projects / mailer.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Possible further fix for #128
[mailer.git] / inc / modules / member / what-mydata.php
diff --git a/inc/modules/member/what-mydata.php b/inc/modules/member/what-mydata.php
index 2a13fa112edc2d65b2fce4dae6765c2be0935a31..7323139365042c0f846b426cd5a45c97eab6402e 100644 (file)
--- a/inc/modules/member/what-mydata.php
+++ b/inc/modules/member/what-mydata.php
@@ -10,7 +10,12 @@
  * -------------------------------------------------------------------- *
  * Kurzbeschreibung  : Mitglieder koennen hier ihre Profildaten aendern *
  * -------------------------------------------------------------------- *
- *                                                                      *
+ * $Revision::                                                        $ *
+ * $Date::                                                            $ *
+ * $Tag:: 0.2.1-FINAL                                                 $ *
+ * $Author::                                                          $ *
+ * Needs to be in all Files and every File needs "svn propset           *
+ * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
  * -------------------------------------------------------------------- *
  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
  * For more information visit: http://www.mxchange.org                  *
@@ -32,310 +37,278 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
-       $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
+if (!defined('__SECURITY')) {
+       $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php';
        require($INC);
-}
- elseif (!IS_LOGGED_IN())
-{
-       LOAD_URL("modules.php?module=index");
-}
- elseif ((!EXT_IS_ACTIVE("mydata")) && (!IS_ADMIN()))
-{
-       ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "mydata");
+} elseif (!IS_MEMBER()) {
+       redirectToUrl('modules.php?module=index');
+} elseif ((!EXT_IS_ACTIVE('mydata')) && (!IS_ADMIN())) {
+       addFatalMessage(__FILE__, __LINE__, generateExtensionInactiveNotInstalledMessage('mydata'));
        return;
 }
 
 // Add description as navigation point
-ADD_DESCR("member", basename(__FILE__));
+ADD_DESCR('member', __FILE__);
 
-OPEN_TABLE("100%", "member_content member_content_align", "");
-define('UID_VALUE', $GLOBALS['userid']); $URL = "";
+// @TODO Try to rewrite this constant
+define('UID_VALUE', getUserId());
+
+// Init variable to prevent notices
+$URL = '';
 
