prepare("select fullname,email,credentials from users where id = ?"); $prodsql->bindValue(1,$id); $prodsql->execute(); $prodrow=$prodsql->fetch(); $submit = $_POST['submit']; if ($submit == 'submit' ){ $newpass = $_POST['newpass']; if ($newpass){ $curpass = md5(md5(md5($_POST['curpass']))); $newpass = $_POST['newpass']; if ($curpass == $prodrow[2]){ $encpass = md5(md5(md5($newpass))); $uppass = $dbh->prepare("update users set credentials = ? where email = ? "); $uppass->execute(array($encpass,$email)); } if ($uppass) { echo 'Password has been updated!'; } } $pic = $_FILES['avatar']['tmp_name']; if ($pic) { $newpicname = $id.'.jpg'; move_uploaded_file($pic,'userpics/'.$newpicname); } $newemail= $_POST['email']; $newfullname= $_POST['fullname']; $insql = $dbh->prepare("update users set fullname = ?,email = ? where id =?"); $insql->execute(array($newfullname,$newemail,$id)); if ($insql) echo "Record Update!"; } $prodsql = $dbh->prepare("select fullname,email from users where id = ?"); $prodsql->bindValue(1,$id); $prodsql->execute(); $prodrow=$prodsql->fetch(); if (file_exists('userpics/'.$id.'.jpg')){ echo ''; } ?>

Upload Pic:


Current Password:
New Password: