-<?php\r
-/************************************************************************\r
- * MXChange v0.2.1 Start: 10/16/2003 *\r
- * =============== Last change: 06/30/2004 *\r
- * *\r
- * -------------------------------------------------------------------- *\r
- * File : what-mydata.php *\r
- * -------------------------------------------------------------------- *\r
- * Short description : Members can edit their profile data here *\r
- * -------------------------------------------------------------------- *\r
- * Kurzbeschreibung : Mitglieder koennen hier ihre Profildaten aendern *\r
- * -------------------------------------------------------------------- *\r
- * *\r
- * -------------------------------------------------------------------- *\r
- * Copyright (c) 2003 - 2008 by Roland Haeder *\r
- * For more information visit: http://www.mxchange.org *\r
- * *\r
- * This program is free software; you can redistribute it and/or modify *\r
- * it under the terms of the GNU General Public License as published by *\r
- * the Free Software Foundation; either version 2 of the License, or *\r
- * (at your option) any later version. *\r
- * *\r
- * This program is distributed in the hope that it will be useful, *\r
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *\r
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *\r
- * GNU General Public License for more details. *\r
- * *\r
- * You should have received a copy of the GNU General Public License *\r
- * along with this program; if not, write to the Free Software *\r
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *\r
- * MA 02110-1301 USA *\r
- ************************************************************************/\r
-\r
-// Some security stuff...\r
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))\r
-{\r
- $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";\r
- require($INC);\r
-}\r
- elseif (!IS_LOGGED_IN())\r
-{\r
- LOAD_URL(URL."/modules.php?module=index");\r
-}\r
- elseif ((!EXT_IS_ACTIVE("mydata")) && (!IS_ADMIN()))\r
-{\r
- ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "mydata");\r
- return;\r
-}\r
-\r
-// Add description as navigation point\r
-ADD_DESCR("member", basename(__FILE__));\r
-\r
-OPEN_TABLE("100%", "member_content member_content_align", "");\r
-define('UID_VALUE', $GLOBALS['userid']); $URL = "";\r
-\r
-// Detect what the member wants to do\r
-$MODE = "show"; // Show his data\r
-if (!empty($_POST['save'])) $MODE = "save"; // Save entered data\r
-if (isset($_POST['edit'])) $MODE = "edit"; // Edit data\r
-if (!empty($_POST['notify'])) $MODE = "notify"; // Switch off notification\r
-\r
-switch ($MODE)\r
-{\r
-case "show": // Show his data\r
- if (EXT_IS_ACTIVE("country", true))\r
- {\r
- // New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13\r
- $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, sex, max_mails, receive_mails, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",\r
- array(UID_VALUE), __FILE__, __LINE__);\r
- }\r
- else\r
- {\r
- // Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13\r
- $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, sex, max_mails, receive_mails, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",\r
- array(UID_VALUE), __FILE__, __LINE__);\r
- }\r
- $DATA = SQL_FETCHROW($result);\r
- SQL_FREERESULT($result);\r
-\r
- // Translate / add some things\r
- $DATA[10] = TRANSLATE_SEX($DATA[10]);\r
- $DATA[13] = MAKE_DATETIME($DATA[13], "0");\r
-\r
- // How far is last change on his profile away from now?\r
