<?php
/************************************************************************
- * MXChange v0.2.1 Start: 09/28/2003 *
- * =============== Last change: 06/10/2004 *
+ * Mailer v0.2.1-FINAL Start: 09/28/2003 *
+ * =================== Last change: 06/10/2004 *
* *
* -------------------------------------------------------------------- *
* File : what-edit_user.php *
* -------------------------------------------------------------------- *
* Kurzbeschreibung : Mitgliederprofile aendern *
* -------------------------------------------------------------------- *
- * *
+ * $Revision:: $ *
+ * $Date:: $ *
+ * $Tag:: 0.2.1-FINAL $ *
+ * $Author:: $ *
+ * Needs to be in all Files and every File needs "svn propset *
+ * svn:keywords Date Revision" (autoprobset!) at least!!!!!! *
+ * -------------------------------------------------------------------- *
+ * @TODO Add support for ext-country *
* -------------------------------------------------------------------- *
- * Copyright (c) 2003 - 2008 by Roland Haeder *
+ * Copyright (c) 2003 - 2009 by Roland Haeder *
+ * Copyright (c) 2009, 2010 by Mailer Developer Team *
* For more information visit: http://www.mxchange.org *
* *
* This program is free software; you can redistribute it and/or modify *
************************************************************************/
// Some security stuff...
-if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
- $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
- require($INC);
-}
+if ((!defined('__SECURITY')) || (!isAdmin())) {
+ die();
+} // END - if
// Add description as navigation point
-ADD_DESCR("admin", __FILE__);
+addMenuDescription('admin', __FILE__);
// Fix a notice
$result_main = false;
-if (isset($_GET['u_id'])) {
- // 0 1 2 3 4 5 6 7 8 9 10 11
- $result_main = SQL_QUERY_ESC("SELECT gender, surname, family, street_nr, zip, city, country, email, birth_day, birth_month, birth_year, max_mails
-FROM `{!_MYSQL_PREFIX!}_user_data`
-WHERE userid=%s
+if (isGetRequestParameterSet('userid')) {
+ // Load user entry
+ $result_main = SQL_QUERY_ESC("SELECT
+ `userid`, `gender`, `surname`, `family`, `street_nr`, `zip`, `city`, `country`,
+ `email`,
+ `birth_day`, `birth_month`, `birth_year`,
+ `max_mails`
+FROM
+ `{?_MYSQL_PREFIX?}_user_data`
+WHERE
+ `userid`=%s
LIMIT 1",
- array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
-}
+ array(
+ bigintval(getRequestParameter('userid'))
+ ), __FILE__, __LINE__);
+} // END - if
-if ((SQL_NUMROWS($result_main) == 1) || (empty($_GET['u_id'])))
-{
+if ((!isGetRequestParameterSet('userid')) || (SQL_NUMROWS($result_main) == 1)) {
// User found
- if (empty($_GET['u_id']))
- {
+ if (!isGetRequestParameterSet('userid')) {
// Output selection form with all confirmed user accounts listed
- ADD_MEMBER_SELECTION_BOX();
- }
- elseif (isset($_POST['edit']))
- {
+ addMemberSelectionBox();
+ } elseif (isFormSent('edit')) {
// Ok, change the account...
- $PASS = false; $ADD = "";
- if ((empty($_POST['pass1'])) && (empty($_POST['pass2'])))
- {
+ $updateUser = false; $add = '';
+ if ((!isPostRequestParameterSet('pass1')) && (!isPostRequestParameterSet('pass2'))) {
// Don't change the password
- $PASS = true;
- }
- elseif (($_POST['pass1'] == $_POST['pass2']))
- {
+ $updateUser = true;
+ } elseif ((postRequestParameter('pass1') == postRequestParameter('pass2'))) {
// Change the password
- $PASS = true;
- $ADD = ", password='".generateHash($_POST['pass1'])."'";
+ $updateUser = true;
+ $add = ", `password`='" . generateHash(postRequestParameter('pass1')) . "'";
}
- if ($PASS)
- {
+
+ if ($updateUser === true) {
// We have to add the following things: birthday and max receive mails
- SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET
-gender='%s',
-surname='%s',
-family='%s',
-street_nr='%s',
-country='%s',
-zip=%s,
-city='%s',
-email='%s'
-".$ADD."
