Fifth pass at adding key files
This commit is contained in:
dsainty
250
site/roadshow/wiki_edit_X.php
Normal file
250
site/roadshow/wiki_edit_X.php
Normal file
@@ -0,0 +1,250 @@
|
||||
<?PHP
|
||||
|
||||
if (!$_POST){ header('Location: '.$site_url.'/?error=no_post'); }
|
||||
|
||||
/*
|
||||
|
||||
FIELD NAMES:
|
||||
roadshow_id
|
||||
roadshow_date
|
||||
roadshow_name
|
||||
roadshow_name_tag
|
||||
roadshow_address
|
||||
roadshow_address_two
|
||||
roadshow_city
|
||||
roadshow_state
|
||||
roadshow_state_tag
|
||||
roadshow_zip
|
||||
roadshow_lat
|
||||
roadshow_lng
|
||||
roadshow_phone
|
||||
roadshow_fax
|
||||
roadshow_email
|
||||
roadshow_website
|
||||
roadshow_facebook
|
||||
roadshow_raffle
|
||||
roadshow_stambassador
|
||||
roadshow_stambassador_names
|
||||
roadshow_triclub
|
||||
roadshow_triclub_names
|
||||
roadshow_coach
|
||||
roadshow_coach_names
|
||||
roadshow_racedirector
|
||||
roadshow_racedirector_names
|
||||
roadshow_brewery
|
||||
roadshow_brewery_names
|
||||
roadshow_local
|
||||
roadshow_fitbike
|
||||
roadshow_saddlechange
|
||||
roadshow_motioncapture
|
||||
roadshow_footbed
|
||||
roadshow_wetsuit
|
||||
roadshow_bike
|
||||
roadshow_trispecific
|
||||
roadshow_trispecific_names
|
||||
roadshow_fist
|
||||
roadshow_fist_names
|
||||
roadshow_diagnostic
|
||||
roadshow_shoe
|
||||
roadshow_sock
|
||||
roadshow_apparel_run
|
||||
roadshow_apparel_tri
|
||||
roadshow_swimgear
|
||||
roadshow_bikeaccessory
|
||||
roadshow_bikebody
|
||||
roadshow_bikecomponent
|
||||
roadshow_bikeelectronic
|
||||
roadshow_bikehelmet
|
||||
roadshow_biketrainer
|
||||
roadshow_bikewheel
|
||||
roadshow_runhydrate
|
||||
roadshow_bodycare
|
||||
roadshow_hours
|
||||
roadshow_activity
|
||||
roadshow_submitted_by
|
||||
roadshow_valid
|
||||
roadshow_user_tags
|
||||
|
||||
*/
|
||||
|
||||
/* Need to ltrim and rtrim commas before insertion */
|
||||
|
||||
//Insert into database
|
||||
//$pass = 'abc123';
|
||||
$errmsg = NULL;
|
||||
$insert_success = NULL;
|
||||
//Check for blank fields
|
||||
if ((!$_POST[name])) $errmsg = $errmsg."Road show event name, ";
|
||||
if ($_POST[month]==0) $errmsg = $errmsg.'event month, ';
|
||||
if ($_POST[day]==0) $errmsg = $errmsg.'event day, ';
|
||||
if (!$_POST[city]) $errmsg = $errmsg."City, ";
|
||||
if (!$_POST[state]) $errmsg = $errmsg."State, ";
|
||||
if (!$_POST[address]) $errmsg = $errmsg."Address, ";
|
||||
if ((!$_POST[lat] || !$_POST[lng]) && $_POST[latlng_override] == true) $errmsg = $errmsg."Lat/Lng cannot be left blank if you wish to override address, ";
|
||||
if (!$_POST[phone]) $errmsg = $errmsg."Phone, ";
|
||||
if (!$_POST[email]) $errmsg = $errmsg."Email, ";
|
||||
if (!$_POST[website]) $errmsg = $errmsg."Website, ";
|
||||
//if (!$_POST[hours]) $errmsg = $errmsg."Shop hours, ";
|
||||
if ($_POST[fist] == 1 && !$_POST[fist_names]) $errmsg = $errmsg.'F.I.S.T. Tri fitters names, ';
|
||||
if (strlen($_POST[activity]) < 4) $errmsg = $errmsg."Runs and classes information, ";
|
||||
if (isset($errmsg)) {
|
||||
$errmsg = "The following fields cannot be left blank: ".$errmsg."<br />";
|
||||
$errmsg = rtrim($errmsg, ", ");
|
||||
}
|
||||
|
||||
$start_url = "(http(s)?\:\/\/)?"; // start url
|
||||
$dots = "([\w_-]{2,}\.)+"; // one or more parts containing a '.' at the end
|
||||
$last_part = "([\w_-]{2,})"; // last part doesn't contain a dot
|
||||
$user = "((\/)(\~)[\w_=-]+)?((\/)[\w_=-]+)*"; // maybe subdirectories - possibly with user ~
|
||||
$end = "((\/)|(\/)[\w_-]+\.[\w]{2,})?"; // maybe a slash at the end or slash+file+extension
|
||||
$qstring1 = "((\?[\w_-]+\=([^\#]+)){0,1}"; // querystring - first argument (?a=b)
|
||||
$qstring2 = "(\&[\w_-]+\=([^\#]+))*)?"; // querystring - following arguments (&c=d)
|
||||
$bkmrk = "(#[\w_-]+)?"; // bookmark
|
||||
|
||||
$exp = "/^".$start_url.$dots.$last_part.$user.$end.$qstring1.$qstring2.$bkmrk."$/i";
|
||||
if( !preg_match($exp, $_POST[website]) ) {
|
||||
// Contains invalid characters.
