function __construct($_member = '')
{
parent::__construct();
if (!empty($_member)) {
$this->member = desanitize($_member);
}
}
private function get_referred_jobs()
{
$criteria = array('columns' => "industries.industry, jobs.id, jobs.title, COUNT(referrals.id) AS num_referrals, \n DATE_FORMAT(jobs.expire_on, '%e %b, %Y') AS formatted_expire_on, \n jobs.description", 'joins' => 'jobs ON jobs.id = referrals.job,
industries ON industries.id = jobs.industry', 'match' => "jobs.employer = '" . $this->employer->getId() . "' AND \n need_approval = 'N' AND \n (referrals.referee_acknowledged_on IS NOT NULL AND referrals.referee_acknowledged_on <> '0000-00-00 00:00:00') AND \n (referrals.member_confirmed_on IS NOT NULL AND referrals.member_confirmed_on <> '0000-00-00 00:00:00') AND \n referrals.employer_removed_on IS NULL AND \n (referrals.replacement_authorized_on IS NULL OR referrals.replacement_authorized_on = '0000-00-00 00:00:00')", 'group' => 'referrals.job', 'order' => 'num_referrals DESC');
$referral = new Referral();
$result = $referral->find($criteria);
if ($result === false || is_null($result) || empty($result)) {
return false;
}
foreach ($result as $i => $row) {
$result[$i]['description'] = htmlspecialchars_decode(desanitize($row['description']));
$result[$i]['new_referrals_count'] = '0';
}
$criteria = array('columns' => 'jobs.id, COUNT(referrals.id) AS num_new_referrals', 'joins' => 'jobs ON jobs.id = referrals.job,
resumes ON resumes.id = referrals.resume', 'match' => "jobs.employer = '" . $this->employer->getId() . "' AND \n (resumes.deleted = 'N' AND resumes.private = 'N') AND \n (referrals.employer_agreed_terms_on IS NULL OR referrals.employer_agreed_terms_on = '0000-00-00 00:00:00') AND \n (referrals.referee_acknowledged_on IS NOT NULL AND referrals.referee_acknowledged_on <> '0000-00-00 00:00:00') AND \n (referrals.member_confirmed_on IS NOT NULL AND referrals.member_confirmed_on <> '0000-00-00 00:00:00') AND \n (referrals.employed_on IS NULL OR referrals.employed_on = '0000-00-00 00:00:00') AND \n referrals.employer_removed_on IS NULL AND \n (referrals.replacement_authorized_on IS NULL OR referrals.replacement_authorized_on = '0000-00-00 00:00:00')", 'group' => 'referrals.job');
$new_referrals = $referral->find($criteria);
if ($new_referrals === false) {
return false;
}
foreach ($new_referrals as $new_referral) {
foreach ($result as $i => $row) {
if ($row['id'] == $new_referral['id']) {
$result[$i]['new_referrals_count'] = $new_referral['num_new_referrals'];
break;
}
}
}
return $result;
}
public static function getSymbolFromCountryCode($_country_code)
{
$_country_code = strtoupper(trim(sanitize($_country_code)));
$query = "SELECT symbol FROM currencies WHERE country_code = '" . $_country_code . "' LIMIT 1";
$mysqli = Database::connect();
if ($result = $mysqli->query($query)) {
return trim(desanitize($result[0]['symbol']));
}
return "MYR";
}
function desanitize($_in = '', $_is_htmlize = false)
{
$out = '';
if (is_array($_in)) {
foreach ($_in as $key => $data) {
$_in[$key] = desanitize($data, $_is_htmlize);
}
$out = $_in;
} else {
$out = stripslashes($_in);
if ($_is_htmlize) {
$out = htmlspecialchars_decode($out);
}
}
return $out;
}
// }
// $i++;
// }
// }
//
// if (!$mysqli->execute($query)) {
// echo 'ko';
// exit();
// }
// }
$position = '- ' . $job['job'] . ' at ' . $job['employer'];
$lines = file(dirname(__FILE__) . '/../private/mail/privileged_member_referred.txt');
$message = '';
foreach ($lines as $line) {
$message .= $line;
}
$message = str_replace('%member_name%', htmlspecialchars_decode(desanitize($employee->get_name())), $message);
$message = str_replace('%member_email_addr%', $employee->email_address(), $message);
$message = str_replace('%protocol%', $GLOBALS['protocol'], $message);
$message = str_replace('%root%', $GLOBALS['root'], $message);
$message = str_replace('%position%', $position, $message);
$subject = htmlspecialchars_decode(desanitize($employee->get_name())) . " has screened and submitted your resume for the " . htmlspecialchars_decode($job['job']) . " position";
$headers = 'From: ' . str_replace(',', '', htmlspecialchars_decode(desanitize($employee->get_name()))) . ' <' . $employee->email_address() . '>' . "\n";
mail($_POST['referee'], $subject, $message, $headers);
// $handle = fopen('/tmp/ref_email_to_'. $_POST['referee']. '.txt', 'w');
// fwrite($handle, 'Subject: '. $subject. "\n\n");
// fwrite($handle, $message);
// fclose($handle);
echo '0';
exit;
}
function sql_fetchrow($sql_id = 0, $desanitize = false)
{
if (!$sql_id) {
$sql_id = $this->query_result;
}
if ($sql_id) {
$this->row[$sql_id] = @mysql_fetch_array($sql_id);
if ($this->row[$sql_id] != false) {
if ($desanitize) {
return desanitize($this->row[$sql_id]);
} else {
return $this->row[$sql_id];
}
} else {
return false;
}
} else {
return false;
}
}
if (isset($_POST['order_by'])) {
$order_by = $_POST['order_by'];
}
$mysqli = Database::connect();
$query = "SELECT members.email_addr, members.phone_num, members.added_by, \n CONCAT(members.firstname, ', ', members.lastname) AS candidate_name, \n DATE_FORMAT(members.joined_on, '%e %b, %Y') AS formatted_joined_on \n FROM candidate_email_manifests \n LEFT JOIN members ON members.email_addr = candidate_email_manifests.email_addr \n WHERE candidate_email_manifests.mailing_list = " . $_POST['id'] . " \n ORDER BY " . $order_by;
$result = $mysqli->query($query);
if (count($result) <= 0 || is_null($result)) {
echo '0';
exit;
}
if (!$result) {
echo 'ko';
exit;
}
foreach ($result as $i => $row) {
$result[$i]['candidate_name'] = htmlspecialchars_decode(html_entity_decode(stripslashes(desanitize($row['candidate_name']))));
}
$response = array('candidates' => array('candidate' => $result));
header('Content-type: text/xml');
echo $xml_dom->get_xml_from_array($response);
exit;
}
if ($_POST['action'] == 'remove_candidate') {
$mysqli = Database::connect();
$query = "DELETE FROM candidate_email_manifests \n WHERE mailing_list = " . $_POST['id'] . " AND \n email_addr = '" . $_POST['candidate'] . "'";
if ($mysqli->execute($query)) {
echo '0';
} else {
echo 'ko';
}
exit;
function emoticon($match, $state)
{
$this->formatter->output .= $this->emoticons[desanitize($match)];
return true;
}
public function show()
{
$this->begin();
$this->support($this->employer->getId());
$this->top('Company Profile');
$this->menu('employer', 'profile');
$branch = $this->employer->getAssociatedBranch();
$profile = desanitize($this->employer->get());
?>
<div id="div_status" class="status">
<span id="span_status" class="status"></span>
</div>
<div class="change_instructions">
Please <a href="mailto: sales.<?php
echo strtolower($branch[0]['country']);
?>
@yellowelevator.com">let us know</a> if either the Business Registration No., the Business Name, or both needs to be updated.
