} $is_allowed_type = false; foreach ($GLOBALS['allowable_resume_types'] as $mime_type) { if ($resume_file['type'] == $mime_type) { $is_allowed_type = true; break; } } if (!$is_allowed_type) { ?> <script type="text/javascript">top.stop_quick_upload('-1');</script><?php exit; } $data = array(); $data['file_name'] = str_replace(array('\'', '"', '\\'), '', basename($resume_file['name'])); $data['file_hash'] = generate_random_string_of(3) . '.' . generate_random_string_of(6); $data['file_type'] = $resume_file['type']; $data['file_size'] = $resume_file['size']; $resume_file['new_name'] = $data['file_hash']; if (move_uploaded_file($resume_file['tmp_name'], $GLOBALS['buffered_resume_dir'] . '/' . $resume_file['new_name']) === false) { ?> <script type="text/javascript">top.stop_quick_upload('-1');</script><?php exit; } $i = 0; $query = "UPDATE users_contributed_resumes SET "; foreach ($data as $key => $value) { $query .= "`" . $key . "` = '" . $value . "'"; if ($i < count($data) - 1) { $query .= ", "; }
$sid = $seed['login']['id']; } $_SESSION['yel']['member']['id'] = $id; $_SESSION['yel']['member']['hash'] = $hash; $_SESSION['yel']['member']['sid'] = $sid; $_SESSION['yel']['member']['linkedin_id'] = $linkedin_id; header('Content-type: text/xml'); $member = new Member($id, $sid); // 1. find whether this member exists, from the ID $criteria = array('columns' => "COUNT(*) AS is_exists", 'match' => "email_addr = '" . $id . "'"); $result = $member->find($criteria); if ($result[0]['is_exists'] != '1') { // sign the member up $joined_on = today(); $data = array(); $data['password'] = md5(generate_random_string_of(6)); $data['phone_num'] = '0'; $data['firstname'] = $_POST['linkedin_firstname']; $data['lastname'] = $_POST['linkedin_lastname']; $data['linkedin_id'] = $linkedin_id; $data['joined_on'] = $joined_on; $data['updated_on'] = $joined_on; $data['active'] = 'Y'; $data['checked_profile'] = 'Y'; if (is_null($data['firstname']) || empty($data['firstname']) || is_null($data['lastname']) || empty($data['lastname'])) { $data['firstname'] = 'Unknown'; $data['lastname'] = 'Unknown'; } if ($member->create($data) === false) { $_SESSION['yel']['member']['hash'] = ""; $response['errors'] = array('error' => 'create_error');
exit; } if (!$result) { echo 'ko'; exit; } foreach ($result as $i => $row) { $result[$i]['employer'] = htmlspecialchars_decode($row['employer']); } $response = array('employers' => array('employer' => $result)); header('Content-type: text/xml'); echo $xml_dom->get_xml_from_array($response); exit; } if ($_POST['action'] == 'reset_password') { $new_password = generate_random_string_of(6); $data = array(); $data['password'] = md5($new_password); $employer = new Employer($_POST['id']); if (!$employer->update($data, true)) { echo "ko"; exit; } $query = "SELECT email_addr FROM employers WHERE id = '" . $_POST['id'] . "' LIMIT 1"; $mysqli = Database::connect(); $result = $mysqli->query($query); $lines = file(dirname(__FILE__) . '/../private/mail/employer_password_reset_admin.txt'); $message = ''; foreach ($lines as $line) { $message .= $line; }
// member already exists exit; } // create resume $has_error = false; if (!empty($buffer['file_name']) && !is_null($buffer['file_name'])) { $resume = new Resume($_POST['candidate_email']); $data = array(); $data['modified_on'] = $buffer['added_on']; $data['name'] = $buffer['file_name']; $data['private'] = 'N'; if (!$resume->create($data)) { echo '-9'; exit; } $file_hash = generate_random_string_of(6); $new_name = $resume->id() . '.' . $file_hash; if (rename($GLOBALS['buffered_resume_dir'] . '/' . $buffer['file_hash'], $GLOBALS['resume_dir'] . '/' . $new_name)) { $query = "UPDATE resumes SET \n file_name = '" . $buffer['file_name'] . "', \n file_hash = '" . $file_hash . "', \n file_size = '" . $buffer['file_size'] . "',\n file_type = '" . $buffer['file_type'] . "' \n WHERE id = " . $resume->id(); if (!$mysqli->execute($query)) { echo '-10'; exit; } $resume_text = ''; switch ($buffer['file_type']) { case 'text/plain': $tmp = file_get_contents($GLOBALS['resume_dir'] . "/" . $new_name); $resume_text = sanitize($tmp); break; case 'text/html': $tmp = file_get_contents($GLOBALS['resume_dir'] . "/" . $new_name);
