Exemple #1
0
        }
        $is_allowed_type = false;
        foreach ($GLOBALS['allowable_resume_types'] as $mime_type) {
            if ($resume_file['type'] == $mime_type) {
                $is_allowed_type = true;
                break;
            }
        }
        if (!$is_allowed_type) {
            ?>
<script type="text/javascript">top.stop_quick_upload('-1');</script><?php 
            exit;
        }
        $data = array();
        $data['file_name'] = str_replace(array('\'', '"', '\\'), '', basename($resume_file['name']));
        $data['file_hash'] = generate_random_string_of(3) . '.' . generate_random_string_of(6);
        $data['file_type'] = $resume_file['type'];
        $data['file_size'] = $resume_file['size'];
        $resume_file['new_name'] = $data['file_hash'];
        if (move_uploaded_file($resume_file['tmp_name'], $GLOBALS['buffered_resume_dir'] . '/' . $resume_file['new_name']) === false) {
            ?>
<script type="text/javascript">top.stop_quick_upload('-1');</script><?php 
            exit;
        }
        $i = 0;
        $query = "UPDATE users_contributed_resumes SET ";
        foreach ($data as $key => $value) {
            $query .= "`" . $key . "` = '" . $value . "'";
            if ($i < count($data) - 1) {
                $query .= ", ";
            }
Exemple #2
0
     $sid = $seed['login']['id'];
 }
 $_SESSION['yel']['member']['id'] = $id;
 $_SESSION['yel']['member']['hash'] = $hash;
 $_SESSION['yel']['member']['sid'] = $sid;
 $_SESSION['yel']['member']['linkedin_id'] = $linkedin_id;
 header('Content-type: text/xml');
 $member = new Member($id, $sid);
 // 1. find whether this member exists, from the ID
 $criteria = array('columns' => "COUNT(*) AS is_exists", 'match' => "email_addr = '" . $id . "'");
 $result = $member->find($criteria);
 if ($result[0]['is_exists'] != '1') {
     // sign the member up
     $joined_on = today();
     $data = array();
     $data['password'] = md5(generate_random_string_of(6));
     $data['phone_num'] = '0';
     $data['firstname'] = $_POST['linkedin_firstname'];
     $data['lastname'] = $_POST['linkedin_lastname'];
     $data['linkedin_id'] = $linkedin_id;
     $data['joined_on'] = $joined_on;
     $data['updated_on'] = $joined_on;
     $data['active'] = 'Y';
     $data['checked_profile'] = 'Y';
     if (is_null($data['firstname']) || empty($data['firstname']) || is_null($data['lastname']) || empty($data['lastname'])) {
         $data['firstname'] = 'Unknown';
         $data['lastname'] = 'Unknown';
     }
     if ($member->create($data) === false) {
         $_SESSION['yel']['member']['hash'] = "";
         $response['errors'] = array('error' => 'create_error');
        exit;
    }
    if (!$result) {
        echo 'ko';
        exit;
    }
    foreach ($result as $i => $row) {
        $result[$i]['employer'] = htmlspecialchars_decode($row['employer']);
    }
    $response = array('employers' => array('employer' => $result));
    header('Content-type: text/xml');
    echo $xml_dom->get_xml_from_array($response);
    exit;
}
if ($_POST['action'] == 'reset_password') {
    $new_password = generate_random_string_of(6);
    $data = array();
    $data['password'] = md5($new_password);
    $employer = new Employer($_POST['id']);
    if (!$employer->update($data, true)) {
        echo "ko";
        exit;
    }
    $query = "SELECT email_addr FROM employers WHERE id = '" . $_POST['id'] . "' LIMIT 1";
    $mysqli = Database::connect();
    $result = $mysqli->query($query);
    $lines = file(dirname(__FILE__) . '/../private/mail/employer_password_reset_admin.txt');
    $message = '';
    foreach ($lines as $line) {
        $message .= $line;
    }
     // member already exists
     exit;
 }
 // create resume
 $has_error = false;
 if (!empty($buffer['file_name']) && !is_null($buffer['file_name'])) {
     $resume = new Resume($_POST['candidate_email']);
     $data = array();
     $data['modified_on'] = $buffer['added_on'];
     $data['name'] = $buffer['file_name'];
     $data['private'] = 'N';
     if (!$resume->create($data)) {
         echo '-9';
         exit;
     }
     $file_hash = generate_random_string_of(6);
     $new_name = $resume->id() . '.' . $file_hash;
     if (rename($GLOBALS['buffered_resume_dir'] . '/' . $buffer['file_hash'], $GLOBALS['resume_dir'] . '/' . $new_name)) {
         $query = "UPDATE resumes SET \n                      file_name = '" . $buffer['file_name'] . "', \n                      file_hash = '" . $file_hash . "', \n                      file_size = '" . $buffer['file_size'] . "',\n                      file_type = '" . $buffer['file_type'] . "' \n                      WHERE id = " . $resume->id();
