$updateSQL .= "brewCarbonationMethod=" . GetSQLValueString($_POST['brewCarbonationMethod'], "text") . ", ";
$updateSQL .= "brewCarbonationVol=" . GetSQLValueString($_POST['brewCarbonationVol'], "text") . ", ";
$updateSQL .= "brewCarbonationNotes=" . GetSQLValueString($_POST['brewCarbonationNotes'], "text") . ", ";
$updateSQL .= "brewBoilHours=" . GetSQLValueString($_POST['brewBoilHours'], "text") . ", ";
$updateSQL .= "brewBoilMins=" . GetSQLValueString($_POST['brewBoilMins'], "text") . ", ";
}
$updateSQL .= "brewName=" . GetSQLValueString(capitalize($brewName), "text") . ", ";
$updateSQL .= "brewStyle=" . GetSQLValueString($row_style_name['brewStyle'], "text") . ", ";
$updateSQL .= "brewCategory=" . GetSQLValueString($styleTrim, "text") . ", ";
$updateSQL .= "brewCategorySort=" . GetSQLValueString($styleFix, "text") . ", ";
$updateSQL .= "brewSubCategory=" . GetSQLValueString($style[1], "text") . ", ";
$updateSQL .= "brewInfo=" . GetSQLValueString($brewInfo, "text") . ", ";
$updateSQL .= "brewMead1=" . GetSQLValueString($brewMead1, "text") . ", ";
$updateSQL .= "brewMead2=" . GetSQLValueString($brewMead2, "text") . ", ";
$updateSQL .= "brewMead3=" . GetSQLValueString($brewMead3, "text") . ", ";
$updateSQL .= "brewComments=" . GetSQLValueString(strip_newline($_POST['brewComments']), "text") . ", ";
$updateSQL .= "brewBrewerID=" . GetSQLValueString($brewBrewerID, "text") . ", ";
$updateSQL .= "brewBrewerFirstName=" . GetSQLValueString($brewBrewerFirstName, "text") . ", ";
$updateSQL .= "brewBrewerLastName=" . GetSQLValueString($brewBrewerLastName, "text") . ", ";
$updateSQL .= "brewJudgingLocation=" . GetSQLValueString($row_style_name['brewStyleJudgingLoc'], "text") . ", ";
$updateSQL .= "brewCoBrewer=" . GetSQLValueString(ucwords($_POST['brewCoBrewer']), "text") . ", ";
$updateSQL .= "brewUpdated=" . "NOW( ), ";
$updateSQL .= "brewJudgingNumber=" . GetSQLValueString($_POST['brewJudgingNumber'], "text") . ", ";
$updateSQL .= "brewConfirmed=" . GetSQLValueString($_POST['brewConfirmed'], "text");
$updateSQL .= " WHERE id ='" . $id . "'";
mysql_real_escape_string($updateSQL);
mysql_select_db($database, $brewing);
$result1 = mysql_query($updateSQL, $brewing) or die(mysql_error());
//echo $updateSQL."<br>";
// Build updade url
if (check_special_ingredients($styleBreak, $_SESSION['prefsStyleSet']) && $_POST['brewInfo'] == "") {
mysql_real_escape_string($updateSQL);
$result1 = mysql_query($updateSQL, $brewing) or die(mysql_error());
}
$massUpdateGoTo = $base_url . "index.php?section=admin&go=mods&msg=9";
$pattern = array('\'', '"');
$massUpdateGoTo = str_replace($pattern, "", $massUpdateGoTo);
header(sprintf("Location: %s", stripslashes($massUpdateGoTo)));
}
if ($action == "add") {
$insertSQL = sprintf("\r\n\t\t\t\t\t\tINSERT INTO {$mods_db_table} \r\n\t\t\t\t\t\t(\r\n\t\t\t\t\t\tmod_name,\r\n\t\t\t\t\t\tmod_type, \r\n\t\t\t\t\t\tmod_extend_function, \r\n\t\t\t\t\t\tmod_extend_function_admin, \r\n\t\t\t\t\t\tmod_filename, \r\n\t\t\t\t\t\tmod_description, \r\n\t\t\t\t\t\tmod_permission, \r\n\t\t\t\t\t\tmod_rank, \r\n\t\t\t\t\t\tmod_display_rank,\r\n\t\t\t\t\t\tmod_enable\r\n\t\t\t\t\t\t) \r\n\t\t\t\t\t\tVALUES \r\n\t\t\t\t\t\t(\r\n\t\t\t\t\t\t%s, %s, %s, %s, %s,\r\n\t\t\t\t\t\t%s, %s, %s, %s, %s\r\n\t\t\t\t\t\t)", GetSQLValueString(strtr($_POST['mod_name'], $html_string), "text"), GetSQLValueString($_POST['mod_type'], "int"), GetSQLValueString($_POST['mod_extend_function'], "int"), GetSQLValueString($mod_extend_function_admin, "text"), GetSQLValueString($_POST['mod_filename'], "text"), GetSQLValueString(strip_newline($_POST['mod_description']), "text"), GetSQLValueString($_POST['mod_permission'], "int"), GetSQLValueString($_POST['mod_rank'], "int"), GetSQLValueString($_POST['mod_display_rank'], "int"), GetSQLValueString($_POST['mod_enable'], "int"));
