private function onDeleteAttachment() { if ($this->_accessLevel < ACCESS_LEVEL_DELETE) { $this->listByView('Invalid user level for action.'); return; } /* Bail out if we don't have a valid attachment ID. */ if (!$this->isRequiredIDValid('attachmentID', $_GET)) { CommonErrors::fatalModal(COMMONERROR_BADINDEX, $this, 'Invalid attachment ID.'); } /* Bail out if we don't have a valid joborder ID. */ if (!$this->isRequiredIDValid('companyID', $_GET)) { CommonErrors::fatalModal(COMMONERROR_BADINDEX, $this, 'Invalid company ID.'); } $companyID = $_GET['companyID']; $attachmentID = $_GET['attachmentID']; if (!eval(Hooks::get('CLIENTS_ON_DELETE_ATTACHMENT_PRE'))) { return; } $attachments = new Attachments($this->_siteID); $attachments->delete($attachmentID); if (!eval(Hooks::get('CLIENTS_ON_DELETE_ATTACHMENT_POST'))) { return; } CATSUtility::transferRelativeURI('m=companies&a=show&companyID=' . $companyID); }
$URI = 'm=login'; /* Local demo account doesn't relogin. */ if (!empty($unixName) && $unixName != 'demo') { $URI .= '&s=' . $unixName; } if (isset($_GET['message'])) { $URI .= '&message=' . urlencode($_GET['message']); } if (isset($_GET['messageSuccess'])) { $URI .= '&messageSuccess=' . urlencode($_GET['messageSuccess']); } /* catsone.com demo domain doesn't relogin. */ if (strpos(CATSUtility::getIndexName(), '://demo.catsone.com') !== false) { CATSUtility::transferURL('http://www.catsone.com'); } else { CATSUtility::transferRelativeURI($URI); } } else { if (!ModuleUtility::moduleRequiresAuthentication($_GET['m'])) { /* No authentication required; load the module. */ ModuleUtility::loadModule($_GET['m']); } else { if (!$_SESSION['CATS']->isLoggedIn()) { /* User isn't logged in and authentication is required; send the user * to the login page. */ ModuleUtility::loadModule('login'); } else { /* Everything's good; load the requested module. */ $_SESSION['CATS']->logPageView(); ModuleUtility::loadModule($_GET['m']);
private function importBulkResumes() { if (!isset($_SESSION['CATS']) || empty($_SESSION['CATS'])) { CommonErrors::fatal(COMMONERROR_NOTLOGGEDIN, $this); } if ($_SESSION['CATS']->getAccessLevel() < ACCESS_LEVEL_SA) { CommonErrors::fatal(COMMONERROR_PERMISSION, $this); } $uploadPath = FileUtility::getUploadPath($this->_siteID, 'massimport'); $attachments = new Attachments($this->_siteID); $bulkResumes = $attachments->getBulkAttachments(); if (!count($bulkResumes)) { CommonErrors::fatal(COMMONERROR_BADINDEX, $this); } /** * Write the parsed resume contents to the new file which will * be created as a text document for each bulk attachment. */ foreach ($bulkResumes as $bulkResume) { $fullName = $bulkResume['originalFileName']; if (!strlen(trim($fullName))) { $fullName = 'Untitled'; } $mp = explode('.', $fullName); $fileName = implode('.', array_slice($mp, 0, -1)); if (!@file_exists($newFileName = $uploadPath . '/_BulkResume_' . $fileName . '.txt')) { // Some old files are fulltext encoded which makes them a pain for the parser, fixing here: $contents = DatabaseSearch::fulltextDecode($bulkResume['text']); @file_put_contents($newFileName, $contents); chmod($newFileName, 0777); } } CATSUtility::transferRelativeURI('m=import&a=massImport&step=2'); }
public function careerPortalQuestionnaireUpdate() { if ($this->_realAccessLevel < ACCESS_LEVEL_DEMO) { CommonErrors::fatal(COMMONERROR_PERMISSION, $this); return; } $questionnaire = new Questionnaire($this->_siteID); $data = $questionnaire->getAll(true); for ($i = 0; $i < count($data); $i++) { if (isset($_POST[$id = 'removeQuestionnaire' . $i]) && !strcasecmp($_POST[$id], 'yes')) { $questionnaire->delete($data[$i]['questionnaireID']); } } CATSUtility::transferRelativeURI('m=settings&a=careerPortalSettings'); }
public function getWebForm($addRecord = false) { $html = ''; $infoHtml = ''; if ($addRecord) { $this->_wf->setVerifyForm(false); $row = array(); } else { $this->_wf->setVerifyForm(true); // This is an edit, lookup information $uID = $this->getPostValue('uID'); $uIDName = $this->getPostValue('uIDName'); $sql = $this->getTablesSQL(sprintf('%s = %d', addslashes($uIDName), addslashes($uID))); $rs = $this->_db->query($sql); if (!$rs) { return $this->getListView(); return $this->getException('Bad or expired identifier', 'The operation you attempted cannot complete ' . 'because the unique identifier no longer exists. Did you perhaps use your browser\'s <b>back</b> ' . 'button?'); } $row = mysql_fetch_array($rs, MYSQL_ASSOC); if (!$row) { return $this->getListView(); return $this->getException('Bad or expired identifier', 'The operation you attempted cannot complete ' . 'because the unique identifier no longer exists. Did you perhaps use your browser\'s <b>back</b> ' . 'button?'); } } $html .= sprintf('<form method="get" action="%s" name="cpBack">', substr($_SERVER['REQUEST_URI'], 0, strpos($_SERVER['REQUEST_URI'], '?'))); foreach ($_GET as $name => $value) { if (!strcmp($name, 'cpPageState')) { $html .= sprintf('<input type="hidden" name="cpPageState" value="%d" />', CPPS_LISTVIEW); } else { if (!strcmp($name, 'a') || !strcmp($name, 'm') || !strcmp($name, 'siteID')) { $html .= sprintf('<input type="hidden" name="%s" value="%s" />', htmlspecialchars($name), htmlspecialchars($value)); } } } $html .= '</form>'; $html .= '<table><tr><td align="left" valign="bottom">'; $html .= '<img src="images/cp_back.gif" border="0" alt="<-- Back to List" style="cursor: pointer;" onclick="if ((webFormChangesMade==true && ' . 'confirm(\'You have made changes to this record. Go back to list view without saving?\')) || webFormChangesMade==false) document.cpBack.submit();" /></td>'; if ($addRecord && $this->_permissions & CPP_ADD) { $html .= '<td valign="bottom">' . $this->_wf->getImageButton('images/cp_add.gif', 'Add Record', 'cpEditForm') . '</td>'; } else { if (!$addRecord && $this->_permissions & CPP_EDIT) { $html .= '<td valign="bottom">' . $this->_wf->getImageButton('images/cp_save.gif', 'Save Changes', 'cpEditForm') . '</td>'; } } $html .= '</tr></table>'; $html .= sprintf('<form method="get" action="%s" name="cpEditForm">', substr($_SERVER['REQUEST_URI'], 0, strpos($_SERVER['REQUEST_URI'], '?'))); foreach ($_GET as $name => $value) { $html .= sprintf('<input type="hidden" name="%s" value="%s" />', htmlspecialchars($name), htmlspecialchars($value)); } // Build the webform foreach ($this->_tables as $tableName => $tableData) { foreach ($tableData['fields'] as $fieldName => $fieldData) { if (!isset($fieldData['section']) || count($fieldData['section']) == 0) { continue; } if ($fieldData['section'][0] == CP_LISTVIEW && count($fieldData['section']) == 1) { continue; } $this->_wf->addField($fieldData['webFormParams']['name'], $fieldData['webFormParams']['caption'], $fieldData['webFormParams']['type'], $fieldData['webFormParams']['required'], $fieldData['webFormParams']['size'], $fieldData['webFormParams']['minlen'], $fieldData['webFormParams']['maxlen'], $fieldData['webFormParams']['defaultValue'], $fieldData['webFormParams']['regex_test'], $fieldData['webFormParams']['regex_fail'], $fieldData['webFormParams']['helpBody'], $fieldData['webFormParams']['helpRules']); } } if ($this->getPostValue('webFormPostBack') == '1') { $updateSql = array(); list($fields, $errors) = $this->_wf->getValidatedFields(); if (count($errors) > 0) { $infoHtml = '<div style="padding: 10px; margin: 10px 0px 10px 0px; border: 1px solid #800000;">' . '<table><tr><td valign="top" style="padding-right: 20px;"><img src="images/large_error.gif" border="0" /></td><td>' . '<h2 style="color: #800000;">There are a few problems:</h2>' . '<ul style="padding-left: 25px;"><li>' . '<h3 style="font-size: 10pt; font-weight: normal;">' . implode('</h3></li><li><h3 style="font-size: 10pt; font-weight: normal;">', $errors) . '</h3></li></ul></td></tr></table></div>'; } else { foreach ($fields as $fieldName => $fieldValue) { $fieldValue = trim($fieldValue); foreach ($this->_tables as $subTableName => $subTableData) { foreach ($subTableData['fields'] as $subFieldName => $subFieldData) { if (!strcmp($subFieldData['uniqueID'], $fieldName)) { if ($addRecord) { // this is an addition, build the SQL if (!isset($updateSql[$subTableName])) { $updateSql[$subTableName] = array('', ''); } $sqlFields = $updateSql[$subTableName][0]; $sqlValues = $updateSql[$subTableName][1]; if ($sqlFields != '') { $sqlFields .= ', '; } $sqlFields .= $subFieldName; if ($sqlValues != '') { $sqlValues .= ', '; } $sqlValues .