function pp_subscr_manual_approve($invoice_id) { global $label; $sql = "UPDATE `subscription_invoices` set status='Pending', reason='" . jb_escape_sql('reviewing') . "', `payment_method`='PayPal' WHERE invoice_id='" . jb_escape_sql($invoice_id) . "' "; JB_mysql_query($sql) or JB_pp_mail_error(mysql_error()); $invoice_row = JB_get_subscription_invoice_row($invoice_id); $sql = "Select * FROM employers WHERE ID='" . jb_escape_sql($invoice_row['employer_id']) . "'"; $result = JB_mysql_query($sql) or die(mysql_error()); $e_row = mysql_fetch_array($result, MYSQL_ASSOC); $email = $label['paypal_subscr_manual_review']; $email = str_replace('%NAME%', $e_row['FirstName'] . ' ' . $e_row['LastName'], $email); $email = str_replace('%SITE_NAME%', JB_SITE_NAME, $email); $email = str_replace('%SITE_EMAIL%', JB_SITE_CONTACT_EMAIL, $email); $email = str_replace('%INVOICE_ID%', $invoice_id, $email); $email_id = JB_queue_mail($e_row['Email'], $e_row['FirstName'] . ' ' . $e_row['LastName'], JB_SITE_CONTACT_EMAIL, JB_SITE_NAME, $label['paypal_subscr_manual_sbj'], $email, '', 677); JB_process_mail_queue(1, $email_id); // copy to Admin $email = $label['paypal_subscr_manual_admin'] . $email; $email_id = JB_queue_mail(JB_SITE_CONTACT_EMAIL, 'Admin', JB_SITE_CONTACT_EMAIL, JB_SITE_NAME, $label['paypal_subscr_manual_sbj'], $email, '', 678); JB_process_mail_queue(1, $email_id); }
$score++; } if (strpos($row['message'], $your_email) !== false) { // re-used email $score++; } } $score = $score / $max_score; if ($score >= 0.5) { $discard = true; // silently discard this message } } if (!$discard) { $email_id = JB_queue_mail($to, $to_name, JB_SITE_CONTACT_EMAIL, JB_SITE_NAME, $subject, $msg, '', 46); JB_process_mail_queue(1, $email_id); } ?> <hr><?php echo $label['taf_email_sent']; ?> <?php echo jb_escape_html($to_email); ?> <b/><br> <p style="text-align:center;"><input onclick="window.location='<?php echo htmlentities($_SERVER['PHP_SELF']) . "?post_id={$post_id}"; ?> '" type='button' value='<?php echo $label['taf_button_send_again'];
function JB_insert_post_data($insert_mode = 'EMPLOYER') { if ($_REQUEST['user_id'] != '' && $insert_mode == 'ADMIN') { $user_id = (int) $_REQUEST['user_id']; } else { $user_id = (int) $_SESSION['JB_ID']; } // determine what kind of posting it is $post_mode = "free"; if ($_REQUEST['type'] != 'premium') { if (JB_POSTING_FEE_ENABLED == 'YES') { $post_mode = "normal"; if ($insert_mode != 'ADMIN') { $credits = JB_get_num_posts_remaining($user_id); } } } else { if (JB_PREMIUM_POSTING_FEE_ENABLED == 'YES') { $post_mode = "premium"; if ($insert_mode != 'ADMIN') { $credits = JB_get_num_premium_posts_remaining($user_id); } } } $_PRIVILEGED_USER = false; if ($insert_mode != 'ADMIN') { // check if the user is priveleged $_PRIVILEGED_USER = JB_is_privileged_user($user_id, $post_mode); } elseif ($insert_mode == 'ADMIN') { // Admin mode is always _PRIVILEGED_USER $_PRIVILEGED_USER = true; } $approved = 'N'; if (JB_POSTS_NEED_APPROVAL == 'NO') { $approved = 'Y'; } elseif ($_PRIVILEGED_USER) { $approved = 'Y'; } elseif (JB_POSTS_NEED_APPROVAL == 'NOT_SUBSCRIBERS' && $insert_mode == 'EMPLOYER') { // no approval needed for subscibers.. if (JB_SUBSCRIPTION_FEE_ENABLED == 'YES') { // check subscription if (JB_get_employer_subscription_status($user_id) == 'Active') { $approved = 'Y'; } } if ($post_mode != 'free') { $approved = 'Y'; } } if ($_REQUEST['app_type'] == false) { $_REQUEST['app_type'] = "O"; } $new = false; if ($_REQUEST['post_id'] == false) { $new = true; $now = gmdate("Y-m-d H:i:s"); $assign = array('post_date' => gmdate("Y-m-d H:i:s"), 'post_mode' => $post_mode, 'user_id' => $user_id, 'pin_x' => (int) $_REQUEST['pin_x'], 'pin_y' => (int) $_REQUEST['pin_y'], 'approved' => $approved, 'app_type' => $_REQUEST['app_type'], 'app_url' => $_REQUEST['app_url'], 'cached_summary' => '', 'expired' => 'N'); $sql = "REPLACE INTO `posts_table` (" . JB_get_sql_insert_fields(1, $assign) . ") VALUES (" . JB_get_sql_insert_values(1, "posts_table", "post_id", $post_id, $user_id, $assign) . " )"; // DEDUCT CREDITS (For new posts) if ($post_mode == 'normal' && !$_PRIVILEGED_USER) { JB_deduct_posting_credit($user_id); } if ($post_mode == 'premium' && !$_PRIVILEGED_USER) { JB_deduct_p_posting_credit($user_id); } } else { $post_id = (int) $_REQUEST['post_id']; if ($insert_mode != 'ADMIN') { // verify that the post is owned by this user in case of hacking $sql = "SELECT * from posts_table where post_id='" . jb_escape_sql($_REQUEST['post_id']) . "'"; //echo $sql.'<br>'.