mysql_select_db($database, $brewing);
mysql_real_escape_string($insertSQL);
$result1 = mysql_query($insertSQL, $brewing) or die(mysql_error());
$pattern = array('\'', '"');
$insertGoTo = str_replace($pattern, "", $insertGoTo);
header(sprintf("Location: %s", stripslashes($insertGoTo)));
}
if ($action == "edit") {
$updateSQL = sprintf("\r\n\t\t\t\t\tUPDATE {$mods_db_table} SET \r\n\t\t\t\t\tmod_name=%s,\r\n\t\t\t\t\tmod_type=%s, \r\n\t\t\t\t\tmod_extend_function=%s, \r\n\t\t\t\t\tmod_extend_function_admin=%s, \r\n\t\t\t\t\tmod_filename=%s, \r\n\t\t\t\t\tmod_description=%s, \r\n\t\t\t\t\tmod_permission=%s, \r\n\t\t\t\t\tmod_rank=%s, \r\n\t\t\t\t\tmod_display_rank=%s,\r\n\t\t\t\t\tmod_enable=%s\r\n\t\t\t\t\tWHERE id=%s", GetSQLValueString(strtr($_POST['mod_name'], $html_string), "text"), GetSQLValueString($_POST['mod_type'], "int"), GetSQLValueString($_POST['mod_extend_function'], "int"), GetSQLValueString($mod_extend_function_admin, "text"), GetSQLValueString($_POST['mod_filename'], "text"), GetSQLValueString(strip_newline($_POST['mod_description']), "text"), GetSQLValueString($_POST['mod_permission'], "int"), GetSQLValueString($_POST['mod_rank'], "int"), GetSQLValueString($_POST['mod_display_rank'], "int"), GetSQLValueString($_POST['mod_enable'], "int"), GetSQLValueString($id, "int"));
mysql_select_db($database, $brewing);
mysql_real_escape_string($updateSQL);
$result1 = mysql_query($updateSQL, $brewing) or die(mysql_error());
$pattern = array('\'', '"');
$updateGoTo = str_replace($pattern, "", $updateGoTo);
header(sprintf("Location: %s", stripslashes($updateGoTo)));
}
}
// end else NHC
} else {
echo "<p>Not available.</p>";
}
/*
* Module: process_special_best_info.inc.php
* Description: This module does all the heavy lifting for adding/editing info in the "special_best_info" table
*/
if (isset($_SESSION['loginUsername']) && $_SESSION['userLevel'] <= 1) {
if (NHC) {
// Place NHC SQL calls below
} else {
if ($action == "add") {
$insertSQL = sprintf("INSERT INTO {$special_best_info_db_table} (sbi_name, sbi_description, sbi_places, sbi_rank, sbi_display_places) VALUES (%s, %s, %s, %s, %s)", GetSQLValueString(strtr($_POST['sbi_name'], $html_string), "text"), GetSQLValueString(strip_newline($_POST['sbi_description']), "text"), GetSQLValueString($_POST['sbi_places'], "int"), GetSQLValueString($_POST['sbi_rank'], "int"), GetSQLValueString($_POST['sbi_display_places'], "int"));
mysql_select_db($database, $brewing);
mysql_real_escape_string($insertSQL);
$result1 = mysql_query($insertSQL, $brewing) or die(mysql_error());
$pattern = array('\'', '"');
$insertGoTo = str_replace($pattern, "", $insertGoTo);
header(sprintf("Location: %s", stripslashes($insertGoTo)));
}
if ($action == "edit") {
$updateSQL = sprintf("UPDATE {$special_best_info_db_table} SET sbi_name=%s, sbi_description=%s, sbi_places=%s, sbi_rank=%s, sbi_display_places=%s WHERE id=%s", GetSQLValueString(strtr($_POST['sbi_name'], $html_string), "text"), GetSQLValueString(strip_newline($_POST['sbi_description']), "text"), GetSQLValueString($_POST['sbi_places'], "int"), GetSQLValueString($_POST['sbi_rank'], "int"), GetSQLValueString($_POST['sbi_display_places'], "int"), GetSQLValueString($id, "int"));
mysql_select_db($database, $brewing);
mysql_real_escape_string($updateSQL);
$result1 = mysql_query($updateSQL, $brewing) or die(mysql_error());
$pattern = array('\'', '"');
$updateGoTo = str_replace($pattern, "", $updateGoTo);
header(sprintf("Location: %s", stripslashes($updateGoTo)));
}
}
// end else NHC
} else {
echo "<p>Not available.</p>";
}