- if ((($DATA[13] + $CONFIG['profile_lock']) > time()) && (!IS_ADMIN()) && ($CONFIG['profile_lock'] > 0))\r
- {\r
- // You cannot change your account\r
- define('CHANGE', "<FONT class=\"member_failed\">".MEMBER_PROFILE_LOCKED_1.MAKE_DATETIME($DATA[13] + $CONFIG['profile_lock'], "0").MEMBER_PROFILE_LOCKED_2."</FONT>");\r
- }\r
- else\r
- {\r
- // He is allowed to change his profile\r
- define('CHANGE', LOAD_TEMPLATE("member_mydata_button", true));\r
- }\r
- if (strlen($DATA[7]) == 1) $DATA[7] = "0".$DATA[7];\r
- if (strlen($DATA[8]) == 1) $DATA[8] = "0".$DATA[8];\r
- switch (GET_LANGUAGE())\r
- {\r
- case "de": define ('DOB', $DATA[7].".".$DATA[8].".".$DATA[9]); break;\r
- default : define ('DOB', $DATA[8]."-".$DATA[7]."-".$DATA[9]); break;\r
- }\r
-\r
- if (EXT_IS_ACTIVE("country"))\r
- {\r
- // Load country's description and code\r
- $DATA[3] = COUNTRY_GENERATE_INFO($DATA[3]);\r
- }\r
-\r
- // Load template\r
- LOAD_TEMPLATE("member_mydata_overview");\r
- break;\r
-\r
-case "edit": // Edit data\r
- if (EXT_IS_ACTIVE("country", true))\r
- {\r
- // New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13\r
- $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, sex, max_mails, receive_mails, last_update\r
-FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",\r
- array(UID_VALUE), __FILE__, __LINE__);\r
- }\r
- else\r
- {\r
- // Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13\r
- $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, sex, max_mails, receive_mails, last_update\r
-FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",\r
- array(UID_VALUE), __FILE__, __LINE__);\r
- }\r
-\r
- $DATA = SQL_FETCHROW($result);\r
- SQL_FREERESULT($result);\r
- $DATA[13] = $DATA[12] + $CONFIG['profile_lock'];\r
-\r
- // How far is last change on his profile away from now?\r
- if (($DATA[13] > time()) && (!IS_ADMIN()) && ($CONFIG['profile_lock'] > 0))\r
- {\r
- $DATA[13] = MAKE_DATETIME($DATA[13] + $CONFIG['profile_lock'], "0");\r
- // You cannot change your account\r
- LOAD_TEMPLATE("member_mydata_locked");\r
- }\r
- else\r
- {\r
- // He is allowed to change his profile\r
- switch ($DATA[10])\r
- {\r
- case "M":\r
- define('M_DEFAULT', " selected=\"selected\"");\r
- define('F_DEFAULT', "");\r
- define('C_DEFAULT', "");\r
- break;\r
-\r
- case "F":\r
- define('M_DEFAULT', "");\r
- define('F_DEFAULT', " selected=\"selected\"");\r
- define('C_DEFAULT', "");\r
- break;\r
-\r
- case "C":\r
- define('M_DEFAULT', "");\r
- define('F_DEFAULT', "");\r
- define('C_DEFAULT', " selected=\"selected\"");\r
- break;\r
- }\r
- $DOB = "";\r
- switch (GET_LANGUAGE())\r
- {\r
- case "de": // German date format\r
- // Day\r
- $DOB .= ADD_SELECTION("day", $DATA[7]);\r
-\r
- // Month\r
- $DOB .= ADD_SELECTION("month", $DATA[8]);\r
-\r
- // Year\r
- $DOB .= ADD_SELECTION("year", $DATA[9]);\r
- break;\r
-\r
- default: // Default is the US date format... :)\r
- break;\r
- }\r
- define('DOB', $DOB);\r
- define('MAX_REC_LIST', ADD_MAX_RECEIVE_LIST("member", $DATA[11], true));\r
-\r
- if (EXT_IS_ACTIVE("country"))\r
- {\r
- // Generate selection box\r
- $OUT = "<SELECT name=\"country_code\" class=\"member_select\" size=\"1\">\n";\r
- $WHERE = "WHERE is_active='Y'";\r
- if (IS_ADMIN()) $WHERE = "";\r
- $OUT .= ADD_OPTION_LINES("countries", "id", "descr", $DATA[3], "code", $WHERE);\r
- $OUT .= "</SELECT>";\r
- define('__COUNTRY_CONTENT', $OUT);\r
- }\r
- else\r
- {\r
- // Ouput default input box\r
