Even more rewrites/fixes from EL branch (please report any broken part after you...
[mailer.git] / inc / modules / member / what-mydata.php
1 <?php
2 /************************************************************************
3  * Mailer v0.2.1-FINAL                                Start: 10/16/2003 *
4  * ===================                          Last change: 06/30/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : what-mydata.php                                  *
8  * -------------------------------------------------------------------- *
9  * Short description : Members can edit their profile data here         *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Mitglieder koennen hier ihre Profildaten aendern *
12  * -------------------------------------------------------------------- *
13  * $Revision::                                                        $ *
14  * $Date::                                                            $ *
15  * $Tag:: 0.2.1-FINAL                                                 $ *
16  * $Author::                                                          $ *
17  * Needs to be in all Files and every File needs "svn propset           *
18  * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
19  * -------------------------------------------------------------------- *
20  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
21  * Copyright (c) 2009, 2010 by Mailer Developer Team                    *
22  * For more information visit: http://www.mxchange.org                  *
23  *                                                                      *
24  * This program is free software; you can redistribute it and/or modify *
25  * it under the terms of the GNU General Public License as published by *
26  * the Free Software Foundation; either version 2 of the License, or    *
27  * (at your option) any later version.                                  *
28  *                                                                      *
29  * This program is distributed in the hope that it will be useful,      *
30  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
31  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
32  * GNU General Public License for more details.                         *
33  *                                                                      *
34  * You should have received a copy of the GNU General Public License    *
35  * along with this program; if not, write to the Free Software          *
36  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
37  * MA  02110-1301  USA                                                  *
38  ************************************************************************/
39
40 // Some security stuff...
41 if (!defined('__SECURITY')) {
42         die();
43 } elseif (!isMember()) {
44         redirectToIndexMemberOnlyModule();
45 }
46
47 // Add description as navigation point
48 addMenuDescription('member', __FILE__);
49
50 if ((!isExtensionActive('mydata')) && (!isAdmin())) {
51         loadTemplate('admin_settings_saved', false, generateExtensionInactiveNotInstalledMessage('mydata'));
52         return;
53 } // END - if
54
55 // Add userid
56 $content = array(
57         'userid' => getMemberId()
58 );
59
60 // Init variable to prevent notices
61 $url = '';
62
63 // Detect what the member wants to do
64 $mode = 'show'; // Show his data
65 if (isPostRequestParameterSet('save'))   $mode = 'save';   // Save entered data
66 if (isFormSent('edit'))   $mode = 'edit';   // Edit data
67 if (isPostRequestParameterSet('notify')) $mode = 'notify'; // Switch off notification
68
69 switch ($mode) {
70         case 'show': // Show his data
71                 // Get line
72                 $content = merge_array($content, getUserDataArray());
73
74                 // Translate some things
75                 $content['last_update'] = generateDateTime($content['last_update'], 0);
76
77                 // How far is last change on his profile away from now?
78                 if ((($content['last_update'] + getConfig('profile_lock')) > time()) && (!isAdmin()) && (getConfig('profile_lock') > 0)) {
79                         // You cannot change your account
80                         $content['change'] = loadTemplate('admin_settings_saved', true, '<div class="member_failed">' . getMaskedMessage('MEMBER_PROFILE_LOCKED', generateDateTime($content['last_update'] + getConfig('profile_lock'), 0)) . '</div>');
81                 } else {
82                         // He is allowed to change his profile
83                         $content['change'] = loadTemplate('member_mydata_button', true);
84                 }
85
86                 if (strlen($content['birth_day'])   == 1) $content['birth_day']   = '0' . $content['birth_day'];
87                 if (strlen($content['birth_month']) == 1) $content['birth_month'] = '0' . $content['birth_month'];
88
89                 switch (getLanguage()) {
90                         case 'de': $content['dob'] = $content['birth_day']   . '.' . $content['birth_month'] . '.' . $content['birth_year']; break;
91                         default  : $content['dob'] = $content['birth_month'] . '-' . $content['birth_day']   . '-' . $content['birth_year']; break;
92                 } // END - switch
93
94                 if (isExtensionActive('country')) {
95                         // Load country's description and code
96                         $content['country'] = generateCountryInfo($content['country_code']);
97                 } // END - if
98
99                 // Load template
100                 loadTemplate('member_mydata_overview', false, $content);
101                 break;
102
103         case 'edit': // Edit data
104                 if (isExtensionActive('country', true)) {
105                         // New way                          0          1            2             3         4       5       6           7            8              9          10         11               12            13
106                         $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `street_nr`, `country_code`, `zip`, `city`, `email`, `birth_day`, `birth_month`, `birth_year`, `gender`, `max_mails`, `receive_mails`, `last_update`
107 FROM
108         `{?_MYSQL_PREFIX?}_user_data`
109 WHERE
110         `userid`=%s
111 LIMIT 1",
112                         array(getMemberId()), __FILE__, __LINE__);
113                 } else {
114                         // Old way                          0          1            2          3       4       5       6           7            8              9          10         11               12            13
115                         $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `street_nr`, `country`, `zip`, `city`, `email`, `birth_day`, `birth_month`, `birth_year`, `gender`, `max_mails`, `receive_mails`, `last_update`
116 FROM
117         `{?_MYSQL_PREFIX?}_user_data`
118 WHERE
119         `userid`=%s
120 LIMIT 1",
121                                 array(getMemberId()), __FILE__, __LINE__);
122                 }
123
124                 // Get line
125                 $content = merge_array($content, SQL_FETCHARRAY($result, 0, false));
126
127                 // Free result
128                 SQL_FREERESULT($result);
129
130                 $content['update_check'] = $content['last_update'] + getConfig('profile_lock');
131
132                 // How far is last change on his profile away from now?
