Fifth pass at adding key files
This commit is contained in:
dsainty
152
site/retailers/add_X.php
Normal file
152
site/retailers/add_X.php
Normal file
@@ -0,0 +1,152 @@
|
||||
<?PHP
|
||||
|
||||
if (!$_POST){ header('Location: '.$site_url); }
|
||||
|
||||
/*
|
||||
|
||||
FIELD NAMES:
|
||||
retailer_id
|
||||
retailer_name
|
||||
retailer_name_tag
|
||||
retailer_address
|
||||
retailer_city
|
||||
retailer_state
|
||||
retailer_state_tag
|
||||
retailer_zip
|
||||
retailer_phone
|
||||
retailer_fax
|
||||
retailer_email
|
||||
retailer_website
|
||||
retailer_cart
|
||||
retailer_mailorder_ecommerce
|
||||
retailer_mailorder_phone
|
||||
retailer_local_ecommerce
|
||||
retailer_local_phone
|
||||
retailer_pickup_ecommerce
|
||||
retailer_pickup_phone
|
||||
retailer_contact
|
||||
retailer_contact_names
|
||||
retailer_fist
|
||||
retailer_fist_names
|
||||
retailer_fist_road
|
||||
retailer_fist_road_names
|
||||
retailer_fist_advanced
|
||||
retailer_fist_advanced_names
|
||||
retailer_bfact
|
||||
retailer_serotta
|
||||
retailer_serotta_names
|
||||
retailer_fitbikes
|
||||
retailer_motioncapture
|
||||
retailer_wetsuits
|
||||
retailer_bikes
|
||||
retailer_customs
|
||||
retailer_hours
|
||||
retailer_barnett
|
||||
retailer_barnett_names
|
||||
retailer_ubi
|
||||
retailer_ubi_names
|
||||
retailer_info
|
||||
retailer_directions
|
||||
submitted_by
|
||||
|
||||
*/
|
||||
|
||||
/* Need to ltrim and rtrim commas before insertion */
|
||||
|
||||
//Insert into database
|
||||
$pass = 'abc123';
|
||||
$errmsg = NULL;
|
||||
//if(strcmp($_POST[password], $pass) == 0){ //Password is good
|
||||
//Check for blank fields
|
||||
if ((!$_POST[name])) $errmsg = $errmsg.'Shop name, ';
|
||||
if (!$_POST[city]) $errmsg = $errmsg.'City, ';
|
||||
if (!$_POST[state]) $errmsg = $errmsg.'State, ';
|
||||
if (!$_POST[address]) $errmsg = $errmsg.'Address, ';
|
||||
if (!$_POST[phone]) $errmsg = $errmsg.'Phone, ';
|
||||
if (!$_POST[email]) $errmsg = $errmsg.'Email, ';
|
||||
if (!$_POST[hours]) $errmsg = $errmsg.'Shop hours, ';
|
||||
if ($_POST[contact] == 1 && !$_POST[contact_names]) $errmsg = $errmsg.'Contact names, ';
|
||||
if ($_POST[fist] == 1 && !$_POST[fist_names]) $errmsg = $errmsg.'F.I.S.T. Tri fitters names, ';
|
||||
if ($_POST[fist_road] == 1 && !$_POST[fist_road_names]) $errmsg = $errmsg.'F.I.S.T. Road fitters names, ';
|
||||
if ($_POST[fist_advanced] == 1 && !$_POST[fist_advanced_names]) $errmsg = $errmsg.'F.I.S.T. Advanced fitters names, ';
|
||||
if ($_POST[serotta] == 1 && !$_POST[serotta_names]) $errmsg = $errmsg.'Serotta fitters names, ';
|
||||
if ($_POST[barnett] == 1 && !$_POST[barnett_names]) $errmsg = $errmsg.'Barnett mechanics names, ';
|
||||
if ($_POST[ubi] == 1 && !$_POST[ubi_names]) $errmsg = $errmsg.'UBI mechanics names, ';
|
||||
if (strlen($_POST[info]) < 4) $errmsg = $errmsg.'Shop info, ';
|
||||
if (strlen($_POST[directions]) < 4) $errmsg = $errmsg.'Directions, ';
|
||||
if (isset($errmsg)) {
|
||||
$errmsg = 'The following fields cannot be left blank: '.$errmsg;
|
||||
$errmsg = rtrim($errmsg, ', ');
|
||||
}
|
||||
if( preg_match('/[^a-zA-Z0-9\. ]/', $_POST[name]) ) {
|
||||
// Contains invalid characters.
