174 lines
6.9 KiB
PHP
174 lines
6.9 KiB
PHP
<?PHP
|
|
|
|
// do I need to do additional security checks to make sure the script is being called appropriately?
|
|
|
|
/*
|
|
|
|
FIELD NAMES:
|
|
roadshow_id
|
|
roadshow_date
|
|
roadshow_name
|
|
roadshow_name_tag
|
|
roadshow_address
|
|
roadshow_address_two
|
|
roadshow_city
|
|
roadshow_state
|
|
roadshow_state_tag
|
|
roadshow_zip
|
|
roadshow_lat
|
|
roadshow_lng
|
|
roadshow_phone
|
|
roadshow_fax
|
|
roadshow_email
|
|
roadshow_website
|
|
roadshow_raffle
|
|
roadshow_facebook
|
|
roadshow_stambassador
|
|
roadshow_stambassador_names
|
|
roadshow_triclub
|
|
roadshow_triclub_names
|
|
roadshow_coach
|
|
roadshow_coach_names
|
|
roadshow_racedirector
|
|
roadshow_racedirector_names
|
|
roadshow_brewery
|
|
roadshow_brewery_names
|
|
roadshow_local
|
|
roadshow_fitbike
|
|
roadshow_saddlechange
|
|
roadshow_motioncapture
|
|
roadshow_footbed
|
|
roadshow_wetsuit
|
|
roadshow_bike
|
|
roadshow_trispecific
|
|
roadshow_trispecific_names
|
|
roadshow_fist
|
|
roadshow_fist_names
|
|
roadshow_diagnostic
|
|
roadshow_shoe
|
|
roadshow_sock
|
|
roadshow_apparel_run
|
|
roadshow_apparel_tri
|
|
roadshow_swimgear
|
|
roadshow_bikeaccessory
|
|
roadshow_bikebody
|
|
roadshow_bikecomponent
|
|
roadshow_bikeelectronic
|
|
roadshow_bikehelmet
|
|
roadshow_biketrainer
|
|
roadshow_bikewheel
|
|
roadshow_runhydrate
|
|
roadshow_bodycare
|
|
roadshow_hours
|
|
roadshow_activity
|
|
roadshow_submitted_by
|
|
roadshow_valid
|
|
roadshow_user_tags
|
|
|
|
*/
|
|
|
|
include("config.php");
|
|
|
|
if (!$_POST){ header('Location: '.$site_url.'/'); }
|
|
|
|
// error checking
|
|
if(!isset($_POST)) exit();
|
|
|
|
if (isset($_POST[delete])) {
|
|
// convert the array to a SQL friendly format
|
|
$deleteList = "(".implode(",", $_POST[delete]).")";
|
|
|
|
// build the SQL query to delete the edits that are bad
|
|
$sql = "DELETE FROM ".$prefix."RoadshowEdits WHERE edit_id IN $deleteList";
|
|
|
|
mysql_query($sql) or die(mysql_error());
|
|
}
|
|
|
|
if (isset($_POST[validate])) {
|
|
// convert the array to a SQL friendly format
|
|
$validateList = "(".implode(",", $_POST[validate]).")";
|
|
|
|
$sql = "SELECT * FROM ".$prefix."RoadshowEdits WHERE edit_id IN $validateList";
|
|
|
|
$results = mysql_query($sql) OR die(mysql_error());
|
|
|
|
// Loop through roadshow events shifting edits over
|
|
while($row = mysql_fetch_array($results)) {
|
|
$sql = "UPDATE ".$prefix."Roadshow
|
|
SET
|
|
roadshow_date = '".mysql_escape_string($row[roadshow_date])."',
|
|
roadshow_name = '".mysql_escape_string($row[roadshow_name])."',
|
|
roadshow_name_tag = '".mysql_escape_string($row[roadshow_name_tag])."',
|
|
roadshow_address = '".mysql_escape_string($row[roadshow_address])."',
|
|
roadshow_address_two = '".mysql_escape_string($row[roadshow_address_two])."',
|
|
roadshow_city = '".mysql_escape_string($row[roadshow_city])."',
|
|
roadshow_state = '".mysql_escape_string($row[roadshow_state])."',
|
|
roadshow_state_tag = '".mysql_escape_string($row[roadshow_state_tag])."',
|
|
roadshow_zip = '".mysql_escape_string($row[roadshow_zip])."',
|
|
roadshow_lat = '".mysql_escape_string($row[roadshow_lat])."',
|
|
roadshow_lng = '".mysql_escape_string($row[roadshow_lng])."',
|
|
roadshow_phone = '".mysql_escape_string($row[roadshow_phone])."',
|
|
roadshow_fax = '".mysql_escape_string($row[roadshow_fax])."',
|
|
roadshow_email = '".mysql_escape_string($row[roadshow_email])."',
|
|
roadshow_website = '".mysql_escape_string($row[roadshow_website])."',
|
|
roadshow_raffle = '".mysql_escape_string($row[roadshow_raffle])."',
|
|
roadshow_facebook = '".mysql_escape_string($row[roadshow_facebook])."',
|
|
roadshow_stambassador = '".mysql_escape_string($row[roadshow_stambassador])."',
