Fifth pass at adding key files
This commit is contained in:
dsainty
165
site/retailers/wiki_edit_X.php
Normal file
165
site/retailers/wiki_edit_X.php
Normal file
@@ -0,0 +1,165 @@
|
||||
<?PHP
|
||||
|
||||
if (!$_POST){ header('Location: '.$site_url.'/?error=no_post'); }
|
||||
|
||||
/*
|
||||
|
||||
FIELD NAMES:
|
||||
retailer_id
|
||||
retailer_name
|
||||
retailer_name_tag
|
||||
retailer_address
|
||||
retailer_city
|
||||
retailer_state
|
||||
retailer_state_tag
|
||||
retailer_zip
|
||||
retailer_phone
|
||||
retailer_fax
|
||||
retailer_email
|
||||
retailer_website
|
||||
retailer_cart
|
||||
retailer_mailorder_ecommerce
|
||||
retailer_mailorder_phone
|
||||
retailer_local_ecommerce
|
||||
retailer_local_phone
|
||||
retailer_pickup_ecommerce
|
||||
retailer_pickup_phone
|
||||
retailer_contact
|
||||
retailer_contact_names
|
||||
retailer_fist
|
||||
retailer_fist_names
|
||||
retailer_fist_road
|
||||
retailer_fist_road_names
|
||||
retailer_fist_advanced
|
||||
retailer_fist_advanced_names
|
||||
retailer_bfact
|
||||
retailer_serotta
|
||||
retailer_serotta_names
|
||||
retailer_fitbikes
|
||||
retailer_motioncapture
|
||||
retailer_wetsuits
|
||||
retailer_bikes
|
||||
retailer_customs
|
||||
retailer_hours
|
||||
retailer_barnett
|
||||
retailer_barnett_names
|
||||
retailer_ubi
|
||||
retailer_ubi_names
|
||||
retailer_info
|
||||
retailer_directions
|
||||
submitted_by
|
||||
|
||||
*/
|
||||
|
||||
/* Need to ltrim and rtrim commas before insertion */
|
||||
|
||||
//Insert into database
|
||||
$pass = 'abc123';
|
||||
$errmsg = NULL;
|
||||
//Check for blank fields
|
||||
if ((!$_POST[retailer_name])) $errmsg = $errmsg.'Shop name, ';
|
||||
if (!$_POST[retailer_city]) $errmsg = $errmsg.'City, ';
|
||||
if (!$_POST[retailer_state]) $errmsg = $errmsg.'State, ';
|
||||
if (!$_POST[retailer_address]) $errmsg = $errmsg.'Address, ';
|
||||
if (!$_POST[retailer_phone]) $errmsg = $errmsg.'Phone, ';
|
||||
if (!$_POST[retailer_email]) $errmsg = $errmsg.'Email, ';
|
||||
if (!$_POST[retailer_hours]) $errmsg = $errmsg.'Shop hours, ';
|
||||
if ($_POST[retailer_contact] == 1 && !$_POST[retailer_contact_names]) $errmsg = $errmsg.'Contact names, ';
|
||||
if ($_POST[retailer_fist] == 1 && !$_POST[retailer_fist_names]) $errmsg = $errmsg.'F.I.S.T. Tri fitters names, ';
|
||||
if ($_POST[retailer_fist_road] == 1 && !$_POST[retailer_fist_road_names]) $errmsg = $errmsg.'F.I.S.T. Road fitters names, ';
|
||||
if ($_POST[retailer_serotta] == 1 && !$_POST[retailer_serotta_names]) $errmsg = $errmsg.'Serotta fitters names, ';
|
||||
if ($_POST[retailer_barnett] == 1 && !$_POST[retailer_barnett_names]) $errmsg = $errmsg.'Barnett mechanics names, ';
|
||||
if ($_POST[retailer_ubi] == 1 && !$_POST[retailer_ubi_names]) $errmsg = $errmsg.'UBI mechanics names, ';
|
||||
if (strlen($_POST[retailer_info]) < 4) $errmsg = $errmsg.'Shop info, ';
|
||||
if (strlen($_POST[retailer_directions]) < 4) $errmsg = $errmsg.'Directions, ';
|
||||
if (isset($errmsg)) {
|
||||
$errmsg = 'The following fields cannot be left blank: '.$errmsg;
|
||||
$errmsg = rtrim($errmsg, ', ');
|
||||
}
|
||||
if( preg_match('/[^a-zA-Z0-9\. ]/', $_POST[retailer_name]) ) {
|
||||
// Contains invalid characters.
