<?php
/************************************************************************
 * Mailer v0.2.1-FINAL                                Start: 09/28/2003 *
 * ===================                          Last change: 06/10/2004 *
 *                                                                      *
 * -------------------------------------------------------------------- *
 * File              : what-edit_user.php                               *
 * -------------------------------------------------------------------- *
 * Short description : Edit member's profiles                           *
 * -------------------------------------------------------------------- *
 * Kurzbeschreibung  : Mitgliederprofile aendern                        *
 * -------------------------------------------------------------------- *
 * $Revision::                                                        $ *
 * $Date::                                                            $ *
 * $Tag:: 0.2.1-FINAL                                                 $ *
 * $Author::                                                          $ *
 * Needs to be in all Files and every File needs "svn propset           *
 * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
 * -------------------------------------------------------------------- *
 * @TODO Add support for ext-country                                    *
 * -------------------------------------------------------------------- *
 * Copyright (c) 2003 - 2009 by Roland Haeder                           *
 * For more information visit: http://www.mxchange.org                  *
 *                                                                      *
 * This program is free software; you can redistribute it and/or modify *
 * it under the terms of the GNU General Public License as published by *
 * the Free Software Foundation; either version 2 of the License, or    *
 * (at your option) any later version.                                  *
 *                                                                      *
 * This program is distributed in the hope that it will be useful,      *
 * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
 * GNU General Public License for more details.                         *
 *                                                                      *
 * You should have received a copy of the GNU General Public License    *
 * along with this program; if not, write to the Free Software          *
 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
 * MA  02110-1301  USA                                                  *
 ************************************************************************/

// Some security stuff...
if ((!defined('__SECURITY')) || (!isAdmin())) {
	die();
} // END - if

// Add description as navigation point
addMenuDescription('admin', __FILE__);

// Fix a notice
$result_main = false;
if (isGetRequestParameterSet('userid')) {
	// Load user entry
	$result_main = SQL_QUERY_ESC("SELECT
	`userid`, `gender`, `surname`, `family`, `street_nr`, `zip`, `city`, `country`,
	`email`,
	`birth_day`, `birth_month`, `birth_year`,
	`max_mails`
FROM
	`{?_MYSQL_PREFIX?}_user_data`
WHERE
	`userid`=%s
LIMIT 1",
		array(
			bigintval(getRequestParameter('userid'))
		), __FILE__, __LINE__);
} // END - if

if ((SQL_NUMROWS($result_main) == 1) || (!isGetRequestParameterSet('userid'))) {
	// User found
	if (!isGetRequestParameterSet('userid')) {
		// Output selection form with all confirmed user accounts listed
		addMemberSelectionBox();
	} elseif (isPostRequestParameterSet('edit')) {
		// Ok, change the account...
		$updateUser = false; $add = '';
		if ((!isPostRequestParameterSet('pass1')) && (!isPostRequestParameterSet('pass2'))) {
			// Don't change the password
			$updateUser = true;
		} elseif ((postRequestParameter('pass1') == postRequestParameter('pass2'))) {
			// Change the password
			$updateUser = true;
			$add = ", `password`='" . generateHash(postRequestParameter('pass1')) . "'";
		}

		if ($updateUser === true) {
			// We have to add the following things: birthday and max receive mails
			SQL_QUERY_ESC("UPDATE
	`{?_MYSQL_PREFIX?}_user_data`
SET
	`gender`='%s',
	`surname`='%s',
	`family`='%s',
	`street_nr`='%s',
	`country`='%s',
	`zip`=%s,
	`city`='%s',
	`email`='%s'
	".$add."
WHERE
	`userid`=%s
LIMIT 1",
			array(
				substr(postRequestParameter('gender'), 0, 1),
				postRequestParameter('surname'),
				postRequestParameter('family'),
				postRequestParameter('street_nr'),
				postRequestParameter('country'),
				bigintval(postRequestParameter('zip')),
				postRequestParameter('city'),
				postRequestParameter('email'),
				bigintval(getRequestParameter('userid')),
			), __FILE__, __LINE__);
			$content = getMessage('USER_ACCOUNT_SAVED');
		} else {
			// Problem while saving data
			$content = getMessage('USER_ACCOUNT_NOT_SAVED');
		}

		// Load template
		loadTemplate('admin_settings_saved', false, $content);
	} else {
		// Load entry
		$content = SQL_FETCHARRAY($result_main);

		// Init entries
		foreach (array('gender_m','gender_f','gender_c') as $entry) {
			$content[$entry] = '';
		} // END - foreach

		// Prepare selections
		$content['gender_' . strtolower($content['gender'])] = ' selected="selected"';

		// Load template
		loadTemplate('admin_edit_user', false, $content);
	}
} else {
	// Account does not exists!
	loadTemplate('admin_settings_saved', false, '<div class="admin_failed">' . getMaskedMessage('ADMIN_MEMBER_404', getRequestParameter('userid')) . '</div>');
}

// Free the result
SQL_FREERESULT($result_main);

// [EOF]
?>