$candidate = mysql_fetch_array($result, MYSQL_ASSOC); $submit = trim($_REQUEST['submit']); $from = trim($_REQUEST['from']); $reply_to = JB_clean_str(trim($_REQUEST['reply_to'])); $message = JB_clean_str(trim($_REQUEST['message'])); if ($submit != '') { if ($from == '') { $error .= $label["employer_request_details_error_msg1"] . "<br>"; } elseif (!JB_validate_mail($reply_to)) { $error .= $label["employer_request_details_error_msg3"] . "<br> "; } if ($reply_to == '') { $error .= $label["employer_request_details_error_msg2"] . "<br>"; } if (JB_request_was_made($candidate['ID'], $_SESSION['JB_ID']) == false && $error == '') { jb_add_new_request($candidate['ID'], $_SESSION['JB_ID'], 'REQUEST', $message); JB_mysql_query($sql) or die(mysql_error()); $result = JB_mysql_query("SELECT * from `employers` where `ID`='" . $_SESSION['JB_ID'] . "' ") or die(mysql_error()); $employer = mysql_fetch_array($result, MYSQL_ASSOC); $result = JB_get_email_template(4, $_SESSION['LANG']); $e_row = mysql_fetch_array($result, MYSQL_ASSOC); $EmailMessage = $e_row['EmailText']; //$from = $e_row[EmailFromAddress]; //$from_name = $e_row[EmailFromName]; $subject = $e_row['EmailSubject']; $EmailMessage = str_replace("%FNAME%", $candidate['FirstName'], $EmailMessage); $EmailMessage = str_replace("%LNAME%", $candidate['LastName'], $EmailMessage); $EmailMessage = str_replace("%EMPLOYER_NAME%", JB_clean_str($_REQUEST['from']), $EmailMessage); $EmailMessage = str_replace("%REPLY_TO%", JB_clean_str($_REQUEST['reply_to']), $EmailMessage); $EmailMessage = str_replace("%PERMIT_LINK%", JB_BASE_HTTP_PATH . JB_CANDIDATE_FOLDER . "permit.php?k=" . $key, $EmailMessage); $EmailMessage = str_replace("%SITE_NAME%", JB_SITE_NAME, $EmailMessage);
function JB_grant_request($candidate_id, $employer_id) { $now = gmdate("Y-m-d H:i:s"); $sql = "UPDATE `requests` SET request_status='GRANTED', request_date='" . $now . "' WHERE candidate_id='" . jb_escape_sql($candidate_id) . "' AND employer_id='" . jb_escape_sql($employer_id) . "' "; JB_mysql_query($sql) or die(mysql_error()); if (jb_mysql_affected_rows() == 0) { $sql = "SELECT request_id FROM `requests` WHERE candidate_id='" . jb_escape_sql($candidate_id) . "' AND employer_id='" . jb_escape_sql($employer_id) . "'"; jb_add_new_request($candidate_id, $employer_id, 'GRANTED'); } }