- define('__COUNTRY_CONTENT', "<INPUT type=\"text\" name=\"cntry\" class=\"member_normal\" size=\"2\" maxlength=\"3\" value=\"".$DATA[3]."\">");\r
- }\r
-\r
- // Load template\r
- LOAD_TEMPLATE("member_mydata_edit");\r
- }\r
- break;\r
-\r
-case "save": // Save entered data\r
- // Load old email / password: 0 1 2\r
- $result = SQL_QUERY_ESC("SELECT email, password, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",\r
- array(UID_VALUE), __FILE__, __LINE__);\r
- $DATA = SQL_FETCHROW($result);\r
- SQL_FREERESULT($result);\r
- $DATA[3] = $DATA[2] + $CONFIG['profile_lock'];\r
-\r
- // How far is last change on his profile away from now?\r
- if (($DATA[3] > time()) && (!IS_ADMIN()) && ($CONFIG['profile_lock'] > 0))\r
- {\r
- $DATA[3] = MAKE_DATETIME($DATA[3] + $CONFIG['profile_lock'], "0");\r
- // You cannot change your account\r
- LOAD_TEMPLATE("member_mydata_locked");\r
- }\r
- elseif (!VALIDATE_EMAIL($_POST['addy']))\r
- {\r
- // Invalid email address!\r
- LOAD_TEMPLATE("admin_settings_saved", false, INVALID_EMAIL_ADDRESS_ENTERED);\r
- }\r
- else\r
- {\r
- // Secure every submitted variable\r
- foreach ($_POST as $key=>$value)\r
- {\r
- $_POST[$key] = addslashes($value);\r
- }\r
-\r
- $hash = generateHash($_POST['pass1'], substr($DATA[1], 0, -40));\r
- if ((($hash == $DATA[1]) || ($_POST['pass1'] == $_POST['pass2'])) && (!empty($_POST['pass1'])))\r
- {\r
- // Only on simple changes normal mode is active = no email or password changed\r
- $MODE = "normal"; $AND = "";\r
-\r
- // Did the user changed the password?\r
- if ($hash != $DATA[1]) { $AND = ", password='".$hash."'"; $MODE = "pass"; }\r
-\r
- // Or did he changed his password?\r
- if ($_POST['addy'] != $DATA[0])\r
- {\r
- // Jupp\r
- if ($MODE == "normal") { $MODE = "email"; } else { $MODE .= ";email"; }\r
- $_POST['old_addy'] = $DATA[0];\r
- }\r
-\r
- // Update member's profile\r
- if (EXT_IS_ACTIVE("country"))\r
- {\r
- // New way\r
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET\r
-sex='%s', surname='%s', family='%s',\r
-street_nr='%s',\r
-country_code=%d, zip=%d, city='%s',\r
-email='%s',\r
-birth_day=%d, birth_month=%d, birth_year=%d,\r
-max_mails=%d,\r
-last_update=UNIX_TIMESTAMP()".$AND.",\r
-notified='N',\r
-last_profile_sent=UNIX_TIMESTAMP()\r
-WHERE userid=%d AND password='%s' LIMIT 1",\r
- array(\r
- $_POST['sex'],\r
- $_POST['surname'],\r
- $_POST['family_name'],\r
- $_POST['street_nr'],\r
- bigintval($_POST['country_code']),\r
- bigintval($_POST['zip']),\r
- $_POST['city'],\r
- $_POST['addy'],\r
- bigintval($_POST['day']),\r
- bigintval($_POST['month']),\r
- bigintval($_POST['year']),\r
- bigintval($_POST['max_mails']),\r
- UID_VALUE,\r
- $_COOKIE['u_hash']\r
- ), __FILE__, __LINE__);\r
- }\r
- else\r
- {\r
- // Old way\r
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET\r
-sex='%s', surname='%s', family='%s',\r
-street_nr='%s',\r
-country='%s', zip=%d, city='%s',\r
-email='%s',\r
-birth_day=%d, birth_month=%d, birth_year=%d,\r
-max_mails='%s',\r
-last_update=UNIX_TIMESTAMP()".$AND.",\r
-notified='N',\r
-last_profile_sent=UNIX_TIMESTAMP()\r
-WHERE userid=%d AND password='%s' LIMIT 1",\r
- array(\r
- $_POST['sex'],\r
- $_POST['surname'],\r
- $_POST['family_name'],\r
- $_POST['street_nr'],\r
- $_POST['cntry'],\r
- bigintval($_POST['zip']),\r
- $_POST['city'],\r
- $_POST['addy'],\r
- bigintval($_POST['day']),\r
- bigintval($_POST['month']),\r
- bigintval($_POST['year']),\r
- bigintval($_POST['max_mails']),\r
- UID_VALUE,\r
- $_COOKIE['u_hash']\r
- ), __FILE__, __LINE__);\r
- }\r
-\r
