kITa-Lost-and-Found-System/update_profile.php at main · joshuaxpenuela/kITa-Lost-and-Found-System · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
<?php
header("Content-Type: application/json; charset=UTF-8");
// Database connection details
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "lost_found_db";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);

// Check connection
if ($conn->connect_error) {
    $response = array("status" => "error", "message" => "Connection failed: " . $conn->connect_error);
    echo json_encode($response);
    exit();
}

// Capture data from the Android app's POST request
$id = isset($_POST['id']) ? $_POST['id'] : null;
$firstName = isset($_POST['firstName']) ? $_POST['firstName'] : null;
$lastName = isset($_POST['lastName']) ? $_POST['lastName'] : null;
$email = isset($_POST['email']) ? $_POST['email'] : null;
$contactNo = isset($_POST['contactNo']) ? $_POST['contactNo'] : null;
$department = isset($_POST['department']) ? $_POST['department'] : null;

// Check if required parameters are present
if ($id === null || $firstName === null || $lastName === null || $email === null || $contactNo === null || $department === null) {
    $response = array("status" => "error", "message" => "Missing required parameters.");
    echo json_encode($response);
    exit();
}

// Check if contact number exists for other users
$checkContactSql = "SELECT email FROM users WHERE contactNo = ? AND email != ?";
$checkStmt = $conn->prepare($checkContactSql);
$checkStmt->bind_param("ss", $contactNo, $email);
$checkStmt->execute();
$result = $checkStmt->get_result();

if ($result->num_rows > 0) {
    $response = array("status" => "error", "message" => "Contact number already exists");
    echo json_encode($response);
    $checkStmt->close();
    $conn->close();
    exit();
}
$checkStmt->close();

// SQL query to update the user's profile based on the email
$sql = "UPDATE users SET Fname = ?, Lname = ?, contactNo = ?, dept = ? WHERE email = ?";

// Prepare and bind the statement
$stmt = $conn->prepare($sql);
if ($stmt === false) {
    $response = array("status" => "error", "message" => "Prepare failed: " . $conn->error);
    echo json_encode($response);
    exit();
}

$stmt->bind_param("sssss", $firstName, $lastName, $contactNo, $department, $email);

// Execute the statement and check if it was successful
if ($stmt->execute()) {
    $response = array("status" => "success", "message" => "Profile updated successfully.");
} else {
    $response = array("status" => "error", "message" => "Failed to update profile: " . $stmt->error);
}

// Close the statement and connection
$stmt->close();
$conn->close();

// Return the response in JSON format
echo json_encode($response);
?>