 // Detect what the member wants to do
-$MODE = "show"; // Show his data
-if (!empty($_POST['save']))   $MODE = "save";   // Save entered data
-if (isset($_POST['edit']))   $MODE = "edit";   // Edit data
-if (!empty($_POST['notify'])) $MODE = "notify"; // Switch off notification
-
-switch ($MODE)
-{
-case "show": // Show his data
-       if (EXT_IS_ACTIVE("country", true))
-       {
-               // New way                         0        1         2          3         4     5     6        7           8            9       10      11           12           13
-               $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, sex, max_mails, receive_mails, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
-                array(UID_VALUE), __FILE__, __LINE__);
-       }
-        else
-       {
-               // Old way                         0        1         2        3      4     5     6        7           8            9       10      11           12           13
-               $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, sex, max_mails, receive_mails, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
-                array(UID_VALUE), __FILE__, __LINE__);
-       }
-       $DATA = SQL_FETCHROW($result);
-       SQL_FREERESULT($result);
-
-       // Translate / add some things
-       $DATA[10] = TRANSLATE_SEX($DATA[10]);
-       $DATA[13] = MAKE_DATETIME($DATA[13], "0");
-
-       // How far is last change on his profile away from now?
-       if ((($DATA[13] + $_CONFIG['profile_lock']) > time()) && (!IS_ADMIN()) && ($_CONFIG['profile_lock'] > 0))
-       {
-               // You cannot change your account
-               define('CHANGE', "<FONT class=\"member_failed\">".MEMBER_PROFILE_LOCKED_1.MAKE_DATETIME($DATA[13] + $_CONFIG['profile_lock'], "0").MEMBER_PROFILE_LOCKED_2."</FONT>");
-       }
-        else
-       {
-               // He is allowed to change his profile
-               define('CHANGE', LOAD_TEMPLATE("member_mydata_button", true));
-       }
-       if (strlen($DATA[7]) == 1) $DATA[7] = "0".$DATA[7];
-       if (strlen($DATA[8]) == 1) $DATA[8] = "0".$DATA[8];
-       switch (GET_LANGUAGE())
-       {
-               case "de": define ('DOB', $DATA[7].".".$DATA[8].".".$DATA[9]); break;
-               default  : define ('DOB', $DATA[8]."-".$DATA[7]."-".$DATA[9]); break;
-       }
-
-       if (EXT_IS_ACTIVE("country"))
-       {
-               // Load country's description and code
-               $DATA[3] = COUNTRY_GENERATE_INFO($DATA[3]);
-       }
-
-       // Load template
-       LOAD_TEMPLATE("member_mydata_overview");
-       break;
-
-case "edit": // Edit data
-       if (EXT_IS_ACTIVE("country", true))
-       {
-               // New way                         0        1         2          3         4     5     6        7           8            9       10      11           12           13
-               $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, sex, max_mails, receive_mails, last_update
-FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
-                array(UID_VALUE), __FILE__, __LINE__);
-       }
-        else
-       {
-               // Old way                         0        1         2        3      4     5     6        7           8            9       10      11           12           13
-               $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, sex, max_mails, receive_mails, last_update
-FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
-                array(UID_VALUE), __FILE__, __LINE__);
-       }
-
-       $DATA = SQL_FETCHROW($result);
-       SQL_FREERESULT($result);
-       $DATA[13] = $DATA[12] + $_CONFIG['profile_lock'];
-
-       // How far is last change on his profile away from now?
-       if (($DATA[13] > time()) && (!IS_ADMIN()) && ($_CONFIG['profile_lock'] > 0))
-       {
-               $DATA[13] = MAKE_DATETIME($DATA[13] + $_CONFIG['profile_lock'], "0");
-               // You cannot change your account
-               LOAD_TEMPLATE("member_mydata_locked");
-       }
-        else
-       {
-               // He is allowed to change his profile
-               switch ($DATA[10])
-               {
-               case "M":
-                       define('M_DEFAULT', " selected=\"selected\"");
-                       define('F_DEFAULT', "");
-                       define('C_DEFAULT', "");
-                       break;
-
-               case "F":
-                       define('M_DEFAULT', "");
-                       define('F_DEFAULT', " selected=\"selected\"");
-                       define('C_DEFAULT', "");
-                       break;
-
-               case "C":
-                       define('M_DEFAULT', "");
-                       define('F_DEFAULT', "");
-                       define('C_DEFAULT', " selected=\"selected\"");
-                       break;
-               }
-               $DOB = "";
-               switch (GET_LANGUAGE())
-               {
-               case "de": // German date format
-                       // Day
-                       $DOB .= ADD_SELECTION("day", $DATA[7]);
-
-                       // Month
-                       $DOB .= ADD_SELECTION("month", $DATA[8]);
-
-                       // Year
-                       $DOB .= ADD_SELECTION("year", $DATA[9]);
-                       break;
-
-               default: // Default is the US date format... :)
-                       break;
-               }
-               define('DOB', $DOB);
-               define('MAX_REC_LIST', ADD_MAX_RECEIVE_LIST("member", $DATA[11], true));
-
-               if (EXT_IS_ACTIVE("country"))
-               {
-                       // Generate selection box
-                       $OUT  = "<SELECT name=\"country_code\" class=\"member_select\" size=\"1\">\n";
-                       $whereStatement = "WHERE is_active='Y'";
-                       if (IS_ADMIN()) $whereStatement = "";
-                       $OUT .= ADD_OPTION_LINES("countries", "id", "descr", $DATA[3], "code", $whereStatement);
-                       $OUT .= "</SELECT>";
-                       define('__COUNTRY_CONTENT', $OUT);
+$mode = 'show'; // Show his data
+if (REQUEST_ISSET_POST('save'))   $mode = 'save';   // Save entered data
+if (REQUEST_ISSET_POST('edit'))   $mode = 'edit';   // Edit data
+if (REQUEST_ISSET_POST('notify')) $mode = 'notify'; // Switch off notification
+
+switch ($mode) {
+       case 'show': // Show his data
+               if (EXT_IS_ACTIVE('country', true)) {
+                       // New way                         0        1         2          3         4     5     6        7           8            9       10      11           12           13
+                       $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
+                               array(getUserId()), __FILE__, __LINE__);
+               } else {
+                       // Old way                         0        1         2        3      4     5     6        7           8            9       10      11           12           13
+                       $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
+                               array(getUserId()), __FILE__, __LINE__);
                }
-                else
-               {
-                       // Ouput default input box
-                       define('__COUNTRY_CONTENT', "<INPUT type=\"text\" name=\"cntry\" class=\"member_normal\" size=\"2\" maxlength=\"3\" value=\"".$DATA[3]."\">");
+               $DATA = SQL_FETCHROW($result);
+               SQL_FREERESULT($result);
+
+               // Translate / add some things
+               $DATA[10] = translateGender($DATA[10]);
+               $DATA[13] = generateDateTime($DATA[13], '0');
+
+               // How far is last change on his profile away from now?
+               if ((($DATA[13] + getConfig('profile_lock')) > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) {
+                       // You cannot change your account
+                       define('CHANGE', "<div class=\"member_failed\">".sprintf(getMessage('MEMBER_PROFILE_LOCKED'), generateDateTime($DATA[13] + getConfig('profile_lock'), '0'))."</div>");
+               } else {
+                       // He is allowed to change his profile
+                       define('CHANGE', LOAD_TEMPLATE("member_mydata_button", true));
                }
 
