2 /************************************************************************
3 * Mailer v0.2.1-FINAL Start: 10/16/2003 *
4 * =================== Last change: 06/30/2004 *
6 * -------------------------------------------------------------------- *
7 * File : what-mydata.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Members can edit their profile data here *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Mitglieder koennen hier ihre Profildaten aendern *
12 * -------------------------------------------------------------------- *
15 * $Tag:: 0.2.1-FINAL $ *
17 * -------------------------------------------------------------------- *
18 * Copyright (c) 2003 - 2009 by Roland Haeder *
19 * Copyright (c) 2009 - 2013 by Mailer Developer Team *
20 * For more information visit: http://mxchange.org *
22 * This program is free software; you can redistribute it and/or modify *
23 * it under the terms of the GNU General Public License as published by *
24 * the Free Software Foundation; either version 2 of the License, or *
25 * (at your option) any later version. *
27 * This program is distributed in the hope that it will be useful, *
28 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
29 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
30 * GNU General Public License for more details. *
32 * You should have received a copy of the GNU General Public License *
33 * along with this program; if not, write to the Free Software *
34 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
36 ************************************************************************/
38 // Some security stuff...
39 if (!defined('__SECURITY')) {
41 } elseif (!isMember()) {
42 redirectToIndexMemberOnlyModule();
45 // Add description as navigation point
46 addYouAreHereLink('member', __FILE__);
48 if ((!isExtensionActive('mydata')) && (!isAdmin())) {
49 displayMessage('{%pipe,generateExtensionInactiveNotInstalledMessage=mydata%}');
56 // Init variable to prevent notices
59 // Detect what the member wants to do
60 $mode = 'show'; // Show his data
61 if (isFormSent('save')) $mode = 'save'; // Save entered data
62 if (isFormSent('edit')) $mode = 'edit'; // Edit data
63 if (isFormSent('notify')) $mode = 'notify'; // Switch off notification
66 case 'show': // Show his data
68 $content = merge_array($content, getUserDataArray());
70 // Translate some things
71 $content['last_update'] = generateDateTime($content['last_update'], 0);
73 // How far is last change on his profile away from now?
74 if ((($content['last_update'] + getProfileLock()) > time()) && (!isAdmin()) && (getProfileLock() > 0)) {
75 // You cannot change your account
76 $content['change'] = displayMessage('<div class="notice">{%message,MEMBER_PROFILE_LOCKED=' . generateDateTime($content['last_update'] + getProfileLock(), 0) . '%}</div>', TRUE);
78 // He is allowed to change his profile
79 $content['change'] = loadTemplate('member_mydata_button', TRUE);
82 // @TODO Move this to a function (for better EL code)
83 switch (getLanguage()) {
84 case 'de': $content['dob'] = '{%pipe,padLeftZero=' . $content['birth_day'] . '%}.{%pipe,padLeftZero=' . $content['birth_month'] . '%}.' . $content['birth_year']; break;
85 default : $content['dob'] = '{%pipe,padLeftZero=' . $content['birth_month'] . '%}-{%pipe,padLeftZero=' . $content['birth_day'] . '%}-' . $content['birth_year']; break;
88 if (isExtensionActive('country')) {
89 // Load country's description and code
90 $content['country'] = generateCountryInfo($content['country_code']);
94 loadTemplate('member_mydata_overview', FALSE, $content);
97 case 'edit': // Edit data
98 if (isExtensionActive('country', TRUE)) {
100 $result = sqlQueryEscaped('SELECT
116 `{?_MYSQL_PREFIX?}_user_data`
120 array(getMemberId()), __FILE__, __LINE__);
123 $result = sqlQueryEscaped('SELECT
139 `{?_MYSQL_PREFIX?}_user_data`
143 array(getMemberId()), __FILE__, __LINE__);
147 $content = merge_array($content, sqlFetchArray($result));
150 sqlFreeResult($result);
152 $content['update_check'] = $content['last_update'] + getProfileLock();
154 // How far is last change on his profile away from now?
155 if (($content['update_check'] > time()) && (!isAdmin()) && (getProfileLock() > 0)) {
156 // Profile is locked, so output propper message
157 $content['update_check'] = '{%message,MEMBER_PROFILE_LOCKED=' . generateDateTime($content['update_check'] + getProfileLock(), '0') . '%}';
159 // You cannot change your account
160 displayMessage($content['update_check']);
163 $content['dob'] = '';
165 switch (getLanguage()) {
166 case 'de': // German date format
168 $content['dob'] .= addSelectionBox('da', $content['birth_day']);
171 $content['dob'] .= addSelectionBox('mo', $content['birth_month']);
174 $content['dob'] .= addSelectionBox('ye', $content['birth_year']);
177 default: // Default is the US date format... :)
179 $content['dob'] .= addSelectionBox('mo', $content['birth_month']);
182 $content['dob'] .= addSelectionBox('da', $content['birth_day']);
185 $content['dob'] .= addSelectionBox('ye', $content['birth_year']);
189 $content['max_receive_list'] = addMaxReceiveList('member', $content['max_mails']);
191 if (isExtensionActive('country')) {
192 // Init WHERE statement
193 $whereStatement = " WHERE `is_active`='Y'";
194 if (isAdmin()) $whereStatement = '';
196 // Generate selection box
197 $OUT = '<select name="country_code" class="form_select" size="1">';
198 $OUT .= generateOptions('countries', 'id', 'descr', $content['country_code'], 'code', $whereStatement);
200 $content['country'] = $OUT;
202 // Ouput default input box
203 $content['country'] = '<input type="text" name="cntry" class="form_field" size="2" maxlength="3" value="' . $content['country'] . '" />';
207 loadTemplate('member_mydata_edit', FALSE, $content);
211 case 'save': // Save entered data
213 $content = merge_array($content, getUserDataArray());
215 // Calculate time to check
216 $content['update_check'] = $content['last_update'] + getProfileLock();
218 // How far is last change on his profile away from now?
