$wpdb->query($wpdb->prepare("DELETE FROM " . SL_TABLE . " WHERE sl_id='%d'", $_GET['delete']));
sl_process_tags("", "delete", $_GET['delete']);
}
/*elseif (empty($_GET['q'])) {
print "<div class='sl_admin_warning'>Security Check doesn't validate for deleting this location, make sure to delete by clicking the 'Delete' link next to a specific location.</div>";
}*/
}
if (!empty($_POST) && !empty($_GET['edit']) && $_POST['act'] != "delete") {
$field_value_str = "";
foreach ($_POST as $key => $value) {
if (preg_match("@\\-{$_GET['edit']}@", $key)) {
$key = str_replace("-{$_GET['edit']}", "", $key);
// stripping off number at the end (giving problems when constructing address string below)
if ($key == "sl_tags") {
//print "before: $value <br><br>";
$value = sl_prepare_tag_string($value);
//print "after: $value \r\n"; die();
}
if (is_array($value)) {
$value = serialize($value);
//for arrays being submitted
$field_value_str .= $key . "='{$value}',";
} else {
$field_value_str .= $key . "=" . $wpdb->prepare("%s", trim(comma(stripslashes($value)))) . ", ";
}
$_POST["{$key}"] = $value;
}
}
$field_value_str = substr($field_value_str, 0, strlen($field_value_str) - 2);
$edit = $_GET['edit'];
extract($_POST);
//adding or removing tags for specified a locations
if (!empty($_POST)) {
extract($_POST);
}
//var_dump($sl_id); exit;
if (is_array($sl_id) == 1) {
$rplc_arr = array_fill(0, count($sl_id), "%d");
//var_dump($rplc_arr); //die();
$id_string = implode(",", array_map(array($wpdb, "prepare"), $rplc_arr, $sl_id));
} else {
$id_string = $wpdb->prepare("%d", $sl_id);
}
if ($act == "add_tag") {
//adding tags
//die("UPDATE ".SL_TABLE." SET sl_tags=CONCAT(IFNULL(sl_tags, ''), %s ) WHERE sl_id IN ($id_string)");
$wpdb->query($wpdb->prepare("UPDATE " . SL_TABLE . " SET sl_tags=CONCAT(IFNULL(sl_tags, ''), %s ) WHERE sl_id IN ({$id_string})", sl_prepare_tag_string(strtolower($sl_tags))));
sl_process_tags(sl_prepare_tag_string(strtolower($sl_tags)), "insert", $sl_id);
} elseif ($act == "remove_tag") {
//removing tags
if (empty($sl_tags)) {
//if no tag is specified, all tags will be removed from selected locations
$wpdb->query("UPDATE " . SL_TABLE . " SET sl_tags='' WHERE sl_id IN ({$id_string})");
sl_process_tags("", "delete", $id_string);
} else {
//$wpdb->query($wpdb->prepare("UPDATE ".SL_TABLE." SET sl_tags='".sl_prepare_tag_string("%s")."' WHERE sl_id IN (%s)", $sl_tags, $id_string));
$wpdb->query($wpdb->prepare("UPDATE " . SL_TABLE . " SET sl_tags=REPLACE(sl_tags, %s, '') WHERE sl_id IN ({$id_string})", $sl_tags . ","));
$wpdb->query($wpdb->prepare("UPDATE " . SL_TABLE . " SET sl_tags=REPLACE(sl_tags, %s, '') WHERE sl_id IN ({$id_string})", $sl_tags . ","));
sl_process_tags($sl_tags, "delete", $id_string);
}
}
function sl_add_location()
{
global $wpdb;
$fieldList = "";
$valueList = "";
foreach ($_POST as $key => $value) {
if (preg_match("@sl_@", $key)) {
if ($key == "sl_tags") {
$value = sl_prepare_tag_string($value);
}
$fieldList .= "{$key},";
if (is_array($value)) {
$value = serialize($value);
//for arrays being submitted
$valueList .= "'{$value}',";
//$field_value_str.=$key."='$value',";
} else {
$valueList .= $wpdb->prepare("%s", comma(stripslashes($value))) . ",";
//$field_value_str.=$key."=".$wpdb->prepare("%s", trim(comma(stripslashes($value)))).", ";
}
}
}
$fieldList = substr($fieldList, 0, strlen($fieldList) - 1);
$valueList = substr($valueList, 0, strlen($valueList) - 1);
$wpdb->query("INSERT INTO " . SL_TABLE . " ({$fieldList}) VALUES ({$valueList})");
$new_loc_id = $wpdb->insert_id;
$address = "{$_POST['sl_address']}, {$_POST['sl_address2']}, {$_POST['sl_city']}, {$_POST['sl_state']} {$_POST['sl_zip']}";
sl_do_geocoding($address);
if (!empty($_POST['sl_tags'])) {
sl_process_tags($_POST['sl_tags'], "insert", $new_loc_id);
}
}
