Index of /app/eatall/pdf/SYS_CONFIG/riotsymlinkphp/prof_txt6682

<?php
require_once "include/config.php";

$username = htmlspecialchars($connection->real_escape_string($_POST['username']));
$phone = htmlspecialchars($connection->real_escape_string($_POST['phone']));

$response = array();

if (!empty($username) && !empty($phone)) {
	
	$lastProfilePic = $connection->query("SELECT * FROM users WHERE phone = '$phone' AND username = '$username'")
		->fetch_assoc();
	
	$lastProfilePic = $lastProfilePic['profile_pic'];
	
	$file_or_name = $_FILES['profile_pic']['name'];
	$kaboom = explode(".", $file_or_name);
	$ext = end($kaboom);
	$time = time();
	$random = (rand(10, 1000000));
	$new_image_name = $random . $time . "." . $ext;
	
	move_uploaded_file($_FILES['profile_pic']["tmp_name"], "../img/$new_image_name");
	
	$sql = "UPDATE users SET profile_pic = '$new_image_name' WHERE phone = '$phone' AND username = '$username'";
	$query = $connection->query($sql);
	
	if ($query === true) {
		unlink("../img/$lastProfilePic");
		$response = array(
			'status' => 1,
			'msg' => "Updated Successfully.",
			'file' => $new_image_name,
		);
	} else {
		$response = array(
			'status' => 2,
			'msg' => "unexpected error"
		);
	}
} else {
	$response = array(
		'status' => 0,
		'msg' => "empty fields."
	);
}
echo json_encode($response);