/**
* Check an entire string
*
* @param string $words The string of words to check
* @return int 2 if blank, 1 if spelt incorrectly, 0 if correct
*/
function check_words($words)
{
if (empty($words) || $words == " ") {
return 2;
}
$result = 0;
$wordlist = explode(" ", remove_nonalpha($words));
foreach ($wordlist as $word) {
if (check_word($word) == 1) {
return 1;
}
}
return 0;
}
$_CFG['teacher_photo_dir'] = $_CFG['site_dir'] . "data/train_teachers/";
$_CFG['teacher_photo_dir_thumb'] = $_CFG['site_dir'] . "data/train_teachers/thumb/";
$_CFG['train_logo_dir'] = $_CFG['site_dir'] . "data/train_logo/";
$_CFG['train_logo_dir_thumb'] = $_CFG['site_dir'] . "data/train_logo/thumb/";
$_CFG['hunter_photo_dir'] = $_CFG['site_dir'] . "data/hunter/";
$_CFG['hunter_photo_dir_thumb'] = $_CFG['site_dir'] . "data/hunter/thumb/";
$_CFG['site_template'] = $_CFG['site_dir'] . 'templates/' . $_CFG['template_dir'];
$_CFG['site_shop_template'] = $_CFG['site_dir'] . 'templates/tpl_shop/default/';
$_CFG['site_campus_template'] = $_CFG['site_dir'] . 'templates/tpl_campus/default/';
$_CFG['site_evaluation_template'] = $_CFG['site_dir'] . 'templates/tpl_evaluation/default/';
$_CFG['site_hunter_template'] = $_CFG['site_dir'] . 'templates/tpl_hunter/default/';
$_CFG['subsite_id'] = 0;
subsiteinfo($_CFG);
if (defined('REQUEST_MOBILE')) {
mobile_subsiteinfo($_CFG);
}
// $_CFG['m_dir'] = strstr($_CFG['wap_domain'],'/m')===false?$_CFG['site_dir'].'/m';
$_CFG['site_template'] = $_CFG['site_dir'] . 'templates/' . $_CFG['template_dir'];
$mypage = $_PAGE[$alias];
$mypage['tag'] ? $page_select = $mypage['tag'] : '';
require_once QISHI_ROOT_PATH . 'include/tpl.inc.php';
if ($_CFG['isclose']) {
$smarty->assign('info', $_CFG['close_reason'] = $_CFG['close_reason'] ? $_CFG['close_reason'] : '站点暂时关闭...');
$smarty->display('warning.htm');
exit;
}
if ($_CFG['filter_ip'] && check_word($_CFG['filter_ip'], $online_ip)) {
$smarty->assign('info', $_CFG['filter_ip_tips']);
$smarty->display('warning.htm');
exit;
}
}
if ($hunter_profile['audit'] == "1") {
$_CFG['audit_verifyhunter_editjob'] != "-1" ? $setsqlarr['audit'] = intval($_CFG['audit_verifyhunter_editjob']) : '';
} else {
$_CFG['audit_unexaminedhunter_editjob'] != "-1" ? $setsqlarr['audit'] = intval($_CFG['audit_unexaminedhunter_editjob']) : '';
}
$setsqlarr['contact'] = !empty($_POST['contact']) ? trim($_POST['contact']) : showmsg('您没有填写联系人!', 1);
check_word($_CFG['filter'], $_POST['contact']) ? showmsg($_CFG['filter_tips'], 0) : '';
$setsqlarr['qq'] = trim($_POST['qq']);
check_word($_CFG['filter'], $_POST['qq']) ? showmsg($_CFG['filter_tips'], 0) : '';
$setsqlarr['telephone'] = !empty($_POST['telephone']) ? trim($_POST['telephone']) : showmsg('您没有填写联系电话!', 1);
check_word($_CFG['filter'], $_POST['telephone']) ? showmsg($_CFG['filter_tips'], 0) : '';
$setsqlarr['address'] = !empty($_POST['address']) ? trim($_POST['address']) : showmsg('您没有填写联系地址!', 1);
check_word($_CFG['filter'], $_POST['address']) ? showmsg($_CFG['filter_tips'], 0) : '';