$user_id; $result = JB_mysql_query($sql) or die(mysql_error()); $row = mysql_fetch_array($result, MYSQL_ASSOC); if ($row['user_id'] != $user_id) { die('hacking attempt'); } } $old_data = JB_load_post_data($post_id); // these old_values will be used to update the category counters & keep the current approved status $approved = $old_data['approved']; $assign = array('pin_x' => (int) $_REQUEST['pin_x'], 'pin_y' => (int) $_REQUEST['pin_y'], 'approved' => $approved, 'app_type' => $_REQUEST['app_type'], 'app_url' => $_REQUEST['app_url']); $sql = "UPDATE `posts_table` SET " . JB_get_sql_update_values(1, "posts_table", "post_id", $_REQUEST['post_id'], $user_id, $assign) . " WHERE post_id='" . jb_escape_sql($post_id) . "'"; } $result = JB_mysql_query($sql) or die(mysql_error() . $sql); if ($new) { $post_id = jb_mysql_insert_id(); } JBPLUG_do_callback('insert_post_data', $post_id); // for the plugin if you want your plugin to do something after a post is saved. Note that if the post is edited then $_REQUEST['post_id'] will be set or else this is a new post. if (JB_PREMIUM_AUTO_UPGRADE == 'YES') { // auto upgrade to premium! $post_mode = "premium"; $sql = "UPDATE `posts_table` SET `post_mode`='" . jb_escape_sql($post_mode) . "' WHERE post_id='" . jb_escape_sql($post_id) . "' "; JB_mysql_query($sql) or die(mysql_error() . $sql); } // rebuild categories count... JB_update_post_category_count($old_data, $_REQUEST); // This will update the category counters only for the affected categories // build categories cache / update counters / update rss, etc. JB_finalize_post_updates(); if (JB_EMAIL_NEW_POST_SWITCH == 'YES' && $new) { $Form = JB_get_DynamicFormObject(1); $Form->load($post_id); $TITLE = $Form->get_raw_template_value("TITLE"); $POSTED_BY = $Form->get_raw_template_value("POSTED_BY"); $POSTED_BY_ID = $Form->get_raw_template_value("USER_ID"); $DATE = JB_get_formatted_date($Form->get_template_value("DATE")); $FORMATTED_DATE = $DATE; $DESCRIPTION = $Form->get_raw_template_value("DESCRIPTION"); // get the email template $template_result = JB_get_email_template(310, $_SESSION['LANG']); $t_row = mysql_fetch_array($template_result); $to_address = JB_SITE_CONTACT_EMAIL; $to_name = JB_SITE_NAME; $subject = $t_row['EmailSubject']; $message = $t_row['EmailText']; $from_name = $t_row['EmailFromName']; $from_address = $t_row['EmailFromAddress']; $subject = str_replace("%SITE_NAME%", JB_SITE_NAME, $subject); $message = str_replace("%SITE_NAME%", JB_SITE_NAME, $message); $message = str_replace("%SITE_URL%", JB_BASE_HTTP_PATH, $message); $message = str_replace("%SITE_CONTACT_EMAIL%", JB_SITE_CONTACT_EMAIL, $message); $message = str_replace("%POST_TITLE%", $TITLE, $message); $message = str_replace("%DATE%", $FORMATTED_DATE, $message); $message = str_replace("%POST_DESCRIPTION%", $DESCRIPTION, $message); $message = str_replace("%POSTED_BY%", $POSTED_BY, $message); $message = str_replace("%ADMIN_LINK%", JB_BASE_HTTP_PATH . "admin/ra.php?post_id=" . $Form->get_value('post_id') . "&key=" . md5($Form->get_value('post_id') . JB_ADMIN_PASSWORD), $message); $message = str_replace('<BR>', "\n", $message); $message = str_replace('<P>', "\n\n", $message); $message = html_entity_decode($message); $message = strip_tags($message); $email_id = JB_queue_mail($to_address, $to_name, $from_address, $from_name, $subject, $message, '', 310); JB_process_mail_queue(1, $email_id); } return $post_id; }
} } if ($_REQUEST['action'] == 'resend') { $_REQUEST['mail_id'] = (int) $_REQUEST['mail_id']; $sql = "UPDATE mail_queue SET status='queued' WHERE mail_id='" . jb_escape_sql($_REQUEST['mail_id']) . "'"; JB_mysql_query($sql) or die(mysql_error()); JB_process_mail_queue(1, $_REQUEST['mail_id']); } $JB_EMAILS_PER_BATCH = JB_EMAILS_PER_BATCH; if ($JB_EMAILS_PER_BATCH == '') { $JB_EMAILS_PER_BATCH = 10; } if ($_REQUEST['action'] == 'send') { //$sql = "DELETE FROM mail_queue where `status`='sent' "; //JB_mysql_query($sql) or die(mysql_error()); JB_process_mail_queue($JB_EMAILS_PER_BATCH); } $q_to_add = $_REQUEST['q_to_add']; $q_to_name = $_REQUEST['q_to_name']; $q_subj = $_REQUEST['q_subj']; $q_msg = $_REQUEST['q_msg']; $q_status = $_REQUEST['q_status']; $q_type = $_REQUEST['q_type']; $q_user_id = $_REQUEST['q_user_id']; $q_user_type = $_REQUEST['q_user_type']; $search = $_REQUEST['search']; $q_string = "&q_user_id={$q_user_id}&q_user_type={$q_user_type}&q_to_add={$q_to_add}&q_subj={$q_subj}&q_to_name={$q_to_name}&q_msg={$q_msg}&q_status={$q_status}&q_type={$q_type}&search={$search}"; $sql = "select count(*) as c from mail_queue "; $result = JB_mysql_query($sql); $row = mysql_fetch_array($result, MYSQL_ASSOC); $total = $row['c'];
function JB_do_cron_job() { if (is_numeric(JB_CRON_LIMIT)) { // check load averge. Do not do cron if load avg is larger than the limit JB_exec("w", $out); preg_match('#load average: (\\d+\\.\\d+)#', $out[0], $m); $load_av = $m[1]; if ($load_av > JB_CRON_LIMIT) { return false; } } $unix_time = time(); $dir = JB_basedirpath(); // process the email queue JB_process_mail_queue(JB_EMAILS_PER_BATCH); // scan inbox if (!function_exists('JB_monitor_mail_box')) { require_once $dir . "include/mail_monitor_functions.php"; } JB_load_monitor_constants(); if (MON_ENABLED == 'YES') { JB_monitor_mail_box(); } // get the time of last HOURLY run $sql = "SELECT * FROM `jb_variables` where `key` = 'LAST_HOURLY_RUN' "; $result = @JB_mysql_query($sql) or $DB_ERROR = mysql_error(); $t_row = @mysql_fetch_array($result, MYSQL_ASSOC); JBPLUG_do_callback('do_cron_job', $A = false); // queue email alerts if ($unix_time > $t_row['val'] + 3600) { // did 1 hour elapse since last run? 3600 if (JB_JOB_ALERTS_ENABLED == 'YES') { // need to init jobs tag_to_field define('JB_JOB_ALERTS_DO_SEND', true); require $dir . 