<?PHP
if (!$_POST){ header('Location: '.$site_url.'/?error=no_post'); }
/*
FIELD NAMES:
retailer_id
retailer_name
retailer_name_tag
retailer_address
retailer_city
retailer_state
retailer_state_tag
retailer_zip
retailer_phone
retailer_fax
retailer_email
retailer_website
retailer_contact
retailer_contact_names
retailer_fist
retailer_fist_names
retailer_serotta
retailer_serotta_names
retailer_fitbikes
retailer_motioncapture
retailer_wetsuits
retailer_bikes
retailer_customs
retailer_hours
retailer_barnett
retailer_barnett_names
retailer_ubi
retailer_ubi_names
retailer_info
retailer_directions
retailer_submitted_by
*/
/* Need to ltrim and rtrim commas before insertion */
//Insert into database
$pass = 'abc123';
$errmsg = NULL;
//Check for blank fields
if ((!$_POST[retailer_name])) $errmsg = $errmsg.'Shop name, ';
if (!$_POST[retailer_city]) $errmsg = $errmsg.'City, ';
if (!$_POST[retailer_state]) $errmsg = $errmsg.'State, ';
if (!$_POST[retailer_address]) $errmsg = $errmsg.'Address, ';
if (!$_POST[retailer_phone]) $errmsg = $errmsg.'Phone, ';
if (!$_POST[retailer_email]) $errmsg = $errmsg.'Email, ';
if (!$_POST[retailer_hours]) $errmsg = $errmsg.'Shop hours, ';
if ($_POST[retailer_contact] == 1 && !$_POST[retailer_contact_names]) $errmsg = $errmsg.'Contact names, ';
if ($_POST[retailer_fist] == 1 && !$_POST[retailer_fist_names]) $errmsg = $errmsg.'F.I.S.T. fitters names, ';
if ($_POST[retailer_serotta] == 1 && !$_POST[retailer_serotta_names]) $errmsg = $errmsg.'Serotta fitters names, ';
if ($_POST[retailer_barnett] == 1 && !$_POST[retailer_barnett_names]) $errmsg = $errmsg.'Barnett mechanics names, ';
if ($_POST[retailer_ubi] == 1 && !$_POST[retailer_ubi_names]) $errmsg = $errmsg.'UBI mechanics names, ';
if (strlen($_POST[retailer_info]) < 4) $errmsg = $errmsg.'Shop info, ';
if (strlen($_POST[retailer_directions]) < 4) $errmsg = $errmsg.'Directions, ';
if (isset($errmsg)) {
$errmsg = 'The following fields cannot be left blank: '.$errmsg;
$errmsg = rtrim($errmsg, ', ');
}
if( preg_match('/[^a-zA-Z0-9\. ]/', $_POST[retailer_name]) ) {
// Contains invalid characters.
$errmsg = "Please use only letters and numbers in the name";
}
// BEGIN ERROR MESSAGE CHECK
if(!$errmsg){
$name = trim($_POST[retailer_name]);
$name_tag = strtolower(str_replace(" ","", $name));
if(strlen($nametag) > 12){ //Shorten it
$name_tag = substr($nametag, 0, 12);
}
$address = trim($_POST[retailer_address]);
$address_two = trim($_POST[retailer_address_two]);
$city = trim($_POST[retailer_city]);
$state = $_POST[retailer_state];
$state_tag = strtolower(str_replace(" ","", $state));
$zip = trim($_POST[retailer_zip]);
$phone = trim($_POST[retailer_phone]);
$fax = trim($_POST[retailer_fax]);
$email = trim($_POST[retailer_email]);
$website = trim($_POST[retailer_website]);
$cart = trim($_POST[retailer_cart]);
$contact = $_POST[retailer_contact];
if ( $contact == 0 ){ $contact_names = NULL; }else{ $contact_names = trim($_POST[retailer_contact_names]); }
$fist = $_POST[retailer_fist];
if ( $fist == 0 ){ $fist_names = NULL; }else{ $fist_names = trim($_POST[retailer_fist_names]); }
$serotta = $_POST[retailer_serotta];
if ( $serotta == 0 ){ $serotta_names = NULL; }else{ $serotta_names = trim($_POST[retailer_serotta_names]); }
/* Need to ltrim and rtrim commas before insertion --> or ltrim/rtrim before implosion*/
$fitbikes = $_POST[retailer_fitbikes];
