inc/modules/member/what-mydata.php

   1 <?php
   2 /************************************************************************
   3  * MXChange v0.2.1                                    Start: 10/16/2003 *
   4  * ===============                              Last change: 06/30/2004 *
   5  *                                                                      *
   6  * -------------------------------------------------------------------- *
   7  * File              : what-mydata.php                                  *
   8  * -------------------------------------------------------------------- *
   9  * Short description : Members can edit their profile data here         *
  10  * -------------------------------------------------------------------- *
  11  * Kurzbeschreibung  : Mitglieder koennen hier ihre Profildaten aendern *
  12  * -------------------------------------------------------------------- *
  13  * $Revision::                                                        $ *
  14  * $Date::                                                            $ *
  15  * $Tag:: 0.2.1-FINAL                                                 $ *
  16  * $Author::                                                          $ *
  17  * Needs to be in all Files and every File needs "svn propset           *
  18  * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
  19  * -------------------------------------------------------------------- *
  20  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
  21  * For more information visit: http://www.mxchange.org                  *
  22  *                                                                      *
  23  * This program is free software; you can redistribute it and/or modify *
  24  * it under the terms of the GNU General Public License as published by *
  25  * the Free Software Foundation; either version 2 of the License, or    *
  26  * (at your option) any later version.                                  *
  27  *                                                                      *
  28  * This program is distributed in the hope that it will be useful,      *
  29  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
  30  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
  31  * GNU General Public License for more details.                         *
  32  *                                                                      *
  33  * You should have received a copy of the GNU General Public License    *
  34  * along with this program; if not, write to the Free Software          *
  35  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
  36  * MA  02110-1301  USA                                                  *
  37  ************************************************************************/
  38
  39 // Some security stuff...
  40 if (!defined('__SECURITY')) {
  41         die();
  42 } elseif (!isMember()) {
  43         redirectToIndexMemberOnlyModule();
  44 }
  45
  46 // Add description as navigation point
  47 addMenuDescription('member', __FILE__);
  48
  49 if ((!isExtensionActive('mydata')) && (!isAdmin())) {
  50         loadTemplate('admin_settings_saved', false, generateExtensionInactiveNotInstalledMessage('mydata'));
  51         return;
  52 } // END - if
  53
  54 // Add userid
  55 $content = array(
  56         'userid' => getUserId()
  57 );
  58
  59 // Init variable to prevent notices
  60 $URL = '';
  61
  62 // Detect what the member wants to do
  63 $mode = 'show'; // Show his data
  64 if (isPostRequestElementSet('save'))   $mode = 'save';   // Save entered data
  65 if (isPostRequestElementSet('edit'))   $mode = 'edit';   // Edit data
  66 if (isPostRequestElementSet('notify')) $mode = 'notify'; // Switch off notification
  67
  68 switch ($mode) {
  69         case 'show': // Show his data
  70                 // Get user data
  71                 if (!fetchUserData(getUserId())) {
  72                         // Something really bad happended
  73                         debug_report_bug('No user account ' . getUserId() . ' found.');
  74                 } // END - if
  75
  76                 // Get line
  77                 $content = merge_array($content, getUserDataArray());
  78
  79                 // Translate some things
  80                 $content['gender']      = translateGender($content['gender']);
  81                 $content['last_update'] = generateDateTime($content['last_update'], 0);
  82
  83                 // How far is last change on his profile away from now?
