discourse-legacysite-perl/site/runshops/wiki_validate_X.php

75 lines
3.3 KiB
PHP
Raw Normal View History

2024-06-17 12:42:14 +00:00
<?PHP
include("config.php");
if (!$_POST || !is_admin()){ header('Location: '.$site_url.'/'); }
// error checking
if(!isset($_POST['delete']) && !isset($_POST['validate'])) exit();
if (isset($_POST['delete'])) {
// convert the array to a SQL friendly format
$deleteList = "(".implode(",", $_POST[delete]).")";
// build the SQL query to delete the edits that are bad
$sql = "DELETE FROM ".$prefix."RunshopsEdits WHERE edit_id IN $deleteList";
mysql_query($sql) or die(mysql_error());
}
if (isset($_POST['validate'])) {
// convert the array to a SQL friendly format
$validateList = "(".implode(",", $_POST['validate']).")";
$sql = "SELECT * FROM ".$prefix."RunshopsEdits WHERE edit_id IN $validateList";
$results = mysql_query($sql) OR die(mysql_error());
// Loop through running store edits shifting edits over
while($row = mysql_fetch_array($results)) {
$sql = "UPDATE ".$prefix."Runshops
SET runshop_name = '".mysql_escape_string($row[runshop_name])."',
runshop_name_tag = '".mysql_escape_string($row[runshop_name_tag])."',
runshop_address = '".mysql_escape_string($row[runshop_address])."',
runshop_address_two = '".mysql_escape_string($row[runshop_address_two])."',
runshop_city = '".mysql_escape_string($row[runshop_city])."',
runshop_state = '".mysql_escape_string($row[runshop_state])."',
runshop_state_tag = '".mysql_escape_string($row[runshop_state_tag])."',
runshop_zip = '".mysql_escape_string($row[runshop_zip])."',
runshop_phone = '".mysql_escape_string($row[runshop_phone])."',
runshop_fax = '".mysql_escape_string($row[runshop_fax])."',
runshop_email = '".mysql_escape_string($row[runshop_email])."',
runshop_website = '".mysql_escape_string($row[runshop_website])."',
runshop_cart = '".mysql_escape_string($row[runshop_cart])."',
runshop_contact = '".mysql_escape_string($row[runshop_contact])."',
runshop_contact_names = '".mysql_escape_string($row[runshop_contact_names])."',
runshop_diagnostics = ',".mysql_escape_string($row[runshop_diagnostics])."',
runshop_shoes = ',".mysql_escape_string($row[runshop_shoes])."',
runshop_swimgear = ',".mysql_escape_string($row[runshop_swimgear])."',
runshop_wetsuits = ',".mysql_escape_string($row[runshop_wetsuits])."',
runshop_socks = ',".mysql_escape_string($row[runshop_socks])."',
runshop_apparel_run = ',".mysql_escape_string($row[runshop_apparel_run])."',
runshop_apparel_tri = ',".mysql_escape_string($row[runshop_apparel_tri])."',
runshop_hours = '".mysql_escape_string($row[runshop_hours])."',
runshop_classes = '".mysql_escape_string($row[runshop_classes])."',
runshop_info = '".mysql_escape_string($row[runshop_info])."',
runshop_directions = '".mysql_escape_string($row[runshop_directions])."'
WHERE runshop_id = '$row[runshop_id_fk]'";
//echo $sql;
//exit();
mysql_query($sql) OR die(mysql_error());
$sql = "INSERT INTO ".$prefix."RunshopsEditors (runshop_id_fk, user_id_fk, edit_timestamp) VALUES ('$row[runshop_id_fk]', '$row[editor_user_id_fk]', '$row[edit_timestamp]')";
mysql_query($sql) OR die(mysql_error());
$sql = "DELETE FROM ".$prefix."RunshopsEdits WHERE edit_id = $row[edit_id]";
mysql_query($sql) OR die(mysql_error());
}
}
header('Location: '.$site_url.'/wiki_validate.php');
?>