</div>
<div class="profile">
<form onSubmit="return false;">
<table class="profile_form">
<tr>
<td class="label">Company/Business Registration No.:</td>
<td class="field"><?php
echo $profile[0]['license_num'];
?>
</td>
</tr>
<tr>
<td class="label"><label for="name">Company/Business Name:</label></td>
<td class="field"><?php
echo $profile[0]['name'];
?>
</td>
</tr>
<tr>
<td class="title" colspan="2">Sign In Details</td>
</tr>
<tr>
<td class="label">User ID:</td>
<td class="field">
<?php
echo $profile[0]['id'];
?>
</td>
</tr>
<tr>
<td class="label"><label for="password">Password:</label></td>
<td class="field"><input type="password" id="password" value="" /></td>
</tr>
<tr>
<td class="label"><label for="password2">Password Again:</label></td>
<td class="field">
<input type="password" id="password2" value="" />
<input type="button" value="Save Password" onClick="save_password();" />
</td>
</tr>
<tr>
<td class="title" colspan="2">Contact Details<br/><span class="note">Fields marked with * indicates cannot be left empty.</span></td>
</tr>
<tr>
<td class="label"><label for="email">* HR Contact Emails:</label></td>
<td class="field">
<input type="text" id="email_addr" class="field" value="<?php
echo $profile[0]['email_addr'];
?>
" />
</td>
</tr>
<tr>
<td class="label"><label for="contact_person">* HR Contacts:</label></td>
<td class="field">
<input type="text" id="contact_person" class="field" value="<?php
echo $profile[0]['contact_person'];
?>
" />
</td>
</tr>
<tr>
<td class="label"><label for="phone_num">* HR Contact Numbers:</label></td>
<td class="field">
<input type="text" id="phone_num" class="field" value="<?php
echo $profile[0]['phone_num'];
?>
" />
</td>
</tr>
<tr>
<td class="label"><label for="fax_num">Fax Number:</label></td>
<td class="field">
<input type="text" id="fax_num" class="field" value="<?php
echo $profile[0]['fax_num'];
?>
" />
</td>
</tr>
<tr>
<td class="label"><label for="address">Mailing Address:</label></td>
<td class="field">
<textarea id="address"><?php
echo stripslashes($profile[0]['address']);
?>
</textarea>
</td>
</tr>
<tr>
<td class="label"><label for="state">State/Province:</label></td>
<td class="field">
<input type="text" id="state" class="field" value="<?php
echo $profile[0]['state'];
?>
" />
</td>
</tr>
<tr>
<td class="label"><label for="zip">* Zip/Postal Code:</label></td>
<td class="field">
<input type="text" id="zip" class="field" value="<?php
echo $profile[0]['zip'];
?>
" />
</td>
</tr>
<tr>
<td class="label"><label for="country">* Country:</label></td>
<td class="field">
<?php
echo $this->generate_countries($this->employer->getCountryCode());
?>
</td>
</tr>
<tr>
<td class="label"><label for="website_url">Web-site:</label></td>
<td class="field">
<input type="text" id="website_url" class="field" value="<?php
echo $profile[0]['website_url'];
?>
" />
</td>
</tr>
<tr>
<td class="label"><label for="about">Business Summary:</label></td>
<td class="field">
<textarea id="summary"><?php
echo stripslashes($profile[0]['about']);
?>
</textarea>
</td>
</tr>
<tr>
<td class="buttons_bar" colspan="2"><input type="button" onClick="save_profile();" value="Save & Update Contact Details" /></td>
</tr>
</table>
</form>
</div>
<?php
}
?>
& <?php
echo $this->esoTalk->user["name"];
?>
<br/><span class='label private'><?php
echo $language["labels"]["private"];
?>
</span></label> <div><a href='<?php
echo makeLink("search", "?q2=private+%2B+contributor:" . urlencode(desanitize($this->member["name"])));
?>
'><?php
printf($language["See the private conversations I've had"], $this->member["name"]);
?>
</a><br/>
<a href='<?php
echo makeLink("new", "?member=" . urlencode(desanitize($this->member["name"])));
?>
'><?php
printf($language["Start a private conversation"], $this->member["name"]);
?>
</a></div></li>
<?php
}
?>
</ul>
</div>
</div>
<?php
ksort($this->sections);
function sendEmail($to, $subject, $body)
{
global $config, $language;
if (!preg_match("/^[A-Z0-9._%-+]+@[A-Z0-9.-]+.[A-Z]{2,4}\$/i", $to)) {
return false;
}
return mail(sanitizeForHTTP($to), sanitizeForHTTP(desanitize($subject)), desanitize($body), "From: " . sanitizeForHTTP(desanitize($config["forumTitle"]) . " <{$config["emailFrom"]}>") . "\nContent-Type: text/plain; charset={$language["charset"]}; format=flowed");
}
protected function top_prs($page_title)
{
?>
<div class="top">
<table class="top">
<tr>
<td rowspan="3" class="logo">
<a href="<?php
echo $GLOBALS['protocol'] . '://' . $GLOBALS['root'];
?>
/index.php">
<img name="logo" src="<?php
echo $GLOBALS['protocol'] . '://' . $GLOBALS['root'];
?>
/common/images/logos/top.jpg" />
</a>
</td>
<td><div class="page_title"><?php
echo desanitize($page_title);
?>
</div></td>
</tr>
<tr>
<td>
<form method="post" action="<?php
echo $GLOBALS['protocol'] . '://' . $GLOBALS['root'];
?>
/prs/search_resume.php" onSubmit="return prs_verify_mini();">
<div class="mini_search">
<span id="mini_industry_drop_down"></span>
<input type="text" name="keywords" id="mini_keywords">
<input id="mini_search_button" type="submit" value="Search Resumes">
<!--input type="checkbox" name="use_exact" id="use_exact" value="1" /><label for="use_exact">Exact</label-->
<input type="radio" name="use_mode" id="or_mode" value="or" checked /><label for="or_mode">OR</label>
<input type="radio" name="use_mode" id="and_mode" value="and" /><label for="and_mode">AND</label>
</div>
</form>
