1052d83b0cddc4294bbc01baea1311c9c600608d
[mailer.git] / inc / modules / sponsor / account.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 09/30/2005 *
4  * ===============                              Last change: 05/19/2008 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : account.php                                      *
8  * -------------------------------------------------------------------- *
9  * Short description : Sponsor can manage his account                   *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Der Sponsor kann sein Account verwalten          *
12  * -------------------------------------------------------------------- *
13  * $Revision::                                                        $ *
14  * $Date::                                                            $ *
15  * $Tag:: 0.2.1-FINAL                                                 $ *
16  * $Author::                                                          $ *
17  * Needs to be in all Files and every File needs "svn propset           *
18  * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
19  * -------------------------------------------------------------------- *
20  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
21  * For more information visit: http://www.mxchange.org                  *
22  *                                                                      *
23  * This program is free software. You can redistribute it and/or modify *
24  * it under the terms of the GNU General Public License as published by *
25  * the Free Software Foundation; either version 2 of the License.       *
26  *                                                                      *
27  * This program is distributed in the hope that it will be useful,      *
28  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
29  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
30  * GNU General Public License for more details.                         *
31  *                                                                      *
32  * You should have received a copy of the GNU General Public License    *
33  * along with this program; if not, write to the Free Software          *
34  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
35  * MA  02110-1301  USA                                                  *
36  ************************************************************************/
37
38 // Some security stuff...
39 if (!defined('__SECURITY')) {
40         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php';
41         require($INC);
42 } elseif (!EXT_IS_ACTIVE('sponsor')) {
43         addFatalMessage(__FILE__, __LINE__, generateExtensionInactiveNotInstalledMessage('sponsor'));
44         return;
45 } elseif (!IS_SPONSOR()) {
46         // No sponsor!
47         addFatalMessage(__FILE__, __LINE__, getMessage('SPONSOR_ONLY_AREA_ENTERED'));
48         return;
49 }
50
51 // Data for the formular
52 $result = SQL_QUERY_ESC("SELECT company, position, tax_ident,
53 gender, surname, family, street_nr1, street_nr2, zip, city, country,
54 phone, fax, cell, email, url,
55 status, receive_warnings
56 FROM `{!_MYSQL_PREFIX!}_sponsor_data`
57 WHERE `id`='%s' AND password='%s' LIMIT 1",
58 array(bigintval(getSession('sponsorid')), getSession('sponsorpass')), __FILE__, __LINE__);
59
60 // Entry found?
61 if (SQL_NUMROWS($result) == 1) {
62         // Load sponsor data
63         $content = SQL_FETCHARRAY($result);
64         if ($content['status'] == 'CONFIRMED') {
65                 // Check if form was submitted or not
66                 if (isFormSent()) {
67                         // Check passwords
68                         if (!REQUEST_ISSET_POST(('pass_old'))) {
69                                 // No current password entered
70                                 $message = getMessage('SPONSOR_NO_CURRENT_PASSWORD_ENTERED');
71                         } elseif (md5(REQUEST_POST('pass_old')) != getSession('sponsorpass')) {
72                                 // Entered password didn't match password in DB
73                                 $message = getMessage('SPONSOR_CURRENT_PASSWORD_DIDNOT_MATCH_DB');
74                         } elseif ((REQUEST_ISSET_POST(('pass1'))) && (REQUEST_ISSET_POST(('pass2'))) && (REQUEST_POST('pass1') != REQUEST_POST('pass2'))) {
75                                 // Both new passwords did not match
76                                 $message = getMessage('SPONSOR_BOTH_NEW_PASSWORDS_DIDNOT_MATCH');
77                         } elseif ((!REQUEST_ISSET_POST(('pass1'))) && (REQUEST_ISSET_POST(('pass2')))) {
78                                 // No password one entered
79                                 $message = getMessage('SPONSOR_PASSWORD_ONE_EMPTY');
80                         } elseif ((REQUEST_ISSET_POST(('pass1'))) && (!REQUEST_ISSET_POST(('pass2')))) {
81                                 // No password two entered
82                                 $message = getMessage('SPONSOR_PASSWORD_TWO_EMPTY');
83                         } elseif ((REQUEST_ISSET_POST(('pass1'))) && (strlen(REQUEST_POST('pass1')) < getConfig('pass_len'))) {
84                                 // Too short password
85                                 $message = sprintf(getMessage('SPONSOR_PASSWORD_TOO_SHORT'), getConfig('pass_len'));
86                         } else {
87                                 // Default is we don't want to change password!
88                                 $PASS_AND = ''; $PASS_DATA = '';
89
90                                 // Check if we want to change password or not
91                                 if ((REQUEST_POST('pass1') == REQUEST_POST('pass2')) && (REQUEST_ISSET_POST(('pass1'))) && (REQUEST_POST('pass1') != REQUEST_POST('pass_old'))) {
92                                         // Change current password
93                                         $PASS_AND  = ", password='%s'";
94                                         $PASS_DATA = md5(REQUEST_POST('pass1'));
95                                 }
96
97                                 // Unsecure data which we don't want here
98                                 $UNSAFE = array('receive_warnings', 'warning_interval');
99
100                                 // Remove all (maybe spoofed) unsafe data from array
101                                 foreach ($UNSAFE as $remove) {
102                                         REQUEST_UNSET_POST($remove);
103                                 }
104
105                                 // Set last change timestamp
106                                 REQUEST_SET_POST('last_change', "UNIX_TIMESTAMP()");
107
108                                 // Save data
109                                 $message = SPONSOR_SAVE_DATA(REQUEST_POST_ARRAY(), $content);
110                         }
111
112                         if (!empty($message)) {
113                                 // Output message
114                                 $OUT = LOAD_TEMPLATE('admin_settings_saved', true, $message);
115                         } else {
116                                 // No message generated
117                                 $OUT = LOAD_TEMPLATE('admin_settings_saved', true, getMessage('SPONSOR_NO_MESSAGE_GENERATED'));
118                         }
119                 } else {
120                         // Check for gender selection
121                         switch ($content['gender'])
122                         {
123                                 case "M": // Male
124                                         define('__GENDER_M', ' selected="selected"');
125                                         define('__GENDER_F', '');
126                                         define('__GENDER_C', '');
127                                         break;
128
129                                 case "F": // Female
130                                         define('__GENDER_M', '');
131                                         define('__GENDER_F', ' selected="selected"');
132                                         define('__GENDER_C', '');
133                                         break;
134
135                                 case "C": // Company
136                                         define('__GENDER_M', '');
137                                         define('__GENDER_F', '');
138                                         define('__GENDER_C', ' selected="selected"');
139                                         break;
140                         }
141
142                         // Output formular
143                         $OUT = LOAD_TEMPLATE("sponsor_account_form", true, $content);
144                 }
145         } else {
146                 // Locked or so?
147                 $STATUS = sponsorTranslateUserStatus($content['status']);
148                 $OUT = LOAD_TEMPLATE('admin_settings_saved', true, sprintf(getMessage('SPONSOR_ACCOUNT_FAILED'), $STATUS));
149         }
150 } else {
151         // Sponsor account not found!
152         $OUT = LOAD_TEMPLATE('admin_settings_saved', true, sprintf(getMessage('SPONSOR_ACCOUNT_404'), getSession('sponsorid')));
153 }
154
155 // Free memory
156 SQL_FREERESULT($result);
157
158 //
159 ?>