$JBMarkup->body_open('style="background-color:white"');
$submit = JB_clean_str($_REQUEST['submit']);
$post_id = (int) $_REQUEST['post_id'];
$url = JB_clean_str($_REQUEST['url']);
// Assume quotes is always On, we need to strip slashes.
$subject = JB_clean_str(stripslashes($_REQUEST['subject']));
$message = JB_clean_str(stripslashes($_REQUEST['message']));
$your_name = JB_clean_str(stripslashes($_REQUEST['your_name']));
$your_email = JB_clean_str(stripslashes($_REQUEST['your_email']));
$to_email = JB_clean_str(stripslashes($_REQUEST['to_email']));
$to_name = JB_clean_str(stripslashes($_REQUEST['to_name']));
if (strlen(trim($to_name)) == 0) {
$to_name = $to_email;
}
if (strlen(trim($your_name)) == 0) {
$your_name = JB_get_formatted_name($_SESSION['JB_FirstName'], $_SESSION['JB_LastName']);
}
if (strlen(trim($your_email)) == 0) {
//$your_email =
$sql = "SELECT Email from users WHERE ID='" . jb_escape_sql($_SESSION['JB_ID']) . "'";
$result = jb_mysql_query($sql);
if (mysql_num_rows($result)) {
$your_email = array_pop(mysql_fetch_row($result));
}
}
if ($submit != '') {
if ($your_email == '') {
$error .= $label['taf_email_blank'] . " <br>";
} elseif (!JB_validate_mail($your_email)) {
$error .= $label['taf_email_invalid'] . "<br>";
}
echo "Processing new list<br><br>";
echo mysql_num_rows($result) . " emails to send in this list to:" . $letter_row['to'] . "<br>";
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
echo "Sending to: " . JB_get_formatted_name($row['FirstName'], $row['LastName']) . " <br>";
if (JB_validate_mail($row['Email'])) {
// send the sucker
$msg = str_replace("%name%", JB_get_formatted_name($row['FirstName'], $row['LastName']), $letter_row['message']);
$msg = str_replace("%username%", $row['Username'], $msg);
$msg = str_replace("%email%", $row['Email'], $msg);
$subject = $letter_row['subject'];
$msg = str_replace("%CANDIDATE_LINK%", JB_BASE_HTTP_PATH . JB_CANDIDATE_FOLDER . "alerts.php?id=" . $row['ID'] . "&key={$val}", $msg);
$msg = str_replace("%EMPLOYER_LINK%", JB_BASE_HTTP_PATH . JB_EMPLOYER_FOLDER . "alerts.php?id=" . $row['ID'] . "&key={$val}", $msg);
$to = $row['Email'];
$from = JB_SITE_CONTACT_EMAIL;
// Enter your email adress here
JB_queue_mail($to, JB_get_formatted_name($row['FirstName'], $row['LastName']), $from, JB_SITE_NAME, $subject, $msg, '', 30);
echo "<hr>Email to:" . jb_escape_html($row['Email']) . " placed on queue<br>";
$now = gmdate("Y-m-d H:i:s");
$sql = "UPDATE {$table} SET `newsletter_last_run`='{$now}' WHERE `ID`='" . jb_escape_sql($row['ID']) . "' ";
JB_mysql_query($sql) or die(mysql_error());
} else {
echo "Invalid email " . jb_escape_html($row['Email']) . "<br>";
}
}
/*
// run the above query again to see if we processed all the recipients.
$sql = "SELECT * FROM $table WHERE `Newsletter`='1' AND '".$letter_row['create_time']."' > `newsletter_last_run` ";
$result_check = JB_mysql_query($sql) or die(mysql_error());
if (mysql_num_rows($result_check)==0) {
// newsletter sent!
