37 lines
976 B
PHP
37 lines
976 B
PHP
|
<?PHP
|
||
|
|
|
||
|
|
// do I need to do additional security checks to make sure the script is being called appropriately?
|
||
|
|
|
||
|
|
if (!$_POST){ header('Location: https://slowtwitch.com/calendar/'); }
|
||
|
|
|
||
|
|
include("config.php");
|
||
|
|
|
||
|
|
// error checking
|
||
|
|
if(!isset($_POST)) exit();
|
||
|
|
|
||
|
|
if (isset($_POST[delete])) {
|
||
|
|
// convert the array to a SQL friendly format
|
||
|
|
$deleteList = "(".implode(",", $_POST[delete]).")";
|
||
|
|
|
||
|
|
// build the SQL query to delete the edits that are bad
|
||
|
|
$sql = "DELETE FROM gforum_TriathlonsComment WHERE comment_id IN $deleteList";
|
||
|
|
|
||
|
|
mysql_query($sql) or die(mysql_error());
|
||
|
|
}
|
||
|
|
|
||
|
|
if (isset($_POST[validate])) {
|
||
|
|
// convert the array to a SQL friendly format
|
||
|
|
$comment_idlist = "(".implode(",", $_POST[validate]).")";
|
||
|
|
|
||
|
|
// build the SQL query
|
||
|
|
$sql = "UPDATE gforum_TriathlonsComment
|
||
|
|
SET comment_valid = 1
|
||
|
|
WHERE comment_id IN $comment_idlist;";
|
||
|
|
|
||
|
|
mysql_query($sql) or die(mysql_error());
|
||
|
|
}
|
||
|
|
|
||
|
|
|
||
|
|
header('Location: https://slowtwitch.com/calendar/comments_validate.php');
|
||
|
|
|
||
|
|
?>
|