public function upload_resume_file($_buffer_id, $_file = array()) { if (empty($_buffer_id) || $_buffer_id <= 0 || $_buffer_id === false) { $this->error = 'upload_resume_file : the buffer_id is invalid.'; return false; } $file_path = ''; $resume_text = ''; if (!empty($_file['name'])) { $type = $_file['type']; $size = $_file['size']; $name = $_file['name']; $temp = $_file['tmp_name']; if ($size <= $GLOBALS['resume_size_limit'] && $size > 0) { $is_upload_ok = false; foreach ($GLOBALS['allowable_resume_types'] as $mime_type) { if ($type == $mime_type) { $hash = generate_random_string_of(6); $new_name = $buffer_id . "." . $hash; $file_path = $GLOBALS['buffered_resume_dir'] . "/" . $new_name; if (move_uploaded_file($temp, $file_path)) { $data = array(); $data['resume_file_name'] = $name; $data['resume_file_type'] = $type; $data['resume_file_hash'] = $hash; $data['resume_file_size'] = $size; if ($referral_buffer->update($data)) { if ($type == 'application/msword') { $data['needs_indexing'] = '1'; if ($referral_buffer->update($data) === true) { $is_upload_ok = true; } else { @unlink($file_path); } break; } switch ($type) { case 'text/plain': $tmp = file_get_contents($file_path); $resume_text = sanitize($tmp); break; case 'text/html': $tmp = file_get_contents($file_path); $resume_text = sanitize(strip_tags($tmp)); break; case 'application/pdf': $cmd = "/usr/local/bin/pdftotext " . $file_path . " /tmp/" . $new_name; shell_exec($cmd); $tmp = file_get_contents('/tmp/' . $new_name); $resume_text = sanitize($tmp); if (!empty($tmp)) { unlink('/tmp/' . $new_name); } break; case 'application/msword': // $tmp = Resume::getTextFromMsword($file_path); // if (empty($tmp)) { // $tmp = Resume::getTextFromRTF($file_path); // } // $resume_text = sanitize($tmp); break; } if (!empty($resume_text)) { $keywords = preg_split("/[\\s,]+/", $resume_text); $resume_text = ''; foreach ($keywords as $i => $keyword) { $resume_text .= $keyword; if ($i < count($keywords) - 1) { $resume_text .= ' '; } } $data['resume_file_text'] = sanitize(stripslashes($resume_text)); if ($referral_buffer->update($data) === true) { $is_upload_ok = true; } else { @unlink($file_path); } break; } } } } } if (!$is_upload_ok) { $this->error = 'upload_resume_file : file type is not allowed.'; return false; } } else { $this->error = 'upload_resume_file : resume is over the allowed size of ' . $GLOBALS['resume_size_limit'] . ' bytes.'; return false; } } return true; }
} if (!$is_free_replacement) { $item_added = Invoice::add_item($invoice, $discount, $_POST['id'], 'Discount'); if (!$item_added) { echo "ko"; exit; } $item_added = Invoice::add_item($invoice, $extra_charges, $_POST['id'], 'Extra charges'); if (!$item_added) { echo "ko"; exit; } } else { if ($credit_amount > 0) { $credit_note_desc = 'Refund of balance for Invoice: ' . pad($previous_invoice, 11, '0'); $filename = generate_random_string_of(8) . '.' . generate_random_string_of(8); $issued_on = today(); $expire_on = sql_date_add($issued_on, 30, 'day'); Invoice::accompany_credit_note_with($previous_invoice, $invoice, $issued_on, $credit_amount); $branch = $employer->get_branch(); $sales = 'sales.' . strtolower($branch[0]['country']) . '@yellowelevator.com'; $branch[0]['address'] = str_replace(array("\r\n", "\r"), "\n", $branch[0]['address']); $branch['address_lines'] = explode("\n", $branch[0]['address']); $currency = Currency::getSymbolFromCountryCode($branch[0]['country']); $pdf = new CreditNote(); $pdf->AliasNbPages(); $pdf->SetAuthor('Yellow Elevator. This credit note was automatically generated. Signature is not required.'); $pdf->SetTitle($GLOBALS['COMPANYNAME'] . ' - Credit Note ' . pad($invoice, 11, '0')); $pdf->SetRefundAmount($credit_amount); $pdf->SetDescription($credit_note_desc); $pdf->SetCurrency($currency);