|
||||
$errmsg = "Please use only letters and numbers in the name";
|
||||
}
|
||||
if(!$errmsg){
|
||||
|
||||
$name = mysql_real_escape_string(trim($_POST[name]));
|
||||
$name_tag = mysql_real_escape_string(strtolower(str_replace(" ","", $name)));
|
||||
if(strlen($nametag) > 12){ //Shorten it
|
||||
$name_tag = substr($nametag, 0, 12);
|
||||
}
|
||||
$address = mysql_real_escape_string(trim($_POST[address]));
|
||||
$address_two = mysql_real_escape_string(trim($_POST[address_two]));
|
||||
$city = mysql_real_escape_string(trim($_POST[city]));
|
||||
$state = mysql_real_escape_string($_POST[state]);
|
||||
$state_tag = mysql_real_escape_string(strtolower(str_replace(" ","", $state)));
|
||||
$zip = mysql_real_escape_string(trim($_POST[zip]));
|
||||
$phone = mysql_real_escape_string(trim($_POST[phone]));
|
||||
$fax = mysql_real_escape_string(trim($_POST[fax]));
|
||||
$email = mysql_real_escape_string(trim($_POST[email]));
|
||||
$website = mysql_real_escape_string(trim($_POST[website]));
|
||||
$cart = mysql_real_escape_string(trim($_POST[cart]));
|
||||
$spoke = mysql_real_escape_string(trim($_POST[spoke]));
|
||||
$mailorder_ecommerce = mysql_real_escape_string(trim($_POST[mailorder_ecommerce]));
|
||||
$mailorder_phone = mysql_real_escape_string(trim($_POST[mailorder_phone]));
|
||||
$local_ecommerce = mysql_real_escape_string(trim($_POST[local_ecommerce]));
|
||||
$local_phone = mysql_real_escape_string(trim($_POST[local_phone]));
|
||||
$pickup_ecommerce = mysql_real_escape_string(trim($_POST[pickup_ecommerce]));
|
||||
$pickup_phone = mysql_real_escape_string(trim($_POST[pickup_phone]));
|
||||
$contact = mysql_real_escape_string($_POST[contact]);
|
||||
if ( $contact == 0 ){ $contact_names = NULL; }else{ $contact_names = mysql_real_escape_string(trim($_POST[contact_names])); }
|
||||
$fist = mysql_real_escape_string($_POST[fist]);
|
||||
if ( $fist == 0 ){ $fist_names = NULL; }else{ $fist_names = mysql_real_escape_string(trim($_POST[fist_names])); }
|
||||
$fist_road = mysql_real_escape_string($_POST[fist_road]);
|
||||
if ( $fist_road == 0 ){ $fist_road_names = NULL; }else{ $fist_road_names = mysql_real_escape_string(trim($_POST[fist_road_names])); }
|
||||
$fist_advanced = mysql_real_escape_string($_POST[fist_advanced]);
|
||||
if ( $fist_advanced == 0 ){ $fist_advanced_names = NULL; }else{ $fist_advanced_names = mysql_real_escape_string(trim($_POST[fist_advanced_names])); }
|
||||
$bfact = mysql_real_escape_string(trim($_POST[bfact]));
|
||||
$serotta = mysql_real_escape_string($_POST[serotta]);
|
||||
if ( $serotta == 0 ){ $serotta_names = NULL; }else{ $serotta_names = mysql_real_escape_string(trim($_POST[serotta_names])); }
|
||||
/* Need to ltrim and rtrim commas before insertion --> or ltrim/rtrim before implosion*/
|
||||
$methods = mysql_real_escape_string($_POST[methods]);
|
||||
$fitbikes = mysql_real_escape_string($_POST[fitbikes]);
