inc/modules/member/what-mydata.php

   1 <?php
   2 /************************************************************************
   3  * Mailer v0.2.1-FINAL                                Start: 10/16/2003 *
   4  * ===================                          Last change: 06/30/2004 *
   5  *                                                                      *
   6  * -------------------------------------------------------------------- *
   7  * File              : what-mydata.php                                  *
   8  * -------------------------------------------------------------------- *
   9  * Short description : Members can edit their profile data here         *
  10  * -------------------------------------------------------------------- *
  11  * Kurzbeschreibung  : Mitglieder koennen hier ihre Profildaten aendern *
  12  * -------------------------------------------------------------------- *
  13  * $Revision::                                                        $ *
  14  * $Date::                                                            $ *
  15  * $Tag:: 0.2.1-FINAL                                                 $ *
  16  * $Author::                                                          $ *
  17  * Needs to be in all Files and every File needs "svn propset           *
  18  * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
  19  * -------------------------------------------------------------------- *
  20  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
  21  * Copyright (c) 2009, 2010 by Mailer Developer Team                    *
  22  * For more information visit: http://www.mxchange.org                  *
  23  *                                                                      *
  24  * This program is free software; you can redistribute it and/or modify *
  25  * it under the terms of the GNU General Public License as published by *
  26  * the Free Software Foundation; either version 2 of the License, or    *
  27  * (at your option) any later version.                                  *
  28  *                                                                      *
  29  * This program is distributed in the hope that it will be useful,      *
  30  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
  31  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
  32  * GNU General Public License for more details.                         *
  33  *                                                                      *
  34  * You should have received a copy of the GNU General Public License    *
  35  * along with this program; if not, write to the Free Software          *
  36  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
  37  * MA  02110-1301  USA                                                  *
  38  ************************************************************************/
  39
  40 // Some security stuff...
  41 if (!defined('__SECURITY')) {
  42         die();
  43 } elseif (!isMember()) {
  44         redirectToIndexMemberOnlyModule();
  45 }
  46
  47 // Add description as navigation point
  48 addMenuDescription('member', __FILE__);
  49
  50 if ((!isExtensionActive('mydata')) && (!isAdmin())) {
  51         loadTemplate('admin_settings_saved', false, generateExtensionInactiveNotInstalledMessage('mydata'));
  52         return;
  53 } // END - if
  54
  55 // Add userid
  56 $content = array(
  57         'userid' => getMemberId()
  58 );
  59
  60 // Init variable to prevent notices
  61 $url = '';
  62
  63 // Detect what the member wants to do
  64 $mode = 'show'; // Show his data
  65 if (isPostRequestParameterSet('save'))   $mode = 'save';   // Save entered data
  66 if (isFormSent('edit'))   $mode = 'edit';   // Edit data
  67 if (isPostRequestParameterSet('notify')) $mode = 'notify'; // Switch off notification
  68
  69 switch ($mode) {
  70         case 'show': // Show his data
  71                 // Get line
  72                 $content = merge_array($content, getUserDataArray());
  73
  74                 // Translate some things
  75                 $content['last_update'] = generateDateTime($content['last_update'], 0);
  76
  77                 // How far is last change on his profile away from now?
  78                 if ((($content['last_update'] + getConfig('profile_lock')) > time()) && (!isAdmin()) && (getConfig('profile_lock') > 0)) {
  79                         // You cannot change your account
  80                         $content['change'] = loadTemplate('admin_settings_saved', true, '<div class="member_failed">' . getMaskedMessage('MEMBER_PROFILE_LOCKED', generateDateTime($content['last_update'] + getConfig('profile_lock'), 0)) . '</div>');
  81                 } else {
  82                         // He is allowed to change his profile
  83                         $content['change'] = loadTemplate('member_mydata_button', true);
  84                 }
  85
  86                 if (strlen($content['birth_day'])   == 1) $content['birth_day']   = '0' . $content['birth_day'];
  87                 if (strlen($content['birth_month']) == 1) $content['birth_month'] = '0' . $content['birth_month'];
  88
  89                 switch (getLanguage()) {
  90                         case 'de': $content['dob'] = $content['birth_day']   . '.' . $content['birth_month'] . '.' . $content['birth_year']; break;
  91                         default  : $content['dob'] = $content['birth_month'] . '-' . $content['birth_day']   . '-' . $content['birth_year']; break;
  92                 } // END - switch
  93
  94                 if (isExtensionActive('country')) {
  95                         // Load country's description and code
  96                         $content['country'] = generateCountryInfo($content['country_code']);
  97                 } // END - if
  98
  99                 // Load template
 100                 loadTemplate('member_mydata_overview', false, $content);
 101                 break;
 102
 103         case 'edit': // Edit data
 104                 if (isExtensionActive('country', true)) {
 105                         // New way                          0          1            2             3         4       5       6           7            8              9          10         11               12            13
 106                         $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `street_nr`, `country_code`, `zip`, `city`, `email`, `birth_day`, `birth_month`, `birth_year`, `gender`, `max_mails`, `receive_mails`, `last_update`
 107 FROM
 108         `{?_MYSQL_PREFIX?}_user_data`
 109 WHERE
 110         `userid`=%s
 111 LIMIT 1",
 112                         array(getMemberId()), __FILE__, __LINE__);
 113                 } else {
 114                         // Old way                          0          1            2          3       4       5       6           7            8              9          10         11               12            13
 115                         $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `street_nr`, `country`, `zip`, `city`, `email`, `birth_day`, `birth_month`, `birth_year`, `gender`, `max_mails`, `receive_mails`, `last_update`
 116 FROM
 117         `{?_MYSQL_PREFIX?}_user_data`
 118 WHERE
 119         `userid`=%s
 120 LIMIT 1",
 121                                 array(getMemberId()), __FILE__, __LINE__);
 122                 }
 123
 124                 // Get line
 125                 $content = merge_array($content, SQL_FETCHARRAY($result, 0, false));
 126
 127                 // Free result
 128                 SQL_FREERESULT($result);
 129
 130                 $content['update_check'] = $content['last_update'] + getConfig('profile_lock');
 131
 132                 // How far is last change on his profile away from now?
