forked from science-ation/science-ation
Update rollover script to roll sponsors & awards properly
Switch all mysql_escape_string to mysql_real_escape_string
This commit is contained in:
james
parent
8ef4d37327
commit
2f0deca246
@ -4,7 +4,7 @@
|
||||
SFIAB Website: http://www.sfiab.ca
|
||||
|
||||
Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
|
||||
Copyright (C) 2005 James Grant <james@lightbox.org>
|
||||
Copyright (C) 2005-2009 James Grant <james@lightbox.org>
|
||||
|
||||
This program is free software; you can redistribute it and/or
|
||||
modify it under the terms of the GNU General Public
|
||||
@ -62,7 +62,7 @@
|
||||
while($r=mysql_fetch_assoc($q)) {
|
||||
$vals = '';
|
||||
foreach($fields as $f) {
|
||||
$vals .= ",'".mysql_escape_string($r[$f])."'";
|
||||
$vals .= ",'".mysql_real_escape_string($r[$f])."'";
|
||||
}
|
||||
|
||||
mysql_query("INSERT INTO $table(`year`,$names) VALUES ('$newfairyear'$vals)");
|
||||
@ -93,10 +93,10 @@
|
||||
echo mysql_error();
|
||||
while($r=mysql_fetch_object($q))
|
||||
mysql_query("INSERT INTO dates (date,name,description,year) VALUES (
|
||||
'".mysql_escape_string($r->newdate)."',
|
||||
'".mysql_escape_string($r->name)."',
|
||||
'".mysql_escape_string($r->description)."',
|
||||
'".mysql_escape_string($newfairyear)."')");
|
||||
'".mysql_real_escape_string($r->newdate)."',
|
||||
'".mysql_real_escape_string($r->name)."',
|
||||
'".mysql_real_escape_string($r->description)."',
|
||||
'".mysql_real_escape_string($newfairyear)."')");
|
||||
|
||||
|
||||
//page text
|
||||
@ -105,12 +105,12 @@
|
||||
echo mysql_error();
|
||||
while($r=mysql_fetch_object($q))
|
||||
mysql_query("INSERT INTO pagetext (textname,textdescription,text,lastupdate,year,lang) VALUES (
|
||||
'".mysql_escape_string($r->textname)."',
|
||||
'".mysql_escape_string($r->textdescription)."',
|
||||
'".mysql_escape_string($r->text)."',
|
||||
'".mysql_escape_string($r->lastupdate)."',
|
||||
'".mysql_escape_string($newfairyear)."',
|
||||
'".mysql_escape_string($r->lang)."')");
|
||||
'".mysql_real_escape_string($r->textname)."',
|
||||
'".mysql_real_escape_string($r->textdescription)."',
|
||||
'".mysql_real_escape_string($r->text)."',
|
||||
'".mysql_real_escape_string($r->lastupdate)."',
|
||||
'".mysql_real_escape_string($newfairyear)."',
|
||||
'".mysql_real_escape_string($r->lang)."')");
|
||||
|
||||
echo i18n("Rolling project categories")."<br />";
|
||||
//project categories
|
||||
@ -118,12 +118,12 @@
|
||||
echo mysql_error();
|
||||
while($r=mysql_fetch_object($q))
|
||||
mysql_query("INSERT INTO projectcategories (id,category,category_shortform,mingrade,maxgrade,year) VALUES (
|
||||
'".mysql_escape_string($r->id)."',
|
||||
'".mysql_escape_string($r->category)."',
|
||||
'".mysql_escape_string($r->category_shortform)."',
|
||||
'".mysql_escape_string($r->mingrade)."',
|
||||
'".mysql_escape_string($r->maxgrade)."',
|
||||
'".mysql_escape_string($newfairyear)."')");
|
||||
'".mysql_real_escape_string($r->id)."',
|
||||
'".mysql_real_escape_string($r->category)."',
|
||||
'".mysql_real_escape_string($r->category_shortform)."',
|
||||
'".mysql_real_escape_string($r->mingrade)."',
|
||||
'".mysql_real_escape_string($r->maxgrade)."',
|
||||
'".mysql_real_escape_string($newfairyear)."')");
|
||||
|
||||
echo i18n("Rolling project divisions")."<br />";
|
||||
//project divisions
|
||||
@ -131,11 +131,11 @@
|
||||
echo mysql_error();
|
||||
while($r=mysql_fetch_object($q))
|
||||
