X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fmember%2Fwhat-mydata.php;h=d4768332ddb0b001a66cc2bb755536b4eed26138;hp=a9ce3466a403cad306656ff81342702329a4e9a3;hb=60c6d7a179157acd6e5f6df2ed8968980aebe193;hpb=7b0f17cd637e388049d2167811e4332cec1e979b
diff --git a/inc/modules/member/what-mydata.php b/inc/modules/member/what-mydata.php
index a9ce3466a4..d4768332dd 100644
--- a/inc/modules/member/what-mydata.php
+++ b/inc/modules/member/what-mydata.php
@@ -43,266 +43,284 @@ if (!defined('__SECURITY')) {
} elseif (!IS_MEMBER()) {
redirectToUrl('modules.php?module=index');
} elseif ((!EXT_IS_ACTIVE('mydata')) && (!IS_ADMIN())) {
- addFatalMessage(__FILE__, __LINE__, sprintf(getMessage('EXTENSION_PROBLEM_EXT_INACTIVE'), 'mydata'));
+ addFatalMessage(__FILE__, __LINE__, generateExtensionInactiveNotInstalledMessage('mydata'));
return;
}
// Add description as navigation point
ADD_DESCR('member', __FILE__);
-define('UID_VALUE', getUserId()); $URL = '';
+// @TODO Try to rewrite this constant
+define('UID_VALUE', getUserId());
+
+// Init variable to prevent notices
+$URL = '';
// Detect what the member wants to do
$mode = 'show'; // Show his data
-if (REQUEST_ISSET_POST(('save'))) $mode = 'save'; // Save entered data
-if (REQUEST_ISSET_POST('edit')) $mode = 'edit'; // Edit data
-if (REQUEST_ISSET_POST(('notify'))) $mode = 'notify'; // Switch off notification
-
-switch ($mode)
-{
-case 'show': // Show his data
- if (EXT_IS_ACTIVE('country', true)) {
- // New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
- $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
- array(getUserId()), __FILE__, __LINE__);
- } else {
- // Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
- $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
- array(getUserId()), __FILE__, __LINE__);
- }
- $DATA = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
-
- // Translate / add some things
- $DATA[10] = translateGender($DATA[10]);
- $DATA[13] = generateDateTime($DATA[13], '0');
-
- // How far is last change on his profile away from now?
- if ((($DATA[13] + getConfig('profile_lock')) > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) {
- // You cannot change your account
- define('CHANGE', "".sprintf(getMessage('MEMBER_PROFILE_LOCKED'), generateDateTime($DATA[13] + getConfig('profile_lock'), '0'))."
");
- } else {
- // He is allowed to change his profile
- define('CHANGE', LOAD_TEMPLATE("member_mydata_button", true));
- }
-
- if (strlen($DATA[7]) == 1) $DATA[7] = '0'.$DATA[7];
- if (strlen($DATA[8]) == 1) $DATA[8] = '0'.$DATA[8];
-
- switch (getLanguage()) {
- case 'de': define('DOB', $DATA[7].'.'.$DATA[8].'.'.$DATA[9]); break;
- default : define('DOB', $DATA[8].'-'.$DATA[7].'-'.$DATA[9]); break;
- }
-
- if (EXT_IS_ACTIVE('country')) {
- // Load country's description and code
- $DATA[3] = COUNTRY_GENERATE_INFO($DATA[3]);
- }
-
- // Load template
- LOAD_TEMPLATE('member_mydata_overview');
- break;
-
-case 'edit': // Edit data
- if (EXT_IS_ACTIVE('country', true)) {
- // New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
- $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update
-FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
- array(constant('UID_VALUE')), __FILE__, __LINE__);
- } else {
- // Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
- $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update
-FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
- array(constant('UID_VALUE')), __FILE__, __LINE__);
- }
-
- $DATA = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- $DATA[13] = $DATA[12] + getConfig('profile_lock');
-
- // How far is last change on his profile away from now?
