4b9f8584bfba94b645818ee4e8e9265ac271f48c
[mailer.git] / inc / modules / member / what-mydata.php
1 <?php
2 /************************************************************************
3  * Mailer v0.2.1-FINAL                                Start: 10/16/2003 *
4  * ===================                          Last change: 06/30/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : what-mydata.php                                  *
8  * -------------------------------------------------------------------- *
9  * Short description : Members can edit their profile data here         *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Mitglieder koennen hier ihre Profildaten aendern *
12  * -------------------------------------------------------------------- *
13  * $Revision::                                                        $ *
14  * $Date::                                                            $ *
15  * $Tag:: 0.2.1-FINAL                                                 $ *
16  * $Author::                                                          $ *
17  * -------------------------------------------------------------------- *
18  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
19  * Copyright (c) 2009 - 2011 by Mailer Developer Team                   *
20  * For more information visit: http://www.mxchange.org                  *
21  *                                                                      *
22  * This program is free software; you can redistribute it and/or modify *
23  * it under the terms of the GNU General Public License as published by *
24  * the Free Software Foundation; either version 2 of the License, or    *
25  * (at your option) any later version.                                  *
26  *                                                                      *
27  * This program is distributed in the hope that it will be useful,      *
28  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
29  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
30  * GNU General Public License for more details.                         *
31  *                                                                      *
32  * You should have received a copy of the GNU General Public License    *
33  * along with this program; if not, write to the Free Software          *
34  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
35  * MA  02110-1301  USA                                                  *
36  ************************************************************************/
37
38 // Some security stuff...
39 if (!defined('__SECURITY')) {
40         die();
41 } elseif (!isMember()) {
42         redirectToIndexMemberOnlyModule();
43 }
44
45 // Add description as navigation point
46 addYouAreHereLink('member', __FILE__);
47
48 if ((!isExtensionActive('mydata')) && (!isAdmin())) {
49         displayMessage(generateExtensionInactiveNotInstalledMessage('mydata'));
50         return;
51 } // END - if
52
53 // Add userid
54 $content = array();
55
56 // Init variable to prevent notices
57 $url = '';
58
59 // Detect what the member wants to do
60 $mode = 'show'; // Show his data
61 if (isPostRequestParameterSet('save'))   $mode = 'save';   // Save entered data
62 if (isFormSent('edit'))   $mode = 'edit';   // Edit data
63 if (isPostRequestParameterSet('notify')) $mode = 'notify'; // Switch off notification
64
65 switch ($mode) {
66         case 'show': // Show his data
67                 // Get line
68                 $content = merge_array($content, getUserDataArray());
69
70                 // Translate some things
71                 $content['last_update'] = generateDateTime($content['last_update'], 0);
72
73                 // How far is last change on his profile away from now?
74                 if ((($content['last_update'] + getProfileLock()) > time()) && (!isAdmin()) && (getProfileLock() > 0)) {
75                         // You cannot change your account
76                         $content['change'] = displayMessage('<div class="notice">' . getMaskedMessage('MEMBER_PROFILE_LOCKED', generateDateTime($content['last_update'] + getProfileLock(), 0)) . '</div>', true);
77                 } else {
78                         // He is allowed to change his profile
79                         $content['change'] = loadTemplate('member_mydata_button', true);
80                 }
81
82                 if (strlen($content['birth_day'])   == 1) $content['birth_day']   = '0' . $content['birth_day'];
83                 if (strlen($content['birth_month']) == 1) $content['birth_month'] = '0' . $content['birth_month'];
84
85                 switch (getLanguage()) {
86                         case 'de': $content['dob'] = $content['birth_day']   . '.' . $content['birth_month'] . '.' . $content['birth_year']; break;
87                         default  : $content['dob'] = $content['birth_month'] . '-' . $content['birth_day']   . '-' . $content['birth_year']; break;
88                 } // END - switch
89
90                 if (isExtensionActive('country')) {
91                         // Load country's description and code
92                         $content['country'] = generateCountryInfo($content['country_code']);
93                 } // END - if
94
95                 // Load template
96                 loadTemplate('member_mydata_overview', false, $content);
97                 break;
98
99         case 'edit': // Edit data
100                 if (isExtensionActive('country', true)) {
101                         // New way                          0          1            2             3         4       5       6           7            8              9          10         11               12            13
102                         $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `street_nr`, `country_code`, `zip`, `city`, `email`, `birth_day`, `birth_month`, `birth_year`, `gender`, `max_mails`, `receive_mails`, `last_update`
103 FROM
104         `{?_MYSQL_PREFIX?}_user_data`
105 WHERE
106         `userid`=%s
107 LIMIT 1",
108                         array(getMemberId()), __FILE__, __LINE__);
109                 } else {
110                         // Old way                          0          1            2          3       4       5       6           7            8              9          10         11               12            13
111                         $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `street_nr`, `country`, `zip`, `city`, `email`, `birth_day`, `birth_month`, `birth_year`, `gender`, `max_mails`, `receive_mails`, `last_update`
112 FROM
113         `{?_MYSQL_PREFIX?}_user_data`
114 WHERE
115         `userid`=%s
116 LIMIT 1",
117                                 array(getMemberId()), __FILE__, __LINE__);
118                 }
119
120                 // Get line
121                 $content = merge_array($content, SQL_FETCHARRAY($result, 0, false));
122
123                 // Free result
124                 SQL_FREERESULT($result);
125
126                 $content['update_check'] = $content['last_update'] + getProfileLock();
127
128                 // How far is last change on his profile away from now?