  84                 if ((($content['last_update'] + getConfig('profile_lock')) > time()) && (!isAdmin()) && (getConfig('profile_lock') > 0)) {
  85                         // You cannot change your account
  86                         $content['change'] = loadTemplate('admin_settings_saved', true, "<div class=\"member_failed\">".sprintf(getMessage('MEMBER_PROFILE_LOCKED'), generateDateTime($content['last_update'] + getConfig('profile_lock'), 0))."</div>");
  87                 } else {
  88                         // He is allowed to change his profile
  89                         $content['change'] = loadTemplate('member_mydata_button', true);
  90                 }
  91
  92                 if (strlen($content['birth_day'])   == 1) $content['birth_day']   = 0 . $content['birth_day'];
  93                 if (strlen($content['birth_month']) == 1) $content['birth_month'] = 0 . $content['birth_month'];
  94
  95                 switch (getLanguage()) {
  96                         case 'de': $content['dob'] = $content['birth_day']   . '.' . $content['birth_month'] . '.' . $content['birth_year']; break;
  97                         default  : $content['dob'] = $content['birth_month'] . '-' . $content['birth_day']   . '-' . $content['birth_year']; break;
  98                 } // END - switch
  99
 100                 if (isExtensionActive('country')) {
 101                         // Load country's description and code
 102                         $content['country'] = generateCountryInfo($content['country_code']);
 103                 } // END - if
 104
 105                 // Load template
 106                 loadTemplate('member_mydata_overview', false, $content);
 107                 break;
 108
 109         case 'edit': // Edit data
 110                 if (isExtensionActive('country', true)) {
 111                         // New way                          0          1            2             3         4       5       6           7            8              9          10         11               12            13
 112                         $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `street_nr`, `country_code`, `zip`, `city`, `email`, `birth_day`, `birth_month`, `birth_year`, `gender`, `max_mails`, `receive_mails`, `last_update`
 113 FROM
 114         `{?_MYSQL_PREFIX?}_user_data`
 115 WHERE
 116         `userid`=%s
 117 LIMIT 1",
 118                         array(getUserId()), __FILE__, __LINE__);
 119                 } else {
 120                         // Old way                          0          1            2          3       4       5       6           7            8              9          10         11               12            13
 121                         $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `street_nr`, `country`, `zip`, `city`, `email`, `birth_day`, `birth_month`, `birth_year`, `gender`, `max_mails`, `receive_mails`, `last_update`
 122 FROM
 123         `{?_MYSQL_PREFIX?}_user_data`
 124 WHERE
 125         `userid`=%s
 126 LIMIT 1",
 127                                 array(getUserId()), __FILE__, __LINE__);
 128                 }
 129
 130                 // Get line
 131                 $content = merge_array($content, SQL_FETCHARRAY($result, 0, false));
 132
 133                 // Free result
 134                 SQL_FREERESULT($result);
 135
 136                 $content['update_check'] = $content['last_update'] + getConfig('profile_lock');
 137
 138                 // How far is last change on his profile away from now?
 139                 if (($content['update_check'] > time()) && (!isAdmin()) && (getConfig('profile_lock') > 0)) {
 140                         $content['update_check'] = sprintf(getMessage('MEMBER_PROFILE_LOCKED'), generateDateTime($content['update_check'] + getConfig('profile_lock'), 0));
 141
 142                         // You cannot change your account
 143                         loadTemplate('member_mydata_locked', false, $content);
 144                 } else {
 145                         // He is allowed to change his profile
 146                         foreach (array('gender_m','gender_f','gender_c') as $entry) {
 147                                 $content[$entry] = '';
 148                         } // END - foreach
 149
 150                         $content['gender_' . strtolower($content['gender'])] = ' selected="selected"';
 151                         $content['dob'] = '';
 152
 153                         switch (getLanguage()) {
 154                                 case 'de': // German date format
 155                                         // Day
