2 /************************************************************************
3 * MXChange v0.2.1 Start: 10/16/2003 *
4 * =============== Last change: 06/30/2004 *
6 * -------------------------------------------------------------------- *
7 * File : what-mydata.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Members can edit their profile data here *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Mitglieder koennen hier ihre Profildaten aendern *
12 * -------------------------------------------------------------------- *
15 * $Tag:: 0.2.1-FINAL $ *
17 * Needs to be in all Files and every File needs "svn propset *
18 * svn:keywords Date Revision" (autoprobset!) at least!!!!!! *
19 * -------------------------------------------------------------------- *
20 * Copyright (c) 2003 - 2009 by Roland Haeder *
21 * For more information visit: http://www.mxchange.org *
23 * This program is free software; you can redistribute it and/or modify *
24 * it under the terms of the GNU General Public License as published by *
25 * the Free Software Foundation; either version 2 of the License, or *
26 * (at your option) any later version. *
28 * This program is distributed in the hope that it will be useful, *
29 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
30 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
31 * GNU General Public License for more details. *
33 * You should have received a copy of the GNU General Public License *
34 * along with this program; if not, write to the Free Software *
35 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
37 ************************************************************************/
39 // Some security stuff...
40 if (!defined('__SECURITY')) {
42 } elseif (!isMember()) {
43 redirectToIndexMemberOnlyModule();
46 // Add description as navigation point
47 addMenuDescription('member', __FILE__);
49 if ((!isExtensionActive('mydata')) && (!isAdmin())) {
50 loadTemplate('admin_settings_saved', false, generateExtensionInactiveNotInstalledMessage('mydata'));
56 'userid' => getUserId()
59 // Init variable to prevent notices
62 // Detect what the member wants to do
63 $mode = 'show'; // Show his data
64 if (isPostRequestElementSet('save')) $mode = 'save'; // Save entered data
65 if (isPostRequestElementSet('edit')) $mode = 'edit'; // Edit data
66 if (isPostRequestElementSet('notify')) $mode = 'notify'; // Switch off notification
69 case 'show': // Show his data
70 if (isExtensionActive('country', true)) {
71 // New way 1 2 3 4 5 6 7 8 9 10 11 12 13 14
72 $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `street_nr`, `country_code`, `zip`, `city`, `email`, `birth_day`, `birth_month`, `birth_year`, `gender`, `max_mails`, `receive_mails`, `last_update` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1",
73 array(getUserId()), __FILE__, __LINE__);
75 // Old way 1 2 3 4 5 6 7 8 9 10 11 12 13 14
76 $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `street_nr`, `country`, `zip`, `city`, `email`, `birth_day`, `birth_month`, `birth_year`, `gender`, `max_mails`, `receive_mails`, `last_update` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1",
77 array(getUserId()), __FILE__, __LINE__);
81 $content = merge_array($content, SQL_FETCHARRAY($result, 0, false));
84 SQL_FREERESULT($result);
86 // Translate some things
87 $content['gender'] = translateGender($content['gender']);
88 $content['last_update'] = generateDateTime($content['last_update'], 0);
90 // How far is last change on his profile away from now?
