X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fmember%2Fwhat-mydata.php;h=37015ef26a2e695cd7923a0a8cba3a40dacb97a9;hp=1c51e6e49a5e09a76c7626f139d151da3911918d;hb=357b2ca133fc1f89db74097955c366cb4bee6996;hpb=75ad748a68473ace540251427a74fb781b1145e9
diff --git a/inc/modules/member/what-mydata.php b/inc/modules/member/what-mydata.php
index 1c51e6e49a..37015ef26a 100644
--- a/inc/modules/member/what-mydata.php
+++ b/inc/modules/member/what-mydata.php
@@ -32,25 +32,19 @@
************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (!defined('__SECURITY')) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
-}
- elseif (!IS_LOGGED_IN())
-{
- LOAD_URL(URL."/modules.php?module=index");
-}
- elseif ((!EXT_IS_ACTIVE("mydata")) && (!IS_ADMIN()))
-{
+} elseif (!IS_MEMBER()) {
+ LOAD_URL("modules.php?module=index");
+} elseif (!EXT_IS_ACTIVE("mydata")) {
ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "mydata");
return;
}
// Add description as navigation point
-ADD_DESCR("member", basename(__FILE__));
+ADD_DESCR("member", __FILE__);
-OPEN_TABLE("100%", "member_content member_content_align", "");
define('UID_VALUE', $GLOBALS['userid']); $URL = "";
// Detect what the member wants to do
@@ -65,27 +59,27 @@ case "show": // Show his data
if (EXT_IS_ACTIVE("country", true))
{
// New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
- $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, sex, max_mails, receive_mails, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array(UID_VALUE), __FILE__, __LINE__);
}
else
{
// Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
- $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, sex, max_mails, receive_mails, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array(UID_VALUE), __FILE__, __LINE__);
}
$DATA = SQL_FETCHROW($result);
SQL_FREERESULT($result);
// Translate / add some things
- $DATA[10] = TRANSLATE_SEX($DATA[10]);
+ $DATA[10] = TRANSLATE_GENDER($DATA[10]);
$DATA[13] = MAKE_DATETIME($DATA[13], "0");
// How far is last change on his profile away from now?
- if ((($DATA[13] + $CONFIG['profile_lock']) > time()) && (!IS_ADMIN()) && ($CONFIG['profile_lock'] > 0))
+ if ((($DATA[13] + $_CONFIG['profile_lock']) > time()) && (!IS_ADMIN()) && ($_CONFIG['profile_lock'] > 0))
{
// You cannot change your account
- define('CHANGE', "".MEMBER_PROFILE_LOCKED_1.MAKE_DATETIME($DATA[13] + $CONFIG['profile_lock'], "0").MEMBER_PROFILE_LOCKED_2."");
+ define('CHANGE', "".MEMBER_PROFILE_LOCKED_1.MAKE_DATETIME($DATA[13] + $_CONFIG['profile_lock'], "0").MEMBER_PROFILE_LOCKED_2."");
}
else
{
@@ -96,8 +90,8 @@ case "show": // Show his data
if (strlen($DATA[8]) == 1) $DATA[8] = "0".$DATA[8];
switch (GET_LANGUAGE())
{
- case "de": define ('DOB', $DATA[7].".".$DATA[8].".".$DATA[9]); break;
- default : define ('DOB', $DATA[8]."-".$DATA[7]."-".$DATA[9]); break;
+ case "de": define('DOB', $DATA[7].".".$DATA[8].".".$DATA[9]); break;
+ default : define('DOB', $DATA[8]."-".$DATA[7]."-".$DATA[9]); break;
}
if (EXT_IS_ACTIVE("country"))
@@ -111,29 +105,26 @@ case "show": // Show his data
break;
case "edit": // Edit data
- if (EXT_IS_ACTIVE("country", true))
- {
+ if (EXT_IS_ACTIVE("country", true)) {
// New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
- $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, sex, max_mails, receive_mails, last_update
-FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update
+FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array(UID_VALUE), __FILE__, __LINE__);
- }
- else
- {
+ } else {
// Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
- $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, sex, max_mails, receive_mails, last_update
-FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update
+FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array(UID_VALUE), __FILE__, __LINE__);
}
$DATA = SQL_FETCHROW($result);
SQL_FREERESULT($result);
- $DATA[13] = $DATA[12] + $CONFIG['profile_lock'];
+ $DATA[13] = $DATA[12] + $_CONFIG['profile_lock'];
// How far is last change on his profile away from now?
- if (($DATA[13] > time()) && (!IS_ADMIN()) && ($CONFIG['profile_lock'] > 0))
+ if (($DATA[13] > time()) && (!IS_ADMIN()) && ($_CONFIG['profile_lock'] > 0))
{
- $DATA[13] = MAKE_DATETIME($DATA[13] + $CONFIG['profile_lock'], "0");
+ $DATA[13] = MAKE_DATETIME($DATA[13] + $_CONFIG['profile_lock'], "0");
// You cannot change your account
LOAD_TEMPLATE("member_mydata_locked");
}
@@ -184,9 +175,9 @@ FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
{
// Generate selection box
$OUT = "";
define('__COUNTRY_CONTENT', $OUT);
}
@@ -203,16 +194,16 @@ FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
case "save": // Save entered data
// Load old email / password: 0 1 2
- $result = SQL_QUERY_ESC("SELECT email, password, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT email, password, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array(UID_VALUE), __FILE__, __LINE__);
$DATA = SQL_FETCHROW($result);
SQL_FREERESULT($result);
- $DATA[3] = $DATA[2] + $CONFIG['profile_lock'];
+ $DATA[3] = $DATA[2] + $_CONFIG['profile_lock'];
// How far is last change on his profile away from now?
