inc/modules/member/what-mydata.php

   1 <?php
   2 /************************************************************************
   3  * Mailer v0.2.1-FINAL                                Start: 10/16/2003 *
   4  * ===================                          Last change: 06/30/2004 *
   5  *                                                                      *
   6  * -------------------------------------------------------------------- *
   7  * File              : what-mydata.php                                  *
   8  * -------------------------------------------------------------------- *
   9  * Short description : Members can edit their profile data here         *
  10  * -------------------------------------------------------------------- *
  11  * Kurzbeschreibung  : Mitglieder koennen hier ihre Profildaten aendern *
  12  * -------------------------------------------------------------------- *
  13  * $Revision::                                                        $ *
  14  * $Date::                                                            $ *
  15  * $Tag:: 0.2.1-FINAL                                                 $ *
  16  * $Author::                                                          $ *
  17  * Needs to be in all Files and every File needs "svn propset           *
  18  * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
  19  * -------------------------------------------------------------------- *
  20  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
  21  * Copyright (c) 2009, 2010 by Mailer Developer Team                    *
  22  * For more information visit: http://www.mxchange.org                  *
  23  *                                                                      *
  24  * This program is free software; you can redistribute it and/or modify *
  25  * it under the terms of the GNU General Public License as published by *
  26  * the Free Software Foundation; either version 2 of the License, or    *
  27  * (at your option) any later version.                                  *
  28  *                                                                      *
  29  * This program is distributed in the hope that it will be useful,      *
  30  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
  31  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
  32  * GNU General Public License for more details.                         *
  33  *                                                                      *
  34  * You should have received a copy of the GNU General Public License    *
  35  * along with this program; if not, write to the Free Software          *
  36  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
  37  * MA  02110-1301  USA                                                  *
  38  ************************************************************************/
  39
  40 // Some security stuff...
  41 if (!defined('__SECURITY')) {
  42         die();
  43 } elseif (!isMember()) {
  44         redirectToIndexMemberOnlyModule();
  45 }
  46
  47 // Add description as navigation point
  48 addMenuDescription('member', __FILE__);
  49
  50 if ((!isExtensionActive('mydata')) && (!isAdmin())) {
  51         loadTemplate('admin_settings_saved', false, generateExtensionInactiveNotInstalledMessage('mydata'));
  52         return;
  53 } // END - if
  54
  55 // Add userid
  56 $content = array(
  57         'userid' => getMemberId()
  58 );
  59
  60 // Init variable to prevent notices
  61 $URL = '';
  62
  63 // Detect what the member wants to do
  64 $mode = 'show'; // Show his data
  65 if (isPostRequestParameterSet('save'))   $mode = 'save';   // Save entered data
  66 if (isFormSent('edit'))   $mode = 'edit';   // Edit data
  67 if (isPostRequestParameterSet('notify')) $mode = 'notify'; // Switch off notification
  68
  69 switch ($mode) {
  70         case 'show': // Show his data
  71                 // Get line
  72                 $content = merge_array($content, getUserDataArray());
  73
  74                 // Translate some things
  75                 $content['gender']      = translateGender($content['gender']);
  76                 $content['last_update'] = generateDateTime($content['last_update'], 0);
  77
  78                 // How far is last change on his profile away from now?
  79                 if ((($content['last_update'] + getConfig('profile_lock')) > time()) && (!isAdmin()) && (getConfig('profile_lock') > 0)) {
  80                         // You cannot change your account
  81                         $content['change'] = loadTemplate('admin_settings_saved', true, '<div class="member_failed">' . getMaskedMessage('MEMBER_PROFILE_LOCKED', generateDateTime($content['last_update'] + getConfig('profile_lock'), 0)) . '</div>');
  82                 } else {
  83                         // He is allowed to change his profile
  84                         $content['change'] = loadTemplate('member_mydata_button', true);
  85                 }
  86
  87                 if (strlen($content['birth_day'])   == 1) $content['birth_day']   = '0' . $content['birth_day'];
  88                 if (strlen($content['birth_month']) == 1) $content['birth_month'] = '0' . $content['birth_month'];
  89
  90                 switch (getLanguage()) {
  91                         case 'de': $content['dob'] = $content['birth_day']   . '.' . $content['birth_month'] . '.' . $content['birth_year']; break;
  92                         default  : $content['dob'] = $content['birth_month'] . '-' . $content['birth_day']   . '-' . $content['birth_year']; break;
  93                 } // END - switch
  94
  95                 if (isExtensionActive('country')) {
  96                         // Load country's description and code
  97                         $content['country'] = generateCountryInfo($content['country_code']);
  98                 } // END - if
  99
 100                 // Load template
 101                 loadTemplate('member_mydata_overview', false, $content);
 102                 break;
 103
 104         case 'edit': // Edit data
 105                 if (isExtensionActive('country', true)) {
 106                         // New way                          0          1            2             3         4       5       6           7            8              9          10         11               12            13
 107                         $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `street_nr`, `country_code`, `zip`, `city`, `email`, `birth_day`, `birth_month`, `birth_year`, `gender`, `max_mails`, `receive_mails`, `last_update`
 108 FROM
 109         `{?_MYSQL_PREFIX?}_user_data`
 110 WHERE
 111         `userid`=%s
 112 LIMIT 1",
 113                         array(getMemberId()), __FILE__, __LINE__);
 114                 } else {
 115                         // Old way                          0          1            2          3       4       5       6           7            8              9          10         11               12            13
 116                         $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `street_nr`, `country`, `zip`, `city`, `email`, `birth_day`, `birth_month`, `birth_year`, `gender`, `max_mails`, `receive_mails`, `last_update`
 117 FROM
 118         `{?_MYSQL_PREFIX?}_user_data`
 119 WHERE
 120         `userid`=%s
 121 LIMIT 1",
 122                                 array(getMemberId()), __FILE__, __LINE__);
 123                 }
 124
 125                 // Get line
 126                 $content = merge_array($content, SQL_FETCHARRAY($result, 0, false));
 127
 128                 // Free result
 129                 SQL_FREERESULT($result);
 130
 131                 $content['update_check'] = $content['last_update'] + getConfig('profile_lock');
 132
 133                 // How far is last change on his profile away from now?