</td>
</tr>
</table>
</div>
<?php
}
// } else {
// echo "ko";
// }
// exit();
// }
$total_results = $resume_search->total_results();
$current_page = '1';
if ($criteria['offset'] > 0) {
$current_page = ceil($criteria['offset'] / $criteria['limit']) + 1;
}
$result[0]['changed_country_code'] = 0;
if ($resume_search->country_code_changed()) {
$result[0]['changed_country_code'] = 1;
}
foreach ($result as $i => $row) {
$result[$i]['member'] = htmlspecialchars_decode(html_entity_decode(stripslashes(desanitize($row['member']))));
$result[$i]['total_results'] = $total_results;
$result[$i]['current_page'] = $current_page;
// if ($criteria['use_exact']) {
// $result[$i]['use_exact'] = '1';
// } else {
// $result[$i]['use_exact'] = '0';
// }
$result[$i]['use_mode'] = $criteria['use_mode'];
if (is_null($result[$i]['added_by']) || empty($result[$i]['added_by'])) {
$result[$i]['added_by'] = '-1';
}
if (is_null($result[$i]['zip']) || empty($result[$i]['zip'])) {
$result[$i]['zip'] = '0';
}
if (is_null($result[$i]['prime_industry']) || empty($result[$i]['prime_industry'])) {
}
// 1. Count the latest jobs
$query = "SELECT COUNT(jobs.id) AS job_count \n FROM jobs\n INNER JOIN employers ON employers.id = jobs.employer \n INNER JOIN branches ON branches.id = employers.branch \n WHERE jobs.created_on BETWEEN date_add(CURDATE(), INTERVAL -1 WEEK) AND CURDATE()";
$result = $mysqli->query($query);
$new_jobs_count = '(No new jobs this week.)';
if ($result[0]['job_count'] > 0) {
$new_jobs_count = $result[0]['job_count'];
}
// 2. List the new employers
$query = "SELECT employers.id, employers.name \n FROM employers \n INNER JOIN branches ON branches.id = employers.branch \n WHERE employers.joined_on BETWEEN DATE_ADD(CURDATE(), INTERVAL -1 WEEK) AND CURDATE() \n LIMIT 3";
$result = $mysqli->query($query);
$new_employers_list = '(No new employers this week.)';
if (!is_null($result) && !empty($result)) {
$new_employers_list = '<ul>' . "\n";
foreach ($result as $employer) {
$new_employers_list .= '<li><a href="%protocol%://%root%/search.php?industry=0&employer=' . $employer['id'] . '&keywords=">' . htmlspecialchars_decode(desanitize($employer['name'])) . '</a></li>' . "\n";
}
$new_employers_list .= '</ul>' . "\n";
}
// 3. List the top 5 most lucrative
$query = "SELECT jobs.id, jobs.title, employers.name AS employer, \n branches.currency, jobs.salary, jobs.salary_end, jobs.potential_reward\n FROM jobs \n INNER JOIN employers ON employers.id = jobs.employer \n INNER JOIN branches ON branches.id = employers.branch \n WHERE jobs.closed = 'N' AND jobs.expire_on > CURDATE() \n ORDER BY jobs.potential_reward DESC\n LIMIT 5";
$result = $mysqli->query($query);
$top_five_lucrative_jobs = '';
if (!is_null($result) && !empty($result)) {
$i = 1;
foreach ($result as $row) {
if ($i % 2 != 0) {
$top_five_lucrative_jobs .= '<tr bgcolor="#eeeeee">' . "\n";
} else {
$top_five_lucrative_jobs .= '<tr>' . "\n";
}
function doInstall()
{
// Make sure the base url has a trailing slash.
if (substr($_SESSION["install"]["baseURL"], -1) != "/") {
$_SESSION["install"]["baseURL"] .= "/";
}
global $config;
// Prepare the config settings
$config = array("mysqlHost" => desanitize($_SESSION["install"]["mysqlHost"]), "mysqlUser" => desanitize($_SESSION["install"]["mysqlUser"]), "mysqlPass" => desanitize($_SESSION["install"]["mysqlPass"]), "mysqlDB" => desanitize($_SESSION["install"]["mysqlDB"]), "tablePrefix" => desanitize($_SESSION["install"]["tablePrefix"]), "forumTitle" => $_SESSION["install"]["forumTitle"], "baseURL" => $_SESSION["install"]["baseURL"], "salt" => generateRandomString(rand(32, 64)), "emailFrom" => "do_not_reply@{$_SERVER["HTTP_HOST"]}", "cookieName" => preg_replace(array("/\\s+/", "/[^\\w]/"), array("_", ""), desanitize($_SESSION["install"]["forumTitle"])), "useFriendlyURLs" => !empty($_SESSION["install"]["friendlyURLs"]), "useModRewrite" => !empty($_SESSION["install"]["friendlyURLs"]) and function_exists("apache_get_modules") and in_array("mod_rewrite", apache_get_modules()));
$this->connect($config["mysqlHost"], $config["mysqlUser"], $config["mysqlPass"], $config["mysqlDB"]);
// Get the list of queries that we need to run and run them
include "queries.php";
foreach ($queries as $query) {
if (!$this->query($query)) {
return array(1 => "<code>" . sanitize($this->error()) . "</code><p><strong>The query that caused this error was</strong></p><pre>" . sanitize($query) . "</pre>");
}
}
// Write the config file
writeConfigFile("../config/config.php", '$config', $config);
// Write the versions.php file
include "../config.default.php";
writeConfigFile("../config/versions.php", '$versions', array("esoTalk" => ESOTALK_VERSION));
// Write a .htaccess file
if ($config["useModRewrite"]) {
$handle = fopen("../.htaccess", "w");
fwrite($handle, "# Generated by esoTalk\n<IfModule mod_rewrite.c>\nRewriteEngine On\nRewriteCond %{REQUEST_FILENAME} !-f\nRewriteRule ^(.*)\$ index.php/\$1 [QSA,L]\n</IfModule>");
fclose($handle);
}
// Write a robots.txt file
$handle = fopen("../robots.txt", "w");
fwrite($handle, "User-agent: *\nDisallow: /search/\nDisallow: /online/\nDisallow: /join/\nDisallow: /forgotPassword/\nDisallow: /conversation/new/\nSitemap: {$config["baseURL"]}sitemap.php");
fclose($handle);
// Prepare to log in the administrator
// This won't actually log them in due to different session names. But we do that later.
