X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fmember%2Fwhat-mydata.php;h=07603834339cd12041d411bb2b255283e37d19c0;hp=efa643a7a62225c1b54a0f3975b61e288965ce4f;hb=116f17077ae6fa32c7373ccd6aaf94044bb6c276;hpb=7f104f6fe558bb56b4205241435a2357c2feece1 diff --git a/inc/modules/member/what-mydata.php b/inc/modules/member/what-mydata.php index efa643a7a6..0760383433 100644 --- a/inc/modules/member/what-mydata.php +++ b/inc/modules/member/what-mydata.php @@ -10,7 +10,12 @@ * -------------------------------------------------------------------- * * Kurzbeschreibung : Mitglieder koennen hier ihre Profildaten aendern * * -------------------------------------------------------------------- * - * * + * $Revision:: $ * + * $Date:: $ * + * $Tag:: 0.2.1-FINAL $ * + * $Author:: $ * + * Needs to be in all Files and every File needs "svn propset * + * svn:keywords Date Revision" (autoprobset!) at least!!!!!! * * -------------------------------------------------------------------- * * Copyright (c) 2003 - 2008 by Roland Haeder * * For more information visit: http://www.mxchange.org * @@ -33,215 +38,191 @@ // Some security stuff... if (!defined('__SECURITY')) { - $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; + $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php'; require($INC); } elseif (!IS_MEMBER()) { - LOAD_URL("modules.php?module=index"); -} elseif (!EXT_IS_ACTIVE("mydata")) { - ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "mydata"); + redirectToUrl('modules.php?module=index'); +} elseif ((!EXT_IS_ACTIVE('mydata')) && (!IS_ADMIN())) { + addFatalMessage(__FILE__, __LINE__, sprintf(getMessage('EXTENSION_PROBLEM_EXT_INACTIVE'), 'mydata')); return; } // Add description as navigation point -ADD_DESCR("member", basename(__FILE__)); +ADD_DESCR('member', __FILE__); -define('UID_VALUE', $GLOBALS['userid']); $URL = ""; +define('UID_VALUE', getUserId()); $URL = ''; // Detect what the member wants to do -$MODE = "show"; // Show his data -if (!empty($_POST['save'])) $MODE = "save"; // Save entered data -if (isset($_POST['edit'])) $MODE = "edit"; // Edit data -if (!empty($_POST['notify'])) $MODE = "notify"; // Switch off notification +$mode = 'show'; // Show his data +if (REQUEST_ISSET_POST(('save'))) $mode = 'save'; // Save entered data +if (REQUEST_ISSET_POST('edit')) $mode = 'edit'; // Edit data +if (REQUEST_ISSET_POST(('notify'))) $mode = 'notify'; // Switch off notification -switch ($MODE) +switch ($mode) { -case "show": // Show his data - if (EXT_IS_ACTIVE("country", true)) - { +case 'show': // Show his data + if (EXT_IS_ACTIVE('country', true)) { // New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13 - $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", - array(UID_VALUE), __FILE__, __LINE__); - } - else - { + $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", + array(getUserId()), __FILE__, __LINE__); + } else { // Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13 - $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", - array(UID_VALUE), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", + array(getUserId()), __FILE__, __LINE__); } $DATA = SQL_FETCHROW($result); SQL_FREERESULT($result); // Translate / add some things - $DATA[10] = TRANSLATE_GENDER($DATA[10]); - $DATA[13] = MAKE_DATETIME($DATA[13], "0"); + $DATA[10] = translateGender($DATA[10]); + $DATA[13] = generateDateTime($DATA[13], '0'); // How far is last change on his profile away from now? - if ((($DATA[13] + $_CONFIG['profile_lock']) > time()) && (!IS_ADMIN()) && ($_CONFIG['profile_lock'] > 0)) - { + if ((($DATA[13] + getConfig('profile_lock')) > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) { // You cannot change your account - define('CHANGE', "".MEMBER_PROFILE_LOCKED_1.MAKE_DATETIME($DATA[13] + $_CONFIG['profile_lock'], "0").MEMBER_PROFILE_LOCKED_2.""); - } - else - { + define('CHANGE', "
