X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fmember%2Fwhat-mydata.php;h=8213cb1644315351f88206ce7a3596d2c4b446c6;hp=97554795d5aff43bbd8a228289c1a93cbd5ac813;hb=d0c792100bf4b67acd1824860204929c1540f6fb;hpb=43885129ac24cee5545a8a5ad51e90aa182fdf46

diff --git a/inc/modules/member/what-mydata.php b/inc/modules/member/what-mydata.php
index 97554795d5..8213cb1644 100644
--- a/inc/modules/member/what-mydata.php
+++ b/inc/modules/member/what-mydata.php
@@ -32,25 +32,19 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (!defined('__SECURITY')) {
 	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
 	require($INC);
-}
- elseif (!IS_LOGGED_IN())
-{
+} elseif (!IS_MEMBER()) {
 	LOAD_URL("modules.php?module=index");
-}
- elseif ((!EXT_IS_ACTIVE("mydata")) && (!IS_ADMIN()))
-{
+} elseif (!EXT_IS_ACTIVE("mydata")) {
 	ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "mydata");
 	return;
 }
 
 // Add description as navigation point
-ADD_DESCR("member", basename(__FILE__));
+ADD_DESCR("member", __FILE__);
 
-OPEN_TABLE("100%", "member_content member_content_align", "");
 define('UID_VALUE', $GLOBALS['userid']); $URL = "";
 
 // Detect what the member wants to do
@@ -65,20 +59,20 @@ case "show": // Show his data
 	if (EXT_IS_ACTIVE("country", true))
 	{
 		// New way                         0        1         2          3         4     5     6        7           8            9       10      11           12           13
-		$result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, sex, max_mails, receive_mails, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+		$result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
 		 array(UID_VALUE), __FILE__, __LINE__);
 	}
 	 else
 	{
 		// Old way                         0        1         2        3      4     5     6        7           8            9       10      11           12           13
-		$result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, sex, max_mails, receive_mails, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+		$result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
 		 array(UID_VALUE), __FILE__, __LINE__);
 	}
 	$DATA = SQL_FETCHROW($result);
 	SQL_FREERESULT($result);
 
 	// Translate / add some things
-	$DATA[10] = TRANSLATE_SEX($DATA[10]);
+	$DATA[10] = TRANSLATE_GENDER($DATA[10]);
 	$DATA[13] = MAKE_DATETIME($DATA[13], "0");
 
 	// How far is last change on his profile away from now?
@@ -111,17 +105,14 @@ case "show": // Show his data
 	break;
 
 case "edit": // Edit data
-	if (EXT_IS_ACTIVE("country", true))
-	{
+	if (EXT_IS_ACTIVE("country", true)) {
 		// New way                         0        1         2          3         4     5     6        7           8            9       10      11           12           13
-		$result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, sex, max_mails, receive_mails, last_update
+		$result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update
 FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
 		 array(UID_VALUE), __FILE__, __LINE__);
-	}
-	 else
-	{
+	} else {
 		// Old way                         0        1         2        3      4     5     6        7           8            9       10      11           12           13
-		$result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, sex, max_mails, receive_mails, last_update
+		$result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update
 FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
 		 array(UID_VALUE), __FILE__, __LINE__);
 	}
@@ -177,11 +168,11 @@ FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
 		default: // Default is the US date format... :)
 			break;
 		}
+
 		define('DOB', $DOB);
 		define('MAX_REC_LIST', ADD_MAX_RECEIVE_LIST("member", $DATA[11], true));
 
-		if (EXT_IS_ACTIVE("country"))
-		{
+		if (EXT_IS_ACTIVE("country")) {
 			// Generate selection box
 			$OUT  = "<SELECT name=\"country_code\" class=\"member_select\" size=\"1\">\n";
 			$whereStatement = "WHERE is_active='Y'";
@@ -189,9 +180,7 @@ FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
 			$OUT .= ADD_OPTION_LINES("countries", "id", "descr", $DATA[3], "code", $whereStatement);
 			$OUT .= "</SELECT>";
 			define('__COUNTRY_CONTENT', $OUT);
-		}
-		 else
-		{
+		} else {
 			// Ouput default input box
 			define('__COUNTRY_CONTENT', "<INPUT type=\"text\" name=\"cntry\" class=\"member_normal\" size=\"2\" maxlength=\"3\" value=\"".$DATA[3]."\">");
 		}
@@ -210,25 +199,15 @@ case "save": // Save entered data
 	$DATA[3] = $DATA[2] + $_CONFIG['profile_lock'];
 
 	// How far is last change on his profile away from now?
-	if (($DATA[3] > time()) && (!IS_ADMIN()) && ($_CONFIG['profile_lock'] > 0))
-	{
+	if (($DATA[3] > time()) && (!IS_ADMIN()) && ($_CONFIG['profile_lock'] > 0)) {
 		$DATA[3] = MAKE_DATETIME($DATA[3] + $_CONFIG['profile_lock'], "0");
 		// You cannot change your account
 		LOAD_TEMPLATE("member_mydata_locked");
-	}
-	 elseif (!VALIDATE_EMAIL($_POST['addy']))
-	{
+	} elseif (!VALIDATE_EMAIL($_POST['addy'])) {
 		// Invalid email address!
 		LOAD_TEMPLATE("admin_settings_saved", false, INVALID_EMAIL_ADDRESS_ENTERED);
-	}
-	 else
-	{
-		// Secure every submitted variable
-		foreach ($_POST as $key=>$value)
-		{
-			$_POST[$key] = addslashes($value);
-		}
-
+	} else {
+		// Generate hash
 		$hash = generateHash($_POST['pass1'], substr($DATA[1], 0, -40));
 		if ((($hash == $DATA[1]) || ($_POST['pass1'] == $_POST['pass2'])) && (!empty($_POST['pass1'])))
 		{
@@ -251,7 +230,7 @@ case "save": // Save entered data
 			{
 				// New way
 				$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET
-sex='%s', surname='%s', family='%s',
+gender='%s', surname='%s', family='%s',
 street_nr='%s',
 country_code=%s, zip=%s, city='%s',
 email='%s',
@@ -262,7 +241,7 @@ notified='N',
 last_profile_sent=UNIX_TIMESTAMP()
 WHERE userid=%s AND password='%s' LIMIT 1",
 array(
- 	$_POST['sex'],
+ 	$_POST['gender'],
  	$_POST['surname'],
  	$_POST['family_name'],
  	$_POST['street_nr'],
@@ -282,7 +261,7 @@ array(
 			{
 				// Old way
 				$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET
-sex='%s', surname='%s', family='%s',
+gender='%s', surname='%s', family='%s',
 street_nr='%s',
 country='%s', zip=%s, city='%s',
 email='%s',
@@ -293,7 +272,7 @@ notified='N',
 last_profile_sent=UNIX_TIMESTAMP()
 WHERE userid=%s AND password='%s' LIMIT 1",
 array(
-	$_POST['sex'],
+	$_POST['gender'],
 	$_POST['surname'],
 	$_POST['family_name'],
 	$_POST['street_nr'],
@@ -330,12 +309,11 @@ case "notify": // Switch off notfication
 	$URL = URL."/modules.php?module=login&amp;what=welcome&msg=".urlencode(PROFILE_UPDATED);
 	break;
 }
-CLOSE_TABLE();
 
-if (!empty($URL))
-{
+if (!empty($URL)) {
 	// Load generated URL
 	LOAD_URL($URL);
 }
+
 //
 ?>