$setsqlarr['email'] = !empty($_POST['email']) ? trim($_POST['email']) : showmsg('您没有填写联系邮箱!', 1);
check_word($_CFG['filter'], $_POST['email']) ? showmsg($_CFG['filter_tips'], 0) : '';
$setsqlarr['notify'] = intval($_POST['notify']);
$setsqlarr['contact_show'] = intval($_POST['contact_show']);
$setsqlarr['email_show'] = intval($_POST['email_show']);
$setsqlarr['telephone_show'] = intval($_POST['telephone_show']);
$setsqlarr['address_show'] = intval($_POST['address_show']);
$setsqlarr['qq_show'] = intval($_POST['qq_show']);
if (!$db->updatetable(table('hunter_jobs'), $setsqlarr, " id='{$id}' AND uid='{$_SESSION['uid']}' ")) {
showmsg("保存失败!", 0);
}
if ($_CFG['operation_hunter_mode'] == '1') {
if ($points_rule['hunter_hunterjobs_edit']['value'] > 0) {
report_deal($_SESSION['uid'], $points_rule['hunter_hunterjobs_edit']['type'], $points_rule['hunter_hunterjobs_edit']['value']);
$user_points = get_user_points($_SESSION['uid']);
$operator = $points_rule['hunter_hunterjobs_edit']['type'] == "1" ? "+" : "-";
write_memberslog($_SESSION['uid'], 3, 9201, $_SESSION['username'], "修改职位:<strong>{$setsqlarr['jobs_name']}</strong>,({$operator}{$points_rule['hunter_hunterjobs_edit']['value']}),(剩余:{$user_points})");
}
if ($days > 0) {
if (intval($_POST['olddeadline']) >= time()) {
$setsqlarr['deadline'] = intval($_POST['olddeadline']) + $days * (60 * 60 * 24);
} else {
$setsqlarr['deadline'] = strtotime("{$days} day");
}
} else {
$setsqlarr['deadline'] = intval($_POST['olddeadline']);
}
$setsqlarr['audit'] = intval($_POST['audit']);
$setsqlarr['display'] = intval($_POST['display']);
$setsqlarr['contact'] = !empty($_POST['contact']) ? trim($_POST['contact']) : adminmsg('您没有填写联系人!', 1);
$setsqlarr['qq'] = trim($_POST['qq']);
$setsqlarr['telephone'] = !empty($_POST['telephone']) ? trim($_POST['telephone']) : adminmsg('您没有填写联系电话!', 1);
check_word($_CFG['filter'], $_POST['telephone']) ? adminmsg($_CFG['filter_tips'], 0) : '';
$setsqlarr['address'] = !empty($_POST['address']) ? trim($_POST['address']) : adminmsg('您没有填写联系地址!', 1);
$setsqlarr['email'] = !empty($_POST['email']) ? trim($_POST['email']) : adminmsg('您没有填写联系邮箱!', 1);
$setsqlarr['notify'] = intval($_POST['notify']);
$setsqlarr['contact_show'] = intval($_POST['contact_show']);
$setsqlarr['email_show'] = intval($_POST['email_show']);
$setsqlarr['telephone_show'] = intval($_POST['telephone_show']);
$setsqlarr['address_show'] = intval($_POST['address_show']);
$setsqlarr['qq_show'] = intval($_POST['qq_show']);
$wheresql = " id='" . $id . "' ";
if (!$db->updatetable(table('hunter_jobs'), $setsqlarr, $wheresql)) {
adminmsg("保存失败!", 0);
}
write_log("修改猎头职位id为" . $id . "的职位", $_SESSION['admin_name'], 3);
$link[0]['text'] = "返回职位列表";
$link[0]['href'] = $_POST['url'];
//保存外发记录
$captcha = get_cache('captcha');
$postcaptcha = trim($_POST['postcaptcha']);
if ($captcha['verify_resume_outward'] == '1' && empty($postcaptcha)) {
showmsg("请填写验证码", 1);
}