mysql_query("INSERT INTO projectdivisions (id,division,division_shortform,cwsfdivisionid,year) VALUES (
|
||||
'".mysql_escape_string($r->id)."',
|
||||
'".mysql_escape_string($r->division)."',
|
||||
'".mysql_escape_string($r->division_shortform)."',
|
||||
'".mysql_escape_string($r->cwsfdivisionid)."',
|
||||
'".mysql_escape_string($newfairyear)."')");
|
||||
'".mysql_real_escape_string($r->id)."',
|
||||
'".mysql_real_escape_string($r->division)."',
|
||||
'".mysql_real_escape_string($r->division_shortform)."',
|
||||
'".mysql_real_escape_string($r->cwsfdivisionid)."',
|
||||
'".mysql_real_escape_string($newfairyear)."')");
|
||||
|
||||
echo i18n("Rolling project category-division links")."<br />";
|
||||
//project categories divisions links
|
||||
@ -143,9 +143,9 @@
|
||||
echo mysql_error();
|
||||
while($r=mysql_fetch_object($q))
|
||||
mysql_query("INSERT INTO projectcategoriesdivisions_link (projectdivisions_id,projectcategories_id,year) VALUES (
|
||||
'".mysql_escape_string($r->projectdivisions_id)."',
|
||||
'".mysql_escape_string($r->projectcategories_id)."',
|
||||
'".mysql_escape_string($newfairyear)."')");
|
||||
'".mysql_real_escape_string($r->projectdivisions_id)."',
|
||||
'".mysql_real_escape_string($r->projectcategories_id)."',
|
||||
'".mysql_real_escape_string($newfairyear)."')");
|
||||
|
||||
echo i18n("Rolling project sub-divisions")."<br />";
|
||||
//project subdivisions
|
||||
@ -153,10 +153,10 @@
|
||||
echo mysql_error();
|
||||
while($r=mysql_fetch_object($q))
|
||||
mysql_query("INSERT INTO projectsubdivisions (id,projectdivisions_id,subdivision,year) VALUES (
|
||||
'".mysql_escape_string($r->id)."',
|
||||
'".mysql_escape_string($r->projectsubdivisions_id)."',
|
||||
'".mysql_escape_string($r->subdivision)."',
|
||||
'".mysql_escape_string($newfairyear)."')");
|
||||
'".mysql_real_escape_string($r->id)."',
|
||||
'".mysql_real_escape_string($r->projectsubdivisions_id)."',
|
||||
'".mysql_real_escape_string($r->subdivision)."',
|
||||
'".mysql_real_escape_string($newfairyear)."')");
|
||||
|
||||
echo i18n("Rolling safety questions")."<br />";
|
||||
//safety questions
|
||||
@ -164,14 +164,28 @@
|
||||
echo mysql_error();
|
||||
while($r=mysql_fetch_object($q))
|
||||
mysql_query("INSERT INTO safetyquestions (question,type,required,ord,year) VALUES (
|
||||
'".mysql_escape_string($r->question)."',
|
||||
'".mysql_escape_string($r->type)."',
|
||||
'".mysql_escape_string($r->required)."',
|
||||
'".mysql_escape_string($r->ord)."',
|
||||
'".mysql_escape_string($newfairyear)."')");
|
||||
'".mysql_real_escape_string($r->question)."',
|
||||
'".mysql_real_escape_string($r->type)."',
|
||||
'".mysql_real_escape_string($r->required)."',
|
||||
'".mysql_real_escape_string($r->ord)."',
|
||||
'".mysql_real_escape_string($newfairyear)."')");
|
||||
|
||||
echo i18n("Unconfirming award sponsors")." <br />";
|
||||
mysql_query("UPDATE award_sponsors SET confirmed='no'");
|
||||
echo i18n("Rolling fundraising goals")." <br />";
|
||||
roll($currentfairyear, $newfairyear, "fundraising",
|
||||
array("type","name","description","system","goal"));
|
||||
|
||||
echo i18n("Rolling sponsorship levels")." <br />";
|
||||
roll($currentfairyear, $newfairyear, "sponsorship_levels",
|
||||
array("level","min","max","description"));
|
||||
|
||||
echo i18n("Rolling sponsorships")." <br />";
|
||||
roll($currentfairyear, $newfairyear, "sponsorships",
|
||||
array("sponsors_id","fundraising_type","value")); //no need to roll status or probability, because we're about to reset them..
