$query = "SELECT jobs.title, employers.name \n FROM jobs \n LEFT JOIN employers ON employers.id = jobs.employer \n WHERE jobs.id = " . $_POST['qr_job_id'] . " LIMIT 1";
$result = $mysqli->query($query);
$job = 'Unknown Job';
$employer = 'Unknown Employer';
if (count($result) > 0 && !is_null($result)) {
$job = $result[0]['title'];
$employer = $result[0]['name'];
}
// 2. construct testimony
$testimony = 'Experiences and Skillsets:<br/>' . sanitize($_POST['testimony_answer_1']) . '<br/><br/>';
$testimony .= 'Meet Requirements: ' . $_POST['meet_req'] . '<br/>Additional Comments:<br/>' . sanitize($_POST['testimony_answer_2']) . '<br/><br/>';
$testimony .= 'Personality/Work Attitude:<br/>' . sanitize($_POST['testimony_answer_3']) . '<br/><br/>';
$testimony .= 'Additional Recommendations: ' . (empty($_POST['testimony_answer_4']) ? 'None provided' : sanitize($_POST['testimony_answer_4']));
// 3. check whether candidate email is already in the system
$is_friend = true;
$query = "SELECT COUNT(*) AS is_referee \n FROM member_referees \n WHERE member = '" . $member->id() . "' AND\n referee = '" . $candidate_email . "'";
$result = $mysqli->query($query);
if ($result[0]['is_referee'] <= 0) {
// not a friend
$is_friend = false;
$query = "SELECT COUNT(*) AS is_member \n FROM members \n WHERE email_addr = '" . $candidate_email . "'";
$result = $mysqli->query($query);
if ($result[0]['is_member'] >= 1) {
// The given email is a member, but not in the member's candidates list.
// - Will need to wait for approval before the referral can be viewed.
if (!$member->create_referee($candidate_email)) {
?>
<script type="text/javascript">top.stop_quick_refer_upload('-2');</script><?php
exit;
}
} else {
$lines = file(dirname(__FILE__) . '/../private/mail/member_password_reset_admin.txt');
$message = '';
foreach ($lines as $line) {
$message .= $line;
}
$message = str_replace('%temporary_password%', $new_password, $message);
$subject = "Member Password Reset";
$headers = 'From: YellowElevator.com <*****@*****.**>' . "\n";
mail($_POST['id'], $subject, $message, $headers);
echo 'ok';
exit;
}
if ($_POST['action'] == 'activate') {
$member = new Member($_POST['id']);
$data = array();
$data['password'] = md5($member->id());
$data['active'] = 'Y';
if (!$member->update($data, true)) {
echo "ko";
exit;
}
$lines = file(dirname(__FILE__) . '/../private/mail/member_reactivated_admin.txt');
$message = '';
foreach ($lines as $line) {
$message .= $line;
}
$subject = "Membership Re-activated";
$headers = 'From: YellowElevator.com <*****@*****.**>' . "\n";
mail($_POST['id'], $subject, $message, $headers);
// $handle = fopen('/tmp/email_to_'. $_POST['id']. '.txt', 'w');
// fwrite($handle, 'Subject: '. $subject. "\n\n");
$lines = file(dirname(__FILE__) . '/../private/mail/member_referred_new.txt');
$message = '';
foreach ($lines as $line) {
$message .= $line;
}
$positions = '';
$i = 0;
foreach ($jobs as $job) {
$positions .= '- ' . desanitize($job['job']) . ' at ' . desanitize($job['employer']);
if ($i < count($jobs) - 1) {
$positions .= "\n";
}
$i++;
}
$message = str_replace('%member_name%', htmlspecialchars_decode(desanitize($member->get_name())), $message);
$message = str_replace('%member_email_addr%', $member->id(), $message);
$message = str_replace('%referee_email_addr%', $_POST['referee'], $message);
$message = str_replace('%protocol%', $GLOBALS['protocol'], $message);
$message = str_replace('%root%', $GLOBALS['root'], $message);
$message = str_replace('%positions%', $positions, $message);
$subject = "You Have Been Referred";
$headers = 'From: YellowElevator.com <*****@*****.**>' . "\n";
mail($_POST['referee'], $subject, $message, $headers);
echo '-3';
exit;
}
}
}
$referral_id = 0;
$data = array();
if (isset($_POST['referral_id'])) {
$message = str_replace('%recommender_email_addr%', $_POST['recommender_email'], $message);
$message = str_replace('%activation_id%', $activation_id, $message);
$message = str_replace('%password%', $new_password, $message);
$message = str_replace('%protocol%', $GLOBALS['protocol'], $message);
$message = str_replace('%root%', $GLOBALS['root'], $message);
$subject = "Member Activation Required";
$headers = 'From: YellowElevator.com <*****@*****.**>' . "\n";