function create_member_from($_email_addr, $_fullname, $_phone, $_employee_id) { if (empty($_email_addr) || empty($_fullname) || empty($_phone)) { return false; } $employee = new Employee($_employee_id); $password = generate_random_string_of(6); $timestamp = now(); $lastname = '(n/a)'; $firstname = $_fullname; $names = explode(',', $_fullname); if (count($names) > 1) { $lastname = trim($names[0]); $firstname = trim($names[1]); } $data = array(); $data['phone_num'] = $_phone; $data['firstname'] = $firstname; $data['lastname'] = $lastname; $data['password'] = md5($password); $data['forget_password_question'] = '1'; $data['forget_password_answer'] = '(System Generated)'; $data['joined_on'] = $timestamp; $data['active'] = 'Y'; $data['like_newsletter'] = 'N'; $member = new Member($_email_addr); $member->setAdmin(true); if ($member->create($data) === false) { return false; } // send email out $mail_lines = file('../private/mail/member_sign_up_with_password.txt'); $message = ''; foreach ($mail_lines as $line) { $message .= $line; } $candidate_name = $data['lastname'] . ', ' . $data['firstname']; $message = str_replace('%candidate%', $candidate_name, $message); $message = str_replace('%password%', $password, $message); $message = str_replace('%protocol%', $GLOBALS['protocol'], $message); $message = str_replace('%root%', $GLOBALS['root'], $message); //$subject = '['. $_email_addr. '] New Membership from Yellow Elevator'; $subject = 'Recent correspondence with YellowElevator.com\'s recruitment consultant - ' . $candidate_name; $headers = 'From: YellowElevator.com <*****@*****.**>' . "\n"; if (!is_null($employee)) { $emp_email = $employee->getEmailAddress(); if ($emp_email !== false && !empty($emp_email)) { $headers .= 'Reply-To: ' . $emp_email . "\n"; } } $headers .= 'Cc: team.my@yellowelevator.com' . "\n"; mail($_email_addr, $subject, $message, $headers); //mail('*****@*****.**', $subject, $message, $headers); // $file_name = '/tmp/email_to_'. $_email_addr. '.txt'; // if (file_exists($file_name)) { // $file_name .= '.'. generate_random_string_of(6). '.txt'; // } // $handle = fopen($file_name, 'w'); // fwrite($handle, 'Header: '. $headers. "\n\n"); // fwrite($handle, 'Subject: '. $subject. "\n\n"); // fwrite($handle, $message); // fclose($handle); return true; }
public function savePhoto($_file_data) { $type = $_file_data['FILE']['type']; $size = $_file_data['FILE']['size']; $temp = $_file_data['FILE']['tmp_name']; $image_resolution = getimagesize($temp); $max_resolution = $GLOBALS['max_photo_resolution']; if ($image_resolution[0] > $max_resolution['width'] || $image_resolution[1] > $max_resolution['height']) { return false; } if ($size <= $GLOBALS['photo_size_limit'] && $size > 0) { $allowed_type = false; foreach ($GLOBALS['allowable_photo_types'] as $mime_type) { if ($type == $mime_type) { if ($this->hasPhoto()) { $query = "SELECT id, photo_hash FROM member_photos WHERE member = '" . $this->id . "' LIMIT 1"; $result = $this->mysqli->query($query); $file_name = $result[0]['id'] . "." . $result[0]['photo_hash']; if (move_uploaded_file($temp, $GLOBALS['photo_dir'] . "/" . $file_name)) { $query = "UPDATE member_photos SET \n photo_hash = '" . $result[0]['photo_hash'] . "',\n photo_type = '" . $type . "', \n approved = 'N' \n WHERE id = " . $result[0]['id']; return $this->mysqli->execute($query); } } else { $query = "INSERT INTO member_photos SET \n member = '" . $this->id . "',\n photo_hash = 'new', photo_type = 'new'"; if (($id = $this->mysqli->execute($query, true)) > 0) { $hash = generate_random_string_of(6); $new_name = $id . "." . $hash; if (move_uploaded_file($temp, $GLOBALS['photo_dir'] . "/" . $new_name)) { $query = "UPDATE member_photos SET \n photo_hash = '" . $hash . "',\n photo_type = '" . $type . "', \n approved = 'N' \n WHERE id = " . $id; return $this->mysqli->execute($query); } } } } } } return false; }