+               if (strlen($DATA[7]) == 1) $DATA[7] = '0'.$DATA[7];
+               if (strlen($DATA[8]) == 1) $DATA[8] = '0'.$DATA[8];
+
+               switch (getLanguage()) {
+                       case 'de': define('DOB', $DATA[7].'.'.$DATA[8].'.'.$DATA[9]); break;
+                       default  : define('DOB', $DATA[8].'-'.$DATA[7].'-'.$DATA[9]); break;
+               } // END - switch
+
+               if (EXT_IS_ACTIVE('country')) {
+                       // Load country's description and code
+                       $DATA[3] = COUNTRY_GENERATE_INFO($DATA[3]);
+               } // END - if
+
                // Load template
-               LOAD_TEMPLATE("member_mydata_edit");
-       }
-       break;
-
-case "save": // Save entered data
-       // Load old email / password:      0        1          2
-       $result = SQL_QUERY_ESC("SELECT email, password, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
-        array(UID_VALUE), __FILE__, __LINE__);
-       $DATA = SQL_FETCHROW($result);
-       SQL_FREERESULT($result);
-       $DATA[3] = $DATA[2] + $_CONFIG['profile_lock'];
-
-       // How far is last change on his profile away from now?
-       if (($DATA[3] > time()) && (!IS_ADMIN()) && ($_CONFIG['profile_lock'] > 0))
-       {
-               $DATA[3] = MAKE_DATETIME($DATA[3] + $_CONFIG['profile_lock'], "0");
-               // You cannot change your account
-               LOAD_TEMPLATE("member_mydata_locked");
-       }
-        elseif (!VALIDATE_EMAIL($_POST['addy']))
-       {
-               // Invalid email address!
-               LOAD_TEMPLATE("admin_settings_saved", false, INVALID_EMAIL_ADDRESS_ENTERED);
-       }
-        else
-       {
-               // Secure every submitted variable
-               foreach ($_POST as $key=>$value)
-               {
-                       $_POST[$key] = addslashes($value);
-               }
+               LOAD_TEMPLATE('member_mydata_overview');
+               break;
 