$_SESSION["user"] = array("memberId" => 1, "name" => $_SESSION["install"]["adminUser"], "account" => "Administrator", "color" => $color, "emailOnPrivateAdd" => false, "emailOnStar" => false, "language" => "English", "avatarAlignment" => "alternate", "avatarFormat" => "", "disableJSEffects" => false);
}
exit;
}
if ($_POST['action'] == 'get_testimony_from_buffer') {
$employee = new Employee($_POST['id']);
$branch = $employee->get_branch();
$member = 'team.' . strtolower($branch[0]['country_code']) . '@yellowelevator.com';
$query = "SELECT testimony FROM privileged_referral_buffers WHERE \n member = '" . $member . "' AND \n referee = '" . $_POST['referee'] . "' AND \n job = " . $_POST['job'];
$mysqli = Database::connect();
if ($result = $mysqli->query($query)) {
header('Content-type: text/xml');
echo $xml_dom->get_xml_from_array(array('testimony' => htmlspecialchars_decode(desanitize($result[0]['testimony']))));
exit;
}
echo "ko";
exit;
}
if ($_POST['action'] == 'get_recommender_name') {
$recommender = new Recommender($_POST['id']);
echo htmlspecialchars_decode(stripslashes(desanitize($recommender->get_name())));
exit;
}
if ($_POST['action'] == 'present_token') {
$mysqli = Database::connect();
$query = "INSERT INTO recommender_tokens SET \n `referral` = " . $_POST['referral'] . ", \n `recommender` = '" . $_POST['id'] . "', \n `presented_on` = '" . $_POST['date'] . "', \n `token` = '" . $_POST['token'] . "'";
if (!$mysqli->execute($query)) {
echo 'ko';
} else {
echo 'ok';
}
exit;
}
$xml_dom = new XMLDOM();
if (!isset($_POST['action'])) {
$use_sort = false;
$order_by = 'num_referred desc';
if (isset($_POST['order_by'])) {
$order_by = $_POST['order_by'];
}
$query = "SELECT employers.id, employers.name, \n (SELECT COUNT(id) FROM jobs \n WHERE employer = employers.id AND closed = 'N'\n ) AS num_open, \n (SELECT COUNT(referrals.id) \n FROM referrals \n LEFT JOIN jobs ON jobs.id = referrals.job\n WHERE (referrals.employed_on IS NULL OR referrals.employed_on = '0000-00-00 00:00:00') AND\n (referrals.employer_agreed_terms_on IS NULL OR referrals.employer_agreed_terms_on = '0000-00-00 00:00:00') AND\n (referrals.referee_acknowledged_on IS NOT NULL AND referrals.referee_acknowledged_on <> '0000-00-00 00:00:00') AND\n (referrals.member_confirmed_on IS NULL OR referrals.member_confirmed_on = '0000-00-00 00:00:00') AND \n jobs.employer = employers.id \n ) AS num_referred, \n (SELECT COUNT(referrals.id) \n FROM referrals \n LEFT JOIN jobs ON jobs.id = referrals.job\n WHERE (referrals.employed_on IS NULL OR referrals.employed_on = '0000-00-00 00:00:00') AND\n (referrals.employer_agreed_terms_on IS NULL OR referrals.employer_agreed_terms_on = '0000-00-00 00:00:00') AND\n (referrals.referee_acknowledged_on IS NOT NULL AND referrals.referee_acknowledged_on <> '0000-00-00 00:00:00') AND\n (referrals.member_confirmed_on IS NOT NULL AND referrals.member_confirmed_on <> '0000-00-00 00:00:00') AND \n jobs.employer = employers.id \n ) AS num_submitted, \n (SELECT COUNT(referrals.id) \n FROM referrals \n LEFT JOIN jobs ON jobs.id = referrals.job\n WHERE (referrals.employed_on IS NULL OR referrals.employed_on = '0000-00-00 00:00:00') AND\n (referrals.employer_agreed_terms_on IS NOT NULL AND referrals.employer_agreed_terms_on <> '0000-00-00 00:00:00') AND \n jobs.employer = employers.id \n ) AS num_kiv \n FROM employers \n LEFT JOIN employees ON employees.id = employers.registered_by \n WHERE employees.branch = " . $_SESSION['yel']['employee']['branch']['id'] . " \n ORDER BY " . $order_by;
$mysqli = Database::connect();
$result = $mysqli->query($query);
if (count($result) <= 0 || is_null($result)) {
echo '0';
exit;
}
foreach ($result as $i => $row) {
$result[$i]['name'] = htmlspecialchars_decode(desanitize($row['name']));
}
$xml_dom = new XMLDOM();
header('Content-type: text/xml');
echo $xml_dom->get_xml_from_array(array('employers' => array('employer' => $result)));
exit;
}
if ($_POST['action'] == 'get_jobs') {
$order_by = 'num_referred desc';
if (isset($_POST['order_by'])) {
$order_by = $_POST['order_by'];
}
$query = "SELECT jobs.id, industries.industry AS industry, jobs.title, jobs.closed, \n DATE_FORMAT(jobs.created_on, '%e %b, %Y') AS created_on, \n DATE_FORMAT(jobs.expire_on, '%e %b, %Y') AS expire_on, \n (SELECT COUNT(id) FROM referrals \n WHERE job = jobs.id AND \n (employed_on IS NULL OR employed_on = '0000-00-00 00:00:00') AND\n (employer_agreed_terms_on IS NULL OR employer_agreed_terms_on = '0000-00-00 00:00:00') AND\n (referee_acknowledged_on IS NOT NULL AND referee_acknowledged_on <> '0000-00-00 00:00:00') AND \n (member_confirmed_on IS NULL OR member_confirmed_on = '0000-00-00 00:00:00')\n ) AS num_referred,\n (SELECT COUNT(id) FROM referrals \n WHERE job = jobs.id AND \n (employed_on IS NULL OR employed_on = '0000-00-00 00:00:00') AND\n (employer_agreed_terms_on IS NULL OR employer_agreed_terms_on = '0000-00-00 00:00:00') AND\n (referee_acknowledged_on IS NOT NULL AND referee_acknowledged_on <> '0000-00-00 00:00:00') AND \n (member_confirmed_on IS NOT NULL AND member_confirmed_on <> '0000-00-00 00:00:00')\n ) AS num_submitted,\n (SELECT COUNT(id) FROM referrals\n WHERE job = jobs.id AND \n (employed_on IS NULL OR employed_on = '0000-00-00 00:00:00') AND\n (employer_agreed_terms_on IS NOT NULL AND employer_agreed_terms_on <> '0000-00-00 00:00:00') AND\n (referee_acknowledged_on IS NOT NULL AND referee_acknowledged_on <> '0000-00-00 00:00:00') \n ) AS num_kiv \n FROM jobs \n LEFT JOIN industries ON industries.id = jobs.industry \n WHERE jobs.employer = '" . $_POST['id'] . "' \n ORDER BY " . $order_by;