= $this->getFieldDBText($subFieldData, $fieldValue); $updateSql[$subTableName][0] = $sqlFields; $updateSql[$subTableName][1] = $sqlValues; // populate the row for callbacks $row[$fieldName] = $fieldValue; } else { // This is an edit and a field has been changed if ($this->isFieldChange($row[$fieldName], $fieldValue, $subFieldData)) { if (!isset($updateSql[$subTableName])) { $updateSql[$subTableName] = ''; } if ($updateSql[$subTableName] != '') { $updateSql[$subTableName] .= ', '; } $updateSql[$subTableName] .= sprintf('%s.%s = %s', $subTableName, $subFieldName, $this->getFieldDBText($subFieldData, $fieldValue)); } } } } } } } if (count($updateSql) > 0) { $callBack = 0; if ($addRecord && !$this->_permissions & CPP_ADD) { return $this->getException('You cannot add records', 'This table does not support adding new records.'); } if (!$addRecord && !$this->_permissions & CPP_EDIT) { return $this->getException('You cannot edit records', 'This table does not support editting records.'); } $updatedRows = 0; foreach ($updateSql as $tableName => $updateTableSql) { $ruleTableSql = ''; $sql = ''; if ($addRecord) { // Figure out the primary key to pass to a callback function $callBackPrimaryKey = ''; foreach ($this->_tables[$tableName]['fields'] as $fieldName => $fieldData) { if ($fieldData['primaryKey']) { $callBackPrimaryKey = $fieldData['uniqueID']; } } if ($this->_insertBoundriesSql != '') { list($fieldName, $fieldValue) = explode('=', $this->_insertBoundriesSql); $fieldName = trim($fieldName); $fieldValue = trim($fieldValue); } // This is an addition (INSERT) $sql = sprintf('INSERT INTO %s (%s%s) VALUES (%s%s)', $tableName, $updateTableSql[0], $this->_insertBoundriesSql ? ', ' . $fieldName : '', $updateTableSql[1], $this->_insertBoundriesSql ? ', ' . $fieldValue : ''); if (isset($this->_callBacks[CPP_ADD])) { $callBack = $this->_callBacks[CPP_ADD]; } } else { // This is an edit (UPDATE) // Figure out the primary key for this table and set a rule so only the current // row is editted (when in edit mode) foreach ($this->_tables[$tableName]['fields'] as $fieldName => $fieldData) { if ($fieldData['primaryKey']) { if (is_numeric($row[$fieldData['uniqueID']])) { $keyVal = sprintf('%d', $row[$fieldData['uniqueID']]); } else { $keyVal = '"' . addslashes($row[$fieldData['uniqueID']]) . '"'; } $ruleTableSql = sprintf('%s = %s', $fieldName, $keyVal); break; } } if ($ruleTableSql != '') { // attempt to write the changes to the database for this table $sql = sprintf('UPDATE %s SET %s WHERE %s', $tableName, $updateTableSql, $ruleTableSql); if (isset($this->_callBacks[CPP_EDIT])) { $callBack = $this->_callBacks[CPP_EDIT]; } } } if ($sql != '') { $rs = $this->_db->query($sql); if (!$rs) { return $this->getException('There was an error saving your changes', 'An unexpected error has occured when trying to make the changes ' . 'you made permanent. An administrator has been contacted and ' . 'the problem will be looked into shortly. We appologize for the ' . 'inconvenience.'); } else { $updatedRows += mysql_affected_rows(); if ($addRecord && $callBackPrimaryKey) { $row[$callBackPrimaryKey] = mysql_insert_id(); } if ($callBack) { $callBack($row); } } } } if ($updatedRows > 0) { if ($addRecord) { $infoHtml .= "<div id=\"cpInfo\" class=\"cpInfo\">\n"; $infoHtml .= "<span class=\"cpInfoHeaderText\">You have added a record.</span>\n<br />"; $infoHtml .= "<b>Do not</b> refresh this page as it may result in a duplicate submission."; $infoHtml .= "</div>\n"; $infoHtml .= sprintf('<form method="get" action="%s" name="cpBack">', substr($_SERVER['REQUEST_URI'], 0, strpos($_SERVER['REQUEST_URI'], '?'))); foreach ($_GET as $name => $value) { if (!strcmp($name, 'cpPageState')) { $infoHtml .= sprintf('<input type="hidden" name="cpPageState" value="%d" />', CPPS_LISTVIEW); } else { if (!strcmp($name, 'a') || !strcmp($name, 'm') || !strcmp($name, 'siteID')) { $infoHtml .= sprintf('<input type="hidden" name="%s" value="%s" />', htmlspecialchars($name), htmlspecialchars($value)); } } } $infoHtml .= '</form>'; $infoHtml .= '<img src="images/cp_back.gif" border="0" style="cursor: pointer;" alt="<-- Back to List" onclick="document.cpBack.submit();" />'; return $infoHtml; } else { $src = substr($_SERVER['REQUEST_URI'], strpos($_SERVER['REQUEST_URI'], '?') + 1); CATSUtility::transferRelativeURI($src . '&cpChangesMade=1'); } } } } if (isset($_GET['cpChangesMade']) && $_GET['cpChangesMade'] == '1') { $infoHtml .= "<div id=\"cpInfo\" class=\"cpInfo\" style=\"position: absolute; top: 150px; left: 150px; width: 600px; background-color: white;\">\n"; $infoHtml .= "<span class=\"cpInfoHeaderText\">Your changes have been saved.</span>\n"; $infoHtml .= "</div>\n"; $infoHtml .= "<script type=\"text/javascript\">\n"; $infoHtml .= "var cpInfoHide = window.setTimeout('var obj = document.getElementById(\"cpInfo\"); if (obj) { obj.style.display = \"none\"; }', 2000);\n</script>\n"; } foreach ($this->_sections as $sectionName => $sectionData) { if ($sectionName != CP_LISTVIEW) { $sectionFields = ''; $prefillData = array(); foreach ($this->_tables as $tableName => $tableData) { foreach ($tableData['fields'] as $fieldName => $fieldData) { if (isset($fieldData['section']) && in_array($sectionName, $fieldData['section'])) { if ($sectionFields != '') { $sectionFields .= '[NL]'; } $sectionFields .= sprintf('[%s]', $fieldData['uniqueID']); if (!$addRecord) { // prefill the field with existing data for edits $rawData = $this->getFieldInputText($fieldData, $row[$fieldData['uniqueID']], ''); $prefillData[$fieldData['uniqueID']] = $rawData; } } } } if (!$addRecord) { $this->_wf->setValidatedFields($prefillData); } // Display the webform if ($sectionData['webFormLayout'] == '') { $this->_wf->setLayout($sectionFields); } else { $this->_wf->setLayout($sectionData['webFormLayout']); } $html .= "<div id=\"cpSection" . $sectionName . "\" class=\"cpSection\">\n"; $html .= "<span class=\"cpSectionTitle\">" . $sectionData['caption'] . "</span>\n"; $contentsHtml = $sectionData['sectionLayout']; $contentsHtml = str_replace('[WebForm]', $this->_wf->getForm('cellpadding="0" cellspacing="4"'), $contentsHtml); // Allow users (on edits) to specify EasyTags<tm>, so they can retrieve Database field values // when using [field_name] tags in the sectionLayout if (!$addRecord) { foreach ($this->_tables as $tableName => $tableData) { foreach ($tableData['fields'] as $fieldName => $fieldData) { if (isset($row[$fieldData['uniqueID']])) { $contentsHtml = str_replace(sprintf('[%s]', $fieldData['uniqueID']), $row[$fieldData['uniqueID']], $contentsHtml); } } } } $html .= $contentsHtml; $html .= "\n</div>\n<p />\n"; } } if ($addRecord && $this->_permissions & CPP_ADD) { $html .= $this->_wf->getButton('Add Record', 'cpEditForm'); } else { if (!$addRecord && $this->_permissions & CPP_EDIT) { $html .= $this->_wf->getButton('Save Changes', 'cpEditForm'); } } //if ($this->_permissions & CPP_DELETE && $this->_deleteBoundriesTable != '' && !$addRecord) // $html .= $this->_wf->getButton('Delete', 'cpDeleteForm'); // add css and javascript on-the-fly $html = sprintf("<style type=\"text/css\">\n%s\n</style>\n<script type=\"text/javascript\">\n%s\n</script>\n%s%s", $this->getCSS(), $this->getWebFormJavaScript(), $infoHtml, $html); return $html; }
private function onDelete() { if ($this->_accessLevel < ACCESS_LEVEL_DELETE) { CommonErrors::fatal(COMMONERROR_PERMISSION, $this, 'Invalid user level for action.'); } /* Bail out if we don't have a valid contact ID. */ if (!$this->isRequiredIDValid('contactID', $_GET)) { CommonErrors::fatal(COMMONERROR_BADINDEX, $this, 'Invalid contact ID.'); } $contactID = $_GET['contactID']; if (!eval(Hooks::get('CONTACTS_DELETE_PRE'))) { return; } $contacts = new Contacts($this->_siteID); $contacts->delete($contactID); /* Delete the MRU entry if present. */ $_SESSION['CATS']->getMRU()->removeEntry(DATA_ITEM_CONTACT, $contactID); if (!eval(Hooks::get('CONTACTS_DELETE_POST'))) { return; } CATSUtility::transferRelativeURI('m=contacts&a=listByView'); }
public function onDeleteEvent() { if ($this->_accessLevel < ACCESS_LEVEL_DELETE) { CommonErrors::fatal(COMMONERROR_PERMISSION, $this, 'Invalid user level for action.'); } /* Bail out if we don't have a valid event ID. */ if (!$this->isRequiredIDValid('eventID', $_GET)) { CommonErrors::fatal(COMMONERROR_BADINDEX, $this, 'Invalid event ID.'); } $eventID = $_GET['eventID']; if (!eval(Hooks::get('CALENDAR_DELETE_PRE'))) return; $calendar = new Calendar($this->_siteID); $calendar->deleteEvent($eventID); if (!eval(Hooks::get('CALENDAR_DELETE_POST'))) return; /* Transfer to same url without a=deleteEvent or eventID. */ $newGet = $_GET; $newParams = array(); unset($newGet['a']); unset($newGet['eventID']); foreach ($newGet AS $name => $value) { $newParams[] = urlencode($name).'='.urlencode($value); } CATSUtility::transferRelativeURI(implode('&', $newParams)); }