 133                 if (($content['update_check'] > time()) && (!isAdmin()) && (getConfig('profile_lock') > 0)) {
 134                         $content['update_check'] = getMaskedMessage('MEMBER_PROFILE_LOCKED', generateDateTime($content['update_check'] + getConfig('profile_lock'), 0));
 135
 136                         // You cannot change your account
 137                         loadTemplate('admin_settings_saved', false, $content['update_check']);
 138                 } else {
 139                         // He is allowed to change his profile
 140                         foreach (array('gender_m','gender_f','gender_c') as $entry) {
 141                                 $content[$entry] = '';
 142                         } // END - foreach
 143
 144                         $content['gender_' . strtolower($content['gender'])] = ' selected="selected"';
 145                         $content['dob'] = '';
 146
 147                         switch (getLanguage()) {
 148                                 case 'de': // German date format
 149                                         // Day
 150                                         $content['dob'] .= addSelectionBox('day', $content['birth_day']);
 151
 152                                         // Month
 153                                         $content['dob'] .= addSelectionBox('month', $content['birth_month']);
 154
 155                                         // Year
 156                                         $content['dob'] .= addSelectionBox('year', $content['birth_year']);
 157                                         break;
 158
 159                                 default: // Default is the US date format... :)
 160                                         // Month
 161                                         $content['dob'] .= addSelectionBox('month', $content['birth_month']);
 162
 163                                         // Day
 164                                         $content['dob'] .= addSelectionBox('day', $content['birth_day']);
 165
 166                                         // Year
 167                                         $content['dob'] .= addSelectionBox('year', $content['birth_year']);
 168                                         break;
 169                         } // END - if
 170
 171                         $content['max_receive_list'] = addMaxReceiveList('member', $content['max_mails'], true);
 172
 173                         if (isExtensionActive('country')) {
 174                                 // Generate selection box
 175                                 $OUT  = "<select name=\"country_code\" class=\"member_select\" size=\"1\">\n";
 176                                 $whereStatement = "WHERE `is_active`='Y'";
 177                                 if (isAdmin()) $whereStatement = '';
 178                                 $OUT .= generateOptionList('countries', 'id', 'descr', $content['country_code'], 'code', $whereStatement);
 179                                 $OUT .= "</select>";
 180                                 $content['country'] = $OUT;
 181                         } else {
 182                                 // Ouput default input box
 183                                 $content['country'] = '<input type="text" name="cntry" class="member_normal" size="2" maxlength="3" value="' . $content['country'] . '" />';
 184                         }
 185
 186                         // Load template
 187                         loadTemplate('member_mydata_edit', false, $content);
 188                 }
 189                 break;
 190
 191         case 'save': // Save entered data
 192                 // Get line
 193                 $content = merge_array($content, getUserDataArray());
 194
 195                 // Calculate time to check
 196                 $content['update_check'] = $content['last_update'] + getConfig('profile_lock');
 197
 198                 // How far is last change on his profile away from now?
 199                 if (($content['update_check'] > time()) && (!isAdmin()) && (getConfig('profile_lock') > 0)) {
 200                         $content['update_check'] = generateDateTime($content['update_check'] + getConfig('profile_lock'), 0);
 201
 202                         // You cannot change your account
 203                         loadTemplate('admin_settings_saved', false, $content['update_check']);
 204                 } elseif ((!isEmailValid(postRequestParameter('email'))) && (!isAdmin())) {
 205                         // Invalid email address!
 206                         loadTemplate('admin_settings_saved', false, getMessage('INVALID_EMAIL_ENTERED'));
 207                 } else {
 208                         // Generate hash
 209                         $hash = generateHash(postRequestParameter('pass1'), substr($content['password'], 0, -40));
 210                         if ((($hash == $content['password']) || (postRequestParameter('pass1') == postRequestParameter('pass2'))) && (isPostRequestParameterSet('pass1'))) {
 211                                 // Only on simple changes normal mode is active = no email or password changed
 212                                 $mode = 'normal';
 213                                 $AND = '';
 214
 215                                 // Did the user changed the password?