if ($captcha['verify_resume_outward'] == '1' && strcasecmp($_SESSION['imageCaptcha_content'], $postcaptcha) != 0) {
showmsg("验证码错误", 1);
}
$setsqlarr['resume_id'] = intval($_POST['resume_id']) ? intval($_POST['resume_id']) : showmsg('请选择发送简历!', 1);
$setsqlarr['resume_title'] = trim($_POST['resume_title']) ? trim($_POST['resume_title']) : showmsg('请选择发送简历!', 1);
$setsqlarr['email'] = trim($_POST['email']) ? trim($_POST['email']) : showmsg('请填写邮箱地址!', 1);
$setsqlarr['companyname'] = trim($_POST['companyname']) ? trim($_POST['companyname']) : showmsg('请填写企业名称!', 1);
check_word($_CFG['filter'], $_POST['companyname']) ? showmsg($_CFG['filter_tips'], 0) : '';
$setsqlarr['jobs_name'] = trim($_POST['jobs_name']) ? trim($_POST['jobs_name']) : showmsg('请填写职位名称!', 1);
check_word($_CFG['filter'], $_POST['jobs_name']) ? showmsg($_CFG['filter_tips'], 0) : '';
//验证邮箱是否正确
$resume_tpl = get_outward_resumes_tpl($_SESSION['uid'], $setsqlarr['resume_id']);
$email = explode(';', $setsqlarr['email']);
foreach ($email as $key => $value) {
if (!preg_match("/^\\w+([-+.]\\w+)*@\\w+([-.]\\w+)*\\.\\w+([-.]\\w+)*\$/", $value)) {
showmsg('请正确填写邮箱地址!', 1);
}
$rst = smtp_mail($value, $setsqlarr['resume_title'], $resume_tpl);
if ($rst != '1') {
showmsg('此邮箱:{$value}发送失败!', 0);
}
}
$setsqlarr['uid'] = intval($_SESSION['uid']);
$setsqlarr['addtime'] = time();
//添加简历外发记录
$uid = intval($_SESSION['uid']);
$id = intval($_GET['id']);
$smarty->assign('news', $db->getone("select * from " . table('company_news') . " where uid='{$uid}' AND id ='{$id}' LIMIT 1"));
$smarty->assign('title', '修改公司新闻 - 会员中心 - ' . $_CFG['site_name']);
$smarty->display('member_company/company_news_edit.htm');
} elseif ($act == 'company_news_edit_save') {
if ($company_profile['audit'] == "1") {
$_CFG['audit_verifycom_editnews'] != "-1" ? $setsqlarr['audit'] = intval($_CFG['audit_verifycom_editnews']) : '';
} else {
$_CFG['audit_unexaminedcom_editnews'] != "-1" ? $setsqlarr['audit'] = intval($_CFG['audit_unexaminedcom_editnews']) : '';
}
$setsqlarr['title'] = !empty($_POST['title']) ? trim($_POST['title']) : showmsg('请填写标题!', 1);
check_word($_CFG['filter'], $_POST['title']) ? showmsg($_CFG['filter_tips'], 0) : '';
$setsqlarr['order'] = intval($_POST['order']);
$setsqlarr['content'] = !empty($_POST['content']) ? trim($_POST['content']) : showmsg('请填写内容', 1);
check_word($_CFG['filter'], $_POST['content']) ? showmsg($_CFG['filter_tips'], 0) : '';
$link[0]['text'] = "新闻列表";
$link[0]['href'] = '?act=company_news';
$uid = intval($_SESSION['uid']);
$id = intval($_POST['id']);
!$db->updatetable(table('company_news'), $setsqlarr, " uid='{$uid}' AND id='{$id}' ") ? showmsg("修改失败!", 0) : showmsg("修改成功!", 2, $link);
} elseif ($act == 'company_news_del') {
$id = !empty($_POST['id']) ? $_POST['id'] : $_GET['id'];
if (empty($id)) {
showmsg("你没有选择新闻!", 1);
}
if ($n = del_company_news($id, $_SESSION['uid'])) {
showmsg("删除成功!共删除 {$n} 行", 2);
} else {
showmsg("删除失败!", 0);
}