133                 if (($content['update_check'] > time()) && (!isAdmin()) && (getConfig('profile_lock') > 0)) {
134                         $content['update_check'] = getMaskedMessage('MEMBER_PROFILE_LOCKED', generateDateTime($content['update_check'] + getConfig('profile_lock'), 0));
135
136                         // You cannot change your account
137                         loadTemplate('admin_settings_saved', false, $content['update_check']);
138                 } else {
139                         // He is allowed to change his profile
140                         foreach (array('gender_m','gender_f','gender_c') as $entry) {
141                                 $content[$entry] = '';
142                         } // END - foreach
143
144                         $content['gender_' . strtolower($content['gender'])] = ' selected="selected"';
145                         $content['dob'] = '';
146
147                         switch (getLanguage()) {
148                                 case 'de': // German date format
149                                         // Day
150                                         $content['dob'] .= addSelectionBox('day', $content['birth_day']);
151
152                                         // Month
153                                         $content['dob'] .= addSelectionBox('month', $content['birth_month']);
154
155                                         // Year
156                                         $content['dob'] .= addSelectionBox('year', $content['birth_year']);
157                                         break;
158
159                                 default: // Default is the US date format... :)
160                                         // Month
161                                         $content['dob'] .= addSelectionBox('month', $content['birth_month']);
162
163                                         // Day
164                                         $content['dob'] .= addSelectionBox('day', $content['birth_day']);
165
166                                         // Year
167                                         $content['dob'] .= addSelectionBox('year', $content['birth_year']);
168                                         break;
169                         } // END - if
170
171                         $content['max_receive_list'] = addMaxReceiveList('member', $content['max_mails'], true);
172
173                         if (isExtensionActive('country')) {
174                                 // Generate selection box
175                                 $OUT  = "<select name=\"country_code\" class=\"member_select\" size=\"1\">\n";
176                                 $whereStatement = "WHERE `is_active`='Y'";
177                                 if (isAdmin()) $whereStatement = '';
178                                 $OUT .= generateOptionList('countries', 'id', 'descr', $content['country_code'], 'code', $whereStatement);
179                                 $OUT .= "</select>";
180                                 $content['country'] = $OUT;
181                         } else {
182                                 // Ouput default input box
183                                 $content['country'] = '<input type="text" name="cntry" class="member_normal" size="2" maxlength="3" value="' . $content['country'] . '" />';
184                         }
185
186                         // Load template
187                         loadTemplate('member_mydata_edit', false, $content);
188                 }
189                 break;
190
191         case 'save': // Save entered data
192                 // Get line
193                 $content = merge_array($content, getUserDataArray());
194
195                 // Calculate time to check
196                 $content['update_check'] = $content['last_update'] + getConfig('profile_lock');
197
198                 // How far is last change on his profile away from now?
199                 if (($content['update_check'] > time()) && (!isAdmin()) && (getConfig('profile_lock') > 0)) {
200                         $content['update_check'] = generateDateTime($content['update_check'] + getConfig('profile_lock'), 0);
201
202                         // You cannot change your account
203                         loadTemplate('admin_settings_saved', false, $content['update_check']);
204                 } elseif ((!isEmailValid(postRequestParameter('email'))) && (!isAdmin())) {
205                         // Invalid email address!
206                         loadTemplate('admin_settings_saved', false, getMessage('INVALID_EMAIL_ENTERED'));
207                 } else {
208                         // Generate hash
209                         $hash = generateHash(postRequestParameter('pass1'), substr($content['password'], 0, -40));
210                         if ((($hash == $content['password']) || (postRequestParameter('pass1') == postRequestParameter('pass2'))) && (isPostRequestParameterSet('pass1'))) {
211                                 // Only on simple changes normal mode is active = no email or password changed
212                                 $mode = 'normal';
213                                 $AND = '';
214
215                                 // Did the user changed the password?