 134                 if (($content['update_check'] > time()) && (!isAdmin()) && (getConfig('profile_lock') > 0)) {
 135                         $content['update_check'] = getMaskedMessage('MEMBER_PROFILE_LOCKED', generateDateTime($content['update_check'] + getConfig('profile_lock'), 0));
 136
 137                         // You cannot change your account
 138                         loadTemplate('admin_settings_saved', false, $content['update_check']);
 139                 } else {
 140                         // He is allowed to change his profile
 141                         foreach (array('gender_m','gender_f','gender_c') as $entry) {
 142                                 $content[$entry] = '';
 143                         } // END - foreach
 144
 145                         $content['gender_' . strtolower($content['gender'])] = ' selected="selected"';
 146                         $content['dob'] = '';
 147
 148                         switch (getLanguage()) {
 149                                 case 'de': // German date format
 150                                         // Day
 151                                         $content['dob'] .= addSelectionBox('day', $content['birth_day']);
 152
 153                                         // Month
 154                                         $content['dob'] .= addSelectionBox('month', $content['birth_month']);
 155
 156                                         // Year
 157                                         $content['dob'] .= addSelectionBox('year', $content['birth_year']);
 158                                         break;
 159
 160                                 default: // Default is the US date format... :)
 161                                         // Month
 162                                         $content['dob'] .= addSelectionBox('month', $content['birth_month']);
 163
 164                                         // Day
 165                                         $content['dob'] .= addSelectionBox('day', $content['birth_day']);
 166
 167                                         // Year
 168                                         $content['dob'] .= addSelectionBox('year', $content['birth_year']);
 169                                         break;
 170                         } // END - if
 171
 172                         $content['max_receive_list'] = addMaxReceiveList('member', $content['max_mails'], true);
 173
 174                         if (isExtensionActive('country')) {
 175                                 // Generate selection box
 176                                 $OUT  = "<select name=\"country_code\" class=\"member_select\" size=\"1\">\n";
 177                                 $whereStatement = "WHERE `is_active`='Y'";
 178                                 if (isAdmin()) $whereStatement = '';
 179                                 $OUT .= generateOptionList('countries', 'id', 'descr', $content['country_code'], 'code', $whereStatement);
 180                                 $OUT .= "</select>";
 181                                 $content['country'] = $OUT;
 182                         } else {
 183                                 // Ouput default input box
 184                                 $content['country'] = '<input type="text" name="cntry" class="member_normal" size="2" maxlength="3" value="' . $content['country'] . '" />';
 185                         }
 186
 187                         // Load template
 188                         loadTemplate('member_mydata_edit', false, $content);
 189                 }
 190                 break;
 191
 192         case 'save': // Save entered data
 193                 // Get line
 194                 $content = merge_array($content, getUserDataArray());
 195
 196                 // Calculate time to check
 197                 $content['update_check'] = $content['last_update'] + getConfig('profile_lock');
 198
 199                 // How far is last change on his profile away from now?
 200                 if (($content['update_check'] > time()) && (!isAdmin()) && (getConfig('profile_lock') > 0)) {
 201                         $content['update_check'] = generateDateTime($content['update_check'] + getConfig('profile_lock'), 0);
 202
 203                         // You cannot change your account
 204                         loadTemplate('admin_settings_saved', false, $content['update_check']);
 205                 } elseif ((!isEmailValid(postRequestParameter('email'))) && (!isAdmin())) {
 206                         // Invalid email address!
 207                         loadTemplate('admin_settings_saved', false, getMessage('INVALID_EMAIL_ENTERED'));
 208                 } else {
 209                         // Generate hash
 210                         $hash = generateHash(postRequestParameter('pass1'), substr($content['password'], 0, -40));
 211                         if ((($hash == $content['password']) || (postRequestParameter('pass1') == postRequestParameter('pass2'))) && (isPostRequestParameterSet('pass1'))) {
 212                                 // Only on simple changes normal mode is active = no email or password changed
 213                                 $mode = 'normal';
 214                                 $AND = '';
 215
 216                                 // Did the user changed the password?