- if (($DATA[13] > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) {
- $DATA[13] = generateDateTime($DATA[13] + getConfig('profile_lock'), '0');
- // You cannot change your account
- LOAD_TEMPLATE('member_mydata_locked');
- } else {
- // He is allowed to change his profile
- switch ($DATA[10])
- {
- case 'M':
- define('M_DEFAULT', ' selected="selected"');
- define('F_DEFAULT', '');
- define('C_DEFAULT', '');
- break;
-
- case 'F':
- define('M_DEFAULT', '');
- define('F_DEFAULT', ' selected="selected"');
- define('C_DEFAULT', '');
- break;
-
- case 'C':
- define('M_DEFAULT', '');
- define('F_DEFAULT', '');
- define('C_DEFAULT', ' selected="selected"');
- break;
+if (REQUEST_ISSET_POST('save')) $mode = 'save'; // Save entered data
+if (REQUEST_ISSET_POST('edit')) $mode = 'edit'; // Edit data
+if (REQUEST_ISSET_POST('notify')) $mode = 'notify'; // Switch off notification
+
+switch ($mode) {
+ case 'show': // Show his data
+ if (EXT_IS_ACTIVE('country', true)) {
+ // New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
+ $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
+ array(getUserId()), __FILE__, __LINE__);
+ } else {
+ // Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
+ $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
+ array(getUserId()), __FILE__, __LINE__);
}
- $DOB = '';
- switch (getLanguage())
- {
- case 'de': // German date format
- // Day
- $DOB .= ADD_SELECTION('day', $DATA[7]);
-
- // Month
- $DOB .= ADD_SELECTION('month', $DATA[8]);
-
- // Year
- $DOB .= ADD_SELECTION('year', $DATA[9]);
- break;
-
- default: // Default is the US date format... :)
- break;
+ $DATA = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+
+ // Translate / add some things
+ $DATA[10] = translateGender($DATA[10]);
+ $DATA[13] = generateDateTime($DATA[13], '0');
+
+ // How far is last change on his profile away from now?
+ if ((($DATA[13] + getConfig('profile_lock')) > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) {
+ // You cannot change your account
+ define('CHANGE', "".sprintf(getMessage('MEMBER_PROFILE_LOCKED'), generateDateTime($DATA[13] + getConfig('profile_lock'), '0'))."
");
+ } else {
+ // He is allowed to change his profile
+ define('CHANGE', LOAD_TEMPLATE('member_mydata_button', true));
}
- define('DOB', $DOB);
- define('MAX_REC_LIST', addMaxReceiveList('member', $DATA[11], true));
+ if (strlen($DATA[7]) == 1) $DATA[7] = '0'.$DATA[7];
+ if (strlen($DATA[8]) == 1) $DATA[8] = '0'.$DATA[8];
+
+ switch (getLanguage()) {
+ case 'de': define('DOB', $DATA[7] . '.' . $DATA[8] . '.' . $DATA[9]); break;
+ default : define('DOB', $DATA[8] . '-' . $DATA[7] . '-' . $DATA[9]); break;
+ } // END - switch
if (EXT_IS_ACTIVE('country')) {
- // Generate selection box
- $OUT = "";
- define('__COUNTRY_CONTENT', $OUT);
+ // Load country's description and code
+ $DATA[3] = COUNTRY_GENERATE_INFO($DATA[3]);
+ } // END - if
+
+ // Load template
+ LOAD_TEMPLATE('member_mydata_overview');
+ break;
+
+ case 'edit': // Edit data
+ if (EXT_IS_ACTIVE('country', true)) {
+ // New way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
+ $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country_code, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update
+FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
+ array(getUserId()), __FILE__, __LINE__);
} else {
- // Ouput default input box
- define('__COUNTRY_CONTENT', "");
+ // Old way 0 1 2 3 4 5 6 7 8 9 10 11 12 13
+ $result = SQL_QUERY_ESC("SELECT surname, family, street_nr, country, zip, city, email, birth_day, birth_month, birth_year, gender, max_mails, receive_mails, last_update
+FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
+ array(getUserId()), __FILE__, __LINE__);
}
- // Load template
- LOAD_TEMPLATE('member_mydata_edit');
- }
- break;
-
-case 'save': // Save entered data
- // Load old email / password: 0 1 2
- $result = SQL_QUERY_ESC("SELECT email, password, last_update FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
- array(getUserId()), __FILE__, __LINE__);
- $DATA = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- $DATA[3] = $DATA[2] + getConfig('profile_lock');
-
- // How far is last change on his profile away from now?
