* $Author:: $ *
* -------------------------------------------------------------------- *
* Copyright (c) 2003 - 2009 by Roland Haeder *
- * Copyright (c) 2009 - 2011 by Mailer Developer Team *
+ * Copyright (c) 2009 - 2013 by Mailer Developer Team *
* For more information visit: http://mxchange.org *
* *
* This program is free software; you can redistribute it and/or modify *
// Some security stuff...
if (!defined('__SECURITY')) {
- die();
+ exit();
} elseif (!isMember()) {
redirectToIndexMemberOnlyModule();
}
// Detect what the member wants to do
$mode = 'show'; // Show his data
-if (isPostRequestElementSet('save')) $mode = 'save'; // Save entered data
+if (isFormSent('save')) $mode = 'save'; // Save entered data
if (isFormSent('edit')) $mode = 'edit'; // Edit data
-if (isPostRequestElementSet('notify')) $mode = 'notify'; // Switch off notification
+if (isFormSent('notify')) $mode = 'notify'; // Switch off notification
switch ($mode) {
case 'show': // Show his data
// How far is last change on his profile away from now?
if ((($content['last_update'] + getProfileLock()) > time()) && (!isAdmin()) && (getProfileLock() > 0)) {
// You cannot change your account
- $content['change'] = displayMessage('<div class="notice">{%message,MEMBER_PROFILE_LOCKED=' . generateDateTime($content['last_update'] + getProfileLock(), 0) . '%}</div>', true);
+ $content['change'] = displayMessage('<div class="notice">{%message,MEMBER_PROFILE_LOCKED=' . generateDateTime($content['last_update'] + getProfileLock(), 0) . '%}</div>', TRUE);
} else {
// He is allowed to change his profile
- $content['change'] = loadTemplate('member_mydata_button', true);
+ $content['change'] = loadTemplate('member_mydata_button', TRUE);
}
- if (strlen($content['birth_day']) == 1) $content['birth_day'] = '0' . $content['birth_day'];
- if (strlen($content['birth_month']) == 1) $content['birth_month'] = '0' . $content['birth_month'];
-
+ // @TODO Move this to a function (for better EL code)
switch (getLanguage()) {
- case 'de': $content['dob'] = $content['birth_day'] . '.' . $content['birth_month'] . '.' . $content['birth_year']; break;
- default : $content['dob'] = $content['birth_month'] . '-' . $content['birth_day'] . '-' . $content['birth_year']; break;
+ case 'de': $content['dob'] = '{%pipe,padLeftZero=' . $content['birth_day'] . '%}.{%pipe,padLeftZero=' . $content['birth_month'] . '%}.' . $content['birth_year']; break;
+ default : $content['dob'] = '{%pipe,padLeftZero=' . $content['birth_month'] . '%}-{%pipe,padLeftZero=' . $content['birth_day'] . '%}-' . $content['birth_year']; break;
} // END - switch
if (isExtensionActive('country')) {
} // END - if
// Load template
- loadTemplate('member_mydata_overview', false, $content);
+ loadTemplate('member_mydata_overview', FALSE, $content);
break;
case 'edit': // Edit data
- if (isExtensionActive('country', true)) {
- // New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
- $result = SQL_QUERY_ESC("SELECT `surname`,`family`,`street_nr`,`country_code`,`zip`,`city`,`email`,`birth_day`,`birth_month`,`birth_year`,`gender`,`max_mails`,`receive_mails`,`last_update`
+ if (isExtensionActive('country', TRUE)) {
+ // New way
+ $result = sqlQueryEscaped('SELECT
+ `surname`,
+ `family`,
+ `street_nr`,
+ `country_code`,
+ `zip`,
+ `city`,
+ `email`,
+ `birth_day`,
+ `birth_month`,
+ `birth_year`,
+ `gender`,
+ `max_mails`,
+ `receive_mails`,
+ `last_update`
FROM
`{?_MYSQL_PREFIX?}_user_data`
WHERE
`userid`=%s
-LIMIT 1",
+LIMIT 1',
array(getMemberId()), __FILE__, __LINE__);
} else {
- // Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
- $result = SQL_QUERY_ESC("SELECT `surname`,`family`,`street_nr`,`country`,`zip`,`city`,`email`,`birth_day`,`birth_month`,`birth_year`,`gender`,`max_mails`,`receive_mails`,`last_update`
+ // Old way
+ $result = sqlQueryEscaped('SELECT
+ `surname`,
+ `family`,
+ `street_nr`,
+ `country`,
+ `zip`,
+ `city`,
+ `email`,
+ `birth_day`,
+ `birth_month`,
+ `birth_year`,
+ `gender`,
+ `max_mails`,
+ `receive_mails`,
+ `last_update`
FROM
`{?_MYSQL_PREFIX?}_user_data`
WHERE
`userid`=%s
-LIMIT 1",
+LIMIT 1',
array(getMemberId()), __FILE__, __LINE__);
}
// Get line
- $content = merge_array($content, SQL_FETCHARRAY($result, 0, false));
+ $content = merge_array($content, sqlFetchArray($result));
// Free result
- SQL_FREERESULT($result);
+ sqlFreeResult($result);
$content['update_check'] = $content['last_update'] + getProfileLock();
// How far is last change on his profile away from now?
