]> git.mxchange.org Git - mailer.git/blob - inc/modules/member/what-mydata.php
419708c9a5a0caa06c3ce218eaa8c224785cc1af
[mailer.git] / inc / modules / member / what-mydata.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 10/16/2003 *
4  * ===============                              Last change: 06/30/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : what-mydata.php                                  *
8  * -------------------------------------------------------------------- *
9  * Short description : Members can edit their profile data here         *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Mitglieder koennen hier ihre Profildaten aendern *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Some security stuff...
35 if (!defined('__SECURITY')) {
36         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
37         require($INC);
38 } elseif (!IS_MEMBER()) {
39         LOAD_URL("modules.php?module=index");
40 } elseif ((!EXT_IS_ACTIVE("mydata")) && (!IS_ADMIN())) {
41         addFatalMessage(getMessage('EXTENSION_PROBLEM_EXT_INACTIVE'), "mydata");
42         return;
43 }
44
45 // Add description as navigation point
46 ADD_DESCR("member", __FILE__);
47
48 define('UID_VALUE', $GLOBALS['userid']); $URL = "";
49
50 // Detect what the member wants to do
51 $MODE = "show"; // Show his data
52 if (REQUEST_ISSET_POST(('save')))   $MODE = "save";   // Save entered data
53 if (REQUEST_ISSET_POST(('edit')))    $MODE = "edit";   // Edit data
54 if (REQUEST_ISSET_POST(('notify'))) $MODE = "notify"; // Switch off notification
55
56 switch ($MODE)
57 {
58 case "show": // Show his data
59         if (EXT_IS_ACTIVE("country", true)) {
60                 // New way                         0        1         2          3         4     5     6        7           8            9       10      11           12           13
61                 $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
62                  array(UID_VALUE), __FILE__, __LINE__);
63         } else {
64                 // Old way                         0        1         2        3      4     5     6        7           8            9       10      11           12           13
65                 $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
66                  array(UID_VALUE), __FILE__, __LINE__);
67         }
68         $DATA = SQL_FETCHROW($result);
69         SQL_FREERESULT($result);
70
71         // Translate / add some things
72         $DATA[10] = TRANSLATE_GENDER($DATA[10]);
73         $DATA[13] = MAKE_DATETIME($DATA[13], "0");
74
75         // How far is last change on his profile away from now?
76         if ((($DATA[13] + getConfig('profile_lock')) > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) {
77                 // You cannot change your account
78                 define('CHANGE', "<div class=\"member_failed\">".sprintf(getMessage('MEMBER_PROFILE_LOCKED'), MAKE_DATETIME($DATA[13] + getConfig('profile_lock'), "0"))."</div>");
79         } else {
80                 // He is allowed to change his profile
81                 define('CHANGE', LOAD_TEMPLATE("member_mydata_button", true));
82         }
83
84         if (strlen($DATA[7]) == 1) $DATA[7] = "0".$DATA[7];
85         if (strlen($DATA[8]) == 1) $DATA[8] = "0".$DATA[8];
86
87         switch (GET_LANGUAGE()) {
88                 case "de": define('DOB', $DATA[7].".".$DATA[8].".".$DATA[9]); break;
89                 default  : define('DOB', $DATA[8]."-".$DATA[7]."-".$DATA[9]); break;
90         }
91
92         if (EXT_IS_ACTIVE("country")) {
93                 // Load country's description and code
94                 $DATA[3] = COUNTRY_GENERATE_INFO($DATA[3]);
95         }
96
97         // Load template
98         LOAD_TEMPLATE("member_mydata_overview");
99         break;
100
101 case "edit": // Edit data
102         if (EXT_IS_ACTIVE("country", true)) {
103                 // New way                         0        1         2          3         4     5     6        7           8            9       10      11           12           13
104                 $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update
105 FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
106                  array(constant('UID_VALUE')), __FILE__, __LINE__);
107         } else {
108                 // Old way                         0        1         2        3      4     5     6        7           8            9       10      11           12           13
109                 $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update
110 FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
111                  array(constant('UID_VALUE')), __FILE__, __LINE__);
112         }
113
114         $DATA = SQL_FETCHROW($result);
115         SQL_FREERESULT($result);
116         $DATA[13] = $DATA[12] + getConfig('profile_lock');
117
118         // How far is last change on his profile away from now?
