Ontzettend groot script voor heel weinig input.

Die velden met de waardes uit je database kan je toch oproepen uit je array?
Je hebt dus al de gegevens met zoals het was, en zoals het wordt.

Nog een puntje:
Waarom gebruik je mysqli_fetch_all()? Verwacht je soms dat ene gebruiker meer records heeft?
Enkel mysqli_fetch_assoc() om de data uit de database te halen is al voldoende. Die foreach() is echt onnodig.

En dan missen we ook nog een heel stel "htmlspecialchars()" op alle variabelen die je in de html echo't.

Als iemand zijn naam aanpast naar iets met een " erin, gaat je
<input type='hidden' name='Nickname' value='".$_POST['Nickname']."'>

stuk.

en als hij er iets van maakt als:
ik heet"><script>alert('evil');</script>

Dan geeft dat rare of vervelende effecten

Heb er nu dit van gemaakt.

<?php
	/* profile page */
	if($_GET['menu'] == 'profile' && $_GET['action'] == 'edit') {
		
		/* Profile Edit */
		
		$sql = "SELECT * FROM Girls WHERE ID = ".$_SESSION['ID']."";
		$results = mysqli_query($connect, $sql);
		$change = mysqli_fetch_all($results, MYSQLI_ASSOC);
				
			echo "<div class='edit'>
					<form id='edit' action='index.php?menu=profile&action=adjust' method='POST'>";
			
			foreach($change as $edit) {
				echo "<div class='tooltip' id='info3'>
						<img id='imginfo' src='./img/page/info.png'>
						<span class='tooltiptext'>Edit / Change your Nickname here, this is visable on the profile</span>
					</div>
					<div id='info2'>Nickname : </div>
					<div id='info'>
						<input type='text' name='Nickname' placeholder='".$edit['Nickname']."'>
					</div>
					<div class='tooltip' id='info3'>
						<img id='imginfo' src='./img/page/info.png'>
						<span class='tooltiptext'>Edit / Change your work number if needed, this is visable on your profile</span>
					</div>
					<div id='info2'>Work Number : </div>
					<div id='info'>
						<input type='number' name='Wphone' placeholder='+".$edit['Wphone']."'>
					</div>
					<div class='tooltip' id='info3'>
						<img id='imginfo' src='./img/page/info.png'>
						<span class='tooltiptext'>Edit / Change the 'In Case of Emergency' name if needed</span>
					</div>
					<div id='info2'>ICE Name 1 : </div>
					<div id='info'>
						<input type='text' name='ICEName1' placeholder='".$edit['ICEName1']."'>
					</div>
					<div class='tooltip' id='info3'>
						<img id='imginfo' src='./img/page/info.png'>
						<span class='tooltiptext'>Edit / Change the 'In Case of Emergency' number if needed</span>
					</div>
					<div id='info2'>ICE Number 1 : </div>
					<div id='info'>
						<input type='number' name='ICePhone1' placeholder='+".$edit['ICePhone1']."'>
					</div>
					<div class='tooltip' id='info3'>
						<img id='imginfo' src='./img/page/info.png'>
						<span class='tooltiptext'>Edit / Change the 'In Case of Emergency' second name if needed</span>
					</div>
					<div id='info2'>ICE Name 2 : </div>
					<div id='info'>
						<input type='text' name='ICEName2' placeholder='".$edit['ICEName2']."'>
					</div>
					<div class='tooltip' id='info3'>
						<img id='imginfo' src='./img/page/info.png'>
						<span class='tooltiptext'>Edit / Change the second 'In Case of Emergency' number if needed</span>
					</div>
					<div id='info2'>ICE Number 2 : </div>
					<div id='info'>
						<input type='number' name='ICEPhone2' placeholder='+".$edit['ICEPhone2']."'>
					</div>
					<div class='tooltip' id='info3'>
						<img id='imginfo' src='./img/page/info.png'>
						<span class='tooltiptext'>Edit or change your email address</span>
					</div>
					<div id='info2'>Email : </div>
					<div id='info'>
						<input type='email' name='Address' placeholder='".$edit['Address']."'>
					</div>";
			}
			echo "	<input type='submit' name='submit'>
					</form>
				</div>";
			foreach($change as $nonedit) {
				
