2 /************************************************************************
3 * MXChange v0.2.1 Start: 10/16/2003 *
4 * =============== Last change: 06/30/2004 *
6 * -------------------------------------------------------------------- *
7 * File : what-mydata.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Members can edit their profile data here *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Mitglieder koennen hier ihre Profildaten aendern *
12 * -------------------------------------------------------------------- *
14 * -------------------------------------------------------------------- *
15 * Copyright (c) 2003 - 2008 by Roland Haeder *
16 * For more information visit: http://www.mxchange.org *
18 * This program is free software; you can redistribute it and/or modify *
19 * it under the terms of the GNU General Public License as published by *
20 * the Free Software Foundation; either version 2 of the License, or *
21 * (at your option) any later version. *
23 * This program is distributed in the hope that it will be useful, *
24 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
25 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
26 * GNU General Public License for more details. *
28 * You should have received a copy of the GNU General Public License *
29 * along with this program; if not, write to the Free Software *
30 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
32 ************************************************************************/
34 // Some security stuff...
35 if (!defined('__SECURITY')) {
36 $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
38 } elseif (!IS_MEMBER()) {
39 LOAD_URL("modules.php?module=index");
40 } elseif ((!EXT_IS_ACTIVE("mydata")) && (!IS_ADMIN())) {
41 addFatalMessage(getMessage('EXTENSION_PROBLEM_EXT_INACTIVE'), "mydata");
45 // Add description as navigation point
46 ADD_DESCR("member", __FILE__);
48 define('UID_VALUE', $GLOBALS['userid']); $URL = "";
50 // Detect what the member wants to do
51 $MODE = "show"; // Show his data
52 if (REQUEST_ISSET_POST(('save'))) $MODE = "save"; // Save entered data
53 if (REQUEST_ISSET_POST(('edit'))) $MODE = "edit"; // Edit data
54 if (REQUEST_ISSET_POST(('notify'))) $MODE = "notify"; // Switch off notification
58 case "show": // Show his data
59 if (EXT_IS_ACTIVE("country", true)) {
60 // New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
61 $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
62 array(UID_VALUE), __FILE__, __LINE__);
64 // Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
65 $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
66 array(UID_VALUE), __FILE__, __LINE__);
68 $DATA = SQL_FETCHROW($result);
69 SQL_FREERESULT($result);
71 // Translate / add some things
72 $DATA[10] = TRANSLATE_GENDER($DATA[10]);
73 $DATA[13] = MAKE_DATETIME($DATA[13], "0");
75 // How far is last change on his profile away from now?
76 if ((($DATA[13] + getConfig('profile_lock')) > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) {
77 // You cannot change your account
78 define('CHANGE', "<div class=\"member_failed\">".sprintf(getMessage('MEMBER_PROFILE_LOCKED'), MAKE_DATETIME($DATA[13] + getConfig('profile_lock'), "0"))."</div>");
80 // He is allowed to change his profile
81 define('CHANGE', LOAD_TEMPLATE("member_mydata_button", true));
84 if (strlen($DATA[7]) == 1) $DATA[7] = "0".$DATA[7];
85 if (strlen($DATA[8]) == 1) $DATA[8] = "0".$DATA[8];
87 switch (GET_LANGUAGE()) {
88 case "de": define('DOB', $DATA[7].".".$DATA[8].".".$DATA[9]); break;
89 default : define('DOB', $DATA[8]."-".$DATA[7]."-".$DATA[9]); break;
92 if (EXT_IS_ACTIVE("country")) {
93 // Load country's description and code
94 $DATA[3] = COUNTRY_GENERATE_INFO($DATA[3]);
98 LOAD_TEMPLATE("member_mydata_overview");
101 case "edit": // Edit data
102 if (EXT_IS_ACTIVE("country", true)) {
103 // New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
104 $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update
105 FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
106 array(constant('UID_VALUE')), __FILE__, __LINE__);
108 // Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
109 $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update
110 FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
111 array(constant('UID_VALUE')), __FILE__, __LINE__);
114 $DATA = SQL_FETCHROW($result);
115 SQL_FREERESULT($result);
116 $DATA[13] = $DATA[12] + getConfig('profile_lock');
118 // How far is last change on his profile away from now?