- // Get all modes ...\r
- $modes = explode(";", $MODE);\r
-\r
- // ... and run them through\r
- SEND_MODE_MAILS ("mydata", $modes);\r
- }\r
- else\r
- {\r
- // Entered wrong pass for updating profile\r
- LOAD_TEMPLATE("admin_settings_saved", false, MEBER_UPDATE_PWD_WRONG);\r
- }\r
- }\r
- break;\r
-\r
-case "notify": // Switch off notfication\r
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET notified='N', last_update=UNIX_TIMESTAMP() WHERE userid=%d LIMIT 1",\r
- array($GLOBALS['userid']), __FILE__, __LINE__);\r
- $URL = URL."/modules.php?module=login&what=welcome&msg=".urlencode(PROFILE_UPDATED);\r
- break;\r
-}\r
-CLOSE_TABLE();\r
-\r
-if (!empty($URL))\r
-{\r
- // Load generated URL\r
- LOAD_URL($URL);\r
-}\r
-//\r
-?>\r
+<?php
+/************************************************************************
+ * MXChange v0.2.1 Start: 10/16/2003 *
+ * =============== Last change: 06/30/2004 *
+ * *
+ * -------------------------------------------------------------------- *
+ * File : what-mydata.php *
+ * -------------------------------------------------------------------- *
+ * Short description : Members can edit their profile data here *
+ * -------------------------------------------------------------------- *
+ * Kurzbeschreibung : Mitglieder koennen hier ihre Profildaten aendern *
+ * -------------------------------------------------------------------- *
+ * *
+ * -------------------------------------------------------------------- *
+ * Copyright (c) 2003 - 2008 by Roland Haeder *
+ * For more information visit: http://www.mxchange.org *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the Free Software *
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
+ * MA 02110-1301 USA *
+ ************************************************************************/
+
+// Some security stuff...
+if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
+{
+ $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
+ require($INC);
+}
+ elseif (!IS_LOGGED_IN())
+{
+ LOAD_URL(URL."/modules.php?module=index");
+}
+ elseif ((!EXT_IS_ACTIVE("mydata")) && (!IS_ADMIN()))
+{
+ ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "mydata");
+ return;
+}
+
+// Add description as navigation point
+ADD_DESCR("member", basename(__FILE__));
+
+OPEN_TABLE("100%", "member_content member_content_align", "");
+define('UID_VALUE', $GLOBALS['userid']); $URL = "";
+
+// Detect what the member wants to do
+$MODE = "show"; // Show his data
+if (!empty($_POST['save'])) $MODE = "save"; // Save entered data
+if (isset($_POST['edit'])) $MODE = "edit"; // Edit data
+if (!empty($_POST['notify'])) $MODE = "notify"; // Switch off notification
+
+switch ($MODE)
+{
+case "show": // Show his data
+ if (EXT_IS_ACTIVE("country", true))
+ {
+ // New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
+ $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, sex, max_mails, receive_mails, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ array(UID_VALUE), __FILE__, __LINE__);
+ }
+ else
+ {
+ // Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
+ $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, sex, max_mails, receive_mails, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ array(UID_VALUE), __FILE__, __LINE__);
+ }
+ $DATA = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+
+ // Translate / add some things
+ $DATA[10] = TRANSLATE_SEX($DATA[10]);
+ $DATA[13] = MAKE_DATETIME($DATA[13], "0");
+
+ // How far is last change on his profile away from now?
