2 /************************************************************************
3 * MXChange v0.2.1 Start: 09/28/2003 *
4 * =============== Last change: 06/10/2004 *
6 * -------------------------------------------------------------------- *
7 * File : what-edit_user.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Edit member's profiles *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Mitgliederprofile aendern *
12 * -------------------------------------------------------------------- *
14 * -------------------------------------------------------------------- *
15 * Copyright (c) 2003 - 2008 by Roland Haeder *
16 * For more information visit: http://www.mxchange.org *
18 * This program is free software; you can redistribute it and/or modify *
19 * it under the terms of the GNU General Public License as published by *
20 * the Free Software Foundation; either version 2 of the License, or *
21 * (at your option) any later version. *
23 * This program is distributed in the hope that it will be useful, *
24 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
25 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
26 * GNU General Public License for more details. *
28 * You should have received a copy of the GNU General Public License *
29 * along with this program; if not, write to the Free Software *
30 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
32 ************************************************************************/
34 // Some security stuff...
35 if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
37 $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
40 // Add description as navigation point
41 ADD_DESCR("admin", basename(__FILE__));
45 if (isset($_GET['u_id'])) {
46 // 0 1 2 3 4 5 6 7 8 9 10 11
47 $result_main = SQL_QUERY_ESC("SELECT gender, surname, family, street_nr, zip, city, country, email, birth_day, birth_month, birth_year, max_mails FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
48 array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
51 if ((SQL_NUMROWS($result_main) == 1) || (empty($_GET['u_id'])))
54 if (empty($_GET['u_id']))
56 // Output selection form with all confirmed user accounts listed
57 ADD_MEMBER_SELECTION_BOX();
59 elseif (isset($_POST['edit']))
61 // Ok, change the account...
62 $PASS = false; $ADD = "";
63 if ((empty($_POST['pass1'])) && (empty($_POST['pass2'])))
65 // Don't change the password
68 elseif (($_POST['pass1'] == $_POST['pass2']))
70 // Change the password
72 $ADD = ", password='".generateHash($_POST['pass1'])."'";
76 // We have to add the following things: birthday and max receive mails
77 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET
87 WHERE userid=%s LIMIT 1",
89 substr($_POST['gender'], 0, 1),
91 $_POST['family_name'],
94 bigintval($_POST['zip']),
97 bigintval($_GET['u_id']),
98 ), __FILE__, __LINE__);
99 $content = USER_ACCOUNT_SAVED;
103 // Problem while saving data
104 $content = USER_ACCOUNT_NOT_SAVED;
108 LOAD_TEMPLATE("admin_settings_saved", false, $content);
112 // Display form to edit
113 list($gender, $surname, $family, $street, $zip, $city, $country, $email, $bday, $bmonth, $byear, $max) = SQL_FETCHROW($result_main);
114 SQL_FREERESULT($result_main);
116 // Transfer data to constants for the template
120 define('_GENDER_M', " selected=\"selected\"");
121 define('_GENDER_F', "");
122 define('_GENDER_C', "");
126 define('_GENDER_M', "");
127 define('_GENDER_F', " selected=\"selected\"");
128 define('_GENDER_C', "");
132 define('_GENDER_M', "");
133 define('_GENDER_F', "");
134 define('_GENDER_C', " selected=\"selected\"");
138 define('_SURNAME', $surname); define('_FAMILY', $family); define('_CITY' , $city);
139 define('_STREET' , $street); define('_ZIP' , $zip); define('_MAX_MAILS', $max);
140 define('_COUNTRY', $country); define('_EMAIL' , $email);
143 LOAD_TEMPLATE("admin_edit_user", false, bigintval($_GET['u_id']));
148 // Account does not exists!
149 OUTPUT_HTML("<STRONG class=\"admin_failed\">".ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2."</STRONG>");