-
Notifications
You must be signed in to change notification settings - Fork 0
/
fitlogdelete.php
executable file
·129 lines (116 loc) · 4.18 KB
/
fitlogdelete.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
<?php
/* File: fitlogdelete.php
Desciption: Implementation file for the actual deleting of workouts.
Author: Eric A. Bonney
Date: February 16, 2009
Updated: February 27, 2009
December 2009 - Removed all Wordpress items and reworked to work as a stand alone script.
*/
require_once "includes/db.inc";
require_once "HTML/Template/IT.php";
require_once "Date.php";
require_once 'Calendar/Month/Weekdays.php';
require_once 'Calendar/Decorator.php';
require_once "fitlogfunc.php";
$delete_date = $_GET["del_date"];
$activity = $_GET["activity"];
$source = $_GET["source"];
$exercise_type_id = $_GET["exercise_type_id"];
$exercise_id = $_GET["strid"];
$type = $_GET["type"];
switch( $type )
{
case "Actual":
$planType = 'a';
break;
case "Planned":
$planType = 'p';
break;
default:
$planType = 'a';
break;
}
session_start();
// Get a connection to the database.
if( !($connection = @mysql_connect( $hostName, $username, $password ) ) )
die( "Could not connect to database" );
// Now that we are connected, select the correct database.
if( !mysql_select_db( $databaseName, $connection ) )
showerror();
//See if we have an authenticated user, if so, setup the appropriate message.
if( isset( $_SESSION["loggedinUserName"] ) )
{
$userID = getUserID( $connection );
// See what the user is attempting to delete.
switch ( $source )
{
case "workouts":
// Build and run the query per the users request.
switch ( $activity )
{
case 'a':
$query = "DELETE FROM flmain WHERE user_id={$userID} AND workout_date='" . $delete_date . "' AND plan_type='" . $planType . "'";
$query1 = "DELETE FROM flblog WHERE user_id={$userID} AND blog_date='" . $delete_date . "'";
$results = @ mysql_query( $query, $connection );
$results = @ mysql_query( $query1, $connection );
break;
case 's':
case 'b':
case 'r':
$query = "DELETE FROM flmain WHERE user_id={$userID} AND sbr_type='" . $activity . "' AND workout_date='" . $delete_date . "' AND plan_type='" . $planType . "'";
$results = @ mysql_query( $query, $connection );
break;
}
// Send user to the workoutview page.
header( "Location: workoutview.php" );
break;
case "exercise_type":
$query = "DELETE FROM flexercise_type WHERE user_id={$userID} AND exercise_type_id={$exercise_type_id}";
$results = @ mysql_query( $query, $connection );
// Send user to the exercise page.
header( "Location: exercises.php" );
break;
case "strength":
switch( $activity )
{
case 'a':
/* First get all the strength exercise ids for this date
for this user. */
$query = "SELECT exercises_id FROM flstrength WHERE user_id={$userID} AND plan_type='" . $planType . "' AND workout_date='" . $delete_date . "'";
$resultIDs = @ mysql_query( $query, $connection );
while( $row = mysql_fetch_array( $resultIDs ) )
{
/* Delete all the records in flexercises for this ID for this user. */
$query = "DELETE FROM flexercises WHERE exercises_id={$row["exercises_id"]}";
$result = @ mysql_query( $query, $connection );
/* Now delete the record in flstrength for this ID for this user */
$query = "DELETE FROM flstrength WHERE user_id={$userID} AND exercises_id={$row["exercises_id"]}";
@ mysql_query( $query, $connection );
}
break;
case 's':
/* Delete all the records in flexercises for this ID for this user. */
$query = "DELETE FROM flexercises WHERE exercises_id={$exercise_id}";
$result = @ mysql_query( $query, $connection );
/* Now delete the record in flstrength for this ID for this user */
$query = "DELETE FROM flstrength WHERE user_id={$userID} AND exercises_id={$exercise_id}";
@ mysql_query( $query, $connection );
break;
}
// Send the user to the strength page.
header( "Location: strengthview.php" );
break;
}
exit;
}
else
{
//Seems the user has attempted to navigate directly to the dashboard without
//logging in. Send them to the logout page with an error message.
$_SESSION["headerMessage"] = "Error!!";
$_SESSION["message"] = "You must first log into the system before you can view the page.";
// Send user to the logout page.
header( "Location: logout.php" );
exit;
}
?>