⊗ppPmAuAc 428 of 447 menu

Personal Account in PHP

A personal account is understood as a place where a user can edit their profile data. Let's create a page account.php. Upon visiting this page, the user will see a form for editing their profile data (except for login and password; these should be handled in a special way).

Note that we do not pass the user's id as a GET parameter - we will make it so that each user on the page account.php sees the data of their own profile, not someone else's.

To do this, when authorizing the user, we must write the user's id into the session, like this:

<?php if (password_verify($_POST['password'], $hash)) { $_SESSION['auth'] = true; $_SESSION['id'] = $user['id']; } ?>

Then, upon visiting the page account.php, we will perform a SELECT query that will fetch the user from the database with the id from the session:

<?php $id = $_SESSION['id']; $query = "SELECT * FROM users WHERE id='$id'"; $res = mysqli_query($link, $query); $user = mysqli_fetch_assoc($res); ?>

We should display the user's data in the form for editing. Let's say, for example, these are the user's first and last name:

<form action="" method="POST"> <input name="name" value="<?= $user['name'] ?>"> <input name="surname" value="<?= $user['surname'] ?>"> <input type="submit" name="submit"> </form>

After clicking the form submit button, we should execute a query to update the user:

<?php if (!empty($_POST['submit'])) { $name = $_POST['name']; $surname = $_POST['surname']; $query = "UPDATE users SET name='$name', surname='$surname' WHERE id=$id"; mysqli_query($link, $query); } ?>

Implement the described personal account.

byenru