 156                                         $content['dob'] .= addSelectionBox('day', $content['birth_day']);
 157
 158                                         // Month
 159                                         $content['dob'] .= addSelectionBox('month', $content['birth_month']);
 160
 161                                         // Year
 162                                         $content['dob'] .= addSelectionBox('year', $content['birth_year']);
 163                                         break;
 164
 165                                 default: // Default is the US date format... :)
 166                                         // Month
 167                                         $content['dob'] .= addSelectionBox('month', $content['birth_month']);
 168
 169                                         // Day
 170                                         $content['dob'] .= addSelectionBox('day', $content['birth_day']);
 171
 172                                         // Year
 173                                         $content['dob'] .= addSelectionBox('year', $content['birth_year']);
 174                                         break;
 175                         } // END - if
 176
 177                         $content['max_receive_list'] = addMaxReceiveList('member', $content['max_mails'], true);
 178
 179                         if (isExtensionActive('country')) {
 180                                 // Generate selection box
 181                                 $OUT  = "<select name=\"country_code\" class=\"member_select\" size=\"1\">\n";
 182                                 $whereStatement = "WHERE `is_active`='Y'";
 183                                 if (isAdmin()) $whereStatement = '';
 184                                 $OUT .= generateOptionList('countries', 'id', 'descr', $content['country_code'], 'code', $whereStatement);
 185                                 $OUT .= "</select>";
 186                                 $content['country'] = $OUT;
 187                         } else {
 188                                 // Ouput default input box
 189                                 $content['country'] = "<input type=\"text\" name=\"cntry\" class=\"member_normal\" size=\"2\" maxlength=\"3\" value=\"".$content['country']."\" />";
 190                         }
 191
 192                         // Load template
 193                         loadTemplate('member_mydata_edit', false, $content);
 194                 }
 195                 break;
 196
 197         case 'save': // Save entered data
 198                 // Load old email / password
 199                 if (!fetchUserData(getUserId())) {
 200                         // Something really bad happened
 201                         debug_report_bug('No user account ' . getUserId() . ' found.');
 202                 } // END - if
 203
 204                 // Get line
 205                 $content = merge_array($content, getUserDataArray());
 206
 207                 // Calculate time to check
 208                 $content['update_check'] = $content['last_update'] + getConfig('profile_lock');
 209
 210                 // How far is last change on his profile away from now?
 211                 if (($content['update_check'] > time()) && (!isAdmin()) && (getConfig('profile_lock') > 0)) {
 212                         $content['update_check'] = generateDateTime($content['update_check'] + getConfig('profile_lock'), 0);
 213                         // You cannot change your account
 214                         loadTemplate('member_mydata_locked', false, $content);
 215                 } elseif ((!isEmailValid(postRequestElement('email'))) && (!isAdmin())) {
 216                         // Invalid email address!
 217                         loadTemplate('admin_settings_saved', false, getMessage('INVALID_EMAIL_ADDRESS_ENTERED'));
 218                 } else {
 219                         // Generate hash
 220                         $hash = generateHash(postRequestElement('pass1'), substr($content['password'], 0, -40));
 221                         if ((($hash == $content['password']) || (postRequestElement('pass1') == postRequestElement('pass2'))) && (isPostRequestElementSet('pass1'))) {
 222                                 // Only on simple changes normal mode is active = no email or password changed
 223                                 $mode = 'normal'; $AND = '';
 224
 225                                 // Did the user changed the password?
 226                                 if ($hash != $content['password']) { $AND = ", `password`='".$hash."'"; $mode = 'pass'; }
 227
 228                                 // Or did he changed his password?
