saint/discourse-legacysite-perl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
main
discourse-legacysite-perl/site/fitters/add_X.php
dsainty 9797a6824a Fifth pass at adding key files
2024-06-17 22:42:14 +10:00

153 lines
5.7 KiB
PHP
Raw Permalink Blame History

<?PHP
if (!$_POST){ header('Location: '.$site_url); }
/*
FIELD NAMES:
fitter_id
fitter_name
fitter_name_tag
fitter_address
fitter_address_two
fitter_city
fitter_state
fitter_state_tag
fitter_zip
fitter_phone
fitter_fax
fitter_email
fitter_website
fitter_certifications
fitter_fitbikes
fitter_motioncapture
fitter_cost
fitter_info
fitter_directions
fitter_submitted_by
fitter_valid
fitter_user_tags
*/
/* Need to ltrim and rtrim commas before insertion */
//Insert into database
//$pass = 'abc123';
$errmsg = NULL;
$insert_success = NULL;
//Check for blank fields
if ((!$_POST[name])) $errmsg = $errmsg."Shop name, ";
if (!$_POST[city]) $errmsg = $errmsg."City, ";
if (!$_POST[state]) $errmsg = $errmsg."State, ";
if (!$_POST[address]) $errmsg = $errmsg."Address, ";
if ((!$_POST[lat] || !$_POST[lng]) && $_POST[latlng_override] == true) $errmsg = $errmsg."Lat/Lng cannot be left blank if you wish to override address, ";
if (!$_POST[phone]) $errmsg = $errmsg."Phone, ";
if (!$_POST[email]) $errmsg = $errmsg."Email, ";
if (!$_POST[website]) $errmsg = $errmsg."Website, ";
if (!$_POST[cost]) $errmsg = $errmsg."Cost, ";
if (strlen($_POST[info]) < 4) $errmsg = $errmsg."General Info, ";
if (strlen($_POST[directions]) < 4) $errmsg = $errmsg."Directions, ";
if (isset($errmsg)) {
$errmsg = "The following fields cannot be left blank: ".$errmsg."<br />";
$errmsg = rtrim($errmsg, ", ");
}
$start_url = "(http(s)?\:\/\/)?"; // start url
$dots = "([\w_-]{2,}\.)+"; // one or more parts containing a '.' at the end
$last_part = "([\w_-]{2,})"; // last part doesn't contain a dot
$user = "((\/)(\~)[\w_=-]+)?((\/)[\w_=-]+)*"; // maybe subdirectories - possibly with user ~
$end = "((\/)|(\/)[\w_-]+\.[\w]{2,})?"; // maybe a slash at the end or slash+file+extension
$qstring1 = "((\?[\w_-]+\=([^\#]+)){0,1}"; // querystring - first argument (?a=b)
$qstring2 = "(\&[\w_-]+\=([^\#]+))*)?"; // querystring - following arguments (&c=d)
$bkmrk = "(#[\w_-]+)?"; // bookmark
$exp = "/^".$start_url.$dots.$last_part.$user.$end.$qstring1.$qstring2.$bkmrk."$/i";
if( !preg_match($exp, $_POST[website]) ) {
// Contains invalid characters.
$errmsg = $errmsg."Invalid Web Address<br />";
}
if($_POST[portfolio] != "" && !preg_match($exp, $_POST[portfolio]) ) {
// Contains invalid characters.
$errmsg = $errmsg."Invalid Portfolio Address<br />";
}
if( preg_match('/[^a-zA-Z0-9\. ]/', $_POST[name]) ) {
// Contains invalid characters.
$errmsg = $errmsg."Please use only letters and numbers in the name<br />";
}
// begin error message check
if(!$errmsg){
$name = trim($_POST[name]);
$name_tag = strtolower(str_replace(" ","", $name));
//if(strlen($name_tag) > 12){ //Shorten it
$name_tag = substr($name_tag, 0, 12);
//} // need to update a typo here in other dbs
$address = mysql_escape_string(trim($_POST[address]));
$full_address = $address;
if (isset($_POST['address_two'])) { $address_two = mysql_escape_string(trim($_POST[address_two])); } else { $address_two = NULL; $full_address = $full_address.", ".$address_two; }
$city = mysql_escape_string(trim($_POST[city]));
$full_address = $full_address.", ".$city;
$state = $_POST[state];
$full_address = $full_address.", ".$state;
$state_tag = strtolower(str_replace(" ","", $state));
$zip = mysql_escape_string(trim($_POST[zip]));
$full_address = $full_address." ".$zip;
$latlng_override = $_POST[latlng_override];
if ($latlng_override == true) {
$lat = $_POST[lat];
$lng = $_POST[lng];
} else {
//geocode
//echo ($full_address);
$geocode_status = geocode($full_address);
//echo (is_array($geocode_status));
if (is_array($geocode_status)) {
$geocode_error = false;
$lat = $geocode_status[0];
$_POST[lat] = $lat;
$lng = $geocode_status[1];
$_POST[lng] = $lng;
//echo ($lat.", ".$lng);
} else {
$geocode_error = true;
$lat = 0;
$_POST[lat] = $lat;
$lng = 0;
$_POST[lng] = $lng;
$geocode_message = $geocode_status;
}
}
$phone = trim($_POST[phone]);
$fax = trim($_POST[fax]);
$email = mysql_escape_string(trim($_POST[email]));
$website = mysql_escape_string(trim($_POST[website]));
$portfolio = mysql_escape_string(trim($_POST[portfolio]));
$methods = mysql_escape_string(trim($_POST[methods]));
$certifications = mysql_escape_string($_POST[certifications]);
$fitbikes = mysql_escape_string($_POST[fitbikes]);
$motioncapture = mysql_escape_string($_POST[motioncapture]);
$brandfriendly = mysql_escape_string($_POST[brandfriendly]);
$cost = mysql_escape_string(trim($_POST[cost]));
$info = mysql_escape_string(nl2br(substr(trim($_POST[info]), 0, 4096)));
$directions = mysql_escape_string(nl2br(substr(trim($_POST[directions]), 0, 4096)));
$submitted_by = $_POST[submitted_by];
// begin boolean check to see if we should insert the fitter into the dbase
if($_POST[insert_fitter] == true){
$sql = "INSERT INTO ".$prefix."Fitters (fitter_name, fitter_name_tag, fitter_address, fitter_address_two, fitter_city, fitter_state, fitter_state_tag, fitter_zip, fitter_lat, fitter_lng, fitter_phone, fitter_fax, fitter_email, fitter_website, fitter_method, fitter_certifications, fitter_fitbikes, fitter_motioncapture, fitter_brandfriendly, fitter_cost, fitter_info, fitter_directions, fitter_submitted_by, fitter_valid, fitter_portfolio) VALUES ('$name', '$name_tag', '$address', '$address_two', '$city', '$state', '$state_tag', '$zip', '$lat', '$lng', '$phone', '$fax', '$email', '$website', '$methods', ',$certifications,', ',$fitbikes,', ',$motioncapture,', ',$brandfriendly,', '$cost', '$info', '$directions', $submitted_by, 0, '$portfolio')";
//echo("shop entered!");
//echo($sql);
mysql_query($sql) OR die(mysql_error());
//exit();
$insert_success = true;
}else{
//echo("shop NOT entered.");
$confirm_fitter = true;
}
// end insert check
}
// end error message check
?>
Reference in New Issue View Git Blame Copy Permalink