-               $hash = generateHash($_POST['pass1'], substr($DATA[1], 0, -40));
-               if ((($hash == $DATA[1]) || ($_POST['pass1'] == $_POST['pass2'])) && (!empty($_POST['pass1'])))
-               {
-                       // Only on simple changes normal mode is active = no email or password changed
-                       $MODE = "normal"; $AND = "";
+       case 'edit': // Edit data
+               if (EXT_IS_ACTIVE('country', true)) {
+                       // New way                         0        1         2          3         4     5     6        7           8            9       10      11           12           13
+                       $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update
+FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
+                       array(getUserId()), __FILE__, __LINE__);
+               } else {
+                       // Old way                         0        1         2        3      4     5     6        7           8            9       10      11           12           13
+                       $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update
+FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
+                               array(getUserId()), __FILE__, __LINE__);
+               }
 
-                       // Did the user changed the password?
-                       if ($hash != $DATA[1]) { $AND = ", password='".$hash."'"; $MODE = "pass"; }
+               $DATA = SQL_FETCHROW($result);
+               SQL_FREERESULT($result);
+               $DATA[13] = $DATA[12] + getConfig('profile_lock');
 
-                       // Or did he changed his password?
-                       if ($_POST['addy'] != $DATA[0])
+               // How far is last change on his profile away from now?
+               if (($DATA[13] > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) {
+                       $DATA[13] = generateDateTime($DATA[13] + getConfig('profile_lock'), '0');
+                       // You cannot change your account
+                       LOAD_TEMPLATE('member_mydata_locked');
+               } else {
+                       // He is allowed to change his profile
+                       switch ($DATA[10])
                        {
-                               // Jupp
-                               if ($MODE == "normal") { $MODE = "email"; } else { $MODE .= ";email"; }
-                               $_POST['old_addy'] = $DATA[0];
-                       }
+                               case 'M':
+                                       define('M_DEFAULT', ' selected="selected"');
+                                       define('F_DEFAULT', '');
+                                       define('C_DEFAULT', '');
+                                       break;
 
-                       // Update member's profile
-                       if (EXT_IS_ACTIVE("country"))
-                       {
-                               // New way
-                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET
-sex='%s', surname='%s', family='%s',
-street_nr='%s',
-country_code=%d, zip=%d, city='%s',
-email='%s',
-birth_day=%d, birth_month=%d, birth_year=%d,
-max_mails=%d,
-last_update=UNIX_TIMESTAMP()".$AND.",
-notified='N',
-last_profile_sent=UNIX_TIMESTAMP()
-WHERE userid=%d AND password='%s' LIMIT 1",
- array(
-  $_POST['sex'],
-  $_POST['surname'],
-  $_POST['family_name'],
-  $_POST['street_nr'],
-  bigintval($_POST['country_code']),
-  bigintval($_POST['zip']),
-  $_POST['city'],
-  $_POST['addy'],
-  bigintval($_POST['day']),
-  bigintval($_POST['month']),
-  bigintval($_POST['year']),
-  bigintval($_POST['max_mails']),
-  UID_VALUE,
-  $_SESSION['u_hash']
- ), __FILE__, __LINE__);
-                       }
-                        else
-                       {
-                               // Old way
-                               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET
-sex='%s', surname='%s', family='%s',
-street_nr='%s',
-country='%s', zip=%d, city='%s',
-email='%s',
-birth_day=%d, birth_month=%d, birth_year=%d,
-max_mails='%s',
-last_update=UNIX_TIMESTAMP()".$AND.",
-notified='N',
-last_profile_sent=UNIX_TIMESTAMP()
-WHERE userid=%d AND password='%s' LIMIT 1",
- array(
-  $_POST['sex'],
-  $_POST['surname'],
-  $_POST['family_name'],
-  $_POST['street_nr'],
-  $_POST['cntry'],
-  bigintval($_POST['zip']),
-  $_POST['city'],
-  $_POST['addy'],
-  bigintval($_POST['day']),
-  bigintval($_POST['month']),
-  bigintval($_POST['year']),
-  bigintval($_POST['max_mails']),
-  UID_VALUE,
-  $_SESSION['u_hash']
- ), __FILE__, __LINE__);
+                               case 'F':
+                                       define('M_DEFAULT', '');
+                                       define('F_DEFAULT', ' selected="selected"');
+                                       define('C_DEFAULT', '');
+                                       break;
+
+                               case 'C':
+                                       define('M_DEFAULT', '');
+                                       define('F_DEFAULT', '');
+                                       define('C_DEFAULT', ' selected="selected"');
+                                       break;
                        }
+                       $DOB = '';
+                       switch (getLanguage()) {
+                               case 'de': // German date format
+                                       // Day
+                                       $DOB .= ADD_SELECTION('day', $DATA[7]);
+
+                                       // Month
+                                       $DOB .= ADD_SELECTION('month', $DATA[8]);
+
+                                       // Year
+                                       $DOB .= ADD_SELECTION('year', $DATA[9]);
+                                       break;
 
