inc/modules/member/what-mydata.php

   1 <?php
   2 /************************************************************************
   3  * Mailer v0.2.1-FINAL                                Start: 10/16/2003 *
   4  * ===================                          Last change: 06/30/2004 *
   5  *                                                                      *
   6  * -------------------------------------------------------------------- *
   7  * File              : what-mydata.php                                  *
   8  * -------------------------------------------------------------------- *
   9  * Short description : Members can edit their profile data here         *
  10  * -------------------------------------------------------------------- *
  11  * Kurzbeschreibung  : Mitglieder koennen hier ihre Profildaten aendern *
  12  * -------------------------------------------------------------------- *
  13  * $Revision::                                                        $ *
  14  * $Date::                                                            $ *
  15  * $Tag:: 0.2.1-FINAL                                                 $ *
  16  * $Author::                                                          $ *
  17  * -------------------------------------------------------------------- *
  18  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
  19  * Copyright (c) 2009 - 2012 by Mailer Developer Team                   *
  20  * For more information visit: http://mxchange.org                      *
  21  *                                                                      *
  22  * This program is free software; you can redistribute it and/or modify *
  23  * it under the terms of the GNU General Public License as published by *
  24  * the Free Software Foundation; either version 2 of the License, or    *
  25  * (at your option) any later version.                                  *
  26  *                                                                      *
  27  * This program is distributed in the hope that it will be useful,      *
  28  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
  29  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
  30  * GNU General Public License for more details.                         *
  31  *                                                                      *
  32  * You should have received a copy of the GNU General Public License    *
  33  * along with this program; if not, write to the Free Software          *
  34  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
  35  * MA  02110-1301  USA                                                  *
  36  ************************************************************************/
  37
  38 // Some security stuff...
  39 if (!defined('__SECURITY')) {
  40         exit();
  41 } elseif (!isMember()) {
  42         redirectToIndexMemberOnlyModule();
  43 }
  44
  45 // Add description as navigation point
  46 addYouAreHereLink('member', __FILE__);
  47
  48 if ((!isExtensionActive('mydata')) && (!isAdmin())) {
  49         displayMessage('{%pipe,generateExtensionInactiveNotInstalledMessage=mydata%}');
  50         return;
  51 } // END - if
  52
  53 // Add userid
  54 $content = array();
  55
  56 // Init variable to prevent notices
  57 $url = '';
  58
  59 // Detect what the member wants to do
  60 $mode = 'show'; // Show his data
  61 if (isPostRequestElementSet('save'))   $mode = 'save';   // Save entered data
  62 if (isFormSent('edit'))   $mode = 'edit';   // Edit data
  63 if (isPostRequestElementSet('notify')) $mode = 'notify'; // Switch off notification
  64
  65 switch ($mode) {
  66         case 'show': // Show his data
  67                 // Get line
  68                 $content = merge_array($content, getUserDataArray());
  69
  70                 // Translate some things
  71                 $content['last_update'] = generateDateTime($content['last_update'], 0);
  72
  73                 // How far is last change on his profile away from now?
  74                 if ((($content['last_update'] + getProfileLock()) > time()) && (!isAdmin()) && (getProfileLock() > 0)) {
  75                         // You cannot change your account
  76                         $content['change'] = displayMessage('<div class="notice">{%message,MEMBER_PROFILE_LOCKED=' . generateDateTime($content['last_update'] + getProfileLock(), 0) . '%}</div>', true);
  77                 } else {
  78                         // He is allowed to change his profile
  79                         $content['change'] = loadTemplate('member_mydata_button', true);
  80                 }
  81
  82                 if (strlen($content['birth_day'])   == 1) $content['birth_day']   = '0' . $content['birth_day'];
  83                 if (strlen($content['birth_month']) == 1) $content['birth_month'] = '0' . $content['birth_month'];
  84
  85                 switch (getLanguage()) {
  86                         case 'de': $content['dob'] = $content['birth_day']   . '.' . $content['birth_month'] . '.' . $content['birth_year']; break;
  87                         default  : $content['dob'] = $content['birth_month'] . '-' . $content['birth_day']   . '-' . $content['birth_year']; break;
  88                 } // END - switch
  89
  90                 if (isExtensionActive('country')) {
  91                         // Load country's description and code
  92                         $content['country'] = generateCountryInfo($content['country_code']);
  93                 } // END - if
  94
  95                 // Load template
  96                 loadTemplate('member_mydata_overview', false, $content);
  97                 break;
  98
  99         case 'edit': // Edit data
 100                 if (isExtensionActive('country', true)) {
 101                         // New way
 102                         $result = SQL_QUERY_ESC("SELECT
 103         `surname`,
 104         `family`,
 105         `street_nr`,
 106         `country_code`,
 107         `zip`,
 108         `city`,
 109         `email`,
 110         `birth_day`,
 111         `birth_month`,
 112         `birth_year`,
 113         `gender`,
 114         `max_mails`,
 115         `receive_mails`,
 116         `last_update`
 117 FROM
 118         `{?_MYSQL_PREFIX?}_user_data`
 119 WHERE
 120         `userid`=%s
 121 LIMIT 1",
 122                         array(getMemberId()), __FILE__, __LINE__);
 123                 } else {
 124                         // Old way
 125                         $result = SQL_QUERY_ESC("SELECT
 126         `surname`,
 127         `family`,
 128         `street_nr`,
 129         `country`,
 130         `zip`,
 131         `city`,
 132         `email`,
 133         `birth_day`,
 134         `birth_month`,
 135         `birth_year`,
 136         `gender`,
 137         `max_mails`,
 138         `receive_mails`,
 139         `last_update`
 140 FROM
 141         `{?_MYSQL_PREFIX?}_user_data`
 142 WHERE
 143         `userid`=%s
 144 LIMIT 1",
 145                                 array(getMemberId()), __FILE__, __LINE__);
 146                 }
 147
 148                 // Get line
 149                 $content = merge_array($content, SQL_FETCHARRAY($result));
 150
 151                 // Free result
 152                 SQL_FREERESULT($result);
 153
 154                 $content['update_check'] = $content['last_update'] + getProfileLock();
 155
 156                 // How far is last change on his profile away from now?