				$fname = $nonedit['Fname'];
				$lname = $nonedit['Lname'];
				$idcard = $nonedit['IDcard'];
				$bday = $nonedit['Birthday'];
				$private = $nonedit['Pphone'];
				$region = $nonedit['Nationality'];
				
			echo "<div class='reminder'>Can not be changed only by admin (<a href='mailto:[email protected]'>Send mail</a>)</div>
				<div class='nonedit'>
					<div id='nonedit'>First name : ".$fname."</div>
					<div id='nonedit'>Last name : ".$lname."</div>
					<div id='nonedit'>ID Card : ".$idcard."</div>
					<div id='nonedit'>Birthday : ".$bday."</div>
					<div id='nonedit'>Private Number : +".$private."</div>
					<div id='nonedit'>Nationality : ".$region."</div>
				</div>";
			}
			
	}elseif($_GET['menu'] == 'profile' && $_GET['action'] == 'adjust') {
		
		$sql = "SELECT * FROM Girls WHERE ID = ".$_SESSION['ID']."";
		$result = mysqli_query($connect, $sql);
		$profile = mysqli_fetch_all($result, MYSQLI_ASSOC);
			/* changes */
			
			$nick = $_POST['Nickname'];
			$wp = $_POST['Wphone'];
			$icen1 = $_POST['ICEName1'];
			$icep1 = $_POST['ICePhone1'];
			$icen2 = $_POST['ICEName2'];
			$icep2 = $_POST['ICEPhone2'];
			$addr = $_POST['Address'];			
		
		foreach($profile as $profileid) {
			/* in dbase */
		
			$wname = $profileid['Nickname'];
			$wphone = $profileid['Wphone'];
			$icename1 = $profileid['ICEName1'];
			$icephone1 = $profileid['ICePhone1'];
			$icename2 = $profileid['ICEName2'];
			$icephone2 = $profileid['ICEPhone2'];
			$eaddr = $profileid['Address'];
			
		}
		$database = array("Nickname"=>$wname, "Wphone"=>$wphone, "ICEName1"=>$icename1, "ICePhone1"=>$icephone1, "ICEName2"=>$icename2, "ICEPhone2"=>$icephone2, "Address"=>$eaddr);
		$changes = array("Nickname"=>$nick, "Wphone"=>$wp, "ICEName1"=>$icen1, "ICePhone1"=>$icep1, "ICEName2"=>$icen2, "ICEPhone2"=>$icep2, "Address"=>$addr);
		$diff = array_diff_assoc($changes, $database);
		
		echo "<form id='changes' action='index.php?menu=profile&action=edityes' method='POST'>";

			foreach($diff as $row) {
				if($row == $nick) {
					if(!empty($nick)) {
						echo "You changed Nickname to : ".$row.". Was before : ".$wname."<br />
						<input type='hidden' name='Nickname' value='".$row."'>";
					}
				}
				if($row == $wp) {
					if(!empty($wp)) {
						echo "You changed Work number to : ".$row.". Was before : ".$wphone."<br />
						<input type='hidden' name='Wphone' value='".$row."'>";
					}
				}
				if($row == $icen1) {
					if(!empty($icen1)) {
						echo "You changed ICE Name 1 to : ".$row.". Was before : ".$icename1."<br />
						<input type='hidden' name='ICEName1' value='".$row."'>";
					}
				}
				if($row == $icep1) {
					if(!empty($icep1)) {
						echo "You changed ICE number 1 to : ".$row.". Was before : ".$icephone1."<br />
						<input type='hidden' name='ICePhone' value='".$row."'>";
					}
				}
				if($row == $icen2) {
					if(!empty($icen2)) {
						$icename2 = 'Never set';
						echo "You changed ICE Name 2 to : ".$row.". Was before : ".$icename2."<br />
						<input type='hidden' name='ICEName2' value='".$row."'>";
					}
				}
				if($row == $icep2) {
					if(!empty($icep2)) {
						$icephone2 = 'Never set';
						echo "You changed ICE number 2 to : ".$row.". Was before : ".$icephone2."<br />
						<input type='hidden' name='ICEPhone2' value='".$row."'>";
					}
				}
				if($row == $addr) {
					if(!empty($addr)) {
						echo "You changed ICE number 2 to : ".$row.". Was before : ".$eaddr."<br />
						<input type='hidden' name='Address' value='".$row."'>";
					}
				}
			}
			echo "If this information is correct, click <input type='submit' name='submit'> to confirm.<br />
				click <b><font color='#880000'><a href='index.php?menu=profile'>here</a></font></b> to cancel";
			echo "</form>";
			
