166 lines
10 KiB
PHP
166 lines
10 KiB
PHP
<?PHP
|
|
|
|
if (!$_POST){ header('Location: '.$site_url.'/?error=no_post'); }
|
|
|
|
/*
|
|
|
|
FIELD NAMES:
|
|
retailer_id
|
|
retailer_name
|
|
retailer_name_tag
|
|
retailer_address
|
|
retailer_city
|
|
retailer_state
|
|
retailer_state_tag
|
|
retailer_zip
|
|
retailer_phone
|
|
retailer_fax
|
|
retailer_email
|
|
retailer_website
|
|
retailer_cart
|
|
retailer_mailorder_ecommerce
|
|
retailer_mailorder_phone
|
|
retailer_local_ecommerce
|
|
retailer_local_phone
|
|
retailer_pickup_ecommerce
|
|
retailer_pickup_phone
|
|
retailer_contact
|
|
retailer_contact_names
|
|
retailer_fist
|
|
retailer_fist_names
|
|
retailer_fist_road
|
|
retailer_fist_road_names
|
|
retailer_fist_advanced
|
|
retailer_fist_advanced_names
|
|
retailer_bfact
|
|
retailer_serotta
|
|
retailer_serotta_names
|
|
retailer_fitbikes
|
|
retailer_motioncapture
|
|
retailer_wetsuits
|
|
retailer_bikes
|
|
retailer_customs
|
|
retailer_hours
|
|
retailer_barnett
|
|
retailer_barnett_names
|
|
retailer_ubi
|
|
retailer_ubi_names
|
|
retailer_info
|
|
retailer_directions
|
|
submitted_by
|
|
|
|
*/
|
|
|
|
/* Need to ltrim and rtrim commas before insertion */
|
|
|
|
//Insert into database
|
|
$pass = 'abc123';
|
|
$errmsg = NULL;
|
|
//Check for blank fields
|
|
if ((!$_POST[retailer_name])) $errmsg = $errmsg.'Shop name, ';
|
|
if (!$_POST[retailer_city]) $errmsg = $errmsg.'City, ';
|
|
if (!$_POST[retailer_state]) $errmsg = $errmsg.'State, ';
|
|
if (!$_POST[retailer_address]) $errmsg = $errmsg.'Address, ';
|
|
if (!$_POST[retailer_phone]) $errmsg = $errmsg.'Phone, ';
|
|
if (!$_POST[retailer_email]) $errmsg = $errmsg.'Email, ';
|
|
if (!$_POST[retailer_hours]) $errmsg = $errmsg.'Shop hours, ';
|
|
if ($_POST[retailer_contact] == 1 && !$_POST[retailer_contact_names]) $errmsg = $errmsg.'Contact names, ';
|
|
if ($_POST[retailer_fist] == 1 && !$_POST[retailer_fist_names]) $errmsg = $errmsg.'F.I.S.T. Tri fitters names, ';
|
|
if ($_POST[retailer_fist_road] == 1 && !$_POST[retailer_fist_road_names]) $errmsg = $errmsg.'F.I.S.T. Road fitters names, ';
|
|
if ($_POST[retailer_serotta] == 1 && !$_POST[retailer_serotta_names]) $errmsg = $errmsg.'Serotta fitters names, ';
|
|
if ($_POST[retailer_barnett] == 1 && !$_POST[retailer_barnett_names]) $errmsg = $errmsg.'Barnett mechanics names, ';
|
|
if ($_POST[retailer_ubi] == 1 && !$_POST[retailer_ubi_names]) $errmsg = $errmsg.'UBI mechanics names, ';
|
|
if (strlen($_POST[retailer_info]) < 4) $errmsg = $errmsg.'Shop info, ';
|
|
if (strlen($_POST[retailer_directions]) < 4) $errmsg = $errmsg.'Directions, ';
|
|
if (isset($errmsg)) {
|
|
$errmsg = 'The following fields cannot be left blank: '.$errmsg;
|
|
$errmsg = rtrim($errmsg, ', ');
|
|
}
|
|
if( preg_match('/[^a-zA-Z0-9\. ]/', $_POST[retailer_name]) ) {
|
|
// Contains invalid characters.
