From 60c6d7a179157acd6e5f6df2ed8968980aebe193 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Roland=20H=C3=A4der?= Date: Wed, 7 Oct 2009 23:01:21 +0000 Subject: [PATCH 1/1] Possible fix for non-working profile update --- inc/language/de.php | 1 + inc/modules/member/what-mydata.php | 60 +++++++++++++++++------------- 2 files changed, 35 insertions(+), 26 deletions(-) diff --git a/inc/language/de.php b/inc/language/de.php index 0a4c9b0bbc..bb29007de0 100644 --- a/inc/language/de.php +++ b/inc/language/de.php @@ -335,6 +335,7 @@ define('GENDER_C', ""Firma""); define('SAVE_CHANGES', "Änderungen speichern"); define('MYDATA_NOTE', "Geben Sie nur bei Passwort Ihr aktuelles Passwort ein, wenn Sie nur Daten ändern wollen. Geben Sie bei Passwortbestätigung das neue Passwort erneut ein, wenn Sie Ihr aktuelles Passwort ändern wollen."); define('MEMBER_UPDATE_PWD_WRONG', "Bitte geben Sie Ihr aktuelles Passwort zum Ändern Ihrer Einstellungen ein. Wir haben dies zur Sicherheit unserer Mitglieder eingebaut."); +define('MEMBER_UPDATE_FAILED', "Bei der Aktualisierung Ihres Kontos ist ein Fehler entstanden. Es wurden keine Daten aktualisiert."); define('MEMBER_HAVE_CHANGED_DATA', "Sie haben heute Ihr Mitgliedsprofil geändert."); define('YOUR_NEW_DATA', "Hier sind Ihre neuen Profildaten"); define('PLEASE_NOTIFY_ABUSE_MYDATA', "Sollten Sie diese änderungen nicht durchgeführt haben, benachrichten Sie uns bitte! ({!WEBMASTER!})"); diff --git a/inc/modules/member/what-mydata.php b/inc/modules/member/what-mydata.php index 2a90cfa4bd..d4768332dd 100644 --- a/inc/modules/member/what-mydata.php +++ b/inc/modules/member/what-mydata.php @@ -86,15 +86,15 @@ switch ($mode) { define('CHANGE', "
".sprintf(getMessage('MEMBER_PROFILE_LOCKED'), generateDateTime($DATA[13] + getConfig('profile_lock'), '0'))."
"); } else { // He is allowed to change his profile - define('CHANGE', LOAD_TEMPLATE("member_mydata_button", true)); + define('CHANGE', LOAD_TEMPLATE('member_mydata_button', true)); } if (strlen($DATA[7]) == 1) $DATA[7] = '0'.$DATA[7]; if (strlen($DATA[8]) == 1) $DATA[8] = '0'.$DATA[8]; switch (getLanguage()) { - case 'de': define('DOB', $DATA[7].'.'.$DATA[8].'.'.$DATA[9]); break; - default : define('DOB', $DATA[8].'-'.$DATA[7].'-'.$DATA[9]); break; + case 'de': define('DOB', $DATA[7] . '.' . $DATA[8] . '.' . $DATA[9]); break; + default : define('DOB', $DATA[8] . '-' . $DATA[7] . '-' . $DATA[9]); break; } // END - switch if (EXT_IS_ACTIVE('country')) { @@ -189,8 +189,8 @@ FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", break; case 'save': // Save entered data - // Load old email / password: 0 1 2 - $result = SQL_QUERY_ESC("SELECT email, password, last_update FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", + // Load old email / password: 0 1 2 + $result = SQL_QUERY_ESC("SELECT `email`, `password`, `last_update` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1", array(getUserId()), __FILE__, __LINE__); $DATA = SQL_FETCHROW($result); SQL_FREERESULT($result); @@ -228,17 +228,21 @@ FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", // Update member's profile if (EXT_IS_ACTIVE('country')) { // New way - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET -`gender`='%s', `surname`='%s', `family`='%s', -`street_nr`='%s', -`country_code`=%s, `zip`=%s, `city`='%s', -`email`='%s', -`birth_day`=%s, `birth_month`=%s, `birth_year`=%s, -`max_mails`=%s, -`last_update`=UNIX_TIMESTAMP()".$AND.", -`notified`='N', -`last_profile_sent`=UNIX_TIMESTAMP() -WHERE `userid`=%s AND `password`='%s' LIMIT 1", + SQL_QUERY_ESC("UPDATE + `{!_MYSQL_PREFIX!}_user_data` +SET + `gender`='%s', `surname`='%s', `family`='%s', + `street_nr`='%s', + `country_code`=%s, `zip`=%s, `city`='%s', + `email`='%s', + `birth_day`=%s, `birth_month`=%s, `birth_year`=%s, + `max_mails`=%s, + `last_update`=UNIX_TIMESTAMP()".$AND.", + `notified`='N', + `last_profile_sent`=UNIX_TIMESTAMP() +WHERE + `userid`=%s +LIMIT 1", array( REQUEST_POST('gender'), REQUEST_POST('surname'), @@ -252,8 +256,7 @@ WHERE `userid`=%s AND `password`='%s' LIMIT 1", bigintval(REQUEST_POST('month')), bigintval(REQUEST_POST('year')), bigintval(REQUEST_POST('max_mails')), - getUserId(), - getSession('u_hash') + getUserId() ), __FILE__, __LINE__); } else { // Old way @@ -270,7 +273,7 @@ SET `notified`='N', `last_profile_sent`=UNIX_TIMESTAMP() WHERE - `userid`=%s AND `password`='%s' + `userid`=%s LIMIT 1", array( REQUEST_POST('gender'), @@ -285,16 +288,21 @@ LIMIT 1", bigintval(REQUEST_POST('month')), bigintval(REQUEST_POST('year')), bigintval(REQUEST_POST('max_mails')), - getUserId(), - getSession('u_hash') + getUserId() ), __FILE__, __LINE__); } - // Get all modes ... - $modes = explode(';', $mode); + // Did something change? + if (SQL_AFFECTEDROWS() == 1) { + // Get all modes ... + $modes = explode(';', $mode); - // ... and run them through - sendModeMails ('mydata', $modes); + // ... and run them through + sendModeMails ('mydata', $modes); + } else { + // Something went wrong + LOAD_TEMPLATE('admin_settings_saved', false, getMessage('MEMBER_UPDATE_FAILED')); + } } else { // Entered wrong pass for updating profile LOAD_TEMPLATE('admin_settings_saved', false, getMessage('MEBER_UPDATE_PWD_WRONG')); @@ -303,7 +311,7 @@ LIMIT 1", break; case 'notify': // Switch off notfication - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET notified='N', last_update=UNIX_TIMESTAMP() WHERE userid=%s LIMIT 1", + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `notified`='N', `last_update`=UNIX_TIMESTAMP() WHERE `userid`=%s LIMIT 1", array(getUserId()), __FILE__, __LINE__); $URL = 'modules.php?module=login&what=welcome&msg=' . urlencode(getMessage('PROFILE_UPDATED')); break; -- 2.30.2