$mysqli = Database::connect();
$jobs = $mysqli->query($query);
$response = array('jobs' => array('job' => $jobs));
}
$industries = array();
foreach ($result as $row) {
$industries[] = array($row['industry']);
}
header('Content-type: text/xml');
echo $xml_dom->get_xml_from_array(array('industries' => array('industry' => $industries)));
exit;
}
if ($_POST['action'] == 'send_email_to_list') {
$message = sanitize($_POST['message']);
$subject = sanitize($_POST['subject']);
$recommender_email_addrs = explode(',', $_POST['emails']);
$mysqli = Database::connect();
$query = "SELECT email_addr, CONCAT(firstname, ' ', lastname) AS employee \n FROM employees WHERE id = " . $_POST['id'] . " LIMIT 1";
$result = $mysqli->query($query);
$headers = 'From: ' . $result[0]['employee'] . ' <' . $result[0]['email_addr'] . '>' . "\n";
foreach ($recommender_email_addrs as $recommender_email_addr) {
$recommender = new Recommender($recommender_email_addr);
$message = str_replace('%recommender%', htmlspecialchars_decode(desanitize($recommender->get_name())), $message);
$message = str_replace('%recommender_email_address%', $recommender->id(), $message);
mail($recommender->id(), $subject, $message, $headers);
// $handle = fopen('/tmp/email_to_'. $recommender->id(). '.txt', 'w');
// fwrite($handle, 'Subject: '. $subject. "\n\n");
// fwrite($handle, 'Header: '. $headers. "\n\n");
// fwrite($handle, $message);
// fclose($handle);
}
echo '0';
exit;
}
exit;
}
}
// 3. Send a notification
$mail_lines = file('../private/mail/member_reward.txt');
$message = '';
foreach ($mail_lines as $line) {
$message .= $line;
}
$message = str_replace('%member_name%', $member->getFullName(), $message);
$message = str_replace('%referee_name%', $candidate->getFullName(), $message);
$message = str_replace('%employer%', $employer->getName(), $message);
$message = str_replace('%job_title%', $job['title'], $message);
$message = str_replace('%protocol%', $GLOBALS['protocol'], $message);
$message = str_replace('%root%', $GLOBALS['root'], $message);
$subject = desanitize($candidate->getFullName()) . " was successfully employed!";
$headers = 'From: YellowElevator.com <*****@*****.**>' . "\n";
mail($member->getId(), $subject, $message, $headers);
echo 'ok';
exit;
}
if ($_POST['action'] == 'get_referrer_remarks') {
$referral_buffer = new ReferralBuffer($_POST['id']);
$record = $referral_buffer->get();
$remark = trim(htmlspecialchars_decode(stripslashes($record[0]['referrer_remarks'])));
$remark = str_replace('<br/>', "\n", $remark);
echo strip_tags($remark);
exit;
}
if ($_POST['action'] == 'save_referrer_remarks') {
$data = array();
public function show()
{
$this->begin();
$this->top_welcome();
$this->howitworks();
$employers = $this->get_employers();
$industries = $this->get_industries();
$countries = $this->get_countries();
$page = file_get_contents(dirname(__FILE__) . '/../../../html/welcome_page.html');
$page = str_replace('%root%', $this->url_root, $page);
$employers_options = '';
foreach ($employers as $emp) {
$employers_options .= '<option value="' . $emp['id'] . '">' . desanitize($emp['name']);
if ($emp['job_count'] > 0) {
$employers_options .= ' (' . $emp['job_count'] . ')';
}
$employers_options .= '</option>' . "\n";
}
$page = str_replace('<!-- %employers_options% -->', $employers_options, $page);
$industries_options = '';
foreach ($industries as $industry) {
$industries_options .= '<option value="' . $industry['id'] . '">' . $industry['industry'];
if ($industry['job_count'] > 0) {
$industries_options .= ' (' . $industry['job_count'] . ')';
}
$industries_options .= '</option>' . "\n";
}
$page = str_replace('<!-- %industries_options% -->', $industries_options, $page);
$countries_options = '';
foreach ($countries as $a_country) {
$countries_options .= '<option value="' . $a_country['country_code'] . '">' . $a_country['country'];
if ($a_country['job_count'] > 0) {
$countries_options .= ' (' . $a_country['job_count'] . ')';
}
$countries_options .= '</option>' . "\n";
}
$page = str_replace('<!-- %countries_options% -->', $countries_options, $page);
$page = str_replace('<!-- %top_jobs% -->', $this->generate_top_jobs(), $page);
echo $page;
}
public function show()
{
$this->begin();
$this->top_search("Profile");
$this->menu('member', 'profile');
$this->howitworks();
$profile = desanitize($this->member->get());
$bank = $this->member->getBankAccount();
if (empty($bank) || $bank === false) {
$bank[0]['id'] = 0;
$bank[0]['bank'] = '';
$bank[0]['account'] = '';
}
?>
<div id="div_status" class="status">
<span id="span_status" class="status"></span>
</div>
<div id="div_tabs">
<ul>
<li id="li_profile">Profile</li>
<li id="li_bank">Bank</li>
<li id="li_highlights">Highlights</li>
</ul>
</div>
<div id="profile" class="profile">
<form id="profile_form" method="post" onSubmit="return false;">
<!-- div class="profile_photo_area">
<div class="photo">
<?php
if ($this->member->hasPhoto()) {
?>
<img id="photo_image" class="photo_image" src="candidate_photo.php?id=<?php
echo $this->member->getId();
?>
" />
<?php
} else {
?>
<div style="text-align: center; margin: auto;">
Upload your photo here by clicking the "Upload Photo" button.