$sql = "UPDATE `newsletters` SET `status`=1 WHERE `letter_id`='".$letter_row[letter_id]."' ";
window.open('invoice.php?invoice_id=<?php
echo $row['invoice_id'];
?>
&product_type=P', '', 'toolbar=0,scrollbars=1,location=0,statusbar=0,menubar=0,resizable=1,width=600,height=560,left = 50,top = 50');return false;">
<?php
echo "P" . $row['invoice_id'];
?>
</a></font></td>
<td ><font face="Arial" size="2"><a href="employers.php?action=edit&user_id=<?php
echo $row['employer_id'];
?>
"><?php
$sql2 = "select * from employers where `ID`='" . $row['employer_id'] . "' ";
$result2 = JB_mysql_query($sql2) or die($sql2 . mysql_error());
$row2 = mysql_fetch_array($result2);
echo JB_escape_html(JB_get_formatted_name($row2['LastName'], $row2['FirstName']));
?>
</a><?php
echo ' <small>(u:' . JB_escape_html($row2['Username']) . ')</small>';
?>
</font></td>
<td><font face="Arial" size="2"><?php
echo $row['item_name'];
?>
</font></td>
<td><font face="Arial" size="2"><?php
echo $row['status'];
if ($row['status'] == 'Completed') {
$time = strtotime($row['invoice_date'] . " +0000");
$time = $time + 60 * 60 * 24;
function JB_expire_post($post_id)
{
$post_id = (int) $post_id;
$sql = "UPDATE posts_table SET expired='Y' where post_id='" . jb_escape_sql($post_id) . "' ";
JB_mysql_query($sql) or $DB_ERROR = mysql_error();
JBPLUG_do_callback('expire_post', $post_id);
// col val is post_id
if (JB_EMAIL_POST_EXP_SWITCH == 'YES') {
// Send Expiration email
$Form = JB_get_DynamicFormObject(1);
$Form->load($post_id);
$TITLE = $Form->get_raw_template_value("TITLE");
$DATE = JB_get_formatted_date($Form->get_template_value("DATE"));
$POSTED_BY_ID = $Form->get_value('user_id');
// get the employer
$sql = "SELECT * FROM employers WHERE ID='" . jb_escape_sql($POSTED_BY_ID) . "' ";
$emp_result = jb_mysql_query($sql);
$emp_row = mysql_fetch_array($emp_result);
// get the email template
$template_result = JB_get_email_template(210, $emp_row['lang']);
$t_row = mysql_fetch_array($template_result);
$to_address = $emp_row['Email'];
$to_name = JB_get_formatted_name($emp_row['FirstName'], $emp_row['LastName']);
$subject = $t_row['EmailSubject'];
$message = $t_row['EmailText'];
$from_name = $t_row['EmailFromName'];
$from_address = $t_row['EmailFromAddress'];
$message = str_replace("%LNAME%", $emp_row['LastName'], $message);
$message = str_replace("%FNAME%", $emp_row['FirstName'], $message);
$message = str_replace("%SITE_NAME%", JB_SITE_NAME, $message);
$message = str_replace("%SITE_URL%", JB_BASE_HTTP_PATH, $message);
$message = str_replace("%SITE_CONTACT_EMAIL%", JB_SITE_CONTACT_EMAIL, $message);
$message = str_replace("%POST_TITLE%", $TITLE, $message);
$message = str_replace("%POST_DATE%", $DATE, $message);
$message = str_replace("%VIEWS%", $Form->get_value('hits'), $message);
$message = str_replace("%APPS%", $Form->get_value('applications'), $message);
$message = strip_tags($message);
// plugin can change the recipient
JBPLUG_do_callback('expire_post_set_recipient_email', $to_address);
JBPLUG_do_callback('expire_post_set_recipient_name', $to_name);
// Place the email on the queue!
JB_queue_mail($to_address, $to_name, $from_address, $from_name, $subject, $message, '', 210);
}
}
$LOCATION = $PForm->get_raw_template_value("LOCATION");
$DESCRIPTION = $PForm->get_raw_template_value("DESCRIPTION");
$DESCRIPTION = str_replace("\n", " ", $DESCRIPTION);
// ''
$DESCRIPTION = str_replace("<br>", " ", $DESCRIPTION);
// add spaces
$DESCRIPTION = str_replace("</p>", " </p>", $DESCRIPTION);
// ''
$job_alert_list_html .= "<font face='arial' size='2'>{$FORMATTED_DATE} - <a href='" . JB_BASE_HTTP_PATH . "index.php?post_id=" . $post_row['post_id'] . "'>" . $TITLE . "</a></font> (" . $LOCATION . ")<font face='arial' size='1' color='#808080'> " . substr(strip_tags($DESCRIPTION), 0, 150) . "...</font><br>";
$job_alert_list_text .= "{$FORMATTED_DATE} : \"{$TITLE}\" (" . $LOCATION . ")\r\nLink: " . JB_BASE_HTTP_PATH . "index.php?post_id=" . $post_row['post_id'] . " \r\n\r\n";
$job_alert_list_text = strip_tags($job_alert_list_text);
}
if (mysql_num_rows($result2) > 0) {
// if we have anything to send?
if ($VERBOSE == 'YES') {
echo "Email Debug: Sending Email to: " . jb_escape_html(JB_get_formatted_name($user_row['FirstName'], $user_row['LastName'])) . " (" . $user_row['ID'] . ")<br> \n";
}
// now send the message.
