0d46ecf1296fc3cc5fef1a417c075520beb53472
[mailer.git] / inc / modules / sponsor / settings.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 10/11/2005 *
4  * ===============                              Last change: 05/19/2008 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : settings.php                                     *
8  * -------------------------------------------------------------------- *
9  * Short description : Sponsor can manage his settings                  *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Der Sponsor kann seine Einstellungen aendern     *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software. You can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License.       *
21  *                                                                      *
22  * This program is distributed in the hope that it will be useful,      *
23  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
24  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
25  * GNU General Public License for more details.                         *
26  *                                                                      *
27  * You should have received a copy of the GNU General Public License    *
28  * along with this program; if not, write to the Free Software          *
29  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
30  * MA  02110-1301  USA                                                  *
31  ************************************************************************/
32
33 // Some security stuff...
34 if (!defined('__SECURITY')) {
35         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php";
36         require($INC);
37 } elseif ((!EXT_IS_ACTIVE("sponsor"))
38         ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE);
39         return;
40 } elseif (!IS_SPONSOR()) {
41         // No sponsor!
42         ADD_FATAL(SPONSOR_ONLY_AREA_ENTERED);
43         return;
44 }
45
46 // Data for the formular
47 $result = SQL_QUERY_ESC("SELECT status, receive_warnings, warning_interval, email, surname, family, gender
48 FROM "._MYSQL_PREFIX."_sponsor_data
49 WHERE id='%s' AND password='%s' LIMIT 1",
50  array(bigintval(get_session('sponsorid')), get_session('sponsorpass')), __FILE__, __LINE__);
51 if (SQL_NUMROWS($result) == 1) {
52         // Load sponsor data
53         $content = SQL_FETCHARRAY($result);
54         if ($content['status'] == "CONFIRMED") {
55                 // Check if form was submitted or not
56                 if (!empty($_POST['ok'])) {
57                         // Check passwords
58                         if (empty($_POST['password'])) {
59                                 // No current password entered
60                                 $MSG = SPONSOR_NO_CURRENT_PASSWORD_ENTERED;
61                         } elseif (md5($_POST['password']) != get_session('sponsorpass')) {
62                                 // Entered password didn't match password in DB
63                                 $MSG = SPONSOR_CURRENT_PASSWORD_DIDNOT_MATCH_DB;
64                         } else {
65                                 // Unsecure data which we don't want here
66                                 $UNSAFE = array('company', 'position', 'tax_ident', 'gender', 'surname', 'family',
67                                                 'street_nr1', 'street_nr2', 'zip', 'city', 'country', 'phone', 'fax', 'cell',
68                                                 'email', 'url');
69
70                                 // Remove all (maybe spoofed) unsafe data from array
71                                 foreach ($UNSAFE as $remove) {
72                                         unset($_POST[$remove]);
73                                 }
74
75                                 // Set last change timestamp
76                                 $_POST['last_change'] = time();
77
78                                 // Save data
79                                 $MSG = SPONSOR_SAVE_DATA($_POST, $content);
80                         }
81
82                         if (!empty($MSG)) {
83                                 // Output message
84                                 $OUT = LOAD_TEMPLATE("admin_settings_saved", true, $MSG);
85                         } else {
86                                 // No message generated
87                                 $OUT = LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_NO_MESSAGE_GENERATED);
88                         }
89                 } else {
90                         // Make yes/no selection
91                         switch ($content['receive_warnings']) {
92                                 case "Y":
93                                         define('__YES', " checked=\"checked\"");
94                                         define('__NO', "");
95                                         break;
96
97                                 case "N":
98                                         define('__YES', "");
99                                         define('__NO', " checked=\"checked\"");
100                                         break;
101                         }
102
103                         // Translate current interval into fancy string
104                         define('__CURRENT', CREATE_FANCY_TIME($content['warning_interval']));
105
106                         // Output formular
107                         $OUT = LOAD_TEMPLATE("sponsor_settings_form", true, $content);
108                 }
109         } else {
110                 // Locked or so?
111                 $STATUS = SPONSOR_TRANSLATE_STATUS($content['status']);
112                 $OUT = LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_ACCOUNT_FAILED_1.$STATUS.SPONSOR_ACCOUNT_FAILED_2);
113         }
114 } else {
115         // Sponsor account not found!
116         $OUT = LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_ACCOUNT_404_1.get_session('sponsorid').SPONSOR_ACCOUNT_404_2);
117 }
118
119 // Free memory
120 SQL_FREERESULT($result);
121
122 //
123 ?>