 229                                 if (postRequestElement('email') != $content['email']) {
 230                                         // Jupp
 231                                         if ($mode == 'normal') {
 232                                                 $mode = 'email';
 233                                         } else {
 234                                                 $mode .= ';email';
 235                                         }
 236                                         setRequestPostElement('old_email', $content['email']);
 237                                 } // END - if
 238
 239                                 // Update member's profile
 240                                 if (isExtensionActive('country')) {
 241                                         // New way
 242                                         SQL_QUERY_ESC("UPDATE
 243         `{?_MYSQL_PREFIX?}_user_data`
 244 SET
 245         `gender`='%s', `surname`='%s', `family`='%s',
 246         `street_nr`='%s',
 247         `country_code`=%s, `zip`=%s, `city`='%s',
 248         `email`='%s',
 249         `birth_day`=%s, `birth_month`=%s, `birth_year`=%s,
 250         `max_mails`='%s',
 251         `last_update`=UNIX_TIMESTAMP()".$AND.",
 252         `notified`='N',
 253         `last_profile_sent`=UNIX_TIMESTAMP()
 254 WHERE
 255         `userid`=%s
 256 LIMIT 1",
 257                                                 array(
 258                                                         postRequestElement('gender'),
 259                                                         postRequestElement('surname'),
 260                                                         postRequestElement('family'),
 261                                                         postRequestElement('street_nr'),
 262                                                         bigintval(postRequestElement('country_code')),
 263                                                         bigintval(postRequestElement('zip')),
 264                                                         postRequestElement('city'),
 265                                                         postRequestElement('email'),
 266                                                         bigintval(postRequestElement('day')),
 267                                                         bigintval(postRequestElement('month')),
 268                                                         bigintval(postRequestElement('year')),
 269                                                         bigintval(postRequestElement('max_mails')),
 270                                                         getUserId()
 271                                                 ), __FILE__, __LINE__);
 272                                 } else {
 273                                         // Old way
 274                                         SQL_QUERY_ESC("UPDATE
 275         `{?_MYSQL_PREFIX?}_user_data`
 276 SET
 277         `gender`='%s', `surname`='%s', `family`='%s',
 278         `street_nr`='%s',
 279         `country`='%s', `zip`=%s, `city`='%s',
 280         `email`='%s',
 281         `birth_day`=%s, `birth_month`=%s, `birth_year`=%s,
 282         `max_mails`='%s',
 283         `last_update`=UNIX_TIMESTAMP()".$AND.",
 284         `notified`='N',
 285         `last_profile_sent`=UNIX_TIMESTAMP()
 286 WHERE
 287         `userid`=%s
 288 LIMIT 1",
 289                                                 array(
 290                                                         postRequestElement('gender'),
 291                                                         postRequestElement('surname'),
 292                                                         postRequestElement('family'),
 293                                                         postRequestElement('street_nr'),
 294                                                         postRequestElement('cntry'),
 295                                                         bigintval(postRequestElement('zip')),
 296                                                         postRequestElement('city'),
 297                                                         postRequestElement('email'),
 298                                                         bigintval(postRequestElement('day')),
 299                                                         bigintval(postRequestElement('month')),
 300                                                         bigintval(postRequestElement('year')),
 301                                                         bigintval(postRequestElement('max_mails')),
 302                                                         getUserId()
 303                                                 ), __FILE__, __LINE__);
 304                                 }
 305
 306                                 // Did something change?
 307                                 if (SQL_AFFECTEDROWS() == 1) {
 308                                         // Get all modes ...
 309                                         $modes = explode(';', $mode);
 310
 311                                         // ... and run them through
 312                                         sendModeMails ('mydata', $modes);
 313                                 } else {
 314                                         // Something went wrong
 315                                         loadTemplate('admin_settings_saved', false, getMessage('MEMBER_UPDATE_FAILED'));
 316                                 }
 317                         } else {
 318                                 // Entered wrong pass for updating profile
 319                                 loadTemplate('admin_settings_saved', false, getMessage('MEBER_UPDATE_PWD_WRONG'));
 320                         }
 321                 }
 322                 break;
 323
 324         case 'notify': // Switch off notfication
 325                 SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `notified`='N', `last_update`=UNIX_TIMESTAMP() WHERE `userid`=%s LIMIT 1",
 326                         array(getUserId()), __FILE__, __LINE__);
 327                 $URL = 'modules.php?module=login&amp;what=welcome&amp;code=' . urlencode(getMessage('PROFILE_UPDATED'));
 328                 break;
 329 } // END - switch
 330
 331 if (!empty($URL)) {
 332         // Load generated URL
 333         redirectToUrl($URL);
 334 } // END - if
 335
 336 // [EOF]
 337 ?>