| Server IP : 72.60.21.38 / Your IP : 216.73.217.140 Web Server : LiteSpeed System : Linux uk-fast-web1372.main-hosting.eu 4.18.0-553.121.1.lve.el8.x86_64 #1 SMP Thu Apr 30 16:40:41 UTC 2026 x86_64 User : u390967363 ( 390967363) PHP Version : 8.2.30 Disable Function : system, exec, shell_exec, passthru, mysql_list_dbs, ini_alter, dl, symlink, link, chgrp, leak, popen, apache_child_terminate, virtual, mb_send_mail MySQL : OFF | cURL : ON | WGET : ON | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /home/u390967363/domains/aibenproperties.com/public_html/app/ |
Upload File : |
<?php
if (session_status() === PHP_SESSION_NONE) {
session_start();
}
require_once 'includes/db.php';
require_once 'includes/functions.php';
$success = '';
$error = '';
if (!function_exists('profilePickFirstScalar')) {
function profilePickFirstScalar($value) {
if (is_array($value)) {
foreach ($value as $item) {
$picked = profilePickFirstScalar($item);
if ($picked !== '') {
return $picked;
}
}
return '';
}
if (is_object($value)) {
return profilePickFirstScalar((array)$value);
}
return trim((string)$value);
}
}
if (!function_exists('profileFlattenAssoc')) {
function profileFlattenAssoc(array $source, $prefix = '') {
$flat = [];
foreach ($source as $key => $value) {
$normalizedKey = strtolower(trim(preg_replace('/[^a-z0-9]+/i', '_', (string)$key), '_'));
$fullKey = $prefix !== '' ? $prefix . '_' . $normalizedKey : $normalizedKey;
$flat[$fullKey] = $value;
if (is_array($value)) {
$flat += profileFlattenAssoc($value, $fullKey);
} elseif (is_object($value)) {
$flat += profileFlattenAssoc((array)$value, $fullKey);
}
}
return $flat;
}
}
if (!function_exists('profilePickValue')) {
function profilePickValue($source, array $keys) {
if (!is_array($source)) {
return '';
}
$flat = profileFlattenAssoc($source);
foreach ($keys as $key) {
$normalizedKey = strtolower(trim(preg_replace('/[^a-z0-9]+/i', '_', (string)$key), '_'));
if (array_key_exists($normalizedKey, $flat)) {
$picked = profilePickFirstScalar($flat[$normalizedKey]);
if ($picked !== '') {
return $picked;
}
}
}
foreach ($flat as $flatKey => $value) {
foreach ($keys as $key) {
$normalizedKey = strtolower(trim(preg_replace('/[^a-z0-9]+/i', '_', (string)$key), '_'));
if ($normalizedKey !== '' && strpos($flatKey, $normalizedKey) !== false) {
$picked = profilePickFirstScalar($value);
if ($picked !== '') {
return $picked;
}
}
}
}
return '';
}
}
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'upload_avatar') {
try {
$avatarCol = null;
if (function_exists('tableHasColumn')) {
if (tableHasColumn('users', 'avatar_path')) $avatarCol = 'avatar_path';
elseif (tableHasColumn('users', 'profile_photo')) $avatarCol = 'profile_photo';
elseif (tableHasColumn('users', 'photo')) $avatarCol = 'photo';
elseif (tableHasColumn('users', 'picture')) $avatarCol = 'picture';
elseif (tableHasColumn('users', 'image_path')) $avatarCol = 'image_path';
}
$path = handleFileUpload('avatar', 'uploads/avatars/');
if ($avatarCol) {
$stmt = $pdo->prepare("UPDATE users SET $avatarCol = ? WHERE id = ?");
$stmt->execute([$path, $_SESSION['user_id']]);
}
$st = $pdo->prepare("SELECT id, form_data FROM client_forms WHERE client_id = ? ORDER BY updated_at DESC, created_at DESC LIMIT 1");
$st->execute([$_SESSION['user_id']]);
$row = $st->fetch(PDO::FETCH_ASSOC);
if ($row) {
$data = [];
if (!empty($row['form_data'])) {
$tmp = json_decode($row['form_data'], true);
if (is_array($tmp)) { $data = $tmp; }
}
$data['passport_photo_path'] = $path;