</div>
<?php
}
?>
</div>
<div class="upload_button">
<input type="button" value="Upload Photo" onClick="show_upload_photo_popup();" />
</div>
</div -->
<table class="profile_form">
<tr>
<td class="label">First Name / Given Names:</td>
<td class="field"><?php
echo $profile[0]['firstname'];
?>
</td>
</tr>
<tr>
<td class="label">Last Name / Surname:</td>
<td class="field"><?php
echo $profile[0]['lastname'];
?>
</td>
</tr>
<tr>
<td class="label">Nationality:</td>
<td class="field">
<?php
$this->generate_countries($profile[0]['citizenship'], 'citizenship');
?>
</td>
</tr>
<tr>
<td class="title" colspan="2">Sign In Details</td>
</tr>
<tr>
<td class="label">E-mail Address:</td>
<td class="field">
<input id="email_addr" type="hidden" value="<?php
echo $profile[0]['email_addr'];
?>
" />
<?php
echo $profile[0]['email_addr'];
?>
</td>
</tr>
<tr>
<td class="label"><label for="password">New Password:</label></td>
<td class="field"><input class="field" type="password" id="password" name="password" /></td>
</tr>
<tr>
<td class="label"><label for="password_confirm">Confirm New Password:</label></td>
<td class="field"><input class="field" type="password" id="password_confirm" name="password_confirm" /></td>
</tr>
<tr>
<td class="title" colspan="2">Contact Details</td>
</tr>
<tr>
<td class="label"><label for="phone_num">Telephone Number:</label></td>
<td class="field"><input class="field" type="text" id="phone_num" name="phone_num" value="<?php
echo $profile[0]['phone_num'];
?>
" maxlength="20" /></td>
</tr>
<tr>
<td class="label"><label for="address">Mailing Address:</label></td>
<td class="field"><textarea id="address" name="address"><?php
echo $profile[0]['address'];
?>
</textarea></td>
</tr>
<tr>
<td class="label"><label for="state">State/Province:</label></td>
<td class="field"><input class="field" type="text" id="state" name="state" value="<?php
echo $profile[0]['state'];
?>
" /></td>
</tr>
<tr>
<td class="label"><label for="zip">Zip/Postal Code:</label></td>
<td class="field"><input class="field" type="text" id="zip" name="zip" value="<?php
echo $profile[0]['zip'];
?>
" /></td>
</tr>
<tr>
<td class="label"><label for="country">Country:</label></td>
<td class="field">
<?php
$this->generate_countries($profile[0]['country']);
?>
</td>
</tr>
<!-- expertise -->
<!-- tr>
<td class="title" colspan="2">Top 3 Specializations</td>
</tr>
<tr>
<td class="specializations" colspan="2">
<div class="note">Please choose your top 3 industrial sector. We collect these information is to better understand the needs of our members.</div>
<?php
$this->generate_industries('industry');
?>
</td>
</tr -->
<!-- expertise -->
<tr>
<td colspan="2">
<div class="buttons buttons_left">
<a class="no_link" onClick="show_unsubscribe_popup();">Remove My Account</a>
</div>
<div class="buttons buttons_right">
<input type="button" id="save" value="Save & Update Profile" onClick="save_profile();" />
</div>
</td>
</tr>
</table>
</form>
</div>
<div id="bank" class="bank">
<input type="hidden" id="bank_id"value="<?php
echo $bank[0]['id'];
?>
" />
<table class="profile_form">
<tr>
<td class="title" colspan="2">Bank Account Information</td>
</tr>
<tr>
<td class="label"><label for="bank">Bank:</label></td>
<td class="field"><input class="field" type="text" id="bank_name" name="bank_name" value="<?php
echo $bank[0]['bank'];
?>
" /></td>
</tr>
<tr>
<td class="label"><label for="account">Account Number:</label></td>
<td class="field"><input class="field" type="text" id="account" name="account" value="<?php
echo $bank[0]['account'];
?>
" /></td>
</tr>
<tr>
<td colspan="2">
<div class="buttons buttons_right">
<input type="button" id="save" value="Save & Update Profile" onClick="save_bank();" />
</div>
</td>
</tr>
</table>
</div>
<div id="highlights" class="highlights">
<table class="profile_form">
<tr>
<td class="title" colspan="2">Weekly Highlights Preferences</td>
</tr>
<tr>
<td colspan="2" style="padding-left: 15px; padding-top: 15px; padding-bottom: 15px;">
<?php
if ($profile[0]['like_newsletter'] == 'Y') {
?>
<input type="checkbox" id="like_newsletter" name="like_newsletter" checked><?php
} else {
?>
<input type="checkbox" id="like_newsletter" name="like_newsletter"><?php
}
?>
<label for="like_newsletter">Get Weekly Highlights of Latest Jobs To Refer To Your Contacts</label>
<br/>
<?php
if ($profile[0]['like_newsletter'] == 'Y') {
if ($profile[0]['filter_jobs'] == 'Y') {
?>
<input type="checkbox" id="filter_jobs" name="filter_jobs" checked><?php
} else {
?>
<input type="checkbox" id="filter_jobs" name="filter_jobs"><?php
}
} else {
?>
<input type="checkbox" id="filter_jobs" name="filter_jobs" disabled><?php
}
?>
<label for="filter_jobs">Filter Weekly Highlights to Only my Primary and Secondary Specilizations</label>
</td>
</tr>
<tr>
<td colspan="2">
<div class="buttons buttons_right">
<input type="button" id="save" value="Save & Update Profile" onClick="save_highlights();" />
</div>
</td>
</tr>
</table>
</div>
<!-- popup windows go here -->
<div id="upload_photo_window" class="popup_window">
<div class="popup_window_title">Upload Photo</div>
<form id="upload_photo_form" action="profile_action.php" method="post" enctype="multipart/form-data" onSubmit="return close_upload_photo_popup(true);">
<div class="upload_photo_form">
<br/>
<input type="hidden" name="id" value="<?php
echo $this->member->getId();
?>
" />
<input type="hidden" name="action" value="upload" />
<div id="upload_progress" style="text-align: center; width: 99%; margin: auto;">
Please wait while your photo is being uploaded... <br/><br/>
<img src="<?php
echo $GLOBALS['protocol'];
?>
://<?php
echo $GLOBALS['root'];
?>
/common/images/progress/circle_big.gif" /><br/><br/>
NOTE: To Safari/Chrome (WebKit) on Mac OS X users, the mentioned browsers have a problem uploading any file through this page. Please try Firefox to upload your resume.
