inc/modules/sponsor/settings.php

   1 <?php
   2 /************************************************************************
   3  * MXChange v0.2.1                                    Start: 10/11/2005 *
   4  * ===============                              Last change: 05/19/2008 *
   5  *                                                                      *
   6  * -------------------------------------------------------------------- *
   7  * File              : settings.php                                     *
   8  * -------------------------------------------------------------------- *
   9  * Short description : Sponsor can manage his settings                  *
  10  * -------------------------------------------------------------------- *
  11  * Kurzbeschreibung  : Der Sponsor kann seine Einstellungen aendern     *
  12  * -------------------------------------------------------------------- *
  13  *                                                                      *
  14  * -------------------------------------------------------------------- *
  15  * Copyleft (c) 2003, 2004, 2005 by Roland Haeder                       *
  16  * For more information visit: http://www.mxchange.org                  *
  17  *                                                                      *
  18  * This program is free software. You can redistribute it and/or modify *
  19  * it under the terms of the GNU General Public License as published by *
  20  * the Free Software Foundation; either version 2 of the License.       *
  21  *                                                                      *
  22  * This program is distributed in the hope that it will be useful,      *
  23  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
  24  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
  25  * GNU General Public License for more details.                         *
  26  *                                                                      *
  27  * You should have received a copy of the GNU General Public License    *
  28  * along with this program; if not, write to the Free Software          *
  29  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
  30  * MA  02110-1301  USA                                                  *
  31  ************************************************************************/
  32
  33 // Some security stuff...
  34 if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
  35         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php";
  36         require($INC);
  37 } elseif ((!EXT_IS_ACTIVE("sponsor")) && (!IS_ADMIN())) {
  38         $FATAL[] = EXTENSION_PROBLEM_EXT_INACTIVE;
  39         return;
  40 } elseif (!IS_SPONSOR()) {
  41         // No sponsor!
  42         $FATAL[] = SPONSOR_ONLY_AREA_ENTERED;
  43         return;
  44 }
  45
  46 // Data for the formular
  47 $result = SQL_QUERY_ESC("SELECT status, receive_warnings, warning_interval, email, surname, family, salut
  48 FROM "._MYSQL_PREFIX."_sponsor_data
  49 WHERE id='%s' AND password='%s' LIMIT 1",
  50  array(bigintval($_COOKIE['sponsorid']), $_COOKIE['sponsorpass']), __FILE__, __LINE__);
  51 if (SQL_NUMROWS($result) == 1) {
  52         // Load sponsor data
  53         $content = SQL_FETCHARRAY($result);
  54         if ($content['status'] == "CONFIRMED") {
  55                 // Check if form was submitted or not
  56                 if (!empty($_POST['ok'])) {
  57                         // Check passwords
  58                         if (empty($_POST['password'])) {
  59                                 // No current password entered
  60                                 $MSG = SPONSOR_NO_CURRENT_PASSWORD_ENTERED;
  61                         } elseif (md5($_POST['password']) != $_COOKIE['sponsorpass']) {
  62                                 // Entered password didn't match password in DB
  63                                 $MSG = SPONSOR_CURRENT_PASSWORD_DIDNOT_MATCH_DB;
  64                         } else {
  65                                 // Unsecure data which we don't want here
  66                                 $UNSAFE = array('company', 'position', 'tax_ident', 'salut', 'surname', 'family',
  67                                                 'street_nr1', 'street_nr2', 'zip', 'city', 'country', 'phone', 'fax', 'cell',
  68                                                 'email', 'url');
  69
  70                                 // Remove all (maybe spoofed) unsafe data from array
  71                                 foreach ($UNSAFE as $remove) {
  72                                         unset($_POST[$remove]);
  73                                 }
  74
  75                                 // Set last change timestamp
  76                                 $_POST['last_change'] = time();
  77
  78                                 // Save data
  79                                 $MSG = SPONSOR_SAVE_DATA($_POST, $content);
  80                         }
  81
  82                         if (!empty($MSG)) {
  83                                 // Output message
  84                                 $OUT = LOAD_TEMPLATE("admin_settings_saved", true, $MSG);
  85                         } else {
  86                                 // No message generated
  87                                 $OUT = LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_NO_MESSAGE_GENERATED);
  88                         }
  89                 } else {
  90                         // Make yes/no selection
  91                         switch ($content['receive_warnings']) {
  92                                 case "Y": define('__YES', " checked"); define('__NO', "");         break;
  93                                 case "N": define('__YES', "");         define('__NO', " checked"); break;
  94                         }
  95
  96                         // Translate current interval into fancy string
  97                         define('__CURRENT', CREATE_FANCY_TIME($content['warning_interval']));
  98
  99                         // Output formular
 100                         $OUT = LOAD_TEMPLATE("sponsor_settings_form", true, $content);
 101                 }
 102         } else {
 103                 // Locked or so?
 104                 $STATUS = SPONSOR_TRANSLATE_STATUS($content['status']);
 105                 $OUT = LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_ACCOUNT_FAILED_1.$STATUS.SPONSOR_ACCOUNT_FAILED_2);
 106         }
 107 } else {
 108         // Sponsor account not found!
 109         $OUT = LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_ACCOUNT_404_1.$_COOKIE['sponsorid'].SPONSOR_ACCOUNT_404_2);
 110 }
 111
 112 // Free memory
 113 SQL_FREERESULT($result);
 114
 115 //
 116 ?>