Exemplo n.º 1
0
$connection = mysql_connect($host, $user, $password) or die("couldn't connect to server");
$db = mysql_select_db($database, $connection) or die("Couldn't select database");
if (@$_POST['newbutton'] == "Cancel") {
    header("Location: " . $working_directory . "dashboard/");
}
$today = date("Y-m-d H:i:s");
// grab data
$user_name = mysql_real_escape_string(strip_tags(trim($_POST['user_name'])));
$user_first_name = mysql_real_escape_string(strip_tags(trim($_POST['user_first_name'])));
$user_id = mysql_real_escape_string(strip_tags(trim($_POST['user_id'])));
$email = mysql_real_escape_string(strip_tags(trim($_POST['email'])));
$about_user = mysql_real_escape_string(strip_tags(trim($_POST['about_user'])));
$country = mysql_real_escape_string(strip_tags(trim($_POST['country'])));
$street = mysql_real_escape_string(strip_tags(trim($_POST['street'])));
$city = mysql_real_escape_string(strip_tags(trim($_POST['city'])));
$state = mysql_real_escape_string(strip_tags(trim($_POST['state'])));
$postal_code = mysql_real_escape_string(strip_tags(trim($_POST['postal_code'])));
if (!$about_user) {
    $about_user = "******" . $user_first_name . "!";
}
$basic_query = "INSERT INTO Basic_User_Information(fb_uid, email, name, first_name, date_registered, about_me, pic_square, pic_big) \n\t\t\t\t\tVALUES('{$user_id}', '{$email}', '{$user_name}', '{$user_first_name}', '{$today}', '{$about_user}', 'http://athoody.com/service_pictures/temp_user/temp_user_logo_thumb.png', 'http://athoody.com/service_pictures/temp_user/temp_user_logo_big.png')";
$result = mysql_query($basic_query) or die(fatal_error(276, $user, $user, $today, $basic_query, mysql_error()));
$user_lookup_sql = "INSERT INTO User_Lookup(fb_uid,profile_name) VALUES('{$user_id}','{$user_id}')";
$result = mysql_query($user_lookup_sql) or die(fatal_error(277, $user, $user, $today, $user_lookup_sql, mysql_error()));
$lnglat = geocoding($street, $city, $state, $country, $postal_code);
$lng = $lnglat["lng"];
$lat = $lnglat["lat"];
$address_query = "INSERT INTO User_Address(fb_uid,lng,lat) VALUES('{$user_id}','{$lng}','{$lat}')";
$result = mysql_query($address_query) or die(fatal_error(278, $user, $user, $today, $address_query, mysql_error()));
// make a note of the location of the success page
header('Location: profile/' . $user_id . '/');
Exemplo n.º 2
0
 extract($service_row);
 if ($_POST[location1] == "street_address" && ($_POST[new_street] != "" || $_POST[new_state] != "" || $_POST[new_city] != "") && ($_POST[new_street] != $database_street || $_POST[new_state] != $database_state || $_POST[new_city] != $database_city)) {
     if ($_POST[new_street] != $database_street) {
         $database_street = mysql_real_escape_string($_POST[new_street]);
     }
     if ($_POST[new_state] != $database_state) {
         $database_state = mysql_real_escape_string($_POST[new_state]);
     }
     if ($_POST[new_city] != $database_city) {
         $database_city = mysql_real_escape_string($_POST[new_city]);
     }
     $database_areacode = '';
     $_POST[new_areacode] = '';
     // Use Street Address for geocoding
     if ($database_street || !$database_areacode && $database_state || !$database_areacode && $database_city) {
         $lnglat = geocoding($database_street, $database_city, $database_state, $database_country, NULL);
     }
     $lng = $lnglat["lng"];
     $lat = $lnglat["lat"];
     $address_sql = "UPDATE User_Address SET street='{$database_street}',state='{$database_state}'\n\t\t\t,city='{$database_city}',area_code='',lng='{$lng}',lat='{$lat}' WHERE fb_uid='{$user}'";
     $address_result = mysql_query($address_sql) or die(fatal_error(56, $user, $user, $today, $address_sql, mysql_error()));
     $update_status_address = 1;
 }
 //End of if
 //inactivate a service
 if (isset($_GET['inactivate'])) {
     //Typecast it to an integer:
     $inactivate = (int) $_GET['inactivate'];
     //An invalid $_GET['inactivate'] value would be typecast to 0
     //$inactivate must have a valid value
     if ($inactivate > 0) {
Exemplo n.º 3
0
     //Update address - country
 //Update address - country
 case 10:
     $query = "UPDATE User_Address SET country='{$value}' WHERE fb_uid='{$id}'";
     $result = mysql_query($query) or die(minor_error(198, $fbme, $uid, $today, $query, mysql_error()));
     echo $value;
     break;
     //Update address - area code
 //Update address - area code
 case 11:
     $value = filter_var($value, FILTER_SANITIZE_STRING);
     $address_sql = "SELECT city,state,country,area_code,street FROM User_Address WHERE fb_uid='{$id}'";
     $result = mysql_query($address_sql) or die(minor_error(199, $fbme, $uid, $today, $address_sql, mysql_error()));
     $row1 = mysql_fetch_array($result, MYSQL_ASSOC);
