/** * admin routing * * @since 1.2.1 * @deprecated 2.0.0 * * @package Redaxscript * @category Admin * @author Henry Ruhs */ function admin_routing() { /* call last update */ if (FIRST_PARAMETER == 'admin' && ADMIN_PARAMETER == '' || ADMIN_PARAMETER == 'view' && TABLE_PARAMETER == 'users' || UPDATE == '') { admin_last_update(); } /* validate routing */ switch (true) { case ADMIN_PARAMETER && in_array(ADMIN_PARAMETER, array('new', 'view', 'edit', 'up', 'down', 'sort', 'publish', 'unpublish', 'enable', 'disable', 'install', 'uninstall', 'delete', 'process', 'update')) == '': case ADMIN_PARAMETER == 'process' && $_POST['new'] == '' && $_POST['edit'] == '': case ADMIN_PARAMETER == 'update' && $_POST['update'] == '': case ADMIN_PARAMETER && in_array(TABLE_PARAMETER, array('categories', 'articles', 'extras', 'comments', 'groups', 'users', 'modules', 'settings')) == '': case ALIAS_PARAMETER == '' && (ADMIN_PARAMETER == 'install' || ADMIN_PARAMETER == 'uninstall'): case ID_PARAMETER == '' && in_array(ADMIN_PARAMETER, array('edit', 'up', 'down', 'publish', 'unpublish', 'enable', 'disable')) && TABLE_PARAMETER != 'settings': case is_numeric(ID_PARAMETER) && retrieve('id', TABLE_PARAMETER, 'id', ID_PARAMETER) == '': notification(l('something_wrong'), '', l('back'), 'admin'); return; } /* define access variables */ if (ADMIN_PARAMETER && TABLE_PARAMETER) { if (TABLE_PARAMETER == 'modules') { $install = MODULES_INSTALL; $uninstall = MODULES_UNINSTALL; } else { if (TABLE_PARAMETER != 'settings') { $new = TABLE_NEW; if (TABLE_PARAMETER == 'comments') { $articles_total = query_total('articles'); $articles_comments_disable = query_total('articles', 'comments', 0); if ($articles_total == $articles_comments_disable) { $new = 0; } } $delete = TABLE_DELETE; } } $edit = TABLE_EDIT; } if ($edit == 1 || $delete == 1) { $accessValidator = new Redaxscript\Validator\Access(); $access = retrieve('access', TABLE_PARAMETER, 'id', ID_PARAMETER); $check_access = $accessValidator->validate($access, MY_GROUPS); } /* validate access */ switch (true) { case ADMIN_PARAMETER == 'new' && $new == 0: case ADMIN_PARAMETER == 'view' && in_array(TABLE_PARAMETER, array('categories', 'articles', 'extras', 'comments', 'groups', 'users')) && $new == 0 && $edit == 0 && $delete == 0: case ADMIN_PARAMETER == 'view' && TABLE_PARAMETER == 'settings': case ADMIN_PARAMETER == 'view' && TABLE_PARAMETER == 'modules' && $edit == 0 && $install == 0 && $uninstall == 0: case ADMIN_PARAMETER == 'edit' && $edit == 0 && USERS_EXCEPTION == 0: case in_array(ADMIN_PARAMETER, array('up', 'down', 'sort', 'publish', 'unpublish', 'enable', 'disable')) && $edit == 0: case ADMIN_PARAMETER == 'install' && $install == 0: case ADMIN_PARAMETER == 'uninstall' && $uninstall == 0: case ADMIN_PARAMETER == 'delete' && $delete == 0 && USERS_EXCEPTION == 0: case ADMIN_PARAMETER == 'process' && $_POST['new'] && $new == 0: case ADMIN_PARAMETER == 'process' && $_POST['edit'] && $edit == 0 && USERS_EXCEPTION == 0: case ADMIN_PARAMETER == 'update' && $edit == 0: case ID_PARAMETER == 1 && (ADMIN_PARAMETER == 'disable' || ADMIN_PARAMETER == 'delete') && (TABLE_PARAMETER == 'groups' || TABLE_PARAMETER == 'users'): case is_numeric(ID_PARAMETER) && TABLE_PARAMETER && $check_access == 0 && USERS_EXCEPTION == 0: notification(l('error_occurred'), l('access_no'), l('back'), 'admin'); return; } /* check token */ if (in_array(ADMIN_PARAMETER, array('up', 'down', 'sort', 'publish', 'unpublish', 'enable', 'disable', 'install', 'uninstall', 'delete')) && TOKEN_PARAMETER == '') { notification(l('error_occurred'), l('access_no'), l('back'), 'admin'); return; } /* admin routing */ if (FIRST_PARAMETER == 'admin' && ADMIN_PARAMETER == '') { admin_notification(); contents(); } switch (ADMIN_PARAMETER) { case 'new': if (in_array(TABLE_PARAMETER, array('categories', 'articles', 'extras', 'comments'))) { admin_contents_form(); } if (in_array(TABLE_PARAMETER, array('groups', 'users'))) { call_user_func('admin_' . TABLE_PARAMETER . '_form'); } return; case 'view': if (in_array(TABLE_PARAMETER, array('categories', 'articles', 'extras', 'comments'))) { admin_contents_list(); } if (in_array(TABLE_PARAMETER, array('groups', 'users', 'modules'))) { call_user_func('admin_' . TABLE_PARAMETER . '_list'); } return; case 'edit': if (in_array(TABLE_PARAMETER, array('categories', 'articles', 'extras', 'comments'))) { admin_contents_form(); } if (in_array(TABLE_PARAMETER, array('groups', 'users', 'modules', 'settings'))) { call_user_func('admin_' . TABLE_PARAMETER . '_form'); } return; case 'up': case 'down': admin_move(); return; case 'sort': admin_sort(); return; case 'publish': case 'enable': admin_status(1); return; case 'unpublish': case 'disable': admin_status(0); return; case 'install': case 'uninstall': admin_install(); return; case 'delete': case 'process': case 'update': call_user_func('admin_' . ADMIN_PARAMETER); return; } }