	}elseif($_GET['menu'] == 'profile' && $_GET['action'] == 'edityes') {
		
		if(!empty($_POST['Nickname'])) {
			$query = 'UPDATE Girls SET Nickname="'.$_POST['Nickname'].'" WHERE ID="'.$_SESSION['ID'].'"';
			$result = mysqli_query($connect, $query);
		} else {echo "No changes";}
		if(!empty($_POST['Wphone'])) {
			$query = 'UPDATE Girls SET Wphone="'.$_POST['Wphone'].'" WHERE ID="'.$_SESSION['ID'].'"';
			$result = mysqli_query($connect, $query);
		} else {echo "No changes";}
		if(!empty($_POST['ICEName1'])) {
			$query = 'UPDATE Girls SET ICEName1="'.$_POST['ICEName1'].'" WHERE ID="'.$_SESSION['ID'].'"';
			$result = mysqli_query($connect, $query);
		} else {echo "No changes";}
		if(!empty($_POST['ICePhone1'])) {
			$query = 'UPDATE Girls SET ICePhone1="'.$_POST['ICePhone1'].'" WHERE ID="'.$_SESSION['ID'].'"';
			$result = mysqli_query($connect, $query);
		} else {echo "No changes";}
		if(!empty($_POST['ICEName2'])) {
			$query = 'UPDATE Girls SET ICEName2="'.$_POST['ICEName2'].'" WHERE ID="'.$_SESSION['ID'].'"';
			$result = mysqli_query($connect, $query);
		} else {echo "No changes";}
		if(!empty($_POST['ICEPhone2'])) {
			$query = 'UPDATE Girls SET ICEPhone2="'.$_POST['ICEPhone2'].'" WHERE ID="'.$_SESSION['ID'].'"';
			$result = mysqli_query($connect, $query);
		} else {echo "No changes";}
		if(!empty($_POST['Address'])) {
			$query = 'UPDATE Girls SET Address="'.$_POST['Address'].'" WHERE ID="'.$_SESSION['ID'].'"';
			$result = mysqli_query($connect, $query);
		} else {echo "No changes";}
			
		if(!empty($_POST['Nickname'])) {
			echo "Nickname is changed to ".$_POST['Nickname']."<br />";
		} else {echo "No changes";}
		if(!empty($_POST['Wphone'])) {
			echo "Work number is changed to +".$_POST['Wphone']."<br />";
		} else {echo "No changes";}
		if(!empty($_POST['ICEName1'])) {
			echo "ICE name 1 is changed to ".$_POST['ICEName1']."<br />";
		} else {echo "No changes";}
		if(!empty($_POST['ICePhone1'])) {
			echo "ICE number 1 is changed to +".$_POST['ICePhone1']."<br />";
		} else {echo "No changes";}
		if(!empty($_POST['ICEName2'])) {
			echo "ICE name 2 is changed to ".$_POST['ICEName2']."<br />";
		} else {echo "No changes";}
		if(!empty($_POST['ICEPhone2'])) {
			echo "ICE number 2 is changed to +".$_POST['ICEPhone2']."<br />";
		} else {echo "No changes";}
		if(!empty($_POST['Address'])) {
			echo "Email address is changed to".$_POST['Address']."<br />";
		} else {echo "No changes";}
		sleep(2);
		echo "Click <b><font color='#008800'><a href='index.php?menu=profile'>here</a></font></b> to go back";
		
	}else{

	/* Profile View*/
	
		echo "<div class='welcome'>".$_SESSION['Nickname']."</div>";
		
		$sql = "SELECT * FROM Girls WHERE ID = ".$_SESSION['ID']."";
		$result = mysqli_query($connect, $sql);
		$profile = mysqli_fetch_all($result, MYSQLI_ASSOC);
			
			echo "<div class='profile-grid'>";
			
				foreach($profile as $profileid) {

					$TDate = date('Y-m-d');
					$diff = date_diff(date_create($profileid['Birthday']), date_create($TDate));
					$age = $diff->format('%y');
					