-                       // Get all modes ...
-                       $modes = explode(";", $MODE);
+                               default: // Default is the US date format... :)
+                                       break;
+                       } // END - if
 
-                       // ... and run them through
-                       SEND_MODE_MAILS ("mydata", $modes);
+                       define('DOB', $DOB);
+                       define('MAX_REC_LIST', addMaxReceiveList('member', $DATA[11], true));
+
+                       if (EXT_IS_ACTIVE('country')) {
+                               // Generate selection box
+                               $OUT  = "<select name=\"country_code\" class=\"member_select\" size=\"1\">\n";
+                               $whereStatement = "WHERE `is_active`='Y'";
+                               if (IS_ADMIN()) $whereStatement = '';
+                               $OUT .= generateOptionList("countries", 'id', "descr", $DATA[3], "code", $whereStatement);
+                               $OUT .= "</select>";
+                               define('__COUNTRY_CONTENT', $OUT);
+                       } else {
+                               // Ouput default input box
+                               define('__COUNTRY_CONTENT', "<input type=\"text\" name=\"cntry\" class=\"member_normal\" size=\"2\" maxlength=\"3\" value=\"".$DATA[3]."\" />");
+                       }
+
+                       // Load template
+                       LOAD_TEMPLATE('member_mydata_edit');
                }
-                else
-               {
-                       // Entered wrong pass for updating profile
-                       LOAD_TEMPLATE("admin_settings_saved", false, MEBER_UPDATE_PWD_WRONG);
+               break;
+
+       case 'save': // Save entered data
+               // Load old email / password:      0        1          2
+               $result = SQL_QUERY_ESC("SELECT email, password, last_update FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
+                       array(getUserId()), __FILE__, __LINE__);
+               $DATA = SQL_FETCHROW($result);
+               SQL_FREERESULT($result);
+               $DATA[3] = $DATA[2] + getConfig('profile_lock');
+
+               // How far is last change on his profile away from now?
+               if (($DATA[3] > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) {
+                       $DATA[3] = generateDateTime($DATA[3] + getConfig('profile_lock'), '0');
+                       // You cannot change your account
+                       LOAD_TEMPLATE('member_mydata_locked');
+               } elseif (!isEmailValid(REQUEST_POST('addy'))) {
+                       // Invalid email address!
+                       LOAD_TEMPLATE('admin_settings_saved', false, getMessage('INVALID_EMAIL_ADDRESS_ENTERED'));
+               } else {
+                       // Generate hash
+                       $hash = generateHash(REQUEST_POST('pass1'), substr($DATA[1], 0, -40));
+                       if ((($hash == $DATA[1]) || (REQUEST_POST('pass1') == REQUEST_POST('pass2'))) && (REQUEST_ISSET_POST('pass1'))) {
+                               // Only on simple changes normal mode is active = no email or password changed
+                               $mode = 'normal'; $AND = '';
+
+                               // Did the user changed the password?
+                               if ($hash != $DATA[1]) { $AND = ", password='".$hash."'"; $mode = 'pass'; }
+
+                               // Or did he changed his password?
+                               if (REQUEST_POST('addy') != $DATA[0]) {
+                                       // Jupp
+                                       if ($mode == 'normal') {
+                                               $mode = 'email';
+                                       } else {
+                                               $mode .= ";email";
+                                       }
+                                       REQUEST_SET_POST('old_addy', $DATA[0]);
+                               } // END - if
+
+                               // Update member's profile
+                               if (EXT_IS_ACTIVE('country')) {
+                                       // New way
+                                       SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET
+`gender`='%s', `surname`='%s', `family`='%s',
+`street_nr`='%s',
+`country_code`=%s, `zip`=%s, `city`='%s',
+`email`='%s',
+`birth_day`=%s, `birth_month`=%s, `birth_year`=%s,
+`max_mails`=%s,
+`last_update`=UNIX_TIMESTAMP()".$AND.",
+`notified`='N',
+`last_profile_sent`=UNIX_TIMESTAMP()