if (($content['update_check'] > time()) && (!isAdmin()) && (getProfileLock() > 0)) {
+ // Profile is locked, so output propper message
$content['update_check'] = '{%message,MEMBER_PROFILE_LOCKED=' . generateDateTime($content['update_check'] + getProfileLock(), '0') . '%}';
// You cannot change your account
switch (getLanguage()) {
case 'de': // German date format
// Day
- $content['dob'] .= addSelectionBox('day', $content['birth_day']);
+ $content['dob'] .= addSelectionBox('da', $content['birth_day']);
// Month
- $content['dob'] .= addSelectionBox('month', $content['birth_month']);
+ $content['dob'] .= addSelectionBox('mo', $content['birth_month']);
// Year
- $content['dob'] .= addSelectionBox('year', $content['birth_year']);
+ $content['dob'] .= addSelectionBox('ye', $content['birth_year']);
break;
default: // Default is the US date format... :)
// Month
- $content['dob'] .= addSelectionBox('month', $content['birth_month']);
+ $content['dob'] .= addSelectionBox('mo', $content['birth_month']);
// Day
- $content['dob'] .= addSelectionBox('day', $content['birth_day']);
+ $content['dob'] .= addSelectionBox('da', $content['birth_day']);
// Year
- $content['dob'] .= addSelectionBox('year', $content['birth_year']);
+ $content['dob'] .= addSelectionBox('ye', $content['birth_year']);
break;
} // END - if
- $content['max_receive_list'] = addMaxReceiveList('member', $content['max_mails'], true);
+ $content['max_receive_list'] = addMaxReceiveList('member', $content['max_mails']);
if (isExtensionActive('country')) {
// Init WHERE statement
- $whereStatement = "WHERE `is_active`='Y'";
+ $whereStatement = " WHERE `is_active`='Y'";
if (isAdmin()) $whereStatement = '';
// Generate selection box
$OUT = '<select name="country_code" class="form_select" size="1">';
- $OUT .= generateOptionList('countries', 'id', 'descr', $content['country_code'], 'code', $whereStatement);
+ $OUT .= generateOptions('countries', 'id', 'descr', $content['country_code'], 'code', $whereStatement);
$OUT .= '</select>';
$content['country'] = $OUT;
} else {
}
// Load template
- loadTemplate('member_mydata_edit', false, $content);
+ loadTemplate('member_mydata_edit', FALSE, $content);
}
break;
} elseif ((!isEmailValid(postRequestElement('email'))) && (!isAdmin())) {
// Invalid email address!