$motioncapture = $_POST[retailer_motioncapture];
$wetsuits = $_POST[retailer_wetsuits];
$bikes = $_POST[retailer_bikes];
$customs = $_POST[retailer_customs];
$hours = trim($_POST[retailer_hours]);
$barnett = $_POST[retailer_barnett];
if ( $barnett == 0 ){ $barnett_names = NULL; }else{ $barnett_names = trim($_POST[retailer_barnett_names]); }
$ubi = $_POST[retailer_ubi];
if ( $ubi == 0 ){ $ubi_names = NULL; }else{ $ubi_names = trim($_POST[retailer_ubi_names]); }
$info = nl2br(substr(trim($_POST[retailer_info]), 0, 4096));
$directions = nl2br(substr(trim($_POST[retailer_directions]), 0, 4096));
$submitted_by = $_POST[retailer_submitted_by];
$id = $_POST[retailer_id];
// BEGIN CONFIRM ENTRY CHECK
if($_POST[confirm_entry] == 1){
if(isset($_POST[new_shop])){
$sql = "INSERT INTO gforum_Retailers (retailer_name, retailer_name_tag, retailer_address, retailer_address_two, retailer_city, retailer_state, retailer_state_tag, retailer_zip, retailer_phone, retailer_fax, retailer_email, retailer_website, retailer_cart, retailer_contact, retailer_contact_names, retailer_fist, retailer_fist_names, retailer_serotta, retailer_serotta_names, retailer_fitbikes, retailer_motioncapture, retailer_wetsuits, retailer_bikes, retailer_customs, retailer_hours, retailer_barnett, retailer_barnett_names, retailer_ubi, retailer_ubi_names, retailer_info, retailer_directions, retailer_submitted_by, retailer_valid) VALUES ('$name', '$name_tag', '$address', '$address_two', '$city', '$state', '$state_tag', '$zip', '$phone', '$fax', '$email', '$website', '$cart', $contact, '$contact_names', $fist, '$fist_names', $serotta, '$serotta_names', ',$fitbikes,', ',$motioncapture,', ',$wetsuits,', ',$bikes,', ',$customs,', '$hours', $barnett, '$barnett_names', $ubi, '$ubi_names', '$info', '$directions', $submitted_by, 0)";
//echo("shop entered!");
//echo($sql);
mysql_query($sql) OR die(mysql_error());
header('Location: '.$site_url.'/add.php?confirmed=yes');
} elseif(isset($_POST[save_changes])) {
$sql = "UPDATE gforum_Retailers
SET retailer_name = '$name',
retailer_name_tag = '$name_tag',
retailer_address = '$address',
retailer_address_two = '$address_two',
retailer_city = '$city',
retailer_state = '$state',
retailer_state_tag = '$state_tag',
retailer_zip = '$zip',
retailer_phone = '$phone',
retailer_fax = '$fax',
retailer_email = '$email',
retailer_website = '$website',
retailer_cart = '$cart',
retailer_contact = '$contact',
retailer_contact_names = '$contact_names',
retailer_fist = '$fist',
retailer_fist_names = '$fist_names',
retailer_serotta = '$serotta',
retailer_serotta_names = '$serotta_names',
retailer_fitbikes = ',$fitbikes,',
retailer_motioncapture = ',$motioncapture,',
retailer_wetsuits = ',$wetsuits,',
retailer_bikes = ',$bikes,',
retailer_customs = ',$customs,',
retailer_hours = '$hours',
retailer_barnett = '$barnett',
retailer_barnett_names = '$barnett_names',
retailer_ubi = '$ubi',
retailer_ubi_names = '$ubi_names',
retailer_info = '$info',
retailer_directions = '$directions'
WHERE retailer_id = $id";
mysql_query($sql) OR die(mysql_error());
//echo $sql;
header('Location: '.$site_url.'/individual.php?retailer_id='.$id.'&changes=success');
} else {
header('Location: '.$site_url.'/individual.php?retailer_id='.$id.'&changes=failure');
}
} else {
//echo("shop NOT entered.");
$confirm = 1;
}
// END CONFIRM ENTRY CHECK
}
// END ERROR MESSAGE CHECK
?>