219 if (($content['update_check'] > time()) && (!isAdmin()) && (getProfileLock() > 0)) {
220 // You cannot change your account
221 $content['update_check'] = generateDateTime($content['update_check'] + getProfileLock(), 0);
223 displayMessage($content['update_check']);
224 } elseif ((!isEmailValid(postRequestElement('email'))) && (!isAdmin())) {
225 // Invalid email address!
226 displayMessage('{--INVALID_EMAIL_ENTERED--}');
227 } elseif ((isExtensionInstalledAndNewer('other', '0.3.0')) && (isCheckDoubleEmailEnabled()) && (!isAdmin()) && (isEmailTaken(postRequestElement('email')))) {
228 // Email address is already registered
229 displayMessage('{--MEMBER_EMAIL_IS_ALREADY_REGISTERED--}');
232 $hash = generateHash(postRequestElement('password1'), substr($content['password'], 0, -40));
233 if ((($hash == $content['password']) || (postRequestElement('password1') == postRequestElement('password2'))) && (isPostRequestElementSet('password1'))) {
234 // Only on simple changes normal mode is active = no email or password changed
238 // Did the user changed the password?
239 if ($hash != $content['password']) {
241 $AND = ",`password`='" . $hash . "'";
245 // Or did he changed his email address?
246 if (postRequestElement('email') != $content['email']) {
247 // Yes, but is it maybe blacklisted?
250 'post_data' => postRequestArray(),
252 'message' => '{--PRE_UPDATE_USER_DATA_FAILED--}',
254 $filterData = runFilterChain('pre_update_user_data', $filterData);
256 // Is it blacklisted?
257 if ($filterData['init_done'] === FALSE) {
258 // Found something blacklisted
259 displayMessage($filterData['message']);
263 if ($mode == 'normal') {
268 setPostRequestElement('old_email', $content['email']);
271 // Update member's profile
272 if (isExtensionActive('country')) {
274 sqlQueryEscaped("UPDATE
275 `{?_MYSQL_PREFIX?}_user_data`
289 `last_update`=UNIX_TIMESTAMP()".$AND.",
291 `last_profile_sent`=UNIX_TIMESTAMP()
296 postRequestElement('gender'),
297 postRequestElement('surname'),
298 postRequestElement('family'),
299 postRequestElement('street_nr'),
300 bigintval(postRequestElement('country_code')),
301 bigintval(postRequestElement('zip')),
302 postRequestElement('city'),
303 postRequestElement('email'),
304 bigintval(postRequestElement('day')),
305 bigintval(postRequestElement('month')),
306 bigintval(postRequestElement('year')),
307 bigintval(postRequestElement('max_mails')),
309 ), __FILE__, __LINE__);
312 sqlQueryEscaped("UPDATE
313 `{?_MYSQL_PREFIX?}_user_data`
327 `last_update`=UNIX_TIMESTAMP()".$AND.",
329 `last_profile_sent`=UNIX_TIMESTAMP()
334 postRequestElement('gender'),
335 postRequestElement('surname'),
336 postRequestElement('family'),
337 postRequestElement('street_nr'),
338 postRequestElement('cntry'),
339 bigintval(postRequestElement('zip')),
340 postRequestElement('city'),
341 postRequestElement('email'),
342 bigintval(postRequestElement('day')),
343 bigintval(postRequestElement('month')),
344 bigintval(postRequestElement('year')),
345 bigintval(postRequestElement('max_mails')),
347 ), __FILE__, __LINE__);
350 // Did something change?
351 if (!ifSqlHasZeroAffectedRows()) {
353 $modes = explode(';', $mode);
355 // ... and run them through
356 sendModeMails ('mydata', $modes);
358 // Something went wrong
359 displayMessage('{--MEMBER_UPDATE_FAILED--}');
362 // Entered wrong pass for updating profile
363 displayMessage('{--MEBER_UPDATE_PWD_WRONG--}');
368 case 'notify': // Switch off notfication
369 sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `notified`='N',`last_update`=UNIX_TIMESTAMP() WHERE `userid`=%s LIMIT 1",
370 array(getMemberId()), __FILE__, __LINE__);
371 $url = 'modules.php?module=login&what=mydata&code=' . getCode('PROFILE_UPDATED');
376 // Load generated URL