|
||||
$errmsg = $errmsg."Invalid Web Address<br />";
|
||||
}
|
||||
if( !preg_match($exp, $_POST[facebook]) ) {
|
||||
// Contains invalid characters.
|
||||
$errmsg = $errmsg."Invalid Web Address<br />";
|
||||
}
|
||||
if( !preg_match($exp, $_POST[raffle]) ) {
|
||||
// Contains invalid characters.
|
||||
$errmsg = $errmsg."Invalid Web Address<br />";
|
||||
}
|
||||
if( preg_match('/[^a-zA-Z0-9\. ]/', $_POST[name]) ) {
|
||||
// Contains invalid characters.
|
||||
$errmsg = $errmsg."Please use only letters and numbers in the name<br />";
|
||||
}
|
||||
|
||||
// begin error message check
|
||||
if(!$errmsg){
|
||||
|
||||
$name = trim($_POST[name]);
|
||||
$name_tag = strtolower(str_replace(" ","", $name));
|
||||
//if(strlen($name_tag) > 12){ //Shorten it
|
||||
$name_tag = substr($name_tag, 0, 12);
|
||||
//} // need to update a typo here in other dbs
|
||||
$address = mysql_escape_string(trim($_POST[address]));
|
||||
$full_address = $address;
|
||||
if (isset($_POST['address_two'])) { $address_two = mysql_escape_string(trim($_POST[address_two])); } else { $address_two = NULL; $full_address = $full_address.", ".$address_two; }
|
||||
$city = mysql_escape_string(trim($_POST[city]));
|
||||
$full_address = $full_address.", ".$city;
|
||||
$state = $_POST[state];
|
||||
$full_address = $full_address.", ".$state;
|
||||
$state_tag = strtolower(str_replace(" ","", $state));
|
||||
$zip = mysql_escape_string(trim($_POST[zip]));
|
||||
$full_address = $full_address." ".$zip;
|
||||
$latlng_override = $_POST[latlng_override];
|
||||
if ($latlng_override == true) {
|
||||
$lat = $_POST[lat];
|
||||
$lng = $_POST[lng];
|
||||
} else {
|
||||
//geocode
|
||||
//echo ($full_address);
|
||||
$geocode_status = geocode($full_address);
|
||||
//echo (is_array($geocode_status));
|
||||
if (is_array($geocode_status)) {
|
||||
$geocode_error = false;
|
||||
$lat = $geocode_status[0];
|
||||
$_POST[lat] = $lat;
|
||||
$lng = $geocode_status[1];
|
||||
$_POST[lng] = $lng;
|
||||
//echo ($lat.", ".$lng);
|
||||
} else {
|
||||
$geocode_error = true;
|
||||
$lat = 0;
|
||||
$_POST[lat] = $lat;
|
||||
$lng = 0;
|
||||
$_POST[lng] = $lng;
|
||||
$geocode_message = $geocode_status;
|
||||
}
|
||||
}
|
||||
$phone = mysql_escape_string(trim($_POST[phone]));
|
||||
$fax = mysql_escape_string(trim($_POST[fax]));
|
||||
$email = mysql_escape_string(trim($_POST[email]));
|
||||
$website = mysql_escape_string(trim($_POST[website]));
|
||||
$raffle = mysql_escape_string(trim($_POST[raffle]));
|
||||
$facebook = mysql_escape_string(trim($_POST[facebook]));
|
||||
|
||||
$stambassador = mysql_escape_string(trim($_POST[stambassador]));
|
||||
$stambassador_names = mysql_escape_string(trim($_POST[stambassador_names]));
|
||||
$triclub = mysql_escape_string(trim($_POST[triclub]));
|
||||
$triclub_names = mysql_escape_string(trim($_POST[triclub_names]));
|
||||
$coach = mysql_escape_string(trim($_POST[coach]));
|
||||
$coach_names = mysql_escape_string(trim($_POST[coach_names]));
|
||||
$racedirector = mysql_escape_string(trim($_POST[racedirector]));
|
||||
$racedirector_names = mysql_escape_string(trim($_POST[racedirector_names]));
|
||||
$brewery = mysql_escape_string(trim($_POST[brewery]));
|
||||
$brewery_names = mysql_escape_string(trim($_POST[brewery_names]));
|
||||