+ if ((($DATA[13] + $CONFIG['profile_lock']) > time()) && (!IS_ADMIN()) && ($CONFIG['profile_lock'] > 0))
+ {
+ // You cannot change your account
+ define('CHANGE', "<FONT class=\"member_failed\">".MEMBER_PROFILE_LOCKED_1.MAKE_DATETIME($DATA[13] + $CONFIG['profile_lock'], "0").MEMBER_PROFILE_LOCKED_2."</FONT>");
+ }
+ else
+ {
+ // He is allowed to change his profile
+ define('CHANGE', LOAD_TEMPLATE("member_mydata_button", true));
+ }
+ if (strlen($DATA[7]) == 1) $DATA[7] = "0".$DATA[7];
+ if (strlen($DATA[8]) == 1) $DATA[8] = "0".$DATA[8];
+ switch (GET_LANGUAGE())
+ {
+ case "de": define ('DOB', $DATA[7].".".$DATA[8].".".$DATA[9]); break;
+ default : define ('DOB', $DATA[8]."-".$DATA[7]."-".$DATA[9]); break;
+ }
+
+ if (EXT_IS_ACTIVE("country"))
+ {
+ // Load country's description and code
+ $DATA[3] = COUNTRY_GENERATE_INFO($DATA[3]);
+ }
+
+ // Load template
+ LOAD_TEMPLATE("member_mydata_overview");
+ break;
+
+case "edit": // Edit data
+ if (EXT_IS_ACTIVE("country", true))
+ {
+ // New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
+ $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, sex, max_mails, receive_mails, last_update
+FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ array(UID_VALUE), __FILE__, __LINE__);
+ }
+ else
+ {
+ // Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
+ $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, sex, max_mails, receive_mails, last_update
+FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ array(UID_VALUE), __FILE__, __LINE__);
+ }
+
+ $DATA = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+ $DATA[13] = $DATA[12] + $CONFIG['profile_lock'];
+
+ // How far is last change on his profile away from now?
+ if (($DATA[13] > time()) && (!IS_ADMIN()) && ($CONFIG['profile_lock'] > 0))
+ {
+ $DATA[13] = MAKE_DATETIME($DATA[13] + $CONFIG['profile_lock'], "0");
+ // You cannot change your account
+ LOAD_TEMPLATE("member_mydata_locked");
+ }
+ else
+ {
+ // He is allowed to change his profile
+ switch ($DATA[10])
+ {
+ case "M":
+ define('M_DEFAULT', " selected=\"selected\"");
+ define('F_DEFAULT', "");
+ define('C_DEFAULT', "");
+ break;
+
+ case "F":
+ define('M_DEFAULT', "");
+ define('F_DEFAULT', " selected=\"selected\"");
+ define('C_DEFAULT', "");
+ break;
+
+ case "C":
+ define('M_DEFAULT', "");
+ define('F_DEFAULT', "");
+ define('C_DEFAULT', " selected=\"selected\"");
+ break;
+ }
+ $DOB = "";
+ switch (GET_LANGUAGE())
+ {
+ case "de": // German date format
+ // Day
+ $DOB .= ADD_SELECTION("day", $DATA[7]);
+
+ // Month
+ $DOB .= ADD_SELECTION("month", $DATA[8]);
+
+ // Year
+ $DOB .= ADD_SELECTION("year", $DATA[9]);
+ break;
+
+ default: // Default is the US date format... :)
+ break;
+ }
+ define('DOB', $DOB);
+ define('MAX_REC_LIST', ADD_MAX_RECEIVE_LIST("member", $DATA[11], true));
+
+ if (EXT_IS_ACTIVE("country"))
+ {
+ // Generate selection box
+ $OUT = "<SELECT name=\"country_code\" class=\"member_select\" size=\"1\">\n";
+ $WHERE = "WHERE is_active='Y'";
+ if (IS_ADMIN()) $WHERE = "";
+ $OUT .= ADD_OPTION_LINES("countries", "id", "descr", $DATA[3], "code", $WHERE);
+ $OUT .= "</SELECT>";
+ define('__COUNTRY_CONTENT', $OUT);
+ }
+ else
+ {
+ // Ouput default input box
+ define('__COUNTRY_CONTENT', "<INPUT type=\"text\" name=\"cntry\" class=\"member_normal\" size=\"2\" maxlength=\"3\" value=\"".$DATA[3]."\">");
+ }
+
+ // Load template
+ LOAD_TEMPLATE("member_mydata_edit");
+ }
+ break;
+
+case "save": // Save entered data
+ // Load old email / password: 0 1 2
+ $result = SQL_QUERY_ESC("SELECT email, password, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ array(UID_VALUE), __FILE__, __LINE__);
+ $DATA = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+ $DATA[3] = $DATA[2] + $CONFIG['profile_lock'];
+
+ // How far is last change on his profile away from now?
+ if (($DATA[3] > time()) && (!IS_ADMIN()) && ($CONFIG['profile_lock'] > 0))
+ {
+ $DATA[3] = MAKE_DATETIME($DATA[3] + $CONFIG['profile_lock'], "0");
+ // You cannot change your account
+ LOAD_TEMPLATE("member_mydata_locked");
+ }
+ elseif (!VALIDATE_EMAIL($_POST['addy']))
+ {
+ // Invalid email address!