# Validation link
$val = md5($user_row['Password'] . $user_row['ID']);
$_clink = JB_BASE_HTTP_PATH . JB_CANDIDATE_FOLDER . "alerts.php?id=" . $user_row['ID'] . "&key={$val}";
############################
# Prepare the HTML version
$lang = $user_row['lang'];
if ($lang == '') {
$lang = JB_get_default_lang();
}
$e_result = JB_get_email_template(8, $lang);
$e_row = mysql_fetch_array($e_result, MYSQL_ASSOC);
$EmailMessage = $e_row['EmailText'];
$from = $e_row['EmailFromAddress'];
function JB_get_employer_name($user_id)
{
if (!is_numeric($user_id)) {
return false;
}
global $JBMarkup;
static $b_name;
// cache it
if (isset($b_name[$user_id])) {
return $b_name[$user_id];
}
// return cached value
// perhaps the employer profile form was already loaded with the data?
// In that case lets see if we can get the employer name form there...
$ProfileForm =& JB_get_DynamicFormObject(3);
if ($ProfileForm->get_value('user_id') == $user_id) {
// already loaded
$row['65'] = $ProfileForm->get_template_value('PROFILE_BNAME');
$row['CompName'] = $ProfileForm->get_value('CompName');
$row['FirstName'] = $ProfileForm->get_value('FirstName');
$row['LastName'] = $ProfileForm->get_value('LastName');
} else {
$row = $ProfileForm->load(false, $user_id);
// get be employer id
}
if (is_array($row)) {
if (strlen(trim($row['65'])) > 0) {
$b_name[$user_id] = $row['65'];
} elseif (strlen(trim($row['CompName'])) > 0) {
$b_name[$user_id] = $row['CompName'];
} else {
$b_name[$user_id] = JB_get_formatted_name($row['FirstName'], $row['LastName']);
//
}
}
return $b_name[$user_id];
}
function JB_send_request_granted_email($candidate_id, $employer_id)
{
$user_id = (int) $candidate_id;
$employer_id = (int) $employer_id;
$sql = "SELECT FirstName, LastName, Password FROM users where `ID`='" . jb_escape_sql($candidate_id) . "' ";
$result = jb_mysql_query($sql);
$candidate_row = mysql_fetch_array($result, MYSQL_ASSOC);
$sql = "SELECT FirstName, LastName, Email FROM employers where `ID`='" . jb_escape_sql($employer_id) . "' ";
$result = jb_mysql_query($sql);
$employer_row = mysql_fetch_array($result, MYSQL_ASSOC);
// get the resume db link
$sql = "SELECT resume_id FROM resumes_table WHERE user_id='" . jb_escape_sql($candidate_id) . "' AND `status`='ACT' ";
$result = JB_mysql_query($sql) or die(mysql_error());
if (mysql_num_rows($result) > 0) {
$resume_row = mysql_fetch_array($result, MYSQL_ASSOC);
$val = substr(md5($resume_row['resume_id'] . $candidate_row['Password'] . $candidate_id), 0, 10);
$resume_db_link = JB_BASE_HTTP_PATH . JB_EMPLOYER_FOLDER . "search.php?resume_id=" . urlencode($resume_row['resume_id']) . "&id=" . urlencode($candidate_id) . "&key={$val}";
} else {
return false;
// resume does not exist anymore...