'admin/jobalerts.php'; } if (JB_RESUME_ALERTS_ENABLED == 'YES') { // need to init resume tag_to_field define('JB_RESUME_ALERTS_DO_SEND', true); require $dir . 'admin/resumealerts.php'; } JB_update_employer_subscriptions(); JB_update_memberships(); // update timestamp $sql = "REPLACE INTO jb_variables (`key`, `val`) VALUES ('LAST_HOURLY_RUN', '{$unix_time}') "; $result = @JB_mysql_query($sql) or $DB_ERROR = mysql_error(); if (!function_exists('JB_search_category_tree_for_posts')) { require_once $dir . "include/posts.inc.php"; } JB_expire_posts('PREMIUM'); JB_expire_posts('STANDARD'); JB_cache_del_keys_for_all_cats(1); JB_cache_del_keys_for_all_cats(2); JB_cache_del_keys_for_all_cats(3); JB_cache_del_keys_for_all_cats(4); JB_cache_del_keys_for_all_cats(5); // JB_update_post_count(); JB_update_resume_count(); JB_update_profile_count(); JB_update_employer_count(); JB_update_user_count(); if (EMAIL_URL_SHORTEN == 'YES') { JB_expire_short_URLs(); } // run the import tool JB_process_xml_import(); JBPLUG_do_callback('do_cron_hourly', $A = false); } }
function JB_create_new_employer_account() { if ($_REQUEST['lang'] == '') { $_REQUEST['lang'] = JB_get_default_lang(); } global $label; global $jb_mysql_link; $validated = 0; if (JB_EM_NEEDS_ACTIVATION == "AUTO" || JB_EM_NEEDS_ACTIVATION == "FIRST_POST") { $validated = 1; } // when inserting, use $assign to overwrite // the values which we do not want to fetch from the $_REQUEST // (Assuming that values on $_REQUEST already went through validation) $assign = array('Validated' => $validated, 'SignupDate' => gmdate("Y-m-d H:i:s"), 'IP' => $_SERVER['REMOTE_ADDR'], 'Newsletter' => (int) $_REQUEST['Newsletter'], 'Notification1' => (int) $_REQUEST['Notification1'], 'Notification2' => (int) $_REQUEST['Notification2'], 'posts_balance' => JB_BEGIN_STANDARD_CREDITS, 'premium_posts_balance' => JB_BEGIN_PREMIUM_CREDITS, 'Password' => md5(stripslashes($_REQUEST['Password'])), 'expired' => 'N'); $sql = "REPLACE INTO `employers` (" . JB_get_sql_insert_fields(4, $assign) . ") VALUES (" . JB_get_sql_insert_values(4, "employers", "ID", $employer_id, '', $assign) . ") "; $result = JB_mysql_query($sql); $employer_id = JB_mysql_insert_id(); if ($employer_id > 0) { JBPLUG_do_callback('create_employer_account', $employer_id); } $result = JB_get_email_template(2, $_SESSION['LANG']); $e_row = mysql_fetch_array($result, MYSQL_ASSOC); $subject = str_replace("%MEMBERID%", stripslashes($_REQUEST['Username']), $e_row['EmailSubject']); $EmailMessage = str_replace("%FNAME%", stripslashes($_REQUEST['FirstName']), $e_row['EmailText']); $EmailMessage = str_replace("%LNAME%", stripslashes($_REQUEST['LastName']), $EmailMessage); $EmailMessage = str_replace("%SITE_CONTACT_EMAIL%", JB_SITE_CONTACT_EMAIL, $EmailMessage); $EmailMessage = str_replace("%SITE_NAME%", JB_SITE_NAME, $EmailMessage); $EmailMessage = str_replace("%MEMBERID%", stripslashes($_REQUEST['Username']), $EmailMessage); $EmailMessage = str_replace("%PASSWORD%", stripslashes($_REQUEST['Password']), $EmailMessage); $EmailMessage = str_replace("%SITE_URL%", JB_BASE_HTTP_PATH, $EmailMessage); JBPLUG_do_callback('employer_signup_email_msg', $EmailMessage, $employer_id); if (!defined('JB_EMAIL_EMP_SIGNUP')) { define('JB_EMAIL_EMP_SIGNUP', 'YES'); } if (JB_EMAIL_EMP_SIGNUP == 'YES') { $email_id = JB_queue_mail(stripslashes($_REQUEST['Email']), jb_get_formatted_name(stripslashes($_REQUEST['FirstName']), stripslashes($_REQUEST['LastName'])), $e_row['EmailFromAddress'], $e_row['EmailFromName'], $subject, $EmailMessage, '', 2); JB_process_mail_queue(1, $email_id); } $to = JB_SITE_CONTACT_EMAIL; if (JB_EMAIL_EMPLOYER_SIGNUP_SWITCH == 'YES') { $email_id = JB_queue_mail($to, "Admin", JB_SITE_CONTACT_EMAIL, JB_SITE_NAME, $subject, $EmailMessage, '', 2); JB_process_mail_queue(1, $email_id); } return $employer_id; }
function JB_create_new_candidate_account() { global $label; if ($_REQUEST['lang'] == '') { $_REQUEST['lang'] = JB_get_default_lang(); } $validated = 0; if (JB_CA_NEEDS_ACTIVATION == "AUTO") { $validated = 1; } // when inserting, use $assign to overwrite // the values which we do not want to fetch from the $_REQUEST // (Assuming that values on $_REQUEST already went through validation) $assign = array('Validated' => $validated, 'SignupDate' => gmdate("Y-m-d H:i:s"), 'IP' => $_SERVER['REMOTE_ADDR'], 'Newsletter' => (int) $_REQUEST['Newsletter'], 'Notification1' => (int) $_REQUEST['Notification1'], 'Notification2' => (int) $_REQUEST['Notification2'], 'Password' => md5(stripslashes($_REQUEST['Password'])), 'expired' => 'N'); $sql = "REPLACE INTO `users` ( " . JB_get_sql_insert_fields(5, $assign) . ") VALUES ( " . JB_get_sql_insert_values(5, "users", "ID", $user_id, '', $assign) . ") "; JB_mysql_query($sql); $user_id = JB_mysql_insert_id(); if ($user_id > 0) { JBPLUG_do_callback('create_candidate_account', $user_id); } // Here the emailmessage itself is defined, this will be send to your members. Don't forget to set the validation link here. $result = JB_get_email_template(1, $_SESSION['LANG']); $e_row = mysql_fetch_array($result, MYSQL_ASSOC); $EmailMessage = $e_row['EmailText']; $from = $e_row['EmailFromAddress']; $from_name = $e_row['EmailFromName']; $subject = $e_row['EmailSubject']; $subject = str_replace("%MEMBERID%", stripslashes($_REQUEST['Username']), $subject); $EmailMessage = str_replace("%FNAME%", stripslashes($_REQUEST['FirstName']), $EmailMessage); $EmailMessage = str_replace("%LNAME%", stripslashes($_REQUEST['LastName']), $EmailMessage); $EmailMessage = str_replace("%SITE_CONTACT_EMAIL%", JB_SITE_CONTACT_EMAIL, $EmailMessage); $EmailMessage = str_replace("%SITE_NAME%", JB_SITE_NAME, $EmailMessage); $EmailMessage = str_replace("%MEMBERID%", stripslashes($_REQUEST['Username']), $EmailMessage); $EmailMessage = str_replace("%PASSWORD%", stripslashes($_REQUEST['Password']), $EmailMessage); $EmailMessage = str_replace("%SITE_URL%", JB_BASE_HTTP_PATH, $EmailMessage); JBPLUG_do_callback('candidate_signup_email_msg', $EmailMessage, $user_id); $to = stripslashes($_REQUEST['Email']); if (!defined('JB_EMAIL_CAN_SIGNUP')) { define('JB_EMAIL_CAN_SIGNUP', 'YES'); } if (JB_EMAIL_CAN_SIGNUP == 'YES') { $email_id = JB_queue_mail($to, stripslashes(jb_get_formatted_name(stripslashes($_REQUEST['FirstName']), stripslashes($_REQUEST['LastName']))), $e_row['EmailFromAddress'], $e_row['EmailFromName'], $subject, $EmailMessage, '', 1); JB_process_mail_queue(1, $email_id); } $to = JB_SITE_CONTACT_EMAIL; if (JB_EMAIL_CANDIDATE_SIGNUP_SWITCH == 'YES') { $email_id = JB_queue_mail($to, "Admin", JB_SITE_CONTACT_EMAIL, JB_SITE_NAME, $subject, $EmailMessage, '', 2); JB_process_mail_queue(1, $email_id); } return $user_id; }
function process_payment_return() { global $label; if ($_REQUEST['order_id'] != '' && $_REQUEST['nhezk5'] != '') { $invoice_id = jb_strip_order_id($_REQUEST['order_id']); $product_type = substr($invoice_id, 0, 1); // 'P' or 'S' $invoice_id = substr($invoice_id, 1); if ($_SESSION['JB_ID'] == '') { echo "Error: You must be logged in to view this page"; JBPLUG_do_callback('pay_trn_verification_failed', $invoice_id, $product_type); } else { JBPLUG_do_callback('pay_trn_verification_passed', $invoice_id, $product_type); ?> <div style='background-color: #ffffff; border-color:#C0C0C0; border-style:solid;padding:10px'> <p align="center"><center> <?php if ($product_type == 'P') { $sql = "SELECT * from package_invoices where invoice_id='" . jb_escape_sql($invoice_id) . "' and employer_id='" . jb_escape_sql($_SESSION['JB_ID']) . "'"; } elseif ($product_type == 'S') { $sql = "SELECT * from subscription_invoices where invoice_id='" . jb_escape_sql($invoice_id) . "' and employer_id='" . jb_escape_sql($_SESSION['JB_ID']) . "'"; } elseif ($product_type == 'M') { $sql = "SELECT * from membership_invoices where invoice_id='" . jb_escape_sql($invoice_id) . "' and user_id='" . jb_escape_sql($_SESSION['JB_ID']) . "'"; } $result = JB_mysql_query($sql) or die(mysql_error() . $sql); $order_row = mysql_fetch_array($result, MYSQL_ASSOC); if (BANK_TAX_RATE > 0) { if (BANK_ADD_TAX != 'Y') { // taxes included in prices // work out the tax paid in the amount $tax = $order_row['amount'] - $order_row['amount'] / (1.0 + BANK_TAX_RATE); } else { $tax = $order_row['amount'] * BANK_TAX_RATE; $order_row['amount'] = $order_row['amount'] + $tax; // update the amount on the invoice row if (!does_field_exist("package_invoices", "invoice_tax")) { $sql = "ALTER TABLE `package_invoices` ADD `invoice_tax` FLOAT NOT NULL DEFAULT '0';"; mysql_query($sql) or die($sql . mysql_error()); $sql = "ALTER TABLE `subscription_invoices` ADD `invoice_tax` FLOAT NOT NULL DEFAULT '0';"; mysql_query($sql) or die($sql . mysql_error()); $sql = "ALTER TABLE `membership_invoices` ADD `invoice_tax` FLOAT NOT NULL DEFAULT '0';"; mysql_query($sql) or die($sql . mysql_error()); } if ($product_type == 'P') { $sql = "UPDATE package_invoices SET invoice_tax='" . (0 - $tax) . "', amount = amount + '" . jb_escape_sql($order_row['amount']) . "' WHERE invoice_id='" . jb_escape_sql($invoice_id) . "' and employer_id='" . jb_escape_sql($_SESSION['JB_ID']) . "' AND invoice_tax != '' "; } elseif ($product_type == 'S') { $sql = "UPDATE subscription_invoices SET invoice_tax='" . (0 - $tax) . "', amount = amount + '" . jb_escape_sql($order_row['amount']) . "' WHERE invoice_id='" . jb_escape_sql($invoice_id) . "' and employer_id='" . jb_escape_sql($_SESSION['JB_ID']) . "' AND invoice_tax != ''"; } elseif ($product_type == 'M') { $sql = "UPDATE membership_invoices SET invoice_tax='" . (0 - $tax) . "', amount = amount + '" . jb_escape_sql($order_row['amount']) . "' WHERE invoice_id='" . jb_escape_sql($invoice_id) . "' and user_id='" . jb_escape_sql($_SESSION['JB_ID']) . "' AND invoice_tax != ''"; } } } if (BANK_ADVANCE_CREDIT == 