".sprintf(getMessage('MEMBER_PROFILE_LOCKED'), generateDateTime($DATA[13] + getConfig('profile_lock'), '0'))."
"); + } else { // He is allowed to change his profile define('CHANGE', LOAD_TEMPLATE("member_mydata_button", true)); } - if (strlen($DATA[7]) == 1) $DATA[7] = "0".$DATA[7]; - if (strlen($DATA[8]) == 1) $DATA[8] = "0".$DATA[8]; - switch (GET_LANGUAGE()) - { - case "de": define('DOB', $DATA[7].".".$DATA[8].".".$DATA[9]); break; - default : define('DOB', $DATA[8]."-".$DATA[7]."-".$DATA[9]); break; + + if (strlen($DATA[7]) == 1) $DATA[7] = '0'.$DATA[7]; + if (strlen($DATA[8]) == 1) $DATA[8] = '0'.$DATA[8]; + + switch (getLanguage()) { + case 'de': define('DOB', $DATA[7].'.'.$DATA[8].'.'.$DATA[9]); break; + default : define('DOB', $DATA[8].'-'.$DATA[7].'-'.$DATA[9]); break; } - if (EXT_IS_ACTIVE("country")) - { + if (EXT_IS_ACTIVE('country')) { // Load country's description and code $DATA[3] = COUNTRY_GENERATE_INFO($DATA[3]); } // Load template - LOAD_TEMPLATE("member_mydata_overview"); + LOAD_TEMPLATE('member_mydata_overview'); break; -case "edit": // Edit data - if (EXT_IS_ACTIVE("country", true)) { +case 'edit': // Edit data + if (EXT_IS_ACTIVE('country', true)) { // New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13 $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update -FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", - array(UID_VALUE), __FILE__, __LINE__); +FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", + array(constant('UID_VALUE')), __FILE__, __LINE__); } else { // Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13 $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update -FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", - array(UID_VALUE), __FILE__, __LINE__); +FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", + array(constant('UID_VALUE')), __FILE__, __LINE__); } $DATA = SQL_FETCHROW($result); SQL_FREERESULT($result); - $DATA[13] = $DATA[12] + $_CONFIG['profile_lock']; + $DATA[13] = $DATA[12] + getConfig('profile_lock'); // How far is last change on his profile away from now? - if (($DATA[13] > time()) && (!IS_ADMIN()) && ($_CONFIG['profile_lock'] > 0)) - { - $DATA[13] = MAKE_DATETIME($DATA[13] + $_CONFIG['profile_lock'], "0"); + if (($DATA[13] > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) { + $DATA[13] = generateDateTime($DATA[13] + getConfig('profile_lock'), '0'); // You cannot change your account - LOAD_TEMPLATE("member_mydata_locked"); - } - else - { + LOAD_TEMPLATE('member_mydata_locked'); + } else { // He is allowed to change his profile switch ($DATA[10]) { - case "M": - define('M_DEFAULT', " selected=\"selected\""); - define('F_DEFAULT', ""); - define('C_DEFAULT', ""); + case 'M': + define('M_DEFAULT', ' selected="selected"'); + define('F_DEFAULT', ''); + define('C_DEFAULT', ''); break; - case "F": - define('M_DEFAULT', ""); - define('F_DEFAULT', " selected=\"selected\""); - define('C_DEFAULT', ""); + case 'F': + define('M_DEFAULT', ''); + define('F_DEFAULT', ' selected="selected"'); + define('C_DEFAULT', ''); break; - case "C": - define('M_DEFAULT', ""); - define('F_DEFAULT', ""); - define('C_DEFAULT', " selected=\"selected\""); + case 'C': + define('M_DEFAULT', ''); + define('F_DEFAULT', ''); + define('C_DEFAULT', ' selected="selected"'); break; } - $DOB = ""; - switch (GET_LANGUAGE()) + $DOB = ''; + switch (getLanguage()) { - case "de": // German date format + case 'de': // German date format // Day - $DOB .