Even more rewrites/fixes from EL branch (please report any broken part after you...
[mailer.git] / inc / modules / sponsor / settings.php
1 <?php
2 /************************************************************************
3  * Mailer v0.2.1-FINAL                                Start: 10/11/2005 *
4  * ===================                          Last change: 05/19/2008 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : settings.php                                     *
8  * -------------------------------------------------------------------- *
9  * Short description : Sponsor can manage his settings                  *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Der Sponsor kann seine Einstellungen aendern     *
12  * -------------------------------------------------------------------- *
13  * $Revision::                                                        $ *
14  * $Date::                                                            $ *
15  * $Tag:: 0.2.1-FINAL                                                 $ *
16  * $Author::                                                          $ *
17  * Needs to be in all Files and every File needs "svn propset           *
18  * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
19  * -------------------------------------------------------------------- *
20  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
21  * Copyright (c) 2009, 2010 by Mailer Developer Team                    *
22  * For more information visit: http://www.mxchange.org                  *
23  *                                                                      *
24  * This program is free software; you can redistribute it and/or modify *
25  * it under the terms of the GNU General Public License as published by *
26  * the Free Software Foundation; either version 2 of the License, or    *
27  * (at your option) any later version.                                  *
28  *                                                                      *
29  * This program is distributed in the hope that it will be useful,      *
30  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
31  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
32  * GNU General Public License for more details.                         *
33  *                                                                      *
34  * You should have received a copy of the GNU General Public License    *
35  * along with this program; if not, write to the Free Software          *
36  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
37  * MA  02110-1301  USA                                                  *
38  ************************************************************************/
39
40 // Some security stuff...
41 if (!defined('__SECURITY')) {
42         die();
43 } elseif (!isExtensionActive('sponsor')) {
44         loadTemplate('admin_settings_saved', false, generateExtensionInactiveNotInstalledMessage('sponsor'));
45         return;
46 } elseif (!isSponsor()) {
47         // No sponsor!
48         addFatalMessage(__FILE__, __LINE__, getMessage('SPONSOR_ONLY_AREA_ENTERED'));
49         return;
50 }
51
52 // Init message
53 $message = '';
54
55 // Data for the formular
56 $result = SQL_QUERY_ESC("SELECT
57         `status`, `receive_warnings`, `warning_interval`, `email`, `surname`, `family`, `gender`
58 FROM
59         `{?_MYSQL_PREFIX?}_sponsor_data`
60 WHERE
61         `id`=%s AND
62         `password`='%s'
63 LIMIT 1",
64         array(
65                 bigintval(getSession('sponsorid')),
66                 getSession('sponsorpass')
67         ), __FILE__, __LINE__);
68
69 if (SQL_NUMROWS($result) == 1) {
70         // Load sponsor data
71         $content = SQL_FETCHARRAY($result);
72         if ($content['status'] == 'CONFIRMED') {
73                 // Check if form was submitted or not
74                 if (isFormSent()) {
75                         // Check passwords
76                         if (!isPostRequestParameterSet('password')) {
77                                 // No current password entered
78                                 $message = SPONSOR_NO_CURRENT_PASSWORD_ENTERED;
79                         } elseif (md5(postRequestParameter('password')) != getSession('sponsorpass')) {
80                                 // Entered password didn't match password in DB
81                                 $message = SPONSOR_CURRENT_PASSWORD_DIDNOT_MATCH_DB;
82                         } else {
83                                 // Unsecure data which we don't want here
84                                 $UNSAFE = array(
85                                         'company', 'position', 'tax_ident', 'gender', 'surname', 'family',
86                                         'street_nr1', 'street_nr2', 'zip', 'city', 'country', 'phone', 'fax', 'cell',
87                                         'email', 'url'
88                                 );
89
90                                 // Remove all (maybe spoofed) unsafe data from array
91                                 foreach ($UNSAFE as $remove) {
92                                         unsetPostRequestParameter($remove);
93                                 } // END - if
94
95                                 // Set last change timestamp
96                                 setPostRequestParameter('last_change', 'UNIX_TIMESTAMP()');
97
98                                 // Save data
99                                 $message = saveSponsorData(postRequestArray(), $content);
100                         }
101
102                         if (!empty($message)) {
103                                 // Output message
104                                 $OUT = loadTemplate('admin_settings_saved', true, $message);
105                         } else {
106                                 // No message generated
107                                 $OUT = loadTemplate('admin_settings_saved', true, getMessage('SPONSOR_NO_MESSAGE_GENERATED'));
108                         }
109                 } else {
110                         // Make yes/no selection
111                         $content['receive_warnings_y'] = '';
112                         $content['receive_warnings_n'] = '';
113                         $content['receive_warnings_' . strtolower($content['receive_warnings'])] = ' checked="checked"';
114
115                         // Output formular
116                         $OUT = loadTemplate('sponsor_settings_form', true, $content);
117                 }
118         } else {
119                 // Locked or so?
120                 $STATUS = sponsorTranslateUserStatus($content['status']);
121                 $OUT = loadTemplate('admin_settings_saved', true, getMaskedMessage('SPONSOR_ACCOUNT_FAILED', $STATUS));
122         }
123 } else {
124         // Sponsor account not found!
125         $OUT = loadTemplate('admin_settings_saved', true, getMaskedMessage('SPONSOR_ACCOUNT_404', getSession('sponsorid')));
126 }
127
128 // Free memory
129 SQL_FREERESULT($result);
130
131 // [EOF]
132 ?>