saint/discourse-legacysite-perl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
main
discourse-legacysite-perl/site/roadshow/wiki_edit_X.php
dsainty 9797a6824a Fifth pass at adding key files
2024-06-17 22:42:14 +10:00

251 lines
12 KiB
PHP
Raw Permalink Blame History

<?PHP
if (!$_POST){ header('Location: '.$site_url.'/?error=no_post'); }
/*
FIELD NAMES:
roadshow_id
roadshow_date
roadshow_name
roadshow_name_tag
roadshow_address
roadshow_address_two
roadshow_city
roadshow_state
roadshow_state_tag
roadshow_zip
roadshow_lat
roadshow_lng
roadshow_phone
roadshow_fax
roadshow_email
roadshow_website
roadshow_facebook
roadshow_raffle
roadshow_stambassador
roadshow_stambassador_names
roadshow_triclub
roadshow_triclub_names
roadshow_coach
roadshow_coach_names
roadshow_racedirector
roadshow_racedirector_names
roadshow_brewery
roadshow_brewery_names
roadshow_local
roadshow_fitbike
roadshow_saddlechange
roadshow_motioncapture
roadshow_footbed
roadshow_wetsuit
roadshow_bike
roadshow_trispecific
roadshow_trispecific_names
roadshow_fist
roadshow_fist_names
roadshow_diagnostic
roadshow_shoe
roadshow_sock
roadshow_apparel_run
roadshow_apparel_tri
roadshow_swimgear
roadshow_bikeaccessory
roadshow_bikebody
roadshow_bikecomponent
roadshow_bikeelectronic
roadshow_bikehelmet
roadshow_biketrainer
roadshow_bikewheel
roadshow_runhydrate
roadshow_bodycare
roadshow_hours
roadshow_activity
roadshow_submitted_by
roadshow_valid
roadshow_user_tags
*/
/* Need to ltrim and rtrim commas before insertion */
//Insert into database
//$pass = 'abc123';
$errmsg = NULL;
$insert_success = NULL;
//Check for blank fields
if ((!$_POST[name])) $errmsg = $errmsg."Road show event name, ";
if ($_POST[month]==0) $errmsg = $errmsg.'event month, ';
if ($_POST[day]==0) $errmsg = $errmsg.'event day, ';
if (!$_POST[city]) $errmsg = $errmsg."City, ";
if (!$_POST[state]) $errmsg = $errmsg."State, ";
if (!$_POST[address]) $errmsg = $errmsg."Address, ";
if ((!$_POST[lat] || !$_POST[lng]) && $_POST[latlng_override] == true) $errmsg = $errmsg."Lat/Lng cannot be left blank if you wish to override address, ";
if (!$_POST[phone]) $errmsg = $errmsg."Phone, ";
if (!$_POST[email]) $errmsg = $errmsg."Email, ";
if (!$_POST[website]) $errmsg = $errmsg."Website, ";
//if (!$_POST[hours]) $errmsg = $errmsg."Shop hours, ";
if ($_POST[fist] == 1 && !$_POST[fist_names]) $errmsg = $errmsg.'F.I.S.T. Tri fitters names, ';
if (strlen($_POST[activity]) < 4) $errmsg = $errmsg."Runs and classes information, ";
if (isset($errmsg)) {
$errmsg = "The following fields cannot be left blank: ".$errmsg."<br />";
$errmsg = rtrim($errmsg, ", ");
}
$start_url = "(http(s)?\:\/\/)?"; // start url
$dots = "([\w_-]{2,}\.)+"; // one or more parts containing a '.' at the end
$last_part = "([\w_-]{2,})"; // last part doesn't contain a dot
$user = "((\/)(\~)[\w_=-]+)?((\/)[\w_=-]+)*"; // maybe subdirectories - possibly with user ~
$end = "((\/)|(\/)[\w_-]+\.[\w]{2,})?"; // maybe a slash at the end or slash+file+extension
$qstring1 = "((\?[\w_-]+\=([^\#]+)){0,1}"; // querystring - first argument (?a=b)
$qstring2 = "(\&[\w_-]+\=([^\#]+))*)?"; // querystring - following arguments (&c=d)
$bkmrk = "(#[\w_-]+)?"; // bookmark
$exp = "/^".$start_url.$dots.$last_part.$user.$end.$qstring1.$qstring2.$bkmrk."$/i";
if( !preg_match($exp, $_POST[website]) ) {
// Contains invalid characters.
