name="email" placeholder="enter email" required />
</label></br>
<label>
<span> </span>
<input id="submit" class="button" type="submit" name="submit" value="Submit"/>
</label>
</form>
<?php
}
?>
<?php
require_once("footer.php")
?>
remove single quote from your table name
try this
$insertQuery = "INSERT INTO `tbl_users`(username,password,email,role) VALUES ('$username',sha1('$password'),'$email','registered')";
instead of
$insertQuery = "INSERT INTO 'tbl_users'(username,password,email,role) VALUES ('$username',sha1('$password'),'$email','registered')";
Error in your sql statement.
Try this.
$insertQuery = "INSERT INTO tbl_users (username,password,email,role) VALUES ('{$username}',sha1('{$password}'),'{$email}','registered')";
or this
$insertQuery = "INSERT INTO tbl_users (username,password,email,role) VALUES ('".$username."',sha1('".$password."'),'".$email."','registered')";
Question at hand:
How do I create the php code to let users who are logged into my site edit/update their profile settings/information?
I have 1 part working correctly for users to change their password, however, have no idea where to start when it comes to allowing users who are logged in to edit/update their other settings such as:
(1) nickname,
(2) country,
(3) date of birth,
(4) gender,
(5) motto and
(6) bio
I'll provide the php and html code below that I have that is working for changing password, but I know that I need more to let users change/edit/update their other information. I tried using what is below as a reference to create the php code for the other information, but it didn't work so I have no idea where to even begin! Any help will be much appreciated...
PHP reference code:
if($_POST['submit']=='Change')
{
$err = array();
if(!$_POST['password1'] || !$_POST['passwordnew1'])
$err[] = 'All the fields must be filled in!';
if(!count($err))
{
$_POST['password1'] = mysql_real_escape_string($_POST['password1']);
$_POST['passwordnew1'] = mysql_real_escape_string($_POST['passwordnew1']);
$row = mysql_fetch_assoc(mysql_query("SELECT id,username FROM members WHERE username='{$_SESSION['username']}' AND pass='".md5($_POST['password1'])."'"));
if($row['username'])
{
$querynewpass = "UPDATE members SET pass='".md5($_POST['passwordnew1'])."' WHERE username='{$_SESSION['username']}'";
$result = mysql_query($querynewpass) or die(mysql_error());
$_SESSION['msg']['passwordchange-success']='* You have successfully changed your password!';
}
else $err[]='Wrong password to start with!';
}
if($err)
$_SESSION['msg']['passwordchange-err'] = implode('<br />',$err);
header("Location: members.php?id=" . $_SESSION['username']);
exit;
}
HTML reference code:
<form action="" method="post">
<label class="grey" for="password1">Current Password:</label>
<input class="field" type="password" name="password1" id="password1" value="" size="23" />
<label class="grey" for="password">New Password:</label>
<input class="field" type="password" name="passwordnew1" id="passwordnew1" size="23" />
<input type="submit" name="submit" value="Change" class="bt_register" style="margin-left: 382px;" />
<div class="clear"></div>
<?php
if($_SESSION['msg']['passwordchange-err'])
{
echo '<div class="err">'.$_SESSION['msg']['passwordchange-err'].'</div>';
unset($_SESSION['msg']['passwordchange-err']);
}
if($_SESSION['msg']['passwordchange-success'])
{
echo '<div class="success">'.$_SESSION['msg']['passwordchange-success'].'</div>';
unset($_SESSION['msg']['passwordchange-success']);
}
?>
</form>
So how would I create the php code to make this work for users to be able to edit/update their own profile settings/information from the numeric list I provided above (1-6)?
And I know using mysqli/pdo is a better alternative to use, but I unfortunately need to use the old deprecated mysql_* stuff for this project at this time...
If you need more info, let me know ;)
EDIT:
Additional Question,
I'd assume too that I'd need to create variables for each column too such as:
$nickname = $_POST['nickname'];
$country = $_POST['country'];
etc...or is that not correct?
RE-EDIT:
Would something like this be applicable?
$id = $_SESSION['id'];
if ($_POST['country']) {
$country = $_POST['country'];
$nickname = $_POST['nickname'];
$DOB = $_POST['DOB'];
$gender = $_POST['gender'];
$motto = $_POST['motto'];
$bio = $_POST['bio'];
$sql = mysql_query("UPDATE members SET country='$country', nickname='$nickname', DOB='$DOB', gender='$gender', motto='$motto', bio='$bio' WHERE id='$id'");
exit;
}
$sql = mysql_query("SELECT * FROM members WHERE id='$id' LIMIT 1");
while($row = mysql_fetch_array($sql)){
$country = $row["country"];
$nickname = $row["nickname"];
$DOB = $row["DOB"];
$gender = $row["gender"];
$motto = $row["motto"];
$bio = $row["bio"];
}
Or am I way off base?
short version ;)
HTML file:
<form action="./change.php" method="post">
Nickname: <input type="text" name="nickname"><br />
Country: <input type="text" name="country"><br />
Date of birth: <input type="text" name="date_of_birth"><br />
Gender: <input type="text" name="gender"><br />
Motto: <input type="text" name="motto"><br />
Bio: <input type="text" name="bio"><br />
<input type="submit" value="Submit">
</form>
change.php:
<?php
function filter($date)
{
return trim(htmlspecialchars($date));
}
$nickname = filter($_POST['nickname'])
$country = filter($_POST['country'])
$date_of_birth = filter($_POST['date_of_birth'])
$gender = filter($_POST['gender'])
$motto = filter($_POST['motto'])
$bio = filter($_POST['bio'])
if (isUserLogIn)
{
//SQL update query
}
?>