</div>
<div id="upload_field" class="upload_field">
<input id="my_file" name="my_file" type="file" />
<div style="font-size: 9pt; margin-top: 15px;">
<ol>
<li>Only GIF (*.gif), JPEG (*.jpg, *.jpeg), Portable Network Graphics (*.png), TIFF (*.tiff) or Bitmap (*.bmp) with the file size of less than 150KB are allowed.</li>
<li>Maximum photo resolution is 200 (width) x 220 (height) pixels.</li>
<li>You can update your photo by uploading a new one.</li>
</ol>
</div>
</div>
</div>
<div class="popup_window_buttons_bar">
<input type="submit" value="Upload Photo" />
<input type="button" value="Close" onClick="close_upload_photo_popup(false);" />
</div>
</form>
</div>
<div id="unsubscribe_window" class="popup_window">
<div class="popup_window_title">Remove My Account</div>
<div class="unsubscribe_form">
<form onSubmit="return false;">
<label for="reason">Please tell us briefly why do you decide to unsubscribe from Yellow Elevator?</label>
<textarea id="reason" name="reason"></textarea>
</form>
</div>
<div class="popup_window_buttons_bar">
<input type="button" value="Unsubscribe" onClick="close_unsubscribe_popup(true);" />
<input type="button" value="Cancel" onClick="close_unsubscribe_popup(false);" />
</div>
</div>
<?php
}
$message = str_replace('%referee_name%', $referee->get_name(), $message);
$message = str_replace('%employer%', $employer->get_name(), $message);
$message = str_replace('%job_title%', $job_title, $message);
$message = str_replace('%protocol%', $GLOBALS['protocol'], $message);
$message = str_replace('%root%', $GLOBALS['root'], $message);
$subject = desanitize($referee->get_name()) . " was successfully employed!";
$headers = 'From: YellowElevator.com <*****@*****.**>' . "\n";
mail($member->id(), $subject, $message, $headers);
echo "ok";
exit;
}
if ($_POST['action'] == 'save_remarks') {
if (!empty($_POST['remarks'])) {
$query = "UPDATE referrals \n SET employer_remarks = '" . sanitize($_POST['remarks']) . "' \n WHERE id = " . $_POST['id'];
$mysqli = Database::connect();
$mysqli->execute($query);
}
exit;
}
if ($_POST['action'] == 'get_remark') {
$mysqli = Database::connect();
$query = "SELECT jobs.title, CONCAT(members.firstname, ', ', members.lastname) AS candidate, \n referrals.employer_remarks AS remark \n FROM referrals \n INNER JOIN jobs ON jobs.id = referrals.job \n INNER JOIN members ON members.email_addr = referrals.referee \n WHERE referrals.id = " . $_POST['id'] . " LIMIT 1";
$result = $mysqli->query($query);
$result[0]['remark'] = htmlspecialchars_decode(desanitize($result[0]['remark']));
$result[0]['job_title'] = htmlspecialchars_decode(desanitize($result[0]['title']));
$result[0]['candidate'] = htmlspecialchars_decode(desanitize($result[0]['candidate']));
$response = array('referrals' => array('referral' => $result));
header('Content-type: text/xml');
echo $xml_dom->get_xml_from_array($response);
exit;
}
$data['cover_note'] = $_POST['cover_note'];
if (!$resume->update($data)) {
echo "ko";
exit;
}
header('Content-type: text/xml');
$response['resume']['id'] = $resume->id();
echo $xml_dom->get_xml_from_array($response);
}
exit;
}
if ($_POST['action'] == 'get_work_experiences') {
$resume = new Resume($_POST['member'], $_POST['id']);
$work_experiences = $resume->get_work_experiences();
foreach ($work_experiences as $i => $row) {
$work_experiences[$i]['description'] = desanitize($row['description']);
}
$response = array('resume' => array('work_experiences' => $work_experiences));
header('Content-type: text/xml');
echo $xml_dom->get_xml_from_array($response);
exit;
}
if ($_POST['action'] == 'delete_work_experience') {
if (!isset($_POST['experience']) || is_null($_POST['experience']) || empty($_POST['experience'])) {
echo "ko";
exit;
}
$resume = new Resume($_POST['member'], $_POST['id']);
if (!$resume->delete_work_experience($_POST['experience'])) {
echo "ko";
exit;
exit;
}
if (is_null($result) || empty($result)) {
echo '0';
exit;
}
$response = array('jobs' => array('job' => $result));
header('Content-type: text/xml');
echo $xml_dom->get_xml_from_array($response);
exit;
}
if ($_POST['action'] == 'get_job_desc') {
$job = new Job();
$criteria = array('columns' => "jobs.title, jobs.state, jobs.salary, jobs.salary_end, jobs.salary_negotiable, \n industries.industry, jobs.description, jobs.contact_carbon_copy, \n jobs.alternate_employer, \n DATE_FORMAT(expire_on, '%e %b, %Y') AS formatted_expire_on, \n IFNULL(DATE_FORMAT(MIN(job_extensions.previously_created_on), '%e %b, %Y'), DATE_FORMAT(jobs.created_on, '%e %b, %Y')) AS formatted_created_on", 'joins' => "industries ON industries.id = jobs.industry, \n job_extensions ON job_extensions.job = jobs.id", 'match' => "jobs.id = " . $_POST['id']);
$result = $job->find($criteria);
foreach ($result[0] as $key => $value) {
if ($key == 'description') {
$result[0][$key] = htmlspecialchars_decode(desanitize($value));
}
if ($key == 'salary' || $key == 'salary_end') {
$result[0][$key] = number_format($value, 2, '.', ',');
if (is_null($value) || empty($value) || $value <= 0) {
$result[0][$key] = null;
}
}
}
$response = array('job' => $result[0]);
header('Content-type: text/xml');
echo $xml_dom->get_xml_from_array($response);
exit;
}
if (isset($_POST['request']) || isset($_POST['referral_id'])) {
$query = "SELECT employers.like_instant_notification, employers.email_addr, \n employers.name AS employer_name, jobs.title AS job_title, \n jobs.contact_carbon_copy \n FROM referrals \n LEFT JOIN jobs ON jobs.id = referrals.job \n LEFT JOIN employers ON employers.id = jobs.employer \n WHERE referrals.id = " . $referral_id . " LIMIT 1";
$result = $mysqli->query($query);