$errmsg = $errmsg."Invalid Web Address<br />";
}
if( !preg_match($exp, $_POST[facebook]) ) {
// Contains invalid characters.
$errmsg = $errmsg."Invalid Web Address<br />";
}
if( !preg_match($exp, $_POST[raffle]) ) {
// Contains invalid characters.
$errmsg = $errmsg."Invalid Web Address<br />";
}
if( preg_match('/[^a-zA-Z0-9\. ]/', $_POST[name]) ) {
// Contains invalid characters.
$errmsg = $errmsg."Please use only letters and numbers in the name<br />";
}
// begin error message check
if(!$errmsg){
$name = trim($_POST[name]);
$name_tag = strtolower(str_replace(" ","", $name));
//if(strlen($name_tag) > 12){ //Shorten it
$name_tag = substr($name_tag, 0, 12);
//} // need to update a typo here in other dbs
$address = mysql_escape_string(trim($_POST[address]));
$full_address = $address;
if (isset($_POST['address_two'])) { $address_two = mysql_escape_string(trim($_POST[address_two])); } else { $address_two = NULL; $full_address = $full_address.", ".$address_two; }
$city = mysql_escape_string(trim($_POST[city]));
$full_address = $full_address.", ".$city;
$state = $_POST[state];
$full_address = $full_address.", ".$state;
$state_tag = strtolower(str_replace(" ","", $state));
$zip = mysql_escape_string(trim($_POST[zip]));
$full_address = $full_address." ".$zip;
$latlng_override = $_POST[latlng_override];
if ($latlng_override == true) {
$lat = $_POST[lat];
$lng = $_POST[lng];
} else {
//geocode
//echo ($full_address);
$geocode_status = geocode($full_address);
//echo (is_array($geocode_status));
if (is_array($geocode_status)) {
$geocode_error = false;
$lat = $geocode_status[0];
$_POST[lat] = $lat;
$lng = $geocode_status[1];
$_POST[lng] = $lng;
//echo ($lat.", ".$lng);
} else {
$geocode_error = true;
$lat = 0;
$_POST[lat] = $lat;
$lng = 0;
$_POST[lng] = $lng;
$geocode_message = $geocode_status;
}
}
$phone = mysql_escape_string(trim($_POST[phone]));
$fax = mysql_escape_string(trim($_POST[fax]));
$email = mysql_escape_string(trim($_POST[email]));
$website = mysql_escape_string(trim($_POST[website]));
$raffle = mysql_escape_string(trim($_POST[raffle]));
$facebook = mysql_escape_string(trim($_POST[facebook]));
$stambassador = mysql_escape_string(trim($_POST[stambassador]));
$stambassador_names = mysql_escape_string(trim($_POST[stambassador_names]));
$triclub = mysql_escape_string(trim($_POST[triclub]));
$triclub_names = mysql_escape_string(trim($_POST[triclub_names]));
$coach = mysql_escape_string(trim($_POST[coach]));
$coach_names = mysql_escape_string(trim($_POST[coach_names]));
$racedirector = mysql_escape_string(trim($_POST[racedirector]));
$racedirector_names = mysql_escape_string(trim($_POST[racedirector_names]));
$brewery = mysql_escape_string(trim($_POST[brewery]));
$brewery_names = mysql_escape_string(trim($_POST[brewery_names]));
$local = mysql_escape_string(trim($_POST[local]));
$fitbike = $_POST[fitbike];
$saddlechange = $_POST[saddlechange];
$motioncapture = $_POST[motioncapture];
$footbed = $_POST[footbed];
$wetsuit = $_POST[wetsuit];