|
|
roadshow_stambassador_names = '".mysql_escape_string($row[roadshow_stambassador_names])."',
|
|
roadshow_triclub = '".mysql_escape_string($row[roadshow_triclub])."',
|
|
roadshow_triclub_names = '".mysql_escape_string($row[roadshow_triclub_names])."',
|
|
roadshow_coach = '".mysql_escape_string($row[roadshow_coach])."',
|
|
roadshow_coach_names = '".mysql_escape_string($row[roadshow_coach_names])."',
|
|
roadshow_racedirector = '".mysql_escape_string($row[roadshow_racedirector])."',
|
|
roadshow_racedirector_names = '".mysql_escape_string($row[roadshow_racedirector_names])."',
|
|
roadshow_brewery = '".mysql_escape_string($row[roadshow_brewery])."',
|
|
roadshow_brewery_names = '".mysql_escape_string($row[roadshow_brewery_names])."',
|
|
roadshow_local = '".mysql_escape_string($row[roadshow_local])."',
|
|
roadshow_fitbike = '".mysql_escape_string($row[roadshow_fitbike])."',
|
|
roadshow_saddlechange = '".mysql_escape_string($row[roadshow_saddlechange])."',
|
|
roadshow_motioncapture = '".mysql_escape_string($row[roadshow_motioncapture])."',
|
|
roadshow_footbed = '".mysql_escape_string($row[roadshow_footbed])."',
|
|
roadshow_wetsuit = '".mysql_escape_string($row[roadshow_wetsuit])."',
|
|
roadshow_bike = '".mysql_escape_string($row[roadshow_bike])."',
|
|
roadshow_trispecific = '".mysql_escape_string($row[roadshow_trispecific])."',
|
|
roadshow_trispecific_names = '".mysql_escape_string($row[roadshow_trispecific_names])."',
|
|
roadshow_fist = '".mysql_escape_string($row[roadshow_fist])."',
|
|
roadshow_fist_names = '".mysql_escape_string($row[roadshow_fist_names])."',
|
|
roadshow_diagnostic = '".mysql_escape_string($row[roadshow_diagnostic])."',
|
|
roadshow_shoe = '".mysql_escape_string($row[roadshow_shoe])."',
|
|
roadshow_sock = '".mysql_escape_string($row[roadshow_sock])."',
|
|
roadshow_apparel_run = '".mysql_escape_string($row[roadshow_apparel_run])."',
|
|
roadshow_apparel_tri = '".mysql_escape_string($row[roadshow_apparel_tri])."',
|
|
roadshow_swimgear = '".mysql_escape_string($row[roadshow_swimgear])."',
|
|
roadshow_bikeaccessory = '".mysql_escape_string($row[roadshow_bikeaccessory])."',
|
|
roadshow_bikebody = '".mysql_escape_string($row[roadshow_bikebody])."',
|
|
roadshow_bikecomponent = '".mysql_escape_string($row[roadshow_bikecomponent])."',
|
|
roadshow_bikeelectronic = '".mysql_escape_string($row[roadshow_bikeelectronic])."',
|
|
roadshow_bikehelmet = '".mysql_escape_string($row[roadshow_bikehelmet])."',
|
|
roadshow_biketrainer = '".mysql_escape_string($row[roadshow_biketrainer])."',
|
|
roadshow_bikewheel = '".mysql_escape_string($row[roadshow_bikewheel])."',
|
|
roadshow_runhydrate = '".mysql_escape_string($row[roadshow_runhydrate])."',
|
|
roadshow_bodycare = '".mysql_escape_string($row[roadshow_bodycare])."',
|
|
roadshow_hours = '".mysql_escape_string($row[roadshow_hours])."',
|
|
roadshow_activity = '".mysql_escape_string($row[roadshow_activity])."',
|
|
roadshow_submitted_by = '".mysql_escape_string($row[roadshow_submitted_by])."',
|
|
roadshow_user_tags = '".mysql_escape_string($row[roadshow_user_tags])."'
|
|
WHERE roadshow_id = '$row[roadshow_id_fk]'";
|
|
//echo $sql;
|
|
//exit();
|
|
mysql_query($sql) OR die(mysql_error());
|
|
|
|
$sql = "INSERT INTO ".$prefix."RoadshowEditors (roadshow_id_fk, user_id_fk, edit_timestamp) VALUES ('$row[roadshow_id_fk]', '$row[edit_user_id_fk]', '$row[edit_timestamp]')";
|
|
mysql_query($sql) OR die(mysql_error());
|
|
|
|
$sql = "DELETE FROM ".$prefix."RoadshowEdits WHERE edit_id = $row[edit_id]";
|
|
mysql_query($sql) OR die(mysql_error());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
header('Location: '.$site_url.'/wiki_validate.php');
|
|
|
|
?>
|