-
Notifications
You must be signed in to change notification settings - Fork 1
/
profile.php
82 lines (72 loc) · 3.35 KB
/
profile.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
<link type="text/css" rel="stylesheet" href="css/home.css" />
<?php
include_once 'includes/header.php';
?>
<head>
<title>
Profile
</title>
</head>
<div id="container">
<?php
if(isset($_SESSION['student_id'])){
$query = "SELECT * FROM `student` WHERE `r_no`='".mysql_real_escape_string($_SESSION['student_id'])."'";
$query_run = mysql_query($query);
$user_row = mysql_fetch_assoc($query_run);
$s_name = $user_row['s_name'];
echo "<br /><center>Welcome {$s_name} !!! </center><br />";
echo "<center>
<ul>
<li><a href=\"user_profile.php\">View profile</a></li>
<li><a href=\"edit_profile.php\">Edit profile</a></li>
<li><a href=\"change_password.php\">Change Password</a></li>
</ul>
</center>";
}
elseif(!(isset($_SESSION['t_id'])) && !(isset($_SESSION['student_id'])) && !(isset($_SESSION['admin']))){
$query_num_rows = 0;
if(isset($_POST['r_no']))
{
$r_no = $_POST['r_no'];
if(!empty($r_no))
{
$query = "SELECT * FROM `student` WHERE `r_no`='".mysql_real_escape_string($r_no)."'";
if($query_run = mysql_query($query))
{
$query_num_rows = mysql_num_rows($query_run);
$user_row = mysql_fetch_assoc($query_run);
if($query_num_rows == 0 || $user_row['confirm'] == 0)
echo '<br /><center><span style="color:red;">*Invalid roll no.</span></center>';
else if($query_num_rows == 1)
{
$r_no = $user_row['r_no'];
$s_name = $user_row['s_name'];
$dept = $user_row['dept'];
$sem = $user_row['sem'];
$email = $user_row['email'];
echo '<br /><center>Roll no: '.$r_no.'<br />
Name: '.$s_name.'<br />
Department: '.$dept.'<br />
Semester: '.$sem.'<br />
Email: '.$email.'<br />
</center>';
}
}
}
else
echo '<br /><center><span style="color:red;">*You must enter a roll number.</span></center>';
}
if($query_num_rows == 0 || $user_row['confirm'] == 0){
echo '<br /><center><form action="'.htmlspecialchars($current_file) .'" method="post">
Roll no<span style="margin-left:17px">:<input type="text" name="r_no" />
<input type="submit" value="View Profile"></input>
</form>
</center>';
}
}
else{
header('Location: index.php');
}
?>
</div>
<?php include_once 'includes/footer.php' ?>