'YES' && strtolower($order_row['status']) != 'pending') { // place the order as 'pending' and advance the credits if ($product_type == 'P') { // posting credits $order_row = JB_pend_package_invoice($invoice_id, $payment_method = 'bank', $pending_reason = 'jb_credit_advanced'); // credit the points to the customer's account JB_add_posting_credits($order_row); } if ($product_type == 'S') { // subscription to view resumes $order_row = JB_pend_subscription_invoice($invoice_id, $payment_method = 'bank', $pending_reason = 'jb_credit_advanced'); JB_start_employer_subscription($order_row); } if ($product_type == 'M') { // membership $order_row = JB_pend_membership_invoice($invoice_id, $payment_method = 'bank', $pending_reason = 'jb_credit_advanced'); JB_start_membership($order_row); } JBPLUG_do_callback('pay_trn_pending', $invoice_id, $product_type); } $bank_amount = JB_convert_to_currency($order_row['amount'], $order_row['currency_code'], BANK_CURRENCY); $bank_amount = JB_format_currency($bank_amount, BANK_CURRENCY, true); $label['payment_bank_heading'] = str_replace("%INVOICE_AMOUNT%", $bank_amount, $label['payment_bank_heading']); $label['payment_bank_note'] = str_replace("%CONTACT_EMAIL%", JB_SITE_CONTACT_EMAIL, $label['payment_bank_note']); $label['payment_bank_note'] = str_replace("%INVOICE_CODE%", $product_type . $invoice_id, $label['payment_bank_note']); $label['payment_bank_tax'] = str_replace("%INVOICE_TAX%", JB_format_currency($tax, BANK_CURRENCY, true), $label['payment_bank_tax']); if (JB_get_default_currency() != BANK_CURRENCY) { echo JB_convert_to_default_currency_formatted($order_row['currency_code'], $order_row['amount']) . " = " . $bank_amount; echo "<br>"; } ?> <table width="70%"><tr><td> <?php if (BANK_TAX_RATE > 0) { ?> <b><?php echo $label['payment_bank_tax']; ?> </b><br> <?php } ?> <b><?php echo $label['payment_bank_heading']; ?> </b><br> <?php if (BANK_NAME != '') { ?> <b><?php echo $label['payment_bank_name']; ?> </b> <?php echo BANK_NAME; ?> <br> <?php } ?> <?php if (BANK_ADDRESS != '') { ?> <b><?php echo $label['payment_bank_addr']; ?> </b> <?php echo BANK_ADDRESS; ?> <br> <?php } ?> <?php if (BANK_ACCOUNT_NAME != '') { ?> <b><?php echo $label['payment_bank_ac_name']; ?> </b> <?php echo BANK_ACCOUNT_NAME; ?> <br> <?php } ?> <?php if (BANK_ACCOUNT_NUMBER != '') { ?> <b><?php echo $label['payment_bank_ac_number']; ?> </b> <?php echo BANK_ACCOUNT_NUMBER; ?> <br> <?php } ?> <?php if (BANK_BRANCH_NUMBER != '') { ?> <b><?php echo $label['payment_bank_branch_number']; ?> </b> <?php echo BANK_BRANCH_NUMBER; ?> <br> <?php } ?> <?php if (BANK_SWIFT != '') { ?> <b><?php echo $label['payment_bank_swift']; ?> </b> <?php echo BANK_SWIFT; ?> <br> <?php } ?> <?php echo $label['payment_bank_note']; ?> </td></tr> </table> </p> </center> </div> <?php if ($order_row['user_type'] == 'C') { $sql = "Select * from users where ID='" . jb_escape_sql($_SESSION['JB_ID']) . "'"; } else { $sql = "Select * from employers where ID='" . jb_escape_sql($_SESSION['JB_ID']) . "'"; } $result = JB_mysql_query($sql) or die(mysql_error()); $e_row = mysql_fetch_array($result, MYSQL_ASSOC); if ($product_type == 'P') { $template_r = JB_get_email_template(60, $_SESSION['LANG']); $template = mysql_fetch_array($template_r); $msg = $template['EmailText']; $from = $template['EmailFromAddress']; $from_name = $template['EmailFromName']; $subject = $template['EmailSubject']; $to = $e_row['Email']; $to_name = jb_get_formatted_name($e_row['FirstName'], $e_row['LastName']); $msg = str_replace("%INVOICE_TAX%", JB_format_currency($tax, BANK_CURRENCY, true), $msg); $msg = str_replace("%FNAME%", $e_row['FirstName'], $msg); $msg = str_replace("%LNAME%", $e_row['LastName'], $msg); $msg = str_replace("%SITE_NAME%", JB_SITE_NAME, $msg); $msg = str_replace("%INVOICE_CODE%", "P" . $order_row['invoice_id'], $msg); $msg = str_replace("%QUANTITY%", $order_row['posts_quantity'], $msg); $msg = str_replace("%ITEM_NAME%", $order_row['item_name'], $msg); $msg = str_replace("%INVOICE_AMOUNT%", JB_convert_to_default_currency_formatted($order_row['currency_code'], $order_row['amount']), $msg); $msg = str_replace("%BANK_NAME%", BANK_NAME, $msg); $msg = str_replace("%BANK_ADDRESS%", BANK_ADDRESS, $msg); $msg = str_replace("%BANK_AC_SWIFT%", BANK_SWIFT, $msg); $msg = str_replace("%BANK_AC_CURRENCY%", BANK_CURRENCY, $msg); $msg = str_replace("%BANK_AC_BRANCH%", BANK_AC_BRANCH, $msg); $msg = str_replace("%AC_NAME%", BANK_ACCOUNT_NAME, $msg); $msg = str_replace("%AC_NUMBER%", BANK_ACCOUNT_NUMBER, $msg); $msg = str_replace("%SITE_CONTACT_EMAIL%", JB_SITE_CONTACT_EMAIL, $msg); $msg = str_replace("%SITE_URL%", JB_BASE_HTTP_PATH, $msg); if (BANK_EMAIL_CONFIRM == 'YES') { $email_id = JB_queue_mail($to, $to_name, $from, $from_name, $subject, $msg, '', 60); JB_process_mail_queue(1, $email_id); } } elseif ($product_type == 'S') { // subscription invoice confirmed (id 80) $template_r = JB_get_email_template(80, $_SESSION['LANG']); $template = mysql_fetch_array($template_r); $msg = $template['EmailText']; $from = $template['EmailFromAddress']; $from_name = $template['EmailFromName']; $subject = $template['EmailSubject']; $to = $e_row['Email']; $to_name = jb_get_formatted_name($e_row['FirstName'], $e_row['LastName']); $msg = str_replace("%INVOICE_TAX%", JB_format_currency($tax, BANK_CURRENCY, true), $msg); $msg = str_replace("%FNAME%", $e_row['FirstName'], $msg); $msg = str_replace("%LNAME%", $e_row['LastName'], $msg); $msg = str_replace("%SITE_NAME%", JB_SITE_NAME, $msg); $msg = str_replace("%INVOICE_CODE%", "S" . $order_row['invoice_id'], $msg); $msg = str_replace("%QUANTITY%", $order_row['posts_quantity'], $msg); $msg = str_replace("%ITEM_NAME%", $order_row['item_name'], $msg); $msg = str_replace("%INVOICE_AMOUNT%", JB_convert_to_default_currency_formatted($order_row['currency_code'], $order_row['amount']), $msg); $msg = str_replace("%BANK_NAME%", BANK_NAME, $msg); $msg = str_replace("%BANK_ADDRESS%", BANK_ADDRESS, $msg); $msg = str_replace("%BANK_AC_SWIFT%", BANK_SWIFT, $msg); $msg = str_replace("%BANK_AC_CURRENCY%", BANK_CURRENCY, $msg); $msg = str_replace("%BANK_AC_BRANCH%", BANK_AC_BRANCH, $msg); $msg = str_replace("%AC_NAME%", BANK_ACCOUNT_NAME, $msg); $msg = str_replace("%AC_NUMBER%", BANK_ACCOUNT_NUMBER, $msg); $msg = str_replace("%SITE_CONTACT_EMAIL%", JB_SITE_CONTACT_EMAIL, $msg); $msg = str_replace("%SUB_DURATION%", $order_row['months_duration'], $msg); if (BANK_EMAIL_CONFIRM == 'YES') { $email_id = JB_queue_mail($to, $to_name, $from, $from_name, $subject, $msg, '', 80); JB_process_mail_queue(1, $email_id); } } elseif ($product_type == 'M') { // membership invoice confirmed (id 100) $template_r = JB_get_email_template(100, $_SESSION['LANG']); $template = mysql_fetch_array($template_r); $msg = $template['EmailText']; $from = $template['EmailFromAddress']; $from_name = $template['EmailFromName']; $subject = $template['EmailSubject']; $to = $e_row['Email']; $to_name = jb_get_formatted_name($e_row['FirstName'], $e_row['LastName']); $msg = str_replace("%INVOICE_TAX%", JB_format_currency($tax, BANK_CURRENCY, true), $msg); $msg = str_replace("%FNAME%", $e_row['FirstName'], $msg); $msg = str_replace("%LNAME%", $e_row['LastName'], $msg); $msg = str_replace("%SITE_NAME%", JB_SITE_NAME, $msg); $msg = str_replace("%INVOICE_CODE%", "M" . $order_row['invoice_id'], $msg); $msg = str_replace("%INVOICE_CODE%", "M" . $order_row['invoice_id'], $msg); $msg = str_replace("%ITEM_NAME%", $order_row['item_name'], $msg); $msg = str_replace("%INVOICE_AMOUNT%", JB_convert_to_default_currency_formatted($order_row['currency_code'], $order_row['amount']), $msg); $msg = str_replace("%BANK_NAME%", BANK_NAME, $msg); $msg = str_replace("%BANK_ADDRESS%", BANK_ADDRESS, $msg); $msg = str_replace("%BANK_AC_SWIFT%", BANK_SWIFT, $msg); $msg = str_replace("%BANK_AC_CURRENCY%", BANK_CURRENCY, $msg); $msg = str_replace("%BANK_AC_BRANCH%", BANK_AC_BRANCH, $msg); $msg = str_replace("%AC_NAME%", BANK_ACCOUNT_NAME, $msg); $msg = str_replace("%AC_NUMBER%", BANK_ACCOUNT_NUMBER, $msg); $msg = str_replace("%SITE_CONTACT_EMAIL%", JB_SITE_CONTACT_EMAIL, $msg); $msg = str_replace("%SITE_URL%", JB_BASE_HTTP_PATH, $msg); if ($order_row['months_duration'] == '0') { $order_row['months_duration'] = $label['member_not_expire']; } $msg = str_replace("%MEM_DURATION%", $order_row['months_duration'], $msg); if (BANK_EMAIL_CONFIRM == 'YES') { $email_id = JB_queue_mail($to, $to_name, $from, $from_name, $subject, $msg, '', 100); JB_process_mail_queue(1, $email_id); } } JB_update_payment_method($product_type, $order_row['invoice_id'], "bank"); } } else { JBPLUG_do_callback('pay_trn_verification_failed', $invoice_id, $product_type); } }
function JB_send_admin_new_invoice_alert($invoice_type, $invoice_id) { // get the invoice data switch ($invoice_type) { case 'P': $sql = "SELECT * FROM package_invoices WHERE invoice_id='" . jb_escape_sql($invoice_id) . "' "; break; case 'M': $sql = "SELECT * FROM membership_invoices WHERE invoice_id='" . jb_escape_sql($invoice_id) . "' "; break; case 'S': $sql = "SELECT * FROM subscription_invoices WHERE invoice_id='" . jb_escape_sql($invoice_id) . "' "; break; } $result = jb_mysql_query($sql); $invoice_row = mysql_fetch_array($result, MYSQL_ASSOC); if ($invoice_type == 'M') { // memberships $user_id = $invoice_row['user_id']; } else { // postings, subscriptions $user_id = $invoice_row['employer_id']; } // get the user data if ($invoice_row['user_type'] == 'C') { // memberships can have 'C' for Candidates $sql = "Select * from users where ID='" . jb_escape_sql($user_id) . "'"; } else { $sql = "Select * from employers where ID='" . jb_escape_sql($user_id) . "'"; } $result = JB_mysql_query($sql) or die(mysql_error()); $user_row = mysql_fetch_array($result, MYSQL_ASSOC); $template_r = JB_get_email_template(330, $_SESSION['LANG']); $template = mysql_fetch_array($template_r); $msg = $template['EmailText']; $from = $template['EmailFromAddress']; $from_name = $template['EmailFromName']; $subject = $template['EmailSubject']; $to = JB_SITE_CONTACT_EMAIL; $to_name = JB_SITE_NAME; $subject = str_replace("%SITE_NAME%", JB_SITE_NAME, $subject); $msg = str_replace("%LNAME%", $user_row['FirstName'], $msg); $msg = str_replace("%FNAME%", $user_row['LastName'], $msg); $msg = str_replace("%USER%", $user_row['Username'], $msg); $msg = str_replace("%SITE_NAME%", JB_SITE_NAME, $msg); $msg = str_replace("%INVOICE_CODE%", $invoice_type . $invoice_row['invoice_id'], $msg); $msg = str_replace("%ITEM_NAME%", $invoice_row['item_name'], $msg); $msg = str_replace("%INVOICE_AMOUNT%", JB_convert_to_default_currency_formatted($invoice_row['currency_code'], $invoice_row['amount']), $msg); $msg = str_replace("%ADMIN_LINK%", JB_BASE_HTTP_PATH . "admin/", $msg); $msg = str_replace("%SITE_CONTACT_EMAIL%", JB_SITE_CONTACT_EMAIL, $msg); $msg = str_replace("%SITE_URL%", JB_BASE_HTTP_PATH, $msg); if (JB_EMAIL_ADMIN_NEWORD_SWITCH == 'YES') { $email_id = JB_queue_mail(JB_SITE_CONTACT_EMAIL, JB_SITE_NAME, $from, $from_name, $subject, $msg, '', 330); JB_process_mail_queue(1, $email_id); } }
function process_payment_return() { global $label; if ($_REQUEST['order_id'] != '' && $_REQUEST['nhezk5'] != '') { $invoice_id = jb_strip_order_id($_REQUEST['order_id']); $product_type = substr($invoice_id, 0, 1); // 'P' or 'S' $invoice_id = substr($invoice_id, 1); if ($_SESSION['JB_ID'] == '') { JBPLUG_do_callback('pay_trn_verification_failed', $invoice_id, $product_type); echo "Error: You must be logged in to view this page"; } else { JBPLUG_do_callback('pay_trn_verification_passed', $invoice_id, $product_type); ?> <div style='background-color: #ffffff; border-color:#C0C0C0; border-style:solid;padding:10px'> <p align="center"><center> <?php if ($product_type == 'P') { $sql = "SELECT * from package_invoices where invoice_id='" . jb_escape_sql($invoice_id) . "' and employer_id='" . jb_escape_sql($_SESSION['JB_ID']) . "'"; } elseif ($product_type == 'S') { $sql = "SELECT * from subscription_invoices where invoice_id='" . jb_escape_sql($invoice_id) . "' and employer_id='" . jb_escape_sql($_SESSION['JB_ID']) . "'"; } elseif ($product_type == 'M') { $sql = "SELECT * from membership_invoices where invoice_id='" . jb_escape_sql($invoice_id) . "' and user_id='" . jb_escape_sql($_SESSION['JB_ID']) . "'"; } $result = JB_mysql_query($sql) or die(mysql_error() . $sql); $order_row = mysql_fetch_array($result, MYSQL_ASSOC); if (CHECK_TAX_RATE > 0) { if (CHECK_ADD_TAX != 'Y') { // work out the tax paid in the amount $tax = $order_row['amount'] - $order_row['amount'] / (1.0 + CHECK_TAX_RATE); } else { $tax = $order_row['amount'] * CHECK_TAX_RATE; $order_row['amount'] = $order_row['amount'] + $tax; } } if (CHECK_ADVANCE_CREDIT == 'YES' && strtolower($order_row['status']) != 'pending') { // place the order as 'pending' and advance the credits if ($product_type == 'P') { // posting credits $order_row = JB_pend_package_invoice($invoice_id, $payment_method = 'check', $pending_reason = 'jb_credit_advanced'); // credit the points to the customer's account JB_add_posting_credits($order_row); } if ($product_type == 'S') { // subscription to view resumes $order_row = JB_pend_subscription_invoice($invoice_id, $payment_method = 'check', $pending_reason = 'jb_credit_advanced'); JB_start_employer_subscription($order_row); } if ($product_type == 'M') { // membership $order_row = JB_pend_membership_invoice($invoice_id, $payment_method = 'check', $pending_reason = 'jb_credit_advanced'); JB_start_membership($order_row); } JBPLUG_do_callback('pay_trn_pending', $invoice_id, $product_type); } $check_amount = JB_convert_to_currency($order_row['amount'], $order_row['currency_code'], CHECK_CURRENCY); $check_amount = JB_format_currency($check_amount, CHECK_CURRENCY, true); $label['payment_check_sub_head'] = str_replace("%INVOICE_CODE%", $product_type . $_REQUEST['order_id'], $label['payment_check_sub_head']); echo $label['payment_check_sub_head']; $label['payment_check_heading'] = str_replace("%INVOICE_AMOUNT%", $check_amount, $label['payment_check_heading']); $label['payment_check_tax'] = str_replace("%INVOICE_TAX%", JB_format_currency($tax, CHECK_CURRENCY, true), $label['payment_check_tax']); if (JB_get_default_currency() != CHECK_CURRENCY) { echo JB_convert_to_default_currency_formatted($order_row['currency_code'], $order_row['amount']) . " = " . $check_amount; echo "<br>"; } ?> <table width="70%"><tr><td> <?php if (CHECK_TAX_RATE > 0) { ?> <b><?php echo $label['payment_check_tax']; ?> </b><br> <?php } ?> <b><?php echo $label['payment_check_heading']; ?> </b><br> <?php if (CHECK_NAME != '') { ?> <b><?php echo $label['payment_check_payable']; ?> </b><pre><?php echo CHECK_PAYABLE; ?> </pre><br> <?php } ?> <?php if (CHECK_ADDRESS != '') { ?> <b><?php echo $label['payment_check_address']; ?> </b><pre><?php echo CHECK_ADDRESS; ?> </pre><br> <?php } ?> <?php /*if ( CHECK_ACCOUNT_NAME != '') { ?> <b><?php echo $label['payment_check_currency'];?></b><pre><?php echo CHECK_CURRENCY; ?></pre><br> <?php } */ ?