public function show() { if (!isset($_SESSION['CATS_WIZARD']) || empty($_SESSION['CATS_WIZARD']) || !is_array($_SESSION['CATS_WIZARD'])) { // The user has removed or the session for the wizard has been lost, // redirect to rebuild it CATSUtility::transferRelativeURI(CATSUtility::getIndexName() . 'm=home'); return; } // Build the javascript for navigation $js = ''; for ($i=0; $i<count($_SESSION['CATS_WIZARD']['pages']); $i++) { $js .= sprintf('addWizardPage("%s", %s, %s);%s', addslashes($_SESSION['CATS_WIZARD']['pages'][$i]['title']), $_SESSION['CATS_WIZARD']['pages'][$i]['disableNext'] ? 'true' : 'false', $_SESSION['CATS_WIZARD']['pages'][$i]['disableSkip'] ? 'true' : 'false', "\n" ); } $js .= sprintf('var finishURL = \'%s\';', $_SESSION['CATS_WIZARD']['finishURL'], "\n"); $js .= sprintf('var currentPage = %d;%s', $_SESSION['CATS_WIZARD']['curPage'], "\n"); $this->_template->assign('js', $js); if (isset($_SESSION['CATS_WIZARD']['js'])) $jsInclude = $_SESSION['CATS_WIZARD']['js']; else $jsInclude = ''; $this->_template->assign('jsInclude', $jsInclude); $this->_template->assign('pages', $_SESSION['CATS_WIZARD']['pages']); $this->_template->assign('currentPage', $_SESSION['CATS_WIZARD']['pages'][$_SESSION['CATS_WIZARD']['curPage']-1]); $this->_template->assign('currentPageIndex', $_SESSION['CATS_WIZARD']['curPage']-1); $this->_template->assign('active', $this); $this->_template->assign('enableSkip', true); $this->_template->assign('enablePrevious', $_SESSION['CATS_WIZARD']['curPage']==1 ? false : true); $this->_template->assign('enableNext', true); $this->_template->display('./modules/wizard/Show.php'); }
private function attemptLogin() { //FIXME: getTrimmedInput()! if (isset($_POST['siteName'])) { $siteName = $_POST['siteName']; } else { $siteName = ''; } if (!isset($_POST['username']) || !isset($_POST['password'])) { $message = 'Invalid username or password.'; if (isset($_GET['reloginVars'])) { $this->_template->assign('reloginVars', urlencode($_GET['reloginVars'])); } else { $this->_template->assign('reloginVars', ''); } $site = new Site(-1); $rs = $site->getSiteByUnixName($siteName); if (isset($rs['name'])) { $siteNameFull = $rs['name']; } else { $siteNameFull = $siteName; } $this->_template->assign('aspMode', false); if (!eval(Hooks::get('LOGIN_NO_CREDENTIALS'))) { return; } $this->_template->assign('message', $message); $this->_template->assign('messageSuccess', false); $this->_template->assign('siteName', $siteName); $this->_template->assign('siteNameFull', $siteNameFull); $this->_template->assign('dateString', date('l, F jS, Y')); if (ModuleUtility::moduleExists("asp")) { $this->_template->display('./modules/asp/AspLogin.tpl'); } else { $this->_template->display('./modules/login/Login.tpl'); } return; } $username = $this->getTrimmedInput('username', $_POST); $password = $this->getTrimmedInput('password', $_POST); if (strpos($username, '@') !== false) { $siteName = ''; } if ($siteName != '') { $site = new Site(-1); $rs = $site->getSiteByUnixName($siteName); if (isset($rs['siteID'])) { $username .= '@' . $rs['siteID']; } } /* Make a blind attempt at logging the user in. */ $_SESSION['CATS']->processLogin($username, $password); /* If unsuccessful, take the user back to the login page. */ if (!$_SESSION['CATS']->isLoggedIn()) { $message = $_SESSION['CATS']->getLoginError(); if (isset($_GET['reloginVars'])) { $this->_template->assign('reloginVars', urlencode($_GET['reloginVars'])); } else { $this->_template->assign('reloginVars', ''); } $site = new Site(-1); $rs = $site->getSiteByUnixName($siteName); if (isset($rs['name'])) { $siteNameFull = $rs['name']; } else { $siteNameFull = $siteName; } $this->_template->assign('aspMode', false); if (!eval(Hooks::get('LOGIN_UNSUCCESSFUL'))) { return; } $this->_template->assign('message', $message); $this->_template->assign('messageSuccess', false); $this->_template->assign('siteName', $siteName); $this->_template->assign('siteNameFull', $siteNameFull); $this->_template->assign('dateString', date('l, F jS, Y')); if (ModuleUtility::moduleExists("asp")) { $this->_template->display('./modules/asp/AspLogin.tpl'); } else { $this->_template->display('./modules/login/Login.tpl'); } return; } $systemInfoDb = new SystemInfo(); $accessLevel = $_SESSION['CATS']->getAccessLevel(); $mailerSettings = new MailerSettings($_SESSION['CATS']->getSiteID()); $mailerSettingsRS = $mailerSettings->getAll(); /***************************** BEGIN NEW WIZARD *****************************************/ /** * Improved setup wizard using the Wizard library. If the user succeeds, * all old-style wizards will no longer be shown. */ $wizard = new Wizard(CATSUtility::getIndexName() . '?m=home', './js/wizardIntro.js'); if ($_SESSION['CATS']->isFirstTimeSetup()) { $wizard->addPage('Welcome!', './modules/login/wizard/Intro.tpl', '', false, true); } if (!$_SESSION['CATS']->isAgreedToLicense()) { $phpeval = ''; if (!eval(Hooks::get('LICENSE_TERMS'))) { return; } $wizard->addPage('License', './modules/login/wizard/License.tpl', $phpeval, true, true); } if (!file_exists('modules/asp') || defined('CATS_TEST_MODE') && CATS_TEST_MODE) { // On-site wizard pages if (!LicenseUtility::isLicenseValid()) { if (defined('LICENSE_KEY') && LICENSE_KEY == '') { $template = 'Register.tpl'; $templateName = 'Register'; } else { $template = 'Reregister.tpl'; $templateName = 'License Expired'; } $wizard->addPage($templateName, './modules/login/wizard/' . $template, '', false, true); } } // if logged in for the first time, change password if (strtolower($username) == 'admin' && $password === DEFAULT_ADMIN_PASSWORD) { $wizard->addPage('Password', './modules/login/wizard/Password.tpl', '', false, true); } // make user set an e-mail address if (trim($_SESSION['CATS']->getEmail()) == '') { $wizard->addPage('E-mail', './modules/login/wizard/Email.tpl', '', false, true); } // if no site name set, make user set site name if ($accessLevel >= ACCESS_LEVEL_SA && $_SESSION['CATS']->getSiteName() === 'default_site') { $wizard->addPage('Site', './modules/login/wizard/SiteName.tpl', '', false, true); } // CATS Hosted Wizard Pages if (!eval(Hooks::get('ASP_WIZARD_PAGES'))) { return; } if ($_SESSION['CATS']->isFirstTimeSetup()) { $wizard->addPage('Setup Users', './modules/login/wizard/Users.tpl', ' $users = new Users($siteID); $mp = $users->getAll(); $data = $users->getLicenseData(); $this->_template->assign(\'users\', $mp); $this->_template->assign(\'totalUsers\', $data[\'totalUsers\']); $this->_template->assign(\'userLicenses\', $data[\'userLicenses\']); $this->_template->assign(\'accessLevels\', $users->getAccessLevels()); '); if (!eval(Hooks::get('ASP_WIZARD_IMPORT'))) { return; } } // The wizard will not display if no pages have been added. $wizard->doModal(); /******************************* END NEW WIZARD *******************************************/ /* Session is logged in, do we need to send the user to the wizard? * This should be done only on the first use, indicated by the * admin user's password still being set to the default. */ /* If we have a specific page to go to, go there. */ /* These hooks are for important things, like disabling the site based on criteria. */ if (!eval(Hooks::get('LOGGED_IN'))) { return; } if (isset($_GET['reloginVars'])) { CATSUtility::transferRelativeURI($_GET['reloginVars']); } /* LOGGED_IN_MESSAGES hooks are only for messages which show up on initial login (warnings, etc) */ if (!eval(Hooks::get('LOGGED_IN_MESSAGES'))) { return; } else { if ($accessLevel >= ACCESS_LEVEL_SA && $mailerSettingsRS['configured'] == '0') { NewVersionCheck::checkForUpdate(); $this->_template->assign('inputType', 'conclusion'); $this->_template->assign('title', 'E-Mail Disabled'); $this->_template->assign('prompt', 'E-mail features are disabled. In order to enable e-mail features (such as e-mail notifications), please configure your e-mail settings by clicking on the Settings tab and then clicking on Administration.'); $this->_template->assign('action', $this->getAction()); $this->_template->assign('home', 'home'); $this->_template->display('./modules/settings/NewInstallWizard.tpl'); } else { if (!eval(Hooks::get('LOGGED_IN_HOME_PAGE'))) { return; } CATSUtility::transferRelativeURI('m=home'); } } }
