//adding or removing tags for specified a locations if (!empty($_POST)) { extract($_POST); } //var_dump($sl_id); exit; if (is_array($sl_id) == 1) { $rplc_arr = array_fill(0, count($sl_id), "%d"); //var_dump($rplc_arr); //die(); $id_string = implode(",", array_map(array($wpdb, "prepare"), $rplc_arr, $sl_id)); } else { $id_string = $wpdb->prepare("%d", $sl_id); } if ($act == "add_tag") { //adding tags //die("UPDATE ".SL_TABLE." SET sl_tags=CONCAT(IFNULL(sl_tags, ''), %s ) WHERE sl_id IN ($id_string)"); $wpdb->query($wpdb->prepare("UPDATE " . SL_TABLE . " SET sl_tags=CONCAT(IFNULL(sl_tags, ''), %s ) WHERE sl_id IN ({$id_string})", sl_prepare_tag_string(strtolower($sl_tags)))); sl_process_tags(sl_prepare_tag_string(strtolower($sl_tags)), "insert", $sl_id); } elseif ($act == "remove_tag") { //removing tags if (empty($sl_tags)) { //if no tag is specified, all tags will be removed from selected locations $wpdb->query("UPDATE " . SL_TABLE . " SET sl_tags='' WHERE sl_id IN ({$id_string})"); sl_process_tags("", "delete", $id_string); } else { //$wpdb->query($wpdb->prepare("UPDATE ".SL_TABLE." SET sl_tags='".sl_prepare_tag_string("%s")."' WHERE sl_id IN (%s)", $sl_tags, $id_string)); $wpdb->query($wpdb->prepare("UPDATE " . SL_TABLE . " SET sl_tags=REPLACE(sl_tags, %s, '') WHERE sl_id IN ({$id_string})", $sl_tags . ",")); $wpdb->query($wpdb->prepare("UPDATE " . SL_TABLE . " SET sl_tags=REPLACE(sl_tags, %s, '') WHERE sl_id IN ({$id_string})", $sl_tags . ",")); sl_process_tags($sl_tags, "delete", $id_string); } }
function sl_add_location() { global $wpdb; $fieldList = ""; $valueList = ""; foreach ($_POST as $key => $value) { if (preg_match("@sl_@", $key)) { if ($key == "sl_tags") { $value = sl_prepare_tag_string($value); } $fieldList .= "{$key},"; if (is_array($value)) { $value = serialize($value); //for arrays being submitted $valueList .= "'{$value}',"; //$field_value_str.=$key."='$value',"; } else { $valueList .= $wpdb->prepare("%s", comma(stripslashes($value))) . ","; //$field_value_str.=$key."=".$wpdb->prepare("%s", trim(comma(stripslashes($value)))).", "; } } } $fieldList = substr($fieldList, 0, strlen($fieldList) - 1); $valueList = substr($valueList, 0, strlen($valueList) - 1); $wpdb->query("INSERT INTO " . SL_TABLE . " ({$fieldList}) VALUES ({$valueList})"); $new_loc_id = $wpdb->insert_id; $address = "{$_POST['sl_address']}, {$_POST['sl_address2']}, {$_POST['sl_city']}, {$_POST['sl_state']} {$_POST['sl_zip']}"; sl_do_geocoding($address); if (!empty($_POST['sl_tags'])) { sl_process_tags($_POST['sl_tags'], "insert", $new_loc_id); } }
} } $field_value_str = substr($field_value_str, 0, strlen($field_value_str) - 2); $edit = $_GET['edit']; extract($_POST); $the_address = "{$sl_address}, {$sl_address2}, {$sl_city}, {$sl_state} {$sl_zip}"; if (empty($_POST['no_geocode']) || $_POST['no_geocode'] != 1) { //no_geocode sent by addons that manually edit the the coordinates. Prevents sl_do_geocoding() from overwriting the manual edit. $old_address = $wpdb->get_results("SELECT * FROM " . SL_TABLE . " WHERE sl_id='" . esc_sql($_GET['edit']) . "'", ARRAY_A); } //die("UPDATE ".SL_TABLE." SET $field_value_str WHERE sl_id='%d'"); //$wpdb->query($wpdb->prepare("UPDATE ".SL_TABLE." SET $field_value_str WHERE sl_id='%d'", $_GET['edit'])); $wpdb->query($wpdb->prepare("UPDATE " . SL_TABLE . " SET " . str_replace("%", "%%", $field_value_str) . " WHERE sl_id='%d'", $_GET['edit'])); //Thank you WP user @kostofffan; fixes 'empty query' bug when user is trying to update location with a '%' sign in it if (!empty($_POST['sl_tags'])) { sl_process_tags($_POST['sl_tags'], "insert", $_GET['edit']); } if ((empty($_POST['sl_longitude']) || $_POST['sl_longitude'] == $old_address[0]['sl_longitude']) && (empty($_POST['sl_latitude']) || $_POST['sl_latitude'] == $old_address[0]['sl_latitude'])) { if ($the_address != $old_address[0]['sl_address'] . " " . $old_address[0]['sl_address2'] . ", " . $old_address[0]['sl_city'] . ", " . $old_address[0]['sl_state'] . " " . $old_address[0]['sl_zip'] || ($old_address[0]['sl_latitude'] === "" || $old_address[0]['sl_longitude'] === "")) { sl_do_geocoding($the_address, $_GET['edit']); if (!empty($GLOBALS['sdg_reply']) && $GLOBALS['sdg_reply'] == "1st_attempt") { //added - v3.73, 7/10/15 - refresh page here only if successful on first geocoding attempt; 2nd attempt refreshing handled in sl_do_geocoding() print "<script>location.replace('" . str_replace("&edit={$_GET['edit']}", "", $_SERVER['REQUEST_URI']) . "');</script>"; } } else { //added - v3.73, 7/10/15 - refresh page if nothing about address changes print "<script>location.replace('" . str_replace("&edit={$_GET['edit']}", "", $_SERVER['REQUEST_URI']) . "');</script>"; } } //commented out - v3.73, 7/10/15 - in order to allow time to view geocoding status message when updating single location //print "<script>location.replace('".str_replace("&edit=$_GET[edit]", "", $_SERVER['REQUEST_URI'])."');</script>";
<?php if ($_POST) { extract($_POST); } if (is_array($sl_id) == 1) { $rplc_arr = array_fill(0, count($sl_id), "%d"); $id_string = implode(",", array_map(array($wpdb, "prepare"), $rplc_arr, $sl_id)); } else { $id_string = $wpdb->prepare("%d", $sl_id); } $wpdb->query("DELETE FROM " . SL_TABLE . " WHERE sl_id IN ({$id_string})"); sl_process_tags("", "delete", $id_string);