$connection = mysql_connect($host, $user, $password) or die("couldn't connect to server");
$db = mysql_select_db($database, $connection) or die("Couldn't select database");
if (@$_POST['newbutton'] == "Cancel") {
header("Location: " . $working_directory . "dashboard/");
}
$today = date("Y-m-d H:i:s");
// grab data
$user_name = mysql_real_escape_string(strip_tags(trim($_POST['user_name'])));
$user_first_name = mysql_real_escape_string(strip_tags(trim($_POST['user_first_name'])));
$user_id = mysql_real_escape_string(strip_tags(trim($_POST['user_id'])));
$email = mysql_real_escape_string(strip_tags(trim($_POST['email'])));
$about_user = mysql_real_escape_string(strip_tags(trim($_POST['about_user'])));
$country = mysql_real_escape_string(strip_tags(trim($_POST['country'])));
$street = mysql_real_escape_string(strip_tags(trim($_POST['street'])));
$city = mysql_real_escape_string(strip_tags(trim($_POST['city'])));
$state = mysql_real_escape_string(strip_tags(trim($_POST['state'])));
$postal_code = mysql_real_escape_string(strip_tags(trim($_POST['postal_code'])));
if (!$about_user) {
$about_user = "******" . $user_first_name . "!";
}
$basic_query = "INSERT INTO Basic_User_Information(fb_uid, email, name, first_name, date_registered, about_me, pic_square, pic_big) \n\t\t\t\t\tVALUES('{$user_id}', '{$email}', '{$user_name}', '{$user_first_name}', '{$today}', '{$about_user}', 'http://athoody.com/service_pictures/temp_user/temp_user_logo_thumb.png', 'http://athoody.com/service_pictures/temp_user/temp_user_logo_big.png')";
$result = mysql_query($basic_query) or die(fatal_error(276, $user, $user, $today, $basic_query, mysql_error()));
$user_lookup_sql = "INSERT INTO User_Lookup(fb_uid,profile_name) VALUES('{$user_id}','{$user_id}')";
$result = mysql_query($user_lookup_sql) or die(fatal_error(277, $user, $user, $today, $user_lookup_sql, mysql_error()));
$lnglat = geocoding($street, $city, $state, $country, $postal_code);
$lng = $lnglat["lng"];
$lat = $lnglat["lat"];
$address_query = "INSERT INTO User_Address(fb_uid,lng,lat) VALUES('{$user_id}','{$lng}','{$lat}')";
$result = mysql_query($address_query) or die(fatal_error(278, $user, $user, $today, $address_query, mysql_error()));
// make a note of the location of the success page
header('Location: profile/' . $user_id . '/');
extract($service_row);
if ($_POST[location1] == "street_address" && ($_POST[new_street] != "" || $_POST[new_state] != "" || $_POST[new_city] != "") && ($_POST[new_street] != $database_street || $_POST[new_state] != $database_state || $_POST[new_city] != $database_city)) {
if ($_POST[new_street] != $database_street) {
$database_street = mysql_real_escape_string($_POST[new_street]);
}
if ($_POST[new_state] != $database_state) {
$database_state = mysql_real_escape_string($_POST[new_state]);
}
if ($_POST[new_city] != $database_city) {
$database_city = mysql_real_escape_string($_POST[new_city]);
}
$database_areacode = '';
$_POST[new_areacode] = '';
// Use Street Address for geocoding
if ($database_street || !$database_areacode && $database_state || !$database_areacode && $database_city) {
$lnglat = geocoding($database_street, $database_city, $database_state, $database_country, NULL);
}
$lng = $lnglat["lng"];
$lat = $lnglat["lat"];
$address_sql = "UPDATE User_Address SET street='{$database_street}',state='{$database_state}'\n\t\t\t,city='{$database_city}',area_code='',lng='{$lng}',lat='{$lat}' WHERE fb_uid='{$user}'";
$address_result = mysql_query($address_sql) or die(fatal_error(56, $user, $user, $today, $address_sql, mysql_error()));
$update_status_address = 1;
}
//End of if
//inactivate a service
if (isset($_GET['inactivate'])) {
//Typecast it to an integer:
$inactivate = (int) $_GET['inactivate'];
//An invalid $_GET['inactivate'] value would be typecast to 0
//$inactivate must have a valid value
if ($inactivate > 0) {
//Update address - country
//Update address - country
case 10:
$query = "UPDATE User_Address SET country='{$value}' WHERE fb_uid='{$id}'";
$result = mysql_query($query) or die(minor_error(198, $fbme, $uid, $today, $query, mysql_error()));
echo $value;
break;
//Update address - area code
//Update address - area code
case 11:
$value = filter_var($value, FILTER_SANITIZE_STRING);
$address_sql = "SELECT city,state,country,area_code,street FROM User_Address WHERE fb_uid='{$id}'";
