function JB_get_num_premium_posts_remaining($employer_id) { $sql = "SELECT * FROM employers where ID='" . jb_escape_sql($employer_id) . "'"; $result = JB_mysql_query($sql) or die(mysql_error()); $row = mysql_fetch_array($result, MYSQL_ASSOC); if (JB_is_privileged_user($employer_id, 'premium')) { return -1; } $posts = $row['premium_posts_balance']; if (JB_SUBSCRIPTION_FEE_ENABLED == 'YES') { // get the latest subscription $subscr_row = jb_get_active_subscription_invoice($employer_id); // add the posts allowed by the subscription if ($subscr_row['can_post_premium'] == 'Y') { if ($subscr_row['p_posts_quota'] < 1) { return -1; // can post unlimited premium posts. } // add the posts allowed by the subscription if ($subscr_row) { $posts = $posts + ($subscr_row['p_posts_quota'] - $subscr_row['p_posts_quota_tally']); } } } return $posts; }
function get_resume_view_flags($user_id, $resume_id) { $user_id = (int) $user_id; $resume_id = (int) $resume_id; $CAN_VIEW_RESUMES = false; // can the user view the resumes? boolean $OVER_QUOTA = false; // is the user over their quote for resume views? boolean $FIRST_POST = false; // does the user need to post first? boolean $NOT_VALIDATED = false; if ($user_id) { if (JB_SUBSCRIPTION_FEE_ENABLED == 'NO') { // free resume access? $CAN_VIEW_RESUMES = true; if (JB_EM_NEEDS_ACTIVATION == 'NO_RESUME') { // Must be validated to view resumes? employers who are not validated cannot view resumes $sql = "SELECT * from employers where ID='" . jb_escape_sql($user_id) . "'"; $result = JB_mysql_query($sql) or die(mysql_error()); $row = mysql_fetch_array($result, MYSQL_ASSOC); if ($row['Validated'] == '1') { $CAN_VIEW_RESUMES = true; } else { $CAN_VIEW_RESUMES = false; $NOT_VALIDATED = true; } } elseif (JB_EM_NEEDS_ACTIVATION == 'FIRST_POST') { // must post a job before viewing the resumes for free? $sql = "SELECT post_id from posts_table where user_id='" . jb_escape_sql($user_id) . "'"; $result = JB_mysql_query($sql) or die(mysql_error()); if (mysql_num_rows($result) > 0) { $CAN_VIEW_RESUMES = true; } else { $NOT_VALIDATED = false; // not validated until they can post $CAN_VIEW_RESUMES = false; $FIRST_POST = true; } } } else { // subscriptions enabled // check if subscription is active $subscr_row = jb_get_active_subscription_invoice($user_id); if ($subscr_row['can_view_resumes'] == 'Y') { // active subscription // - V_QUOTA is the views_quota column from `employers` table // - If ($user_id==true) then it means that user clicked to view the resume. if ($subscr_row['V_QUOTA'] > -1 && $user_id == true) { // is a quota imposed? if ($subscr_row['V_QUOTA'] - $subscr_row['views_quota_tally'] > 0) { $enough_quota = TRUE; } if ($enough_quota == false) { // inc $enough_quota is false which means we are over quota $CAN_VIEW_RESUMES = false; $OVER_QUOTA = true; } else { // There is quota remaining $CAN_VIEW_RESUMES = true; // get the quota message ready $views_stat_label = $label['employer_resume_view_stat']; $views_stat_label = str_replace("%TALLY%", $subscr_row['views_quota_tally'] + 1, $views_stat_label); $views_stat_label = str_replace("%QUOTA%", $subscr_row['V_QUOTA'], $views_stat_label); } } else { // views_quota is either -1 or not viewing the resume $CAN_VIEW_RESUMES = true; // no quota } } else { // special situations for when the user is not subscribed. // but is still can view resumes $CAN_VIEW_RESUMES = JB_is_privileged_user($user_id, 'resume'); if (JB_FIELD_BLOCK_SWITCH == "YES") { $CAN_VIEW_RESUMES = true; // Can view but some fields will be blocked } } } } else { // user id (of viewer) not given if (JB_FIELD_BLOCK_SWITCH == "YES") { $CAN_VIEW_RESUMES = true; // Can view but some fields will be blocked } } return array($CAN_VIEW_RESUMES, $OVER_QUOTA, $FIRST_POST, $NOT_VALIDATED); }
