在php中更新个人资料

i have a question. To update a profile of a person in PHP its need your ID but i didn't get the ID. I put the important codes after, to understand my question better.

This is my code to login to the members area.

<?php
require_once 'config.php';
session_start();
$userName = isset($_POST["user-name"]) ? $_POST["user-name"]: '';
$userPass = isset($_POST["user-pass"]) ? $_POST["user-pass"]: '';

if ($userName != '0' && $userPass != '0'){

    $criptSen = hash("whirlpool", $userPass);

    $SQL = "SELECT Usuario, Senha, Rank FROM utilizadores WHERE Usuario='$userName' AND Senha='$criptSen'";
    $query = mysql_query($SQL);

    if (mysql_num_rows($query)>0)
    {
        $row = mysql_fetch_array($query);
        $_SESSION['Usuario'] = $row['Usuario'];     
        $_SESSION['Rank']    = $row['Rank'];
        mysql_free_result($query);
        if($row['Rank'] == 'Membro'){
            header("Location: index_membro.php");
        } else {
            if($row['Rank'] == 'Administrador') {
                header("Location: admin/index_logged.php");                
            }
        }       

    } else {
        if (isset($query)){
            mysql_free_result($query);
        }
        header ("Location: index.php?page=erro");   
    }   

} else {
    header ("Location: index.php?page=erro");
}
?>

Now, this code verify if user is logged in when navegate on the website.

<?php
$Usuario = ($_SESSION["Usuario"]) ? $_SESSION["Usuario"]: '';
$Rank    = ($_SESSION['Rank'])    ? $_SESSION['Rank']   : '';

if ($Usuario != '' && $Rank == 'Membro'){
} 
else 
{
header("Location: index.php");
echo "<script>alert(\"Area Restrita\");</scrpit>";
}
?>

Now, this is my query on profile file, but i didn't get the ID of the user is logged in.. Can you help me to get the ID?

<?php
$result = mysql_query("SELECT * FROM utilizadores WHERE ID='$ID'") 
or die(mysql_error());  

    while($row = mysql_fetch_array( $result )) {
        $id      = $row["ID"];
        $nome    = $row["Nome"];
        $imagem  = $row["imgPerfil"];
        $email   = $row["Email"];
        $usuario = $row["Usuario"];
        }
  ?>

When users are registering you should make sure the usernames are unique. The database will automatically hand out primary key auto incrementing id's.

Simply run a query on the username and check their id.

Also, it is a security risk to create your own register/login system. I suggest you use a built ready built one and customize some things to your needs. Are you mysql_real_escape_string 'ing the usernames and passwords?