119 if (($DATA[13] > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) {
120 $DATA[13] = MAKE_DATETIME($DATA[13] + getConfig('profile_lock'), "0");
121 // You cannot change your account
122 LOAD_TEMPLATE("member_mydata_locked");
124 // He is allowed to change his profile
128 define('M_DEFAULT', " selected=\"selected\"");
129 define('F_DEFAULT', "");
130 define('C_DEFAULT', "");
134 define('M_DEFAULT', "");
135 define('F_DEFAULT', " selected=\"selected\"");
136 define('C_DEFAULT', "");
140 define('M_DEFAULT', "");
141 define('F_DEFAULT', "");
142 define('C_DEFAULT', " selected=\"selected\"");
146 switch (GET_LANGUAGE())
148 case "de": // German date format
150 $DOB .= ADD_SELECTION("day", $DATA[7]);
153 $DOB .= ADD_SELECTION("month", $DATA[8]);
156 $DOB .= ADD_SELECTION("year", $DATA[9]);
159 default: // Default is the US date format... :)
164 define('MAX_REC_LIST', ADD_MAX_RECEIVE_LIST("member", $DATA[11], true));
166 if (EXT_IS_ACTIVE("country")) {
167 // Generate selection box
168 $OUT = "<select name=\"country_code\" class=\"member_select\" size=\"1\">\n";
169 $whereStatement = "WHERE is_active='Y'";
170 if (IS_ADMIN()) $whereStatement = "";
171 $OUT .= ADD_OPTION_LINES("countries", "id", "descr", $DATA[3], "code", $whereStatement);
173 define('__COUNTRY_CONTENT', $OUT);
175 // Ouput default input box
176 define('__COUNTRY_CONTENT', "<input type=\"text\" name=\"cntry\" class=\"member_normal\" size=\"2\" maxlength=\"3\" value=\"".$DATA[3]."\" />");
180 LOAD_TEMPLATE("member_mydata_edit");
184 case "save": // Save entered data
185 // Load old email / password: 0 1 2
186 $result = SQL_QUERY_ESC("SELECT email, password, last_update FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
187 array(UID_VALUE), __FILE__, __LINE__);
188 $DATA = SQL_FETCHROW($result);
189 SQL_FREERESULT($result);
190 $DATA[3] = $DATA[2] + getConfig('profile_lock');
192 // How far is last change on his profile away from now?
193 if (($DATA[3] > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) {
194 $DATA[3] = MAKE_DATETIME($DATA[3] + getConfig('profile_lock'), "0");
195 // You cannot change your account
196 LOAD_TEMPLATE("member_mydata_locked");
197 } elseif (!VALIDATE_EMAIL(REQUEST_POST('addy'))) {
198 // Invalid email address!
199 LOAD_TEMPLATE("admin_settings_saved", false, getMessage('INVALID_EMAIL_ADDRESS_ENTERED'));
202 $hash = generateHash(REQUEST_POST('pass1'), substr($DATA[1], 0, -40));
203 if ((($hash == $DATA[1]) || (REQUEST_POST('pass1') == REQUEST_POST('pass2'))) && (REQUEST_ISSET_POST(('pass1')))) {
204 // Only on simple changes normal mode is active = no email or password changed
205 $MODE = "normal"; $AND = "";
207 // Did the user changed the password?
208 if ($hash != $DATA[1]) { $AND = ", password='".$hash."'"; $MODE = "pass"; }
210 // Or did he changed his password?
211 if (REQUEST_POST('addy') != $DATA[0]) {
213 if ($MODE == "normal") { $MODE = "email"; } else { $MODE .= ";email"; }
214 REQUEST_SET_POST('old_addy', $DATA[0]);
217 // Update member's profile
218 if (EXT_IS_ACTIVE("country")) {
220 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET
221 gender='%s', surname='%s', family='%s',
223 country_code=%s, zip=%s, city='%s',
225 birth_day=%s, birth_month=%s, birth_year=%s,
227 last_update=UNIX_TIMESTAMP()".$AND.",
229 last_profile_sent=UNIX_TIMESTAMP()
230 WHERE userid=%s AND password='%s' LIMIT 1",
232 REQUEST_POST('gender'),
233 REQUEST_POST('surname'),
234 REQUEST_POST('family'),
235 REQUEST_POST('street_nr'),
236 bigintval(REQUEST_POST('country_code')),
237 bigintval(REQUEST_POST('zip')),
238 REQUEST_POST('city'),
239 REQUEST_POST('addy'),
240 bigintval(REQUEST_POST('day')),
241 bigintval(REQUEST_POST('month')),
242 bigintval(REQUEST_POST('year')),
243 bigintval(REQUEST_POST('max_mails')),
245 get_session('u_hash')
246 ), __FILE__, __LINE__);
249 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET
250 gender='%s', surname='%s', family='%s',
252 country='%s', zip=%s, city='%s',
254 birth_day=%s, birth_month=%s, birth_year=%s,
256 last_update=UNIX_TIMESTAMP()".$AND.",
258 last_profile_sent=UNIX_TIMESTAMP()
259 WHERE userid=%s AND password='%s' LIMIT 1",
261 REQUEST_POST('gender'),
262 REQUEST_POST('surname'),
263 REQUEST_POST('family'),
264 REQUEST_POST('street_nr'),
265 REQUEST_POST('cntry'),
266 bigintval(REQUEST_POST('zip')),
267 REQUEST_POST('city'),
268 REQUEST_POST('addy'),
269 bigintval(REQUEST_POST('day')),
270 bigintval(REQUEST_POST('month')),
271 bigintval(REQUEST_POST('year')),
272 bigintval(REQUEST_POST('max_mails')),
274 get_session('u_hash')
275 ), __FILE__, __LINE__);
279 $modes = explode(";", $MODE);
281 // ... and run them through
282 SEND_MODE_MAILS ("mydata", $modes);
284 // Entered wrong pass for updating profile
285 LOAD_TEMPLATE("admin_settings_saved", false, getMessage('MEBER_UPDATE_PWD_WRONG'));
290 case "notify": // Switch off notfication
291 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET notified='N', last_update=UNIX_TIMESTAMP() WHERE userid=%s LIMIT 1",
292 array($GLOBALS['userid']), __FILE__, __LINE__);
293 $URL = "modules.php?module=login&what=welcome&msg=".urlencode(getMessage('PROFILE_UPDATED'));
298 // Load generated URL