216                                 if ($hash != $content['password']) {
217                                         $AND = ", `password`='" . $hash . "'";
218                                         $mode = 'pass';
219                                 } // END - if
220
221                                 // Or did he changed his password?
222                                 if (postRequestParameter('email') != $content['email']) {
223                                         // Jupp
224                                         if ($mode == 'normal') {
225                                                 $mode = 'email';
226                                         } else {
227                                                 $mode .= ';email';
228                                         }
229                                         setPostRequestParameter('old_email', $content['email']);
230                                 } // END - if
231
232                                 // Update member's profile
233                                 if (isExtensionActive('country')) {
234                                         // New way
235                                         SQL_QUERY_ESC("UPDATE
236         `{?_MYSQL_PREFIX?}_user_data`
237 SET
238         `gender`='%s', `surname`='%s', `family`='%s',
239         `street_nr`='%s',
240         `country_code`=%s, `zip`=%s, `city`='%s',
241         `email`='%s',
242         `birth_day`=%s, `birth_month`=%s, `birth_year`=%s,
243         `max_mails`='%s',
244         `last_update`=UNIX_TIMESTAMP()".$AND.",
245         `notified`='N',
246         `last_profile_sent`=UNIX_TIMESTAMP()
247 WHERE
248         `userid`=%s
249 LIMIT 1",
250                                                 array(
251                                                         postRequestParameter('gender'),
252                                                         postRequestParameter('surname'),
253                                                         postRequestParameter('family'),
254                                                         postRequestParameter('street_nr'),
255                                                         bigintval(postRequestParameter('country_code')),
256                                                         bigintval(postRequestParameter('zip')),
257                                                         postRequestParameter('city'),
258                                                         postRequestParameter('email'),
259                                                         bigintval(postRequestParameter('day')),
260                                                         bigintval(postRequestParameter('month')),
261                                                         bigintval(postRequestParameter('year')),
262                                                         bigintval(postRequestParameter('max_mails')),
263                                                         getMemberId()
264                                                 ), __FILE__, __LINE__);
265                                 } else {
266                                         // Old way
267                                         SQL_QUERY_ESC("UPDATE
268         `{?_MYSQL_PREFIX?}_user_data`
269 SET
270         `gender`='%s', `surname`='%s', `family`='%s',
271         `street_nr`='%s',
272         `country`='%s', `zip`=%s, `city`='%s',
273         `email`='%s',
274         `birth_day`=%s, `birth_month`=%s, `birth_year`=%s,
275         `max_mails`='%s',
276         `last_update`=UNIX_TIMESTAMP()".$AND.",
277         `notified`='N',
278         `last_profile_sent`=UNIX_TIMESTAMP()
279 WHERE
280         `userid`=%s
281 LIMIT 1",
282                                                 array(
283                                                         postRequestParameter('gender'),
284                                                         postRequestParameter('surname'),
285                                                         postRequestParameter('family'),
286                                                         postRequestParameter('street_nr'),
287                                                         postRequestParameter('cntry'),
288                                                         bigintval(postRequestParameter('zip')),
289                                                         postRequestParameter('city'),
290                                                         postRequestParameter('email'),
291                                                         bigintval(postRequestParameter('day')),
292                                                         bigintval(postRequestParameter('month')),
293                                                         bigintval(postRequestParameter('year')),
294                                                         bigintval(postRequestParameter('max_mails')),
295                                                         getMemberId()
296                                                 ), __FILE__, __LINE__);
297                                 }
298
299                                 // Did something change?
300                                 if (SQL_AFFECTEDROWS() == 1) {
301                                         // Get all modes ...
302                                         $modes = explode(';', $mode);
303
304                                         // ... and run them through
305                                         sendModeMails ('mydata', $modes);
306                                 } else {
307                                         // Something went wrong
308                                         loadTemplate('admin_settings_saved', false, getMessage('MEMBER_UPDATE_FAILED'));
309                                 }
310                         } else {
311                                 // Entered wrong pass for updating profile
312                                 loadTemplate('admin_settings_saved', false, getMessage('MEBER_UPDATE_PWD_WRONG'));
313                         }
314                 }
315                 break;
316
317         case 'notify': // Switch off notfication
318                 SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `notified`='N', `last_update`=UNIX_TIMESTAMP() WHERE `userid`=%s LIMIT 1",
319                         array(getMemberId()), __FILE__, __LINE__);
320                 $url = 'modules.php?module=login&amp;what=welcome&amp;code=' . urlencode(getMessage('PROFILE_UPDATED'));
321                 break;
322 } // END - switch
323
324 if (!empty($url)) {
325         // Load generated URL
326         redirectToUrl($url);
327 } // END - if
328
329 // [EOF]
330 ?>