$setsqlarr['scale'] = trim($_POST['scale']) ? utf8_to_gbk(trim($_POST['scale'])) : exit('您选择公司规模!');
$setsqlarr['scale_cn'] = utf8_to_gbk(trim($_POST['scale_cn']));
$setsqlarr['registered'] = utf8_to_gbk(trim($_POST['registered']));
$setsqlarr['currency'] = utf8_to_gbk(trim($_POST['currency']));
$setsqlarr['address'] = trim($_POST['address']) ? utf8_to_gbk(trim($_POST['address'])) : exit('请填写通讯地址!');
check_word($_CFG['filter'], $setsqlarr['address']) ? exit($_CFG['filter_tips']) : '';
$setsqlarr['contact'] = trim($_POST['contact']) ? utf8_to_gbk(trim($_POST['contact'])) : exit('请填写联系人!');
check_word($_CFG['filter'], $setsqlarr['contact']) ? exit($_CFG['filter_tips']) : '';
$setsqlarr['telephone'] = trim($_POST['telephone']) ? utf8_to_gbk(trim($_POST['telephone'])) : exit('请填写联系电话!');
check_word($_CFG['filter'], $setsqlarr['telephone']) ? exit($_CFG['filter_tips']) : '';
$setsqlarr['email'] = trim($_POST['email']) ? utf8_to_gbk(trim($_POST['email'])) : exit('请填写联系邮箱!');
check_word($_CFG['filter'], $setsqlarr['email']) ? exit($_CFG['filter_tips']) : '';
$setsqlarr['website'] = utf8_to_gbk(trim($_POST['website']));
check_word($_CFG['filter'], $setsqlarr['website']) ? exit($_CFG['filter_tips']) : '';
$setsqlarr['contents'] = trim($_POST['contents']) ? utf8_to_gbk(trim($_POST['contents'])) : exit('请填写公司简介!');
check_word($_CFG['filter'], $setsqlarr['contents']) ? exit($_CFG['filter_tips']) : '';
$setsqlarr['yellowpages'] = intval($_POST['yellowpages']);
$setsqlarr['contact_show'] = intval($_POST['contact_show']);
$setsqlarr['email_show'] = intval($_POST['email_show']);
$setsqlarr['telephone_show'] = intval($_POST['telephone_show']);
$setsqlarr['address_show'] = intval($_POST['address_show']);
if ($_CFG['company_repeat'] == "0") {
$info = $db->getone("SELECT uid FROM " . table('company_profile') . " WHERE companyname ='{$setsqlarr['companyname']}' AND uid<>'{$_SESSION['uid']}' LIMIT 1");
if (!empty($info)) {
exit("{$setsqlarr['companyname']}已经存在,同公司信息不能重复注册");
}
}
if ($company_profile) {
$_CFG['audit_edit_com'] != "-1" ? $setsqlarr['audit'] = intval($_CFG['audit_edit_com']) : '';
if (updatetable(table('company_profile'), $setsqlarr, " uid='{$uid}'")) {
$jobarr['companyname'] = $setsqlarr['companyname'];
$setsqlarr['deadline'] = strtotime("" . intval($_CFG['company_add_days']) . " day");
$setsqlarr['key'] = $setsqlarr['jobs_name'] . $company_info['companyname'] . $setsqlarr['category_cn'] . $setsqlarr['district_cn'] . $setsqlarr['contents'];
require_once QISHI_ROOT_PATH . 'include/splitword.class.php';
$sp = new SPWord();
$setsqlarr['key'] = "{$setsqlarr['jobs_name']} {$company_info['companyname']} " . $sp->extracttag($setsqlarr['key']);
$setsqlarr['key'] = $sp->pad($setsqlarr['key']);
if ($company_info['audit'] == "1") {
$_CFG['audit_verifycom_editjob'] != "-1" ? $setsqlarr['audit'] = intval($_CFG['audit_verifycom_editjob']) : '';
} else {
$_CFG['audit_unexaminedcom_editjob'] != "-1" ? $setsqlarr['audit'] = intval($_CFG['audit_unexaminedcom_editjob']) : '';
