$member['id']]); // Load categories + current selection $categories = db_all('SELECT slug, name FROM categories ORDER BY sort_order, name'); $selected_cats = []; $primary_cat = null; if ($listing) { try { $rows = db_all( 'SELECT category_slug, is_primary FROM listing_categories WHERE listing_id = :id', ['id' => $listing['id']] ); foreach ($rows as $r) { $selected_cats[] = $r['category_slug']; if ($r['is_primary']) $primary_cat = $r['category_slug']; } } catch (Throwable $e) { /* junction not migrated */ } // Fallback to legacy single category if (empty($selected_cats) && !empty($listing['category_slug'])) { $selected_cats = [$listing['category_slug']]; $primary_cat = $listing['category_slug']; } } $saved = false; $errors = []; function listing_slug_for(string $name, ?int $exclude_id = null): string { $base = preg_replace('/[^a-z0-9]+/', '-', strtolower($name)); $base = trim($base, '-') ?: 'listing'; $slug = $base; $n = 2; while (true) { $existing = db_row('SELECT id FROM listings WHERE slug=:s', ['s'=>$slug]); if (!$existing || (int)$existing['id'] === (int)$exclude_id) break; $slug = $base . '-' . $n++; } return $slug; } if ($_SERVER['REQUEST_METHOD'] === 'POST') { csrf_verify(); $first_name = trim($_POST['first_name'] ?? ''); $last_name = trim($_POST['last_name'] ?? ''); $phone = trim($_POST['phone'] ?? ''); $business_name = trim($_POST['business_name'] ?? ''); $description = trim($_POST['description'] ?? ''); $tagline = trim($_POST['tagline'] ?? ''); $website = trim($_POST['website'] ?? ''); $address = trim($_POST['address'] ?? ''); $cats_posted = $_POST['categories'] ?? []; $primary = trim($_POST['primary_category'] ?? ''); if (!is_array($cats_posted)) $cats_posted = []; $cats_posted = array_values(array_unique(array_filter($cats_posted, fn($s) => is_string($s) && preg_match('/^[a-z0-9\-]+$/', $s) ))); // Validation if (!$first_name || !$last_name) $errors[] = 'Please fill in your first and last name.'; if (!$business_name) $errors[] = 'Business name is required.'; if (!$description) $errors[] = 'Business description is required.'; if (empty($cats_posted)) $errors[] = 'Please pick at least one category.'; if ($primary && !in_array($primary, $cats_posted, true)) $primary = $cats_posted[0] ?? ''; if (!$primary && !empty($cats_posted)) $primary = $cats_posted[0]; // ── Pre-flight: validate + dupe check against local DB and Zoho ───── // Members can't change their own email (security), so we don't dupe-check it. if (empty($errors)) { require_once __DIR__ . '/../includes/zoho.php'; $check = zoho_validate_member_changes((int)$member['id'], [ 'first_name' => $first_name, 'last_name' => $last_name, 'business_name' => $business_name, 'phone' => $phone ?: null, ]); if (!$check['ok']) { $errors[] = $check['error']; } } // Logo upload $logo_path = $listing['logo_path'] ?? null; if (!empty($_FILES['logo']['name'])) { $file = $_FILES['logo']; $allowed = ['image/jpeg','image/png','image/gif','image/webp']; if (!in_array($file['type'], $allowed, true)) $errors[] = 'Logo must be JPG, PNG, GIF or WebP.'; elseif ($file['size'] > 2*1024*1024) $errors[] = 'Logo must be under 2MB.'; elseif ($file['error'] !== UPLOAD_ERR_OK) $errors[] = 'Logo upload failed.'; else { $dir = __DIR__ . '/../assets/uploads/logos/'; if (!is_dir($dir)) mkdir($dir, 0755, true); $ext = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION)); $name_safe = 'listing-' . ($listing['id'] ?? time()) . '-' . bin2hex(random_bytes(2)) . '.' . $ext; if (move_uploaded_file($file['tmp_name'], $dir . $name_safe)) { if ($logo_path) { $old = __DIR__ . '/../' . ltrim($logo_path, '/'); if (file_exists($old)) @unlink($old); } $logo_path = 'assets/uploads/logos/' . $name_safe; } else { $errors[] = 'Could not save logo.'; } } } if (!empty($_POST['remove_logo']) && $logo_path) { $old = __DIR__ . '/../' . ltrim($logo_path, '/'); if (file_exists($old)) @unlink($old); $logo_path = null; } // Banner upload $banner_path = $listing['banner_path'] ?? null; if (!empty($_FILES['banner']['name'])) { $file = $_FILES['banner']; $allowed = ['image/jpeg','image/png','image/gif','image/webp']; if (!in_array($file['type'], $allowed, true)) $errors[] = 'Banner must be JPG, PNG, GIF or WebP.'; elseif ($file['size'] > 5*1024*1024) $errors[] = 'Banner must be under 5MB.'; elseif ($file['error'] !