Functions imported, some dev-scripts added
[mailer.git] / inc / modules / sponsor / account.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 09/30/2005 *
4  * ===============                              Last change: 05/19/2008 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : account.php                                      *
8  * -------------------------------------------------------------------- *
9  * Short description : Sponsor can manage his account                   *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Der Sponsor kann sein Account verwalten          *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software. You can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License.       *
21  *                                                                      *
22  * This program is distributed in the hope that it will be useful,      *
23  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
24  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
25  * GNU General Public License for more details.                         *
26  *                                                                      *
27  * You should have received a copy of the GNU General Public License    *
28  * along with this program; if not, write to the Free Software          *
29  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
30  * MA  02110-1301  USA                                                  *
31  ************************************************************************/
32
33 // Some security stuff...
34 if (!defined('__SECURITY')) {
35         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php";
36         require($INC);
37 } elseif ((!EXT_IS_ACTIVE("sponsor"))
38         addFatalMessage(getMessage('EXTENSION_PROBLEM_EXT_INACTIVE'), "sponsor");
39         return;
40 } elseif (!IS_SPONSOR()) {
41         // No sponsor!
42         addFatalMessage(getMessage('SPONSOR_ONLY_AREA_ENTERED'));
43         return;
44 }
45
46 // Data for the formular
47 $result = SQL_QUERY_ESC("SELECT company, position, tax_ident,
48 gender, surname, family, street_nr1, street_nr2, zip, city, country,
49 phone, fax, cell, email, url,
50 status, receive_warnings
51 FROM `{!_MYSQL_PREFIX!}_sponsor_data`
52 WHERE id='%s' AND password='%s' LIMIT 1",
53         array(bigintval(get_session('sponsorid')), get_session('sponsorpass')), __FILE__, __LINE__);
54
55 // Entry found?
56 if (SQL_NUMROWS($result) == 1) {
57         // Load sponsor data
58         $content = SQL_FETCHARRAY($result);
59         if ($content['status'] == "CONFIRMED") {
60                 // Check if form was submitted or not
61                 if (!empty($_POST['ok'])) {
62                         // Check passwords
63                         if (empty($_POST['pass_old'])) {
64                                 // No current password entered
65                                 $MSG = getMessage('SPONSOR_NO_CURRENT_PASSWORD_ENTERED');
66                         } elseif (md5($_POST['pass_old']) != get_session('sponsorpass')) {
67                                 // Entered password didn't match password in DB
68                                 $MSG = getMessage('SPONSOR_CURRENT_PASSWORD_DIDNOT_MATCH_DB');
69                         } elseif ((!empty($_POST['pass1'])) && (!empty($_POST['pass2'])) && ($_POST['pass1'] != $_POST['pass2'])) {
70                                 // Both new passwords did not match
71                                 $MSG = getMessage('SPONSOR_BOTH_NEW_PASSWORDS_DIDNOT_MATCH');
72                         } elseif ((empty($_POST['pass1'])) && (!empty($_POST['pass2']))) {
73                                 // No password one entered
74                                 $MSG = getMessage('SPONSOR_PASSWORD_ONE_EMPTY');
75                         } elseif ((!empty($_POST['pass1'])) && (empty($_POST['pass2']))) {
76                                 // No password two entered
77                                 $MSG = getMessage('SPONSOR_PASSWORD_TWO_EMPTY');
78                         } elseif ((!empty($_POST['pass1'])) && (strlen($_POST['pass1']) < getConfig('pass_len'))) {
79                                 // Too short password
80                                 $MSG = sprintf(getMessage('SPONSOR_PASSWORD_TOO_SHORT'), getConfig('pass_len'));
81                         } else {
82                                 // Default is we don't want to change password!
83                                 $PASS_AND = ""; $PASS_DATA = "";
84
85                                 // Check if we want to change password or not
86                                 if (($_POST['pass1'] == $_POST['pass2']) && (!empty($_POST['pass1'])) && ($_POST['pass1'] != $_POST['pass_old'])) {
87                                         // Change current password
88                                         $PASS_AND  = ", password='%s'";
89                                         $PASS_DATA = md5($_POST['pass1']);
90                                 }
91
92                                 // Unsecure data which we don't want here
93                                         $UNSAFE = array('receive_warnings', 'warning_interval');
94
95                                 // Remove all (maybe spoofed) unsafe data from array
96                                 foreach ($UNSAFE as $remove) {
97                                         unset($_POST[$remove]);
98                                 }
99
100                                 // Set last change timestamp
101                                 $_POST['last_change'] = time();
102
103                                 // Save data
104                                 $MSG = SPONSOR_SAVE_DATA($_POST, $content);
105                         }
106
107                         if (!empty($MSG)) {
108                                 // Output message
109                                 $OUT = LOAD_TEMPLATE("admin_settings_saved", true, $MSG);
110                         } else {
111                                 // No message generated
112                                 $OUT = LOAD_TEMPLATE("admin_settings_saved", true, getMessage('SPONSOR_NO_MESSAGE_GENERATED'));
113                         }
114                 } else {
115                         // Check for gender selection
116                         switch ($content['gender'])
117                         {
118                         case "M": // Male
119                                 define('__GENDER_M', " selected=\"selected\"");
120                                 define('__GENDER_F', "");
121                                 define('__GENDER_C', "");
122                                 break;
123
124                         case "F": // Female
125                                 define('__GENDER_M', "");
126                                 define('__GENDER_F', " selected=\"selected\"");
127                                 define('__GENDER_C', "");
128                                 break;
129
130                         case "C": // Company
131                                 define('__GENDER_M', "");
132                                 define('__GENDER_F', "");
133                                 define('__GENDER_C', " selected=\"selected\"");
134                                 break;
135                         }
136
137                         // Output formular
138                         $OUT = LOAD_TEMPLATE("sponsor_account_form", true, $content);
139                 }
140         } else {
141                 // Locked or so?
142                 $STATUS = SPONSOR_TRANSLATE_STATUS($content['status']);
143                 $OUT = LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_ACCOUNT_FAILED_1.$STATUS.SPONSOR_ACCOUNT_FAILED_2);
144         }
145 } else {
146         // Sponsor account not found!
147         $OUT = LOAD_TEMPLATE("admin_settings_saved", true, sprintf(getMessage('SPONSOR_ACCOUNT_404'), get_session('sponsorid')));
148 }
149
150 // Free memory
151 SQL_FREERESULT($result);
152
153 //
154 ?>