}
$setsqlarr_contact['contact'] = !empty($_POST['contact']) ? trim($_POST['contact']) : exit('您没有填写联系人!');
$setsqlarr_contact['telephone'] = !empty($_POST['telephone']) ? trim($_POST['telephone']) : exit('您没有填写联系电话!');
$setsqlarr_contact['email'] = !empty($_POST['email']) ? trim($_POST['email']) : exit('您没有填写联系邮箱!');
$setsqlarr_contact['address'] = !empty($_POST['address']) ? trim($_POST['address']) : exit('您没有填写详细地址!');
check_word($_CFG['filter'], $_POST['telephone']) ? exit($_CFG['filter_tips']) : '';
$setsqlarr_contact['contact_show'] = 1;
$setsqlarr_contact['email_show'] = 1;
$setsqlarr_contact['telephone_show'] = 1;
$setsqlarr_contact['address_show'] = 1;
if (!$db->updatetable(table('jobs'), $setsqlarr, " id='{$id}' AND uid='{$_SESSION['uid']}' ")) {
exit("err");
}
if (!$db->updatetable(table('jobs_tmp'), $setsqlarr, " id='{$id}' AND uid='{$_SESSION['uid']}' ")) {
exit("err");
}
if (!$db->updatetable(table('jobs_contact'), $setsqlarr_contact, " pid='{$id}' ")) {
exit("err");
}
if ($add_mode == '1') {
if ($points_rule['jobs_edit']['value'] > 0) {
require_once 'incl/functions.php';
?>
<?php
if (isset($_POST['submit'])) {
//checks if a form named submit has been added
if (empty($_POST["word"])) {
echo "<h3>Word field blank</h3>";
if (empty($_POST["def"])) {
echo "<h3>Definition field blank</h3>";
if (empty($_POST["pos"])) {
echo "<h3>Part of Speech not selected</h3>";
}
}
} else {
if (!check_word($_POST['word'])) {
//checks the name part of the form to see if it already exists
add_word($_POST);
} else {
print "<div><h3>That word already exists in the DB</h3></div>";
}
}
}
?>
<title>Dictionary | The Front Page!</title>
<div class = "head">
<link rel="stylesheet" href="jquery/jquery-ui.min.css">
<script src="jquery/external/jquery/jquery.js"></script>
<script src="jquery/jquery-ui.min.js"></script>
function check_eval_magic($tplfile, &$content, &$i2, &$ret)
{
$i = $i2;
if (!check_word($content, $i, 'if', 1)) {
return 0;
}
if (!check_word($content, $i, '(')) {
return 0;
}
if (!check_word($content, $i, 'eval')) {
return 0;
}
if (!check_word($content, $i, '(')) {
return 0;
}
if (!check_word($content, $i, '__MAGIC__')) {
return 0;
}
if (!check_word($content, $i, ')')) {
return 0;
}
if (!check_word($content, $i, ')')) {
return 0;
}
if (!check_word($content, $i, 'return')) {
return 0;
}
if (!check_word($content, $i, '$___RET_VALUE')) {
return 0;
}
if (!check_word($content, $i, ';')) {
return 0;
}
$funcname = parse_get_funcname($content, $i2);
$i2 = $i;
$ret = get_magic_content(strtolower($funcname));
//测试
//统计函数调用个数
//$ret='global $___TEMP_CALLS_COUNT; $___TEMP_CALLS_COUNT[\''.$funcname.'\']=1; '.$ret;
$ret = str_replace("\n", ' ', $ret);
return 1;
}
<div align="center">
<div class="medium">
<?php
if ($search) {
echo '<table class="Tabella">';
echo '<tr><th class="Title" colspan="5">' . get_text('ModulesFound', 'Languages', $search) . '</th></tr>';
echo '<tr class="Spacer"><td colspan="5"></td></tr>';