function JB_validate_post_data($insert_mode = 'EMPLOYER') { global $label; $error = ''; $errors = array(); /* Only check for credits if posted by employer */ if ($insert_mode == 'EMPLOYER' && $_REQUEST['post_id'] == false) { $sql = "select * from employers where ID='" . jb_escape_sql($_SESSION['JB_ID']) . "'"; $result = JB_mysql_query($sql) or die(mysql_error()); $row = mysql_fetch_array($result, MYSQL_ASSOC); $_PRIVILEGED_USER = JB_is_privileged_user($_SESSION['JB_ID'], $_REQUEST['post_mode']); if ($_REQUEST['type'] != 'premium') { if (JB_POSTING_FEE_ENABLED == 'YES' && !$_PRIVILEGED_USER) { // check standard credits $posts = JB_get_num_posts_remaining($_SESSION['JB_ID']); if ($posts < 1 && $posts != -1) { $errors[] = $label['post_no_credits']; return $errors; } } } else { if (JB_PREMIUM_POSTING_FEE_ENABLED == 'YES' && !$_PRIVILEGED_USER) { // check standard credits $p_posts = JB_get_num_premium_posts_remaining($_SESSION['JB_ID']); if ($p_posts < 1 && $p_posts != -1) { $errors[] = $label['post_no_credits']; return $errors; } } } } if ($insert_mode != 'EMPLOYER') { $_PRIVILEGED_USER = true; } // Make sure they are numeric if ($_REQUEST['post_id'] != '') { if (!is_numeric($_REQUEST['post_id'])) { return 'Invalid Input!'; } } if ($_REQUEST['user_id'] != '') { if (!is_numeric($_REQUEST['user_id'])) { return 'Invalid Input!'; } } if ($_REQUEST['pin_x'] != '') { if (!is_numeric($_REQUEST['pin_x'])) { return 'Invalid Input!'; } } if ($_REQUEST['pin_y'] != '') { if (!is_numeric($_REQUEST['pin_y'])) { return 'Invalid Input!'; } } // app_type and app_url if ($_REQUEST['app_type'] == 'R') { // check the url. $_REQUEST['app_url'] = trim($_REQUEST['app_url']); $_REQUEST['app_url'] = JB_clean_str($_REQUEST['app_url']); if ($_REQUEST['app_url'] == false) { $errors[] = $label['post_save_app_url_blank']; } elseif (strpos($_REQUEST['app_url'], 'http://') === false && strpos($_REQUEST['app_url'], 'https://') === false) { $errors[] = $label['post_save_app_url_bad']; } } // clean any undesired input, leave nothing to chance $_REQUEST['post_date'] = JB_clean_str($_REQUEST['post_date']); $_REQUEST['post_mode'] = JB_clean_str($_REQUEST['post_mode']); $_REQUEST['approved'] = JB_clean_str($_REQUEST['approved']); $_REQUEST['expired'] = JB_clean_str($_REQUEST['expired']); $error = ''; JBPLUG_do_callback('validate_post_data', $error); // deprecated, use validate_post_data_array if ($error) { $list = explode('<br>', $error); foreach ($list as $item) { $errors[] = $item; } } JBPLUG_do_callback('validate_post_data_array', $errors); // added in 3.6.6 //append errors $errors = $errors + JB_validate_form_data(1); return $errors; }
$now = gmdate("Y-m-d H:i:s"); $sql = "SELECT count(*) as MYCOUNT from posts_table WHERE user_id='" . jb_escape_sql($_SESSION['JB_ID']) . "' AND `post_mode`='free' AND expired='N' "; $result = JB_mysql_query($sql) or die(mysql_error()); $row = mysql_fetch_array($result, MYSQL_ASSOC); $posts_remain = JB_FREE_POST_LIMIT_MAX - $row['MYCOUNT']; $label["post_iframe_remainmax"] = str_replace('%POSTS_REMAIN%', $posts_remain, $label["post_iframe_remainmax"]); $label["post_iframe_remainmax"] = str_replace('%JB_FREE_POST_LIMIT_MAX%', JB_FREE_POST_LIMIT_MAX, $label["post_iframe_remainmax"]); $posts_remain_label = $label["post_iframe_remainmax"]; } else { $posts_remain = 100; // some really big number $posts_remain_label = $label["post_iframe_ulimitedfree"]; } } $_PRIVILEGED_USER = false; $_PRIVILEGED_USER = JB_is_privileged_user($_SESSION['JB_ID'], $_REQUEST['type']); if ($_PRIVILEGED_USER) { $posts_remain_label = ""; // clear the label } // NOW print the form, or information if ($posts_remain > 0 || $posts_remain == -1 || $_PRIVILEGED_USER) { echo "<p>"; if ($_REQUEST['repost_id'] != '') { echo "<h3>" . $label["post_iframe_reposthead"] . "</h3>"; echo $label["post_iframe_repostdesc"]; } else { echo $label["post_new_intro"]; } echo "</p> "; echo $posts_remain_label;