X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-edit_user.php;h=1288289943c50d535668c31e6dd8e84df7677040;hp=882d71394adc27388c3b6b6d10a415aaea4eeda9;hb=c2e17d983fcbc0c3bd1dd37908d87c678f0367df;hpb=963e55ca1ea79e255f235e359cde9f7862191dc5

diff --git a/inc/modules/admin/what-edit_user.php b/inc/modules/admin/what-edit_user.php
index 882d71394a..1288289943 100644
--- a/inc/modules/admin/what-edit_user.php
+++ b/inc/modules/admin/what-edit_user.php
@@ -10,9 +10,16 @@
  * -------------------------------------------------------------------- *
  * Kurzbeschreibung  : Mitgliederprofile aendern                        *
  * -------------------------------------------------------------------- *
- *                                                                      *
+ * $Revision::                                                        $ *
+ * $Date::                                                            $ *
+ * $Tag:: 0.2.1-FINAL                                                 $ *
+ * $Author::                                                          $ *
+ * Needs to be in all Files and every File needs "svn propset           *
+ * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
+ * -------------------------------------------------------------------- *
+ * @TODO Add support for ext-country                                    *
  * -------------------------------------------------------------------- *
- * Copyright (c) 2003 - 2008 by Roland Haeder                           *
+ * Copyright (c) 2003 - 2009 by Roland Haeder                           *
  * For more information visit: http://www.mxchange.org                  *
  *                                                                      *
  * This program is free software; you can redistribute it and/or modify *
@@ -32,122 +39,103 @@
  ************************************************************************/
 
 // Some security stuff...
-if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
-	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
-	require($INC);
-}
+if ((!defined('__SECURITY')) || (!isAdmin())) {
+	die();
+} // END - if
 
 // Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+addMenuDescription('admin', __FILE__);
 
 // Fix a notice
 $result_main = false;
-if (isset($_GET['u_id'])) {
-	//                                    0      1        2         3      4     5      6       7         8          9           10         11
-	$result_main = SQL_QUERY_ESC("SELECT gender, surname, family, street_nr, zip, city, country, email, birth_day, birth_month, birth_year, max_mails FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
-	 array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
-}
+if (isGetRequestElementSet('userid')) {
+	// Load user entry
+	$result_main = SQL_QUERY_ESC("SELECT
+	`userid`, `gender`, `surname`, `family`, `street_nr`, `zip`, `city`, `country`,
+	`email`,
+	`birth_day`, `birth_month`, `birth_year`,
+	`max_mails`
+FROM
+	`{?_MYSQL_PREFIX?}_user_data`
+WHERE
+	`userid`=%s
+LIMIT 1",
+		array(
+			bigintval(getRequestElement('userid'))
+		), __FILE__, __LINE__);
+} // END - if
 