|
||||
mysql_query("UPDATE sponsorships SET status='pending', probability=25 WHERE year='$newfairyear'");
|
||||
$q=mysql_query("SELECT * FROM sponsorships WHERE year='$newfairyear'");
|
||||
while($r=mysql_fetch_object($q)) {
|
||||
mysql_query("INSERT INTO sponsors_logs (sponsors_id,dt,users_id,log) VALUES ('$r->sponsors_id',NOW(),'{$_SESSION['auth_user_id']}','Fair year rollover - reset status=pending, probability=25\%')");
|
||||
}
|
||||
|
||||
echo i18n("Rolling awards")."<br />";
|
||||
//awards
|
||||
@ -179,20 +193,22 @@
|
||||
echo mysql_error();
|
||||
while($r=mysql_fetch_object($q))
|
||||
{
|
||||
mysql_query("INSERT INTO award_awards (award_sponsors_id,award_types_id,name,criteria,description,presenter,`order`,year,excludefromac,cwsfaward,external_identifier,external_postback,award_sources_id) VALUES (
|
||||
'".mysql_escape_string($r->award_sponsors_id)."',
|
||||
'".mysql_escape_string($r->award_types_id)."',
|
||||
'".mysql_escape_string($r->name)."',
|
||||
'".mysql_escape_string($r->criteria)."',
|
||||
'".mysql_escape_string($r->description)."',
|
||||
'".mysql_escape_string($r->presenter)."',
|
||||
'".mysql_escape_string($r->order)."',
|
||||
'".mysql_escape_string($newfairyear)."',
|
||||
'".mysql_escape_string($r->excludefromac)."',
|
||||
'".mysql_escape_string($r->cwsfaward)."',
|
||||
'".mysql_escape_string($r->external_identifier)."',
|
||||
'".mysql_escape_string($r->external_postaback)."',
|
||||
'".mysql_escape_string($r->award_sources_id)."'
|
||||
mysql_query("INSERT INTO award_awards (sponsors_id,award_types_id,name,criteria,description,presenter,`order`,year,excludefromac,cwsfaward,self_nominate,schedule_judges,external_identifier,external_postback,award_source_fairs_id) VALUES (
|
||||
'".mysql_real_escape_string($r->sponsors_id)."',
|
||||
'".mysql_real_escape_string($r->award_types_id)."',
|
||||
'".mysql_real_escape_string($r->name)."',
|
||||
'".mysql_real_escape_string($r->criteria)."',
|
||||
'".mysql_real_escape_string($r->description)."',
|
||||
'".mysql_real_escape_string($r->presenter)."',
|
||||
'".mysql_real_escape_string($r->order)."',
|
||||
'".mysql_real_escape_string($newfairyear)."',
|
||||
'".mysql_real_escape_string($r->excludefromac)."',
|
||||
'".mysql_real_escape_string($r->cwsfaward)."',
|
||||
'".mysql_real_escape_string($r->self_nominate)."',
|
||||
'".mysql_real_escape_string($r->schedule_judges)."',
|
||||
'".mysql_real_escape_string($r->external_identifier)."',
|
||||
'".mysql_real_escape_string($r->external_postaback)."',
|
||||
'".mysql_real_escape_string($r->award_source_fairs_id)."'