function generate_pdf_file($_contacts, $_cover_note, $_educations, $_experiences, $_skill, $_technical_skills, $_resume_id) { $hash = generate_random_string_of(6); $file = $_resume_id . '.' . $hash; $pdf = new ResumePdf(); $pdf->AliasNbPages(); $pdf->SetAuthor('YellowElevator.com Resume Generator. Terms of Use subjected.'); $pdf->SetTitle(htmlspecialchars_decode($_contacts['name']) . '\'s Resume'); $pdf->SetFontSize(10); $pdf->AddPage('P'); $pdf->SetDisplayMode('real', 'default'); $pdf->make_title(htmlspecialchars_decode($_contacts['name']) . '\'s Resume'); $pdf->Ln(); $pdf->make_title('Contacts'); $pdf->show_contacts($_contacts); $pdf->make_title('Work Experiences'); $pdf->show_experiences($_experiences); $pdf->make_title('Educations'); $pdf->show_educations($_educations); $pdf->make_title('General Skills'); $pdf->show_skills($_skills); $pdf->make_title('Technical/Computer/I.T. Skills'); $pdf->show_technical_skills($_technical_skills); $pdf->make_title('Cover Note'); $pdf->show_cover_note($_cover_note); $pdf->Close(); $pdf->Output($GLOBALS['path_to_copy'] . $file, 'F'); return $hash; }
public function uploadFile($_file_data, $_update = false) { if (!is_array($_file_data)) { return false; } if ($this->id == 0) { return false; } if ($_update) { $query = "SELECT file_hash FROM resumes WHERE id = " . $this->id . " LIMIT 1"; $result = $this->mysqli->query($query); $file = $GLOBALS['resume_dir'] . '/' . $this->id . '.' . $result[0]['file_hash']; @unlink($file); } $type = $_file_data['FILE']['type']; $size = $_file_data['FILE']['size']; $name = $_file_data['FILE']['name']; $temp = $_file_data['FILE']['tmp_name']; if ($size <= $GLOBALS['resume_size_limit'] && $size > 0) { $allowed_type = false; foreach ($GLOBALS['allowable_resume_types'] as $mime_type) { if ($type == $mime_type) { $allowed_type = true; $hash = generate_random_string_of(6); $new_name = $this->id . "." . $hash; if (move_uploaded_file($temp, $GLOBALS['resume_dir'] . "/" . $new_name)) { $query = "UPDATE resumes SET \n file_name = '" . basename($name) . "', \n file_hash = '" . $hash . "', \n file_size = '" . $size . "',\n file_type = '" . $type . "'"; if ($type == 'application/msword') { $query .= ", needs_indexing = TRUE"; } $query .= " WHERE id = " . $this->id; if ($this->mysqli->execute($query)) { //return true; $resume_text = ''; switch ($type) { case 'text/plain': $tmp = file_get_contents($GLOBALS['resume_dir'] . "/" . $new_name); $resume_text = sanitize($tmp); break; case 'text/html': $tmp = file_get_contents($GLOBALS['resume_dir'] . "/" . $new_name); $resume_text = sanitize(strip_tags($tmp)); break; case 'application/pdf': $cmd = "/usr/local/bin/pdftotext " . $GLOBALS['resume_dir'] . "/" . $new_name . " /tmp/" . $new_name; shell_exec($cmd); $tmp = file_get_contents('/tmp/' . $new_name); $resume_text = sanitize($tmp); if (!empty($tmp)) { unlink('/tmp/' . $new_name); } break; case 'application/msword': // $tmp = Resume::getTextFromMsword($GLOBALS['resume_dir']. "/". $new_name); // if (empty($tmp)) { // $tmp = Resume::getTextFromRTF($GLOBALS['resume_dir']. "/". $new_name); // } // $resume_text = sanitize($tmp); // break; return true; } if (!empty($resume_text)) { $keywords = preg_split("/[\\s,]+/", $resume_text); $resume_text = ''; foreach ($keywords as $i => $keyword) { $resume_text .= $keyword; if ($i < count($keywords) - 1) { $resume_text .= ' '; } } $query = "SELECT COUNT(*) AS is_exists FROM resume_index \n WHERE resume = " . $this->id . " AND member = '" . $this->member_id . "'"; $result = $this->mysqli->query($query); if ($result[0]['is_exists'] == '0') { $query = "INSERT INTO resume_index SET \n resume = " . $this->id . ", \n member = '" . $this->member_id . "', \n file_text = '" . $resume_text . "'"; } else { $query = "UPDATE resume_index SET file_text = '" . $resume_text . "' \n WHERE resume = " . $this->id . " AND \n member = '" . $this->member_id . "'"; } return $this->mysqli->execute($query); } } } } } } return false; }