+WHERE `userid`=%s AND `password`='%s' LIMIT 1",
+                                               array(
+                                                       REQUEST_POST('gender'),
+                                                       REQUEST_POST('surname'),
+                                                       REQUEST_POST('family'),
+                                                       REQUEST_POST('street_nr'),
+                                                       bigintval(REQUEST_POST('country_code')),
+                                                       bigintval(REQUEST_POST('zip')),
+                                                       REQUEST_POST('city'),
+                                                       REQUEST_POST('addy'),
+                                                       bigintval(REQUEST_POST('day')),
+                                                       bigintval(REQUEST_POST('month')),
+                                                       bigintval(REQUEST_POST('year')),
+                                                       bigintval(REQUEST_POST('max_mails')),
+                                                       getUserId(),
+                                                       getSession('u_hash')
+                                               ), __FILE__, __LINE__);
+                               } else {
+                                       // Old way
+                                       SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET
+`gender`='%s', `surname`='%s', `family`='%s',
+`street_nr`='%s',
+`country`='%s', `zip`=%s, `city`='%s',
+`email`='%s',
+`birth_day`=%s, `birth_month`=%s, `birth_year`=%s,
+`max_mails`='%s',
+`last_update`=UNIX_TIMESTAMP()".$AND.",
+`notified`='N',
+`last_profile_sent`=UNIX_TIMESTAMP()
+WHERE `userid`=%s AND `password`='%s' LIMIT 1",
+                                               array(
+                                                       REQUEST_POST('gender'),
+                                                       REQUEST_POST('surname'),
+                                                       REQUEST_POST('family'),
+                                                       REQUEST_POST('street_nr'),
+                                                       REQUEST_POST('cntry'),
+                                                       bigintval(REQUEST_POST('zip')),
+                                                       REQUEST_POST('city'),
+                                                       REQUEST_POST('addy'),
+                                                       bigintval(REQUEST_POST('day')),
+                                                       bigintval(REQUEST_POST('month')),
+                                                       bigintval(REQUEST_POST('year')),
+                                                       bigintval(REQUEST_POST('max_mails')),
+                                                       getUserId(),
+                                                       getSession('u_hash')
+                                               ), __FILE__, __LINE__);
+                               }
+
+                               // Get all modes ...
+                               $modes = explode(';', $mode);
+
+                               // ... and run them through
+                               sendModeMails ('mydata', $modes);
+                       } else {
+                               // Entered wrong pass for updating profile
+                               LOAD_TEMPLATE('admin_settings_saved', false, getMessage('MEBER_UPDATE_PWD_WRONG'));
+                       }
                }
-       }
-       break;
-
-case "notify": // Switch off notfication
-       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET notified='N', last_update=UNIX_TIMESTAMP() WHERE userid=%d LIMIT 1",
-        array($GLOBALS['userid']), __FILE__, __LINE__);
-       $URL = URL."/modules.php?module=login&amp;what=welcome&msg=".urlencode(PROFILE_UPDATED);
-       break;
+               break;
+
+       case 'notify': // Switch off notfication
+               SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET notified='N', last_update=UNIX_TIMESTAMP() WHERE userid=%s LIMIT 1",
+                       array(getUserId()), __FILE__, __LINE__);
+               $URL = 'modules.php?module=login&amp;what=welcome&amp;msg=' . urlencode(getMessage('PROFILE_UPDATED'));
+               break;
 }
-CLOSE_TABLE();
 
-if (!empty($URL))
-{
+if (!empty($URL)) {
        // Load generated URL
-       LOAD_URL($URL);
-}
+       redirectToUrl($URL);
+} // END - if
+
 //
 ?>
Mailer-Project repository