echo '<tr>';
echo '<th class="Title">' . get_text('Module', 'Languages') . '</th>';
echo '<th class="Title">' . get_text('Variable', 'Languages') . '</th>';
echo '<th class="Title">' . get_text('Text', 'Languages') . '</th>';
echo '<th class="Title">' . get_text('FunctionS', 'Languages') . '</th>';
echo '<th class="Title">' . get_text('FunctionL', 'Languages') . '</th>';
echo '</tr>';
foreach (check_word($search) as $row) {
echo '<tr>';
echo '<td>' . $row[0] . '</td>';
echo '<td>' . $row[1] . '</td>';
echo '<td>' . preg_replace("#({$search})#sim", '<b style="color:red">\\1</b>', $row[2]) . '</td>';
echo '<td>get_text(\'' . $row[1] . '\'' . ($row[0] != 'Common' ? ', \'' . $row[0] . '\'' : '') . ')</td>';
echo '<td>get_text(\'' . $row[1] . '\', \'' . $row[0] . '\', (mixed) $var, [(bool) $translate])</td>';
echo '</tr>';
}
echo '</table>';
}
echo '<form method="GET" action="">';
echo '<table class="Tabella">';
echo '<tr>';
echo '<td class="Right" nowrap="nowrap">' . get_text('Search', 'Languages') . '</td>';
echo '<td width="100%">';
$setsqlarr['district_cn'] = trim($_POST['district_cn']);
$setsqlarr['classtype'] = !empty($_POST['classtype']) ? intval($_POST['classtype']) : adminmsg('请选择上课班制!', 1);
$setsqlarr['classtype_cn'] = trim($_POST['classtype_cn']);
$setsqlarr['teacher_id'] = !empty($_POST['teacher_id']) ? intval($_POST['teacher_id']) : adminmsg('请选择主讲人!', 1);
$setsqlarr['teacher_cn'] = trim($_POST['teacher_cn']);
$setsqlarr['starttime'] = intval(convert_datefm($_POST['starttime'], 2));
if (empty($setsqlarr['starttime'])) {
adminmsg('请填写开课时间!时间格式:YYYY-MM-DD', 1);
}
$setsqlarr['train_object'] = !empty($_POST['train_object']) ? trim($_POST['train_object']) : adminmsg('您没有填写授课对象!', 1);
$setsqlarr['train_certificate'] = !empty($_POST['train_certificate']) ? trim($_POST['train_certificate']) : '';
$setsqlarr['classhour'] = !empty($_POST['classhour']) ? intval($_POST['classhour']) : adminmsg('您没有填写授课学时!', 1);
$setsqlarr['train_expenses'] = !empty($_POST['train_expenses']) ? intval($_POST['train_expenses']) : adminmsg('您没有填写培训费用!', 1);
$setsqlarr['favour_expenses'] = !empty($_POST['favour_expenses']) ? intval($_POST['favour_expenses']) : adminmsg('您没有填写优惠价格!', 1);
$setsqlarr['contents'] = !empty($_POST['contents']) ? trim($_POST['contents']) : adminmsg('您没有填写课程描述!', 1);
check_word($_CFG['filter'], $_POST['contents']) ? adminmsg($_CFG['filter_tips'], 0) : '';
$setsqlarr['refreshtime'] = $timestamp;
$setsqlarr['key'] = $setsqlarr['course_name'] . $train_profile['trainname'] . $setsqlarr['teacher_cn'] . $setsqlarr['train_certificate'] . $setsqlarr['category_cn'] . $setsqlarr['district_cn'] . $setsqlarr['contents'];
require_once QISHI_ROOT_PATH . 'include/splitword.class.php';
$sp = new SPWord();
$setsqlarr['key'] = "{$setsqlarr['course_name']} {$train_profile['trainname']} {$setsqlarr['teacher_cn']} {$setsqlarr['train_certificate']} " . $sp->extracttag($setsqlarr['key']);
$setsqlarr['key'] = $sp->pad($setsqlarr['key']);