-if ((SQL_NUMROWS($result_main) == 1) || (empty($_GET['u_id'])))
-{
+if ((SQL_NUMROWS($result_main) == 1) || (!isGetRequestElementSet('userid'))) {
 	// User found
-	if (empty($_GET['u_id']))
-	{
+	if (!isGetRequestElementSet('userid')) {
 		// Output selection form with all confirmed user accounts listed
-		ADD_MEMBER_SELECTION_BOX();
-	}
-	 elseif (isset($_POST['edit']))
-	{
+		addMemberSelectionBox();
+	} elseif (isPostRequestElementSet('edit')) {
 		// Ok, change the account...
-		$PASS = false; $ADD = "";
-		if ((empty($_POST['pass1'])) && (empty($_POST['pass2'])))
-		{
+		$updateUser = false; $add = '';
+		if ((!isPostRequestElementSet('pass1')) && (!isPostRequestElementSet('pass2'))) {
 			// Don't change the password
-			$PASS = true;
-		}
-		 elseif (($_POST['pass1'] == $_POST['pass2']))
-		{
+			$updateUser = true;
+		} elseif ((postRequestElement('pass1') == postRequestElement('pass2'))) {
 			// Change the password
-			$PASS = true;
-			$ADD = ", password='".generateHash($_POST['pass1'])."'";
+			$updateUser = true;
+			$add = ", `password`='" . generateHash(postRequestElement('pass1')) . "'";
 		}
-		if ($PASS)
-		{
+
+		if ($updateUser === true) {
 			// We have to add the following things: birthday and max receive mails
-			$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET
-gender='%s',
-surname='%s',
-family='%s',
-street_nr='%s',
-country='%s',
-zip=%s,
-city='%s',
-email='%s'
-".$ADD."
-WHERE userid=%s LIMIT 1",
- array(
-	substr($_POST['gender'], 0, 1),
-	$_POST['surname'],
-	$_POST['family_name'],
-	$_POST['street_nr'],
-	$_POST['country'],
-	bigintval($_POST['zip']),
-	$_POST['city'],
-	$_POST['email'],
-	bigintval($_GET['u_id']),
-), __FILE__, __LINE__);
-			$content = USER_ACCOUNT_SAVED;
-		}
-		 else
-		{
+			SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET
+`gender`='%s',
+`surname`='%s',
+`family`='%s',
+`street_nr`='%s',
+`country`='%s',
+`zip`=%s,
+`city`='%s',
+`email`='%s'
+".$add."
+WHERE `userid`=%s LIMIT 1",
+			array(
+				substr(postRequestElement('gender'), 0, 1),
+				postRequestElement('surname'),
+				postRequestElement('family'),
+				postRequestElement('street_nr'),
+				postRequestElement('country'),
+				bigintval(postRequestElement('zip')),
+				postRequestElement('city'),
+				postRequestElement('email'),
+				bigintval(getRequestElement('userid')),
+			), __FILE__, __LINE__);
+			$content = getMessage('USER_ACCOUNT_SAVED');
+		} else {
 			// Problem while saving data
-			$content = USER_ACCOUNT_NOT_SAVED;
+			$content = getMessage('USER_ACCOUNT_NOT_SAVED');
 		}
 
 		// Load template
-		LOAD_TEMPLATE("admin_settings_saved", false, $content);
-	}
-	 else
-	{
-		// Display form to edit
-		list($gender, $surname, $family, $street, $zip, $city, $country, $email, $bday, $bmonth, $byear, $max) = SQL_FETCHROW($result_main);
-		SQL_FREERESULT($result_main);
+		loadTemplate('admin_settings_saved', false, $content);
+	} else {
+		// Load entry
+		$content = SQL_FETCHARRAY($result_main);
 
-		// Transfer data to constants for the template
-		switch ($gender)
-		{
-		case "M":
-			define('_GENDER_M', " selected=\"selected\"");
-			define('_GENDER_F', "");
-			define('_GENDER_C', "");
-			break;
+		// Init entries
+		foreach (array('gender_m','gender_f','gender_c') as $entry) {
+			$content[$entry] = '';
+		} // END - foreach
 
-		case "F":
-			define('_GENDER_M', "");
-			define('_GENDER_F', " selected=\"selected\"");
-			define('_GENDER_C', "");
-			break;
-
-		case "C":
-			define('_GENDER_M', "");
-			define('_GENDER_F', "");
-			define('_GENDER_C', " selected=\"selected\"");
-			break;
-		}
-
-		define('_SURNAME', $surname); define('_FAMILY', $family); define('_CITY'     , $city);
-		define('_STREET' , $street);  define('_ZIP'   , $zip);    define('_MAX_MAILS', $max);
-		define('_COUNTRY', $country); define('_EMAIL' , $email);
+		// Prepare selections
+		$content['gender_' . strtolower($content['gender'])] = ' selected="selected"';
 
 		// Load template
-		LOAD_TEMPLATE("admin_edit_user", false, bigintval($_GET['u_id']));
+		loadTemplate('admin_edit_user', false, $content);
 	}
-}
- else
-{
+} else {
 	// Account does not exists!
-	OUTPUT_HTML("<STRONG class=\"admin_failed\">".ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2."</STRONG>");
+	loadTemplate('admin_settings_saved', false, "<div class=\"admin_failed\">".sprintf(getMessage('ADMIN_MEMBER_404'), getRequestElement('userid'))."</div>");
 }
 
-//
+// Free the result
+SQL_FREERESULT($result_main);
+
+// [EOF]
 ?>