== UPLOAD_ERR_OK) $errors[] = 'Banner upload failed.'; else { $dir = __DIR__ . '/../assets/uploads/banners/'; if (!is_dir($dir)) mkdir($dir, 0755, true); $ext = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION)); $name_safe = 'listing-' . ($listing['id'] ?? time()) . '-' . bin2hex(random_bytes(2)) . '.' . $ext; if (move_uploaded_file($file['tmp_name'], $dir . $name_safe)) { if ($banner_path) { $old = __DIR__ . '/../' . ltrim($banner_path, '/'); if (file_exists($old)) @unlink($old); } $banner_path = 'assets/uploads/banners/' . $name_safe; } else { $errors[] = 'Could not save banner.'; } } } if (!empty($_POST['remove_banner']) && $banner_path) { $old = __DIR__ . '/../' . ltrim($banner_path, '/'); if (file_exists($old)) @unlink($old); $banner_path = null; } if (empty($errors)) { // ── Push to Zoho FIRST (only if member is linked to a Zoho contact) ── // If Zoho rejects, we abort before changing the local DB so we never // end up with local data drifted from Zoho. if (!empty($member['zoho_contact_id']) && zoho_is_configured()) { $r = zoho_update_contact((string)$member['zoho_contact_id'], [ 'first_name' => $first_name, 'last_name' => $last_name, 'business_name' => $business_name, 'phone' => $phone ?: null, ], (int)$member['id']); if (!$r['ok']) { $errors[] = 'We couldn\'t save your changes — our accounting system rejected them: ' . ($r['error'] ?? 'unknown error') . '. Please try again, or contact us if it keeps happening.'; } } } if (empty($errors)) { $member_before = $member; // snapshot for diff // Update member row db_update('members', (int)$member['id'], [ 'first_name' => $first_name, 'last_name' => $last_name, 'phone' => $phone ?: null, 'business_name' => $business_name, 'industry' => $primary, ]); // Upsert the listing $listing_fields = [ 'name' => $business_name, 'category_slug' => $primary, 'description' => $description, 'tagline' => $tagline ?: null, 'phone' => $phone ?: null, 'email' => $member['email'], 'website' => $website ?: null, 'address' => $address ?: null, 'logo_path' => $logo_path, 'banner_path' => $banner_path, ]; if ($listing) { db_update('listings', (int)$listing['id'], $listing_fields); $listing_id = (int)$listing['id']; } else { $listing_fields['slug'] = listing_slug_for($business_name); $listing_fields['member_id'] = $member['id']; $listing_fields['tier'] = $member['tier'] ?? 'Bronze'; $listing_fields['featured'] = 0; $listing_fields['published'] = 1; $listing_fields['profile_complete'] = 1; $listing_id = db_insert('listings', $listing_fields); } // Reset + rewrite categories in junction try { db_exec('DELETE FROM listing_categories WHERE listing_id = :id', ['id' => $listing_id]); foreach ($cats_posted as $c) { db_exec( 'INSERT IGNORE INTO listing_categories (listing_id, category_slug, is_primary) VALUES (:l, :c, :p)', ['l' => $listing_id, 'c' => $c, 'p' => $c === $primary ? 1 : 0] ); } } catch (Throwable $e) { /* junction not migrated — fine */ } // Refresh state $fresh_member = db_row('SELECT * FROM members WHERE id = :id', ['id' => $member['id']]); // Log to member history (member-side edits) member_history_log_changes( (int)$member['id'], $member_before, $fresh_member, ['first_name','last_name','phone','business_name','industry'] ); app_log("Profile update: member {$member['id']} ({$fresh_member['email']})"); $member = $fresh_member; $listing = db_row('SELECT * FROM listings WHERE member_id = :m LIMIT 1', ['m' => $member['id']]); $selected_cats = $cats_posted; $primary_cat = $primary; $saved = true; } else { // Keep what user typed on re-render $selected_cats = $cats_posted; $primary_cat = $primary; } } // Values for the form $v = [ 'first_name' => $_POST['first_name'] ?? $member['first_name'] ?? '', 'last_name' => $_POST['last_name'] ?? $member['last_name'] ?? '', 'phone' => $_POST['phone'] ?? $member['phone'] ?? '', 'business_name' => $_POST['business_name'] ?? $member['business_name'] ?? '', 'description' => $_POST['description'] ?? $listing['description'] ?? '', 'tagline' => $_POST['tagline'] ?? $listing['tagline'] ?? '', 'website' => $_POST['website'] ?? $listing['website'] ?? '', 'address' => $_POST['address'] ?? $listing['address'] ?? '', ]; $page_title = 'Edit Business'; require __DIR__ . '/_guard.php'; ?>
← Back to dashboard

Edit Business

Update your contact details and what appears on your public directory page.

Saved. Changes are live on the directory.
', array_map('htmlspecialchars', $errors)) ?>

Your contact details

Business listing

This is what appears on your public directory page.

Photos

Your logo is shown on the directory cards and on your public page header. Your banner photo (a photo of your storefront, team, or premises) shows at the top of your public page. If you don't upload a banner, your logo is shown there instead.

current logo
🖼

Click or drag · JPG/PNG, max 2MB

Cancel View live listing →