|
||||
$motioncapture = mysql_real_escape_string($_POST[motioncapture]);
|
||||
$wetsuits = mysql_real_escape_string($_POST[wetsuits]);
|
||||
$bikes = mysql_real_escape_string($_POST[bikes]);
|
||||
$customs = mysql_real_escape_string($_POST[customs]);
|
||||
$hours = mysql_real_escape_string(trim($_POST[hours]));
|
||||
$barnett = mysql_real_escape_string($_POST[barnett]);
|
||||
if ( $barnett == 0 ){ $barnett_names = NULL; }else{ $barnett_names = mysql_real_escape_string(trim($_POST[barnett_names])); }
|
||||
$ubi = mysql_real_escape_string($_POST[ubi]);
|
||||
if ( $ubi == 0 ){ $ubi_names = NULL; }else{ $ubi_names = mysql_real_escape_string(trim($_POST[ubi_names])); }
|
||||
$info = mysql_real_escape_string(nl2br(substr(trim($_POST[info]), 0, 4096)));
|
||||
$directions = mysql_real_escape_string(nl2br(substr(trim($_POST[directions]), 0, 4096)));
|
||||
$submitted_by = mysql_real_escape_string($_POST[submitted_by]);
|
||||
|
||||
if($_POST[confirm1] == 1){
|
||||
$sql = "INSERT INTO gforum_Retailers (retailer_name, retailer_name_tag, retailer_address, retailer_address_two, retailer_city, retailer_state, retailer_state_tag, retailer_zip, retailer_phone, retailer_fax, retailer_email, retailer_website, retailer_cart, retailer_mailorder_ecommerce, retailer_mailorder_phone, retailer_local_ecommerce, retailer_local_phone, retailer_pickup_ecommerce, retailer_pickup_phone, retailer_contact, retailer_contact_names, retailer_fist, retailer_fist_names, retailer_fist_road, retailer_fist_road_names, retailer_fist_advanced, retailer_fist_advanced_names, retailer_bfact, retailer_serotta, retailer_serotta_names, retailer_method, retailer_fitbikes, retailer_motioncapture, retailer_wetsuits, retailer_bikes, retailer_customs, retailer_hours, retailer_barnett, retailer_barnett_names, retailer_ubi, retailer_ubi_names, retailer_info, retailer_directions, retailer_submitted_by, retailer_valid, retailer_spoke) VALUES ('$name', '$name_tag', '$address', '$address_two', '$city', '$state', '$state_tag', '$zip', '$phone', '$fax', '$email', '$website', '$cart', '$mailorder_ecommerce', '$mailorder_phone', '$local_ecommerce', '$local_phone', '$pickup_ecommerce', '$pickup_phone', $contact, '$contact_names', $fist, '$fist_names', $fist_road, '$fist_road_names', $fist_advanced, '$fist_advanced_names', '$bfact', $serotta, '$serotta_names', '$methods', ',$fitbikes,', ',$motioncapture,', ',$wetsuits,', ',$bikes,', ',$customs,', '$hours', $barnett, '$barnett_names', $ubi, '$ubi_names', '$info', '$directions', $submitted_by, 0, '$spoke')";
|
||||
//echo("shop entered!");
|
||||
//echo($sql);
|
||||
//exit();
|
||||
mysql_query($sql) OR die(mysql_error());
|
||||
//exit();
|
||||
}else{
|
||||
//echo("shop NOT entered.");
|
||||
$confirm = 1;
|
||||
}
|
||||
}
|
||||
//}else{
|
||||
// $errmsg = 'Incorrect key.';
|
||||
//}
|
||||
?>
|
||||
Reference in New Issue
Block a user