				echo "<div class='profile-item' id='vissable'>Work name : ".$profileid['Nickname']."</div>";
				echo "<div class='profile-item' id='unvissable'>First name : ".$profileid['Fname']."</div>";
				echo "<div class='profile-item' id='unvissable'>IDcard : ".$profileid['IDcard']."</div>";
				if(empty($profileid['ICEName2'])){
						echo "<div class='profile-item' id='unvissable'>ICE Name 2 : Not set</div>";
					}else{
						echo "<div class='profile-item' id='unvissable'>ICE Name 2 : ".$profileid['ICEName2']."</div>";
					}
				echo "<div class='profile-item' id='vissable'>Age : ".$age."</div>";
				echo "<div class='profile-item' id='unvissable'>Last Name : ".$profileid['Lname']."</div>";
				echo "<div class='profile-item' id='unvissable'>ICE Name 1 : ".$profileid['ICEName1']."</div>";
				if(empty($profileid['ICEPhone2'])){
						echo "<div class='profile-item' id='unvissable'>ICE Number 2 : Not set</div>";
					}else{
						echo "<div class='profile-item' id='unvissable'>ICE Number 2 : +".$profileid['ICEPhone2']."</div>";
					}
				echo "<div class='profile-item' id='vissable'>Work Number : +".$profileid['Wphone']."</div>";
				echo "<div class='profile-item' id='unvissable'>Birthday : ".$profileid['Birthday']."</div>";
				echo "<div class='profile-item' id='unvissable'>ICE Number 1 : +".$profileid['ICePhone1']."</div>";
				echo "<div class='profile-item' id='unvissable'>Email Address : ".$profileid['Address']."</div>";
				echo "<div class='profile-item' id='vissable'>Nationality : ".$profileid['Nationality']."</div>";
				echo "<div class='profile-item' id='unvissable'>Private Number : +".$profileid['Pphone']."</div>";
				}
			echo "</div>
					<div class='legendas-grid'>
						<div class='legendas' id='vissable'>This color means, visable on you profile page</div>
						<div class='legendas' id='unvissable'>This color means, not visable on you profile page</div>
					</div>
					<div class='legendas-grid2'>
						<div id='item-menu2'><a href='index.php?menu=profile&action=edit'>Update your information</a></div>
					</div>";
	}
?>

echter 1 ding kan ik niet aanpassen en dat is dit gedeelte

<?php
}elseif($_GET['menu'] == 'profile' && $_GET['action'] == 'edityes') {
		
		if(!empty($_POST['Nickname'])) {
			$query = 'UPDATE Girls SET Nickname="'.$_POST['Nickname'].'" WHERE ID="'.$_SESSION['ID'].'"';
			$result = mysqli_query($connect, $query);
		} else {echo "No changes";}
		if(!empty($_POST['Wphone'])) {
			$query = 'UPDATE Girls SET Wphone="'.$_POST['Wphone'].'" WHERE ID="'.$_SESSION['ID'].'"';
			$result = mysqli_query($connect, $query);
		} else {echo "No changes";}
		if(!empty($_POST['ICEName1'])) {
			$query = 'UPDATE Girls SET ICEName1="'.$_POST['ICEName1'].'" WHERE ID="'.$_SESSION['ID'].'"';
			$result = mysqli_query($connect, $query);
		} else {echo "No changes";}
		if(!empty($_POST['ICePhone1'])) {
			$query = 'UPDATE Girls SET ICePhone1="'.$_POST['ICePhone1'].'" WHERE ID="'.$_SESSION['ID'].'"';
			$result = mysqli_query($connect, $query);
		} else {echo "No changes";}
		if(!empty($_POST['ICEName2'])) {
			$query = 'UPDATE Girls SET ICEName2="'.$_POST['ICEName2'].'" WHERE ID="'.$_SESSION['ID'].'"';
			$result = mysqli_query($connect, $query);
		} else {echo "No changes";}
		if(!empty($_POST['ICEPhone2'])) {
			$query = 'UPDATE Girls SET ICEPhone2="'.$_POST['ICEPhone2'].'" WHERE ID="'.$_SESSION['ID'].'"';
			$result = mysqli_query($connect, $query);
		} else {echo "No changes";}
		if(!empty($_POST['Address'])) {
			$query = 'UPDATE Girls SET Address="'.$_POST['Address'].'" WHERE ID="'.$_SESSION['ID'].'"';
			$result = mysqli_query($connect, $query);
		} else {echo "No changes";}
}
?>

Pas ik dat aan naar 1 update, dan maakt hij alle velden leeg die niet veranderd zijn.

Dan doe je blijkbaar iets fout. Je snapt wel dat we geen glazen bol hier hebben.
Maak liever even een korte testcase in tiental regels in een apart bestand. Dat werkt wat makkelijker met uittesten.

En waarom een tabel met Girls? Als je straks Mannen of andere sekses hebt ga je hopelijk toch geen nieuwe tabellen aanmaken? En wat als iemand Angelique 'd Boer heet? Dan verknalt je apostrof de query.

- Ariën - op 18/04/2023 01:24:55

En wat als iemand Angelique 'd Boer heet?

Angelique 'd Boer ... melkt niet alleen uw koeien.