}
$result = JB_get_email_template(44, $_SESSION['LANG']);
$e_row = mysql_fetch_array($result, MYSQL_ASSOC);
$text_message = $e_row['EmailText'];
$from = $e_row['EmailFromAddress'];
$from_name = $e_row['EmailFromName'];
$subject = $e_row['EmailSubject'];
$candidate_name = JB_get_formatted_name($candidate_row['FirstName'], $candidate_row['LastName']);
$employer_name = JB_get_formatted_name($employer_row['FirstName'], $employer_row['LastName']);
$to_name = $employer_name;
$to_address = $employer_row['Email'];
$text_message = str_replace("%SITE_NAME%", JB_SITE_NAME, $text_message);
$text_message = str_replace("%SITE_URL%", JB_BASE_HTTP_PATH, $text_message);
$text_message = str_replace("%RESUME_DB_LINK%", $resume_db_link, $text_message);
$text_message = str_replace("%CAN_NAME%", $candidate_name, $text_message);
$text_message = str_replace("%EMP_NAME%", $employer_name, $text_message);
$subject = str_replace("%CAN_NAME%", $candidate_name, $subject);
$subject = str_replace("%SITE_NAME%", JB_SITE_NAME, $subject);
JB_queue_mail($to_address, $to_name, $e_row['EmailFromAddress'], $e_row['EmailFromName'], $subject, $text_message, $html_message, $e_row['EmailID']);
}
$APM->success_row($label['app_confirm_lettter'], $app_letter);
$APM->success_row($label['app_confirm_att1'], $_FILES['att1']['name']);
$APM->success_row($label['app_confirm_att2'], $_FILES['att2']['name']);
$APM->success_row($label['app_confirm_att3'], $_FILES['att3']['name']);
JBPLUG_do_callback('apply_success_row', $mail_id);
$APM->success_end();
$success = 1;
}
}
// End Apply button pressed
if (!$success) {
if ($app_subject == '') {
$app_subject = $label['app_email_subject'];
$app_subject = str_replace("%DATE%", $DATE, $app_subject);
$app_subject = str_replace("%TITLE%", $TITLE, $app_subject);
$app_subject = str_replace("%SITE_NAME%", JB_SITE_NAME, $app_subject);
}
if ($user_id != '' && $error == '') {
// retreive old application, so that it can be pre-file;ed
$app_email = $user_row['Email'];
$app_name = JB_get_formatted_name($user_row['FirstName'], $user_row['LastName']);
$sql = "SELECT * FROM applications WHERE `user_id`='" . jb_escape_sql($user_id) . "' ORDER BY app_date DESC LIMIT 1 ";
$app_result = JB_mysql_query($sql);
$app_row = mysql_fetch_array($app_result, MYSQL_ASSOC);
$app_letter = $app_row["cover_letter"];
}
JB_template_application_form($post_id, $app_name, $app_email, $app_subject, $app_letter, $att1, $att2, $att3);
}
}
$JBMarkup->body_close();
$JBMarkup->markup_close();
}
if ($_REQUEST['action'] == 'reset') {
if ($_REQUEST['pass'] != '') {
$_REQUEST['pass'] = md5($_REQUEST['pass']);
$sql = "UPDATE `users` SET `Password`='" . jb_escape_sql($_REQUEST['pass']) . "' WHERE `ID`='" . jb_escape_sql($_REQUEST['user_id']) . "' LIMIT 1";
JB_mysql_query($sql) or die(mysql_error());
$JBMarkup->ok_msg('Password Changed.');
JBPLUG_do_callback('can_new_pass', $_REQUEST['pass'], $row['Username']);
} else {
$sql = "SELECT * from `users` WHERE `ID`='" . jb_escape_sql($_REQUEST['user_id']) . "'";
$result = JB_mysql_query($sql) or die(mysql_error());
$row = mysql_fetch_array($result, MYSQL_ASSOC);
?>
Change the password for username:
<?php
echo JB_escape_html($row['Username']) . " (" . JB_get_formatted_name($row['FirstName'], $row['LastName']) . ")";
$q_string = JB_generate_candidate_q_string();
?>
<form method="post" action="<?php
echo htmlentities($_SERVER['PHP_SELF']);
?>
?action=reset">
<input type="hidden" name="user_id" value="<?php
echo htmlentities($_REQUEST['user_id']);
?>
">
<input type="hidden" name="show" value="<?php
echo htmlentities($_REQUEST['show']);
?>
">
echo $row['invoice_id'] . $date_link;
?>
' "> / <input type="button" style="font-size: 9px;" value="Cancel" onclick="if (!confirmLink(this, 'Cancel this Order, are you sure?')) return false; window.location='<?php
echo 'membership_report.php';
?>
?action=cancel&invoice_id=<?php
echo $row['invoice_id'] . $date_link;
?>
' ">
<?php
}
if (strtolower($row['status']) == 'confirmed' || strtolower($row['status']) == 'pending') {
?>
<br>
<input type="button" style="font-size: 9px;" value="Complete" onclick="if (!confirmLink(this, 'Payment from <?php
