"; $errmsg = rtrim($errmsg, ", "); } $start_url = "(http(s)?\:\/\/)?"; // start url $dots = "([\w_-]{2,}\.)+"; // one or more parts containing a '.' at the end $last_part = "([\w_-]{2,})"; // last part doesn't contain a dot $user = "((\/)(\~)[\w_=-]+)?((\/)[\w_=-]+)*"; // maybe subdirectories - possibly with user ~ $end = "((\/)|(\/)[\w_-]+\.[\w]{2,})?"; // maybe a slash at the end or slash+file+extension $qstring1 = "((\?[\w_-]+\=([^\#]+)){0,1}"; // querystring - first argument (?a=b) $qstring2 = "(\&[\w_-]+\=([^\#]+))*)?"; // querystring - following arguments (&c=d) $bkmrk = "(#[\w_-]+)?"; // bookmark $exp = "/^".$start_url.$dots.$last_part.$user.$end.$qstring1.$qstring2.$bkmrk."$/i"; if( !preg_match($exp, $_POST[website]) ) { // Contains invalid characters. $errmsg = $errmsg."Invalid Web Address
"; } if( !preg_match($exp, $_POST[facebook]) ) { // Contains invalid characters. $errmsg = $errmsg."Invalid Web Address
"; } if( !preg_match($exp, $_POST[raffle]) ) { // Contains invalid characters. $errmsg = $errmsg."Invalid Web Address
"; } if( preg_match('/[^a-zA-Z0-9\. ]/', $_POST[name]) ) { // Contains invalid characters. $errmsg = $errmsg."Please use only letters and numbers in the name
"; } // begin error message check if(!$errmsg){ $name = trim($_POST[name]); $name_tag = strtolower(str_replace(" ","", $name)); //if(strlen($name_tag) > 12){ //Shorten it $name_tag = substr($name_tag, 0, 12); //} // need to update a typo here in other dbs $address = mysql_escape_string(trim($_POST[address])); $full_address = $address; if (isset($_POST['address_two'])) { $address_two = mysql_escape_string(trim($_POST[address_two])); } else { $address_two = NULL; $full_address = $full_address.", ".$address_two; } $city = mysql_escape_string(trim($_POST[city])); $full_address = $full_address.", ".$city; $state = $_POST[state]; $full_address = $full_address.", ".$state; $state_tag = strtolower(str_replace(" ","", $state)); $zip = mysql_escape_string(trim($_POST[zip])); $full_address = $full_address." ".$zip; $latlng_override = $_POST[latlng_override]; if ($latlng_override == true) { $lat = $_POST[lat]; $lng = $_POST[lng]; } else { //geocode //echo ($full_address); $geocode_status = geocode($full_address); //echo (is_array($geocode_status)); if (is_array($geocode_status)) { $geocode_error = false; $lat = $geocode_status[0]; $_POST[lat] = $lat; $lng = $geocode_status[1]; $_POST[lng] = $lng; //echo ($lat.", ".$lng); } else { $geocode_error = true; $lat = 0; $_POST[lat] = $lat; $lng = 0; $_POST[lng] = $lng; $geocode_message = $geocode_status; } } $phone = mysql_escape_string(trim($_POST[phone])); $fax = mysql_escape_string(trim($_POST[fax])); $email = mysql_escape_string(trim($_POST[email])); $website = mysql_escape_string(trim($_POST[website])); $raffle = mysql_escape_string(trim($_POST[raffle])); $facebook = mysql_escape_string(trim($_POST[facebook])); $stambassador = mysql_escape_string(trim($_POST[stambassador])); $stambassador_names = mysql_escape_string(trim($_POST[stambassador_names])); $triclub = mysql_escape_string(trim($_POST[triclub])); $triclub_names = mysql_escape_string(trim($_POST[triclub_names])); $coach = mysql_escape_string(trim($_POST[coach])); $coach_names = mysql_escape_string(trim($_POST[coach_names])); $racedirector = mysql_escape_string(trim($_POST[racedirector])); $racedirector_names = mysql_escape_string(trim($_POST[racedirector_names])); $brewery = mysql_escape_string(trim($_POST[brewery])); $brewery_names = mysql_escape_string(trim($_POST[brewery_names])); $local = mysql_escape_string(trim($_POST[local])); $fitbike = $_POST[fitbike]; $saddlechange = $_POST[saddlechange]; $motioncapture = $_POST[motioncapture]; $footbed = $_POST[footbed]; $wetsuit = $_POST[wetsuit]; $bike = $_POST[bike]; $trispecific = mysql_escape_string(trim($_POST[trispecific])); $trispecific_names = mysql_escape_string(trim($_POST[trispecific_names])); $fist = mysql_escape_string(trim($_POST[fist])); $fist_names = mysql_escape_string(trim($_POST[fist_names])); $diagnostic = $_POST[diagnostic]; $shoe = $_POST[shoe]; $sock = $_POST[sock]; $apparel_run = $_POST[apparel_run]; $apparel_tri = $_POST[apparel_tri]; $swimgear = $_POST[swimgear]; $bikeaccessory = $_POST[bikeaccessory]; $bikebody = $_POST[bikebody]; $bikecomponent = $_POST[bikecomponent]; $bikeelectronic = $_POST[bikeelectronic]; $bikehelmet = $_POST[bikehelmet]; $biketrainer = $_POST[biketrainer]; $bikewheel = $_POST[bikewheel]; $runhydrate = $_POST[runhydrate]; $bodycare = $_POST[bodycare]; $hours = mysql_escape_string(trim($_POST[hours])); $activity = mysql_escape_string(nl2br(substr(trim($_POST[activity]), 0, 4096))); $hour = $_POST[hour]; if($_POST[daypart] == 1){ $hour = $hour + 12; } $minute = $_POST[minute]; $year = $_POST[year]; $month = $_POST[month]; $day = $_POST[day]; $date = "$year-$month-$day $hour:$minute:00"; $submitted_by = $_POST[submitted_by]; $id = $_POST[$field_lead.'id']; $edited_by = $_POST['edited_by']; $edit_timestamp = time(); // BEGIN CONFIRM ENTRY CHECK if($_POST[insert_roadshow] == true){ if(isset($_POST[new_roadshow])){ $sql = "INSERT INTO ".$prefix."Roadshow (roadshow_date, roadshow_name, roadshow_name_tag, roadshow_address, roadshow_address_two, roadshow_city, roadshow_state, roadshow_state_tag, roadshow_zip, roadshow_lat, roadshow_lng, roadshow_phone, roadshow_fax, roadshow_email, roadshow_website, roadshow_raffle, roadshow_facebook, roadshow_stambassador, roadshow_stambassador_names, roadshow_triclub, roadshow_triclub_names, roadshow_coach, roadshow_coach_names, roadshow_racedirector, roadshow_racedirector_names, roadshow_brewery, roadshow_brewery_names, roadshow_local, roadshow_fitbike, roadshow_saddlechange, roadshow_motioncapture, roadshow_footbed, roadshow_wetsuit, roadshow_bike, roadshow_trispecific, roadshow_trispecific_names, roadshow_fist, roadshow_fist_names, roadshow_diagnostic, roadshow_shoe, roadshow_sock, roadshow_apparel_run, roadshow_apparel_tri, roadshow_swimgear, roadshow_bikeaccessory, roadshow_bikebody, roadshow_bikecomponent, roadshow_bikeelectronic, roadshow_bikehelmet, roadshow_biketrainer, roadshow_bikewheel, roadshow_runhydrate, roadshow_bodycare, roadshow_hours, roadshow_activity, roadshow_submitted_by, roadshow_valid) VALUES ('$date', '$name', '$name_tag', '$address', '$address_two', '$city', '$state', '$state_tag', '$zip', '$lat', '$lng', '$phone', '$fax', '$email', '$website', '$raffle', '$facebook', '$stambassador', '$stambassador_names', '$triclub', '$triclub_names', '$coach', '$coach_names', '$racedirector', '$racedirector_names', '$brewery', '$brewery_names', '$local', '$fitbike', '$saddlechange', '$motioncapture', '$footbed', '$wetsuit', '$bike', '$trispecific', '$trispecific_names', '$fist', '$fist_names', '$diagnostic', '$shoe', '$sock', '$apparel_run', '$apparel_tri', '$swimgear', '$bikeaccessory', '$bikebody', '$bikecomponent', '$bikeelectronic', '$bikehelmet', '$biketrainer', '$bikewheel', '$runhydrate', '$bodycare', '$hours', '$activity', $submitted_by, 0)"; //echo("new open water event entered!"); //echo($sql); mysql_query($sql) OR die(mysql_error()); //header('Location: '.$site_url.'/add.php?confirmed=yes'); } elseif(isset($_POST[save_changes])) { $sql = "INSERT INTO ".$prefix."RoadshowEdits (roadshow_id_fk, edit_user_id_fk, edit_timestamp, roadshow_date, roadshow_name, roadshow_name_tag, roadshow_address, roadshow_address_two, roadshow_city, roadshow_state, roadshow_state_tag, roadshow_zip, roadshow_lat, roadshow_lng, roadshow_phone, roadshow_fax, roadshow_email, roadshow_website, roadshow_raffle, roadshow_facebook, roadshow_stambassador, roadshow_stambassador_names, roadshow_triclub, roadshow_triclub_names, roadshow_coach, roadshow_coach_names, roadshow_racedirector, roadshow_racedirector_names, roadshow_brewery, roadshow_brewery_names, roadshow_local, roadshow_fitbike, roadshow_saddlechange, roadshow_motioncapture, roadshow_footbed, roadshow_wetsuit, roadshow_bike, roadshow_trispecific, roadshow_trispecific_names, roadshow_fist, roadshow_fist_names, roadshow_diagnostic, roadshow_shoe, roadshow_sock, roadshow_apparel_run, roadshow_apparel_tri, roadshow_swimgear, roadshow_bikeaccessory, roadshow_bikebody, roadshow_bikecomponent, roadshow_bikeelectronic, roadshow_bikehelmet, roadshow_biketrainer, roadshow_bikewheel, roadshow_runhydrate, roadshow_bodycare, roadshow_hours, roadshow_activity, roadshow_submitted_by, roadshow_valid) VALUES ('$id', '$edited_by', '$edit_timestamp', '$date', '$name', '$name_tag', '$address', '$address_two', '$city', '$state', '$state_tag', '$zip', '$lat', '$lng', '$phone', '$fax', '$email', '$website', '$raffle', '$facebook', '$stambassador', '$stambassador_names', '$triclub', '$triclub_names', '$coach', '$coach_names', '$racedirector', '$racedirector_names', '$brewery', '$brewery_names', '$local', '$fitbike', '$saddlechange', '$motioncapture', '$footbed', '$wetsuit', '$bike', '$trispecific', '$trispecific_names', '$fist', '$fist_names', '$diagnostic', '$shoe', '$sock', '$apparel_run', '$apparel_tri', '$swimgear', '$bikeaccessory', '$bikebody', '$bikecomponent', '$bikeelectronic', '$bikehelmet', '$biketrainer', '$bikewheel', '$runhydrate', '$bodycare', '$hours', '$activity', $submitted_by, 0)"; //echo("edit to open water event entered!"); echo($sql); mysql_query($sql) OR die(mysql_error()); header('Location: '.$site_url.'/individual.php?roadshow_id='.$id.'&wiki_change=success'); } else { header('Location: '.$site_url.'/individual.php?roadshow_id='.$id.'&changes=failure'); } } else { //echo("open water event NOT entered."); $confirm_roadshow = true; } // END CONFIRM ENTRY CHECK } // END ERROR MESSAGE CHECK ?>