public function onDeleteStaticList() { /* Bail out if we don't have a valid type. */ if (!$this->isRequiredIDValid('savedListID', $_GET)) { CommonErrors::fatalModal(COMMONERROR_BADINDEX, $this); return; } $savedListID = $_GET['savedListID']; $savedLists = new SavedLists($this->_siteID); /* Write changes. */ $savedLists->delete($savedListID); CATSUtility::transferRelativeURI('m=lists'); }
public function careersPage() { global $careerPage; /* Get information on what site we are in, our environment, etc. */ $site = new Site(-1); $siteID = $site->getFirstSiteID(); if (!eval(Hooks::get('CAREERS_SITEID'))) return; /* if (!eval(Hooks::get('CAREERS_IS_ENABLED'))) return; if (!file_exists('modules/asp') && !LicenseUtility::isProfessional()) { CommonErrors::fatal(COMMONERROR_INVALIDMODULE, $this, 'Career Portal'); } */ $siteRS = $site->getSiteBySiteID($siteID); if (!isset($siteRS['name'])) { die('An error has occurred: No site exists with this site name.'); } $siteName = $siteRS['name']; /* Get information on the current template. */ $careerPortalSettings = new CareerPortalSettings($siteID); $careerPortalSettingsRS = $careerPortalSettings->getAll(); $templateName = $careerPortalSettingsRS['activeBoard']; $enabled = $careerPortalSettingsRS['enabled']; if ($enabled == 0) { // FIXME: Generate valid XHTML error pages. Create an error/fatal method! die('<html><body>Job Board Not Active</body></html>'); } if (isset($_GET['templateName'])) { $templateName = $_GET['templateName']; } $template = $careerPortalSettings->getTemplate($templateName); /* At this point the entire template is loaded, we just need to add data to the template for the specific page. */ /* Get all public job orders for this site. */ $jobOrders = new JobOrders($siteID); $rs = $jobOrders->getAll(JOBORDERS_STATUS_ACTIVE, -1, -1, -1, false, true); $useCookie = true; // Get the get or post page request $p = isset($_GET['p']) ? $_GET['p'] : ''; $p = isset($_POST['p']) ? $_POST['p'] : $p; // Get the get or post sub-page request $pa = isset($_GET['pa']) ? $_GET['pa'] : ''; $pa = isset($_POST['pa']) ? $_POST['pa'] : $pa; $isRegistrationEnabled = $careerPortalSettingsRS['candidateRegistration']; switch ($pa) { case 'logout': if ($isRegistrationEnabled) { // Remove the saved information cookie setcookie($this->getCareerPortalCookieName($siteID), ''); $useCookie = false; } break; case 'updateProfile': if ($isRegistrationEnabled) { $p = 'registeredCandidateProfile'; } break; } if ($p == 'showAll') { $template['Content'] = $template['Content - Search Results']; $template['Content'] = str_replace('<numberOfSearchResults>', count($rs), $template['Content']); $template['Content'] = str_replace('<registeredCandidate>', $useCookie && $isRegistrationEnabled ? $this->getRegisteredCandidateBlock($siteID, $template['Content - Candidate Registration']) : '', $template['Content']); if ($careerPortalSettingsRS['allowBrowse'] == 1) { /* Legacy. */ $template['Content'] = str_replace('<searchResultsTableUnformatted>', $this->getResultsTable($rs, $careerPortalSettingsRS, true), $template['Content']); while (strpos($template['Content'], '<searchResultsTable') !== false) { $searchResultsTablePosition = strpos($template['Content'], '<searchResultsTable'); $temp = substr($template['Content'], $searchResultsTablePosition + strlen('<searchResultsTable')); $searchResultsTableParameters = trim(substr($temp, 0, strpos($temp, '>') - 1)); $tableHTML = $this->getResultsTable($rs, $careerPortalSettingsRS, false, $searchResultsTableParameters); $template['Content'] = substr($template['Content'], 0, $searchResultsTablePosition - 1) . $tableHTML . substr($temp, strpos($temp, '>') + 1); } } else { $template['Content'] = str_replace('<searchResultsTable>', 'Sorry, Job Listings have been disabled by the '.$siteName.' administrator.', $template['Content']); } } else if ($p == 'search') { } else if ($p == 'registeredCandidateProfile' && $isRegistrationEnabled) { $content = $template['Content - Candidate Profile']; // Get information about the candidate from the cookie $fields = $this->getCookieFields($siteID); $candidate = $this->ProcessCandidateRegistration($siteID, $template['Content - Candidate Registration'], $fields); if ($candidate === false) { echo '<html><body>You have not registered yet. Please wait while we direct you to the job list...<script>setTimeout("document.location.href=\'?m=careers&&p=showAll\';", 1500);</script></body></html>'; die(); } // Get the candidate's latest resume attachment (if exists) $attachmentsLib = new Attachments($siteID); $attachments = $attachmentsLib->getAll(DATA_ITEM_CANDIDATE, $candidate['candidateID']); $latestDate = 0; $latestAttachment = false; foreach ($attachments as $attachment) { if (preg_match('/^([0-9]{2})-([0-9]{2})-([0-9]{2}) \(([0-9]{2}):([0-9]{2}):([0-9]{2}) [A-Z]{2}\)$/', $attachment['dateCreated'], $matches)) { $epoch = strtotime( strval($matches[1]) . '/' . strval($matches[2]) . '/' . strval($matches[3]) ); if ($epoch > $latestDate) { $latestDate = $epoch; $latestAttachment = $attachment['attachmentID']; } } } // Get their latest resume if ($latestAttachment !== false) { $candidatesLib = new Candidates($siteID); $myResume = $candidatesLib->getResume($latestAttachment); } /* Replace input fields. */ $content = str_replace('<input-firstName>', '<input name="firstName" id="firstName" class="inputBoxName" value="' . $candidate['firstName'] . '" />', $content); $content = str_replace('<input-lastName>', '<input name="lastName" id="lastName" class="inputBoxName" value="' . $candidate['lastName'] . '" />', $content); $content = str_replace('<input-address>', '<textarea name="address" class="inputBoxArea">'. $candidate['address'] .'</textarea>', $content); $content = str_replace('<input-city>', '<input name="city" id="city" class="inputBoxNormal" value="' . $candidate['city'] . '" />', $content); $content = str_replace('<input-state>', '<input name="state" id="state" class="inputBoxNormal" value="' . $candidate['state'] . '" />', $content); $content = str_replace('<input-zip>', '<input name="zip" id="zip" class="inputBoxNormal" value="' . $candidate['zip'] . '" />', $content); $content = str_replace('<input-phoneWork>', '<input name="phoneWork" id="phoneWork" class="inputBoxNormal" value="' . $candidate['phoneWork'] . '" />', $content); $content = str_replace('<input-email1>', '<input name="email1" id="email1" class="inputBoxNormal" value="' . $candidate['email1'] . '" />', $content); $content = str_replace('<input-phoneHome>', '<input name="phoneHome" id="phoneHome" class="inputBoxNormal" value="' . $candidate['phoneHome'] . '" />', $content); $content = str_replace('<input-phoneCell>', '<input name="phoneCell" id="phoneCell" class="inputBoxNormal" value="' . $candidate['phoneCell'] . '" />', $content); $content = str_replace('<input-bestTimeToCall>', '<input name="bestTimeToCall" id="bestTimeToCall" class="inputBoxNormal" value="' . $candidate['bestTimeToCall'] . '" />', $content); $content = str_replace('<input-keySkills>', '<input name="keySkills" id="keySkills" class="inputBoxNormal" value="' . $candidate['keySkills'] . '" />', $content); $content = str_replace('<input-source>', '<input name="source" id="source" class="inputBoxNormal" value="' . $candidate['source'] . '" />', $content); $content = str_replace('<input-currentEmployer>', '<input name="currentEmployer" id="currentEmployer" class="inputBoxNormal" value="' . $candidate['currentEmployer'] . '" />', $content); $content = str_replace('<input-resume>', '<strong>My Resume</strong><br />' . '<textarea name="resumeContents" class="inputBoxArea" style="width: 400px; height: 200px;" readonly>' . ($latestAttachment !== false ? DatabaseSearch::fulltextDecode($myResume['text']) : '') .'</textarea>' . '<br /><br /><strong>Upload new resume:</strong><br /> ' . '<input type="file" name="file" id="file" type="file" class="inputBoxFile" size="45" />', $content ); $content = str_replace('<input-submit>', '<input type="submit" name="submitButton" id="submitButton" class="submitButton" onclick="document.getElementById(\'submitButton\').disabled=true;" value="Save Profile" style="width: 150px;" />', $content); $content = sprintf( '<form name="updateForm" id="updateForm" enctype="multipart/form-data" method="post" ' . 