echo JB_js_out_prep(jb_escape_html(JB_get_formatted_name($row2['FirstName'], $row2['LastName'])));
?>
to be completed. Order for <?php
echo @JB_convert_to_currency($row['amount'], $row['currency_code'], DEFAULT_CURR);
//echo CURRENCY_SIGN.$row['amount'];
?>
will be credited to their account.\n ** Are you sure? **')) return false; window.location='<?php
echo htmlentities('membership_report.php');
?>
?action=complete&invoice_id=<?php
echo $row['invoice_id'] . $date_link;
?>
' "> / <input type="button" style="font-size: 9px;" value="Cancel" onclick="if (!confirmLink(this, 'Cancel this Order, are you sure?')) return false; window.location='<?php
echo htmlentities('membership_report.php');
?>
?action=cancel&invoice_id=<?php
function JB_complete_membership_invoice($invoice_id, $payment_method)
{
global $label;
$now = gmdate("Y-m-d H:i:s");
// qwerty
if ($payment_method == '') {
$payment_method = $invoice_row['payment_method'];
}
$invoice_row = JB_get_membership_invoice_row($invoice_id);
if ($payment_method == '') {
$payment_method = $invoice_row['payment_method'];
}
if ($invoice_row['status'] == 'Confirmed' || $invoice_row['status'] == 'Pending') {
if ($invoice_row['reason'] != 'jb_credit_advanced') {
// bank and check modules have the option to advance membership before payment is received. If the credit was given in advance, then this invoice would have a jb_payment_deferred status
JB_start_membership($invoice_row);
}
$sql = "UPDATE membership_invoices SET `status`='Completed', `payment_method`='" . jb_escape_sql($payment_method) . "', `processed_date`='{$now}' WHERE invoice_id='" . jb_escape_sql($invoice_id) . "'";
$result = JB_mysql_query($sql) or JB_mail_error("[{$sql}]" . mysql_error());
if (JB_EMAIL_ORDER_COMPLETED_SWITCH == 'YES') {
// send conformation.
// get the user's record to send to
if ($invoice_row['user_type'] == 'C') {
// user's membership?
$sql = "Select * from users WHERE ID='" . jb_escape_sql($invoice_row['user_id']) . "'";
} else {
$sql = "Select * from employers WHERE ID='" . jb_escape_sql($invoice_row['user_id']) . "'";
}
$result = JB_mysql_query($sql) or die(mysql_error());
$e_row = mysql_fetch_array($result, MYSQL_ASSOC);
$invoice_row = JB_get_membership_invoice_row($invoice_id);
// reload invoice
$template_r = JB_get_email_template(110, $e_row['lang']);
$template = mysql_fetch_array($template_r);
$msg = $template['EmailText'];
$from = $template['EmailFromAddress'];
$from_name = $template['EmailFromName'];
$subject = $template['EmailSubject'];
$msg = str_replace("%FNAME%", $e_row['FirstName'], $msg);
$msg = str_replace("%LNAME%", $e_row['LastName'], $msg);
$msg = str_replace("%SITE_NAME%", JB_SITE_NAME, $msg);
$msg = str_replace("%INVOICE_CODE%", "M" . $invoice_row['invoice_id'], $msg);
$msg = str_replace("%ITEM_NAME%", $invoice_row['item_name'], $msg);
$msg = str_replace("%MEM_START%", JB_get_formatted_time(JB_get_local_time($invoice_row['member_date'])), $msg);
if ($invoice_row['months_duration'] == '0') {
$invoice_row['member_end'] = $label['member_not_expire'];
$invoice_row['months_duration'] = $label['member_not_expire'];
}
$msg = str_replace("%MEM_END%", JB_get_formatted_time($invoice_row['member_end']), $msg);
$msg = str_replace("%MEM_DURATION%", $invoice_row['months_duration'], $msg);
$msg = str_replace("%INVOICE_AMOUNT%", JB_convert_to_default_currency_formatted($invoice_row['currency_code'], $invoice_row['amount']), $msg);
$msg = str_replace("%PAYMENT_METHOD%", $payment_method, $msg);
$msg = str_replace("%SITE_CONTACT_EMAIL%", JB_SITE_CONTACT_EMAIL, $msg);
$msg = str_replace("%SITE_URL%", JB_BASE_HTTP_PATH, $msg);
preg_match('#%INVOICE_TAX=\\[(.+?)\\]%#', $msg, $m);
$tax_rate = $m[1];
$invoice_tax = $invoice_row['amount'] - $invoice_row['amount'] / (1.0 + $tax_rate);
$invoice_tax = JB_convert_to_default_currency_formatted($invoice_row['currency_code'], $invoice_tax);
$msg = str_replace($m[0], $invoice_tax, $msg);
$to = $e_row['Email'];
$to_name = JB_get_formatted_name($e_row['FirstName'], $e_row['LastName']);
$email_id = JB_queue_mail($to, $to_name, $from, $from_name, $subject, $msg, '', 110);
JB_process_mail_queue(1, $email_id);
}
}
}