$pdo->prepare("UPDATE client_forms SET form_data = ?, updated_at = CURRENT_TIMESTAMP WHERE id = ?")->execute([json_encode($data), $row['id']]);
}
$_SESSION['user_avatar'] = $path;
$success = 'Profile picture updated.';
if (function_exists('logActivity')) {
logActivity($_SESSION['user_id'], 'PROFILE_PICTURE_UPDATE', 'User updated profile picture');
}
} catch (Exception $e) {
$error = $e->getMessage();
}
}
if ($_SERVER['REQUEST_METHOD'] === 'POST' && (isset($_POST['action']) && $_POST['action'] === 'update_profile')) {
$name = $_POST['name'] ?? '';
$email = $_POST['email'] ?? '';
$phone = trim((string)($_POST['phone'] ?? ''));
$address = trim((string)($_POST['address'] ?? ''));
$password = $_POST['password'] ?? '';
$query = "UPDATE users SET name = ?, email = ?";
$params = [$name, $email];
$phoneCol = null;
$addressCol = null;
if (function_exists('tableHasColumn')) {
foreach (['phone', 'phone_number', 'mobile', 'mobile_number', 'whatsapp_phone', 'telephone', 'tel'] as $candidate) {
if (tableHasColumn('users', $candidate)) {
$phoneCol = $candidate;
break;
}
}
foreach (['address', 'residential_address', 'home_address', 'contact_address', 'street_address', 'location'] as $candidate) {
if (tableHasColumn('users', $candidate)) {
$addressCol = $candidate;
break;
}
}
}
if ($phoneCol) {
$query .= ", {$phoneCol} = ?";
$params[] = $phone !== '' ? $phone : null;
}
if ($addressCol) {
$query .= ", {$addressCol} = ?";
$params[] = $address;
}
if (!empty($password)) {
$query .= ", password = ?";
$params[] = password_hash($password, PASSWORD_DEFAULT);
}
$query .= " WHERE id = ?";
$params[] = $_SESSION['user_id'];
try {
$stmt = $pdo->prepare($query);
if ($stmt->execute($params)) {
try {
$st = $pdo->prepare("SELECT id, form_data FROM client_forms WHERE client_id = ? ORDER BY updated_at DESC, created_at DESC LIMIT 1");
$st->execute([$_SESSION['user_id']]);
$row = $st->fetch(PDO::FETCH_ASSOC);
$formData = [];
if ($row && !empty($row['form_data'])) {
$decoded = json_decode($row['form_data'], true);
if (is_array($decoded)) {
$formData = $decoded;
}
}
$formData['phone'] = $phone;
$formData['address'] = $address;
if ($address !== '') {
$formData['residential_address'] = $address;
}
if ($row) {
$pdo->prepare("UPDATE client_forms SET form_data = ?, updated_at = CURRENT_TIMESTAMP WHERE id = ?")->execute([json_encode($formData), $row['id']]);
} else {
$pdo->prepare("INSERT INTO client_forms (client_id, form_data, created_at, updated_at) VALUES (?, ?, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP)")
->execute([$_SESSION['user_id'], json_encode($formData)]);
}
} catch (Exception $e) {}
$_SESSION['user_name'] = $name;
$_SESSION['user_email'] = $email;
$success = "Profile updated successfully!";
if (function_exists('logActivity')) {
logActivity($_SESSION['user_id'], 'PROFILE_UPDATE', "User updated profile");
}
} else {
$error = "Failed to update profile.";
}
} catch (PDOException $e) {
$error = "Database error: " . $e->getMessage();
}
}
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'upload_idcard') {
try {
$path = handleFileUpload('idcard', 'uploads/idcards/');
$st = $pdo->prepare("SELECT id, form_data FROM client_forms WHERE client_id = ? ORDER BY updated_at DESC, created_at DESC LIMIT 1");
$st->execute([$_SESSION['user_id']]);
$row = $st->fetch(PDO::FETCH_ASSOC);
if ($row) {
$data = [];
if (!empty($row['form_data'])) {
$tmp = json_decode($row['form_data'], true);
if (is_array($tmp)) { $data = $tmp; }
}
$data['id_card_path'] = $path;