|
||||
)");
|
||||
$award_awards_id=mysql_insert_id();
|
||||
|
||||
@ -201,9 +217,9 @@
|
||||
while($r2=mysql_fetch_object($q2))
|
||||
{
|
||||
mysql_query("INSERT INTO award_awards_projectcategories (award_awards_id,projectcategories_id,year) VALUES (
|
||||
'".mysql_escape_string($award_awards_id)."',
|
||||
'".mysql_escape_string($r2->projectcategories_id)."',
|
||||
'".mysql_escape_string($newfairyear)."')");
|
||||
'".mysql_real_escape_string($award_awards_id)."',
|
||||
'".mysql_real_escape_string($r2->projectcategories_id)."',
|
||||
'".mysql_real_escape_string($newfairyear)."')");
|
||||
|
||||
}
|
||||
|
||||
@ -212,9 +228,9 @@
|
||||
while($r2=mysql_fetch_object($q2))
|
||||
{
|
||||
mysql_query("INSERT INTO award_awards_projectdivisions (award_awards_id,projectdivisions_id,year) VALUES (
|
||||
'".mysql_escape_string($award_awards_id)."',
|
||||
'".mysql_escape_string($r2->projectdivisions_id)."',
|
||||
'".mysql_escape_string($newfairyear)."')");
|
||||
'".mysql_real_escape_string($award_awards_id)."',
|
||||
'".mysql_real_escape_string($r2->projectdivisions_id)."',
|
||||
'".mysql_real_escape_string($newfairyear)."')");
|
||||
|
||||
}
|
||||
|
||||
@ -224,20 +240,20 @@
|
||||
while($r2=mysql_fetch_object($q2))
|
||||
{
|
||||
mysql_query("INSERT INTO award_prizes (award_awards_id,cash,scholarship,`value`,prize,number,`order`,year,excludefromac,trophystudentkeeper,trophystudentreturn,trophyschoolkeeper,trophyschoolreturn,external_identifier) VALUES (
|
||||
'".mysql_escape_string($award_awards_id)."',
|
||||
'".mysql_escape_string($r2->cash)."',
|
||||
'".mysql_escape_string($r2->scholarship)."',
|
||||
'".mysql_escape_string($r2->value)."',
|
||||
'".mysql_escape_string($r2->prize)."',
|
||||
'".mysql_escape_string($r2->number)."',
|
||||
'".mysql_escape_string($r2->order)."',
|
||||
'".mysql_escape_string($newfairyear)."',
|
||||
'".mysql_escape_string($r2->excludefromac)."',
|
||||
'".mysql_escape_string($r2->trophystudentkeeper)."',
|
||||
'".mysql_escape_string($r2->trophystudentreturn)."',
|
||||
'".mysql_escape_string($r2->trophyschoolkeeper)."',
|
||||
'".mysql_escape_string($r2->trophyschoolreturn)."',
|
||||
'".mysql_escape_string($r2->external_identifier)."'
|
||||
'".mysql_real_escape_string($award_awards_id)."',
|
||||
'".mysql_real_escape_string($r2->cash)."',
|
||||
'".mysql_real_escape_string($r2->scholarship)."',
|
||||
'".mysql_real_escape_string($r2->value)."',
|
||||
'".mysql_real_escape_string($r2->prize)."',
|
||||
'".mysql_real_escape_string($r2->number)."',
|
||||
'".mysql_real_escape_string($r2->order)."',
|
||||
'".mysql_real_escape_string($newfairyear)."',
|
||||
'".mysql_real_escape_string($r2->excludefromac)."',
|
||||
'".mysql_real_escape_string($r2->trophystudentkeeper)."',
|
||||
'".mysql_real_escape_string($r2->trophystudentreturn)."',
|
||||
'".mysql_real_escape_string($r2->trophyschoolkeeper)."',
|
||||
'".mysql_real_escape_string($r2->trophyschoolreturn)."',
|
||||
'".mysql_real_escape_string($r2->external_identifier)."'
|
||||
)");
|
||||
}
|
||||
}
|
||||
@ -248,10 +264,10 @@
|
||||
echo mysql_error();
|
||||
while($r=mysql_fetch_object($q))
|
||||
mysql_query("INSERT INTO award_types (id,type,`order`,year) VALUES (
|
||||
'".mysql_escape_string($r->id)."',
|
||||
'".mysql_escape_string($r->type)."',
|
||||
'".mysql_escape_string($r->order)."',
|
||||
'".mysql_escape_string($newfairyear)."')");
|
||||
'".mysql_real_escape_string($r->id)."',
|
||||
'".mysql_real_escape_string($r->type)."',
|
||||
'".mysql_real_escape_string($r->order)."',
|
||||
'".mysql_real_escape_string($newfairyear)."')");
|
||||
|
||||
echo i18n("Rolling schools")."<br />";
|
||||
//award types
|
||||
@ -259,31 +275,31 @@
|
||||
echo mysql_error();
|
||||
while($r=mysql_fetch_object($q))
|
||||