129                 if (($content['update_check'] > time()) && (!isAdmin()) && (getProfileLock() > 0)) {
130                         $content['update_check'] = getMaskedMessage('MEMBER_PROFILE_LOCKED', generateDateTime($content['update_check'] + getProfileLock(), 0));
131
132                         // You cannot change your account
133                         displayMessage($content['update_check']);
134                 } else {
135                         // Init elements
136                         $content['dob'] = '';
137
138                         switch (getLanguage()) {
139                                 case 'de': // German date format
140                                         // Day
141                                         $content['dob'] .= addSelectionBox('day', $content['birth_day']);
142
143                                         // Month
144                                         $content['dob'] .= addSelectionBox('month', $content['birth_month']);
145
146                                         // Year
147                                         $content['dob'] .= addSelectionBox('year', $content['birth_year']);
148                                         break;
149
150                                 default: // Default is the US date format... :)
151                                         // Month
152                                         $content['dob'] .= addSelectionBox('month', $content['birth_month']);
153
154                                         // Day
155                                         $content['dob'] .= addSelectionBox('day', $content['birth_day']);
156
157                                         // Year
158                                         $content['dob'] .= addSelectionBox('year', $content['birth_year']);
159                                         break;
160                         } // END - if
161
162                         $content['max_receive_list'] = addMaxReceiveList('member', $content['max_mails'], true);
163
164                         if (isExtensionActive('country')) {
165                                 // Generate selection box
166                                 $OUT  = '<select name="country_code" class="form_select" size="1">';
167                                 $whereStatement = "WHERE `is_active`='Y'";
168                                 if (isAdmin()) $whereStatement = '';
169                                 $OUT .= generateOptionList('countries', 'id', 'descr', $content['country_code'], 'code', $whereStatement);
170                                 $OUT .= '</select>';
171                                 $content['country'] = $OUT;
172                         } else {
173                                 // Ouput default input box
174                                 $content['country'] = '<input type="text" name="cntry" class="form_field" size="2" maxlength="3" value="' . $content['country'] . '" />';
175                         }
176
177                         // Load template
178                         loadTemplate('member_mydata_edit', false, $content);
179                 }
180                 break;
181
182         case 'save': // Save entered data
183                 // Get line
184                 $content = merge_array($content, getUserDataArray());
185
186                 // Calculate time to check
187                 $content['update_check'] = $content['last_update'] + getProfileLock();
188
189                 // How far is last change on his profile away from now?
190                 if (($content['update_check'] > time()) && (!isAdmin()) && (getProfileLock() > 0)) {
191                         // You cannot change your account
192                         $content['update_check'] = generateDateTime($content['update_check'] + getProfileLock(), 0);
193
194                         displayMessage($content['update_check']);
195                 } elseif ((!isEmailValid(postRequestParameter('email'))) && (!isAdmin())) {
196                         // Invalid email address!
197                         displayMessage('{--INVALID_EMAIL_ENTERED--}');
198                 } elseif ((isEmailTaken(postRequestParameter('email'))) && (isCheckDoubleEmailEnabled()) && (!isAdmin())) {
199                         // Email address is already registered
200                         displayMessage('{--MEMBER_EMAIL_IS_ALREADY_REGISTERED--}');
201                 } else {
202                         // Generate hash
203                         $hash = generateHash(postRequestParameter('pass1'), substr($content['password'], 0, -40));
204                         if ((($hash == $content['password']) || (postRequestParameter('pass1') == postRequestParameter('pass2'))) && (isPostRequestParameterSet('pass1'))) {
205                                 // Only on simple changes normal mode is active = no email or password changed
206                                 $mode = 'normal';
207                                 $AND = '';
208
209                                 // Did the user changed the password?