$pdo->prepare("UPDATE client_forms SET form_data = ?, updated_at = CURRENT_TIMESTAMP WHERE id = ?")->execute([json_encode($data), $row['id']]);
} else {
try {
$pdo->prepare("INSERT INTO client_forms (client_id, form_data, created_at, updated_at) VALUES (?, ?, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP)")
->execute([$_SESSION['user_id'], json_encode(['id_card_path'=>$path])]);
} catch (Exception $e) {}
}
$success = 'ID document uploaded.';
if (function_exists('logActivity')) {
logActivity($_SESSION['user_id'], 'ID_UPLOAD', 'User uploaded ID card');
}
} catch (Exception $e) {
$error = $e->getMessage();
}
}
// Fetch current user data
$stmt = $pdo->prepare("SELECT * FROM users WHERE id = ?");
$stmt->execute([$_SESSION['user_id']]);
$user = $stmt->fetch();
$profileFormData = [];
$st = $pdo->prepare("SELECT form_data FROM client_forms WHERE client_id = ? ORDER BY updated_at DESC, created_at DESC LIMIT 1");
$st->execute([$_SESSION['user_id']]);
$row = $st->fetch(PDO::FETCH_ASSOC);
if ($row && !empty($row['form_data'])) {
$decoded = json_decode($row['form_data'], true);
if (is_array($decoded)) {
$profileFormData = $decoded;
}
}
$avatarUrl = function_exists('getClientAvatarUrl') ? getClientAvatarUrl($pdo, (int)$_SESSION['user_id']) : '';
$phoneValue = '';
$addressValue = '';
if ($user) {
$phoneValue = profilePickValue($user, ['phone', 'phone_number', 'mobile', 'mobile_number', 'whatsapp_phone', 'telephone', 'tel', 'contact_phone']);
$addressValue = profilePickValue($user, ['address', 'residential_address', 'home_address', 'contact_address', 'street_address', 'location']);
}
if ($phoneValue === '') {
$phoneValue = profilePickValue($profileFormData, ['phone', 'phone_number', 'mobile', 'mobile_number', 'whatsapp_phone', 'telephone', 'tel', 'contact_phone']);
}
if ($addressValue === '') {
$addressValue = profilePickValue($profileFormData, ['address', 'residential_address', 'home_address', 'contact_address', 'street_address', 'location']);
}
if (!empty($avatarUrl)) {
$_SESSION['user_avatar'] = $avatarUrl;
}
include 'includes/header.php';
?>
<div class="container-fluid px-4">
<h2 class="mt-4 text-navy">My Profile</h2>
<p class="text-muted">Manage your account settings and preferences.</p>
<?php if($success): ?>
<div class="alert alert-success alert-dismissible fade show" role="alert">
<i class="fa-solid fa-check-circle me-2"></i><?= $success ?>
<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
</div>
<?php endif; ?>
<?php if($error): ?>
<div class="alert alert-danger alert-dismissible fade show" role="alert">
<i class="fa-solid fa-exclamation-circle me-2"></i><?= $error ?>
<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
</div>
<?php endif; ?>
<div class="row">
<div class="col-lg-8">
<div class="card shadow-sm mb-4">
<div class="card-header bg-navy text-white">
<h5 class="mb-0"><i class="fa-solid fa-user-pen me-2"></i>Edit Profile</h5>
</div>
<div class="card-body">
<form method="POST">
<input type="hidden" name="action" value="update_profile">
<div class="row mb-3">
<div class="col-md-6">
<label class="form-label">Full Name</label>
<div class="input-group">
<span class="input-group-text"><i class="fa-solid fa-user"></i></span>
<input type="text" name="name" class="form-control" value="<?= htmlspecialchars($user['name']) ?>" required>
</div>
</div>
<div class="col-md-6">
<label class="form-label">Email Address</label>
<div class="input-group">
<span class="input-group-text"><i class="fa-solid fa-envelope"></i></span>