|
||||
$errmsg = "Please use only letters and numbers in the name";
|
||||
}
|
||||
// BEGIN ERROR MESSAGE CHECK
|
||||
if(!$errmsg){
|
||||
|
||||
$name = mysql_real_escape_string(trim($_POST[retailer_name]));
|
||||
$name_tag = mysql_real_escape_string(strtolower(str_replace(" ","", $name)));
|
||||
if(strlen($nametag) > 12){ //Shorten it
|
||||
$name_tag = substr($nametag, 0, 12);
|
||||
}
|
||||
$address = mysql_real_escape_string(trim($_POST[retailer_address]));
|
||||
$address_two = mysql_real_escape_string(trim($_POST[retailer_address_two]));
|
||||
$city = mysql_real_escape_string(trim($_POST[retailer_city]));
|
||||
$state = mysql_real_escape_string($_POST[retailer_state]);
|
||||
$state_tag = mysql_real_escape_string(strtolower(str_replace(" ","", $state)));
|
||||
$zip = mysql_real_escape_string(trim($_POST[retailer_zip]));
|
||||
$phone = mysql_real_escape_string(trim($_POST[retailer_phone]));
|
||||
$fax = mysql_real_escape_string(trim($_POST[retailer_fax]));
|
||||
$email = mysql_real_escape_string(trim($_POST[retailer_email]));
|
||||
$website = mysql_real_escape_string(trim($_POST[retailer_website]));
|
||||
$substring = "http://";
|
||||
if (!is_int(strpos($website, $substring))) {
|
||||
$website = "http://".$website;
|
||||
}
|
||||
$cart = mysql_real_escape_string(trim($_POST[retailer_cart]));
|
||||
$mailorder_ecommerce = mysql_real_escape_string(trim($_POST[retailer_mailorder_ecommerce]));
|
||||
$mailorder_phone = mysql_real_escape_string(trim($_POST[retailer_mailorder_phone]));
|
||||
$local_ecommerce = mysql_real_escape_string(trim($_POST[retailer_local_ecommerce]));
|
||||
$local_phone = mysql_real_escape_string(trim($_POST[retailer_local_phone]));
|
||||
$pickup_ecommerce = mysql_real_escape_string(trim($_POST[retailer_pickup_ecommerce]));
|
||||
$pickup_phone = mysql_real_escape_string(trim($_POST[retailer_pickup_phone]));
|
||||
$contact = mysql_real_escape_string($_POST[retailer_contact]);
|
||||
if ( $contact == 0 ){ $contact_names = NULL; }else{ $contact_names = mysql_real_escape_string(trim($_POST[retailer_contact_names])); }
|
||||
$fist = mysql_real_escape_string($_POST[retailer_fist]);
|
||||
if ( $fist == 0 ){ $fist_names = NULL; }else{ $fist_names = mysql_real_escape_string(trim($_POST[retailer_fist_names])); }
|
||||
$fist_road = mysql_real_escape_string($_POST[retailer_fist_road]);
|
||||
if ( $fist_road == 0 ){ $fist_road_names = NULL; }else{ $fist_road_names = mysql_real_escape_string(trim($_POST[retailer_fist_road_names])); }
|
||||
$fist_advanced = mysql_real_escape_string($_POST[retailer_fist_advanced]);
|
||||
if ( $fist_advanced == 0 ){ $fist_advanced_names = NULL; }else{ $fist_advanced_names = mysql_real_escape_string(trim($_POST[retailer_fist_advanced_names])); }
|
||||
$bfact = mysql_real_escape_string(trim($_POST[retailer_bfact]));
|
||||
$serotta = mysql_real_escape_string($_POST[retailer_serotta]);
|
||||
if ( $serotta == 0 ){ $serotta_names = NULL; }else{ $serotta_names = mysql_real_escape_string(trim($_POST[retailer_serotta_names])); }
|
||||
/* Need to ltrim and rtrim commas before insertion --> or ltrim/rtrim before implosion*/
|
||||
$method = mysql_real_escape_string($_POST[retailer_method]);
|
||||
$fitbikes = mysql_real_escape_string($_POST[retailer_fitbikes]);
|
||||
$motioncapture = mysql_real_escape_string($_POST[retailer_motioncapture]);
|
||||
$wetsuits = mysql_real_escape_string($_POST[retailer_wetsuits]);
|
||||
$bikes = mysql_real_escape_string($_POST[retailer_bikes]);
|
||||
$customs = mysql_real_escape_string($_POST[retailer_customs]);
|
||||
$hours = mysql_real_escape_string(trim($_POST[retailer_hours]));
|
||||
$barnett = mysql_real_escape_string($_POST[retailer_barnett]);
|
||||
if ( $barnett == 0 ){ $barnett_names = NULL; }else{ $barnett_names = mysql_real_escape_string(trim($_POST[retailer_barnett_names])); }
|
||||
$ubi = mysql_real_escape_string($_POST[retailer_ubi]);
|
||||
if ( $ubi == 0 ){ $ubi_names = NULL; }else{ $ubi_names = mysql_real_escape_string(trim($_POST[retailer_ubi_names])); }
|
||||
$info = mysql_real_escape_string(substr(trim($_POST[retailer_info]), 0, 4096));
|
||||
$directions = mysql_real_escape_string(substr(trim($_POST[retailer_directions]), 0, 4096));
|
||||
$submitted_by = mysql_real_escape_string($_POST[retailer_submitted_by]);
