<?php
/************************************************************************
- * MXChange v0.2.1 Start: 10/16/2003 *
- * =============== Last change: 06/30/2004 *
+ * Mailer v0.2.1-FINAL Start: 10/16/2003 *
+ * =================== Last change: 06/30/2004 *
* *
* -------------------------------------------------------------------- *
* File : what-mydata.php *
* -------------------------------------------------------------------- *
* Kurzbeschreibung : Mitglieder koennen hier ihre Profildaten aendern *
* -------------------------------------------------------------------- *
- * *
+ * $Revision:: $ *
+ * $Date:: $ *
+ * $Tag:: 0.2.1-FINAL $ *
+ * $Author:: $ *
* -------------------------------------------------------------------- *
- * Copyright (c) 2003 - 2008 by Roland Haeder *
+ * Copyright (c) 2003 - 2009 by Roland Haeder *
+ * Copyright (c) 2009, 2010 by Mailer Developer Team *
* For more information visit: http://www.mxchange.org *
* *
* This program is free software; you can redistribute it and/or modify *
// Some security stuff...
if (!defined('__SECURITY')) {
- $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
- require($INC);
-} elseif (!IS_MEMBER()) {
- LOAD_URL("modules.php?module=index");
-} elseif ((!EXT_IS_ACTIVE("mydata")) && (!IS_ADMIN())) {
- addFatalMessage(EXTENSION_PROBLEM_EXT_INACTIVE, "mydata");
- return;
+ die();
+} elseif (!isMember()) {
+ redirectToIndexMemberOnlyModule();
}
// Add description as navigation point
-ADD_DESCR("member", __FILE__);
+addMenuDescription('member', __FILE__);
+
+if ((!isExtensionActive('mydata')) && (!isAdmin())) {
+ loadTemplate('admin_settings_saved', false, generateExtensionInactiveNotInstalledMessage('mydata'));
+ return;
+} // END - if
+
+// Add userid
+$content = array();
-define('UID_VALUE', $GLOBALS['userid']); $URL = "";
+// Init variable to prevent notices
+$url = '';
// Detect what the member wants to do
-$MODE = "show"; // Show his data
-if (!empty($_POST['save'])) $MODE = "save"; // Save entered data
-if (isset($_POST['edit'])) $MODE = "edit"; // Edit data
-if (!empty($_POST['notify'])) $MODE = "notify"; // Switch off notification
-
-switch ($MODE)
-{
-case "show": // Show his data
- if (EXT_IS_ACTIVE("country", true))
- {
- // New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
- $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
- array(UID_VALUE), __FILE__, __LINE__);
- }
- else
- {
- // Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
- $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
- array(UID_VALUE), __FILE__, __LINE__);
- }
- $DATA = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
-
- // Translate / add some things
- $DATA[10] = TRANSLATE_GENDER($DATA[10]);
- $DATA[13] = MAKE_DATETIME($DATA[13], "0");
-
- // How far is last change on his profile away from now?
- if ((($DATA[13] + getConfig('profile_lock')) > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0))
- {
- // You cannot change your account
- define('CHANGE', "<div class=\"member_failed\">".MEMBER_PROFILE_LOCKED_1.MAKE_DATETIME($DATA[13] + getConfig('profile_lock'), "0").MEMBER_PROFILE_LOCKED_2."</div>");
- }
- else
- {
- // He is allowed to change his profile
- define('CHANGE', LOAD_TEMPLATE("member_mydata_button", true));
- }
- if (strlen($DATA[7]) == 1) $DATA[7] = "0".$DATA[7];
- if (strlen($DATA[8]) == 1) $DATA[8] = "0".$DATA[8];
- switch (GET_LANGUAGE())
- {
- case "de": define('DOB', $DATA[7].".".$DATA[8].".".$DATA[9]); break;
- default : define('DOB', $DATA[8]."-".$DATA[7]."-".$DATA[9]); break;
- }
-
- if (EXT_IS_ACTIVE("country"))
- {
- // Load country's description and code
- $DATA[3] = COUNTRY_GENERATE_INFO($DATA[3]);
- }
-
- // Load template
- LOAD_TEMPLATE("member_mydata_overview");
- break;
-
-case "edit": // Edit data
- if (EXT_IS_ACTIVE("country", true)) {
- // New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
- $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update
-FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
- array(UID_VALUE), __FILE__, __LINE__);
- } else {
- // Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
- $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update
-FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
- array(UID_VALUE), __FILE__, __LINE__);
- }
-
- $DATA = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- $DATA[13] = $DATA[12] + getConfig('profile_lock');
-
- // How far is last change on his profile away from now?