'action="%s?m=careers&p=onRegisteredCandidateProfile&attachmentID=%d">', CATSUtility::getIndexName(), $latestAttachment ? $latestAttachment : -1 ) . $content . '</form>' . (isset($_GET[$id='isPostBack']) && !strcmp($_GET[$id], 'yes') ? '<script language="javascript" type="text/javascript">setTimeout(\'alert("Your changes have been saved!")\',25);</script>' : ''); $template['Content'] = $content; } else if ($p == 'onRegisteredCandidateProfile' && $isRegistrationEnabled) { // Get information about the candidate from the cookie $fields = $this->getCookieFields($siteID); $candidate = $this->ProcessCandidateRegistration($siteID, $template['Content - Candidate Registration'], $fields, true); if ($candidate === false) { echo '<html><body>You have not registered yet. Please wait while we direct you to the job list...<script>setTimeout("document.location.href=\'?m=careers&&p=showAll\';", 1500);</script></body></html>'; die(); } // Get the fields (if included in the template) to update $fields = array('firstName', 'lastName', 'email1', 'phoneHome', 'phoneCell', 'phoneWork', 'address', 'city', 'state', 'zip', 'keySkills', 'currentEmployer', 'bestTimeToCall' ); $fieldValues = array(); foreach ($fields as $field) { if (isset($_POST[$field]) && $_POST[$field] != '') { eval('$'.$field.' = trim($_POST[\''.$field.'\']);'); $fieldValues[$field] = $_POST[$field]; } else { eval('$'.$field.' = $candidate[\''.$field.'\'];'); $fieldValues[$field] = $candidate[$field]; } } // Get the attachment to replace (if exists) $attachmentID = isset($_GET[$id='attachmentID']) ? $_GET[$id] : -1; $attachmentID = $attachmentID != -1 ? $attachmentID : false; $attachmentsLib = new Attachments($siteID); $candidatesLib = new Candidates($siteID); // Update the candidate's information $candidatesLib->update( $candidate['candidateID'], $candidate['isActive'] ? true : false, $firstName, $candidate['middleName'], $lastName, $email1, $email1, $phoneHome, $phoneCell, $phoneWork, $address, $city, $state, $zip, $candidate['source'], $keySkills, $candidate['dateAvailable'], $currentEmployer, $candidate['canRelocate'], $candidate['currentPay'], $candidate['desiredPay'], $candidate['notes'], $candidate['webSite'], $bestTimeToCall, $candidate['owner'], $candidate['isHot'] ? true : false, $email1, $email1, $candidate['eeoGender'], $candidate['eeoEthnicType'], $candidate['eeoVeteranType'], $candidate['eeoDisabilityStatus'] ); $uploadResume = FileUtility::getUploadFileFromPost($siteID, 'careerportaladd', 'file'); if ($uploadResume !== false) { $uploadPath = FileUtility::getUploadFilePath($siteID, 'careerportaladd', $uploadResume); if ($uploadPath !== false) { // Replace most current resume with new uploaded resume $attachmentsLib->delete($attachmentID, true); $attachmentCreator = new AttachmentCreator($siteID); $attachmentCreator->createFromFile(DATA_ITEM_CANDIDATE, $candidate['candidateID'], $uploadPath, false, '', true, true ); } } // Set the cookie again, since some information used to verify may be changed $storedVal = ''; foreach ($fieldValues as $tag => $tagData) { $storedVal .= sprintf('"%s"="%s"', urlencode($tag), urlencode($tagData)); } @setcookie($this->getCareerPortalCookieName($siteID), $storedVal, time()+60*60*24*7*2); $template['Content'] = '<div id="careerContent"><br /><br /><h1>Please wait while you are redirected to your updated profile...</h1></div>'; CATSUtility::transferRelativeURI('m=careers&p=showAll&pa=updateProfile&isPostBack=yes'); } else if ($p == 'candidateRegistration' && $isRegistrationEnabled) { /*$content = $template['Content - Candidate Registration']; $jobID = intval($_GET['ID']); $jobOrderData = $jobOrders->get($jobID); $js = ''; $content = str_replace(array('<applyContent>','</applyContent>'), '', $content); $content = str_replace('<input-submit>', '<input type="submit" id="submitButton" name="submitButton" value="Continue to Application" />', $content); $content = str_replace('<input-new>', '<input type="radio" id="isNewYes" name="isNew" value="yes" onchange="isCandidateRegisteredChange();" checked />', $content); $content = str_replace('<input-registered>', '<input type="radio" id="isNewNo" name="isNew" value="no" onchange="isCandidateRegisteredChange();" />', $content); $content = str_replace('<input-rememberMe>', '<input type="checkbox" id="rememberMe" name="rememberMe" value="yes" checked />', $content); $content = str_replace('<title>', $jobOrderData['title'], $content); // Process html-ish fields like <input-firstName> into the proper form $content = preg_replace( '/\<input\-([A-Za-z0-9]+)\>/', '<input type="text" class="inputBoxNormal" style="width: 270px;" name="$1" id="$1" onfocus="onFocusFormField(this)" />', $content ); if (count($fields = $this->getCookieFields($siteID))) { $js = '<script language="javascript" type="text/javascript">' . "\n" . 'function populateSavedFields() { var obj; obj = document.getElementById(\'isNewNo\'); ' . 'if (obj) { obj.checked = true; enableFormFields(true); } ' . "\n"; foreach ($fields as $tagName => $tagValue) { $js .= sprintf( 'if (obj = document.getElementById(\'%s\')) obj.value = \'%s\';%s', urldecode($tagName), str_replace("'", "\\'", urldecode($tagValue)), "\n" ); } $js .= "}\n</script>\n"; } // Insert the form block $content = sprintf( '%s<form name="register" id="register" method="post" onsubmit="return validateCandidateRegistration()" ' . 'action="%s?m=careers&p=applyToJob&ID=%d">' . '<input type="hidden" name="applyToJobSubAction" value="processLogin" />', $js, CATSUtility::getIndexName(), $jobID ) . $content . '<script>enableFormFields(false); ' . ($js != '' ? 'populateSavedFields();' : '') . '</script></form>'; $template['Content'] = $content;*/ } else if ($p == 'applyToJob' || isset($_POST[$id='applyToJobSubAction']) && $_POST[$id] != '') { // Pre-populations $firstName = isset($_POST[$id='firstName']) ? $_POST[$id] : ''; $lastName = isset($_POST[$id='lastName']) ? $_POST[$id] : ''; $address = isset($_POST[$id='address']) ? $_POST[$id] : ''; $city = isset($_POST[$id='city']) ? $_POST[$id] : ''; $state = isset($_POST[$id='state']) ? $_POST[$id] : ''; $zip = isset($_POST[$id='zip']) ? $_POST[$id] : ''; $phone = isset($_POST[$id='phone']) ? $_POST[$id] : ''; $email = isset($_POST[$id='email']) ? $_POST[$id] : ''; $phoneHome = isset($_POST[$id='phoneHome']) ? $_POST[$id] : ''; $phoneCell = isset($_POST[$id='phoneCell']) ? $_POST[$id] : ''; $bestTimeToCall = isset($_POST[$id='bestTimeToCall']) ? $_POST[$id] : ''; $email2 = isset($_POST[$id='email2']) ? $_POST[$id] : ''; $emailconfirm = isset($_POST[$id='emailconfirm']) ? $_POST[$id] : ''; $keySkills = isset($_POST[$id='keySkills']) ? $_POST[$id] : ''; $source = isset($_POST[$id='source']) ? $_POST[$id] : ''; $employer = isset($_POST[$id='employer']) ? $_POST[$id] : ''; // for <input-resumeUploadPreview> $resumeContents = isset($_POST[$id='resumeContents']) ? $_POST[$id] : ''; $resumeFileLocation = isset($_POST[$id='file']) ? $_POST[$id] : ''; // for returning candidates $candidateID = -1; if ($isRegistrationEnabled) { // Check if the user is registered and logged in $cookieFields = $this->getCookieFields($siteID); $candidate = $this->ProcessCandidateRegistration($siteID, $template['Content - Candidate Registration'], $cookieFields, true); if ($candidate !== false) { // The candidate is registered $firstName = $candidate['firstName']; $lastName = $candidate['lastName']; $address = $candidate['address']; $city = $candidate['city']; $state = $candidate['state']; $zip = $candidate['zip']; $phone = $candidate['phoneWork']; $phoneHome = $candidate['phoneHome']; $phoneCell = $candidate['phoneCell']; $email = $candidate['email1']; $email2 = $candidate['email2']; $emailconfirm = $email; $keySkills = $candidate['keySkills']; $source = $candidate['source']; $employer = $candidate['currentEmployer']; $candidateID = $candidate['candidateID']; } } /** * SUB-ACTIONS * These actions are called as postbacks, such as loading a resume file into the * "contents" textarea on the application page. All post data remains intact and * re-populates the fields giving the illusion of AJAX. */ if (isset($_POST[$id='applyToJobSubAction']) && strlen($subAction = $_POST[$id])) { // Check if a candidate has registered and has indicated it if (!strcmp($subAction, 'processLogin') && isset($_POST['isNew']) && !strcmp($_POST['isNew'], 'no') && $isRegistrationEnabled) { $candidate = $this->ProcessCandidateRegistration($siteID, $template['Content - Candidate Registration']); if ($candidate !