 157                 if (($content['update_check'] > time()) && (!isAdmin()) && (getProfileLock() > 0)) {
 158                         // Profile is locked, so output propper message
 159                         $content['update_check'] = '{%message,MEMBER_PROFILE_LOCKED=' . generateDateTime($content['update_check'] + getProfileLock(), '0') . '%}';
 160
 161                         // You cannot change your account
 162                         displayMessage($content['update_check']);
 163                 } else {
 164                         // Init elements
 165                         $content['dob'] = '';
 166
 167                         switch (getLanguage()) {
 168                                 case 'de': // German date format
 169                                         // Day
 170                                         $content['dob'] .= addSelectionBox('day', $content['birth_day']);
 171
 172                                         // Month
 173                                         $content['dob'] .= addSelectionBox('month', $content['birth_month']);
 174
 175                                         // Year
 176                                         $content['dob'] .= addSelectionBox('year', $content['birth_year']);
 177                                         break;
 178
 179                                 default: // Default is the US date format... :)
 180                                         // Month
 181                                         $content['dob'] .= addSelectionBox('month', $content['birth_month']);
 182
 183                                         // Day
 184                                         $content['dob'] .= addSelectionBox('day', $content['birth_day']);
 185
 186                                         // Year
 187                                         $content['dob'] .= addSelectionBox('year', $content['birth_year']);
 188                                         break;
 189                         } // END - if
 190
 191                         $content['max_receive_list'] = addMaxReceiveList('member', $content['max_mails']);
 192
 193                         if (isExtensionActive('country')) {
 194                                 // Init WHERE statement
 195                                 $whereStatement = "WHERE `is_active`='Y'";
 196                                 if (isAdmin()) $whereStatement = '';
 197
 198                                 // Generate selection box
 199                                 $OUT  = '<select name="country_code" class="form_select" size="1">';
 200                                 $OUT .= generateOptions('countries', 'id', 'descr', $content['country_code'], 'code', $whereStatement);
 201                                 $OUT .= '</select>';
 202                                 $content['country'] = $OUT;
 203                         } else {
 204                                 // Ouput default input box
 205                                 $content['country'] = '<input type="text" name="cntry" class="form_field" size="2" maxlength="3" value="' . $content['country'] . '" />';
 206                         }
 207
 208                         // Load template
 209                         loadTemplate('member_mydata_edit', false, $content);
 210                 }
 211                 break;
 212
 213         case 'save': // Save entered data
 214                 // Get line
 215                 $content = merge_array($content, getUserDataArray());
 216
 217                 // Calculate time to check
 218                 $content['update_check'] = $content['last_update'] + getProfileLock();
 219
 220                 // How far is last change on his profile away from now?
 221                 if (($content['update_check'] > time()) && (!isAdmin()) && (getProfileLock() > 0)) {
 222                         // You cannot change your account
 223                         $content['update_check'] = generateDateTime($content['update_check'] + getProfileLock(), 0);
 224
 225                         displayMessage($content['update_check']);
 226                 } elseif ((!isEmailValid(postRequestElement('email'))) && (!isAdmin())) {
 227                         // Invalid email address!
 228                         displayMessage('{--INVALID_EMAIL_ENTERED--}');
 229                 } elseif ((isEmailTaken(postRequestElement('email'))) && (isCheckDoubleEmailEnabled()) && (!isAdmin())) {
 230                         // Email address is already registered
 231                         displayMessage('{--MEMBER_EMAIL_IS_ALREADY_REGISTERED--}');
 232                 } else {
 233                         // Generate hash
 234                         $hash = generateHash(postRequestElement('pass1'), substr($content['password'], 0, -40));
 235                         if ((($hash == $content['password']) || (postRequestElement('pass1') == postRequestElement('pass2'))) && (isPostRequestElementSet('pass1'))) {
 236                                 // Only on simple changes normal mode is active = no email or password changed
 237                                 $mode = 'normal';
 238                                 $AND = '';
 239
 240                                 // Did the user changed the password?
