Fifth pass at adding key files

2024-06-17 22:42:14 +10:00
parent 67ccdbcc34
commit 9797a6824a
535 changed files with 95045 additions and 0 deletions
--- a/site/triclubs/wiki_validate_X.php
+++ b/site/triclubs/wiki_validate_X.php
@@ -0,0 +1,103 @@
+<?PHP 
+
+// do I need to do additional security checks to make sure the script is being called appropriately?
+
+/*
+
+FIELD NAMES: 
+triclub_id
+triclub_name
+triclub_name_tag
+triclub_address
+triclub_address_two
+triclub_city
+triclub_state
+triclub_state_tag
+triclub_zip
+triclub_email
+triclub_website
+triclub_president
+triclub_board
+triclub_board_names
+triclub_membership
+triclub_dues
+triclub_info
+triclub_sponsors
+triclub_discounts
+triclub_directions
+triclub_workouts
+triclub_meetings
+triclub_submitted_by
+triclub_valid
+triclub_member_tags
+
+*/
+
+include("config.php");
+
+if (!$_POST){ header('Location: '.$site_url.'/'); }
+
+// error checking
+if(!isset($_POST)) exit();
+
+if (isset($_POST[delete])) {	
+	// convert the array to a SQL friendly format
+	$deleteList = "(".implode(",", $_POST[delete]).")";
+	
+	// build the SQL query to delete the edits that are bad
+	$sql = "DELETE FROM ".$prefix."TriclubsEdits WHERE edit_id IN $deleteList";
+			  
+	mysql_query($sql) or die(mysql_error());
+}
+
+if (isset($_POST[validate])) {
+	// convert the array to a SQL friendly format
+	$validateList = "(".implode(",", $_POST[validate]).")";
+	
+	$sql = "SELECT * FROM ".$prefix."TriclubsEdits WHERE edit_id IN $validateList";
+	
+	$results = mysql_query($sql) OR die(mysql_error());
+	
+	// Loop through triclubs shifting edits over
+	while($row = mysql_fetch_array($results)) {
+		$sql = "UPDATE ".$prefix."Triclubs 
+					SET triclub_name = '".mysql_escape_string($row[triclub_name])."',
+						triclub_name_tag = '".mysql_escape_string($row[triclub_name_tag])."',
+						triclub_address = '".mysql_escape_string($row[triclub_address])."',
+						triclub_address_two = '".mysql_escape_string($row[triclub_address_two])."',
+						triclub_city = '".mysql_escape_string($row[triclub_city])."',
+						triclub_state = '".mysql_escape_string($row[triclub_state])."',
+						triclub_state_tag = '".mysql_escape_string($row[triclub_state_tag])."',
+						triclub_zip = '".mysql_escape_string($row[triclub_zip])."',
+						triclub_email = '".mysql_escape_string($row[triclub_email])."',
+						triclub_website = '".mysql_escape_string($row[triclub_website])."',
+						triclub_president = '".mysql_escape_string($row[triclub_president])."',
+						triclub_board = '".mysql_escape_string($row[triclub_board])."',
+						triclub_board_names = '".mysql_escape_string($row[triclub_board_names])."',
+						triclub_membership = '".mysql_escape_string($row[triclub_membership])."',
+						triclub_dues = '".mysql_escape_string($row[triclub_dues])."',
+						triclub_info = '".mysql_escape_string($row[triclub_info])."',
+						triclub_sponsors = '".mysql_escape_string($row[triclub_sponsors])."',
+						triclub_discounts = '".mysql_escape_string($row[triclub_discounts])."',
+						triclub_directions = '".mysql_escape_string($row[triclub_directions])."',
+						triclub_workouts = '".mysql_escape_string($row[triclub_workouts])."',
+						triclub_meetings = '".mysql_escape_string($row[triclub_meetings])."'
+						WHERE triclub_id = '$row[triclub_id_fk]'";
+		//echo $sql;
+		//exit();
+		mysql_query($sql) OR die(mysql_error());
+		
+		$sql = "INSERT INTO ".$prefix."TriclubsEditors (triclub_id_fk, user_id_fk, edit_timestamp) VALUES ('$row[triclub_id_fk]', '$row[editor_user_id_fk]', '$row[edit_timestamp]')";
+		mysql_query($sql) OR die(mysql_error());
+		
+		$sql = "DELETE FROM ".$prefix."TriclubsEdits WHERE edit_id = $row[edit_id]";
+		mysql_query($sql) OR die(mysql_error());
+		
+	}
+	
+}
+
+
+header('Location: '.$site_url.'/wiki_validate.php');
+
+?>