$bike = $_POST[bike];
$trispecific = mysql_escape_string(trim($_POST[trispecific]));
$trispecific_names = mysql_escape_string(trim($_POST[trispecific_names]));
$fist = mysql_escape_string(trim($_POST[fist]));
$fist_names = mysql_escape_string(trim($_POST[fist_names]));
$diagnostic = $_POST[diagnostic];
$shoe = $_POST[shoe];
$sock = $_POST[sock];
$apparel_run = $_POST[apparel_run];
$apparel_tri = $_POST[apparel_tri];
$swimgear = $_POST[swimgear];
$bikeaccessory = $_POST[bikeaccessory];
$bikebody = $_POST[bikebody];
$bikecomponent = $_POST[bikecomponent];
$bikeelectronic = $_POST[bikeelectronic];
$bikehelmet = $_POST[bikehelmet];
$biketrainer = $_POST[biketrainer];
$bikewheel = $_POST[bikewheel];
$runhydrate = $_POST[runhydrate];
$bodycare = $_POST[bodycare];
$hours = mysql_escape_string(trim($_POST[hours]));
$activity = mysql_escape_string(nl2br(substr(trim($_POST[activity]), 0, 4096)));
$hour = $_POST[hour];
if($_POST[daypart] == 1){ $hour = $hour + 12; }
$minute = $_POST[minute];
$year = $_POST[year];
$month = $_POST[month];
$day = $_POST[day];
$date = "$year-$month-$day $hour:$minute:00";
$submitted_by = $_POST[submitted_by];
$id = $_POST[$field_lead.'id'];
$edited_by = $_POST['edited_by'];
$edit_timestamp = time();
// BEGIN CONFIRM ENTRY CHECK
if($_POST[insert_roadshow] == true){
if(isset($_POST[new_roadshow])){
$sql = "INSERT INTO ".$prefix."Roadshow (roadshow_date, roadshow_name, roadshow_name_tag, roadshow_address, roadshow_address_two, roadshow_city, roadshow_state, roadshow_state_tag, roadshow_zip, roadshow_lat, roadshow_lng, roadshow_phone, roadshow_fax, roadshow_email, roadshow_website, roadshow_raffle, roadshow_facebook, roadshow_stambassador, roadshow_stambassador_names, roadshow_triclub, roadshow_triclub_names, roadshow_coach, roadshow_coach_names, roadshow_racedirector, roadshow_racedirector_names, roadshow_brewery, roadshow_brewery_names, roadshow_local, roadshow_fitbike, roadshow_saddlechange, roadshow_motioncapture, roadshow_footbed, roadshow_wetsuit, roadshow_bike, roadshow_trispecific, roadshow_trispecific_names, roadshow_fist, roadshow_fist_names, roadshow_diagnostic, roadshow_shoe, roadshow_sock, roadshow_apparel_run, roadshow_apparel_tri, roadshow_swimgear, roadshow_bikeaccessory, roadshow_bikebody, roadshow_bikecomponent, roadshow_bikeelectronic, roadshow_bikehelmet, roadshow_biketrainer, roadshow_bikewheel, roadshow_runhydrate, roadshow_bodycare, roadshow_hours, roadshow_activity, roadshow_submitted_by, roadshow_valid) VALUES ('$date', '$name', '$name_tag', '$address', '$address_two', '$city', '$state', '$state_tag', '$zip', '$lat', '$lng', '$phone', '$fax', '$email', '$website', '$raffle', '$facebook', '$stambassador', '$stambassador_names', '$triclub', '$triclub_names', '$coach', '$coach_names', '$racedirector', '$racedirector_names', '$brewery', '$brewery_names', '$local', '$fitbike', '$saddlechange', '$motioncapture', '$footbed', '$wetsuit', '$bike', '$trispecific', '$trispecific_names', '$fist', '$fist_names', '$diagnostic', '$shoe', '$sock', '$apparel_run', '$apparel_tri', '$swimgear', '$bikeaccessory', '$bikebody', '$bikecomponent', '$bikeelectronic', '$bikehelmet', '$biketrainer', '$bikewheel', '$runhydrate', '$bodycare', '$hours', '$activity', $submitted_by, 0)";