- if (($DATA[3] > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) {
- $DATA[3] = generateDateTime($DATA[3] + getConfig('profile_lock'), '0');
- // You cannot change your account
- LOAD_TEMPLATE("member_mydata_locked");
- } elseif (!VALIDATE_EMAIL(REQUEST_POST('addy'))) {
- // Invalid email address!
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('INVALID_EMAIL_ADDRESS_ENTERED'));
- } else {
- // Generate hash
- $hash = generateHash(REQUEST_POST('pass1'), substr($DATA[1], 0, -40));
- if ((($hash == $DATA[1]) || (REQUEST_POST('pass1') == REQUEST_POST('pass2'))) && (REQUEST_ISSET_POST(('pass1')))) {
- // Only on simple changes normal mode is active = no email or password changed
- $mode = 'normal'; $AND = '';
-
- // Did the user changed the password?
- if ($hash != $DATA[1]) { $AND = ", password='".$hash."'"; $mode = 'pass'; }
-
- // Or did he changed his password?
- if (REQUEST_POST('addy') != $DATA[0]) {
- // Jupp
- if ($mode == 'normal') { $mode = 'email'; } else { $mode .= ";email"; }
- REQUEST_SET_POST('old_addy', $DATA[0]);
+ $DATA = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+ $DATA[13] = $DATA[12] + getConfig('profile_lock');
+
+ // How far is last change on his profile away from now?
+ if (($DATA[13] > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) {
+ $DATA[13] = generateDateTime($DATA[13] + getConfig('profile_lock'), '0');
+ // You cannot change your account
+ LOAD_TEMPLATE('member_mydata_locked');
+ } else {
+ // He is allowed to change his profile
+ switch ($DATA[10])
+ {
+ case 'M':
+ define('M_DEFAULT', ' selected="selected"');
+ define('F_DEFAULT', '');
+ define('C_DEFAULT', '');
+ break;
+
+ case 'F':
+ define('M_DEFAULT', '');
+ define('F_DEFAULT', ' selected="selected"');
+ define('C_DEFAULT', '');
+ break;
+
+ case 'C':
+ define('M_DEFAULT', '');
+ define('F_DEFAULT', '');
+ define('C_DEFAULT', ' selected="selected"');
+ break;
}
+ $DOB = '';
+ switch (getLanguage()) {
+ case 'de': // German date format
+ // Day
+ $DOB .= ADD_SELECTION('day', $DATA[7]);
+
+ // Month
+ $DOB .= ADD_SELECTION('month', $DATA[8]);
+
+ // Year
+ $DOB .= ADD_SELECTION('year', $DATA[9]);
+ break;
+
+ default: // Default is the US date format... :)
+ break;
+ } // END - if
+
+ define('DOB', $DOB);
+ define('MAX_REC_LIST', addMaxReceiveList('member', $DATA[11], true));
- // Update member's profile
if (EXT_IS_ACTIVE('country')) {
- // New way
- SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET
-gender='%s', surname='%s', family='%s',
-street_nr='%s',
-country_code=%s, zip=%s, city='%s',
-email='%s',
-birth_day=%s, birth_month=%s, birth_year=%s,
-max_mails=%s,
-last_update=UNIX_TIMESTAMP()".$AND.",
-notified='N',
-last_profile_sent=UNIX_TIMESTAMP()
-WHERE userid=%s AND password='%s' LIMIT 1",
-array(
- REQUEST_POST('gender'),
- REQUEST_POST('surname'),
- REQUEST_POST('family'),
- REQUEST_POST('street_nr'),