 241                                 if ($hash != $content['password']) {
 242                                         $AND = ",`password`='" . $hash . "'";
 243                                         $mode = 'password';
 244                                 } // END - if
 245
 246                                 // Or did he changed his password?
 247                                 if (postRequestElement('email') != $content['email']) {
 248                                         // Jupp
 249                                         if ($mode == 'normal') {
 250                                                 $mode = 'email';
 251                                         } else {
 252                                                 $mode .= ';email';
 253                                         }
 254                                         setPostRequestElement('old_email', $content['email']);
 255                                 } // END - if
 256
 257                                 // Update member's profile
 258                                 if (isExtensionActive('country')) {
 259                                         // New way
 260                                         SQL_QUERY_ESC("UPDATE
 261         `{?_MYSQL_PREFIX?}_user_data`
 262 SET
 263         `gender`='%s',
 264         `surname`='%s',
 265         `family`='%s',
 266         `street_nr`='%s',
 267         `country_code`=%s,
 268         `zip`=%s,
 269         `city`='%s',
 270         `email`='%s',
 271         `birth_day`=%s,
 272         `birth_month`=%s,
 273         `birth_year`=%s,
 274         `max_mails`='%s',
 275         `last_update`=UNIX_TIMESTAMP()".$AND.",
 276         `notified`='N',
 277         `last_profile_sent`=UNIX_TIMESTAMP()
 278 WHERE
 279         `userid`=%s
 280 LIMIT 1",
 281                                                 array(
 282                                                         postRequestElement('gender'),
 283                                                         postRequestElement('surname'),
 284                                                         postRequestElement('family'),
 285                                                         postRequestElement('street_nr'),
 286                                                         bigintval(postRequestElement('country_code')),
 287                                                         bigintval(postRequestElement('zip')),
 288                                                         postRequestElement('city'),
 289                                                         postRequestElement('email'),
 290                                                         bigintval(postRequestElement('day')),
 291                                                         bigintval(postRequestElement('month')),
 292                                                         bigintval(postRequestElement('year')),
 293                                                         bigintval(postRequestElement('max_mails')),
 294                                                         getMemberId()
 295                                                 ), __FILE__, __LINE__);
 296                                 } else {
 297                                         // Old way
 298                                         SQL_QUERY_ESC("UPDATE
 299         `{?_MYSQL_PREFIX?}_user_data`
 300 SET
 301         `gender`='%s',
 302         `surname`='%s',
 303         `family`='%s',
 304         `street_nr`='%s',
 305         `country`='%s',
 306         `zip`=%s,
 307         `city`='%s',
 308         `email`='%s',
 309         `birth_day`=%s,
 310         `birth_month`=%s,
 311         `birth_year`=%s,
 312         `max_mails`='%s',
 313         `last_update`=UNIX_TIMESTAMP()".$AND.",
 314         `notified`='N',
 315         `last_profile_sent`=UNIX_TIMESTAMP()
 316 WHERE
 317         `userid`=%s
 318 LIMIT 1",
 319                                                 array(
 320                                                         postRequestElement('gender'),
 321                                                         postRequestElement('surname'),
 322                                                         postRequestElement('family'),
 323                                                         postRequestElement('street_nr'),
 324                                                         postRequestElement('cntry'),
 325                                                         bigintval(postRequestElement('zip')),
 326                                                         postRequestElement('city'),
 327                                                         postRequestElement('email'),
 328                                                         bigintval(postRequestElement('day')),
 329                                                         bigintval(postRequestElement('month')),
 330                                                         bigintval(postRequestElement('year')),
 331                                                         bigintval(postRequestElement('max_mails')),
 332                                                         getMemberId()
 333                                                 ), __FILE__, __LINE__);
 334                                 }
 335
 336                                 // Did something change?
 337                                 if (!SQL_HASZEROAFFECTED()) {
 338                                         // Get all modes ...
 339                                         $modes = explode(';', $mode);
 340
 341                                         // ... and run them through
 342                                         sendModeMails ('mydata', $modes);
 343                                 } else {
 344                                         // Something went wrong
 345                                         displayMessage('{--MEMBER_UPDATE_FAILED--}');
 346                                 }
 347                         } else {
 348                                 // Entered wrong pass for updating profile
 349                                 displayMessage('{--MEBER_UPDATE_PWD_WRONG--}');
 350                         }
 351                 }
 352                 break;
 353
 354         case 'notify': // Switch off notfication
 355                 SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `notified`='N',`last_update`=UNIX_TIMESTAMP() WHERE `userid`=%s LIMIT 1",
 356                         array(getMemberId()), __FILE__, __LINE__);
 357                 $url = 'modules.php?module=login&amp;what=mydata&amp;code=' . getCode('PROFILE_UPDATED');
 358                 break;
 359 } // END - switch
 360
 361 if (!empty($url)) {
 362         // Load generated URL
 363         redirectToUrl($url);
 364 } // END - if
 365
 366 // [EOF]
 367 ?>