displayMessage('{--INVALID_EMAIL_ENTERED--}');
- } elseif ((isEmailTaken(postRequestElement('email'))) && (isCheckDoubleEmailEnabled()) && (!isAdmin())) {
+ } elseif ((isExtensionInstalledAndNewer('other', '0.3.0')) && (isCheckDoubleEmailEnabled()) && (!isAdmin()) && (isEmailTaken(postRequestElement('email')))) {
// Email address is already registered
displayMessage('{--MEMBER_EMAIL_IS_ALREADY_REGISTERED--}');
} else {
// Generate hash
- $hash = generateHash(postRequestElement('pass1'), substr($content['password'], 0, -40));
- if ((($hash == $content['password']) || (postRequestElement('pass1') == postRequestElement('pass2'))) && (isPostRequestElementSet('pass1'))) {
+ $hash = generateHash(postRequestElement('password1'), substr($content['password'], 0, -40));
+ if ((($hash == $content['password']) || (postRequestElement('password1') == postRequestElement('password2'))) && (isPostRequestElementSet('password1'))) {
// Only on simple changes normal mode is active = no email or password changed
$mode = 'normal';
$AND = '';
// Did the user changed the password?
if ($hash != $content['password']) {
- $AND = ", `password`='" . $hash . "'";
+ // Yes
+ $AND = ",`password`='" . $hash . "'";
$mode = 'password';
} // END - if
- // Or did he changed his password?
+ // Or did he changed his email address?
if (postRequestElement('email') != $content['email']) {
- // Jupp
+ // Yes, but is it maybe blacklisted?
+ $filterData = array(
+ 'init_done' => TRUE,
+ 'post_data' => postRequestArray(),
+ 'blacklisted' => '',
+ 'message' => '{--PRE_UPDATE_USER_DATA_FAILED--}',
+ );
+ $filterData = runFilterChain('pre_update_user_data', $filterData);
+
+ // Is it blacklisted?
+ if ($filterData['init_done'] === FALSE) {
+ // Found something blacklisted
+ displayMessage($filterData['message']);
+ return;
+ } // END - if
+
if ($mode == 'normal') {
$mode = 'email';
} else {
// Update member's profile
if (isExtensionActive('country')) {
// New way
- SQL_QUERY_ESC("UPDATE
+ sqlQueryEscaped("UPDATE
`{?_MYSQL_PREFIX?}_user_data`
SET
- `gender`='%s', `surname`='%s', `family`='%s',
+ `gender`='%s',
+ `surname`='%s',
+ `family`='%s',
`street_nr`='%s',
- `country_code`=%s, `zip`=%s, `city`='%s',
+ `country_code`=%s,
+ `zip`=%s,
+ `city`='%s',
`email`='%s',
- `birth_day`=%s, `birth_month`=%s, `birth_year`=%s,
+ `birth_day`=%s,
+ `birth_month`=%s,
+ `birth_year`=%s,
`max_mails`='%s',
`last_update`=UNIX_TIMESTAMP()".$AND.",
`notified`='N',
), __FILE__, __LINE__);
} else {
// Old way
- SQL_QUERY_ESC("UPDATE
+ sqlQueryEscaped("UPDATE
`{?_MYSQL_PREFIX?}_user_data`
SET
- `gender`='%s', `surname`='%s', `family`='%s',
+ `gender`='%s',
+ `surname`='%s',
+ `family`='%s',
`street_nr`='%s',
- `country`='%s', `zip`=%s, `city`='%s',
+ `country`='%s',
+ `zip`=%s,
+ `city`='%s',
`email`='%s',
- `birth_day`=%s, `birth_month`=%s, `birth_year`=%s,
+ `birth_day`=%s,
+ `birth_month`=%s,
+ `birth_year`=%s,
`max_mails`='%s',
`last_update`=UNIX_TIMESTAMP()".$AND.",
`notified`='N',
}
// Did something change?
- if (!SQL_HASZEROAFFECTED()) {
+ if (!ifSqlHasZeroAffectedRows()) {
// Get all modes ...
$modes = explode(';', $mode);
}
} else {
// Entered wrong pass for updating profile
- displayMessage('{--MEBER_UPDATE_PWD_WRONG--}');
+ displayMessage('{--MEMBER_UPDATE_WRONG_PASSWORD--}');
}
}
break;
case 'notify': // Switch off notfication
- SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `notified`='N', `last_update`=UNIX_TIMESTAMP() WHERE `userid`=%s LIMIT 1",
+ sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `notified`='N',`last_update`=UNIX_TIMESTAMP() WHERE `userid`=%s LIMIT 1",
array(getMemberId()), __FILE__, __LINE__);
$url = 'modules.php?module=login&what=mydata&code=' . getCode('PROFILE_UPDATED');
break;