- if (($DATA[13] > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0))
- {
- $DATA[13] = MAKE_DATETIME($DATA[13] + getConfig('profile_lock'), "0");
- // You cannot change your account
- LOAD_TEMPLATE("member_mydata_locked");
- }
- else
- {
- // He is allowed to change his profile
- switch ($DATA[10])
- {
- case "M":
- define('M_DEFAULT', " selected=\"selected\"");
- define('F_DEFAULT', "");
- define('C_DEFAULT', "");
- break;
-
- case "F":
- define('M_DEFAULT', "");
- define('F_DEFAULT', " selected=\"selected\"");
- define('C_DEFAULT', "");
- break;
-
- case "C":
- define('M_DEFAULT', "");
- define('F_DEFAULT', "");
- define('C_DEFAULT', " selected=\"selected\"");
- break;
- }
- $DOB = "";
- switch (GET_LANGUAGE())
- {
- case "de": // German date format
- // Day
- $DOB .= ADD_SELECTION("day", $DATA[7]);
-
- // Month
- $DOB .= ADD_SELECTION("month", $DATA[8]);
-
- // Year
- $DOB .= ADD_SELECTION("year", $DATA[9]);
- break;
-
- default: // Default is the US date format... :)
- break;
- }
+$mode = 'show'; // Show his data
+if (isPostRequestParameterSet('save')) $mode = 'save'; // Save entered data
+if (isFormSent('edit')) $mode = 'edit'; // Edit data
+if (isPostRequestParameterSet('notify')) $mode = 'notify'; // Switch off notification
+
+switch ($mode) {
+ case 'show': // Show his data
+ // Get line
+ $content = merge_array($content, getUserDataArray());
+
+ // Translate some things
+ $content['last_update'] = generateDateTime($content['last_update'], 0);
- define('DOB', $DOB);
- define('MAX_REC_LIST', ADD_MAX_RECEIVE_LIST("member", $DATA[11], true));
-
- if (EXT_IS_ACTIVE("country")) {
- // Generate selection box
- $OUT = "<select name=\"country_code\" class=\"member_select\" size=\"1\">\n";
- $whereStatement = "WHERE is_active='Y'";
- if (IS_ADMIN()) $whereStatement = "";
- $OUT .= ADD_OPTION_LINES("countries", "id", "descr", $DATA[3], "code", $whereStatement);
- $OUT .= "</select>";
- define('__COUNTRY_CONTENT', $OUT);
+ // How far is last change on his profile away from now?
+ if ((($content['last_update'] + getConfig('profile_lock')) > time()) && (!isAdmin()) && (getConfig('profile_lock') > 0)) {
+ // You cannot change your account
+ $content['change'] = loadTemplate('admin_settings_saved', true, '<div class="notice">' . getMaskedMessage('MEMBER_PROFILE_LOCKED', generateDateTime($content['last_update'] + getConfig('profile_lock'), 0)) . '</div>');
} else {
- // Ouput default input box
- define('__COUNTRY_CONTENT', "<INPUT type=\"text\" name=\"cntry\" class=\"member_normal\" size=\"2\" maxlength=\"3\" value=\"".$DATA[3]."\">");
+ // He is allowed to change his profile
+ $content['change'] = loadTemplate('member_mydata_button', true);
}
+ if (strlen($content['birth_day']) == 1) $content['birth_day'] = '0' . $content['birth_day'];
+ if (strlen($content['birth_month']) == 1) $content['birth_month'] = '0' . $content['birth_month'];
+
+ switch (getLanguage()) {
+ case 'de': $content['dob'] = $content['birth_day'] . '.' . $content['birth_month'] . '.' . $content['birth_year']; break;
+ default : $content['dob'] = $content['birth_month'] . '-' . $content['birth_day'] . '-' . $content['birth_year']; break;
+ } // END - switch
+
+ if (isExtensionActive('country')) {
+ // Load country's description and code
+ $content['country'] = generateCountryInfo($content['country_code']);
+ } // END - if
+
// Load template
- LOAD_TEMPLATE("member_mydata_edit");
- }
- break;
-
-case "save": // Save entered data
- // Load old email / password: 0 1 2
- $result = SQL_QUERY_ESC("SELECT email, password, last_update FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
- array(UID_VALUE), __FILE__, __LINE__);
- $DATA = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- $DATA[3] = $DATA[2] + getConfig('profile_lock');
-
- // How far is last change on his profile away from now?
