- break;
-
- case 'save': // Save entered data
- // Load old email / password: 0 1 2
- $result = SQL_QUERY_ESC("SELECT email, password, last_update FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
- array(getUserId()), __FILE__, __LINE__);
- $DATA = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- $DATA[3] = $DATA[2] + getConfig('profile_lock');
-
- // How far is last change on his profile away from now?
- if (($DATA[3] > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) {
- $DATA[3] = generateDateTime($DATA[3] + getConfig('profile_lock'), '0');
- // You cannot change your account
- LOAD_TEMPLATE("member_mydata_locked");
- } elseif (!isEmailValid(REQUEST_POST('addy'))) {
- // Invalid email address!
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('INVALID_EMAIL_ADDRESS_ENTERED'));
- } else {
- // Generate hash
- $hash = generateHash(REQUEST_POST('pass1'), substr($DATA[1], 0, -40));
- if ((($hash == $DATA[1]) || (REQUEST_POST('pass1') == REQUEST_POST('pass2'))) && (REQUEST_ISSET_POST(('pass1')))) {
- // Only on simple changes normal mode is active = no email or password changed
- $mode = 'normal'; $AND = '';
-
- // Did the user changed the password?
- if ($hash != $DATA[1]) { $AND = ", password='".$hash."'"; $mode = 'pass'; }
-
- // Or did he changed his password?
- if (REQUEST_POST('addy') != $DATA[0]) {
- // Jupp
- if ($mode == 'normal') { $mode = 'email'; } else { $mode .= ";email"; }
- REQUEST_SET_POST('old_addy', $DATA[0]);
- }
-
- // Update member's profile
- if (EXT_IS_ACTIVE('country')) {
- // New way
- SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET
-gender='%s', surname='%s', family='%s',
-street_nr='%s',
-country_code=%s, zip=%s, city='%s',
-email='%s',
-birth_day=%s, birth_month=%s, birth_year=%s,
-max_mails=%s,
-last_update=UNIX_TIMESTAMP()".$AND.",
-notified='N',
-last_profile_sent=UNIX_TIMESTAMP()
-WHERE userid=%s AND password='%s' LIMIT 1",
- array(
- REQUEST_POST('gender'),
- REQUEST_POST('surname'),
- REQUEST_POST('family'),
- REQUEST_POST('street_nr'),
- bigintval(REQUEST_POST('country_code')),
- bigintval(REQUEST_POST('zip')),
- REQUEST_POST('city'),
- REQUEST_POST('addy'),
- bigintval(REQUEST_POST('day')),
- bigintval(REQUEST_POST('month')),
- bigintval(REQUEST_POST('year')),
- bigintval(REQUEST_POST('max_mails')),
- UID_VALUE,
- getSession('u_hash')
- ), __FILE__, __LINE__);
- } else {
- // Old way
- SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET
-gender='%s', surname='%s', family='%s',
-street_nr='%s',
-country='%s', zip=%s, city='%s',
-email='%s',
-birth_day=%s, birth_month=%s, birth_year=%s,
-max_mails='%s',
-last_update=UNIX_TIMESTAMP()".$AND.",
-notified='N',
-last_profile_sent=UNIX_TIMESTAMP()
-WHERE userid=%s AND password='%s' LIMIT 1",
- array(
- REQUEST_POST('gender'),
- REQUEST_POST('surname'),
- REQUEST_POST('family'),
- REQUEST_POST('street_nr'),
- REQUEST_POST('cntry'),
- bigintval(REQUEST_POST('zip')),
- REQUEST_POST('city'),
- REQUEST_POST('addy'),
- bigintval(REQUEST_POST('day')),
- bigintval(REQUEST_POST('month')),
- bigintval(REQUEST_POST('year')),
- bigintval(REQUEST_POST('max_mails')),
- UID_VALUE,
- getSession('u_hash')
- ), __FILE__, __LINE__);
- }
-
- // Get all modes ...
- $modes = explode(';', $mode);
-
- // ... and run them through
- sendModeMails ('mydata', $modes);
- } else {
- // Entered wrong pass for updating profile
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('MEBER_UPDATE_PWD_WRONG'));
- }
- }
- break;
-
- case 'notify': // Switch off notfication
- SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET notified='N', last_update=UNIX_TIMESTAMP() WHERE userid=%s LIMIT 1",
- array(getUserId()), __FILE__, __LINE__);
- $URL = 'modules.php?module=login&what=welcome&msg=' . urlencode(getMessage('PROFILE_UPDATED'));
- break;
-}