+ LOAD_TEMPLATE("admin_settings_saved", false, INVALID_EMAIL_ADDRESS_ENTERED);
+ }
+ else
+ {
+ // Secure every submitted variable
+ foreach ($_POST as $key=>$value)
+ {
+ $_POST[$key] = addslashes($value);
+ }
+
+ $hash = generateHash($_POST['pass1'], substr($DATA[1], 0, -40));
+ if ((($hash == $DATA[1]) || ($_POST['pass1'] == $_POST['pass2'])) && (!empty($_POST['pass1'])))
+ {
+ // Only on simple changes normal mode is active = no email or password changed
+ $MODE = "normal"; $AND = "";
+
+ // Did the user changed the password?
+ if ($hash != $DATA[1]) { $AND = ", password='".$hash."'"; $MODE = "pass"; }
+
+ // Or did he changed his password?
+ if ($_POST['addy'] != $DATA[0])
+ {
+ // Jupp
+ if ($MODE == "normal") { $MODE = "email"; } else { $MODE .= ";email"; }
+ $_POST['old_addy'] = $DATA[0];
+ }
+
+ // Update member's profile
+ if (EXT_IS_ACTIVE("country"))
+ {
+ // New way
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET
+sex='%s', surname='%s', family='%s',
+street_nr='%s',
+country_code=%d, zip=%d, city='%s',
+email='%s',
+birth_day=%d, birth_month=%d, birth_year=%d,
+max_mails=%d,
+last_update=UNIX_TIMESTAMP()".$AND.",
+notified='N',
+last_profile_sent=UNIX_TIMESTAMP()
+WHERE userid=%d AND password='%s' LIMIT 1",
+ array(
+ $_POST['sex'],
+ $_POST['surname'],
+ $_POST['family_name'],
+ $_POST['street_nr'],
+ bigintval($_POST['country_code']),
+ bigintval($_POST['zip']),
+ $_POST['city'],
+ $_POST['addy'],
+ bigintval($_POST['day']),
+ bigintval($_POST['month']),
+ bigintval($_POST['year']),
+ bigintval($_POST['max_mails']),
+ UID_VALUE,
+ $_COOKIE['u_hash']
+ ), __FILE__, __LINE__);
+ }
+ else
+ {
+ // Old way
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET
+sex='%s', surname='%s', family='%s',
+street_nr='%s',
+country='%s', zip=%d, city='%s',
+email='%s',
+birth_day=%d, birth_month=%d, birth_year=%d,
+max_mails='%s',
+last_update=UNIX_TIMESTAMP()".$AND.",
+notified='N',
+last_profile_sent=UNIX_TIMESTAMP()
+WHERE userid=%d AND password='%s' LIMIT 1",
+ array(
+ $_POST['sex'],
+ $_POST['surname'],
+ $_POST['family_name'],
+ $_POST['street_nr'],
+ $_POST['cntry'],
+ bigintval($_POST['zip']),
+ $_POST['city'],
+ $_POST['addy'],
+ bigintval($_POST['day']),
+ bigintval($_POST['month']),
+ bigintval($_POST['year']),
+ bigintval($_POST['max_mails']),
+ UID_VALUE,
+ $_COOKIE['u_hash']
+ ), __FILE__, __LINE__);
+ }
+
+ // Get all modes ...
+ $modes = explode(";", $MODE);
+
+ // ... and run them through
+ SEND_MODE_MAILS ("mydata", $modes);
+ }
+ else
+ {
+ // Entered wrong pass for updating profile
+ LOAD_TEMPLATE("admin_settings_saved", false, MEBER_UPDATE_PWD_WRONG);
+ }
+ }
+ break;
+
+case "notify": // Switch off notfication
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET notified='N', last_update=UNIX_TIMESTAMP() WHERE userid=%d LIMIT 1",
+ array($GLOBALS['userid']), __FILE__, __LINE__);
+ $URL = URL."/modules.php?module=login&what=welcome&msg=".urlencode(PROFILE_UPDATED);
+ break;
+}
+CLOSE_TABLE();
+
+if (!empty($URL))
+{
+ // Load generated URL
+ LOAD_URL($URL);
+}
+//
+?>