2 /************************************************************************
3 * MXChange v0.2.1 Start: 10/16/2003 *
4 * =============== Last change: 06/30/2004 *
6 * -------------------------------------------------------------------- *
7 * File : what-mydata.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Members can edit their profile data here *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Mitglieder koennen hier ihre Profildaten aendern *
12 * -------------------------------------------------------------------- *
15 * $Tag:: 0.2.1-FINAL $ *
17 * Needs to be in all Files and every File needs "svn propset *
18 * svn:keywords Date Revision" (autoprobset!) at least!!!!!! *
19 * -------------------------------------------------------------------- *
20 * Copyright (c) 2003 - 2008 by Roland Haeder *
21 * For more information visit: http://www.mxchange.org *
23 * This program is free software; you can redistribute it and/or modify *
24 * it under the terms of the GNU General Public License as published by *
25 * the Free Software Foundation; either version 2 of the License, or *
26 * (at your option) any later version. *
28 * This program is distributed in the hope that it will be useful, *
29 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
30 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
31 * GNU General Public License for more details. *
33 * You should have received a copy of the GNU General Public License *
34 * along with this program; if not, write to the Free Software *
35 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
37 ************************************************************************/
39 // Some security stuff...
40 if (!defined('__SECURITY')) {
41 $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php';
43 } elseif (!IS_MEMBER()) {
44 redirectToUrl('modules.php?module=index');
45 } elseif ((!EXT_IS_ACTIVE('mydata')) && (!IS_ADMIN())) {
46 addFatalMessage(__FILE__, __LINE__, generateExtensionInactiveNotInstalledMessage('mydata'));
50 // Add description as navigation point
51 ADD_DESCR('member', __FILE__);
53 // @TODO Try to rewrite this constant
54 define('UID_VALUE', getUserId());
56 // Init variable to prevent notices
59 // Detect what the member wants to do
60 $mode = 'show'; // Show his data
61 if (REQUEST_ISSET_POST('save')) $mode = 'save'; // Save entered data
62 if (REQUEST_ISSET_POST('edit')) $mode = 'edit'; // Edit data
63 if (REQUEST_ISSET_POST('notify')) $mode = 'notify'; // Switch off notification
66 case 'show': // Show his data
67 if (EXT_IS_ACTIVE('country', true)) {
68 // New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
69 $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
70 array(getUserId()), __FILE__, __LINE__);
72 // Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
73 $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
74 array(getUserId()), __FILE__, __LINE__);
76 $DATA = SQL_FETCHROW($result);
77 SQL_FREERESULT($result);
79 // Translate / add some things
80 $DATA[10] = translateGender($DATA[10]);
81 $DATA[13] = generateDateTime($DATA[13], '0');
83 // How far is last change on his profile away from now?
84 if ((($DATA[13] + getConfig('profile_lock')) > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) {
85 // You cannot change your account
86 define('CHANGE', "<div class=\"member_failed\">".sprintf(getMessage('MEMBER_PROFILE_LOCKED'), generateDateTime($DATA[13] + getConfig('profile_lock'), '0'))."</div>");
88 // He is allowed to change his profile
89 define('CHANGE', LOAD_TEMPLATE('member_mydata_button', true));
92 if (strlen($DATA[7]) == 1) $DATA[7] = '0'.$DATA[7];
93 if (strlen($DATA[8]) == 1) $DATA[8] = '0'.$DATA[8];
95 switch (getLanguage()) {
96 case 'de': define('DOB', $DATA[7] . '.' . $DATA[8] . '.' . $DATA[9]); break;
97 default : define('DOB', $DATA[8] . '-' . $DATA[7] . '-' . $DATA[9]); break;
100 if (EXT_IS_ACTIVE('country')) {
101 // Load country's description and code
102 $DATA[3] = COUNTRY_GENERATE_INFO($DATA[3]);
106 LOAD_TEMPLATE('member_mydata_overview');
109 case 'edit': // Edit data
110 if (EXT_IS_ACTIVE('country', true)) {
111 // New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
112 $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update
113 FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
114 array(getUserId()), __FILE__, __LINE__);
116 // Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
117 $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update
118 FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
119 array(getUserId()), __FILE__, __LINE__);
122 $DATA = SQL_FETCHROW($result);
123 SQL_FREERESULT($result);
124 $DATA[13] = $DATA[12] + getConfig('profile_lock');
126 // How far is last change on his profile away from now?