- bigintval(REQUEST_POST('country_code')),
- bigintval(REQUEST_POST('zip')),
- REQUEST_POST('city'),
- REQUEST_POST('addy'),
- bigintval(REQUEST_POST('day')),
- bigintval(REQUEST_POST('month')),
- bigintval(REQUEST_POST('year')),
- bigintval(REQUEST_POST('max_mails')),
- UID_VALUE,
- getSession('u_hash')
- ), __FILE__, __LINE__);
+ // Generate selection box
+ $OUT = "";
+ define('__COUNTRY_CONTENT', $OUT);
} else {
- // Old way
- SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET
-gender='%s', surname='%s', family='%s',
-street_nr='%s',
-country='%s', zip=%s, city='%s',
-email='%s',
-birth_day=%s, birth_month=%s, birth_year=%s,
-max_mails='%s',
-last_update=UNIX_TIMESTAMP()".$AND.",
-notified='N',
-last_profile_sent=UNIX_TIMESTAMP()
-WHERE userid=%s AND password='%s' LIMIT 1",
-array(
- REQUEST_POST('gender'),
- REQUEST_POST('surname'),
- REQUEST_POST('family'),
- REQUEST_POST('street_nr'),
- REQUEST_POST('cntry'),
- bigintval(REQUEST_POST('zip')),
- REQUEST_POST('city'),
- REQUEST_POST('addy'),
- bigintval(REQUEST_POST('day')),
- bigintval(REQUEST_POST('month')),
- bigintval(REQUEST_POST('year')),
- bigintval(REQUEST_POST('max_mails')),
- UID_VALUE,
- getSession('u_hash')
- ), __FILE__, __LINE__);
+ // Ouput default input box
+ define('__COUNTRY_CONTENT', "");
}
- // Get all modes ...
- $modes = explode(';', $mode);
+ // Load template
+ LOAD_TEMPLATE('member_mydata_edit');
+ }
+ break;
- // ... and run them through
- sendModeMails ('mydata', $modes);
+ case 'save': // Save entered data
+ // Load old email / password: 0 1 2
+ $result = SQL_QUERY_ESC("SELECT `email`, `password`, `last_update` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1",
+ array(getUserId()), __FILE__, __LINE__);
+ $DATA = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+ $DATA[3] = $DATA[2] + getConfig('profile_lock');
+
+ // How far is last change on his profile away from now?
+ if (($DATA[3] > time()) && (!IS_ADMIN()) && (getConfig('profile_lock') > 0)) {
+ $DATA[3] = generateDateTime($DATA[3] + getConfig('profile_lock'), '0');
+ // You cannot change your account
+ LOAD_TEMPLATE('member_mydata_locked');
+ } elseif (!isEmailValid(REQUEST_POST('addy'))) {
+ // Invalid email address!
+ LOAD_TEMPLATE('admin_settings_saved', false, getMessage('INVALID_EMAIL_ADDRESS_ENTERED'));
} else {
- // Entered wrong pass for updating profile
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('MEBER_UPDATE_PWD_WRONG'));
+ // Generate hash
+ $hash = generateHash(REQUEST_POST('pass1'), substr($DATA[1], 0, -40));
+ if ((($hash == $DATA[1]) || (REQUEST_POST('pass1') == REQUEST_POST('pass2'))) && (REQUEST_ISSET_POST('pass1'))) {
+ // Only on simple changes normal mode is active = no email or password changed
+ $mode = 'normal'; $AND = '';
+
+ // Did the user changed the password?
+ if ($hash != $DATA[1]) { $AND = ", password='".$hash."'"; $mode = 'pass'; }
+
+ // Or did he changed his password?
