Add weekend Network 10
[bus.git] / betweenpoint.submit.php
blob:a/betweenpoint.submit.php -> blob:b/betweenpoint.submit.php
--- a/betweenpoint.submit.php
+++ b/betweenpoint.submit.php
@@ -5,9 +5,9 @@
   exit;

 }

 print_r($_REQUEST);

-$reverse=$_REQUEST["reverse"];

-$from=$_REQUEST["from"];

-$to=$_REQUEST["to"];

+$reverse=(isset($_REQUEST["reverse"]) ? $_REQUEST["reverse"] : "off");

+$from=pg_escape_string($_REQUEST["from"]);

+$to=pg_escape_string($_REQUEST["to"]);

 $routes=$_REQUEST["routes"] ;

 $points=$_REQUEST["between_points"];

    $sql = "INSERT INTO between_stops (fromLocation, toLocation, points, routes) VALUES('$from','$to','$points','$routes')";

@@ -16,9 +16,11 @@
          echo("Error in SQL query: " . pg_last_error() ."<br>\n");

      }

      if ($reverse === "on") {

-	$p = implode(";",array_reverse(explode(";",$points))).";";

-	$points = str_replace(";","",$p,1);

-$sql = "INSERT INTO between_stops ( toLocation, fromLocation, points, routes) VALUES('$from','$to','$points','$routes')";

+	$ep = explode(";",$points);

+	$epr = array_reverse($ep); 

+	$p = implode(";",$epr).";";

+	$pointsString = substr($p,1);

+$sql = "INSERT INTO between_stops ( toLocation, fromLocation, points, routes) VALUES('$from','$to','$pointsString','$routes')";

 $result = pg_query($conn, $sql);

      if (!$result) {

          echo("Error in SQL query: " . pg_last_error() ."<br>\n");