125 lines
5.4 KiB
PHP
125 lines
5.4 KiB
PHP
<?PHP
|
|
|
|
if (!$_POST){ header('Location: '.$site_url); }
|
|
|
|
/*
|
|
|
|
FIELD NAMES:
|
|
triclub_id
|
|
triclub_name
|
|
triclub_name_tag
|
|
triclub_address
|
|
triclub_address_two
|
|
triclub_city
|
|
triclub_state
|
|
triclub_state_tag
|
|
triclub_zip
|
|
triclub_email
|
|
triclub_website
|
|
triclub_president
|
|
triclub_board
|
|
triclub_board_names
|
|
triclub_membership
|
|
triclub_dues
|
|
triclub_info
|
|
triclub_sponsors
|
|
triclub_discounts
|
|
triclub_directions
|
|
triclub_workouts
|
|
triclub_meetings
|
|
triclub_submitted_by
|
|
triclub_valid
|
|
triclub_member_tags
|
|
|
|
*/
|
|
|
|
/* Need to ltrim and rtrim commas before insertion */
|
|
|
|
//Insert into database
|
|
//$pass = 'abc123';
|
|
$errmsg = NULL;
|
|
//if(strcmp($_POST[password], $pass) == 0){ //Password is good
|
|
//Check for blank fields
|
|
if ((!$_POST[name])) $errmsg = $errmsg."Shop name, ";
|
|
if (!$_POST[city]) $errmsg = $errmsg."City, ";
|
|
if (!$_POST[state]) $errmsg = $errmsg."State, ";
|
|
if (!$_POST[address]) $errmsg = $errmsg."Address, ";
|
|
if (!$_POST[email]) $errmsg = $errmsg."Email, ";
|
|
if (!$_POST[website]) $errmsg = $errmsg."Website, ";
|
|
if (!$_POST[president]) $errmsg = $errmsg."President, ";
|
|
if (!$_POST[dues]) $errmsg = $errmsg."Dues, ";
|
|
if (!$_POST[membership]) $errmsg = $errmsg."Membership, ";
|
|
if ($_POST[contact] == 1 && !$_POST[contact_names]) $errmsg = $errmsg."Board names, ";
|
|
if (strlen($_POST[info]) < 4) $errmsg = $errmsg."Club info, ";
|
|
if (strlen($_POST[sponsors]) < 4) $errmsg = $errmsg."Club sponsors, ";
|
|
if (strlen($_POST[discounts]) < 4) $errmsg = $errmsg."Club discounts, ";
|
|
if (strlen($_POST[directions]) < 4) $errmsg = $errmsg."Directions, ";
|
|
if (strlen($_POST[workouts]) < 4) $errmsg = $errmsg."Club workouts, ";
|
|
if (strlen($_POST[meetings]) < 4) $errmsg = $errmsg."Club meetings, ";
|
|
if (isset($errmsg)) {
|
|
$errmsg = "The following fields cannot be left blank: ".$errmsg."<br />";
|
|
$errmsg = rtrim($errmsg, ", ");
|
|
}
|
|
if (!is_numeric($_POST[membership])) $errmsg = $errmsg."Membership must be a number ONLY<br />";
|
|
$start_url = "(http(s)?\:\/\/)?"; // start url
|
|
$dots = "([\w_-]{2,}\.)+"; // one or more parts containing a '.' at the end
|
|
$last_part = "([\w_-]{2,})"; // last part doesn't contain a dot
|
|
$user = "((\/)(\~)[\w_=-]+)?((\/)[\w_=-]+)*"; // maybe subdirectories - possibly with user ~
|
|
$end = "((\/)|(\/)[\w_-]+\.[\w]{2,})?"; // maybe a slash at the end or slash+file+extension
|
|
$qstring1 = "((\?[\w_-]+\=([^\#]+)){0,1}"; // querystring - first argument (?a=b)
|
|
$qstring2 = "(\&[\w_-]+\=([^\#]+))*)?"; // querystring - following arguments (&c=d)
|
|
$bkmrk = "(#[\w_-]+)?"; // bookmark
|
|
|
|
$exp = "/^".$start_url.$dots.$last_part.$user.$end.$qstring1.$qstring2.$bkmrk."$/i";
|
|
if( !preg_match($exp, $_POST[website]) ) {
|
|
// Contains invalid characters.
