setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $userId = $_SESSION['user_id'] ?? null; if ($userId && $_SERVER['REQUEST_METHOD'] === 'POST') { // Define allowed fields to prevent unwanted updates $allowedFields = ['name', 'email', 'number', 'age', 'gender', 'location', 'ethnicity', 'language', 'connection', 'cancertype', 'stage', 'treatment', 'technologycomfort', 'similarities', 'interests']; foreach ($_POST as $key => $value) { if (in_array($key, $allowedFields)) { $stmt = $conn->prepare("UPDATE createaccount SET $key = :value WHERE id = :id"); $stmt->bindParam(':value', $value); $stmt->bindParam(':id', $userId, PDO::PARAM_INT); $stmt->execute(); } } } // Retrieve current user data $userData = []; if ($userId) { $stmt = $conn->prepare("SELECT * FROM createaccount WHERE id = :id"); $stmt->bindParam(':id', $userId, PDO::PARAM_INT); $stmt->execute(); $userData = $stmt->fetch(PDO::FETCH_ASSOC); } $conn = null; } catch(PDOException $e) { echo "Connection failed: " . $e->getMessage(); } ?> Preferences

your preferences

your gender

not very very