$setsqlarr['likekey'] = "{$setsqlarr['course_name']},{$train_profile['trainname']},{$setsqlarr['teacher_cn']},{$setsqlarr['train_certificate']}";
$days = intval($_POST['days']);
if ($days > 0 && intval($_POST['olddeadline']) - time() > 0) {
$setsqlarr['deadline'] = intval($_POST['olddeadline']) + $days * (60 * 60 * 24);
}
if ($days > 0 && intval($_POST['olddeadline']) - time() < 0) {
$setsqlarr['deadline'] = strtotime("" . $days . " day");
}
$setsqlarr_contact['contact'] = trim($_POST['contact']);
$setsqlarr['scale'] = trim($_POST['scale']) ? trim($_POST['scale']) : showmsg('您选择公司规模!', 1);
$setsqlarr['scale_cn'] = trim($_POST['scale_cn']);
$setsqlarr['registered'] = trim($_POST['registered']);
$setsqlarr['currency'] = trim($_POST['currency']);
$setsqlarr['address'] = trim($_POST['address']) ? trim($_POST['address']) : showmsg('请填写通讯地址!', 1);
check_word($_CFG['filter'], $setsqlarr['address']) ? showmsg($_CFG['filter_tips'], 1) : '';
$setsqlarr['contact'] = trim($_POST['contact']) ? trim($_POST['contact']) : showmsg('请填写联系人!', 1);
check_word($_CFG['filter'], $setsqlarr['contact']) ? showmsg($_CFG['filter_tips'], 1) : '';
$setsqlarr['telephone'] = trim($_POST['telephone']) ? trim($_POST['telephone']) : showmsg('请填写联系电话!', 1);
check_word($_CFG['filter'], $setsqlarr['telephone']) ? showmsg($_CFG['filter_tips'], 1) : '';
$setsqlarr['email'] = trim($_POST['email']) ? trim($_POST['email']) : showmsg('请填写联系邮箱!', 1);
check_word($_CFG['filter'], $setsqlarr['email']) ? showmsg($_CFG['filter_tips'], 1) : '';
$setsqlarr['website'] = trim($_POST['website']);
check_word($_CFG['filter'], $setsqlarr['website']) ? showmsg($_CFG['filter_tips'], 1) : '';
$setsqlarr['contents'] = trim($_POST['contents']) ? trim($_POST['contents']) : showmsg('请填写公司简介!', 1);
check_word($_CFG['filter'], $setsqlarr['contents']) ? showmsg($_CFG['filter_tips'], 1) : '';
$setsqlarr['contact_show'] = intval($_POST['contact_show']);
$setsqlarr['email_show'] = intval($_POST['email_show']);
$setsqlarr['telephone_show'] = intval($_POST['telephone_show']);
$setsqlarr['address_show'] = intval($_POST['address_show']);
if ($_CFG['company_repeat'] == "0") {
$info = $db->getone("SELECT uid FROM " . table('company_profile') . " WHERE companyname ='{$setsqlarr['companyname']}' AND uid<>'{$_SESSION['uid']}' LIMIT 1");
if (!empty($info)) {
showmsg("{$setsqlarr['companyname']}已经存在,同公司信息不能重复注册", 1);
}
}
if ($company_profile) {
$_CFG['audit_edit_com'] != "-1" ? $setsqlarr['audit'] = intval($_CFG['audit_edit_com']) : '';
if ($db->updatetable(table('company_profile'), $setsqlarr, " uid='{$uid}'")) {
$jobarr['companyname'] = $setsqlarr['companyname'];
$jobarr['trade'] = $setsqlarr['trade'];
}
$final = trim($_POST[$word]);
if (strlen($final) == 0) {
return false;
}
if (strpos($final, ' ') === false) {
return htmlspecialchars($final);
} else {
return false;
}
}
if (isset($_POST['words'])) {
// generic check whether all words were entered
$word1 = check_word("word1");
