HEX
Server: nginx/1.24.0
System: Linux DGT-WORDPRESS-VM-SERVER 6.14.0-1014-azure #14~24.04.1-Ubuntu SMP Fri Oct 3 20:52:11 UTC 2025 x86_64
User: ubuntu (1000)
PHP: 8.4.12
Disabled: NONE
Upload Files
File: /mnt/data/dreamsrent-wp-demo/wp-content/plugins/dreamsrent-booking/templates/account/profile.php
<?php
if (!defined('ABSPATH')) {
    exit;
}   

if (in_array('woocommerce/woocommerce.php', apply_filters('active_plugins', get_option('active_plugins')))) { 
    $current_user_id = get_current_user_id();
    $user_data = get_userdata($current_user_id);
   
   $profile_picture_url = get_user_meta($current_user_id, 'profile_picture', true);
      '<input type="hidden" name="original_profile_picture" value="' . esc_attr($profile_picture_url) . '">';

    if (isset($_POST['update_profile_info'])) {

        $uploaded_file = wp_handle_upload($_FILES['profile_picture'], array('test_form' => false));

        if (!isset($uploaded_file['error'])) {
            $attachment_title = sanitize_file_name($_FILES['profile_picture']['name']);

            $attachment = array(
                'post_mime_type' => $_FILES['profile_picture']['type'],
                'post_title'     => $attachment_title,
                'post_content'   => '',
                'post_status'    => 'inherit'
            );

            $attachment_id = wp_insert_attachment($attachment, $uploaded_file['file']);

            if (!is_wp_error($attachment_id)) {
                $updated_profile_picture_url = wp_get_attachment_url($attachment_id);
                update_user_meta($current_user_id, 'profile_picture', $updated_profile_picture_url); ?>
                <div class="alert alert-success alert-dismissible fade show" role="alert">
  <strong><?php echo esc_html__('Success!', 'bookingcore'); ?></strong> <?php echo esc_html__('Profile picture updated successfully!', 'bookingcore'); ?>
  <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
</div>

              <?php } else { ?>

                <div class="alert alert-warning  alert-dismissible fade show" role="alert">
  <strong><?php echo esc_html__('Error updating profile picture:', 'bookingcore'); ?></strong> <?php echo esc_html($attachment_id->get_error_message()); ?>
  <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
</div>

             <?php }
        } else { }

        $first_name = sanitize_text_field($_POST['first_name']);
        $last_name = sanitize_text_field($_POST['last_name']);
        update_user_meta($current_user_id, 'first_name', $first_name);
        update_user_meta($current_user_id, 'last_name', $last_name);

        $email = sanitize_email($_POST['email']);
        wp_update_user(array('ID' => $current_user_id, 'user_email' => $email));

        $phone_number = sanitize_text_field($_POST['phone_number']);
        update_user_meta($current_user_id, 'phone_number', $phone_number);

        $updated_user_data = get_userdata($current_user_id); ?>
<div class="alert alert-success alert-dismissible fade show mt-5" role="alert">
  <strong><?php echo esc_html__('Success!', 'bookingcore'); ?></strong> <?php echo esc_html__('Profile information updated successfully!', 'bookingcore'); ?>
  <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
</div>
 <?php
        echo '<script>';
        echo 'document.getElementById("first_name").value = "' . esc_js($updated_user_data->first_name) . '";';
        echo 'document.getElementById("last_name").value = "' . esc_js($updated_user_data->last_name) . '";';
        echo 'document.getElementById("email").value = "' . esc_js($updated_user_data->user_email) . '";';
        echo 'document.getElementById("phone_number").value = "' . esc_js(get_user_meta($current_user_id, 'phone_number', true)) . '";';
        echo '</script>';
    }

    if (isset($_POST['update_password'])) {

        $current_password = $_POST['current_password'];
        $new_password = $_POST['new_password'];
        $confirm_new_password = $_POST['confirm_new_password'];

        if (wp_check_password($current_password, $user_data->user_pass, $current_user_id)) {
            if ($new_password === $confirm_new_password) {
                wp_set_password($new_password, $current_user_id); ?>
 