= ADD_SELECTION("day", $DATA[7]); + $DOB .= ADD_SELECTION('day', $DATA[7]); // Month - $DOB .= ADD_SELECTION("month", $DATA[8]); + $DOB .= ADD_SELECTION('month', $DATA[8]); // Year - $DOB .= ADD_SELECTION("year", $DATA[9]); + $DOB .= ADD_SELECTION('year', $DATA[9]); break; default: // Default is the US date format... :) break; } + define('DOB', $DOB); - define('MAX_REC_LIST', ADD_MAX_RECEIVE_LIST("member", $DATA[11], true)); + define('MAX_REC_LIST', addMaxReceiveList('member', $DATA[11], true)); - if (EXT_IS_ACTIVE("country")) - { + if (EXT_IS_ACTIVE('country')) { // Generate selection box - $OUT = "\n"; $whereStatement = "WHERE is_active='Y'"; - if (IS_ADMIN()) $whereStatement = ""; - $OUT .= ADD_OPTION_LINES("countries", "id", "descr", $DATA[3], "code", $whereStatement); - $OUT .= ""; + if (IS_ADMIN()) $whereStatement = ''; + $OUT .= generateOptionList("countries", "id", "descr", $DATA[3], "code", $whereStatement); + $OUT .= ""; define('__COUNTRY_CONTENT', $OUT); - } - else - { + } else { // Ouput default input box - define('__COUNTRY_CONTENT', ""); + define('__COUNTRY_CONTENT', ""); } // Load template - LOAD_TEMPLATE("member_mydata_edit"); + LOAD_TEMPLATE('member_mydata_edit'); } break; -case "save": // Save entered data +case 'save': // Save entered data // Load old email / password: 0 1 2 - $result = SQL_QUERY_ESC("SELECT email, password, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", - array(UID_VALUE), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT email, password, last_update FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", + array(getUserId()), __FILE__, __LINE__); $DATA = SQL_FETCHROW($result); SQL_FREERESULT($result); - $DATA[3] = $DATA[2] + $_CONFIG['profile_lock']; + $DATA[3] = $DATA[2] + getConfig('profile_lock'); // How far is last change on his profile away from now? - if (($DATA[3] > time()) && (!IS_ADMIN()) && ($_CONFIG['profile_lock'] > 0)) - { - $DATA[3] = MAKE_DATETIME($DATA[3] + $_CONFIG['profile_lock'], "0"); + if (($DATA[3] > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) { + $DATA[3] = generateDateTime($DATA[3] + getConfig('profile_lock'), '0'); // You cannot change your account LOAD_TEMPLATE("member_mydata_locked"); - } - elseif (!VALIDATE_EMAIL($_POST['addy'])) - { + } elseif (!isEmailValid(REQUEST_POST('addy'))) { // Invalid email address! - LOAD_TEMPLATE("admin_settings_saved", false, INVALID_EMAIL_ADDRESS_ENTERED); - } - else - { - // Secure every submitted variable - foreach ($_POST as $key => $value) - { - $_POST[$key] = addslashes($value); - } - - $hash = generateHash($_POST['pass1'], substr($DATA[1], 0, -40)); - if ((($hash == $DATA[1]) || ($_POST['pass1'] == $_POST['pass2'])) && (!empty($_POST['pass1']))) - { + LOAD_TEMPLATE('admin_settings_saved', false, getMessage('INVALID_EMAIL_ADDRESS_ENTERED')); + } else { + // Generate hash + $hash = generateHash(REQUEST_POST('pass1'), substr($DATA[1], 0, -40)); + if ((($hash == $DATA[1]) || (REQUEST_POST('pass1') == REQUEST_POST('pass2'))) && (REQUEST_ISSET_POST(('pass1')))) { // Only on simple changes normal mode is active = no email or password changed - $MODE = "normal"; $AND = ""; + $mode = 'normal'; $AND = ''; // Did the user changed the password? - if ($hash != $DATA[1]) { $AND = ", password='".$hash."'"; $MODE = "pass"; } + if ($hash != $DATA[1]) { $AND = ", password='".$hash."'"; $mode = 'pass'; } // Or did he changed his password? - if ($_POST['addy'] != $DATA[0]) - { + if (REQUEST_POST('addy') != $DATA[0]) { // Jupp - if ($MODE == "normal") { $MODE = "email"; } else { $MODE .