<input type="email" name="email" class="form-control" value="<?= htmlspecialchars($user['email']) ?>" required>
</div>
</div>
</div>
<div class="mb-3">
<label class="form-label">Phone Number</label>
<div class="input-group">
<span class="input-group-text"><i class="fa-solid fa-phone"></i></span>
<input type="text" name="phone" class="form-control" value="<?= htmlspecialchars($phoneValue) ?>">
</div>
</div>
<div class="mb-3">
<label class="form-label">Address</label>
<div class="input-group">
<span class="input-group-text"><i class="fa-solid fa-location-dot"></i></span>
<input type="text" name="address" class="form-control" value="<?= htmlspecialchars($addressValue) ?>">
</div>
</div>
<div class="mb-3">
<label class="form-label">New Password <span class="text-muted small">(Leave blank to keep current)</span></label>
<div class="input-group">
<span class="input-group-text"><i class="fa-solid fa-lock"></i></span>
<input type="password" name="password" class="form-control">
</div>
</div>
<div class="d-flex justify-content-end">
<button type="submit" class="btn btn-primary">
<i class="fa-solid fa-save me-2"></i>Update Profile
</button>
</div>
</form>
</div>
</div>
</div>
<div class="col-lg-4">
<div class="card shadow-sm mb-4">
<div class="card-header bg-success text-white">
<h5 class="mb-0"><i class="fa-solid fa-shield-alt me-2"></i>Account Info</h5>
</div>
<div class="card-body">
<div class="text-center mb-3">
<?php if (!empty($avatarUrl)): ?>
<img src="<?= htmlspecialchars($avatarUrl) ?>" alt="Profile" class="mx-auto mb-2" style="width: 96px; height: 96px; border-radius: 50%; object-fit: cover; border: 2px solid #e5e7eb;">
<?php else: ?>
<div class="avatar-circle bg-navy text-white mx-auto mb-2" style="width: 80px; height: 80px; line-height: 80px; font-size: 2rem; border-radius: 50%;">
<?= strtoupper(substr($user['name'], 0, 1)) ?>
</div>
<?php endif; ?>
<h5><?= htmlspecialchars($user['name']) ?></h5>
<span class="badge bg-secondary"><?= ucfirst($user['role']) ?></span>
</div>
<hr>
<p><strong><i class="fa-solid fa-calendar me-2"></i>Member Since:</strong><br>
<?= isset($user['created_at']) ? date('M d, Y', strtotime($user['created_at'])) : 'N/A' ?></p>
<p><strong><i class="fa-solid fa-clock me-2"></i>Last Login:</strong><br>
<?= isset($user['last_login']) ? date('M d, Y H:i A', strtotime($user['last_login'])) : 'Just now' ?></p>
<hr>
<div class="mb-2 fw-bold">Profile Picture</div>
<form method="POST" enctype="multipart/form-data">
<input type="hidden" name="action" value="upload_avatar">
<div class="input-group mb-2">
<input type="file" name="avatar" class="form-control" accept="image/*" required>
</div>
<button type="submit" class="btn btn-outline-primary btn-sm"><i class="fa-solid fa-upload me-1"></i>Upload</button>
<?php if (!empty($avatarUrl)): ?>
<a href="<?= htmlspecialchars($avatarUrl) ?>" target="_blank" class="btn btn-outline-secondary btn-sm ms-1">View</a>
<a href="<?= htmlspecialchars($avatarUrl) ?>" download class="btn btn-outline-secondary btn-sm ms-1">Download</a>
<?php endif; ?>
</form>
<hr>
<div class="mb-2 fw-bold">Identity Document (ID)</div>
<form method="POST" enctype="multipart/form-data">
<input type="hidden" name="action" value="upload_idcard">
<div class="input-group mb-2">
<input type="file" name="idcard" class="form-control" accept=".pdf,image/*" required>
</div>
<button type="submit" class="btn btn-outline-primary btn-sm"><i class="fa-solid fa-id-card me-1"></i>Upload ID</button>
</form>
</div>
</div>
</div>
</div>
</div>
<?php include 'includes/footer.php'; ?>