************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (!defined('__SECURITY')) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
-}
- elseif (!IS_MEMBER())
-{
+} elseif (!IS_MEMBER()) {
LOAD_URL("modules.php?module=index");
-}
- elseif ((!EXT_IS_ACTIVE("mydata")) && (!IS_ADMIN()))
-{
+} elseif ((!EXT_IS_ACTIVE("mydata")) && (!IS_ADMIN())) {
ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "mydata");
return;
}
// Add description as navigation point
-ADD_DESCR("member", basename(__FILE__));
+ADD_DESCR("member", __FILE__);
define('UID_VALUE', $GLOBALS['userid']); $URL = "";
if (EXT_IS_ACTIVE("country", true))
{
// New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
- $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
array(UID_VALUE), __FILE__, __LINE__);
}
else
{
// Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
- $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
array(UID_VALUE), __FILE__, __LINE__);
}
$DATA = SQL_FETCHROW($result);
$DATA[13] = MAKE_DATETIME($DATA[13], "0");
// How far is last change on his profile away from now?
- if ((($DATA[13] + $_CONFIG['profile_lock']) > time()) && (!IS_ADMIN()) && ($_CONFIG['profile_lock'] > 0))
+ if ((($DATA[13] + getConfig('profile_lock')) > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0))
{
// You cannot change your account
- define('CHANGE', "<FONT class=\"member_failed\">".MEMBER_PROFILE_LOCKED_1.MAKE_DATETIME($DATA[13] + $_CONFIG['profile_lock'], "0").MEMBER_PROFILE_LOCKED_2."</FONT>");
+ define('CHANGE', "<FONT class=\"member_failed\">".MEMBER_PROFILE_LOCKED_1.MAKE_DATETIME($DATA[13] + getConfig('profile_lock'), "0").MEMBER_PROFILE_LOCKED_2."</FONT>");
}
else
{
if (EXT_IS_ACTIVE("country", true)) {
// New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
$result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update
-FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
array(UID_VALUE), __FILE__, __LINE__);
} else {
// Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
$result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update
-FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
array(UID_VALUE), __FILE__, __LINE__);
}
$DATA = SQL_FETCHROW($result);
SQL_FREERESULT($result);
- $DATA[13] = $DATA[12] + $_CONFIG['profile_lock'];
+ $DATA[13] = $DATA[12] + getConfig('profile_lock');
// How far is last change on his profile away from now?
- if (($DATA[13] > time()) && (!IS_ADMIN()) && ($_CONFIG['profile_lock'] > 0))
+ if (($DATA[13] > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0))
{
- $DATA[13] = MAKE_DATETIME($DATA[13] + $_CONFIG['profile_lock'], "0");
+ $DATA[13] = MAKE_DATETIME($DATA[13] + getConfig('profile_lock'), "0");
// You cannot change your account
LOAD_TEMPLATE("member_mydata_locked");
}
default: // Default is the US date format... :)
break;
}
+
define('DOB', $DOB);
define('MAX_REC_LIST', ADD_MAX_RECEIVE_LIST("member", $DATA[11], true));
- if (EXT_IS_ACTIVE("country"))
- {
+ if (EXT_IS_ACTIVE("country")) {
// Generate selection box
$OUT = "<SELECT name=\"country_code\" class=\"member_select\" size=\"1\">\n";
$whereStatement = "WHERE is_active='Y'";
$OUT .= ADD_OPTION_LINES("countries", "id", "descr", $DATA[3], "code", $whereStatement);
$OUT .= "</SELECT>";
define('__COUNTRY_CONTENT', $OUT);
- }
- else
- {
+ } else {
// Ouput default input box
define('__COUNTRY_CONTENT', "<INPUT type=\"text\" name=\"cntry\" class=\"member_normal\" size=\"2\" maxlength=\"3\" value=\"".$DATA[3]."\">");
}
case "save": // Save entered data
// Load old email / password: 0 1 2
- $result = SQL_QUERY_ESC("SELECT email, password, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT email, password, last_update FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
array(UID_VALUE), __FILE__, __LINE__);
$DATA = SQL_FETCHROW($result);
SQL_FREERESULT($result);
- $DATA[3] = $DATA[2] + $_CONFIG['profile_lock'];
+ $DATA[3] = $DATA[2] + getConfig('profile_lock');
// How far is last change on his profile away from now?
- if (($DATA[3] > time()) && (!IS_ADMIN()) && ($_CONFIG['profile_lock'] > 0))
- {
- $DATA[3] = MAKE_DATETIME($DATA[3] + $_CONFIG['profile_lock'], "0");
+ if (($DATA[3] > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) {
+ $DATA[3] = MAKE_DATETIME($DATA[3] + getConfig('profile_lock'), "0");
// You cannot change your account
LOAD_TEMPLATE("member_mydata_locked");
- }
- elseif (!VALIDATE_EMAIL($_POST['addy']))
- {
+ } elseif (!VALIDATE_EMAIL($_POST['addy'])) {
// Invalid email address!
LOAD_TEMPLATE("admin_settings_saved", false, INVALID_EMAIL_ADDRESS_ENTERED);
- }
- else
- {
- // Secure every submitted variable
- foreach ($_POST as $key => $value)
- {
- $_POST[$key] = addslashes($value);
- }
-
+ } else {
+ // Generate hash
$hash = generateHash($_POST['pass1'], substr($DATA[1], 0, -40));
if ((($hash == $DATA[1]) || ($_POST['pass1'] == $_POST['pass2'])) && (!empty($_POST['pass1'])))
{
if (EXT_IS_ACTIVE("country"))
{
// New way
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET
+ SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET
gender='%s', surname='%s', family='%s',
street_nr='%s',
country_code=%s, zip=%s, city='%s',
else
{
// Old way
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET
+ SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET
gender='%s', surname='%s', family='%s',
street_nr='%s',
country='%s', zip=%s, city='%s',
break;
case "notify": // Switch off notfication
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET notified='N', last_update=UNIX_TIMESTAMP() WHERE userid=%s LIMIT 1",
+ SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET notified='N', last_update=UNIX_TIMESTAMP() WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
$URL = URL."/modules.php?module=login&what=welcome&msg=".urlencode(PROFILE_UPDATED);
break;