99 lines
4.9 KiB
PHP
99 lines
4.9 KiB
PHP
<?PHP
|
|
|
|
// do I need to do additional security checks to make sure the script is being called appropriately?
|
|
|
|
include("config.php");
|
|
|
|
if (!$_POST){ header('Location: '.$site_url.'/'); }
|
|
|
|
// error checking
|
|
if(!isset($_POST)) exit();
|
|
|
|
if (isset($_POST[delete])) {
|
|
// convert the array to a SQL friendly format
|
|
$deleteList = mysql_real_escape_string("(".implode(",", $_POST[delete]).")");
|
|
|
|
// build the SQL query to delete the edits that are bad
|
|
$sql = "DELETE FROM gforum_RetailersEdits WHERE edit_id IN $deleteList";
|
|
|
|
mysql_query($sql) or die(mysql_error());
|
|
}
|
|
|
|
if (isset($_POST[validate])) {
|
|
// convert the array to a SQL friendly format
|
|
$validateList = mysql_real_escape_string("(".implode(",", $_POST[validate]).")");
|
|
|
|
$sql = "SELECT * FROM gforum_RetailersEdits WHERE edit_id IN $validateList";
|
|
|
|
$results = mysql_query($sql) OR die(mysql_error());
|
|
|
|
// Loop through retailers shifting edits over
|
|
while($row = mysql_fetch_array($results)) {
|
|
$sql = "UPDATE gforum_Retailers
|
|
SET retailer_name = '".mysql_escape_string($row[retailer_name])."',
|
|
retailer_name_tag = '".mysql_escape_string($row[retailer_name_tag])."',
|
|
retailer_address = '".mysql_escape_string($row[retailer_address])."',
|
|
retailer_address_two = '".mysql_escape_string($row[retailer_address_two])."',
|
|
retailer_city = '".mysql_escape_string($row[retailer_city])."',
|
|
retailer_state = '".mysql_escape_string($row[retailer_state])."',
|
|
retailer_state_tag = '".mysql_escape_string($row[retailer_state_tag])."',
|
|
retailer_zip = '".mysql_escape_string($row[retailer_zip])."',
|
|
retailer_phone = '".mysql_escape_string($row[retailer_phone])."',
|
|
retailer_fax = '".mysql_escape_string($row[retailer_fax])."',
|
|
retailer_email = '".mysql_escape_string($row[retailer_email])."',
|
|
retailer_website = '".mysql_escape_string($row[retailer_website])."',
|
|
retailer_cart = '".mysql_escape_string($row[retailer_cart])."',
|
|
retailer_spoke = '".mysql_escape_string($row[retailer_spoke])."',
|
|
|
|
retailer_mailorder_ecommerce = '".mysql_escape_string($row[retailer_mailorder_ecommerce])."',
|
|
retailer_mailorder_phone = '".mysql_escape_string($row[retailer_mailorder_phone])."',
|
|
retailer_local_ecommerce = '".mysql_escape_string($row[retailer_local_ecommerce])."',
|
|
retailer_local_phone = '".mysql_escape_string($row[retailer_local_phone])."',
|
|
retailer_pickup_ecommerce = '".mysql_escape_string($row[retailer_pickup_ecommerce])."',
|
|
retailer_pickup_phone = '".mysql_escape_string($row[retailer_pickup_phone])."',
|
|
|
|
retailer_contact = '".mysql_escape_string($row[retailer_contact])."',
|
|
retailer_contact_names = '".mysql_escape_string($row[retailer_contact_names])."',
|
|
retailer_fist = '".mysql_escape_string($row[retailer_fist])."',
|
|
retailer_fist_names = '".mysql_escape_string($row[retailer_fist_names])."',
|
|
|
|
retailer_fist_road = '".mysql_escape_string($row[retailer_fist_road])."',
|
|
retailer_fist_road_names= '".mysql_escape_string($row[retailer_fist_road_names])."',
|
|
retailer_fist_advanced = '".mysql_escape_string($row[retailer_fist_advanced])."',
|
|
retailer_fist_advanced_names= '".mysql_escape_string($row[retailer_fist_advanced_names])."',
|
|
retailer_bfact = '".mysql_escape_string($row[retailer_bfact])."',
|
|
|
|
retailer_serotta = '".mysql_escape_string($row[retailer_serotta])."',
|
|
retailer_serotta_names = '".mysql_escape_string($row[retailer_serotta_names])."',
|
|
retailer_method = '".mysql_escape_string($row[retailer_method])."',
|
|
retailer_fitbikes = ',".mysql_escape_string($row[retailer_fitbikes])."',
|
|
retailer_motioncapture = ',".mysql_escape_string($row[retailer_motioncapture])."',
|
|
retailer_wetsuits = ',".mysql_escape_string($row[retailer_wetsuits])."',
|
|
retailer_bikes = ',".mysql_escape_string($row[retailer_bikes])."',
|
|
retailer_customs = ',".mysql_escape_string($row[retailer_customs])."',
|
|
retailer_hours = '".mysql_escape_string($row[retailer_hours])."',
|
|
retailer_barnett = '".mysql_escape_string($row[retailer_barnett])."',
|
|
retailer_barnett_names = '".mysql_escape_string($row[retailer_barnett_names])."',
|
|
retailer_ubi = '".mysql_escape_string($row[retailer_ubi])."',
|
|
retailer_ubi_names = '".mysql_escape_string($row[retailer_ubi_names])."',
|
|
retailer_info = '".mysql_escape_string($row[retailer_info])."',
|
|
retailer_directions = '".mysql_escape_string($row[retailer_directions])."'
|
|
WHERE retailer_id = '$row[retailer_id_fk]'";
|
|
//echo $sql;
|
|
//exit();
|
|
mysql_query($sql) OR die(mysql_error());
|
|
|
|
$sql = "INSERT INTO gforum_RetailersEditors (retailer_id_fk, user_id_fk, edit_timestamp) VALUES ('$row[retailer_id_fk]', '$row[editor_user_id_fk]', '$row[edit_timestamp]')";
|
|
mysql_query($sql) OR die(mysql_error());
|
|
|
|
$sql = "DELETE FROM gforum_RetailersEdits WHERE edit_id = $row[edit_id]";
|
|
mysql_query($sql) OR die(mysql_error());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
header('Location: '.$site_url.'/wiki_validate.php');
|
|
|
|
?>
|