- if (($DATA[3] > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) {
- $DATA[3] = MAKE_DATETIME($DATA[3] + getConfig('profile_lock'), "0");
- // You cannot change your account
- LOAD_TEMPLATE("member_mydata_locked");
- } elseif (!VALIDATE_EMAIL($_POST['addy'])) {
- // Invalid email address!
- LOAD_TEMPLATE("admin_settings_saved", false, INVALID_EMAIL_ADDRESS_ENTERED);
- } else {
- // Generate hash
- $hash = generateHash($_POST['pass1'], substr($DATA[1], 0, -40));
- if ((($hash == $DATA[1]) || ($_POST['pass1'] == $_POST['pass2'])) && (!empty($_POST['pass1'])))
- {
- // Only on simple changes normal mode is active = no email or password changed
- $MODE = "normal"; $AND = "";
-
- // Did the user changed the password?
- if ($hash != $DATA[1]) { $AND = ", password='".$hash."'"; $MODE = "pass"; }
-
- // Or did he changed his password?
- if ($_POST['addy'] != $DATA[0])
- {
- // Jupp
- if ($MODE == "normal") { $MODE = "email"; } else { $MODE .= ";email"; }
- $_POST['old_addy'] = $DATA[0];
- }
+ loadTemplate('member_mydata_overview', false, $content);
+ break;
- // Update member's profile
- if (EXT_IS_ACTIVE("country"))
- {
- // New way
- SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET
-gender='%s', surname='%s', family='%s',
-street_nr='%s',
-country_code=%s, zip=%s, city='%s',
-email='%s',
-birth_day=%s, birth_month=%s, birth_year=%s,
-max_mails=%s,
-last_update=UNIX_TIMESTAMP()".$AND.",
-notified='N',
-last_profile_sent=UNIX_TIMESTAMP()
-WHERE userid=%s AND password='%s' LIMIT 1",
-array(
- $_POST['gender'],
- $_POST['surname'],
- $_POST['family_name'],
- $_POST['street_nr'],
- bigintval($_POST['country_code']),
- bigintval($_POST['zip']),
- $_POST['city'],
- $_POST['addy'],
- bigintval($_POST['day']),
- bigintval($_POST['month']),
- bigintval($_POST['year']),
- bigintval($_POST['max_mails']),
- UID_VALUE,
- get_session('u_hash')
- ), __FILE__, __LINE__);
- }
- else
- {
- // Old way
- SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET
-gender='%s', surname='%s', family='%s',
-street_nr='%s',
-country='%s', zip=%s, city='%s',
-email='%s',
-birth_day=%s, birth_month=%s, birth_year=%s,
-max_mails='%s',
-last_update=UNIX_TIMESTAMP()".$AND.",
-notified='N',
-last_profile_sent=UNIX_TIMESTAMP()
-WHERE userid=%s AND password='%s' LIMIT 1",
-array(
- $_POST['gender'],
- $_POST['surname'],
- $_POST['family_name'],
- $_POST['street_nr'],
- $_POST['cntry'],
- bigintval($_POST['zip']),
- $_POST['city'],
- $_POST['addy'],
- bigintval($_POST['day']),
- bigintval($_POST['month']),
- bigintval($_POST['year']),
- bigintval($_POST['max_mails']),
- UID_VALUE,
- get_session('u_hash')
- ), __FILE__, __LINE__);
- }
+ case 'edit': // Edit data
+ if (isExtensionActive('country', true)) {
+ // New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
+ $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `street_nr`, `country_code`, `zip`, `city`, `email`, `birth_day`, `birth_month`, `birth_year`, `gender`, `max_mails`, `receive_mails`, `last_update`
+FROM
+ `{?_MYSQL_PREFIX?}_user_data`
+WHERE
+ `userid`=%s
+LIMIT 1",
+ array(getMemberId()), __FILE__, __LINE__);
+ } else {
+ // Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
+ $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `street_nr`, `country`, `zip`, `city`, `email`, `birth_day`, `birth_month`, `birth_year`, `gender`, `max_mails`, `receive_mails`, `last_update`
+FROM
+ `{?_MYSQL_PREFIX?}_user_data`
+WHERE
+ `userid`=%s
+LIMIT 1",
+ array(getMemberId()), __FILE__, __LINE__);
+ }
+
+ // Get line
+ $content = merge_array($content, SQL_FETCHARRAY($result, 0, false));
+
+ // Free result
+ SQL_FREERESULT($result);
+
+ $content['update_check'] = $content['last_update'] + getConfig('profile_lock');
+
+ // How far is last change on his profile away from now?
