inc/modules/sponsor/settings.php

   1 <?php
   2 /************************************************************************
   3  * MXChange v0.2.1                                    Start: 10/11/2005 *
   4  * ===============                              Last change: 05/19/2008 *
   5  *                                                                      *
   6  * -------------------------------------------------------------------- *
   7  * File              : settings.php                                     *
   8  * -------------------------------------------------------------------- *
   9  * Short description : Sponsor can manage his settings                  *
  10  * -------------------------------------------------------------------- *
  11  * Kurzbeschreibung  : Der Sponsor kann seine Einstellungen aendern     *
  12  * -------------------------------------------------------------------- *
  13  * $Revision::                                                        $ *
  14  * $Date::                                                            $ *
  15  * $Tag:: 0.2.1-FINAL                                                 $ *
  16  * $Author::                                                          $ *
  17  * Needs to be in all Files and every File needs "svn propset           *
  18  * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
  19  * -------------------------------------------------------------------- *
  20  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
  21  * For more information visit: http://www.mxchange.org                  *
  22  *                                                                      *
  23  * This program is free software. You can redistribute it and/or modify *
  24  * it under the terms of the GNU General Public License as published by *
  25  * the Free Software Foundation; either version 2 of the License.       *
  26  *                                                                      *
  27  * This program is distributed in the hope that it will be useful,      *
  28  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
  29  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
  30  * GNU General Public License for more details.                         *
  31  *                                                                      *
  32  * You should have received a copy of the GNU General Public License    *
  33  * along with this program; if not, write to the Free Software          *
  34  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
  35  * MA  02110-1301  USA                                                  *
  36  ************************************************************************/
  37
  38 // Some security stuff...
  39 if (!defined('__SECURITY')) {
  40         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php';
  41         require($INC);
  42 } elseif (!EXT_IS_ACTIVE('sponsor')) {
  43         addFatalMessage(__FILE__, __LINE__, generateExtensionInactiveMessage('sponsor'));
  44         return;
  45 } elseif (!IS_SPONSOR()) {
  46         // No sponsor!
  47         addFatalMessage(__FILE__, __LINE__, getMessage('SPONSOR_ONLY_AREA_ENTERED'));
  48         return;
  49 }
  50
  51 // Data for the formular
  52 $result = SQL_QUERY_ESC("SELECT status, receive_warnings, warning_interval, email, surname, family, gender
  53 FROM `{!_MYSQL_PREFIX!}_sponsor_data`
  54 WHERE `id`='%s' AND password='%s' LIMIT 1",
  55 array(bigintval(getSession('sponsorid')), getSession('sponsorpass')), __FILE__, __LINE__);
  56 if (SQL_NUMROWS($result) == 1) {
  57         // Load sponsor data
  58         $content = SQL_FETCHARRAY($result);
  59         if ($content['status'] == 'CONFIRMED') {
  60                 // Check if form was submitted or not
  61                 if (isFormSent()) {
  62                         // Check passwords
  63                         if (!REQUEST_ISSET_POST(('password'))) {
  64                                 // No current password entered
  65                                 $message = SPONSOR_NO_CURRENT_PASSWORD_ENTERED;
  66                         } elseif (md5(REQUEST_POST('password')) != getSession('sponsorpass')) {
  67                                 // Entered password didn't match password in DB
  68                                 $message = SPONSOR_CURRENT_PASSWORD_DIDNOT_MATCH_DB;
  69                         } else {
  70                                 // Unsecure data which we don't want here
  71                                 $UNSAFE = array('company', 'position', 'tax_ident', 'gender', 'surname', 'family',
  72                                                 'street_nr1', 'street_nr2', 'zip', 'city', 'country', 'phone', 'fax', 'cell',
  73                                                 'email', 'url');
  74
  75                                 // Remove all (maybe spoofed) unsafe data from array
  76                                 foreach ($UNSAFE as $remove) {
  77                                         REQUEST_UNSET_POST($remove);
  78                                 }
  79
  80                                 // Set last change timestamp
  81                                 REQUEST_SET_POST('last_change', "UNIX_TIMESTAMP()");
  82
  83                                 // Save data
  84                                 $message = SPONSOR_SAVE_DATA(REQUEST_POST_ARRAY(), $content);
  85                         }
  86
  87                         if (!empty($message)) {
  88                                 // Output message
  89                                 $OUT = LOAD_TEMPLATE('admin_settings_saved', true, $message);
  90                         } else {
  91                                 // No message generated
  92                                 $OUT = LOAD_TEMPLATE('admin_settings_saved', true, getMessage('SPONSOR_NO_MESSAGE_GENERATED'));
  93                         }
  94                 } else {
  95                         // Make yes/no selection
  96                         switch ($content['receive_warnings']) {
  97                                 case 'Y':
  98                                         define('__YES', ' checked="checked"');
  99                                         define('__NO', '');
 100                                         break;
 101
 102                                 case 'N':
 103                                         define('__YES', '');
 104                                         define('__NO', ' checked="checked"');
 105                                         break;
 106                         }
 107
 108                         // Translate current interval into fancy string
 109                         define('__CURRENT', createFancyTime($content['warning_interval']));
 110
 111                         // Output formular
 112                         $OUT = LOAD_TEMPLATE("sponsor_settings_form", true, $content);
 113                 }
 114         } else {
 115                 // Locked or so?
 116                 $STATUS = sponsorTranslateUserStatus($content['status']);
 117                 $OUT = LOAD_TEMPLATE('admin_settings_saved', true, sprintf(getMessage('SPONSOR_ACCOUNT_FAILED'), $STATUS));
 118         }
 119 } else {
 120         // Sponsor account not found!
 121         $OUT = LOAD_TEMPLATE('admin_settings_saved', true, sprintf(getMessage('SPONSOR_ACCOUNT_404'), getSession('sponsorid')));
 122 }
 123
 124 // Free memory
 125 SQL_FREERESULT($result);
 126
 127 //
 128 ?>