== false) { // Rewrite here, I'll fix it later $firstName = $candidate['firstName']; $lastName = $candidate['lastName']; $address = $candidate['address']; $city = $candidate['city']; $state = $candidate['state']; $zip = $candidate['zip']; $phone = $candidate['phoneWork']; $phoneHome = $candidate['phoneHome']; $phoneCell = $candidate['phoneCell']; $email = $candidate['email1']; $email2 = $candidate['email2']; $emailconfirm = $email; $keySkills = $candidate['keySkills']; $source = $candidate['source']; $employer = $candidate['currentEmployer']; $candidateID = $candidate['candidateID']; } } // Check if a file has been uploaded, if so populate the contents textarea if (($uploadFile = FileUtility::getUploadFileFromPost($siteID, 'careerportaladd', 'resumeFile')) !== false) { $uploadFilePath = FileUtility::getUploadFilePath($siteID, 'careerportaladd', $uploadFile); if ($uploadFilePath !== false) { $d2t = new DocumentToText(); $docType = $d2t->getDocumentType($uploadFilePath); if ($d2t->convert($uploadFilePath, $docType) !== false) { $resumeContents = $d2t->getString(); // Remove nasty things like _rATr in favor of @ $resumeContents = DatabaseSearch::fulltextDecode($resumeContents); } else { $resumeContents = 'Unable to load your resume contents. Your resume will ' . 'still be uploaded and attached to your application.'; } $resumeFileLocation = $uploadFile; } } if (!strcmp($subAction, 'resumeParse')) { // Check if the resume contents need to be parsed (user clicked parse contents button) /*if (LicenseUtility::isParsingEnabled()) { $pu = new ParseUtility(); $fileName = isset($uploadFile) ? $uploadFile : ''; $res = $pu->documentParse($fileName, strlen($resumeContents), '', $resumeContents); if (is_array($res) && !empty($res)) { if (isset($res[$id='first_name']) && $res[$id] != '' && $firstName == '') $firstName = $res[$id]; if (isset($res[$id='last_name']) && $res[$id] != '' && $lastName == '') $lastName = $res[$id]; if (isset($res[$id='us_address']) && $res[$id] != '' && $address == '') $address = $res[$id]; if (isset($res[$id='city']) && $res[$id] != '' && $city == '') $city = $res[$id]; if (isset($res[$id='state']) && $res[$id] != '' && $state == '') $state = $res[$id]; if (isset($res[$id='zip_code']) && $res[$id] != '' && $zip == '') $zip = $res[$id]; if (isset($res[$id='email_address']) && $res[$id] != '' && $email == '') { $email = $res[$id]; $email2 = $res[$id]; $emailconfirm = $res[$id]; } if (isset($res[$id='phone_number']) && $res[$id] != '' && $phone == '') $phone = $res[$id]; if (isset($res[$id='skills']) && $res[$id] != '' && $keySkills == '') $keySkills = $res[$id]; } }*/ } } $template['Content'] = $template['Content - Apply for Position']; // Force integer // FIXME: Input validation, and use isRequiredIDValid() to check for / force integer. $jobID = intval(isset($_GET['ID']) ? $_GET['ID'] : $_POST['ID']); $jobOrderData = $jobOrders->get($jobID); if (!isset($jobOrderData['public']) || $jobOrderData['public'] == 0) { // FIXME: Generate valid XHTML error pages. Create an error/fatal method! echo '<html><body>This position is no longer available. Please wait while we direct you to the job list...<script>setTimeout("document.location.href=\'?m=careers&&p=showAll\';", 1500);</script></body></html>'; die(); } /* Make JavaScript validation rules. */ $validator = $this->_makeApplyValidator($template); /* Translate required fields into normal fields for replacement. */ $template['Content'] = str_replace(' req>', '>', $template['Content']); /* Get the attachment (friendly) file name is there is an attachment uploaded */ if ($resumeFileLocation != '') { $attachmentHTML = '<div style="height: 20px; background-color: #e0e0e0; margin: 5px 0 0px 0; ' . 'padding: 0 3px 0 5px; font-size: 11px;"> ' . '<img src="images/parser/attachment.gif" border="0" style="padding-top: 3px;" /> ' . 'Attachment: <span style="font-weight: bold;">'.$resumeFileLocation.'</span> ' . '</div> '; } else { $attachmentHTML = ''; } /* Replace input fields. */ $template['Content'] = str_replace('<jobid>', $jobID, $template['Content']); $template['Content'] = str_replace('<title>', $jobOrderData['title'], $template['Content']); $template['Content'] = str_replace('<input-firstName>', '<input name="firstName" id="firstName" class="inputBoxName" value="' . $firstName . '" />', $template['Content']); $template['Content'] = str_replace('<input-lastName>', '<input name="lastName" id="lastName" class="inputBoxName" value="' . $lastName . '" />', $template['Content']); $template['Content'] = str_replace('<input-address>', '<textarea name="address" class="inputBoxArea">'. $address .'</textarea>', $template['Content']); $template['Content'] = str_replace('<input-city>', '<input name="city" id="city" class="inputBoxNormal" value="' . $city . '" />', $template['Content']); $template['Content'] = str_replace('<input-state>', '<input name="state" id="state" class="inputBoxNormal" value="' . $state . '" />', $template['Content']); $template['Content'] = str_replace('<input-zip>', '<input name="zip" id="zip" class="inputBoxNormal" value="' . $zip . '" />', $template['Content']); $template['Content'] = str_replace('<input-phone>', '<input name="phone" id="phone" class="inputBoxNormal" value="' . $phone . '" />', $template['Content']); $template['Content'] = str_replace('<input-email>', '<input name="email" id="email" class="inputBoxNormal" value="' . $email . '" />', $template['Content']); $template['Content'] = str_replace('<input-phone-home>', '<input name="phoneHome" id="phoneHome" class="inputBoxNormal" value="' . $phoneHome . '" />', $template['Content']); $template['Content'] = str_replace('<input-phone-cell>', '<input name="phoneCell" id="phoneCell" class="inputBoxNormal" value="' . $phoneCell . '" />', $template['Content']); $template['Content'] = str_replace('<input-best-time-to-call>', '<input name="bestTimeToCall" id="bestTimeToCall" class="inputBoxNormal" value="' . $bestTimeToCall . '" />', $template['Content']); $template['Content'] = str_replace('<input-email2>', '<input name="email2" id="email2" class="inputBoxNormal" value="' . $email2 . '" />', $template['Content']); $template['Content'] = str_replace('<input-emailconfirm>', '<input name="emailconfirm" id="emailconfirm" class="inputBoxNormal" value="' . $emailconfirm . '" />', $template['Content']); $template['Content'] = str_replace('<input-keySkills>', '<input name="keySkills" id="keySkills" class="inputBoxNormal" value="' . $keySkills . '" />', $template['Content']); $template['Content'] = str_replace('<input-source>', '<input name="source" id="source" class="inputBoxNormal" value="' . $source . '" />', $template['Content']); $template['Content'] = str_replace('<input-employer>', '<input name="employer" id="employer" class="inputBoxNormal" value="' . $employer . '" />', $template['Content']); $template['Content'] = str_replace('<input-resumeUpload>', '<input type="file" id="resume" name="file" class="inputBoxFile" />', $template['Content']); $template['Content'] = str_replace('<input-resumeUploadPreview>', '<input type="hidden" id="applyToJobSubAction" name="applyToJobSubAction" value="" /> ' . '<input type="hidden" id="file" name="file" value="' . $resumeFileLocation . '" /> ' . '<input type="file" id="resumeFile" name="resumeFile" class="inputBoxFile" size="30" onchange="resumeLoadCheck();" /> ' . '<input type="button" id="resumeLoad" name="resumeLoad" value="Upload" onclick="resumeLoadFile();" disabled /><br /> ' . $attachmentHTML . '<textarea id="resumeContents" name="resumeContents" class="inputBoxArea" onmousemove="resumeContentsChange(this);" ' . 'onchange="resumeContentsChange(this);" onmousedown="resumeContentsChange(this);" ' . 'style="width: 410px; height: 150px;">' . $resumeContents . '</textarea><br /> ' . ( // If parsing is enabled, add the image link for it LicenseUtility::isParsingEnabled() ? '<br /><div style="text-align: right;">' . '<input type="button" value="Populate Fields ->" id="resumePopulate" onclick="resumeParse();" '.(strlen($resumeContents)?'':'disabled').' />' : '' ), $template['Content']); $template['Content'] = str_replace('<input-extraNotes>', '<textarea name="extraNotes" id="extraNotes" class="inputBoxArea" maxlength="450" onkeyup="mlength=this.getAttribute ? parseInt(this.getAttribute(\'maxlength\')) : \'\'; if (this.getAttribute && this.value.length>(mlength+7)) { alert(\'Sorry, you may only enter \'+mlength+\' characters into the extra notes.