|
|
$errmsg = "Please use only letters and numbers in the name";
|
|
}
|
|
// BEGIN ERROR MESSAGE CHECK
|
|
if(!$errmsg){
|
|
|
|
$name = mysql_real_escape_string(trim($_POST[retailer_name]));
|
|
$name_tag = mysql_real_escape_string(strtolower(str_replace(" ","", $name)));
|
|
if(strlen($nametag) > 12){ //Shorten it
|
|
$name_tag = substr($nametag, 0, 12);
|
|
}
|
|
$address = mysql_real_escape_string(trim($_POST[retailer_address]));
|
|
$address_two = mysql_real_escape_string(trim($_POST[retailer_address_two]));
|
|
$city = mysql_real_escape_string(trim($_POST[retailer_city]));
|
|
$state = mysql_real_escape_string($_POST[retailer_state]);
|
|
$state_tag = mysql_real_escape_string(strtolower(str_replace(" ","", $state)));
|
|
$zip = mysql_real_escape_string(trim($_POST[retailer_zip]));
|
|
$phone = mysql_real_escape_string(trim($_POST[retailer_phone]));
|
|
$fax = mysql_real_escape_string(trim($_POST[retailer_fax]));
|
|
$email = mysql_real_escape_string(trim($_POST[retailer_email]));
|
|
$website = mysql_real_escape_string(trim($_POST[retailer_website]));
|
|
$substring = "http://";
|
|
if (!is_int(strpos($website, $substring))) {
|
|
$website = "http://".$website;
|
|
}
|
|
$cart = mysql_real_escape_string(trim($_POST[retailer_cart]));
|
|
$mailorder_ecommerce = mysql_real_escape_string(trim($_POST[retailer_mailorder_ecommerce]));
|
|
$mailorder_phone = mysql_real_escape_string(trim($_POST[retailer_mailorder_phone]));
|
|
$local_ecommerce = mysql_real_escape_string(trim($_POST[retailer_local_ecommerce]));
|
|
$local_phone = mysql_real_escape_string(trim($_POST[retailer_local_phone]));
|
|
$pickup_ecommerce = mysql_real_escape_string(trim($_POST[retailer_pickup_ecommerce]));
|
|
$pickup_phone = mysql_real_escape_string(trim($_POST[retailer_pickup_phone]));
|
|
$contact = mysql_real_escape_string($_POST[retailer_contact]);
|
|
if ( $contact == 0 ){ $contact_names = NULL; }else{ $contact_names = mysql_real_escape_string(trim($_POST[retailer_contact_names])); }
|
|
$fist = mysql_real_escape_string($_POST[retailer_fist]);
|
|
if ( $fist == 0 ){ $fist_names = NULL; }else{ $fist_names = mysql_real_escape_string(trim($_POST[retailer_fist_names])); }
|
|
$fist_road = mysql_real_escape_string($_POST[retailer_fist_road]);
|
|
if ( $fist_road == 0 ){ $fist_road_names = NULL; }else{ $fist_road_names = mysql_real_escape_string(trim($_POST[retailer_fist_road_names])); }
|
|
$fist_advanced = mysql_real_escape_string($_POST[retailer_fist_advanced]);
|
|
if ( $fist_advanced == 0 ){ $fist_advanced_names = NULL; }else{ $fist_advanced_names = mysql_real_escape_string(trim($_POST[retailer_fist_advanced_names])); }
|
|
$bfact = mysql_real_escape_string(trim($_POST[retailer_bfact]));
|
|
$serotta = mysql_real_escape_string($_POST[retailer_serotta]);
|
|
if ( $serotta == 0 ){ $serotta_names = NULL; }else{ $serotta_names = mysql_real_escape_string(trim($_POST[retailer_serotta_names])); }
|
|
/* Need to ltrim and rtrim commas before insertion --> or ltrim/rtrim before implosion*/
|
|
$method = mysql_real_escape_string($_POST[retailer_method]);
|
|
$fitbikes = mysql_real_escape_string($_POST[retailer_fitbikes]);
|
|
$motioncapture = mysql_real_escape_string($_POST[retailer_motioncapture]);
|
|
$wetsuits = mysql_real_escape_string($_POST[retailer_wetsuits]);
|
|
$bikes = mysql_real_escape_string($_POST[retailer_bikes]);
|
|
$customs = mysql_real_escape_string($_POST[retailer_customs]);
|
|
$hours = mysql_real_escape_string(trim($_POST[retailer_hours]));
|
|
$barnett = mysql_real_escape_string($_POST[retailer_barnett]);
|
|
if ( $barnett == 0 ){ $barnett_names = NULL; }else{ $barnett_names = mysql_real_escape_string(trim($_POST[retailer_barnett_names])); }
|
|
$ubi = mysql_real_escape_string($_POST[retailer_ubi]);
|
|
if ( $ubi == 0 ){ $ubi_names = NULL; }else{ $ubi_names = mysql_real_escape_string(trim($_POST[retailer_ubi_names])); }
|
|
$info = mysql_real_escape_string(substr(trim($_POST[retailer_info]), 0, 4096));
|
|
$directions = mysql_real_escape_string(substr(trim($_POST[retailer_directions]), 0, 4096));
|
|
$submitted_by = mysql_real_escape_string($_POST[retailer_submitted_by]);
|
|