                  <div class="alert alert-success alert-dismissible fade show mt-5" role="alert">
  <strong><?php echo esc_html__('Success!', 'bookingcore'); ?></strong> <?php echo esc_html__('Password updated successfully updated successfully!', 'bookingcore'); ?>
  <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
</div>

         <?php } else { ?>
                  <p><?php echo esc_html__('.', 'bookingcore'); ?></p>

                     <div class="alert alert-danger alert-dismissible fade show mt-5" role="alert">
  <strong><?php echo esc_html__('Fail!', 'bookingcore'); ?></strong> <?php echo esc_html__('New password and confirm new password do not match', 'bookingcore'); ?>
  <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
</div>

                <?php
                return;
            }
        } else { ?>
        <p><?php echo esc_html__('Current password is incorrect.', 'bookingcore'); ?></p>
        <?php
            return;
        }
    }
    ?>
 <!-- Page Content -->
 <div class="content">
			 

				<!-- Content Header -->
				<div class="content-header content-settings-header">
                <h4><?php echo esc_html__('Settings', 'bookingcore'); ?></h4>
				</div>
				<!-- /Content Header -->

				<div class="row">
				
			 
					<!-- Settings Details -->
					<div class="col-lg-12">
						<div class="settings-info">
							<div class="settings-sub-heading">
								<h4><?php echo esc_html__('Profile', 'bookingcore'); ?></h4>
							</div>

 
							<form action="#" action="" method="post" enctype="multipart/form-data">

								<!-- Basic Info -->
								<div class="profile-info-grid">
									<div class="profile-info-header">
										<h5><?php echo esc_html__('Basic Information', 'bookingcore'); ?></h5>
										<p><?php echo esc_html__('Information about user', 'bookingcore'); ?></p>
									</div>
									<div class="profile-inner">
										<div class="profile-info-pic">
											<div class="profile-info-img">
                                                 <?php 
                                                
                                                 if ($profile_picture_url) {
                                                     $updated_profile_picture_url = esc_url(add_query_arg('timestamp', time(), $profile_picture_url)); ?>
                                                    <img src=" <?php echo esc_html($updated_profile_picture_url); ?>" alt="Profile Image">
                                             
                                                     <?php
                                                  }
                                                  ?>
												 
											</div>
											<div class="profile-info-content">
												<h6><?php echo esc_html__('Profile picture', 'bookingcore'); ?></h6>
												<p><?php echo esc_html__('PNG, JPEG under 15 MB', 'bookingcore'); ?></p>
                                                    <input type="file" name="profile_picture" id="profile_picture">
											</div>
										</div>
										<div class="row">
											<div class="col-md-6">
												<div class="profile-form-group">
													<label><?php echo esc_html__('First Name', 'bookingcore'); ?> <span class="text-danger">*</span></label>
                                                     <input type="text" class="form-control" name="first_name" id="first_name" value="<?php echo esc_attr($user_data->first_name); ?>" placeholder="<?php echo esc_html__('Enter First Name', 'bookingcore'); ?>" required="">
												</div>
											</div>
											<div class="col-md-6">
												<div class="profile-form-group">
													<label><?php echo esc_html__('Last Name', 'bookingcore'); ?> <span class="text-danger">*</span></label>
 
                                                    <input type="text" class="form-control" name="last_name" id="last_name" value="<?php echo esc_attr($user_data->last_name); ?>" placeholder="<?php echo esc_html__('Enter Last Name', 'bookingcore'); ?>" required="">
												</div>
											</div>
											<div class="col-md-6">
												<div class="profile-form-group">
													<label><?php echo esc_html__('Email', 'bookingcore'); ?>  <span class="text-danger">*</span></label>
                                                     <input type="text" class="form-control" name="email" id="email" value="<?php echo esc_attr($user_data->user_email); ?>" placeholder="<?php echo esc_html__('Enter User Email', 'bookingcore'); ?>" required="">

												</div>
											</div>
											<div class="col-md-6">
												<div class="profile-form-group">
													<label><?php echo esc_html__('Phone Number', 'bookingcore'); ?> <span class="text-danger">*</span></label>
          <input type="text" name="phone_number" class="form-control" id="phone_number" value="<?php echo esc_attr(get_user_meta($current_user_id, 'phone_number', true)); ?>" placeholder="+ 1 65656565656" inputmode="numeric" maxlength="15" oninput="this.value = this.value.replace(/[^0-9]/g, '');" required="">