+ if (($content['update_check'] > time()) && (!isAdmin()) && (getConfig('profile_lock') > 0)) {
+ $content['update_check'] = getMaskedMessage('MEMBER_PROFILE_LOCKED', generateDateTime($content['update_check'] + getConfig('profile_lock'), 0));
+
+ // You cannot change your account
+ loadTemplate('admin_settings_saved', false, $content['update_check']);
+ } else {
+ // He is allowed to change his profile
+ foreach (array('gender_m','gender_f','gender_c') as $entry) {
+ $content[$entry] = '';
+ } // END - foreach
- // Get all modes ...
- $modes = explode(";", $MODE);
+ $content['gender_' . strtolower($content['gender'])] = ' selected="selected"';
+ $content['dob'] = '';
- // ... and run them through
- SEND_MODE_MAILS ("mydata", $modes);
+ switch (getLanguage()) {
+ case 'de': // German date format
+ // Day
+ $content['dob'] .= addSelectionBox('day', $content['birth_day']);
+
+ // Month
+ $content['dob'] .= addSelectionBox('month', $content['birth_month']);
+
+ // Year
+ $content['dob'] .= addSelectionBox('year', $content['birth_year']);
+ break;
+
+ default: // Default is the US date format... :)
+ // Month
+ $content['dob'] .= addSelectionBox('month', $content['birth_month']);
+
+ // Day
+ $content['dob'] .= addSelectionBox('day', $content['birth_day']);
+
+ // Year
+ $content['dob'] .= addSelectionBox('year', $content['birth_year']);
+ break;
+ } // END - if
+
+ $content['max_receive_list'] = addMaxReceiveList('member', $content['max_mails'], true);
+
+ if (isExtensionActive('country')) {
+ // Generate selection box
+ $OUT = '<select name="country_code" class="form_select" size="1">';
+ $whereStatement = "WHERE `is_active`='Y'";
+ if (isAdmin()) $whereStatement = '';
+ $OUT .= generateOptionList('countries', 'id', 'descr', $content['country_code'], 'code', $whereStatement);
+ $OUT .= '</select>';
+ $content['country'] = $OUT;
+ } else {
+ // Ouput default input box
+ $content['country'] = '<input type="text" name="cntry" class="form_field" size="2" maxlength="3" value="' . $content['country'] . '" />';
+ }
+
+ // Load template
+ loadTemplate('member_mydata_edit', false, $content);
}
- else
- {
- // Entered wrong pass for updating profile
- LOAD_TEMPLATE("admin_settings_saved", false, MEBER_UPDATE_PWD_WRONG);
+ break;
+
+ case 'save': // Save entered data
+ // Get line
+ $content = merge_array($content, getUserDataArray());
+
+ // Calculate time to check
+ $content['update_check'] = $content['last_update'] + getConfig('profile_lock');
+
+ // How far is last change on his profile away from now?
+ if (($content['update_check'] > time()) && (!isAdmin()) && (getConfig('profile_lock') > 0)) {
+ $content['update_check'] = generateDateTime($content['update_check'] + getConfig('profile_lock'), 0);
+
+ // You cannot change your account
+ loadTemplate('admin_settings_saved', false, $content['update_check']);
+ } elseif ((!isEmailValid(postRequestParameter('email'))) && (!isAdmin())) {
+ // Invalid email address!
+ loadTemplate('admin_settings_saved', false, '{--INVALID_EMAIL_ENTERED--}');
+ } else {
+ // Generate hash
+ $hash = generateHash(postRequestParameter('pass1'), substr($content['password'], 0, -40));
+ if ((($hash == $content['password']) || (postRequestParameter('pass1') == postRequestParameter('pass2'))) && (isPostRequestParameterSet('pass1'))) {
+ // Only on simple changes normal mode is active = no email or password changed
+ $mode = 'normal';
+ $AND = '';
+
+ // Did the user changed the password?
+ if ($hash != $content['password']) {
+ $AND = ", `password`='" . $hash . "'";
+ $mode = 'password';
+ } // END - if
+
+ // Or did he changed his password?
