prepare("SELECT * FROM users WHERE id = ?");
$stmt->execute([$user['id']]);
$userData = $stmt->fetch();
$success = '';
$error = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$real_name = $_POST['real_name'] ?? '';
$id_number = $_POST['id_number'] ?? '';
// Handle uploads
$uploadDir = 'uploads/kyc/';
if (!is_dir($uploadDir)) mkdir($uploadDir, 0777, true);
$front = $userData['kyc_photo_front'];
$back = $userData['kyc_photo_back'];
$handheld = $userData['kyc_photo_handheld'];
if (isset($_FILES['photo_front']) && $_FILES['photo_front']['error'] === 0) {
$ext = pathinfo($_FILES['photo_front']['name'], PATHINFO_EXTENSION);
$front = $uploadDir . $user['id'] . '_front_' . time() . '.' . $ext;
move_uploaded_file($_FILES['photo_front']['tmp_name'], $front);
}
if (isset($_FILES['photo_back']) && $_FILES['photo_back']['error'] === 0) {
$ext = pathinfo($_FILES['photo_back']['name'], PATHINFO_EXTENSION);
$back = $uploadDir . $user['id'] . '_back_' . time() . '.' . $ext;
move_uploaded_file($_FILES['photo_back']['tmp_name'], $back);
}
if (isset($_FILES['photo_handheld']) && $_FILES['photo_handheld']['error'] === 0) {
$ext = pathinfo($_FILES['photo_handheld']['name'], PATHINFO_EXTENSION);
$handheld = $uploadDir . $user['id'] . '_handheld_' . time() . '.' . $ext;
move_uploaded_file($_FILES['photo_handheld']['tmp_name'], $handheld);
}
if (empty($real_name) || empty($id_number)) {
$error = __("fill_all_fields");
} else {
$stmt = db()->prepare("UPDATE users SET kyc_name = ?, kyc_id_number = ?, kyc_photo_front = ?, kyc_photo_back = ?, kyc_photo_handheld = ?, kyc_status = 1 WHERE id = ?");
$stmt->execute([$real_name, $id_number, $front, $back, $handheld, $user['id']]);
$success = __("kyc_submitted");
// Refresh user data
$userData['kyc_status'] = 1;
}
}
$kycStatus = $userData['kyc_status'] ?? 0;
?>