												</div>
											</div>

                                           
										 
										</div>

                                        
									</div>
								</div>
								<!-- /Basic Info -->

                                 <!-- Profile Submit -->
								<div class="profile-submit-btn mb-3">
									<button type="submit" class="btn btn-secondary"><?php echo esc_html__('Cancel', 'bookingcore'); ?></button>
                                     <button type="submit" class="btn btn-primary " name="update_profile_info" ><?php echo esc_html__('Save Changes', 'bookingcore'); ?></button>
								</div>
								<!-- /Profile Submit -->
                            </form>
  <form action="" method="post" onsubmit="return validatePasswordForm();">
								<!-- Address Info -->
								<div class="profile-info-grid">
									<div class="profile-info-header">
										<h5><?php echo esc_html__('Change Password', 'bookingcore'); ?></h5>
										<p><?php echo esc_html__('Change your current password', 'bookingcore'); ?></p>
									</div>
									<div class="profile-inner">
                                  
										<div class="row">
											 
											<div class="col-md-6">
												<div class="profile-form-group">
													<label><?php echo esc_html__('Current Password', 'bookingcore'); ?> <span class="text-danger">*</span></label>
                                                     <input type="password" class="form-control" placeholder="<?php echo esc_html__('Enter Current Password', 'bookingcore'); ?>" name="current_password" required>

          

												</div>
											</div>
											<div class="col-md-6">
												<div class="profile-form-group">
													<label><?php echo esc_html__('New Password', 'bookingcore'); ?> <span class="text-danger">*</span></label>
 
         <input type="password" class="form-control"  name="new_password" placeholder="<?php echo esc_html__('Enter New Password', 'bookingcore'); ?>" id="new_password" oninput="validatePasswordMatch();" required>

												</div>
											</div>
											<div class="col-md-12">
												<div class="profile-form-group">
													<label><?php echo esc_html__('Confirm New Password', 'bookingcore'); ?> <span class="text-danger">*</span></label>
 
                                                    <input type="password" class="form-control" name="confirm_new_password" id="confirm_new_password" placeholder="<?php echo esc_html__('Enter Confirm New Password', 'bookingcore'); ?>" oninput="validatePasswordMatch();" required>


												</div>
											</div>
										 
										</div>
 									</div>
								</div>
								<!-- /Address Info -->
                                <span id="passwordMatchMessage"></span>  
								<!-- Profile Submit -->
								<div class="profile-submit-btn">
                         

									<button type="submit" class="btn btn-secondary"><?php echo esc_html__('Cancel', 'bookingcore'); ?></button>
									<button type="submit" name="update_password"  class="btn btn-primary"><?php echo esc_html__('Save Password', 'bookingcore'); ?></button>
								</div>
								<!-- /Profile Submit -->

							</form>
						</div>
					</div>
					<!-- /Settings Details -->

				</div>

			 		
		</div>
		<!-- /Page Content -->
    <script>
        function validatePasswordMatch() {
            var newPassword = document.getElementById('new_password').value;
            var confirmNewPassword = document.getElementById('confirm_new_password').value;
            var passwordMatchMessage = document.getElementById('passwordMatchMessage');

            if (newPassword !== confirmNewPassword) {
                passwordMatchMessage.innerHTML = ' <div class="alert alert-danger" role="alert">New password and confirm new password do not match.</div>';
            } else {
                passwordMatchMessage.innerHTML = '';
            }
        }

        function validatePasswordForm() {
            var newPassword = document.getElementById('new_password').value;
            var confirmNewPassword = document.getElementById('confirm_new_password').value;
            var passwordMatchMessage = document.getElementById('passwordMatchMessage');

            if (newPassword !== confirmNewPassword) {
                passwordMatchMessage.innerHTML = ' <div class="alert alert-danger" role="alert">New password and confirm new password do not match.</div>';
                return false;
            } else {
                passwordMatchMessage.innerHTML = '';
                return true;
            }
        }
    </script>
    <?php
}