//echo("new open water event entered!");
//echo($sql);
mysql_query($sql) OR die(mysql_error());
//header('Location: '.$site_url.'/add.php?confirmed=yes');
} elseif(isset($_POST[save_changes])) {
$sql = "INSERT INTO ".$prefix."RoadshowEdits (roadshow_id_fk, edit_user_id_fk, edit_timestamp, roadshow_date, roadshow_name, roadshow_name_tag, roadshow_address, roadshow_address_two, roadshow_city, roadshow_state, roadshow_state_tag, roadshow_zip, roadshow_lat, roadshow_lng, roadshow_phone, roadshow_fax, roadshow_email, roadshow_website, roadshow_raffle, roadshow_facebook, roadshow_stambassador, roadshow_stambassador_names, roadshow_triclub, roadshow_triclub_names, roadshow_coach, roadshow_coach_names, roadshow_racedirector, roadshow_racedirector_names, roadshow_brewery, roadshow_brewery_names, roadshow_local, roadshow_fitbike, roadshow_saddlechange, roadshow_motioncapture, roadshow_footbed, roadshow_wetsuit, roadshow_bike, roadshow_trispecific, roadshow_trispecific_names, roadshow_fist, roadshow_fist_names, roadshow_diagnostic, roadshow_shoe, roadshow_sock, roadshow_apparel_run, roadshow_apparel_tri, roadshow_swimgear, roadshow_bikeaccessory, roadshow_bikebody, roadshow_bikecomponent, roadshow_bikeelectronic, roadshow_bikehelmet, roadshow_biketrainer, roadshow_bikewheel, roadshow_runhydrate, roadshow_bodycare, roadshow_hours, roadshow_activity, roadshow_submitted_by, roadshow_valid) VALUES ('$id', '$edited_by', '$edit_timestamp', '$date', '$name', '$name_tag', '$address', '$address_two', '$city', '$state', '$state_tag', '$zip', '$lat', '$lng', '$phone', '$fax', '$email', '$website', '$raffle', '$facebook', '$stambassador', '$stambassador_names', '$triclub', '$triclub_names', '$coach', '$coach_names', '$racedirector', '$racedirector_names', '$brewery', '$brewery_names', '$local', '$fitbike', '$saddlechange', '$motioncapture', '$footbed', '$wetsuit', '$bike', '$trispecific', '$trispecific_names', '$fist', '$fist_names', '$diagnostic', '$shoe', '$sock', '$apparel_run', '$apparel_tri', '$swimgear', '$bikeaccessory', '$bikebody', '$bikecomponent', '$bikeelectronic', '$bikehelmet', '$biketrainer', '$bikewheel', '$runhydrate', '$bodycare', '$hours', '$activity', $submitted_by, 0)";
//echo("edit to open water event entered!");
echo($sql);
mysql_query($sql) OR die(mysql_error());
header('Location: '.$site_url.'/individual.php?roadshow_id='.$id.'&wiki_change=success');
} else {
header('Location: '.$site_url.'/individual.php?roadshow_id='.$id.'&changes=failure');
}
} else {
//echo("open water event NOT entered.");
$confirm_roadshow = true;
}
// END CONFIRM ENTRY CHECK
}
// END ERROR MESSAGE CHECK
?>
Reference in New Issue View Git Blame Copy Permalink