103 lines
3.4 KiB
PHP
103 lines
3.4 KiB
PHP
|
<?PHP
|
||
|
|
||
|
// do I need to do additional security checks to make sure the script is being called appropriately?
|
||
|
|
||
|
/*
|
||
|
|
||
|
FIELD NAMES:
|
||
|
triclub_id
|
||
|
triclub_name
|
||
|
triclub_name_tag
|
||
|
triclub_address
|
||
|
triclub_address_two
|
||
|
triclub_city
|
||
|
triclub_state
|
||
|
triclub_state_tag
|
||
|
triclub_zip
|
||
|
triclub_email
|
||
|
triclub_website
|
||
|
triclub_president
|
||
|
triclub_board
|
||
|
triclub_board_names
|
||
|
triclub_membership
|
||
|
triclub_dues
|
||
|
triclub_info
|
||
|
triclub_sponsors
|
||
|
triclub_discounts
|
||
|
triclub_directions
|
||
|
triclub_workouts
|
||
|
triclub_meetings
|
||
|
triclub_submitted_by
|
||
|
triclub_valid
|
||
|
triclub_member_tags
|
||
|
|
||
|
*/
|
||
|
|
||
|
include("config.php");
|
||
|
|
||
|
if (!$_POST){ header('Location: '.$site_url.'/'); }
|
||
|
|
||
|
// error checking
|
||
|
if(!isset($_POST)) exit();
|
||
|
|
||
|
if (isset($_POST[delete])) {
|
||
|
// convert the array to a SQL friendly format
|
||
|
$deleteList = "(".implode(",", $_POST[delete]).")";
|
||
|
|
||
|
// build the SQL query to delete the edits that are bad
|
||
|
$sql = "DELETE FROM ".$prefix."TriclubsEdits WHERE edit_id IN $deleteList";
|
||
|
|
||
|
mysql_query($sql) or die(mysql_error());
|
||
|
}
|
||
|
|
||
|
if (isset($_POST[validate])) {
|
||
|
// convert the array to a SQL friendly format
|
||
|
$validateList = "(".implode(",", $_POST[validate]).")";
|
||
|
|
||
|
$sql = "SELECT * FROM ".$prefix."TriclubsEdits WHERE edit_id IN $validateList";
|
||
|
|
||
|
$results = mysql_query($sql) OR die(mysql_error());
|
||
|
|
||
|
// Loop through triclubs shifting edits over
|
||
|
while($row = mysql_fetch_array($results)) {
|
||
|
$sql = "UPDATE ".$prefix."Triclubs
|
||
|
SET triclub_name = '".mysql_escape_string($row[triclub_name])."',
|
||
|
triclub_name_tag = '".mysql_escape_string($row[triclub_name_tag])."',
|
||
|
triclub_address = '".mysql_escape_string($row[triclub_address])."',
|
||
|
triclub_address_two = '".mysql_escape_string($row[triclub_address_two])."',
|
||
|
triclub_city = '".mysql_escape_string($row[triclub_city])."',
|
||
|
triclub_state = '".mysql_escape_string($row[triclub_state])."',
|
||
|
triclub_state_tag = '".mysql_escape_string($row[triclub_state_tag])."',
|
||
|
triclub_zip = '".mysql_escape_string($row[triclub_zip])."',
|
||
|
triclub_email = '".mysql_escape_string($row[triclub_email])."',
|
||
|
triclub_website = '".mysql_escape_string($row[triclub_website])."',
|
||
|
triclub_president = '".mysql_escape_string($row[triclub_president])."',
|
||
|
triclub_board = '".mysql_escape_string($row[triclub_board])."',
|
||
|
triclub_board_names = '".mysql_escape_string($row[triclub_board_names])."',
|
||
|
triclub_membership = '".mysql_escape_string($row[triclub_membership])."',
|
||
|
triclub_dues = '".mysql_escape_string($row[triclub_dues])."',
|
||
|
triclub_info = '".mysql_escape_string($row[triclub_info])."',
|
||
|
triclub_sponsors = '".mysql_escape_string($row[triclub_sponsors])."',
|
||
|
triclub_discounts = '".mysql_escape_string($row[triclub_discounts])."',
|
||
|
triclub_directions = '".mysql_escape_string($row[triclub_directions])."',
|
||
|
triclub_workouts = '".mysql_escape_string($row[triclub_workouts])."',
|
||
|
triclub_meetings = '".mysql_escape_string($row[triclub_meetings])."'
|
||
|
WHERE triclub_id = '$row[triclub_id_fk]'";
|
||
|
//echo $sql;
|
||
|
//exit();
|
||
|
mysql_query($sql) OR die(mysql_error());
|
||
|
|
||
|
$sql = "INSERT INTO ".$prefix."TriclubsEditors (triclub_id_fk, user_id_fk, edit_timestamp) VALUES ('$row[triclub_id_fk]', '$row[editor_user_id_fk]', '$row[edit_timestamp]')";
|
||
|
mysql_query($sql) OR die(mysql_error());
|
||
|
|
||
|
$sql = "DELETE FROM ".$prefix."TriclubsEdits WHERE edit_id = $row[edit_id]";
|
||
|
mysql_query($sql) OR die(mysql_error());
|
||
|
|
||
|
}
|
||
|
|
||
|
}
|
||
|
|
||
|
|
||
|
header('Location: '.$site_url.'/wiki_validate.php');
|
||
|
|
||
|
?>
|