- if (($DATA[3] > time()) && (!IS_ADMIN()) && ($CONFIG['profile_lock'] > 0))
+ if (($DATA[3] > time()) && (!IS_ADMIN()) && ($_CONFIG['profile_lock'] > 0))
{
- $DATA[3] = MAKE_DATETIME($DATA[3] + $CONFIG['profile_lock'], "0");
+ $DATA[3] = MAKE_DATETIME($DATA[3] + $_CONFIG['profile_lock'], "0");
// You cannot change your account
LOAD_TEMPLATE("member_mydata_locked");
}
@@ -224,7 +215,7 @@ case "save": // Save entered data
else
{
// Secure every submitted variable
- foreach ($_POST as $key=>$value)
+ foreach ($_POST as $key => $value)
{
$_POST[$key] = addslashes($value);
}
@@ -251,62 +242,62 @@ case "save": // Save entered data
{
// New way
$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET
-sex='%s', surname='%s', family='%s',
+gender='%s', surname='%s', family='%s',
street_nr='%s',
-country_code=%d, zip=%d, city='%s',
+country_code=%s, zip=%s, city='%s',
email='%s',
-birth_day=%d, birth_month=%d, birth_year=%d,
-max_mails=%d,
+birth_day=%s, birth_month=%s, birth_year=%s,
+max_mails=%s,
last_update=UNIX_TIMESTAMP()".$AND.",
notified='N',
last_profile_sent=UNIX_TIMESTAMP()
-WHERE userid=%d AND password='%s' LIMIT 1",
- array(
- $_POST['sex'],
- $_POST['surname'],
- $_POST['family_name'],
- $_POST['street_nr'],
- bigintval($_POST['country_code']),
- bigintval($_POST['zip']),
- $_POST['city'],
- $_POST['addy'],
- bigintval($_POST['day']),
- bigintval($_POST['month']),
- bigintval($_POST['year']),
- bigintval($_POST['max_mails']),
- UID_VALUE,
- $_COOKIE['u_hash']
+WHERE userid=%s AND password='%s' LIMIT 1",
+array(
+ $_POST['gender'],
+ $_POST['surname'],
+ $_POST['family_name'],
+ $_POST['street_nr'],
+ bigintval($_POST['country_code']),
+ bigintval($_POST['zip']),
+ $_POST['city'],
+ $_POST['addy'],
+ bigintval($_POST['day']),
+ bigintval($_POST['month']),
+ bigintval($_POST['year']),
+ bigintval($_POST['max_mails']),
+ UID_VALUE,
+ get_session('u_hash')
), __FILE__, __LINE__);
}
else
{
// Old way
$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET
-sex='%s', surname='%s', family='%s',
+gender='%s', surname='%s', family='%s',
street_nr='%s',
-country='%s', zip=%d, city='%s',
+country='%s', zip=%s, city='%s',
email='%s',
-birth_day=%d, birth_month=%d, birth_year=%d,
+birth_day=%s, birth_month=%s, birth_year=%s,
max_mails='%s',
last_update=UNIX_TIMESTAMP()".$AND.",
notified='N',
last_profile_sent=UNIX_TIMESTAMP()
-WHERE userid=%d AND password='%s' LIMIT 1",
- array(
- $_POST['sex'],
- $_POST['surname'],
- $_POST['family_name'],
- $_POST['street_nr'],
- $_POST['cntry'],
- bigintval($_POST['zip']),
- $_POST['city'],
- $_POST['addy'],
- bigintval($_POST['day']),
- bigintval($_POST['month']),
- bigintval($_POST['year']),
- bigintval($_POST['max_mails']),
- UID_VALUE,
- $_COOKIE['u_hash']
+WHERE userid=%s AND password='%s' LIMIT 1",
+array(
+ $_POST['gender'],
+ $_POST['surname'],
+ $_POST['family_name'],
+ $_POST['street_nr'],
+ $_POST['cntry'],
+ bigintval($_POST['zip']),
+ $_POST['city'],
+ $_POST['addy'],
+ bigintval($_POST['day']),
+ bigintval($_POST['month']),
+ bigintval($_POST['year']),
+ bigintval($_POST['max_mails']),
+ UID_VALUE,
+ get_session('u_hash')
), __FILE__, __LINE__);
}
@@ -325,17 +316,16 @@ WHERE userid=%d AND password='%s' LIMIT 1",
break;
case "notify": // Switch off notfication
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET notified='N', last_update=UNIX_TIMESTAMP() WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET notified='N', last_update=UNIX_TIMESTAMP() WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
$URL = URL."/modules.php?module=login&what=welcome&msg=".urlencode(PROFILE_UPDATED);
break;
}
-CLOSE_TABLE();
-if (!empty($URL))
-{
+if (!empty($URL)) {
// Load generated URL
LOAD_URL($URL);
}
+
//
?>