119         if (($DATA[13] > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) {
120                 $DATA[13] = MAKE_DATETIME($DATA[13] + getConfig('profile_lock'), "0");
121                 // You cannot change your account
122                 LOAD_TEMPLATE("member_mydata_locked");
123         } else {
124                 // He is allowed to change his profile
125                 switch ($DATA[10])
126                 {
127                 case "M":
128                         define('M_DEFAULT', " selected=\"selected\"");
129                         define('F_DEFAULT', "");
130                         define('C_DEFAULT', "");
131                         break;
132
133                 case "F":
134                         define('M_DEFAULT', "");
135                         define('F_DEFAULT', " selected=\"selected\"");
136                         define('C_DEFAULT', "");
137                         break;
138
139                 case "C":
140                         define('M_DEFAULT', "");
141                         define('F_DEFAULT', "");
142                         define('C_DEFAULT', " selected=\"selected\"");
143                         break;
144                 }
145                 $DOB = "";
146                 switch (GET_LANGUAGE())
147                 {
148                 case "de": // German date format
149                         // Day
150                         $DOB .= ADD_SELECTION("day", $DATA[7]);
151
152                         // Month
153                         $DOB .= ADD_SELECTION("month", $DATA[8]);
154
155                         // Year
156                         $DOB .= ADD_SELECTION("year", $DATA[9]);
157                         break;
158
159                 default: // Default is the US date format... :)
160                         break;
161                 }
162
163                 define('DOB', $DOB);
164                 define('MAX_REC_LIST', ADD_MAX_RECEIVE_LIST("member", $DATA[11], true));
165
166                 if (EXT_IS_ACTIVE("country")) {
167                         // Generate selection box
168                         $OUT  = "<select name=\"country_code\" class=\"member_select\" size=\"1\">\n";
169                         $whereStatement = "WHERE is_active='Y'";
170                         if (IS_ADMIN()) $whereStatement = "";
171                         $OUT .= ADD_OPTION_LINES("countries", "id", "descr", $DATA[3], "code", $whereStatement);
172                         $OUT .= "</select>";
173                         define('__COUNTRY_CONTENT', $OUT);
174                 } else {
175                         // Ouput default input box
176                         define('__COUNTRY_CONTENT', "<input type=\"text\" name=\"cntry\" class=\"member_normal\" size=\"2\" maxlength=\"3\" value=\"".$DATA[3]."\" />");
177                 }
178
179                 // Load template
180                 LOAD_TEMPLATE("member_mydata_edit");
181         }
182         break;
183
184 case "save": // Save entered data
185         // Load old email / password:      0        1          2
186         $result = SQL_QUERY_ESC("SELECT email, password, last_update FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
187          array(UID_VALUE), __FILE__, __LINE__);
188         $DATA = SQL_FETCHROW($result);
189         SQL_FREERESULT($result);
190         $DATA[3] = $DATA[2] + getConfig('profile_lock');
191
192         // How far is last change on his profile away from now?
193         if (($DATA[3] > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) {
194                 $DATA[3] = MAKE_DATETIME($DATA[3] + getConfig('profile_lock'), "0");
195                 // You cannot change your account
196                 LOAD_TEMPLATE("member_mydata_locked");
197         } elseif (!VALIDATE_EMAIL(REQUEST_POST('addy'))) {
198                 // Invalid email address!
199                 LOAD_TEMPLATE("admin_settings_saved", false, getMessage('INVALID_EMAIL_ADDRESS_ENTERED'));
200         } else {
201                 // Generate hash
202                 $hash = generateHash(REQUEST_POST('pass1'), substr($DATA[1], 0, -40));
203                 if ((($hash == $DATA[1]) || (REQUEST_POST('pass1') == REQUEST_POST('pass2'))) && (REQUEST_ISSET_POST(('pass1')))) {
204                         // Only on simple changes normal mode is active = no email or password changed
205                         $MODE = "normal"; $AND = "";
206
207                         // Did the user changed the password?