|
||||
$id = mysql_real_escape_string($_POST[retailer_id]);
|
||||
$edited_by = mysql_real_escape_string($_POST[edited_by]);
|
||||
$edit_timestamp = time();
|
||||
$spoke = mysql_real_escape_string(trim($_POST[retailer_spoke]));
|
||||
|
||||
// BEGIN CONFIRM ENTRY CHECK
|
||||
if($_POST[confirm_entry] == 1){
|
||||
if(isset($_POST[new_shop])){
|
||||
$sql = "INSERT INTO gforum_Retailers (retailer_name, retailer_name_tag, retailer_address, retailer_address_two, retailer_city, retailer_state, retailer_state_tag, retailer_zip, retailer_phone, retailer_fax, retailer_email, retailer_website, retailer_cart, retailer_mailorder_ecommerce, retailer_mailorder_phone, retailer_local_ecommerce, retailer_local_phone, retailer_pickup_ecommerce, retailer_pickup_phone, retailer_contact, retailer_contact_names, retailer_fist, retailer_fist_names, retailer_fist_road, retailer_fist_road_names, retailer_fist_advanced, retailer_fist_advanced_names, retailer_bfact, retailer_serotta, retailer_serotta_names, retailer_method, retailer_fitbikes, retailer_motioncapture, retailer_wetsuits, retailer_bikes, retailer_customs, retailer_hours, retailer_barnett, retailer_barnett_names, retailer_ubi, retailer_ubi_names, retailer_info, retailer_directions, retailer_submitted_by, retailer_valid, retailer_spoke) VALUES ('$name', '$name_tag', '$address', '$address_two', '$city', '$state', '$state_tag', '$zip', '$phone', '$fax', '$email', '$website', '$cart', '$mailorder_ecommerce', '$mailorder_phone', '$local_ecommerce', '$local_phone', '$pickup_ecommerce', '$pickup_phone', $contact, '$contact_names', $fist, '$fist_names', $fist_road, '$fist_road_names', $fist_advanced, '$fist_advanced_names', '$bfact', $serotta, '$serotta_names', '$method', ',$fitbikes,', ',$motioncapture,', ',$wetsuits,', ',$bikes,', ',$customs,', '$hours', $barnett, '$barnett_names', $ubi, '$ubi_names', '$info', '$directions', $submitted_by, 0, '$spoke')";
|
||||
//echo("shop entered!");
|
||||
//echo($sql);
|
||||
mysql_query($sql) OR die(mysql_error());
|
||||
header('Location: '.$site_url.'/add.php?confirmed=yes');
|
||||
} elseif(isset($_POST[save_changes])) {
|
||||
$sql = "INSERT INTO gforum_RetailersEdits (retailer_id_fk, editor_user_id_fk, edit_timestamp, retailer_name, retailer_name_tag, retailer_address, retailer_address_two, retailer_city, retailer_state, retailer_state_tag, retailer_zip, retailer_phone, retailer_fax, retailer_email, retailer_website, retailer_cart, retailer_mailorder_ecommerce, retailer_mailorder_phone, retailer_local_ecommerce, retailer_local_phone, retailer_pickup_ecommerce, retailer_pickup_phone, retailer_contact, retailer_contact_names, retailer_fist, retailer_fist_names, retailer_fist_road, retailer_fist_road_names, retailer_fist_advanced, retailer_fist_advanced_names, retailer_bfact, retailer_serotta, retailer_serotta_names, retailer_method, retailer_fitbikes, retailer_motioncapture, retailer_wetsuits, retailer_bikes, retailer_customs, retailer_hours, retailer_barnett, retailer_barnett_names, retailer_ubi, retailer_ubi_names, retailer_info, retailer_directions, retailer_submitted_by, retailer_valid, retailer_spoke) VALUES ('$id', '$edited_by', '$edit_timestamp', '$name', '$name_tag', '$address', '$address_two', '$city', '$state', '$state_tag', '$zip', '$phone', '$fax', '$email', '$website', '$cart', '$mailorder_ecommerce', '$mailorder_phone', '$local_ecommerce', '$local_phone', '$pickup_ecommerce', '$pickup_phone', $contact, '$contact_names', $fist, '$fist_names', $fist_road, '$fist_road_names', $fist_advanced, '$fist_advanced_names', '$bfact', $serotta, '$serotta_names', '$method', ',$fitbikes,', ',$motioncapture,', ',$wetsuits,', ',$bikes,', ',$customs,', '$hours', $barnett, '$barnett_names', $ubi, '$ubi_names', '$info', '$directions', $submitted_by, 0, '$spoke')";
|
||||
mysql_query($sql) OR die(mysql_error());
|
||||
header('Location: '.$site_url.'/individual.php?retailer_id='.$id.'&wiki_change=success');
|
||||
} else {
|
||||
header('Location: '.$site_url.'/individual.php?retailer_id='.$id.'&changes=failure');
|
||||
}
|
||||
} else {
|
||||
//echo("shop NOT entered.");
|
||||
$confirm = 1;
|
||||
}
|
||||
// END CONFIRM ENTRY CHECK
|
||||
}
|
||||
// END ERROR MESSAGE CHECK
|
||||
?>
|
||||
Reference in New Issue
Block a user