function process_applicant_form() { $nonce = $_POST['wp_nonce']; if (!wp_verify_nonce($nonce, 'the_best_jobpost_security_nonce')) { die('Not Working'); } /* Initialixing Variables */ $error = NULL; $error_assignment = NULL; if (strlen($_FILES['applicant_resume']['name']) > 3) { $uploadfiles = $_FILES['applicant_resume']; if (is_array($uploadfiles)) { $upload_dir = wp_upload_dir(); $assignment_upload_size = 200; $time = !empty($_SERVER['REQUEST_TIME']) ? $_SERVER['REQUEST_TIME'] : time() + get_option('gmt_offset') * 3600; // Fallback of now $post_type = 'jobpost'; $date = explode(" ", date('Y m d H i s', $time)); $timestamp = strtotime(date('Y m d H i s')); if ($post_type) { $upload_dir = array('path' => WP_CONTENT_DIR . '/uploads/' . $post_type . '/' . $date[0], 'url' => WP_CONTENT_URL . '/uploads/' . $post_type . '/' . $date[0], 'subdir' => '', 'basedir' => WP_CONTENT_DIR . '/uploads', 'baseurl' => WP_CONTENT_URL . '/uploads', 'error' => false); } if (!is_dir($upload_dir['path'])) { wp_mkdir_p($upload_dir['path']); } $var_cp_assigment_type = 'png'; $uploadfiles = array('name' => $_FILES['applicant_resume']['name'], 'type' => $_FILES['applicant_resume']['type'], 'tmp_name' => $_FILES['applicant_resume']['tmp_name'], 'error' => $_FILES['applicant_resume']['error'], 'size' => $_FILES['applicant_resume']['size']); // look only for uploded files if ($uploadfiles['error'] == 0) { $filetmp = $uploadfiles['tmp_name']; $filename = $uploadfiles['name']; $filesize = $uploadfiles['size']; $max_upload_size = $assignment_upload_size * 1048576; //Multiply by KBs if ($max_upload_size < $filesize) { $assignment_error[] = 'Maximum upload File size allowed ' . $assignment_upload_size . 'MB'; $error_assignment = 1; } $file_type_match = 0; $var_cp_assigment_type_array = array(); if ($var_cp_assigment_type) { $var_cp_assigment_type_array = explode(',', $var_cp_assigment_type); } // get file info // @fixme: wp checks the file extension.... $filetype = wp_check_filetype(basename($filename), NULL); $filetitle = preg_replace('/\\.[^.]+$/', '', basename($filename)); $filename = $filetitle . $timestamp . '.' . $filetype['ext']; /** * Check if the filename already exist in the directory & rename * the file if necessary */ $i = 0; while (file_exists($upload_dir['path'] . '/' . $filename)) { $filename = $filetitle . $timestamp . '_' . $i . '.' . $filetype['ext']; $i++; } $filedest = $upload_dir['path'] . '/' . $filename; // Check write permissions if (!is_writeable($upload_dir['path'])) { $assignment_error[] = 'Unable to write to directory %s. Is this directory writable by the server?'; $error_assignment = 1; } //Save Temporary File to Uploads Dir if ($error_assignment != 1) { if (!@move_uploaded_file($filetmp, $filedest)) { $assignment_error[] = 'Error, the file $filetmp could not moved to : $filedest'; $error_assignment = 1; } $url = $upload_dir['url']; $path = $upload_dir['path']; $newupload = $upload_dir['url'] . '/' . $filename; $uploadpath = $upload_dir['path'] . '/' . $filename; } } } } if ($error_assignment == 1) { $errors = '<div style="padding:15px;background-color: #f2dede;">'; foreach ($assignment_error as $error_value) { $errors .= '<p>' . esc_html__($error_value, 'EDULMS') . '</p>'; } $errors .= '</div>'; $json['message'] = $errors; $json['error'] = 1; echo json_encode($json); die; } $args = array('post_type' => 'jobpost_applicants', 'post_content' => '', 'post_parent' => $_POST['job_id'], 'post_title' => get_the_title($_POST['job_id']), 'post_status' => 'publish'); $pid = wp_insert_post($args); $resume_name = $pid . '_' . $filename; $resume_url = $url . '/' . $resume_name; $resume_path = $path . '/' . $resume_name; rename($uploadpath, $resume_path); foreach ($_POST as $key => $val) { if (substr($key, 0, 7) == 'jobapp_') { add_post_meta($pid, $key, $val); } if (!empty($newupload)) { add_post_meta($pid, 'resume', $resume_url); } } add_post_meta($pid, 'resume_path', $resume_path); if ($pid > 0) { $response = json_encode(array('success' => TRUE)); } else { $response = json_encode(array('success' => FALSE)); } // generate the response. if ($error) { $response = json_encode(array('success' => FALSE, 'error' => $error)); } // generate the response with error message. // response output header("Content-Type: application/json"); echo $response; // Admin Notification if ('yes' === get_option('job_board_admin_notification')) { admin_notification($pid); } // HR Notification if ('yes' === get_option('job_board_hr_notification') && '' != get_option('settings_hr_email')) { hr_notification($pid); } // Applicant Notification if ('yes' === get_option('job_board_applicant_notification')) { applicant_notification($pid); } exit; }