$id = mysql_real_escape_string($_POST[retailer_id]);
|
|
$edited_by = mysql_real_escape_string($_POST[edited_by]);
|
|
$edit_timestamp = time();
|
|
$spoke = mysql_real_escape_string(trim($_POST[retailer_spoke]));
|
|
|
|
// BEGIN CONFIRM ENTRY CHECK
|
|
if($_POST[confirm_entry] == 1){
|
|
if(isset($_POST[new_shop])){
|
|
$sql = "INSERT INTO gforum_Retailers (retailer_name, retailer_name_tag, retailer_address, retailer_address_two, retailer_city, retailer_state, retailer_state_tag, retailer_zip, retailer_phone, retailer_fax, retailer_email, retailer_website, retailer_cart, retailer_mailorder_ecommerce, retailer_mailorder_phone, retailer_local_ecommerce, retailer_local_phone, retailer_pickup_ecommerce, retailer_pickup_phone, retailer_contact, retailer_contact_names, retailer_fist, retailer_fist_names, retailer_fist_road, retailer_fist_road_names, retailer_fist_advanced, retailer_fist_advanced_names, retailer_bfact, retailer_serotta, retailer_serotta_names, retailer_method, retailer_fitbikes, retailer_motioncapture, retailer_wetsuits, retailer_bikes, retailer_customs, retailer_hours, retailer_barnett, retailer_barnett_names, retailer_ubi, retailer_ubi_names, retailer_info, retailer_directions, retailer_submitted_by, retailer_valid, retailer_spoke) VALUES ('$name', '$name_tag', '$address', '$address_two', '$city', '$state', '$state_tag', '$zip', '$phone', '$fax', '$email', '$website', '$cart', '$mailorder_ecommerce', '$mailorder_phone', '$local_ecommerce', '$local_phone', '$pickup_ecommerce', '$pickup_phone', $contact, '$contact_names', $fist, '$fist_names', $fist_road, '$fist_road_names', $fist_advanced, '$fist_advanced_names', '$bfact', $serotta, '$serotta_names', '$method', ',$fitbikes,', ',$motioncapture,', ',$wetsuits,', ',$bikes,', ',$customs,', '$hours', $barnett, '$barnett_names', $ubi, '$ubi_names', '$info', '$directions', $submitted_by, 0, '$spoke')";
|
|
//echo("shop entered!");
|
|
//echo($sql);
|
|
mysql_query($sql) OR die(mysql_error());
|
|
header('Location: '.$site_url.'/add.php?confirmed=yes');
|
|
} elseif(isset($_POST[save_changes])) {
|
|
$sql = "INSERT INTO gforum_RetailersEdits (retailer_id_fk, editor_user_id_fk, edit_timestamp, retailer_name, retailer_name_tag, retailer_address, retailer_address_two, retailer_city, retailer_state, retailer_state_tag, retailer_zip, retailer_phone, retailer_fax, retailer_email, retailer_website, retailer_cart, retailer_mailorder_ecommerce, retailer_mailorder_phone, retailer_local_ecommerce, retailer_local_phone, retailer_pickup_ecommerce, retailer_pickup_phone, retailer_contact, retailer_contact_names, retailer_fist, retailer_fist_names, retailer_fist_road, retailer_fist_road_names, retailer_fist_advanced, retailer_fist_advanced_names, retailer_bfact, retailer_serotta, retailer_serotta_names, retailer_method, retailer_fitbikes, retailer_motioncapture, retailer_wetsuits, retailer_bikes, retailer_customs, retailer_hours, retailer_barnett, retailer_barnett_names, retailer_ubi, retailer_ubi_names, retailer_info, retailer_directions, retailer_submitted_by, retailer_valid, retailer_spoke) VALUES ('$id', '$edited_by', '$edit_timestamp', '$name', '$name_tag', '$address', '$address_two', '$city', '$state', '$state_tag', '$zip', '$phone', '$fax', '$email', '$website', '$cart', '$mailorder_ecommerce', '$mailorder_phone', '$local_ecommerce', '$local_phone', '$pickup_ecommerce', '$pickup_phone', $contact, '$contact_names', $fist, '$fist_names', $fist_road, '$fist_road_names', $fist_advanced, '$fist_advanced_names', '$bfact', $serotta, '$serotta_names', '$method', ',$fitbikes,', ',$motioncapture,', ',$wetsuits,', ',$bikes,', ',$customs,', '$hours', $barnett, '$barnett_names', $ubi, '$ubi_names', '$info', '$directions', $submitted_by, 0, '$spoke')";
|
|
mysql_query($sql) OR die(mysql_error());
|
|
header('Location: '.$site_url.'/individual.php?retailer_id='.$id.'&wiki_change=success');
|
|
} else {
|
|
header('Location: '.$site_url.'/individual.php?retailer_id='.$id.'&changes=failure');
|
|
}
|
|
} else {
|
|
//echo("shop NOT entered.");
|
|
$confirm = 1;
|
|
}
|
|
// END CONFIRM ENTRY CHECK
|
|
}
|
|
// END ERROR MESSAGE CHECK
|
|
?>
|