saint/discourse-legacysite-perl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fifth pass at adding key files

Browse Source
This commit is contained in:
dsainty
2024-06-17 22:42:14 +10:00
parent 67ccdbcc34
commit 9797a6824a
535 changed files with 95045 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

100
site/fitters/wiki_validate_X.php Normal file
View File

@@ -0,0 +1,100 @@
<?PHP
// do I need to do additional security checks to make sure the script is being called appropriately?
/*
FIELD NAMES:
fitter_id
fitter_name
fitter_name_tag
fitter_address
fitter_address_two
fitter_city
fitter_state
fitter_state_tag
fitter_zip
fitter_phone
fitter_fax
fitter_email
fitter_website
fitter_certifications
fitter_fitbikes
fitter_motioncapture
fitter_cost
fitter_info
fitter_directions
fitter_submitted_by
fitter_valid
fitter_user_tags
*/
include("config.php");
if (!$_POST){ header('Location: '.$site_url.'/'); }
// error checking
if(!isset($_POST)) exit();
if (isset($_POST[delete])) {
// convert the array to a SQL friendly format
$deleteList = "(".implode(",", $_POST[delete]).")";
// build the SQL query to delete the edits that are bad
$sql = "DELETE FROM ".$prefix."FittersEdits WHERE edit_id IN $deleteList";
mysql_query($sql) or die(mysql_error());
}
if (isset($_POST[validate])) {
// convert the array to a SQL friendly format
$validateList = "(".implode(",", $_POST[validate]).")";
$sql = "SELECT * FROM ".$prefix."FittersEdits WHERE edit_id IN $validateList";
$results = mysql_query($sql) OR die(mysql_error());
// Loop through fitters shifting edits over
while($row = mysql_fetch_array($results)) {
$sql = "UPDATE ".$prefix."Fitters
SET fitter_name = '".mysql_escape_string($row[fitter_name])."',
fitter_name_tag = '".mysql_escape_string($row[fitter_name_tag])."',
fitter_address = '".mysql_escape_string($row[fitter_address])."',
fitter_address_two = '".mysql_escape_string($row[fitter_address_two])."',
fitter_city = '".mysql_escape_string($row[fitter_city])."',
fitter_state = '".mysql_escape_string($row[fitter_state])."',
fitter_state_tag = '".mysql_escape_string($row[fitter_state_tag])."',
fitter_phone = '".mysql_escape_string($row[fitter_phone])."',
fitter_fax = '".mysql_escape_string($row[fitter_fax])."',
fitter_zip = '".mysql_escape_string($row[fitter_zip])."',
fitter_lat = '".mysql_escape_string($row[fitter_lat])."',
fitter_lng = '".mysql_escape_string($row[fitter_lng])."',
fitter_email = '".mysql_escape_string($row[fitter_email])."',
fitter_website = '".mysql_escape_string($row[fitter_website])."',
fitter_method = '".mysql_escape_string($row[fitter_method])."',
fitter_certifications = '".mysql_escape_string($row[fitter_certifications])."',
fitter_fitbikes = '".mysql_escape_string($row[fitter_fitbikes])."',
fitter_motioncapture = '".mysql_escape_string($row[fitter_motioncapture])."',
fitter_cost = '".mysql_escape_string($row[fitter_cost])."',
fitter_info = '" . mysql_escape_string($row[fitter_info]) . "',
fitter_directions = '" . mysql_escape_string($row[fitter_directions]) . "',
fitter_portfolio = '".mysql_escape_string($row[fitter_portfolio])."'
WHERE fitter_id = '$row[fitter_id_fk]'";
//echo $sql;
//exit();
mysql_query($sql) OR die(mysql_error());
$sql = "INSERT INTO ".$prefix."FittersEditors (fitter_id_fk, user_id_fk, edit_timestamp) VALUES ('$row[fitter_id_fk]', '$row[editor_user_id_fk]', '$row[edit_timestamp]')";
mysql_query($sql) OR die(mysql_error());
$sql = "DELETE FROM ".$prefix."FittersEdits WHERE edit_id = $row[edit_id]";
mysql_query($sql) OR die(mysql_error());
}
}
header('Location: '.$site_url.'/wiki_validate.php');
?>