Fifth pass at adding key files
This commit is contained in:
dsainty
115
site/coaches/add_X.php
Normal file
115
site/coaches/add_X.php
Normal file
@@ -0,0 +1,115 @@
|
||||
<?PHP
|
||||
|
||||
if (!$_POST){ header('Location: '.$site_url); }
|
||||
|
||||
/*
|
||||
|
||||
FIELD NAMES:
|
||||
coach_id
|
||||
coach_name
|
||||
coach_name_tag
|
||||
coach_address
|
||||
coach_address_two
|
||||
coach_city
|
||||
coach_state
|
||||
coach_state_tag
|
||||
coach_zip
|
||||
coach_phone
|
||||
coach_fax
|
||||
coach_email
|
||||
coach_website
|
||||
coach_certifications
|
||||
coach_services
|
||||
coach_degrees
|
||||
coach_cost
|
||||
coach_info
|
||||
coach_camps
|
||||
coach_submitted_by
|
||||
coach_valid
|
||||
coach_user_tags
|
||||
|
||||
*/
|
||||
|
||||
/* Need to ltrim and rtrim commas before insertion */
|
||||
|
||||
//Insert into database
|
||||
//$pass = 'abc123';
|
||||
$errmsg = NULL;
|
||||
$insert_success = NULL;
|
||||
//Check for blank fields
|
||||
if ((!$_POST[name])) $errmsg = $errmsg."Shop name, ";
|
||||
if (!$_POST[city]) $errmsg = $errmsg."City, ";
|
||||
if (!$_POST[state]) $errmsg = $errmsg."State, ";
|
||||
if (!$_POST[address]) $errmsg = $errmsg."Address, ";
|
||||
if (!$_POST[phone]) $errmsg = $errmsg."Phone, ";
|
||||
if (!$_POST[email]) $errmsg = $errmsg."Email, ";
|
||||
if (!$_POST[website]) $errmsg = $errmsg."Website, ";
|
||||
if (strlen($_POST[cost]) < 4) $errmsg = $errmsg."Rates & Fees, ";
|
||||
if (strlen($_POST[info]) < 4) $errmsg = $errmsg."General Info, ";
|
||||
if (strlen($_POST[camps]) < 4) $errmsg = $errmsg."Camps, ";
|
||||
if (isset($errmsg)) {
|
||||
$errmsg = "The following fields cannot be left blank: ".$errmsg."<br />";
|
||||
$errmsg = rtrim($errmsg, ", ");
|
||||
}
|
||||
|
||||
$start_url = "(http(s)?\:\/\/)?"; // start url
|
||||
$dots = "([\w_-]{2,}\.)+"; // one or more parts containing a '.' at the end
|
||||
$last_part = "([\w_-]{2,})"; // last part doesn't contain a dot
|
||||
$user = "((\/)(\~)[\w_=-]+)?((\/)[\w_=-]+)*"; // maybe subdirectories - possibly with user ~
|
||||
$end = "((\/)|(\/)[\w_-]+\.[\w]{2,})?"; // maybe a slash at the end or slash+file+extension
|
||||
$qstring1 = "((\?[\w_-]+\=([^\#]+)){0,1}"; // querystring - first argument (?a=b)
|
||||
$qstring2 = "(\&[\w_-]+\=([^\#]+))*)?"; // querystring - following arguments (&c=d)
|
||||
$bkmrk = "(#[\w_-]+)?"; // bookmark
|
||||
|
||||
$exp = "/^".$start_url.$dots.$last_part.$user.$end.$qstring1.$qstring2.$bkmrk."$/i";
|
||||
if( !preg_match($exp, $_POST[website]) ) {
|
||||
// Contains invalid characters.
|
||||
$errmsg = $errmsg."Invalid Web Address<br />";
|
||||
}
|
||||
if( preg_match('/[^a-zA-Z0-9\. ]/', $_POST[name]) ) {
|
||||
// Contains invalid characters.
|
||||
$errmsg = $errmsg."Please use only letters and numbers in the name<br />";
|
||||
}
|
||||
|
||||
// begin error message check
|
||||
if(!$errmsg){
|
||||
|
||||
$name = trim($_POST[name]);
|
||||
$name_tag = strtolower(str_replace(" ","", $name));
|
||||
//if(strlen($name_tag) > 12){ //Shorten it
|
||||
$name_tag = substr($name_tag, 0, 12);
|
||||
//} // need to update a typo here in other dbs
|
||||
$address = mysql_escape_string(trim($_POST[address]));
|
||||
if (isset($_POST['address_two'])) { $address_two = mysql_escape_string(trim($_POST[address_two])); } else { $address_two = NULL; }
|
||||
$city = mysql_escape_string(trim($_POST[city]));
|
||||
$state = $_POST[state];
|
||||
$state_tag = strtolower(str_replace(" ","", $state));
|
||||
$zip = mysql_escape_string(trim($_POST[zip]));
|
||||
$phone = trim($_POST[phone]);
|
||||
$fax = trim($_POST[fax]);
|
||||
$email = mysql_escape_string(trim($_POST[email]));
|
||||
$website = mysql_escape_string(trim($_POST[website]));
|
||||
$certifications = $_POST[certifications];
|
||||
$services = $_POST[services];
|
||||
$degrees = $_POST[degrees];
|
||||
$cost = mysql_escape_string(nl2br(substr(trim($_POST[cost]), 0, 4096)));
|
||||
$info = mysql_escape_string(nl2br(substr(trim($_POST[info]), 0, 4096)));
|
||||
$camps = mysql_escape_string(nl2br(substr(trim($_POST[camps]), 0, 4096)));
|
||||
$submitted_by = $_POST[submitted_by];
|
||||
|
||||
// begin boolean check to see if we should insert the coach into the dbase
|
||||
if($_POST[insert_coach] == true){
|
||||
$sql = "INSERT INTO ".$prefix."Coaches (coach_name, coach_name_tag, coach_address, coach_address_two, coach_city, coach_state, coach_state_tag, coach_zip, coach_phone, coach_fax, coach_email, coach_website, coach_certifications, coach_services, coach_degrees, coach_cost, coach_info, coach_camps, coach_submitted_by, coach_valid) VALUES ('$name', '$name_tag', '$address', '$address_two', '$city', '$state', '$state_tag', '$zip', '$phone', '$fax', '$email', '$website', ',$certifications,', ',$services,', ',$degrees,', '$cost', '$info', '$camps', $submitted_by, 0)";
|
||||
//echo("shop entered!");
|
||||
//echo($sql);
|
||||
mysql_query($sql) OR die(mysql_error());
|
||||
//exit();
|
||||
$insert_success = true;
|
||||
}else{
|
||||
//echo("shop NOT entered.");
|
||||
$confirm_coach = true;
|
||||
}
|
||||
// end insert check
|
||||
}
|
||||
// end error message check
|
||||
?>
|
||||
Reference in New Issue
Block a user