06fbd764 |
<?php
/**
* Copyright (C) 2021 Double Bastion LLC
*
* This file is part of Roundpin, which is licensed under the
* GNU Affero General Public License Version 3.0. The license terms
* are detailed in the "LICENSE.txt" file located in the root directory.
*/
session_start();
if (isset($_POST['s_ajax_call']) && ($_POST['s_ajax_call'] == $_SESSION['validate_s_access'])) {
define('ACCESSCONST', TRUE);
require('db-connect.php');
$username = $_POST['username'];
$contactName = $_POST['contact_name'];
$profilePicture = $_POST['profile_picture_c'];
// Get the id of the user for which we want to insert the contact data
$query1 = $mysqli->query("SELECT id, username, enabled FROM app_users WHERE BINARY username = '$username' AND enabled = 1");
$queryres = $query1->fetch_array();
$userID = $queryres[0];
// Update the contact profile picture
$query2 = $mysqli->prepare("UPDATE contacts SET profile_picture_c=? WHERE user_id=? AND contact_name=?");
$query2->bind_param("sis", $profilePicture, $userID, $contactName);
if ($query2->execute()) { $messagetosend = 'success'; } else { $messagetosend = 'failure'; }
$response = array('result' => $messagetosend);
echo json_encode($response);
} else {
header("Location: roundpin-login.php");
}
?>
|