 216                                 if ($hash != $content['password']) {
 217                                         $AND = ", `password`='" . $hash . "'";
 218                                         $mode = 'pass';
 219                                 } // END - if
 220
 221                                 // Or did he changed his password?
 222                                 if (postRequestParameter('email') != $content['email']) {
 223                                         // Jupp
 224                                         if ($mode == 'normal') {
 225                                                 $mode = 'email';
 226                                         } else {
 227                                                 $mode .= ';email';
 228                                         }
 229                                         setPostRequestParameter('old_email', $content['email']);
 230                                 } // END - if
 231
 232                                 // Update member's profile
 233                                 if (isExtensionActive('country')) {
 234                                         // New way
 235                                         SQL_QUERY_ESC("UPDATE
 236         `{?_MYSQL_PREFIX?}_user_data`
 237 SET
 238         `gender`='%s', `surname`='%s', `family`='%s',
 239         `street_nr`='%s',
 240         `country_code`=%s, `zip`=%s, `city`='%s',
 241         `email`='%s',
 242         `birth_day`=%s, `birth_month`=%s, `birth_year`=%s,
 243         `max_mails`='%s',
 244         `last_update`=UNIX_TIMESTAMP()".$AND.",
 245         `notified`='N',
 246         `last_profile_sent`=UNIX_TIMESTAMP()
 247 WHERE
 248         `userid`=%s
 249 LIMIT 1",
 250                                                 array(
 251                                                         postRequestParameter('gender'),
 252                                                         postRequestParameter('surname'),
 253                                                         postRequestParameter('family'),
 254                                                         postRequestParameter('street_nr'),
 255                                                         bigintval(postRequestParameter('country_code')),
 256                                                         bigintval(postRequestParameter('zip')),
 257                                                         postRequestParameter('city'),
 258                                                         postRequestParameter('email'),
 259                                                         bigintval(postRequestParameter('day')),
 260                                                         bigintval(postRequestParameter('month')),
 261                                                         bigintval(postRequestParameter('year')),
 262                                                         bigintval(postRequestParameter('max_mails')),
 263                                                         getMemberId()
 264                                                 ), __FILE__, __LINE__);
 265                                 } else {
 266                                         // Old way
 267                                         SQL_QUERY_ESC("UPDATE
 268         `{?_MYSQL_PREFIX?}_user_data`
 269 SET
 270         `gender`='%s', `surname`='%s', `family`='%s',
 271         `street_nr`='%s',
 272         `country`='%s', `zip`=%s, `city`='%s',
 273         `email`='%s',
 274         `birth_day`=%s, `birth_month`=%s, `birth_year`=%s,
 275         `max_mails`='%s',
 276         `last_update`=UNIX_TIMESTAMP()".$AND.",
 277         `notified`='N',
 278         `last_profile_sent`=UNIX_TIMESTAMP()
 279 WHERE
 280         `userid`=%s
 281 LIMIT 1",
 282                                                 array(
 283                                                         postRequestParameter('gender'),
 284                                                         postRequestParameter('surname'),
 285                                                         postRequestParameter('family'),
 286                                                         postRequestParameter('street_nr'),
 287                                                         postRequestParameter('cntry'),
 288                                                         bigintval(postRequestParameter('zip')),
 289                                                         postRequestParameter('city'),
 290                                                         postRequestParameter('email'),
 291                                                         bigintval(postRequestParameter('day')),
 292                                                         bigintval(postRequestParameter('month')),
 293                                                         bigintval(postRequestParameter('year')),
 294                                                         bigintval(postRequestParameter('max_mails')),
 295                                                         getMemberId()
 296                                                 ), __FILE__, __LINE__);
 297                                 }
 298
 299                                 // Did something change?
 300                                 if (SQL_AFFECTEDROWS() == 1) {
 301                                         // Get all modes ...
 302                                         $modes = explode(';', $mode);
 303
 304                                         // ... and run them through
 305                                         sendModeMails ('mydata', $modes);
 306                                 } else {
 307                                         // Something went wrong
 308                                         loadTemplate('admin_settings_saved', false, getMessage('MEMBER_UPDATE_FAILED'));
 309                                 }
 310                         } else {
 311                                 // Entered wrong pass for updating profile
 312                                 loadTemplate('admin_settings_saved', false, getMessage('MEBER_UPDATE_PWD_WRONG'));
 313                         }
 314                 }
 315                 break;
 316
 317         case 'notify': // Switch off notfication
 318                 SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `notified`='N', `last_update`=UNIX_TIMESTAMP() WHERE `userid`=%s LIMIT 1",
 319                         array(getMemberId()), __FILE__, __LINE__);
 320                 $url = 'modules.php?module=login&amp;what=welcome&amp;code=' . urlencode(getMessage('PROFILE_UPDATED'));
 321                 break;
 322 } // END - switch
 323
 324 if (!empty($url)) {
 325         // Load generated URL
 326         redirectToUrl($url);
 327 } // END - if
 328
 329 // [EOF]
 330 ?>