sorted it out..

edit_profile.php

php part
PHP Code:
<?php 
    
    
require("common.php");
    
$query 
            SELECT 
                id, 
                username, 
                password, 
                salt, 
                email,
                firstname,
                lastname,
                age,
                address,
                phonenumber
            FROM users 
            WHERE 
                username = :username 
        "
;
        
        
$query_params = array( 
            
':username' => $_SESSION['user']['username'
        );
        
        try 
        { 
    
            
$stmt $db->prepare($query); 
            
$result $stmt->execute($query_params); 
        } 
        catch(
PDOException $ex
        { 
    
            die(
"Failed to run query: " $ex->getMessage()); 
        } 
        
        
$row $stmt->fetch();
        
$_SESSION['user'] = $row;
        
    if(!empty(
$_POST)) 
    {
         
        
$query 
            UPDATE users 
            SET 
                firstname = :firstname 
                , lastname = :lastname 
                , age = :age
                , address = :address
                , phonenumber = :phonenumber
            WHERE 
                id = :user_id 
        "

        
        
$query_params = array( 
            
':firstname' => $_POST['firstname'], 
            
':lastname' => $_POST['lastname'],
            
':age' => $_POST['age'],
            
':address' => $_POST['address'],
            
':phonenumber' => $_POST['phonenumber'],
            
':user_id' => $_SESSION['user']['id'], 
        ); 
         
        try 
        { 
            
$stmt $db->prepare($query); 
            
$result $stmt->execute($query_params); 
        } 
        catch(
PDOException $ex
        { 
            die(
"Failed to run query: " $ex->getMessage()); 
        } 
        
        
        
header("Location: private.php"); 
         
        die(
"Redirecting to private.php"); 
    } 
     
    
?>
let me know if you find anything wrong..

thanks everyone!