         if (!$mysqli->execute($query)) {
             echo '-10';
             exit;
         }
         $resume_text = '';
         switch ($buffer['file_type']) {
             case 'text/plain':
                 $tmp = file_get_contents($GLOBALS['resume_dir'] . "/" . $new_name);
                 $resume_text = sanitize($tmp);
                 break;
             case 'text/html':
                 $tmp = file_get_contents($GLOBALS['resume_dir'] . "/" . $new_name);
Exemple #5
0
 public function upload_resume_file($_buffer_id, $_file = array())
 {
     if (empty($_buffer_id) || $_buffer_id <= 0 || $_buffer_id === false) {
         $this->error = 'upload_resume_file : the buffer_id is invalid.';
         return false;
     }
     $file_path = '';
     $resume_text = '';
     if (!empty($_file['name'])) {
         $type = $_file['type'];
         $size = $_file['size'];
         $name = $_file['name'];
         $temp = $_file['tmp_name'];
         if ($size <= $GLOBALS['resume_size_limit'] && $size > 0) {
             $is_upload_ok = false;
             foreach ($GLOBALS['allowable_resume_types'] as $mime_type) {
                 if ($type == $mime_type) {
                     $hash = generate_random_string_of(6);
                     $new_name = $buffer_id . "." . $hash;
                     $file_path = $GLOBALS['buffered_resume_dir'] . "/" . $new_name;
                     if (move_uploaded_file($temp, $file_path)) {
                         $data = array();
                         $data['resume_file_name'] = $name;
                         $data['resume_file_type'] = $type;
                         $data['resume_file_hash'] = $hash;
                         $data['resume_file_size'] = $size;
                         if ($referral_buffer->update($data)) {
                             if ($type == 'application/msword') {
                                 $data['needs_indexing'] = '1';
                                 if ($referral_buffer->update($data) === true) {
                                     $is_upload_ok = true;
                                 } else {
                                     @unlink($file_path);
                                 }
                                 break;
                             }
                             switch ($type) {
                                 case 'text/plain':
                                     $tmp = file_get_contents($file_path);
                                     $resume_text = sanitize($tmp);
                                     break;
                                 case 'text/html':
                                     $tmp = file_get_contents($file_path);
                                     $resume_text = sanitize(strip_tags($tmp));
                                     break;
                                 case 'application/pdf':
                                     $cmd = "/usr/local/bin/pdftotext " . $file_path . " /tmp/" . $new_name;
                                     shell_exec($cmd);
                                     $tmp = file_get_contents('/tmp/' . $new_name);
                                     $resume_text = sanitize($tmp);
                                     if (!empty($tmp)) {
                                         unlink('/tmp/' . $new_name);
                                     }
                                     break;
                                 case 'application/msword':
                                     // $tmp = Resume::getTextFromMsword($file_path);
                                     // if (empty($tmp)) {
                                     //     $tmp = Resume::getTextFromRTF($file_path);
                                     // }
                                     // $resume_text = sanitize($tmp);
                                     break;
                             }
                             if (!empty($resume_text)) {
                                 $keywords = preg_split("/[\\s,]+/", $resume_text);
                                 $resume_text = '';
                                 foreach ($keywords as $i => $keyword) {
                                     $resume_text .= $keyword;
                                     if ($i < count($keywords) - 1) {
                                         $resume_text .= ' ';
                                     }
                                 }
                                 $data['resume_file_text'] = sanitize(stripslashes($resume_text));