mail($buffer['candidate_email_addr'], $subject, $message, $headers);
// $handle = fopen('/tmp/email_to_'. $buffer['candidate_email_addr']. '_token.txt', 'w');
// fwrite($handle, 'Subject: '. $subject. "\n\n");
// fwrite($handle, $message);
// fclose($handle);
// add yellow elevator as default contact and pre-approve
$employee = new Employee($_POST['user_id']);
$branch = $employee->get_branch();
$query = "INSERT INTO member_referees SET \n `member` = '" . $member->id() . "', \n `referee` = 'team." . strtolower($branch[0]['country_code']) . "@yellowelevator.com', \n `referred_on` = '" . $joined_on . "', \n `approved` = 'Y'; \n INSERT INTO member_referees SET \n `referee` = '" . $member->id() . "', \n `member` = 'team." . strtolower($branch[0]['country_code']) . "@yellowelevator.com', \n `referred_on` = '" . $joined_on . "', \n `approved` = 'Y'";
if (!$mysqli->transact($query)) {
$default_contact_adding_error = true;
}
} else {
echo '-4';
// failed to create token
exit;
}
} else {
echo '-3';
// failed to create member
exit;
}
} else {
echo '-5';
$member = new Member($email_addr);
$data = array();
$data['active'] = 'Y';
if (!$member->update($data)) {
echo 'Activation failed: Cannot activate member.';
exit;
}
$query = "DELETE FROM member_activation_tokens \n WHERE id = '" . $activation_id . "'";
$mysqli->execute($query);
$mail_lines = file('../private/mail/member_welcome.txt');
$message = '';
foreach ($mail_lines as $line) {
$message .= $line;
}
$message = str_replace('%member_name%', $member->get_name(), $message);
$message = str_replace('%email_addr%', $member->id(), $message);
$message = str_replace('%protocol%', $GLOBALS['protocol'], $message);
$message = str_replace('%root%', $GLOBALS['root'], $message);
$subject = "Welcome to YellowElevator.com";
$headers = 'From: YellowElevator.com <*****@*****.**>' . "\n";
mail($member->id(), $subject, $message, $headers);
// $handle = fopen('/tmp/email_to_'. $member->id(). '.txt', 'w');
// fwrite($handle, 'Subject: '. $subject. "\n\n");
// fwrite($handle, $message);
// fclose($handle);
// continue all bufferred referrals
$query = "SELECT * FROM privileged_referral_buffers WHERE referee = '" . $member->id() . "'";
$result = $mysqli->query($query);
if (!empty($result)) {
$referrals = $result;
$query = '';
$is_replacement = false;
$is_free_replacement = false;
$previous_referral = '0';
$previous_invoice = '0';
// 1. Update the referral to employed
$query = "SELECT referrals.employer_agreed_terms_on, \n referrals.member, referrals.referee, jobs.title \n FROM referrals \n LEFT JOIN jobs ON jobs.id = referrals.job \n WHERE referrals.id = " . $_POST['id'];
$not_agreed_terms_yet = false;
$mysqli = Database::connect();
$result = $mysqli->query($query);
if (empty($result[0]['employer_agreed_terms_on']) || is_null($result[0]['employer_agreed_terms_on'])) {
$not_agreed_terms_yet = true;
}
$member = new Member($result[0]['member']);
$referee = new Member($result[0]['referee']);
$job_title = $result[0]['title'];
$irc_id = $member->is_IRC() ? $member->id() : NULL;
$total_reward = Referral::calculate_total_reward_from($_POST['salary'], $_POST['employer'], $irc_id);
$total_token_reward = $total_reward * 0.3;
$total_reward_to_referrer = $total_reward - $total_token_reward;
$data = array();
$data['id'] = $_POST['id'];
$data['employed_on'] = now();
$data['work_commence_on'] = $_POST['commence'];
$data['salary_per_annum'] = $_POST['salary'];
$data['total_reward'] = $total_reward_to_referrer;
$data['total_token_reward'] = $total_token_reward;
$data['used_suggested'] = $_POST['used_suggested'];
$data['guarantee_expire_on'] = Referral::get_guarantee_expiry_date_from($_POST['salary'], $_POST['employer'], $today);
if ($not_agreed_terms_yet) {
$data['employer_agreed_terms_on'] = $data['employed_on'];
}
<?php
require_once dirname(__FILE__) . "/../private/lib/utilities.php";
require_once dirname(__FILE__) . $GLOBALS['openinviter_path'] . "/openinviter.php";
session_start();
if (!isset($_POST['id'])) {
echo 'ko';
exit;
//redirect_to('login.php');
}
$xml_dom = new XMLDOM();
if (!isset($_POST['action'])) {
$member = new Member($_POST['id'], $_SESSION['yel']['member']['sid']);
$email_addresses = $_POST['email_addresses'];
$header = 'From: ' . $member->id() . "\n" . 'Reply-To: ' . $member->id();