$local = mysql_escape_string(trim($_POST[local]));
|
||||
$fitbike = $_POST[fitbike];
|
||||
$saddlechange = $_POST[saddlechange];
|
||||
$motioncapture = $_POST[motioncapture];
|
||||
$footbed = $_POST[footbed];
|
||||
$wetsuit = $_POST[wetsuit];
|
||||
$bike = $_POST[bike];
|
||||
$trispecific = mysql_escape_string(trim($_POST[trispecific]));
|
||||
$trispecific_names = mysql_escape_string(trim($_POST[trispecific_names]));
|
||||
$fist = mysql_escape_string(trim($_POST[fist]));
|
||||
$fist_names = mysql_escape_string(trim($_POST[fist_names]));
|
||||
$diagnostic = $_POST[diagnostic];
|
||||
$shoe = $_POST[shoe];
|
||||
$sock = $_POST[sock];
|
||||
$apparel_run = $_POST[apparel_run];
|
||||
$apparel_tri = $_POST[apparel_tri];
|
||||
$swimgear = $_POST[swimgear];
|
||||
$bikeaccessory = $_POST[bikeaccessory];
|
||||
$bikebody = $_POST[bikebody];
|
||||
$bikecomponent = $_POST[bikecomponent];
|
||||
$bikeelectronic = $_POST[bikeelectronic];
|
||||
$bikehelmet = $_POST[bikehelmet];
|
||||
$biketrainer = $_POST[biketrainer];
|
||||
$bikewheel = $_POST[bikewheel];
|
||||
$runhydrate = $_POST[runhydrate];
|
||||
$bodycare = $_POST[bodycare];
|
||||
$hours = mysql_escape_string(trim($_POST[hours]));
|
||||
|
||||
$activity = mysql_escape_string(nl2br(substr(trim($_POST[activity]), 0, 4096)));
|
||||
|
||||
$hour = $_POST[hour];
|
||||
if($_POST[daypart] == 1){ $hour = $hour + 12; }
|
||||
$minute = $_POST[minute];
|
||||
$year = $_POST[year];
|
||||
$month = $_POST[month];
|
||||
$day = $_POST[day];
|
||||
$date = "$year-$month-$day $hour:$minute:00";
|
||||
|
||||
$submitted_by = $_POST[submitted_by];
|
||||
|
||||
$id = $_POST[$field_lead.'id'];
|
||||
$edited_by = $_POST['edited_by'];
|
||||
$edit_timestamp = time();
|
||||
|
||||
// BEGIN CONFIRM ENTRY CHECK
|
||||
if($_POST[insert_roadshow] == true){
|
||||
if(isset($_POST[new_roadshow])){
|
||||
$sql = "INSERT INTO ".$prefix."Roadshow (roadshow_date, roadshow_name, roadshow_name_tag, roadshow_address, roadshow_address_two, roadshow_city, roadshow_state, roadshow_state_tag, roadshow_zip, roadshow_lat, roadshow_lng, roadshow_phone, roadshow_fax, roadshow_email, roadshow_website, roadshow_raffle, roadshow_facebook, roadshow_stambassador, roadshow_stambassador_names, roadshow_triclub, roadshow_triclub_names, roadshow_coach, roadshow_coach_names, roadshow_racedirector, roadshow_racedirector_names, roadshow_brewery, roadshow_brewery_names, roadshow_local, roadshow_fitbike, roadshow_saddlechange, roadshow_motioncapture, roadshow_footbed, roadshow_wetsuit, roadshow_bike, roadshow_trispecific, roadshow_trispecific_names, roadshow_fist, roadshow_fist_names, roadshow_diagnostic, roadshow_shoe, roadshow_sock, roadshow_apparel_run, roadshow_apparel_tri, roadshow_swimgear, roadshow_bikeaccessory, roadshow_bikebody, roadshow_bikecomponent, roadshow_bikeelectronic, roadshow_bikehelmet, roadshow_biketrainer, roadshow_bikewheel, roadshow_runhydrate, roadshow_bodycare, roadshow_hours, roadshow_activity, roadshow_submitted_by, roadshow_valid) VALUES ('$date', '$name', '$name_tag', '$address', '$address_two', '$city', '$state', '$state_tag', '$zip', '$lat', '$lng', '$phone', '$fax', '$email', '$website', '$raffle', '$facebook', '$stambassador', '$stambassador_names', '$triclub', '$triclub_names', '$coach', '$coach_names', '$racedirector', '$racedirector_names', '$brewery', '$brewery_names', '$local', '$fitbike', '$saddlechange', '$motioncapture', '$footbed', '$wetsuit', '$bike', '$trispecific', '$trispecific_names', '$fist', '$fist_names', '$diagnostic', '$shoe', '$sock', '$apparel_run', '$apparel_tri', '$swimgear', '$bikeaccessory', '$bikebody', '$bikecomponent', '$bikeelectronic', '$bikehelmet', '$biketrainer', '$bikewheel', '$runhydrate', '$bodycare', '$hours', '$activity', $submitted_by, 0)";