                                 if ($referral_buffer->update($data) === true) {
                                     $is_upload_ok = true;
                                 } else {
                                     @unlink($file_path);
                                 }
                                 break;
                             }
                         }
                     }
                 }
             }
             if (!$is_upload_ok) {
                 $this->error = 'upload_resume_file : file type is not allowed.';
                 return false;
             }
         } else {
             $this->error = 'upload_resume_file : resume is over the allowed size of ' . $GLOBALS['resume_size_limit'] . ' bytes.';
             return false;
         }
     }
     return true;
 }
Exemple #6
0
 }
 if (!$is_free_replacement) {
     $item_added = Invoice::add_item($invoice, $discount, $_POST['id'], 'Discount');
     if (!$item_added) {
         echo "ko";
         exit;
     }
     $item_added = Invoice::add_item($invoice, $extra_charges, $_POST['id'], 'Extra charges');
     if (!$item_added) {
         echo "ko";
         exit;
     }
 } else {
     if ($credit_amount > 0) {
         $credit_note_desc = 'Refund of balance for Invoice: ' . pad($previous_invoice, 11, '0');
         $filename = generate_random_string_of(8) . '.' . generate_random_string_of(8);
         $issued_on = today();
         $expire_on = sql_date_add($issued_on, 30, 'day');
         Invoice::accompany_credit_note_with($previous_invoice, $invoice, $issued_on, $credit_amount);
         $branch = $employer->get_branch();
         $sales = 'sales.' . strtolower($branch[0]['country']) . '@yellowelevator.com';
         $branch[0]['address'] = str_replace(array("\r\n", "\r"), "\n", $branch[0]['address']);
         $branch['address_lines'] = explode("\n", $branch[0]['address']);
         $currency = Currency::getSymbolFromCountryCode($branch[0]['country']);
         $pdf = new CreditNote();
         $pdf->AliasNbPages();
         $pdf->SetAuthor('Yellow Elevator. This credit note was automatically generated. Signature is not required.');
         $pdf->SetTitle($GLOBALS['COMPANYNAME'] . ' - Credit Note ' . pad($invoice, 11, '0'));
         $pdf->SetRefundAmount($credit_amount);
         $pdf->SetDescription($credit_note_desc);
         $pdf->SetCurrency($currency);
Exemple #7
0
function create_member_from($_email_addr, $_fullname, $_phone, $_employee_id)
{
    if (empty($_email_addr) || empty($_fullname) || empty($_phone)) {
        return false;
    }
    $employee = new Employee($_employee_id);
    $password = generate_random_string_of(6);
    $timestamp = now();
    $lastname = '(n/a)';
    $firstname = $_fullname;
    $names = explode(',', $_fullname);
    if (count($names) > 1) {
        $lastname = trim($names[0]);
        $firstname = trim($names[1]);
    }
    $data = array();
    $data['phone_num'] = $_phone;
    $data['firstname'] = $firstname;
    $data['lastname'] = $lastname;
    $data['password'] = md5($password);
    $data['forget_password_question'] = '1';
    $data['forget_password_answer'] = '(System Generated)';
    $data['joined_on'] = $timestamp;
    $data['active'] = 'Y';
    $data['like_newsletter'] = 'N';
    $member = new Member($_email_addr);
    $member->setAdmin(true);
    if ($member->create($data) === false) {
        return false;
    }
    // send email out
    $mail_lines = file('../private/mail/member_sign_up_with_password.txt');
    $message = '';
    foreach ($mail_lines as $line) {
        $message .= $line;
    }
    $candidate_name = $data['lastname'] . ', ' . $data['firstname'];
    $message = str_replace('%candidate%', $candidate_name, $message);
    $message = str_replace('%password%', $password, $message);
    $message = str_replace('%protocol%', $GLOBALS['protocol'], $message);
    $message = str_replace('%root%', $GLOBALS['root'], $message);
    //$subject = '['. $_email_addr. '] New Membership from Yellow Elevator';
    $subject = 'Recent correspondence with YellowElevator.com\'s recruitment consultant - ' . $candidate_name;
    $headers = 'From: YellowElevator.com <*****@*****.**>' . "\n";
    if (!is_null($employee)) {
        $emp_email = $employee->getEmailAddress();
        if ($emp_email !== false && !empty($emp_email)) {
            $headers .= 'Reply-To: ' . $emp_email . "\n";
        }
    }
    $headers .= 'Cc: team.my@yellowelevator.com' . "\n";
    mail($_email_addr, $subject, $message, $headers);
    //mail('*****@*****.**', $subject, $message, $headers);
    // $file_name = '/tmp/email_to_'. $_email_addr. '.txt';