     $database_country = $row1['country'];
     $lnglat = geocoding(NULL, NULL, NULL, $database_country, $value);
     $lng = $lnglat["lng"];
     $lat = $lnglat["lat"];
     $address_sql = "UPDATE User_Address SET street='',state='',city='',area_code='{$value}',lng='{$lng}',lat='{$lat}' WHERE fb_uid='{$id}'";
     $address_result = mysql_query($address_sql) or die(minor_error(200, $fbme, $uid, $today, $address_sql, mysql_error()));
     echo $value;
     break;
     //cases for flyer.php updates - description
 //cases for flyer.php updates - description
 case 12:
     $query = "UPDATE Listing_Overview SET flyer_description='" . $_POST['value'] . "' WHERE listing_id='{$id}'";
     $result = mysql_query($query) or die(minor_error(201, $fbme, $uid, $today, $query, mysql_error()));
     echo $_POST['value'];
     break;
     //cases for flyer.php updates - about me
 //cases for flyer.php updates - about me
Exemplo n.º 4
0
     $query = "INSERT INTO Listing_Location(listing_id,listing_location,show_address) VALUES('{$listing_id}',0,'{$show}')";
     $result = mysql_query($query) or die(fatal_error(298, $user, $user, $today, $query, mysql_error()));
 } else {
     if ($location1 == "away_home") {
         if ($location2 == "buyer_home") {
             $query = "INSERT INTO Listing_Location(listing_id,listing_location,listing_range) VALUES('{$listing_id}',1,'{$range}')";
             $result = mysql_query($query) or die(fatal_error(299, $user, $user, $today, $query, mysql_error()));
         } else {
             if ($location2 == "other") {
                 $sql = "SELECT country,state FROM User_Address WHERE fb_uid='{$user}'";
                 $result = mysql_query($sql) or die(fatal_error(300, $user, $user, $today, $sql, mysql_error()));
                 $service_row = mysql_fetch_array($result, MYSQL_ASSOC);
                 extract($service_row);
                 // Updated 3/31
                 // Adding lng/lat component via Google geocoding API
                 $lnglat = geocoding($street, $city, $state, $country);
                 $lng = $lnglat["lng"];
                 $lat = $lnglat["lat"];
                 $query = "INSERT INTO Listing_Location(listing_id,listing_location,country,state,city,street,show_address,lng,lat)\n\t\t\t\t\t\tVALUES('{$listing_id}',2,'{$country}','{$state}','{$city}','{$street}','{$show}','{$lng}','{$lat}')";
                 $result = mysql_query($query) or die(fatal_error(301, $user, $user, $today, $query, mysql_error()));
             }
         }
     }
 }
 // End of else if ($location1 = "away_home")
 // legacy picture upload
 if (empty($upload_pictures)) {
     if ($picture_count == 0) {
         $picture_index[0] = 136;
         // Insert data into the Listing_Pictures table
         $query = "INSERT INTO Listing_Pictures(listing_id,picture_id_1,picture_count) VALUES('{$listing_id}','{$picture_index['0']}',1)";
Exemplo n.º 5
0
         $lng = $lnglat["lng"];
         $lat = $lnglat["lat"];
         $address_query = "INSERT INTO User_Address(fb_uid, city, state, country,lng,lat) VALUES('{$user}', '{$facebook_city}','{$facebook_state}','{$facebook_country}','{$lng}','{$lat}')";
     } else {
         $address_query = "INSERT INTO User_Address(fb_uid) VALUES('{$user}')";
     }
     $result = mysql_query($address_query) or die(fatal_error(9, $user, $user, $today, $address_query, mysql_error()));
 }
 // end of if ($num == 0)
 //determine if the user is already in the database, add user into the database if not
 $sql = "SELECT fb_uid FROM User_Address WHERE fb_uid='{$user}'";
 $address_result = mysql_query($sql) or die("Couldn't execute query - checking membership");
 $address_num = mysql_num_rows($address_result);
 if ($address_num == 0) {
     if ($facebook_country) {
         $lnglat = geocoding(NULL, $facebook_city, $facebook_state, $facebook_country, NULL);
         $lng = $lnglat["lng"];
         $lat = $lnglat["lat"];
         $address_query = "INSERT INTO User_Address(fb_uid, city, state, country,lng,lat) VALUES('{$user}', '{$facebook_city}','{$facebook_state}','{$facebook_country}','{$lng}','{$lat}')";
     } else {
         $address_query = "INSERT INTO User_Address(fb_uid) VALUES('{$user}')";
     }
     $result = mysql_query($address_query) or die(fatal_error(10, $user, $user, $today, $address_query, mysql_error()));
 }
 // end of if ($num == 0)
 // End adding user to database
 if ($email != $facebook_email && $facebook_email) {
     $email_sql = "UPDATE Basic_User_Information SET email='{$facebook_email}' WHERE fb_uid='{$user}'";
     $email_result = mysql_query($email_sql) or die(fatal_error(11, $user, $user, $today, $email_sql, mysql_error()));
     $refresh_action = 1;
 }