 217                                 if ($hash != $content['password']) {
 218                                         $AND = ", `password`='" . $hash . "'";
 219                                         $mode = 'pass';
 220                                 } // END - if
 221
 222                                 // Or did he changed his password?
 223                                 if (postRequestParameter('email') != $content['email']) {
 224                                         // Jupp
 225                                         if ($mode == 'normal') {
 226                                                 $mode = 'email';
 227                                         } else {
 228                                                 $mode .= ';email';
 229                                         }
 230                                         setPostRequestParameter('old_email', $content['email']);
 231                                 } // END - if
 232
 233                                 // Update member's profile
 234                                 if (isExtensionActive('country')) {
 235                                         // New way
 236                                         SQL_QUERY_ESC("UPDATE
 237         `{?_MYSQL_PREFIX?}_user_data`
 238 SET
 239         `gender`='%s', `surname`='%s', `family`='%s',
 240         `street_nr`='%s',
 241         `country_code`=%s, `zip`=%s, `city`='%s',
 242         `email`='%s',
 243         `birth_day`=%s, `birth_month`=%s, `birth_year`=%s,
 244         `max_mails`='%s',
 245         `last_update`=UNIX_TIMESTAMP()".$AND.",
 246         `notified`='N',
 247         `last_profile_sent`=UNIX_TIMESTAMP()
 248 WHERE
 249         `userid`=%s
 250 LIMIT 1",
 251                                                 array(
 252                                                         postRequestParameter('gender'),
 253                                                         postRequestParameter('surname'),
 254                                                         postRequestParameter('family'),
 255                                                         postRequestParameter('street_nr'),
 256                                                         bigintval(postRequestParameter('country_code')),
 257                                                         bigintval(postRequestParameter('zip')),
 258                                                         postRequestParameter('city'),
 259                                                         postRequestParameter('email'),
 260                                                         bigintval(postRequestParameter('day')),
 261                                                         bigintval(postRequestParameter('month')),
 262                                                         bigintval(postRequestParameter('year')),
 263                                                         bigintval(postRequestParameter('max_mails')),
 264                                                         getMemberId()
 265                                                 ), __FILE__, __LINE__);
 266                                 } else {
 267                                         // Old way
 268                                         SQL_QUERY_ESC("UPDATE
 269         `{?_MYSQL_PREFIX?}_user_data`
 270 SET
 271         `gender`='%s', `surname`='%s', `family`='%s',
 272         `street_nr`='%s',
 273         `country`='%s', `zip`=%s, `city`='%s',
 274         `email`='%s',
 275         `birth_day`=%s, `birth_month`=%s, `birth_year`=%s,
 276         `max_mails`='%s',
 277         `last_update`=UNIX_TIMESTAMP()".$AND.",
 278         `notified`='N',
 279         `last_profile_sent`=UNIX_TIMESTAMP()
 280 WHERE
 281         `userid`=%s
 282 LIMIT 1",
 283                                                 array(
 284                                                         postRequestParameter('gender'),
 285                                                         postRequestParameter('surname'),
 286                                                         postRequestParameter('family'),
 287                                                         postRequestParameter('street_nr'),
 288                                                         postRequestParameter('cntry'),
 289                                                         bigintval(postRequestParameter('zip')),
 290                                                         postRequestParameter('city'),
 291                                                         postRequestParameter('email'),
 292                                                         bigintval(postRequestParameter('day')),
 293                                                         bigintval(postRequestParameter('month')),
 294                                                         bigintval(postRequestParameter('year')),
 295                                                         bigintval(postRequestParameter('max_mails')),
 296                                                         getMemberId()
 297                                                 ), __FILE__, __LINE__);
 298                                 }
 299
 300                                 // Did something change?
 301                                 if (SQL_AFFECTEDROWS() == 1) {
 302                                         // Get all modes ...
 303                                         $modes = explode(';', $mode);
 304
 305                                         // ... and run them through
 306                                         sendModeMails ('mydata', $modes);
 307                                 } else {
 308                                         // Something went wrong
 309                                         loadTemplate('admin_settings_saved', false, getMessage('MEMBER_UPDATE_FAILED'));
 310                                 }
 311                         } else {
 312                                 // Entered wrong pass for updating profile
 313                                 loadTemplate('admin_settings_saved', false, getMessage('MEBER_UPDATE_PWD_WRONG'));
 314                         }
 315                 }
 316                 break;
 317
 318         case 'notify': // Switch off notfication
 319                 SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `notified`='N', `last_update`=UNIX_TIMESTAMP() WHERE `userid`=%s LIMIT 1",
 320                         array(getMemberId()), __FILE__, __LINE__);
 321                 $URL = 'modules.php?module=login&amp;what=welcome&amp;code=' . urlencode(getMessage('PROFILE_UPDATED'));
 322                 break;
 323 } // END - switch
 324
 325 if (!empty($URL)) {
 326         // Load generated URL
 327         redirectToUrl($URL);
 328 } // END - if
 329
 330 // [EOF]
 331 ?>