127 if (($DATA[13] > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) {
128 $DATA[13] = generateDateTime($DATA[13] + getConfig('profile_lock'), '0');
129 // You cannot change your account
130 LOAD_TEMPLATE('member_mydata_locked');
132 // He is allowed to change his profile
136 define('M_DEFAULT', ' selected="selected"');
137 define('F_DEFAULT', '');
138 define('C_DEFAULT', '');
142 define('M_DEFAULT', '');
143 define('F_DEFAULT', ' selected="selected"');
144 define('C_DEFAULT', '');
148 define('M_DEFAULT', '');
149 define('F_DEFAULT', '');
150 define('C_DEFAULT', ' selected="selected"');
154 switch (getLanguage()) {
155 case 'de': // German date format
157 $DOB .= ADD_SELECTION('day', $DATA[7]);
160 $DOB .= ADD_SELECTION('month', $DATA[8]);
163 $DOB .= ADD_SELECTION('year', $DATA[9]);
166 default: // Default is the US date format... :)
171 define('MAX_REC_LIST', addMaxReceiveList('member', $DATA[11], true));
173 if (EXT_IS_ACTIVE('country')) {
174 // Generate selection box
175 $OUT = "<select name=\"country_code\" class=\"member_select\" size=\"1\">\n";
176 $whereStatement = "WHERE `is_active`='Y'";
177 if (IS_ADMIN()) $whereStatement = '';
178 $OUT .= generateOptionList('countries', 'id', 'descr', $DATA[3], 'code', $whereStatement);
180 define('__COUNTRY_CONTENT', $OUT);
182 // Ouput default input box
183 define('__COUNTRY_CONTENT', "<input type=\"text\" name=\"cntry\" class=\"member_normal\" size=\"2\" maxlength=\"3\" value=\"".$DATA[3]."\" />");
187 LOAD_TEMPLATE('member_mydata_edit');
191 case 'save': // Save entered data
192 // Load old email / password: 0 1 2
193 $result = SQL_QUERY_ESC("SELECT `email`, `password`, `last_update` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1",
194 array(getUserId()), __FILE__, __LINE__);
195 $DATA = SQL_FETCHROW($result);
196 SQL_FREERESULT($result);
197 $DATA[3] = $DATA[2] + getConfig('profile_lock');
199 // How far is last change on his profile away from now?
200 if (($DATA[3] > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) {
201 $DATA[3] = generateDateTime($DATA[3] + getConfig('profile_lock'), '0');
202 // You cannot change your account
203 LOAD_TEMPLATE('member_mydata_locked');
204 } elseif (!isEmailValid(REQUEST_POST('addy'))) {
205 // Invalid email address!
206 LOAD_TEMPLATE('admin_settings_saved', false, getMessage('INVALID_EMAIL_ADDRESS_ENTERED'));
209 $hash = generateHash(REQUEST_POST('pass1'), substr($DATA[1], 0, -40));
210 if ((($hash == $DATA[1]) || (REQUEST_POST('pass1') == REQUEST_POST('pass2'))) && (REQUEST_ISSET_POST('pass1'))) {
211 // Only on simple changes normal mode is active = no email or password changed
212 $mode = 'normal'; $AND = '';
214 // Did the user changed the password?
215 if ($hash != $DATA[1]) { $AND = ", password='".$hash."'"; $mode = 'pass'; }
217 // Or did he changed his password?
218 if (REQUEST_POST('addy') != $DATA[0]) {
220 if ($mode == 'normal') {
225 REQUEST_SET_POST('old_addy', $DATA[0]);
228 // Update member's profile
229 if (EXT_IS_ACTIVE('country')) {
231 SQL_QUERY_ESC("UPDATE
232 `{!_MYSQL_PREFIX!}_user_data`
234 `gender`='%s', `surname`='%s', `family`='%s',
236 `country_code`=%s, `zip`=%s, `city`='%s',
238 `birth_day`=%s, `birth_month`=%s, `birth_year`=%s,
240 `last_update`=UNIX_TIMESTAMP()".$AND.",
242 `last_profile_sent`=UNIX_TIMESTAMP()
247 REQUEST_POST('gender'),
248 REQUEST_POST('surname'),
249 REQUEST_POST('family'),
250 REQUEST_POST('street_nr'),
251 bigintval(REQUEST_POST('country_code')),
252 bigintval(REQUEST_POST('zip')),
253 REQUEST_POST('city'),
254 REQUEST_POST('addy'),
255 bigintval(REQUEST_POST('day')),
256 bigintval(REQUEST_POST('month')),
257 bigintval(REQUEST_POST('year')),
258 bigintval(REQUEST_POST('max_mails')),
260 ), __FILE__, __LINE__);
263 SQL_QUERY_ESC("UPDATE
264 `{!_MYSQL_PREFIX!}_user_data`
266 `gender`='%s', `surname`='%s', `family`='%s',
268 `country`='%s', `zip`=%s, `city`='%s',
270 `birth_day`=%s, `birth_month`=%s, `birth_year`=%s,
272 `last_update`=UNIX_TIMESTAMP()".$AND.",
274 `last_profile_sent`=UNIX_TIMESTAMP()
279 REQUEST_POST('gender'),
280 REQUEST_POST('surname'),
281 REQUEST_POST('family'),
282 REQUEST_POST('street_nr'),
283 REQUEST_POST('cntry'),
284 bigintval(REQUEST_POST('zip')),
285 REQUEST_POST('city'),
286 REQUEST_POST('addy'),
287 bigintval(REQUEST_POST('day')),
288 bigintval(REQUEST_POST('month')),
289 bigintval(REQUEST_POST('year')),
290 bigintval(REQUEST_POST('max_mails')),
292 ), __FILE__, __LINE__);
295 // Did something change?
296 if (SQL_AFFECTEDROWS() == 1) {
298 $modes = explode(';', $mode);
300 // ... and run them through
301 sendModeMails ('mydata', $modes);
303 // Something went wrong
304 LOAD_TEMPLATE('admin_settings_saved', false, getMessage('MEMBER_UPDATE_FAILED'));
307 // Entered wrong pass for updating profile
308 LOAD_TEMPLATE('admin_settings_saved', false, getMessage('MEBER_UPDATE_PWD_WRONG'));
313 case 'notify': // Switch off notfication
314 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `notified`='N', `last_update`=UNIX_TIMESTAMP() WHERE `userid`=%s LIMIT 1",
315 array(getUserId()), __FILE__, __LINE__);
316 $URL = 'modules.php?module=login&what=welcome&msg=' . urlencode(getMessage('PROFILE_UPDATED'));
321 // Load generated URL