$result = mysql_query($address_sql) or die(minor_error(199, $fbme, $uid, $today, $address_sql, mysql_error()));
$row1 = mysql_fetch_array($result, MYSQL_ASSOC);
$database_country = $row1['country'];
$lnglat = geocoding(NULL, NULL, NULL, $database_country, $value);
$lng = $lnglat["lng"];
$lat = $lnglat["lat"];
$address_sql = "UPDATE User_Address SET street='',state='',city='',area_code='{$value}',lng='{$lng}',lat='{$lat}' WHERE fb_uid='{$id}'";
$address_result = mysql_query($address_sql) or die(minor_error(200, $fbme, $uid, $today, $address_sql, mysql_error()));
echo $value;
break;
//cases for flyer.php updates - description
//cases for flyer.php updates - description
case 12:
$query = "UPDATE Listing_Overview SET flyer_description='" . $_POST['value'] . "' WHERE listing_id='{$id}'";
$result = mysql_query($query) or die(minor_error(201, $fbme, $uid, $today, $query, mysql_error()));
echo $_POST['value'];
break;
//cases for flyer.php updates - about me
//cases for flyer.php updates - about me
$query = "INSERT INTO Listing_Location(listing_id,listing_location,show_address) VALUES('{$listing_id}',0,'{$show}')";
$result = mysql_query($query) or die(fatal_error(298, $user, $user, $today, $query, mysql_error()));
} else {
if ($location1 == "away_home") {
if ($location2 == "buyer_home") {
$query = "INSERT INTO Listing_Location(listing_id,listing_location,listing_range) VALUES('{$listing_id}',1,'{$range}')";
$result = mysql_query($query) or die(fatal_error(299, $user, $user, $today, $query, mysql_error()));
} else {
if ($location2 == "other") {
$sql = "SELECT country,state FROM User_Address WHERE fb_uid='{$user}'";
$result = mysql_query($sql) or die(fatal_error(300, $user, $user, $today, $sql, mysql_error()));
$service_row = mysql_fetch_array($result, MYSQL_ASSOC);
extract($service_row);
// Updated 3/31
// Adding lng/lat component via Google geocoding API
$lnglat = geocoding($street, $city, $state, $country);
$lng = $lnglat["lng"];
$lat = $lnglat["lat"];
$query = "INSERT INTO Listing_Location(listing_id,listing_location,country,state,city,street,show_address,lng,lat)\n\t\t\t\t\t\tVALUES('{$listing_id}',2,'{$country}','{$state}','{$city}','{$street}','{$show}','{$lng}','{$lat}')";
$result = mysql_query($query) or die(fatal_error(301, $user, $user, $today, $query, mysql_error()));
}
}
}
}
// End of else if ($location1 = "away_home")
// legacy picture upload
if (empty($upload_pictures)) {
if ($picture_count == 0) {
$picture_index[0] = 136;
// Insert data into the Listing_Pictures table
$query = "INSERT INTO Listing_Pictures(listing_id,picture_id_1,picture_count) VALUES('{$listing_id}','{$picture_index['0']}',1)";
$lng = $lnglat["lng"];
$lat = $lnglat["lat"];
$address_query = "INSERT INTO User_Address(fb_uid, city, state, country,lng,lat) VALUES('{$user}', '{$facebook_city}','{$facebook_state}','{$facebook_country}','{$lng}','{$lat}')";
} else {
$address_query = "INSERT INTO User_Address(fb_uid) VALUES('{$user}')";
}
$result = mysql_query($address_query) or die(fatal_error(9, $user, $user, $today, $address_query, mysql_error()));
}
// end of if ($num == 0)
//determine if the user is already in the database, add user into the database if not
$sql = "SELECT fb_uid FROM User_Address WHERE fb_uid='{$user}'";
$address_result = mysql_query($sql) or die("Couldn't execute query - checking membership");
$address_num = mysql_num_rows($address_result);
if ($address_num == 0) {
if ($facebook_country) {
$lnglat = geocoding(NULL, $facebook_city, $facebook_state, $facebook_country, NULL);
$lng = $lnglat["lng"];
$lat = $lnglat["lat"];
$address_query = "INSERT INTO User_Address(fb_uid, city, state, country,lng,lat) VALUES('{$user}', '{$facebook_city}','{$facebook_state}','{$facebook_country}','{$lng}','{$lat}')";
} else {
$address_query = "INSERT INTO User_Address(fb_uid) VALUES('{$user}')";
}
$result = mysql_query($address_query) or die(fatal_error(10, $user, $user, $today, $address_query, mysql_error()));
}
// end of if ($num == 0)
// End adding user to database
if ($email != $facebook_email && $facebook_email) {
$email_sql = "UPDATE Basic_User_Information SET email='{$facebook_email}' WHERE fb_uid='{$user}'";
$email_result = mysql_query($email_sql) or die(fatal_error(11, $user, $user, $today, $email_sql, mysql_error()));
$refresh_action = 1;
}