-WHERE userid=%s LIMIT 1",
- array(
- substr($_POST['gender'], 0, 1),
- $_POST['surname'],
- $_POST['family_name'],
- $_POST['street_nr'],
- $_POST['country'],
- bigintval($_POST['zip']),
- $_POST['city'],
- $_POST['email'],
- bigintval($_GET['u_id']),
-), __FILE__, __LINE__);
- $content = USER_ACCOUNT_SAVED;
- }
- else
- {
+ SQL_QUERY_ESC("UPDATE
+ `{?_MYSQL_PREFIX?}_user_data`
+SET
+ `gender`='%s',
+ `surname`='%s',
+ `family`='%s',
+ `street_nr`='%s',
+ `country`='%s',
+ `zip`=%s,
+ `city`='%s',
+ `email`='%s'
+ ".$add."
+WHERE
+ `userid`=%s
+LIMIT 1",
+ array(
+ substr(postRequestParameter('gender'), 0, 1),
+ postRequestParameter('surname'),
+ postRequestParameter('family'),
+ postRequestParameter('street_nr'),
+ postRequestParameter('country'),
+ bigintval(postRequestParameter('zip')),
+ postRequestParameter('city'),
+ postRequestParameter('email'),
+ bigintval(getRequestParameter('userid')),
+ ), __FILE__, __LINE__);
+ $content = getMessage('USER_ACCOUNT_SAVED');
+ } else {
// Problem while saving data
- $content = USER_ACCOUNT_NOT_SAVED;
+ $content = getMessage('USER_ACCOUNT_NOT_SAVED');
}
// Load template
- LOAD_TEMPLATE("admin_settings_saved", false, $content);
- }
- else
- {
- // Display form to edit
- list($gender, $surname, $family, $street, $zip, $city, $country, $email, $bday, $bmonth, $byear, $max) = SQL_FETCHROW($result_main);
- SQL_FREERESULT($result_main);
+ loadTemplate('admin_settings_saved', false, $content);
+ } else {
+ // Load entry
+ $content = SQL_FETCHARRAY($result_main);
- // Transfer data to constants for the template
- switch ($gender)
- {
- case "M":
- define('_GENDER_M', " selected=\"selected\"");
- define('_GENDER_F', "");
- define('_GENDER_C', "");
- break;
+ // Init entries
+ foreach (array('gender_m','gender_f','gender_c') as $entry) {
+ $content[$entry] = '';
+ } // END - foreach
- case "F":
- define('_GENDER_M', "");
- define('_GENDER_F', " selected=\"selected\"");
- define('_GENDER_C', "");
- break;
-
- case "C":
- define('_GENDER_M', "");
- define('_GENDER_F', "");
- define('_GENDER_C', " selected=\"selected\"");
- break;
- }
-
- define('_SURNAME', $surname); define('_FAMILY', $family); define('_CITY' , $city);
- define('_STREET' , $street); define('_ZIP' , $zip); define('_MAX_MAILS', $max);
- define('_COUNTRY', $country); define('_EMAIL' , $email);
+ // Prepare selections
+ $content['gender_' . strtolower($content['gender'])] = ' selected="selected"';
// Load template
- LOAD_TEMPLATE("admin_edit_user", false, bigintval($_GET['u_id']));
+ loadTemplate('admin_edit_user', false, $content);
}
-}
- else
-{
+} else {
// Account does not exists!
- LOAD_TEMPLATE("admin_settings_saved", false, "<div class=\"admin_failed\">".ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2."</div>");
+ loadTemplate('admin_settings_saved', false, '<div class="admin_failed">' . getMaskedMessage('ADMIN_MEMBER_404', bigintval(getRequestParameter('userid'))) . '</div>');
}
-//
+// Free the result
+SQL_FREERESULT($result_main);
+
+// [EOF]
?>