> </td></tr> </table> </p> </center> </div> <?php if ($order_row['user_type'] == 'C') { $sql = "Select * from users where ID='" . jb_escape_sql($_SESSION['JB_ID']) . "'"; } else { $sql = "Select * from employers where ID='" . jb_escape_sql($_SESSION['JB_ID']) . "'"; } $result = JB_mysql_query($sql) or die(mysql_error()); $e_row = mysql_fetch_array($result, MYSQL_ASSOC); if ($product_type == 'S') { $template_r = JB_get_email_template(81, $_SESSION['LANG']); $template = mysql_fetch_array($template_r); $msg = $template['EmailText']; $from = $template['EmailFromAddress']; $from_name = $template['EmailFromName']; $subject = $template['EmailSubject']; $msg = str_replace("%INVOICE_TAX%", JB_format_currency($tax, CHECK_CURRENCY, true), $msg); $msg = str_replace("%FNAME%", $e_row['FirstName'], $msg); $msg = str_replace("%LNAME%", $e_row['LastName'], $msg); $msg = str_replace("%SITE_NAME%", JB_SITE_NAME, $msg); $msg = str_replace("%INVOICE_CODE%", "S" . $order_row['invoice_id'], $msg); $msg = str_replace("%ITEM_NAME%", $order_row['item_name'], $msg); $msg = str_replace("%SUB_DURATION%", $order_row['months_duration'], $msg); $msg = str_replace("%INVOICE_AMOUNT%", JB_convert_to_default_currency_formatted($order_row['currency_code'], $order_row['amount']), $msg); $msg = str_replace("%PAYEE_NAME%", CHECK_PAYABLE, $msg); $msg = str_replace("%PAYEE_ADDRESS%", CHECK_ADDRESS, $msg); $msg = str_replace("%CHECK_CURRENCY%", CHECK_CURRENCY, $msg); $msg = str_replace("%SITE_CONTACT_EMAIL%", JB_SITE_CONTACT_EMAIL, $msg); $msg = str_replace("%SITE_URL%", JB_BASE_HTTP_PATH, $msg); //echo $msg; $to = $e_row['Email']; $to_name = jb_get_formatted_name($e_row['FirstName'], $e_row['LastName']); if (CHECK_EMAIL_CONFIRM == 'YES') { $email_id = JB_queue_mail($to, $to_name, $from, $from_name, $subject, $msg, '', 81); JB_process_mail_queue(1, $email_id); } } elseif ($product_type == 'M') { $template_r = JB_get_email_template(101, $_SESSION['LANG']); $template = mysql_fetch_array($template_r); $msg = $template['EmailText']; $from = $template['EmailFromAddress']; $from_name = $template['EmailFromName']; $subject = $template['EmailSubject']; $msg = str_replace("%INVOICE_TAX%", JB_format_currency($tax, CHECK_CURRENCY, true), $msg); $msg = str_replace("%FNAME%", $e_row['FirstName'], $msg); $msg = str_replace("%LNAME%", $e_row['LastName'], $msg); $msg = str_replace("%SITE_NAME%", JB_SITE_NAME, $msg); $msg = str_replace("%INVOICE_CODE%", "S" . $order_row['invoice_id'], $msg); $msg = str_replace("%ITEM_NAME%", $order_row['item_name'], $msg); if ($order_row['months_duration'] == '0') { $order_row['months_duration'] = $label['member_not_expire']; } $msg = str_replace("%MEM_DURATION%", $order_row['months_duration'], $msg); $msg = str_replace("%INVOICE_AMOUNT%", JB_convert_to_default_currency_formatted($order_row['currency_code'], $order_row['amount']), $msg); $msg = str_replace("%PAYEE_NAME%", CHECK_PAYABLE, $msg); $msg = str_replace("%PAYEE_ADDRESS%", CHECK_ADDRESS, $msg); $msg = str_replace("%CHECK_CURRENCY%", CHECK_CURRENCY, $msg); $msg = str_replace("%SITE_CONTACT_EMAIL%", JB_SITE_CONTACT_EMAIL, $msg); $msg = str_replace("%SITE_URL%", JB_BASE_HTTP_PATH, $msg); //echo $msg; $to = $e_row['Email']; $to_name = jb_get_formatted_name($e_row['FirstName'], $e_row['LastName']); if (CHECK_EMAIL_CONFIRM == 'YES') { $email_id = JB_queue_mail($to, $to_name, $from, $from_name, $subject, $msg, '', 101); JB_process_mail_queue(1, $email_id); } } elseif ($product_type == 'P') { $template_r = JB_get_email_template(61, $_SESSION['LANG']); $template = mysql_fetch_array($template_r); $msg = $template['EmailText']; $from = $template['EmailFromAddress']; $from_name = $template['EmailFromName']; $subject = $template['EmailSubject']; $msg = str_replace("%INVOICE_TAX%", JB_format_currency($tax, CHECK_CURRENCY, true), $msg); $msg = str_replace("%FNAME%", $e_row['FirstName'], $msg); $msg = str_replace("%LNAME%", $e_row['LastName'], $msg); $msg = str_replace("%SITE_NAME%", JB_SITE_NAME, $msg); $msg = str_replace("%INVOICE_CODE%", "P" . $order_row['invoice_id'], $msg); $msg = str_replace("%ITEM_NAME%", $order_row['item_name'], $msg); $msg = str_replace("%QUANTITY%", $order_row['posts_quantity'], $msg); $msg = str_replace("%INVOICE_AMOUNT%", JB_convert_to_default_currency_formatted($order_row['currency_code'], $order_row['amount']), $msg); $msg = str_replace("%PAYEE_NAME%", CHECK_PAYABLE, $msg); $msg = str_replace("%PAYEE_ADDRESS%", CHECK_ADDRESS, $msg); $msg = str_replace("%CHECK_CURRENCY%", CHECK_CURRENCY, $msg); $msg = str_replace("%SITE_CONTACT_EMAIL%", JB_SITE_CONTACT_EMAIL, $msg); $msg = str_replace("%SITE_URL%", JB_BASE_HTTP_PATH, $msg); //echo $msg; $to = $e_row['Email']; $to_name = jb_get_formatted_name($e_row['FirstName'], $e_row['LastName']); if (CHECK_EMAIL_CONFIRM == 'YES') { $email_id = JB_queue_mail($to, $to_name, $from, $from_name, $subject, $msg, '', 61); JB_process_mail_queue(1, $email_id); } } JB_update_payment_method($product_type, $order_row['invoice_id'], "check"); } } else { JBPLUG_do_callback('pay_trn_verification_failed', $invoice_id, $product_type); } }