208                         if ($hash != $DATA[1]) { $AND = ", password='".$hash."'"; $MODE = "pass"; }
209
210                         // Or did he changed his password?
211                         if (REQUEST_POST('addy') != $DATA[0]) {
212                                 // Jupp
213                                 if ($MODE == "normal") { $MODE = "email"; } else { $MODE .= ";email"; }
214                                 REQUEST_SET_POST('old_addy', $DATA[0]);
215                         }
216
217                         // Update member's profile
218                         if (EXT_IS_ACTIVE("country")) {
219                                 // New way
220                                 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET
221 gender='%s', surname='%s', family='%s',
222 street_nr='%s',
223 country_code=%s, zip=%s, city='%s',
224 email='%s',
225 birth_day=%s, birth_month=%s, birth_year=%s,
226 max_mails=%s,
227 last_update=UNIX_TIMESTAMP()".$AND.",
228 notified='N',
229 last_profile_sent=UNIX_TIMESTAMP()
230 WHERE userid=%s AND password='%s' LIMIT 1",
231 array(
232         REQUEST_POST('gender'),
233         REQUEST_POST('surname'),
234         REQUEST_POST('family'),
235         REQUEST_POST('street_nr'),
236         bigintval(REQUEST_POST('country_code')),
237         bigintval(REQUEST_POST('zip')),
238         REQUEST_POST('city'),
239         REQUEST_POST('addy'),
240         bigintval(REQUEST_POST('day')),
241         bigintval(REQUEST_POST('month')),
242         bigintval(REQUEST_POST('year')),
243         bigintval(REQUEST_POST('max_mails')),
244         UID_VALUE,
245         get_session('u_hash')
246  ), __FILE__, __LINE__);
247                         } else {
248                                 // Old way
249                                 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET
250 gender='%s', surname='%s', family='%s',
251 street_nr='%s',
252 country='%s', zip=%s, city='%s',
253 email='%s',
254 birth_day=%s, birth_month=%s, birth_year=%s,
255 max_mails='%s',
256 last_update=UNIX_TIMESTAMP()".$AND.",
257 notified='N',
258 last_profile_sent=UNIX_TIMESTAMP()
259 WHERE userid=%s AND password='%s' LIMIT 1",
260 array(
261         REQUEST_POST('gender'),
262         REQUEST_POST('surname'),
263         REQUEST_POST('family'),
264         REQUEST_POST('street_nr'),
265         REQUEST_POST('cntry'),
266         bigintval(REQUEST_POST('zip')),
267         REQUEST_POST('city'),
268         REQUEST_POST('addy'),
269         bigintval(REQUEST_POST('day')),
270         bigintval(REQUEST_POST('month')),
271         bigintval(REQUEST_POST('year')),
272         bigintval(REQUEST_POST('max_mails')),
273         UID_VALUE,
274         get_session('u_hash')
275  ), __FILE__, __LINE__);
276                         }
277
278                         // Get all modes ...
279                         $modes = explode(";", $MODE);
280
281                         // ... and run them through
282                         SEND_MODE_MAILS ("mydata", $modes);
283                 } else {
284                         // Entered wrong pass for updating profile
285                         LOAD_TEMPLATE("admin_settings_saved", false, getMessage('MEBER_UPDATE_PWD_WRONG'));
286                 }
287         }
288         break;
289
290 case "notify": // Switch off notfication
291         SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET notified='N', last_update=UNIX_TIMESTAMP() WHERE userid=%s LIMIT 1",
292                 array($GLOBALS['userid']), __FILE__, __LINE__);
293         $URL = "modules.php?module=login&amp;what=welcome&amp;msg=".urlencode(getMessage('PROFILE_UPDATED'));
294         break;
295 }
296
297 if (!empty($URL)) {
298         // Load generated URL
299         LOAD_URL($URL);
300 }
301
302 //
303 ?>