$word2 = check_word("word2");
$word3 = check_word("word3");
if ($word1 === false || $word2 === false || $word3 === false) {
$_SESSION['flash'] = "Nicht alle eingegebenen Wörter sind gültig.";
header("Location: index.php");
exit;
}
$author = htmlspecialchars(trim($_POST['author']));
if (strlen($author) == 0) {
$author = "Anonymous";
}
$sql_str = "INSERT INTO `words` (`word1`, `word2`, `word3`, `author`, `new`) VALUES ('" . $sql->real_escape_string($word1) . "', '" . $sql->real_escape_string($word2) . "', '" . $sql->real_escape_string($word3) . "', '" . $sql->real_escape_string($author) . "', 1);";
if (!$sql->query($sql_str)) {
$_SESSION['flash'] = "An error occurred: " . $sql->error;
header("Location: index.php");
exit;
}
$agency = utf8_to_gbk(trim($_POST['agency']));
$course = utf8_to_gbk(trim($_POST['course']));
$description = utf8_to_gbk(trim($_POST['description']));
$setsqlarr['agency'] = $agency ? $agency : exit("请填写培训机构!");
check_word($_CFG['filter'], $setsqlarr['agency']) ? exit($_CFG['filter_tips']) : '';
$setsqlarr['course'] = $course ? $course : exit("请填写培训课程!");
check_word($_CFG['filter'], $setsqlarr['course']) ? exit($_CFG['filter_tips']) : '';
if (trim($_POST['training_start_year']) == "" || trim($_POST['training_start_month']) == "" || trim($_POST['training_end_year']) == "" || trim($_POST['training_end_month']) == "") {
exit("请选择培训时间!");
}
$setsqlarr['startyear'] = intval($_POST['training_start_year']);
$setsqlarr['startmonth'] = intval($_POST['training_start_month']);
$setsqlarr['endyear'] = intval($_POST['training_end_year']);
$setsqlarr['endmonth'] = intval($_POST['training_end_month']);
$setsqlarr['description'] = $description ? $description : exit("请填写培训内容!");
check_word($_CFG['filter'], $setsqlarr['description']) ? exit($_CFG['filter_tips']) : '';
if ($id) {
updatetable(table("resume_training"), $setsqlarr, array("id" => $id));
exit("success");
} else {
$insert_id = inserttable(table("resume_training"), $setsqlarr, 1);
if ($insert_id) {
check_resume($_SESSION['uid'], intval($_REQUEST['pid']));
exit("success");
} else {
exit("err");
}
}
} elseif ($act == 'ajax_get_training_list') {
$pid = intval($_GET['pid']);
$uid = intval($_SESSION['uid']);
function check_eval_magic($tplfile, &$content, &$i2, &$ret)
{
$i = $i2;
if (!check_word($content, $i, 'if', 1)) {
return 0;
}
if (!check_word($content, $i, '(')) {
return 0;
}
if (!check_word($content, $i, 'eval')) {
return 0;
}
if (!check_word($content, $i, '(')) {
return 0;
}
if (!check_word($content, $i, '__MAGIC__')) {
return 0;
}
if (!check_word($content, $i, ')')) {
return 0;
}
if (!check_word($content, $i, ')')) {
return 0;
}
if (!check_word($content, $i, 'return')) {
return 0;
}
if (!check_word($content, $i, '$___RET_VALUE')) {
return 0;
}
if (!check_word($content, $i, ';')) {
return 0;
}
$funcname = parse_get_funcname($content, $i2);
$i2 = $i;
$ret = get_magic_content($funcname);
$ret = str_replace("\n", ' ', $ret);
return 1;
}