\');} if (this.getAttribute && this.value.length>mlength) {this.value=this.value.substring(0,mlength); this.scrollTop = this.scrollHeight;}">'.(isset($_POST[$id='extraNotes'])?$_POST[$id]:'').'</textarea>', $template['Content']); $template['Content'] = str_replace('<submit', '<input type="submit" class="submitButton"', $template['Content']); /* EEO inputs. */ $template['Content'] = str_replace('<input-eeo-race>', '<select name="eeorace" id="eeorace" class="inputBoxNormal" /> <option value="">----</option> <option value="1">American Indian</option> <option value="2">Asian or Pacific Islander</option> <option value="3">Hispanic or Latino</option> <option value="4">Non-Hispanic Black</option> <option value="5">Non-Hispanic White</option> </select>', $template['Content']); $template['Content'] = str_replace('<input-eeo-gender>', '<select name="eeogender" id="eeogender" class="inputBoxNormal" /> <option value="">----</option> <option value="m">Male</option> <option value="f">Female</option> </select>', $template['Content']); $template['Content'] = str_replace('<input-eeo-veteran>', '<select name="eeoveteran" id="eeoveteran" class="inputBoxNormal" /> <option value="">----</option> <option value="1">Male</option> <option value="2">Eligible Veteran</option> <option value="3">Disabled Veteran</option> <option value="4">Eligible and Disabled</option> </select>', $template['Content']); $template['Content'] = str_replace('<input-eeo-disability>', '<select name="eeodisability" id="eeodisability" class="inputBoxNormal" /> <option value="">----</option> <option value="No">No</option> <option value="Yes">Yes</option> </select>', $template['Content']); /* Extra field inputs. */ $candidates = new Candidates($siteID); $extraFieldsForCandidates = $candidates->extraFields->getValuesForAdd(); foreach($extraFieldsForCandidates as $ef) { if (isset($ef['careersAddHTML'])) { $template['Content'] = str_replace('<input-extraField-' .urlencode($ef['fieldName']) . '>', $ef['careersAddHTML'], $template['Content']); } else { $template['Content'] = str_replace('<input-extraField-' .urlencode($ef['fieldName']) . '>', $ef['addHTML'], $template['Content']); } } /* This is kindof a hack, but basically, we have to put the * validation code / form below inside the <td>, which is contained * in the template, as they aren't allowed in <tr>s. * NOTE: Continue to use ungreedy matching or this will break! */ if (preg_match('/^.*?(<td.*?>)/i', $template['Content'], $matches)) { $startTD = $matches[1]; $template['Content'] = preg_replace('/^.*?(?:<td.*?>)/i', '', $template['Content']); } else { $startTD = ''; } if (preg_match('/(<\/td>).*?$/i', $template['Content'], $matches)) { $endTD = $matches[1]; $template['Content'] = preg_replace('/(?:<\/td>).*?$/i', '', $template['Content']); } else { $endTD = ''; } if (strpos($template['Content'], '<catsform>') === false) { $template['Content'] = $startTD . "\n" . $validator . "\n" . '<form name="applyToJobForm" id="applyToJobForm" action="' . CATSUtility::getIndexName() . '?m=careers&p=onApplyToJobOrder" ' . 'enctype="multipart/form-data" method="post" onsubmit="return applyValidate();">' . '<input type="hidden" name="ID" value="' . $jobID . '">' . '<input type="hidden" name="candidateID" value="' . $candidateID . '">' . $template['Content'] . '</form>' . "\n" . $endTD; } else { $template['Content'] = $startTD . "\n" . $validator . "\n" . str_replace('<catsform>', '<form name="applyToJobForm" id="applyToJobForm" action="' . CATSUtility::getIndexName() . '?m=careers&p=onApplyToJobOrder" ' . 'enctype="multipart/form-data" method="post" onsubmit="return applyValidate();">' . '<input type="hidden" name="ID" value="' . $jobID . '">' . '<input type="hidden" name="candidateID" value="' . $candidateID . '">', $template['Content']) . "\n" . $endTD; } } else if ($p == 'onApplyToJobOrder') { if (!$this->isRequiredIDValid('ID', $_POST)) { // FIXME: Generate valid XHTML error pages. Create an error/fatal method! echo '<html><body>This position is invalid or no longer available. Please wait while we direct you to the job list...<script>setTimeout("document.location.href=\'?m=careers&&p=showAll\';", 1500);</script></body></html>'; die(); } // Check if this is a returning candidate $candidateID = isset($_POST['candidateID']) ? intval($_POST['candidateID']) : -1; if ($candidateID == -1) $candidateID = false; /** * Applicant has completed their application, check to see if a questionnaire * is tied to this job order. If so, present it. */ $jobID = intval($_POST['ID']); $jobOrderData = $jobOrders->get($jobID); $questionnaireLib = new Questionnaire($siteID); $questionnaireID = $jobOrderData['questionnaireID']; if ($questionnaireID) { $questionnaire = $questionnaireLib->get($questionnaireID); if (!is_array($questionnaire) || empty($questionnaire)) { $questionnaireID = false; } } // Check for postback (if the applicant has completed the questionnaire) or if no questionnaire exists if ((isset($_GET[$id='questionnairePostBack']) && $_GET[$id] == '1') || !$questionnaireID) { // Continue on our merry way $this->onApplyToJobOrder($siteID, $candidateID); $jobOrderData = $jobOrders->get($jobID); if (!isset($jobOrderData['public']) || $jobOrderData['public'] == 0) { // FIXME: Generate valid XHTML error pages. Create an error/fatal method! echo '<html><body>This position is no longer available. Please wait while we direct you to the job list...<script>setTimeout("document.location.href=\'?m=careers&&p=showAll\';", 1500);</script></body></html>'; die(); } $template['Content'] = $template['Content - Thanks for your Submission']; $template['Content'] = str_replace('<title>', $jobOrderData['title'], $template['Content']); $template['Content'] = str_replace('<a-jobDetails>', '<a href="' . CATSUtility::getIndexName() . '?m=careers'.(isset($_GET['templateName']) ? '&templateName='.urlencode($_GET['templateName']) : '').'&p=showJob&ID='.$_POST['ID'].'">', $template['Content']); } else { ob_start(); // get questions/answers $questions = $questionnaireLib->getQuestions($questionnaireID); $this->_template->assign('isModal', true); $this->_template->assign('questionnaireID', $questionnaireID); $this->_template->assign('data', $questionnaire); $this->_template->assign('questions', $questions); $this->_template->display('./modules/settings/CareerPortalQuestionnaireShow.tpl'); $buffer = ob_get_contents(); ob_end_clean(); $formData = '<form name="postQuestionnaire" id="postQuestionnaire" ' . 'enctype="multipart/form-data" method="post" action="' . CATSUtility::getIndexName() . '?m=careers&p=onApplyToJobOrder' . '&questionnairePostBack=1">' . "\n" . $this->capturePostData($siteID); // Collect all of the post data and resubmit it as hidden elements $buffer = $formData . $buffer; $template['Content'] = str_replace('<questionnaire>', $buffer, $template['Content - Questionnaire']); $template['Content'] = str_replace('<submit', '<input type="submit" class="submitButton"', $template['Content']) . '</form>'; } } else if ($p == 'showJob') { $template['Content'] = $template['Content - Job Details']; $jobID = $_GET['ID']; /* Filter out non numeric characters */ for ($i = 0; $i < strlen($jobID); $i++) { if (ord(substr($jobID, $i, 1)) < ord('0') || ord(substr($jobID, $i, 1)) > ord('9') ) { $jobID = str_replace(substr($jobID, $i, 1), '*', $jobID); } } $jobID = str_replace('*', '', $jobID); /* Force integer */ $jobID = $jobID * 1; $jobOrderData = $jobOrders->get($jobID); if (!isset($jobOrderData['public']) || $jobOrderData['public'] == 0) { echo '<html><body>This position is no longer available. Please wait while we direct you to the job list...