86 lines
3.6 KiB
PHP
86 lines
3.6 KiB
PHP
<?PHP
|
|
|
|
// do I need to do additional security checks to make sure the script is being called appropriately?
|
|
|
|
include("config.php");
|
|
|
|
if (!$_POST){ header('Location: https://slowtwitch.com/calendar/'); }
|
|
|
|
// error checking
|
|
if(!isset($_POST)) exit();
|
|
|
|
if (isset($_POST[delete])) {
|
|
// convert the array to a SQL friendly format
|
|
$deleteList = "(".implode(",", $_POST[delete]).")";
|
|
|
|
// build the SQL query to delete the edits that are bad
|
|
$sql = "DELETE FROM gforum_TriathlonsEdits WHERE edit_id IN $deleteList";
|
|
|
|
mysql_query($sql) or die(mysql_error());
|
|
}
|
|
|
|
if (isset($_POST[validate])) {
|
|
// convert the array to a SQL friendly format
|
|
$validateList = "(".implode(",", $_POST[validate]).")";
|
|
|
|
$sql = "SELECT * FROM gforum_TriathlonsEdits WHERE edit_id IN $validateList";
|
|
|
|
$results = mysql_query($sql) OR die(mysql_error());
|
|
|
|
// Loop through races shifting edits over
|
|
while($row = mysql_fetch_array($results)) {
|
|
$sql = "UPDATE gforum_Triathlons
|
|
SET onetype = '".mysql_escape_string($row[onetype])."',
|
|
twotype = '".mysql_escape_string($row[twotype])."',
|
|
threetype = '".mysql_escape_string($row[threetype])."',
|
|
oneunit = '".mysql_escape_string($row[oneunit])."',
|
|
twounit = '".mysql_escape_string($row[twounit])."',
|
|
threeunit = '".mysql_escape_string($row[threeunit])."',
|
|
name = '".mysql_real_escape_string($row[name])."',
|
|
nametag = '".mysql_real_escape_string($row[nametag])."',
|
|
date = '".mysql_escape_string($row[date])."',
|
|
type = '".mysql_escape_string($row[type])."',
|
|
indivfee = '".mysql_real_escape_string($row[indivfee])."',
|
|
teamfee = '".mysql_real_escape_string($row[teamfee])."',
|
|
swim = ".mysql_real_escape_string($row[swim]).",
|
|
bike = ".mysql_real_escape_string($row[bike]).",
|
|
bike_surface = ".mysql_real_escape_string($row[bike_surface]).",
|
|
draft_legal = ".mysql_real_escape_string($row[draft_legal]).",
|
|
kids_race = ".mysql_real_escape_string($row[kids_race]).",
|
|
registration = ".mysql_real_escape_string($row[registration]).",
|
|
run = ".mysql_real_escape_string($row[run]).",
|
|
state= '".mysql_real_escape_string($row[state])."',
|
|
statetag = '".mysql_real_escape_string($row[statetag])."',
|
|
city = '".mysql_real_escape_string($row[city])."',
|
|
address = '".mysql_real_escape_string($row[address])."',
|
|
phone = '".mysql_real_escape_string($row[phone])."',
|
|
email = '".mysql_real_escape_string($row[email])."',
|
|
courseinfo = '".mysql_real_escape_string($row[courseinfo])."',
|
|
moreinfo = '".mysql_real_escape_string($row[moreinfo])."',
|
|
directions = '".mysql_real_escape_string($row[directions])."',
|
|
register = '".mysql_real_escape_string($row[register])."',
|
|
website = '".mysql_real_escape_string($row[website])."',
|
|
one_points = ".mysql_real_escape_string($row[one_points]).",
|
|
two_points = ".mysql_real_escape_string($row[two_points]).",
|
|
three_points = ".mysql_real_escape_string($row[three_points]).",
|
|
points = ".mysql_real_escape_string($row[points]).",
|
|
pointclass = ".mysql_real_escape_string($row[pointclass])."
|
|
WHERE uid = '".($row[race_uid_fk])."'";
|
|
//echo $sql;
|
|
//exit();
|
|
mysql_query($sql) OR die(mysql_error());
|
|
|
|
$sql = "INSERT INTO gforum_TriathlonsEditors (race_uid_fk, user_id_fk, edit_timestamp) VALUES ('$row[race_uid_fk]', '$row[editor_user_id_fk]', '$row[edit_timestamp]')";
|
|
mysql_query($sql) OR die(mysql_error());
|
|
|
|
$sql = "DELETE FROM gforum_TriathlonsEdits WHERE edit_id = $row[edit_id]";
|
|
mysql_query($sql) OR die(mysql_error());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
header('Location: https://slowtwitch.com/calendar/wiki_validate.php');
|
|
|
|
?>
|