|
|
$errmsg = $errmsg."Invalid Web Address<br />";
|
|
}
|
|
if( preg_match('/[^a-zA-Z0-9\. ]/', $_POST[name]) ) {
|
|
// Contains invalid characters.
|
|
$errmsg = $errmsg."Please use only letters and numbers in the name<br />";
|
|
}
|
|
if(!$errmsg){
|
|
|
|
$name = trim($_POST[name]);
|
|
$name_tag = strtolower(str_replace(" ","", $name));
|
|
if(strlen($nametag) > 12){ //Shorten it
|
|
$name_tag = substr($nametag, 0, 12);
|
|
}
|
|
$address = mysql_escape_string(trim($_POST[address]));
|
|
if (isset($_POST['address_two'])) { $address_two = mysql_escape_string(trim($_POST[address_two])); } else { $address_two = NULL; }
|
|
$city = mysql_escape_string(trim($_POST[city]));
|
|
$state = $_POST[state];
|
|
$state_tag = strtolower(str_replace(" ","", $state));
|
|
$zip = mysql_escape_string(trim($_POST[zip]));
|
|
$email = mysql_escape_string(trim($_POST[email]));
|
|
$website = mysql_escape_string(trim($_POST[website]));
|
|
$president = mysql_escape_string(trim($_POST[president]));
|
|
$dues = mysql_escape_string(trim($_POST[dues]));
|
|
$membership = mysql_escape_string(trim($_POST[membership]));
|
|
$board = $_POST[board];
|
|
if ( $board == 0 ){ $board_names = NULL; }else{ $board_names = mysql_escape_string(trim($_POST[board_names])); }
|
|
$info = mysql_escape_string(nl2br(substr(trim($_POST[info]), 0, 4096)));
|
|
$sponsors = mysql_escape_string(nl2br(substr(trim($_POST[sponsors]), 0, 4096)));
|
|
$discounts = mysql_escape_string(nl2br(substr(trim($_POST[discounts]), 0, 4096)));
|
|
$directions = mysql_escape_string(nl2br(substr(trim($_POST[directions]), 0, 4096)));
|
|
$workouts = mysql_escape_string(nl2br(substr(trim($_POST[workouts]), 0, 4096)));
|
|
$meetings = mysql_escape_string(nl2br(substr(trim($_POST[meetings]), 0, 4096)));
|
|
$submitted_by = $_POST[submitted_by];
|
|
|
|
if($_POST[confirm1] == 1){
|
|
$sql = "INSERT INTO ".$prefix."Triclubs (triclub_name, triclub_name_tag, triclub_address, triclub_address_two, triclub_city, triclub_state, triclub_state_tag, triclub_zip, triclub_email, triclub_website, triclub_president, triclub_board, triclub_board_names, triclub_membership, triclub_dues, triclub_info, triclub_sponsors, triclub_discounts, triclub_directions, triclub_workouts, triclub_meetings, triclub_submitted_by, triclub_valid) VALUES ('$name', '$name_tag', '$address', '$address_two', '$city', '$state', '$state_tag', '$zip', '$email', '$website', '$president', $board, '$board_names', '$membership', '$dues', '$info', '$sponsors', '$discounts', '$directions', '$workouts', '$meetings', '$submitted_by', 0)";
|
|
//echo("shop entered!");
|
|
//echo($sql);
|
|
mysql_query($sql) OR die(mysql_error());
|
|
//exit();
|
|
}else{
|
|
//echo("shop NOT entered.");
|
|
$confirm = 1;
|
|
}
|
|
}
|
|
//}else{
|
|
// $errmsg = 'Incorrect key.';
|
|
//}
|
|
?>
|