mysql_query("INSERT INTO schools (school,schoollang,schoollevel,board,district,phone,fax,address,city,province_code,postalcode,principal,schoolemail,sciencehead,scienceheademail,scienceheadphone,accesscode,lastlogin,junior,intermediate,senior,registration_password,projectlimit,projectlimitper,year) VALUES (
|
||||
'".mysql_escape_string($r->school)."',
|
||||
'".mysql_escape_string($r->schoollang)."',
|
||||
'".mysql_escape_string($r->schoollevel)."',
|
||||
'".mysql_escape_string($r->board)."',
|
||||
'".mysql_escape_string($r->district)."',
|
||||
'".mysql_escape_string($r->phone)."',
|
||||
'".mysql_escape_string($r->fax)."',
|
||||
'".mysql_escape_string($r->address)."',
|
||||
'".mysql_escape_string($r->city)."',
|
||||
'".mysql_escape_string($r->province_code)."',
|
||||
'".mysql_escape_string($r->postalcode)."',
|
||||
'".mysql_escape_string($r->principal)."',
|
||||
'".mysql_escape_string($r->schoolemail)."',
|
||||
'".mysql_escape_string($r->sciencehead)."',
|
||||
'".mysql_escape_string($r->scienceheademail)."',
|
||||
'".mysql_escape_string($r->scienceheadphone)."',
|
||||
'".mysql_escape_string($r->accesscode)."',
|
||||
'".mysql_real_escape_string($r->school)."',
|
||||
'".mysql_real_escape_string($r->schoollang)."',
|
||||
'".mysql_real_escape_string($r->schoollevel)."',
|
||||
'".mysql_real_escape_string($r->board)."',
|
||||
'".mysql_real_escape_string($r->district)."',
|
||||
'".mysql_real_escape_string($r->phone)."',
|
||||
'".mysql_real_escape_string($r->fax)."',
|
||||
'".mysql_real_escape_string($r->address)."',
|
||||
'".mysql_real_escape_string($r->city)."',
|
||||
'".mysql_real_escape_string($r->province_code)."',
|
||||
'".mysql_real_escape_string($r->postalcode)."',
|
||||
'".mysql_real_escape_string($r->principal)."',
|
||||
'".mysql_real_escape_string($r->schoolemail)."',
|
||||
'".mysql_real_escape_string($r->sciencehead)."',
|
||||
'".mysql_real_escape_string($r->scienceheademail)."',
|
||||
'".mysql_real_escape_string($r->scienceheadphone)."',
|
||||
'".mysql_real_escape_string($r->accesscode)."',
|
||||
NULL,
|
||||
'".mysql_escape_string($r->junior)."',
|
||||
'".mysql_escape_string($r->intermediate)."',
|
||||
'".mysql_escape_string($r->senior)."',
|
||||
'".mysql_escape_string($r->registration_password)."',
|
||||
'".mysql_escape_string($r->projectlimit)."',
|
||||
'".mysql_escape_string($r->projectlimitper)."',
|
||||
'".mysql_escape_string($newfairyear)."')");
|
||||
'".mysql_real_escape_string($r->junior)."',
|
||||
'".mysql_real_escape_string($r->intermediate)."',
|
||||
'".mysql_real_escape_string($r->senior)."',
|
||||
'".mysql_real_escape_string($r->registration_password)."',
|
||||
'".mysql_real_escape_string($r->projectlimit)."',
|
||||
'".mysql_real_escape_string($r->projectlimitper)."',
|
||||
'".mysql_real_escape_string($newfairyear)."')");
|
||||
|
||||
echo i18n("Rolling questions")."<br />";
|
||||
$q = mysql_query("SELECT * FROM questions WHERE year='$currentfairyear'");
|
||||
@ -291,12 +307,12 @@
|
||||
mysql_query("INSERT INTO questions (id,year,section,db_heading,question,type,required,ord) VALUES (
|
||||
'',
|
||||
'$newfairyear',
|
||||
'".mysql_escape_string($r->section)."',
|
||||
'".mysql_escape_string($r->db_heading)."',
|
||||
'".mysql_escape_string($r->question)."',
|
||||
'".mysql_escape_string($r->type)."',
|
||||
'".mysql_escape_string($r->required)."',
|
||||
'".mysql_escape_string($r->ord)."')");
|
||||
'".mysql_real_escape_string($r->section)."',
|
||||
'".mysql_real_escape_string($r->db_heading)."',
|
||||
'".mysql_real_escape_string($r->question)."',
|
||||
'".mysql_real_escape_string($r->type)."',
|
||||
'".mysql_real_escape_string($r->required)."',
|
||||
'".mysql_real_escape_string($r->ord)."')");
|
||||
|
||||
echo i18n("Rolling registration fee items")."<br />";
|
||||
//regfee items
|
||||
|
||||
Loading…
Reference in New Issue
Block a user