210                                 if ($hash != $content['password']) {
211                                         $AND = ", `password`='" . $hash . "'";
212                                         $mode = 'password';
213                                 } // END - if
214
215                                 // Or did he changed his password?
216                                 if (postRequestParameter('email') != $content['email']) {
217                                         // Jupp
218                                         if ($mode == 'normal') {
219                                                 $mode = 'email';
220                                         } else {
221                                                 $mode .= ';email';
222                                         }
223                                         setPostRequestParameter('old_email', $content['email']);
224                                 } // END - if
225
226                                 // Update member's profile
227                                 if (isExtensionActive('country')) {
228                                         // New way
229                                         SQL_QUERY_ESC("UPDATE
230         `{?_MYSQL_PREFIX?}_user_data`
231 SET
232         `gender`='%s', `surname`='%s', `family`='%s',
233         `street_nr`='%s',
234         `country_code`=%s, `zip`=%s, `city`='%s',
235         `email`='%s',
236         `birth_day`=%s, `birth_month`=%s, `birth_year`=%s,
237         `max_mails`='%s',
238         `last_update`=UNIX_TIMESTAMP()".$AND.",
239         `notified`='N',
240         `last_profile_sent`=UNIX_TIMESTAMP()
241 WHERE
242         `userid`=%s
243 LIMIT 1",
244                                                 array(
245                                                         postRequestParameter('gender'),
246                                                         postRequestParameter('surname'),
247                                                         postRequestParameter('family'),
248                                                         postRequestParameter('street_nr'),
249                                                         bigintval(postRequestParameter('country_code')),
250                                                         bigintval(postRequestParameter('zip')),
251                                                         postRequestParameter('city'),
252                                                         postRequestParameter('email'),
253                                                         bigintval(postRequestParameter('day')),
254                                                         bigintval(postRequestParameter('month')),
255                                                         bigintval(postRequestParameter('year')),
256                                                         bigintval(postRequestParameter('max_mails')),
257                                                         getMemberId()
258                                                 ), __FILE__, __LINE__);
259                                 } else {
260                                         // Old way
261                                         SQL_QUERY_ESC("UPDATE
262         `{?_MYSQL_PREFIX?}_user_data`
263 SET
264         `gender`='%s', `surname`='%s', `family`='%s',
265         `street_nr`='%s',
266         `country`='%s', `zip`=%s, `city`='%s',
267         `email`='%s',
268         `birth_day`=%s, `birth_month`=%s, `birth_year`=%s,
269         `max_mails`='%s',
270         `last_update`=UNIX_TIMESTAMP()".$AND.",
271         `notified`='N',
272         `last_profile_sent`=UNIX_TIMESTAMP()
273 WHERE
274         `userid`=%s
275 LIMIT 1",
276                                                 array(
277                                                         postRequestParameter('gender'),
278                                                         postRequestParameter('surname'),
279                                                         postRequestParameter('family'),
280                                                         postRequestParameter('street_nr'),
281                                                         postRequestParameter('cntry'),
282                                                         bigintval(postRequestParameter('zip')),
283                                                         postRequestParameter('city'),
284                                                         postRequestParameter('email'),
285                                                         bigintval(postRequestParameter('day')),
286                                                         bigintval(postRequestParameter('month')),
287                                                         bigintval(postRequestParameter('year')),
288                                                         bigintval(postRequestParameter('max_mails')),
289                                                         getMemberId()
290                                                 ), __FILE__, __LINE__);
291                                 }
292
293                                 // Did something change?
294                                 if (!SQL_HASZEROAFFECTED()) {
295                                         // Get all modes ...
296                                         $modes = explode(';', $mode);
297
298                                         // ... and run them through
299                                         sendModeMails ('mydata', $modes);
300                                 } else {
301                                         // Something went wrong
302                                         displayMessage('{--MEMBER_UPDATE_FAILED--}');
303                                 }
304                         } else {
305                                 // Entered wrong pass for updating profile
306                                 displayMessage('{--MEBER_UPDATE_PWD_WRONG--}');
307                         }
308                 }
309                 break;
310
311         case 'notify': // Switch off notfication
312                 SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `notified`='N', `last_update`=UNIX_TIMESTAMP() WHERE `userid`=%s LIMIT 1",
313                         array(getMemberId()), __FILE__, __LINE__);
314                 $url = 'modules.php?module=login&amp;what=mydata&amp;code=' . getCode('PROFILE_UPDATED');
315                 break;
316 } // END - switch
317
318 if (!empty($url)) {
319         // Load generated URL
320         redirectToUrl($url);
321 } // END - if
322
323 // [EOF]
324 ?>