<script>setTimeout("document.location.href=\'?m=careers&&p=showAll\';", 1500);</script></body></html>'; die (); } $template['Content'] = str_replace('<registeredCandidate>', $useCookie && $isRegistrationEnabled ? $this->getRegisteredCandidateBlock($siteID, $template['Content - Candidate Registration']) : '', $template['Content']); $template['Content'] = str_replace('<title>', $jobOrderData['title'], $template['Content']); $template['Content'] = str_replace('<city>', $jobOrderData['city'], $template['Content']); $template['Content'] = str_replace('<openings>', $jobOrderData['openings'], $template['Content']); $template['Content'] = str_replace('<state>', $jobOrderData['state'], $template['Content']); $template['Content'] = str_replace('<type>', $jobOrders->typeCodeToString($jobOrderData['type']), $template['Content']); $template['Content'] = str_replace('<created>', $jobOrderData['dateCreated'], $template['Content']); $template['Content'] = str_replace('<recruiter>', $jobOrderData['recruiterFullName'], $template['Content']); $template['Content'] = str_replace('<companyName>', $jobOrderData['companyName'], $template['Content']); $template['Content'] = str_replace('<contactName>', $jobOrderData['contactFullName'], $template['Content']); $template['Content'] = str_replace('<contactPhone>', $jobOrderData['contactWorkPhone'], $template['Content']); $template['Content'] = str_replace('<contactEmail>', $jobOrderData['contactEmail'], $template['Content']); $template['Content'] = str_replace('<description>', $jobOrderData['description'], $template['Content']); $template['Content'] = str_replace('<rate>', nl2br($jobOrderData['maxRate']), $template['Content']); $template['Content'] = str_replace('<salary>', nl2br($jobOrderData['salary']), $template['Content']); $template['Content'] = str_replace('<daysOld>', nl2br($jobOrderData['daysOld']), $template['Content']); $isRegistered = $this->isCandidateRegistered($siteID, $template['Content - Candidate Registration']); // If candidate registration is enabled, ask them if they would like to log in first if ($isRegistrationEnabled && !$isRegistered) { $template['Content'] = str_replace('<a-applyToJob', '<a href="'.CATSUtility::getIndexName().'?m=careers'.(isset($_GET['templateName']) ? '&templateName='.urlencode($_GET['templateName']) : '').'&p=candidateRegistration&ID='.$jobID.'"', $template['Content']); } else { $template['Content'] = str_replace('<a-applyToJob', '<a href="'.CATSUtility::getIndexName().'?m=careers'.(isset($_GET['templateName']) ? '&templateName='.urlencode($_GET['templateName']) : '').'&p=applyToJob&ID='.$jobID.'"', $template['Content']); } $jobOrders = new JobOrders($siteID); $extraFieldsForJobOrders = $jobOrders->extraFields->getValuesForShow($jobID); foreach($extraFieldsForJobOrders as $ef) { $template['Content'] = str_replace('<extraField-' .urlencode($ef['fieldName']) . '>', $ef['display'], $template['Content']); } } else if ($p == 'searchResults') { } else { $template['Content'] = $template['Content - Main']; $template['Content'] = str_replace('<registeredCandidate>', $useCookie && $isRegistrationEnabled ? $this->getRegisteredCandidateBlock($siteID, $template['Content - Candidate Registration']) : '', $template['Content']); $isRegistered = $useCookie ? $this->isCandidateRegistered($siteID, $template['Content - Candidate Registration']) : false; if ($isRegistrationEnabled) { // postback if (isset($_GET[$id='postback']) && !strcmp($_GET[$id], 'yes')) { $candidate = $this->ProcessCandidateRegistration($siteID, $template['Content - Candidate Registration']); if ($candidate === false) { $isRegistered = false; // Error Message $template['Content'] = str_replace('<registeredLoginTitle>', '<h1 style="color: #800000;">No applicants were ' . 'found matching your criteria.</h1><h3>Once you apply to any of our positions, you will automatically ' . 'be registered.<br /><br />', $template['Content'] ); } else { $isRegistered = true; } } if (!$isRegistered) { // If they're not logged on but registration is enabled, give them the opportunity to $content = $template['Content - Candidate Registration']; $js = ''; $content = str_replace(array('<registeredLoginTitle>', '</registeredLoginTitle>'), '', $content); $content = str_replace('<applyContent>', '<div style="display: none;">', $content); $content = str_replace('</applyContent>', '</div>', $content); $content = str_replace('<input-submit>', '<input type="submit" id="submitButton" name="submitButton" value="Login" />', $content); $content = str_replace('<input-new>', '<input type="hidden" id="isNewNo" name="isNew" value="no" />', $content); $content = str_replace('<input-registered>', '', $content); $content = str_replace('<input-rememberMe>', '<input type="checkbox" id="rememberMe" name="rememberMe" value="yes" checked />', $content); $content = str_replace('<title>', '', $content); // Process html-ish fields like <input-firstName> into the proper form $content = preg_replace( '/\<input\-([A-Za-z0-9]+)\>/', '<input type="text" class="inputBoxNormal" style="width: 270px;" name="$1" id="$1" onfocus="onFocusFormField(this)" />', $content ); // Insert the form block $content = sprintf( '<form name="login" id="login" method="post" onsubmit="return validateCandidateRegistration()" ' . 'action="%s?postback=yes">', CATSUtility::getIndexName() ) . $content . '<script>enableFormFields(true);</script></form>'; $template['Content'] = str_replace('<registeredLogin>', $content, $template['Content']); } else { $template['Content'] = str_replace('<registeredLoginTitle>', '<div style="display: none;">', $template['Content']); $template['Content'] = str_replace('</registeredLoginTitle>', '</div>', $template['Content']); $template['Content'] = str_replace(array('<registeredCandidate>', '<registeredLogin>'), '', $template['Content']); } } else { $template['Content'] = str_replace('<registeredLoginTitle>', '<div style="display: none;">', $template['Content']); $template['Content'] = str_replace('</registeredLoginTitle>', '</div>', $template['Content']); $template['Content'] = str_replace(array('<registeredCandidate>', '<registeredLogin>'), '', $template['Content']); } } $indexName = CATSUtility::getIndexName(); foreach ($template as $index => $data) { $template[$index] = str_replace('<a-LinkMain>', '<a href="'.$indexName.'?m=careers'.(isset($_GET['templateName']) ? '&templateName='.urlencode($_GET['templateName']) : '').'">', $template[$index]); $template[$index] = str_replace('<a-LinkSearch>', '<a href="'.$indexName.'?m=careers'.(isset($_GET['templateName']) ? '&templateName='.urlencode($_GET['templateName']) : '').'&p=search">', $template[$index]); $template[$index] = str_replace('<a-ListAll>', '<a href="'.$indexName.'?m=careers'.(isset($_GET['templateName']) ? '&templateName='.urlencode($_GET['templateName']) : '').'&p=showAll">', $template[$index]); $template[$index] = str_replace('<siteName>', $siteName, $template[$index]); $template[$index] = str_replace('<numberOfOpenPositions>', count($rs), $template[$index]); /* Hacks for loading from a nonstandard root directory. */ if (isset($careerPage) && $careerPage == true) { $template[$index] = str_replace('"images/', '"../images/', $template[$index]); $template[$index] = str_replace('\'images/', '\'../images/', $template[$index]); $template[$index] = str_replace('<rssURL>', '../rss/', $template[$index]); } else { $template[$index] = str_replace('<rssURL>', 'rss/', $template[$index]); } } $this->_template->assign('template', $template); $this->_template->assign('siteName', $siteName); if (!eval(Hooks::get('CAREERS_PAGE_BOTTOM'))) return; if ($careerPortalSettingsRS['useCATSTemplate'] != '') { $this->_template->display($careerPortalSettingsRS['useCATSTemplate']); } else { $this->_template->display('./modules/careers/Blank.php'); } }
private function administrativeHideShow() { if ($this->_accessLevel < ACCESS_LEVEL_MULTI_SA) { CommonErrors::fatal(COMMONERROR_PERMISSION, $this, 'Invalid user level for action.'); } /* Bail out if we don't have a valid joborder ID. */ if (!$this->isRequiredIDValid('jobOrderID', $_GET)) { CommonErrors::fatal(COMMONERROR_BADINDEX, $this, 'Invalid Job Order ID.'); } /* Bail out if we don't have a valid status ID. */ if (!$this->isRequiredIDValid('state', $_GET, true)) { CommonErrors::fatal(COMMONERROR_BADINDEX, $this, 'Invalid state ID.'); } $jobOrderID = $_GET['jobOrderID']; // FIXME: Checkbox? (bool) ($state = $_GET['state']); $joborders = new JobOrders($this->_siteID); $joborders->administrativeHideShow($jobOrderID, $state); CATSUtility::transferRelativeURI('m=joborders&a=show&jobOrderID=' . $jobOrderID); }
public function addSavedSearch() { if (!isset($_GET['searchID'])) { CommonErrors::fatal(COMMONERROR_BADINDEX, $this, 'No search ID specified.'); } if (!isset($_GET['currentURL'])) { CommonErrors::fatal(COMMONERROR_BADFIELDS, $this, 'No current URL specified.'); } $searchID = $_GET['searchID']; $currentURL = $_GET['currentURL']; if (!eval(Hooks::get('HOME_ADD_SAVED_SEARCH_PRE'))) return; $savedSearches = new SavedSearches($this->_siteID); $savedSearches->save($searchID); if (!eval(Hooks::get('HOME_ADD_SAVED_SEARCH_POST'))) return; CATSUtility::transferRelativeURI($currentURL); }