|
||||
//echo("new open water event entered!");
|
||||
//echo($sql);
|
||||
mysql_query($sql) OR die(mysql_error());
|
||||
//header('Location: '.$site_url.'/add.php?confirmed=yes');
|
||||
} elseif(isset($_POST[save_changes])) {
|
||||
$sql = "INSERT INTO ".$prefix."RoadshowEdits (roadshow_id_fk, edit_user_id_fk, edit_timestamp, roadshow_date, roadshow_name, roadshow_name_tag, roadshow_address, roadshow_address_two, roadshow_city, roadshow_state, roadshow_state_tag, roadshow_zip, roadshow_lat, roadshow_lng, roadshow_phone, roadshow_fax, roadshow_email, roadshow_website, roadshow_raffle, roadshow_facebook, roadshow_stambassador, roadshow_stambassador_names, roadshow_triclub, roadshow_triclub_names, roadshow_coach, roadshow_coach_names, roadshow_racedirector, roadshow_racedirector_names, roadshow_brewery, roadshow_brewery_names, roadshow_local, roadshow_fitbike, roadshow_saddlechange, roadshow_motioncapture, roadshow_footbed, roadshow_wetsuit, roadshow_bike, roadshow_trispecific, roadshow_trispecific_names, roadshow_fist, roadshow_fist_names, roadshow_diagnostic, roadshow_shoe, roadshow_sock, roadshow_apparel_run, roadshow_apparel_tri, roadshow_swimgear, roadshow_bikeaccessory, roadshow_bikebody, roadshow_bikecomponent, roadshow_bikeelectronic, roadshow_bikehelmet, roadshow_biketrainer, roadshow_bikewheel, roadshow_runhydrate, roadshow_bodycare, roadshow_hours, roadshow_activity, roadshow_submitted_by, roadshow_valid) VALUES ('$id', '$edited_by', '$edit_timestamp', '$date', '$name', '$name_tag', '$address', '$address_two', '$city', '$state', '$state_tag', '$zip', '$lat', '$lng', '$phone', '$fax', '$email', '$website', '$raffle', '$facebook', '$stambassador', '$stambassador_names', '$triclub', '$triclub_names', '$coach', '$coach_names', '$racedirector', '$racedirector_names', '$brewery', '$brewery_names', '$local', '$fitbike', '$saddlechange', '$motioncapture', '$footbed', '$wetsuit', '$bike', '$trispecific', '$trispecific_names', '$fist', '$fist_names', '$diagnostic', '$shoe', '$sock', '$apparel_run', '$apparel_tri', '$swimgear', '$bikeaccessory', '$bikebody', '$bikecomponent', '$bikeelectronic', '$bikehelmet', '$biketrainer', '$bikewheel', '$runhydrate', '$bodycare', '$hours', '$activity', $submitted_by, 0)";
|
||||
//echo("edit to open water event entered!");
|
||||
echo($sql);
|
||||
mysql_query($sql) OR die(mysql_error());
|
||||
header('Location: '.$site_url.'/individual.php?roadshow_id='.$id.'&wiki_change=success');
|
||||
} else {
|
||||
header('Location: '.$site_url.'/individual.php?roadshow_id='.$id.'&changes=failure');
|
||||
}
|
||||
} else {
|
||||
//echo("open water event NOT entered.");
|
||||
$confirm_roadshow = true;
|
||||
}
|
||||
// END CONFIRM ENTRY CHECK
|
||||
}
|
||||
// END ERROR MESSAGE CHECK
|
||||
?>
|
||||
Reference in New Issue
Block a user