require "../config.php"; include 'login_functions.php'; JB_process_login(); JB_template_employers_header(); $cancel = (int) $_REQUEST['cancel']; $action = $_REQUEST['action']; $package_id = (int) $_REQUEST['package_id']; // set fees flag if (JB_POSTING_FEE_ENABLED == 'YES' || JB_PREMIUM_POSTING_FEE_ENABLED == 'YES') { $_FEES_ENABLED = "YES"; } if ($cancel_id != '') { JB_void_package_invoice($cancel_id); } if ($_FEES_ENABLED == "YES") { $posts_num = JB_get_num_posts_remaining($_SESSION['JB_ID']); $p_posts_num = JB_get_num_premium_posts_remaining($_SESSION['JB_ID']); ?> <table style="margin: 0 auto; width:90%; border:0px" cellpadding="10" cellspacing="0" > <tr> <td style="width: 50%" valign="top"> <!-- left col --> <?php if (JB_POSTING_FEE_ENABLED == "YES" && $posts_num > -1) { ?> <h3><?php echo $label['package_std_head']; ?> </h3>
function JB_validate_post_data($insert_mode = 'EMPLOYER') { global $label; $error = ''; $errors = array(); /* Only check for credits if posted by employer */ if ($insert_mode == 'EMPLOYER' && $_REQUEST['post_id'] == false) { $sql = "select * from employers where ID='" . jb_escape_sql($_SESSION['JB_ID']) . "'"; $result = JB_mysql_query($sql) or die(mysql_error()); $row = mysql_fetch_array($result, MYSQL_ASSOC); $_PRIVILEGED_USER = JB_is_privileged_user($_SESSION['JB_ID'], $_REQUEST['post_mode']); if ($_REQUEST['type'] != 'premium') { if (JB_POSTING_FEE_ENABLED == 'YES' && !$_PRIVILEGED_USER) { // check standard credits $posts = JB_get_num_posts_remaining($_SESSION['JB_ID']); if ($posts < 1 && $posts != -1) { $errors[] = $label['post_no_credits']; return $errors; } } } else { if (JB_PREMIUM_POSTING_FEE_ENABLED == 'YES' && !$_PRIVILEGED_USER) { // check standard credits $p_posts = JB_get_num_premium_posts_remaining($_SESSION['JB_ID']); if ($p_posts < 1 && $p_posts != -1) { $errors[] = $label['post_no_credits']; return $errors; } } } } if ($insert_mode != 'EMPLOYER') { $_PRIVILEGED_USER = true; } // Make sure they are numeric if ($_REQUEST['post_id'] != '') { if (!is_numeric($_REQUEST['post_id'])) { return 'Invalid Input!'; } } if ($_REQUEST['user_id'] != '') { if (!is_numeric($_REQUEST['user_id'])) { return 'Invalid Input!'; } } if ($_REQUEST['pin_x'] != '') { if (!is_numeric($_REQUEST['pin_x'])) { return 'Invalid Input!'; } } if ($_REQUEST['pin_y'] != '') { if (!is_numeric($_REQUEST['pin_y'])) { return 'Invalid Input!'; } } // app_type and app_url if ($_REQUEST['app_type'] == 'R') { // check the url. $_REQUEST['app_url'] = trim($_REQUEST['app_url']); $_REQUEST['app_url'] = JB_clean_str($_REQUEST['app_url']); if ($_REQUEST['app_url'] == false) { $errors[] = $label['post_save_app_url_blank']; } elseif (strpos($_REQUEST['app_url'], 'http://') === false && strpos($_REQUEST['app_url'], 'https://') === false) { $errors[] = $label['post_save_app_url_bad']; } } // clean any undesired input, leave nothing to chance $_REQUEST['post_date'] = JB_clean_str($_REQUEST['post_date']); $_REQUEST['post_mode'] = JB_clean_str($_REQUEST['post_mode']); $_REQUEST['approved'] = JB_clean_str($_REQUEST['approved']); $_REQUEST['expired'] = JB_clean_str($_REQUEST['expired']); $error = ''; JBPLUG_do_callback('validate_post_data', $error); // deprecated, use validate_post_data_array if ($error) { $list = explode('<br>', $error); foreach ($list as $item) { $errors[] = $item; } } JBPLUG_do_callback('validate_post_data_array', $errors); // added in 3.6.6 //append errors $errors = $errors + JB_validate_form_data(1); return $errors; }
function display_standard_credit_balance() { global $label; $posts = JB_get_num_posts_remaining($_SESSION['JB_ID']); $str = self::get_no_std_posts_subscr_msg(); if ($posts == 0) { ?> - <?php echo $label['std_post_post_no_credits'] . ' ' . $str; ?> <br> <?php } else { if ($posts == -1) { $label['std_post_post_balance'] = $label['std_post_unlimited']; } $label['std_post_post_balance'] = str_replace("%POSTS%", $posts, $label['std_post_post_balance']); ?> - <?php echo $label['std_post_post_balance']; ?> <br> |_ <a href="post.php"><img border="0" align="middle" alt="post" src="<?php echo JB_THEME_URL; ?> images/Postit-large.gif"> <?php echo $label['std_post_post']; ?> </a> <br> <?php } }