time()) && (!IS_ADMIN()) && ($_CONFIG['profile_lock'] > 0))
{
// You cannot change your account
define('CHANGE', "".MEMBER_PROFILE_LOCKED_1.MAKE_DATETIME($DATA[13] + $_CONFIG['profile_lock'], "0").MEMBER_PROFILE_LOCKED_2."");
}
else
{
// He is allowed to change his profile
define('CHANGE', LOAD_TEMPLATE("member_mydata_button", true));
}
if (strlen($DATA[7]) == 1) $DATA[7] = "0".$DATA[7];
if (strlen($DATA[8]) == 1) $DATA[8] = "0".$DATA[8];
switch (GET_LANGUAGE())
{
case "de": define('DOB', $DATA[7].".".$DATA[8].".".$DATA[9]); break;
default : define('DOB', $DATA[8]."-".$DATA[7]."-".$DATA[9]); break;
}
if (EXT_IS_ACTIVE("country"))
{
// Load country's description and code
$DATA[3] = COUNTRY_GENERATE_INFO($DATA[3]);
}
// Load template
LOAD_TEMPLATE("member_mydata_overview");
break;
case "edit": // Edit data
if (EXT_IS_ACTIVE("country", true)) {
// New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
$result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, sex, max_mails, receive_mails, last_update
FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array(UID_VALUE), __FILE__, __LINE__);
} else {
// Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
$result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, sex, max_mails, receive_mails, last_update
FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array(UID_VALUE), __FILE__, __LINE__);
}
$DATA = SQL_FETCHROW($result);
SQL_FREERESULT($result);
$DATA[13] = $DATA[12] + $_CONFIG['profile_lock'];
// How far is last change on his profile away from now?
if (($DATA[13] > time()) && (!IS_ADMIN()) && ($_CONFIG['profile_lock'] > 0))
{
$DATA[13] = MAKE_DATETIME($DATA[13] + $_CONFIG['profile_lock'], "0");
// You cannot change your account
LOAD_TEMPLATE("member_mydata_locked");
}
else
{
// He is allowed to change his profile
switch ($DATA[10])
{
case "M":
define('M_DEFAULT', " selected=\"selected\"");
define('F_DEFAULT', "");
define('C_DEFAULT', "");
break;
case "F":
define('M_DEFAULT', "");
define('F_DEFAULT', " selected=\"selected\"");
define('C_DEFAULT', "");
break;
case "C":
define('M_DEFAULT', "");
define('F_DEFAULT', "");
define('C_DEFAULT', " selected=\"selected\"");
break;
}
$DOB = "";
switch (GET_LANGUAGE())
{
case "de": // German date format
// Day
$DOB .= ADD_SELECTION("day", $DATA[7]);
// Month
$DOB .= ADD_SELECTION("month", $DATA[8]);
// Year
$DOB .= ADD_SELECTION("year", $DATA[9]);
break;
default: // Default is the US date format... :)
break;
}
define('DOB', $DOB);
define('MAX_REC_LIST', ADD_MAX_RECEIVE_LIST("member", $DATA[11], true));
if (EXT_IS_ACTIVE("country"))
{
// Generate selection box
$OUT = "";
define('__COUNTRY_CONTENT', $OUT);
}
else
{
// Ouput default input box
define('__COUNTRY_CONTENT', "");
}
// Load template
LOAD_TEMPLATE("member_mydata_edit");
}
break;
case "save": // Save entered data
// Load old email / password: 0 1 2
$result = SQL_QUERY_ESC("SELECT email, password, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array(UID_VALUE), __FILE__, __LINE__);
$DATA = SQL_FETCHROW($result);
SQL_FREERESULT($result);
$DATA[3] = $DATA[2] + $_CONFIG['profile_lock'];
// How far is last change on his profile away from now?
if (($DATA[3] > time()) && (!IS_ADMIN()) && ($_CONFIG['profile_lock'] > 0))
{
$DATA[3] = MAKE_DATETIME($DATA[3] + $_CONFIG['profile_lock'], "0");
// You cannot change your account
LOAD_TEMPLATE("member_mydata_locked");
}
elseif (!VALIDATE_EMAIL($_POST['addy']))
{
// Invalid email address!
LOAD_TEMPLATE("admin_settings_saved", false, INVALID_EMAIL_ADDRESS_ENTERED);
}
else
{
// Secure every submitted variable
foreach ($_POST as $key=>$value)
{
$_POST[$key] = addslashes($value);
}
$hash = generateHash($_POST['pass1'], substr($DATA[1], 0, -40));
if ((($hash == $DATA[1]) || ($_POST['pass1'] == $_POST['pass2'])) && (!empty($_POST['pass1'])))
{
// Only on simple changes normal mode is active = no email or password changed
$MODE = "normal"; $AND = "";
// Did the user changed the password?
if ($hash != $DATA[1]) { $AND = ", password='".$hash."'"; $MODE = "pass"; }
// Or did he changed his password?
if ($_POST['addy'] != $DATA[0])
{
// Jupp
if ($MODE == "normal") { $MODE = "email"; } else { $MODE .= ";email"; }
$_POST['old_addy'] = $DATA[0];
}
// Update member's profile
if (EXT_IS_ACTIVE("country"))
{
// New way
$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET
sex='%s', surname='%s', family='%s',
street_nr='%s',
country_code=%s, zip=%s, city='%s',
email='%s',
birth_day=%s, birth_month=%s, birth_year=%s,
max_mails=%s,
last_update=UNIX_TIMESTAMP()".$AND.",
notified='N',
last_profile_sent=UNIX_TIMESTAMP()
WHERE userid=%s AND password='%s' LIMIT 1",
array(
$_POST['sex'],
$_POST['surname'],
$_POST['family_name'],
$_POST['street_nr'],
bigintval($_POST['country_code']),
bigintval($_POST['zip']),
$_POST['city'],
$_POST['addy'],
bigintval($_POST['day']),
bigintval($_POST['month']),
bigintval($_POST['year']),
bigintval($_POST['max_mails']),
UID_VALUE,
get_session('u_hash')
), __FILE__, __LINE__);
}
else
{
// Old way
$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET
sex='%s', surname='%s', family='%s',
street_nr='%s',
country='%s', zip=%s, city='%s',
email='%s',
birth_day=%s, birth_month=%s, birth_year=%s,
max_mails='%s',
last_update=UNIX_TIMESTAMP()".$AND.",
notified='N',
last_profile_sent=UNIX_TIMESTAMP()
WHERE userid=%s AND password='%s' LIMIT 1",
array(
$_POST['sex'],
$_POST['surname'],
$_POST['family_name'],
$_POST['street_nr'],
$_POST['cntry'],
bigintval($_POST['zip']),
$_POST['city'],
$_POST['addy'],
bigintval($_POST['day']),
bigintval($_POST['month']),
bigintval($_POST['year']),
bigintval($_POST['max_mails']),
UID_VALUE,
get_session('u_hash')
), __FILE__, __LINE__);
}
// Get all modes ...
$modes = explode(";", $MODE);
// ... and run them through
SEND_MODE_MAILS ("mydata", $modes);
}
else
{
// Entered wrong pass for updating profile
LOAD_TEMPLATE("admin_settings_saved", false, MEBER_UPDATE_PWD_WRONG);
}
}
break;
case "notify": // Switch off notfication
$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET notified='N', last_update=UNIX_TIMESTAMP() WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
$URL = URL."/modules.php?module=login&what=welcome&msg=".urlencode(PROFILE_UPDATED);
break;
}
CLOSE_TABLE();
if (!empty($URL))
{
// Load generated URL
LOAD_URL($URL);
}
//
?>