    // if (file_exists($file_name)) {
    //     $file_name .= '.'. generate_random_string_of(6). '.txt';
    // }
    // $handle = fopen($file_name, 'w');
    // fwrite($handle, 'Header: '. $headers. "\n\n");
    // fwrite($handle, 'Subject: '. $subject. "\n\n");
    // fwrite($handle, $message);
    // fclose($handle);
    return true;
}
Exemple #8
0
 public function savePhoto($_file_data)
 {
     $type = $_file_data['FILE']['type'];
     $size = $_file_data['FILE']['size'];
     $temp = $_file_data['FILE']['tmp_name'];
     $image_resolution = getimagesize($temp);
     $max_resolution = $GLOBALS['max_photo_resolution'];
     if ($image_resolution[0] > $max_resolution['width'] || $image_resolution[1] > $max_resolution['height']) {
         return false;
     }
     if ($size <= $GLOBALS['photo_size_limit'] && $size > 0) {
         $allowed_type = false;
         foreach ($GLOBALS['allowable_photo_types'] as $mime_type) {
             if ($type == $mime_type) {
                 if ($this->hasPhoto()) {
                     $query = "SELECT id, photo_hash FROM member_photos WHERE member = '" . $this->id . "' LIMIT 1";
                     $result = $this->mysqli->query($query);
                     $file_name = $result[0]['id'] . "." . $result[0]['photo_hash'];
                     if (move_uploaded_file($temp, $GLOBALS['photo_dir'] . "/" . $file_name)) {
                         $query = "UPDATE member_photos SET \n                                      photo_hash = '" . $result[0]['photo_hash'] . "',\n                                      photo_type = '" . $type . "', \n                                      approved = 'N' \n                                      WHERE id = " . $result[0]['id'];
                         return $this->mysqli->execute($query);
                     }
                 } else {
                     $query = "INSERT INTO member_photos SET \n                                  member = '" . $this->id . "',\n                                  photo_hash = 'new', photo_type = 'new'";
                     if (($id = $this->mysqli->execute($query, true)) > 0) {
                         $hash = generate_random_string_of(6);
                         $new_name = $id . "." . $hash;
                         if (move_uploaded_file($temp, $GLOBALS['photo_dir'] . "/" . $new_name)) {
                             $query = "UPDATE member_photos SET \n                                          photo_hash = '" . $hash . "',\n                                          photo_type = '" . $type . "', \n                                          approved = 'N' \n                                          WHERE id = " . $id;
                             return $this->mysqli->execute($query);
                         }
                     }
                 }
             }
         }
     }
     return false;
 }
Exemple #9
0
function generate_pdf_file($_contacts, $_cover_note, $_educations, $_experiences, $_skill, $_technical_skills, $_resume_id)
{
    $hash = generate_random_string_of(6);
    $file = $_resume_id . '.' . $hash;
    $pdf = new ResumePdf();
    $pdf->AliasNbPages();
    $pdf->SetAuthor('YellowElevator.com Resume Generator. Terms of Use subjected.');
    $pdf->SetTitle(htmlspecialchars_decode($_contacts['name']) . '\'s Resume');
    $pdf->SetFontSize(10);
    $pdf->AddPage('P');
    $pdf->SetDisplayMode('real', 'default');
    $pdf->make_title(htmlspecialchars_decode($_contacts['name']) . '\'s Resume');
    $pdf->Ln();
    $pdf->make_title('Contacts');
    $pdf->show_contacts($_contacts);
    $pdf->make_title('Work Experiences');
    $pdf->show_experiences($_experiences);
    $pdf->make_title('Educations');
    $pdf->show_educations($_educations);
    $pdf->make_title('General Skills');
    $pdf->show_skills($_skills);
    $pdf->make_title('Technical/Computer/I.T. Skills');
    $pdf->show_technical_skills($_technical_skills);
    $pdf->make_title('Cover Note');
    $pdf->show_cover_note($_cover_note);
    $pdf->Close();
    $pdf->Output($GLOBALS['path_to_copy'] . $file, 'F');
    return $hash;
}
Exemple #10
0
 public function uploadFile($_file_data, $_update = false)
 {
     if (!is_array($_file_data)) {
         return false;
     }
     if ($this->id == 0) {
         return false;
     }
     if ($_update) {
         $query = "SELECT file_hash FROM resumes WHERE id = " . $this->id . " LIMIT 1";
         $result = $this->mysqli->query($query);
         $file = $GLOBALS['resume_dir'] . '/' . $this->id . '.' . $result[0]['file_hash'];
         @unlink($file);
     }
     $type = $_file_data['FILE']['type'];