91 if ((($content['last_update'] + getConfig('profile_lock')) > time()) && (!isAdmin()) && (getConfig('profile_lock') > 0)) {
92 // You cannot change your account
93 $content['change'] = loadTemplate('admin_settings_saved', true, "<div class=\"member_failed\">".sprintf(getMessage('MEMBER_PROFILE_LOCKED'), generateDateTime($content['last_update'] + getConfig('profile_lock'), 0))."</div>");
95 // He is allowed to change his profile
96 $content['change'] = loadTemplate('member_mydata_button', true);
99 if (strlen($content['birth_day']) == 1) $content['birth_day'] = 0 . $content['birth_day'];
100 if (strlen($content['birth_month']) == 1) $content['birth_month'] = 0 . $content['birth_month'];
102 switch (getLanguage()) {
103 case 'de': $content['dob'] = $content['birth_day'] . '.' . $content['birth_month'] . '.' . $content['birth_year']; break;
104 default : $content['dob'] = $content['birth_month'] . '-' . $content['birth_day'] . '-' . $content['birth_year']; break;
107 if (isExtensionActive('country')) {
108 // Load country's description and code
109 $content['country'] = generateCountryInfo($content['country_code']);
113 loadTemplate('member_mydata_overview', false, $content);
116 case 'edit': // Edit data
117 if (isExtensionActive('country', true)) {
118 // New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
119 $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `street_nr`, `country_code`, `zip`, `city`, `email`, `birth_day`, `birth_month`, `birth_year`, `gender`, `max_mails`, `receive_mails`, `last_update`
121 `{?_MYSQL_PREFIX?}_user_data`
125 array(getUserId()), __FILE__, __LINE__);
127 // Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
128 $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `street_nr`, `country`, `zip`, `city`, `email`, `birth_day`, `birth_month`, `birth_year`, `gender`, `max_mails`, `receive_mails`, `last_update`
130 `{?_MYSQL_PREFIX?}_user_data`
134 array(getUserId()), __FILE__, __LINE__);
138 $content = merge_array($content, SQL_FETCHARRAY($result, 0, false));
141 SQL_FREERESULT($result);
143 $content['update_check'] = $content['last_update'] + getConfig('profile_lock');
145 // How far is last change on his profile away from now?
146 if (($content['update_check'] > time()) && (!isAdmin()) && (getConfig('profile_lock') > 0)) {
147 $content['update_check'] = sprintf(getMessage('MEMBER_PROFILE_LOCKED'), generateDateTime($content['update_check'] + getConfig('profile_lock'), 0));
149 // You cannot change your account
150 loadTemplate('member_mydata_locked', false, $content);
152 // He is allowed to change his profile
153 foreach (array('gender_m','gender_f','gender_c') as $entry) {
154 $content[$entry] = '';
157 $content['gender_' . strtolower($content['gender'])] = ' selected="selected"';
158 $content['dob'] = '';
160 switch (getLanguage()) {
161 case 'de': // German date format
163 $content['dob'] .= addSelectionBox('day', $content['birth_day']);
166 $content['dob'] .= addSelectionBox('month', $content['birth_month']);
169 $content['dob'] .= addSelectionBox('year', $content['birth_year']);
172 default: // Default is the US date format... :)
174 $content['dob'] .= addSelectionBox('month', $content['birth_month']);
177 $content['dob'] .= addSelectionBox('day', $content['birth_day']);
180 $content['dob'] .= addSelectionBox('year', $content['birth_year']);
184 $content['max_receive_list'] = addMaxReceiveList('member', $content['max_mails'], true);
186 if (isExtensionActive('country')) {
187 // Generate selection box
188 $OUT = "<select name=\"country_code\" class=\"member_select\" size=\"1\">\n";
189 $whereStatement = "WHERE `is_active`='Y'";
190 if (isAdmin()) $whereStatement = '';
191 $OUT .= generateOptionList('countries', 'id', 'descr', $content['country_code'], 'code', $whereStatement);
193 $content['country'] = $OUT;
195 // Ouput default input box
196 $content['country'] = "<input type=\"text\" name=\"cntry\" class=\"member_normal\" size=\"2\" maxlength=\"3\" value=\"".$content['country']."\" />";
200 loadTemplate('member_mydata_edit', false, $content);
204 case 'save': // Save entered data
205 // Load old email / password: 0 1 2
206 $result = SQL_QUERY_ESC("SELECT `email`, `password`, `last_update` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1",
207 array(getUserId()), __FILE__, __LINE__);
210 $content = merge_array($content, SQL_FETCHARRAY($result, 0, false));
213 SQL_FREERESULT($result);
215 $content['update_check'] = $content['last_update'] + getConfig('profile_lock');
217 // How far is last change on his profile away from now?