if ($result[0]['like_instant_notification'] == '1') {
$employer = $result[0]['employer_name'];
$job = $result[0]['job_title'];
$lines = file(dirname(__FILE__) . '/../private/mail/employer_new_referral.txt');
$message = '';
foreach ($lines as $line) {
$message .= $line;
}
$message = str_replace('%company%', desanitize($employer), $message);
$message = str_replace('%job%', desanitize($job), $message);
$message = str_replace('%protocol%', $GLOBALS['protocol'], $message);
$message = str_replace('%root%', $GLOBALS['root'], $message);
$subject = "New application for " . desanitize($job) . " position";
$headers = 'From: YellowElevator.com <*****@*****.**>' . "\n";
if (!empty($result[0]['contact_carbon_copy']) && !is_null($result[0]['contact_carbon_copy'])) {
$headers .= 'Cc: ' . $result[0]['contact_carbon_copy'] . "\n";
}
mail($result[0]['email_addr'], $subject, $message, $headers);
/*$handle = fopen('/tmp/email_to_'. $result[0]['email_addr']. '.txt', 'w');
fwrite($handle, 'Subject: '. $subject. "\n\n");
fwrite($handle, 'Headers: '. $headers. "\n\n");
fwrite($handle, $message);
fclose($handle);*/
}
}
if (isset($_POST['testimony'])) {
if ($member->is_IRC()) {
$query = "SELECT DISTINCT country FROM branches";
$i = 0;
foreach ($employer['jobs'] as $id => $job_title) {
$positions .= '- [' . $id . '] ' . $job_title;
if ($i < count($employers['jobs']) - 1) {
$positions .= "\n";
}
$i++;
}
// prepare and send email
$headers = 'From: YellowElevator.com <*****@*****.**>' . "\n";
if (array_key_exists('contact_carbon_copy', $employer)) {
$headers .= 'Cc: ' . $employer['contact_carbon_copy'] . "\n";
}
$message = '';
foreach ($lines as $line) {
$message .= $line;
}
$message = str_replace('%company%', desanitize($employer['name']), $message);
$message = str_replace('%positions%', desanitize($positions), $message);
$message = str_replace('%protocol%', $GLOBALS['protocol'], $message);
$message = str_replace('%root%', $GLOBALS['root'], $message);
mail($email_addr, $subject, $message, $headers);
// $handle = fopen('/tmp/email_to_'. $email_addr. '.txt', 'w');
// fwrite($handle, 'Subject: '. $subject. "\n\n");
// fwrite($handle, $message);
// fclose($handle);
}
}
}
}
redirect_to('login.php?signed_up=activated');
}
$tmp = explode('/', $GLOBALS['root']);
$is_test_site = false;
foreach ($tmp as $t) {
if ($t == 'yel') {
$is_test_site = true;
break;
}
}
// Tweet about this job, if it is new
if ($new_id > 0 && !$is_test_site) {
$query = "SELECT name FROM employers WHERE id = '" . $_POST['employer'] . "' LIMIT 1";
$result = $mysqli->query($query);
$employer = $result[0]['name'];
$url = $GLOBALS['protocol'] . '://' . $GLOBALS['root'] . '/job/' . $new_id;
$status = $data['title'] . ' (' . desanitize($employer) . ') - ' . $url;
$twitter_username = '******';
$twitter_password = '******';
$tweetUrl = 'http://www.twitter.com/statuses/update.xml';
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $tweetUrl);
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 2);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, "status=" . $status);
curl_setopt($curl, CURLOPT_USERPWD, $twitter_username . ':' . $twitter_password);
$result = curl_exec($curl);
// Don't bother to check because if Twitter fails, it doesn't matter.
//$resultArray = curl_getinfo($curl);
//if ($resultArray['http_code'] != 200) {
// echo 'ko';
// Echo the gambits alphabetically
ksort($this->gambitCloud);
foreach ($this->gambitCloud as $k => $v) {
echo "<a href='" . makeLink("search", "?q2=" . urlencode(desanitize((!empty($_SESSION["search"]) ? "{$_SESSION["search"]} + " : "") . $k))) . "' class='{$v}'>" . str_replace(" ", " ", $k) . "</a> ";
}
?>
</p>
</div>
<?php
include $this->esoTalk->skin->getView("searchForm.inc.php");
?>
<div id='searchResults'>
<?php
include $this->esoTalk->skin->getView("searchResults.inc.php");
?>
</div>
<script type='text/javascript'>
Search.currentSearch = '<?php
if (isset($_SESSION["search"])) {
echo addslashes(desanitize($_SESSION["search"]));
}
?>
';
Search.init();
</script>
$query = "UPDATE member_referees SET\n approved = 'Y' \n WHERE id = " . $referee_id . "; \n INSERT INTO member_referees SET \n member = '" . $branch_email . "', \n referee = '" . $member->id() . "', \n referred_on = NOW(), \n approved = 'Y'";
$mysqli->transact($query);
}
$lines = file(dirname(__FILE__) . '/private/mail/candidate_refer_request.txt');
$message = '';
foreach ($lines as $line) {
$message .= $line;
}
$message = str_replace('%member_name%', htmlspecialchars_decode(desanitize($member->get_name())), $message);
$message = str_replace('%member_email_addr%', $member->id(), $message);
$message = str_replace('%branch_email_addr%', $branch_email, $message);
$message = str_replace('%protocol%', $GLOBALS['protocol'], $message);
$message = str_replace('%root%', $GLOBALS['root'], $message);
$message = str_replace('%job%', htmlspecialchars_decode($job_title), $message);
$message = str_replace('%employer%', htmlspecialchars_decode(desanitize($employer_name)), $message);
$subject = htmlspecialchars_decode(desanitize($member->get_name())) . " needs to be referred to a job!";
$headers = 'From: YellowElevator.com <*****@*****.**>' . "\n";
mail($branch_email, $subject, $message, $headers);
// $handle = fopen('/tmp/email_to_'. $branch_email. '.txt', 'w');
// fwrite($handle, 'Subject: '. $subject. "\n\n");
// fwrite($handle, $message);
// fclose($handle);
}
}
} else {
$has_errors['referral_requests_create'] = true;
}
}
}
}
echo count($has_errors) > 0 ? 'ko' : 'ok';
function Search()
{
if (isset($_POST["search"])) {
redirect("search", "?q2=" . urlencode(desanitize($_POST["search"])));
}
}