+ if (REQUEST_POST('addy') != $DATA[0]) {
+ // Jupp
+ if ($mode == 'normal') {
+ $mode = 'email';
+ } else {
+ $mode .= ";email";
+ }
+ REQUEST_SET_POST('old_addy', $DATA[0]);
+ } // END - if
+
+ // Update member's profile
+ if (EXT_IS_ACTIVE('country')) {
+ // New way
+ SQL_QUERY_ESC("UPDATE
+ `{!_MYSQL_PREFIX!}_user_data`
+SET
+ `gender`='%s', `surname`='%s', `family`='%s',
+ `street_nr`='%s',
+ `country_code`=%s, `zip`=%s, `city`='%s',
+ `email`='%s',
+ `birth_day`=%s, `birth_month`=%s, `birth_year`=%s,
+ `max_mails`=%s,
+ `last_update`=UNIX_TIMESTAMP()".$AND.",
+ `notified`='N',
+ `last_profile_sent`=UNIX_TIMESTAMP()
+WHERE
+ `userid`=%s
+LIMIT 1",
+ array(
+ REQUEST_POST('gender'),
+ REQUEST_POST('surname'),
+ REQUEST_POST('family'),
+ REQUEST_POST('street_nr'),
+ bigintval(REQUEST_POST('country_code')),
+ bigintval(REQUEST_POST('zip')),
+ REQUEST_POST('city'),
+ REQUEST_POST('addy'),
+ bigintval(REQUEST_POST('day')),
+ bigintval(REQUEST_POST('month')),
+ bigintval(REQUEST_POST('year')),
+ bigintval(REQUEST_POST('max_mails')),
+ getUserId()
+ ), __FILE__, __LINE__);
+ } else {
+ // Old way
+ SQL_QUERY_ESC("UPDATE
+ `{!_MYSQL_PREFIX!}_user_data`
+SET
+ `gender`='%s', `surname`='%s', `family`='%s',
+ `street_nr`='%s',
+ `country`='%s', `zip`=%s, `city`='%s',
+ `email`='%s',
+ `birth_day`=%s, `birth_month`=%s, `birth_year`=%s,
+ `max_mails`='%s',
+ `last_update`=UNIX_TIMESTAMP()".$AND.",
+ `notified`='N',
+ `last_profile_sent`=UNIX_TIMESTAMP()
+WHERE
+ `userid`=%s
+LIMIT 1",
+ array(
+ REQUEST_POST('gender'),
+ REQUEST_POST('surname'),
+ REQUEST_POST('family'),
+ REQUEST_POST('street_nr'),
+ REQUEST_POST('cntry'),
+ bigintval(REQUEST_POST('zip')),
+ REQUEST_POST('city'),
+ REQUEST_POST('addy'),
+ bigintval(REQUEST_POST('day')),
+ bigintval(REQUEST_POST('month')),
+ bigintval(REQUEST_POST('year')),
+ bigintval(REQUEST_POST('max_mails')),
+ getUserId()
+ ), __FILE__, __LINE__);
+ }
+
+ // Did something change?
+ if (SQL_AFFECTEDROWS() == 1) {
+ // Get all modes ...
+ $modes = explode(';', $mode);
+
+ // ... and run them through
+ sendModeMails ('mydata', $modes);
+ } else {
+ // Something went wrong
+ LOAD_TEMPLATE('admin_settings_saved', false, getMessage('MEMBER_UPDATE_FAILED'));
+ }
+ } else {
+ // Entered wrong pass for updating profile
+ LOAD_TEMPLATE('admin_settings_saved', false, getMessage('MEBER_UPDATE_PWD_WRONG'));
+ }
}
- }
- break;
-
-case 'notify': // Switch off notfication
- SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET notified='N', last_update=UNIX_TIMESTAMP() WHERE userid=%s LIMIT 1",
- array(getUserId()), __FILE__, __LINE__);
- $URL = 'modules.php?module=login&what=welcome&msg=' . urlencode(getMessage('PROFILE_UPDATED'));
- break;
+ break;
+
+ case 'notify': // Switch off notfication
+ SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `notified`='N', `last_update`=UNIX_TIMESTAMP() WHERE `userid`=%s LIMIT 1",
+ array(getUserId()), __FILE__, __LINE__);
+ $URL = 'modules.php?module=login&what=welcome&msg=' . urlencode(getMessage('PROFILE_UPDATED'));
+ break;
}
if (!empty($URL)) {
// Load generated URL
redirectToUrl($URL);
-}
+} // END - if
//
?>