+ if (postRequestParameter('email') != $content['email']) {
+ // Jupp
+ if ($mode == 'normal') {
+ $mode = 'email';
+ } else {
+ $mode .= ';email';
+ }
+ setPostRequestParameter('old_email', $content['email']);
+ } // END - if
+
+ // Update member's profile
+ if (isExtensionActive('country')) {
+ // New way
+ SQL_QUERY_ESC("UPDATE
+ `{?_MYSQL_PREFIX?}_user_data`
+SET
+ `gender`='%s', `surname`='%s', `family`='%s',
+ `street_nr`='%s',
+ `country_code`=%s, `zip`=%s, `city`='%s',
+ `email`='%s',
+ `birth_day`=%s, `birth_month`=%s, `birth_year`=%s,
+ `max_mails`='%s',
+ `last_update`=UNIX_TIMESTAMP()".$AND.",
+ `notified`='N',
+ `last_profile_sent`=UNIX_TIMESTAMP()
+WHERE
+ `userid`=%s
+LIMIT 1",
+ array(
+ postRequestParameter('gender'),
+ postRequestParameter('surname'),
+ postRequestParameter('family'),
+ postRequestParameter('street_nr'),
+ bigintval(postRequestParameter('country_code')),
+ bigintval(postRequestParameter('zip')),
+ postRequestParameter('city'),
+ postRequestParameter('email'),
+ bigintval(postRequestParameter('day')),
+ bigintval(postRequestParameter('month')),
+ bigintval(postRequestParameter('year')),
+ bigintval(postRequestParameter('max_mails')),
+ getMemberId()
+ ), __FILE__, __LINE__);
+ } else {
+ // Old way
+ SQL_QUERY_ESC("UPDATE
+ `{?_MYSQL_PREFIX?}_user_data`
+SET
+ `gender`='%s', `surname`='%s', `family`='%s',
+ `street_nr`='%s',
+ `country`='%s', `zip`=%s, `city`='%s',
+ `email`='%s',
+ `birth_day`=%s, `birth_month`=%s, `birth_year`=%s,
+ `max_mails`='%s',
+ `last_update`=UNIX_TIMESTAMP()".$AND.",
+ `notified`='N',
+ `last_profile_sent`=UNIX_TIMESTAMP()
+WHERE
+ `userid`=%s
+LIMIT 1",
+ array(
+ postRequestParameter('gender'),
+ postRequestParameter('surname'),
+ postRequestParameter('family'),
+ postRequestParameter('street_nr'),
+ postRequestParameter('cntry'),
+ bigintval(postRequestParameter('zip')),
+ postRequestParameter('city'),
+ postRequestParameter('email'),
+ bigintval(postRequestParameter('day')),
+ bigintval(postRequestParameter('month')),
+ bigintval(postRequestParameter('year')),
+ bigintval(postRequestParameter('max_mails')),
+ getMemberId()
+ ), __FILE__, __LINE__);
+ }
+
+ // Did something change?
+ if (SQL_AFFECTEDROWS() == 1) {
+ // Get all modes ...
+ $modes = explode(';', $mode);
+
+ // ... and run them through
+ sendModeMails ('mydata', $modes);
+ } else {
+ // Something went wrong
+ loadTemplate('admin_settings_saved', false, '{--MEMBER_UPDATE_FAILED--}');
+ }
+ } else {
+ // Entered wrong pass for updating profile
+ loadTemplate('admin_settings_saved', false, '{--MEBER_UPDATE_PWD_WRONG--}');
+ }
}
- }
- break;
-
-case "notify": // Switch off notfication
- SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET notified='N', last_update=UNIX_TIMESTAMP() WHERE userid=%s LIMIT 1",
- array($GLOBALS['userid']), __FILE__, __LINE__);
- $URL = "modules.php?module=login&what=welcome&msg=".urlencode(PROFILE_UPDATED);
- break;
-}
+ break;
-if (!empty($URL)) {
+ case 'notify': // Switch off notfication
+ SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `notified`='N', `last_update`=UNIX_TIMESTAMP() WHERE `userid`=%s LIMIT 1",
+ array(getMemberId()), __FILE__, __LINE__);
+ $url = 'modules.php?module=login&what=mydata&code=' . getCode('PROFILE_UPDATED');
+ break;
+} // END - switch
+
+if (!empty($url)) {
// Load generated URL
- LOAD_URL($URL);
-}
+ redirectToUrl($url);
+} // END - if
-//
+// [EOF]
?>