Esempio n. 1
0
function AddData($conn)
{
    global $x_jobid, $user;
    $sFilter = ewSqlKeyWhere;
    // Check for duplicate key
    $bCheckKey = true;
    if (@$x_jobid == "" || is_null(@$x_jobid)) {
        $bCheckKey = false;
    } else {
        $sFilter = str_replace("@jobid", AdjustSql($x_jobid), $sFilter);
        // Replace key value
    }
    if ($bCheckKey) {
        $sSqlChk = ewBuildSql(ewSqlSelect, ewSqlWhere, ewSqlGroupBy, ewSqlHaving, ewSqlOrderBy, $sFilter, "");
        $rsChk = phpmkr_query($sSqlChk, $conn) or die("Failed to execute query at line " . __LINE__ . ": " . phpmkr_error($conn) . '<br>SQL: ' . $sSqlChk);
        if (phpmkr_num_rows($rsChk) > 0) {
            $_SESSION[ewSessionMessage] = "Duplicate value for primary key";
            phpmkr_free_result($rsChk);
            return false;
        }
        phpmkr_free_result($rsChk);
    }
    // Field onlineuser_onlineuserid
    $fieldList["`onlineuser_onlineuserid`"] = $user->onlineuserId;
    // Field job_status
    $fieldList["`job_status`"] = " 'active'";
    // Field expiry
    $fieldList["`dt_expire`"] = "'" . expiryDate() . "'";
    // Field position
    $theValue = !get_magic_quotes_gpc() ? addslashes($GLOBALS["x_position"]) : $GLOBALS["x_position"];
    $theValue = $theValue != "" ? " '" . $theValue . "'" : "NULL";
    $fieldList["`position`"] = $theValue;
    // Field overview
    $theValue = !get_magic_quotes_gpc() ? addslashes($GLOBALS["x_overview"]) : $GLOBALS["x_overview"];
    $theValue = $theValue != "" ? " '" . $theValue . "'" : "NULL";
    $fieldList["`overview`"] = $theValue;
    // Field salary
    $theValue = $GLOBALS["x_salary"] != "" ? intval($GLOBALS["x_salary"]) : "NULL";
    $fieldList["`salary`"] = $theValue;
    // Field bonus
    $theValue = !get_magic_quotes_gpc() ? addslashes($GLOBALS["x_bonus"]) : $GLOBALS["x_bonus"];
    $theValue = $theValue != "" ? " '" . $theValue . "'" : "NULL";
    $fieldList["`bonus`"] = $theValue;
    // Field benifits
    $theValue = !get_magic_quotes_gpc() ? addslashes($GLOBALS["x_benifits"]) : $GLOBALS["x_benifits"];
    $theValue = $theValue != "" ? " '" . $theValue . "'" : "NULL";
    $fieldList["`benifits`"] = $theValue;
    // Field location
    $theValue = !get_magic_quotes_gpc() ? addslashes($GLOBALS["x_location"]) : $GLOBALS["x_location"];
    $theValue = $theValue != "" ? " '" . $theValue . "'" : "NULL";
    $fieldList["`location`"] = $theValue;
    // Field company
    $theValue = !get_magic_quotes_gpc() ? addslashes($GLOBALS["x_company"]) : $GLOBALS["x_company"];
    $theValue = $theValue != "" ? " '" . $theValue . "'" : "NULL";
    $fieldList["`company`"] = $theValue;
    // Field profile
    $theValue = !get_magic_quotes_gpc() ? addslashes($GLOBALS["x_profile"]) : $GLOBALS["x_profile"];
    $theValue = $theValue != "" ? " '" . $theValue . "'" : "NULL";
    $fieldList["`profile`"] = $theValue;
    // Field contact_email
    $theValue = !get_magic_quotes_gpc() ? addslashes($GLOBALS["x_contact_email"]) : $GLOBALS["x_contact_email"];
    $theValue = $theValue != "" ? " '" . $theValue . "'" : "NULL";
    $fieldList["`contact_email`"] = $theValue;
    // Field link
    $theValue = !get_magic_quotes_gpc() ? addslashes($GLOBALS["x_link"]) : $GLOBALS["x_link"];
    $theValue = $theValue != "" ? " '" . $theValue . "'" : "NULL";
    $fieldList["`link`"] = $theValue;
    // Inserting event
    if (Recordset_Inserting($fieldList)) {
        // Insert
        $sSql = "INSERT INTO `job` (";
        $sSql .= implode(",", array_keys($fieldList));
        $sSql .= ") VALUES (";
        $sSql .= implode(",", array_values($fieldList));
        $sSql .= ")";
        phpmkr_query($sSql, $conn) or die("Failed to execute query at line " . __LINE__ . ": " . phpmkr_error($conn) . '<br>SQL: ' . $sSql);
        $result = phpmkr_affected_rows($conn) > 0;
        // Inserted event
        if ($result) {
            Recordset_Inserted($fieldList);
        }
    } else {
        $result = false;
    }
    return $result;
}
    $id = intval($_POST["id"]);
}
if ($id > 0) {
    $isNew = 0;
    $supplier = $supplier->Get($id);
    //check to see user has access to modify this object
    $user->canAccess($supplier);
} else {
    //new object
    $isNew = 1;
    $supplier->onlineuser_onlineuserid = $user->onlineuserId;
    //default link
    $supplier->link = "http://";
    //free for now
    $supplier->supplier_status = 'active';
    $supplier->dt_expire = expiryDate();
}
//check if form is being submitted
if ((bool) $_POST["submitting"]) {
    $isNew = $_POST["isNew"];
    $supplier->logo = $_POST["currentFilename"];
    $supplier->name = $_POST["name"];
    $supplier->description = $_POST["description"];
    $supplier->link = $_POST["link"];
    $supplier->tel = $_POST["tel"];
    $supplier->supplier_category_id = (int) $_POST["category"];
    $tempFilename = $_FILES["logo"]["tmp_name"];
    if ($tempFilename != "") {
        $supplier->logo = generateFilename($user->onlineuserId, $_FILES["logo"]["name"]);
        move_uploaded_file($tempFilename, "logos/{$supplier->logo}");
    }
Esempio n. 3
0
<?php

require "common_user.php";
require "top.php";
$class = stripslashes($_GET["type"]);
$id = (int) $_GET["id"];
$newExpiryDate = expiryDate();
if ($class == "gold_membership" || $class == "platinum_membership") {
    $newExpiryDate = expiryYear();
}
if ($class == "Job") {
    $db = new DatabaseConnection();
    $db->Query("update job set job_status = 'active', dt_expire='{$newExpiryDate}' where onlineuser_onlineuserid={$user->onlineuserId} and jobid={$id}");
} else {
    $object = new $class();
    $object = $object->Get($id);
    if (isSuperUser(false) || $user->canAccess($object)) {
        /* no point check this, where if an object is live or not  are determined by status and expiry date
        	  $expires=strtotime($object->dt_expire);
        	  if (date("U") > $expires){
        		// at this point the advert has already expired
        		// maybe redirect to a pay now link ?
        		exit;
        	  }
        	  */
        $status = $class . "_status";
        $object->{$status} = "active";
        $object->dt_expire = $newExpiryDate;
        $object->Save();
    } else {
        // this user is not allowed to access this resource