218 if (($content['update_check'] > time()) && (!isAdmin()) && (getConfig('profile_lock') > 0)) {
219 $content['update_check'] = generateDateTime($content['update_check'] + getConfig('profile_lock'), 0);
220 // You cannot change your account
221 loadTemplate('member_mydata_locked', false, $content);
222 } elseif ((!isEmailValid(postRequestElement('email'))) && (!isAdmin())) {
223 // Invalid email address!
224 loadTemplate('admin_settings_saved', false, getMessage('INVALID_EMAIL_ADDRESS_ENTERED'));
227 $hash = generateHash(postRequestElement('pass1'), substr($content['password'], 0, -40));
228 if ((($hash == $content['password']) || (postRequestElement('pass1') == postRequestElement('pass2'))) && (isPostRequestElementSet('pass1'))) {
229 // Only on simple changes normal mode is active = no email or password changed
230 $mode = 'normal'; $AND = '';
232 // Did the user changed the password?
233 if ($hash != $content['password']) { $AND = ", `password`='".$hash."'"; $mode = 'pass'; }
235 // Or did he changed his password?
236 if (postRequestElement('email') != $content['email']) {
238 if ($mode == 'normal') {
243 setRequestPostElement('old_email', $content['email']);
246 // Update member's profile
247 if (isExtensionActive('country')) {
249 SQL_QUERY_ESC("UPDATE
250 `{?_MYSQL_PREFIX?}_user_data`
252 `gender`='%s', `surname`='%s', `family`='%s',
254 `country_code`=%s, `zip`=%s, `city`='%s',
256 `birth_day`=%s, `birth_month`=%s, `birth_year`=%s,
258 `last_update`=UNIX_TIMESTAMP()".$AND.",
260 `last_profile_sent`=UNIX_TIMESTAMP()
265 postRequestElement('gender'),
266 postRequestElement('surname'),
267 postRequestElement('family'),
268 postRequestElement('street_nr'),
269 bigintval(postRequestElement('country_code')),
270 bigintval(postRequestElement('zip')),
271 postRequestElement('city'),
272 postRequestElement('email'),
273 bigintval(postRequestElement('day')),
274 bigintval(postRequestElement('month')),
275 bigintval(postRequestElement('year')),
276 bigintval(postRequestElement('max_mails')),
278 ), __FILE__, __LINE__);
281 SQL_QUERY_ESC("UPDATE
282 `{?_MYSQL_PREFIX?}_user_data`
284 `gender`='%s', `surname`='%s', `family`='%s',
286 `country`='%s', `zip`=%s, `city`='%s',
288 `birth_day`=%s, `birth_month`=%s, `birth_year`=%s,
290 `last_update`=UNIX_TIMESTAMP()".$AND.",
292 `last_profile_sent`=UNIX_TIMESTAMP()
297 postRequestElement('gender'),
298 postRequestElement('surname'),
299 postRequestElement('family'),
300 postRequestElement('street_nr'),
301 postRequestElement('cntry'),
302 bigintval(postRequestElement('zip')),
303 postRequestElement('city'),
304 postRequestElement('email'),
305 bigintval(postRequestElement('day')),
306 bigintval(postRequestElement('month')),
307 bigintval(postRequestElement('year')),
308 bigintval(postRequestElement('max_mails')),
310 ), __FILE__, __LINE__);
313 // Did something change?
314 if (SQL_AFFECTEDROWS() == 1) {
316 $modes = explode(';', $mode);
318 // ... and run them through
319 sendModeMails ('mydata', $modes);
321 // Something went wrong
322 loadTemplate('admin_settings_saved', false, getMessage('MEMBER_UPDATE_FAILED'));
325 // Entered wrong pass for updating profile
326 loadTemplate('admin_settings_saved', false, getMessage('MEBER_UPDATE_PWD_WRONG'));
331 case 'notify': // Switch off notfication
332 SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `notified`='N', `last_update`=UNIX_TIMESTAMP() WHERE `userid`=%s LIMIT 1",
333 array(getUserId()), __FILE__, __LINE__);
334 $URL = 'modules.php?module=login&what=welcome&code=' . urlencode(getMessage('PROFILE_UPDATED'));
339 // Load generated URL