$subject = $member->get_name() . ' writing on behalf of Yellow Elevator - a job referral system';
$lines = file(dirname(__FILE__) . '/../private/mail/member_tell_a_friend.txt');
$message = '';
foreach ($lines as $line) {
$message .= $line;
}
$message = str_replace('%member_name%', htmlspecialchars_decode($member->get_name()), $message);
$message = str_replace('%member_email_addr%', $member->id(), $message);
$message = str_replace('%message%', stripslashes(urldecode($_POST['message'])), $message);
$message = str_replace('%protocol%', $GLOBALS['protocol'], $message);
$message = str_replace('%root%', $GLOBALS['root'], $message);
if (!mail($email_addresses, $subject, $message, $header)) {
echo 'ko';
exit;
}
echo 'ok';
require_once dirname(__FILE__) . "/../private/lib/utilities.php";
session_start();
if ($GLOBALS['protocol'] == 'https') {
if (empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'off') {
redirect_to('https://' . $GLOBALS['root'] . '/members/resume_viewer.php?id=' . $_GET['id']);
exit;
}
}
if (!isset($_SESSION['yel']['member']) || empty($_SESSION['yel']['member']['id']) || empty($_SESSION['yel']['member']['sid']) || empty($_SESSION['yel']['member']['hash'])) {
echo "An illegal attempt to view resume has been detected.";
exit;
}
$resume = new Resume(0, $_GET['id']);
$cover = $resume->get();
$member = new Member($cover[0]['member']);
$query = "SELECT COUNT(*) AS has_photo \n FROM member_photos \n WHERE member = '" . $member->id() . "'";
$mysqli = Database::connect();
$result = $mysqli->query($query);
$has_photo = false;
if ($result[0]['has_photo'] > 0) {
$has_photo = true;
}
if (!is_null($cover[0]['file_name'])) {
if ($has_photo) {
?>
<div style="text-align: center;">
<a href="http://<?php
echo $GLOBALS['root'] . '/members/resume.php?id=' . $_GET['id'];
?>
">
Click here to download the resume.
echo '-1';
// failed to create new recommender
exit;
}
}
// 3. make the member privileged
// 3.1 check whether is the member active?
// if not, reset the password to the email and set flag to send email, and make member active.
// 3.2 make the recommender field to use the $branch
$send_password_reset_email = false;
$member_data = array();
$member_data['recommender'] = $branch;
$member_data['added_by'] = $employee->id();
$member = new Member($_POST['member']);
if (!$member->is_active()) {
$member_data['password'] = md5($member->id());
$member_data['active'] = 'Y';
$send_password_reset_email = true;
}
if ($member->update($member_data, true) === false) {
echo '-2';
// failed to activate member
exit;
}
// 4. make this $branch as default friend
// 4.1 if such a relationship does not exist, add and pre-approve it.
$contact_adding_error = false;
$query = "SELECT approved FROM member_referees \n WHERE member = '" . $member->id() . "' AND \n referee = '" . $branch . "'";
$result = $mysqli->query($query);
if (is_null($result[0]['approved'])) {
// add
echo "ko";
exit;
}
$referee = new Member($_POST['referee']);
$mail_lines = file('../private/mail/member_approval.txt');
$message = '';
foreach ($mail_lines as $line) {
$message .= $line;
}
$message = str_replace('%member_name%', $member->get_name(), $message);
$message = str_replace('%referee_name%', $referee->get_name(), $message);
$message = str_replace('%protocol%', $GLOBALS['protocol'], $message);
$message = str_replace('%root%', $GLOBALS['root'], $message);
$subject = desanitize($member->get_name()) . " added you as a contact. Your approval is required.";
$headers = 'From: YellowElevator.com <*****@*****.**>' . "\n";
mail($referee->id(), $subject, $message, $headers);
echo "ok";
exit;
}
if ($_POST['action'] == 'get_referee_networks') {
$query = "SELECT member_networks.id AS network_id, industries.industry FROM industries \n LEFT JOIN member_networks ON industries.id = member_networks.industry \n LEFT JOIN member_networks_referees ON member_networks.id = member_networks_referees.network \n WHERE member_networks_referees.referee = " . $_POST['id'];
$mysqli = Database::connect();
$result = $mysqli->query($query);
if (count($result) >= 0) {
$response = array('networks' => array('network' => $result));
header('Content-type: text/xml');
echo $xml_dom->get_xml_from_array($response);
exit;
}
echo "ko";
exit;