     $size = $_file_data['FILE']['size'];
     $name = $_file_data['FILE']['name'];
     $temp = $_file_data['FILE']['tmp_name'];
     if ($size <= $GLOBALS['resume_size_limit'] && $size > 0) {
         $allowed_type = false;
         foreach ($GLOBALS['allowable_resume_types'] as $mime_type) {
             if ($type == $mime_type) {
                 $allowed_type = true;
                 $hash = generate_random_string_of(6);
                 $new_name = $this->id . "." . $hash;
                 if (move_uploaded_file($temp, $GLOBALS['resume_dir'] . "/" . $new_name)) {
                     $query = "UPDATE resumes SET \n                                  file_name = '" . basename($name) . "', \n                                  file_hash = '" . $hash . "', \n                                  file_size = '" . $size . "',\n                                  file_type = '" . $type . "'";
                     if ($type == 'application/msword') {
                         $query .= ", needs_indexing = TRUE";
                     }
                     $query .= " WHERE id = " . $this->id;
                     if ($this->mysqli->execute($query)) {
                         //return true;
                         $resume_text = '';
                         switch ($type) {
                             case 'text/plain':
                                 $tmp = file_get_contents($GLOBALS['resume_dir'] . "/" . $new_name);
                                 $resume_text = sanitize($tmp);
                                 break;
                             case 'text/html':
                                 $tmp = file_get_contents($GLOBALS['resume_dir'] . "/" . $new_name);
                                 $resume_text = sanitize(strip_tags($tmp));
                                 break;
                             case 'application/pdf':
                                 $cmd = "/usr/local/bin/pdftotext " . $GLOBALS['resume_dir'] . "/" . $new_name . " /tmp/" . $new_name;
                                 shell_exec($cmd);
                                 $tmp = file_get_contents('/tmp/' . $new_name);
                                 $resume_text = sanitize($tmp);
                                 if (!empty($tmp)) {
                                     unlink('/tmp/' . $new_name);
                                 }
                                 break;
                             case 'application/msword':
                                 // $tmp = Resume::getTextFromMsword($GLOBALS['resume_dir']. "/". $new_name);
                                 // if (empty($tmp)) {
                                 //     $tmp = Resume::getTextFromRTF($GLOBALS['resume_dir']. "/". $new_name);
                                 // }
                                 // $resume_text = sanitize($tmp);
                                 // break;
                                 return true;
                         }
                         if (!empty($resume_text)) {
                             $keywords = preg_split("/[\\s,]+/", $resume_text);
                             $resume_text = '';
                             foreach ($keywords as $i => $keyword) {
                                 $resume_text .= $keyword;
                                 if ($i < count($keywords) - 1) {
                                     $resume_text .= ' ';
                                 }
                             }
                             $query = "SELECT COUNT(*) AS is_exists FROM resume_index \n                                          WHERE resume = " . $this->id . " AND member = '" . $this->member_id . "'";
                             $result = $this->mysqli->query($query);
                             if ($result[0]['is_exists'] == '0') {
                                 $query = "INSERT INTO resume_index SET \n                                              resume = " . $this->id . ", \n                                              member = '" . $this->member_id . "', \n                                              file_text = '" . $resume_text . "'";
                             } else {
                                 $query = "UPDATE resume_index SET file_text = '" . $resume_text . "' \n                                              WHERE resume = " . $this->id . " AND \n                                              member = '" . $this->member_id . "'";
                             }
                             return $this->mysqli->execute($query);
                         }
                     }
                 }
             }
         }
     }
     return false;
 }