= ";email"; } - $_POST['old_addy'] = $DATA[0]; + if ($mode == 'normal') { $mode = 'email'; } else { $mode .= ";email"; } + REQUEST_SET_POST('old_addy', $DATA[0]); } // Update member's profile - if (EXT_IS_ACTIVE("country")) - { + if (EXT_IS_ACTIVE('country')) { // New way - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET gender='%s', surname='%s', family='%s', street_nr='%s', country_code=%s, zip=%s, city='%s', @@ -253,26 +234,24 @@ notified='N', last_profile_sent=UNIX_TIMESTAMP() WHERE userid=%s AND password='%s' LIMIT 1", array( - $_POST['gender'], - $_POST['surname'], - $_POST['family_name'], - $_POST['street_nr'], - bigintval($_POST['country_code']), - bigintval($_POST['zip']), - $_POST['city'], - $_POST['addy'], - bigintval($_POST['day']), - bigintval($_POST['month']), - bigintval($_POST['year']), - bigintval($_POST['max_mails']), + REQUEST_POST('gender'), + REQUEST_POST('surname'), + REQUEST_POST('family'), + REQUEST_POST('street_nr'), + bigintval(REQUEST_POST('country_code')), + bigintval(REQUEST_POST('zip')), + REQUEST_POST('city'), + REQUEST_POST('addy'), + bigintval(REQUEST_POST('day')), + bigintval(REQUEST_POST('month')), + bigintval(REQUEST_POST('year')), + bigintval(REQUEST_POST('max_mails')), UID_VALUE, - get_session('u_hash') + getSession('u_hash') ), __FILE__, __LINE__); - } - else - { + } else { // Old way - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET gender='%s', surname='%s', family='%s', street_nr='%s', country='%s', zip=%s, city='%s', @@ -284,47 +263,45 @@ notified='N', last_profile_sent=UNIX_TIMESTAMP() WHERE userid=%s AND password='%s' LIMIT 1", array( - $_POST['gender'], - $_POST['surname'], - $_POST['family_name'], - $_POST['street_nr'], - $_POST['cntry'], - bigintval($_POST['zip']), - $_POST['city'], - $_POST['addy'], - bigintval($_POST['day']), - bigintval($_POST['month']), - bigintval($_POST['year']), - bigintval($_POST['max_mails']), + REQUEST_POST('gender'), + REQUEST_POST('surname'), + REQUEST_POST('family'), + REQUEST_POST('street_nr'), + REQUEST_POST('cntry'), + bigintval(REQUEST_POST('zip')), + REQUEST_POST('city'), + REQUEST_POST('addy'), + bigintval(REQUEST_POST('day')), + bigintval(REQUEST_POST('month')), + bigintval(REQUEST_POST('year')), + bigintval(REQUEST_POST('max_mails')), UID_VALUE, - get_session('u_hash') + getSession('u_hash') ), __FILE__, __LINE__); } // Get all modes ... - $modes = explode(";", $MODE); + $modes = explode(';', $mode); // ... and run them through - SEND_MODE_MAILS ("mydata", $modes); - } - else - { + sendModeMails ('mydata', $modes); + } else { // Entered wrong pass for updating profile - LOAD_TEMPLATE("admin_settings_saved", false, MEBER_UPDATE_PWD_WRONG); + LOAD_TEMPLATE('admin_settings_saved', false, getMessage('MEBER_UPDATE_PWD_WRONG')); } } break; -case "notify": // Switch off notfication - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET notified='N', last_update=UNIX_TIMESTAMP() WHERE userid=%s LIMIT 1", - array($GLOBALS['userid']), __FILE__, __LINE__); - $URL = URL."/modules.php?module=login&what=welcome&msg=".urlencode(PROFILE_UPDATED); +case 'notify': // Switch off notfication + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET notified='N', last_update=UNIX_TIMESTAMP() WHERE userid=%s LIMIT 1", + array(getUserId()), __FILE__, __LINE__); + $URL = 'modules.php?module=login&what=welcome&msg=' . urlencode(getMessage('PROFILE_UPDATED')); break; } if (!empty($URL)) { // Load generated URL - LOAD_URL($URL); + redirectToUrl($URL); } //