function testdbApplicantScreeningsModule()
{
//create empty dbApplicantScreenings table
//$this->assertTrue(create_dbApplicantScreenings());
// create several applicant screening objects to add to table
$screening1 = new ApplicantScreening("guestchef", "Gabrielle1111234567", "complete application,background check,complete interview", "unpublished");
$screening2 = new ApplicantScreening("volunteer", "Jackson6269170632", "complete interview", "published");
$screening3 = new ApplicantScreening("manager", "Jill2075556666", null, null);
$screening4 = new ApplicantScreening("socialworker", "Jackson6269170632", null, "unpublished");
$this->assertTrue(insert_dbApplicantScreenings($screening1));
$this->assertTrue(insert_dbApplicantScreenings($screening2));
$this->assertTrue(insert_dbApplicantScreenings($screening3));
$this->assertTrue(insert_dbApplicantScreenings($screening4));
//tests the retrieve function
$this->assertEqual(retrieve_dbApplicantScreenings($screening1->get_type())->get_type(), "guestchef");
$this->assertEqual(retrieve_dbApplicantScreenings($screening1->get_type())->get_creator(), "Gabrielle1111234567");
$this->assertEqual(retrieve_dbApplicantScreenings($screening1->get_type())->get_steps(), array("complete application", "background check", "complete interview"));
$this->assertEqual(retrieve_dbApplicantScreenings($screening1->get_type())->get_status(), "unpublished");
//tests the update function
$screening1->set_status("published");
$this->assertTrue(update_dbApplicantScreenings($screening1));
$this->assertEqual(retrieve_dbApplicantScreenings($screening1->get_type())->get_status(), "published");
// tests get_all function
$allscreenings = getall_ApplicantScreenings();
$this->assertTrue($allscreenings);
// tests delete function
$this->assertTrue(delete_dbApplicantScreenings($screening1->get_type()));
$this->assertTrue(delete_dbApplicantScreenings($screening2->get_type()));
$this->assertTrue(delete_dbApplicantScreenings($screening3->get_type()));
$this->assertTrue(delete_dbApplicantScreenings($screening4->get_type()));
echo "testdbApplicantScreenings complete";
}
/**
* process_form sanitizes data, concatenates needed data, and enters it all into a database
*/
function process_form($id, $person)
{
//echo($_POST['first_name']);
//step one: sanitize data by replacing HTML entities and escaping the ' character
if ($person->get_first_name() == "new") {
$first_name = trim(str_replace('\\\'', '', htmlentities(str_replace('&', 'and', $_POST['first_name']))));
} else {
$first_name = $person->get_first_name();
}
$last_name = trim(str_replace('\\\'', '\'', htmlentities($_POST['last_name'])));
$location = $_POST['location'];
$address = trim(str_replace('\\\'', '\'', htmlentities($_POST['address'])));
$city = trim(str_replace('\\\'', '\'', htmlentities($_POST['city'])));
$state = trim(htmlentities($_POST['state']));
$zip = trim(htmlentities($_POST['zip']));
if ($person->get_first_name() == "new") {
$phone1 = trim(str_replace(' ', '', htmlentities($_POST['phone1'])));
$clean_phone1 = preg_replace("/[^0-9]/", "", $phone1);
$phone1type = $_POST['phone1type'];
} else {
$clean_phone1 = $person->get_phone1();
$phone1type = $person->get_phone1type();
}
$phone2 = trim(str_replace(' ', '', htmlentities($_POST['phone2'])));
$clean_phone2 = preg_replace("/[^0-9]/", "", $phone2);
$phone2type = $_POST['phone2type'];
$email = $_POST['email'];
$type = implode(',', $_POST['type']);
$screening_type = $_POST['screening_type'];
if ($screening_type != "") {
$screening = retrieve_dbApplicantScreenings($screening_type);
$step_array = $screening->get_steps();
$step_count = count($step_array);
$date_array = array();
for ($i = 0; $i < $step_count; $i++) {
$date_array[$i] = $_POST['screening_status'][$i];
if ($date_array[$i] != "" && $date_array[$i] != "--" && strlen($date_array[$i]) != 8) {
echo '<p>Completion Date for step: "' . $step_array[$i] . '" is in error, please enter mm-dd-yy.<br>';
}
}
$screening_status = implode(',', $date_array);
}
$status = $_POST['status'];
if ($_POST['isstudent'] == "yes") {
$position = "student";
$employer = $_POST['nameofschool'];
} else {
$position = $_POST['position'];
$employer = $_POST['employer'];
}
$credithours = $_POST['credithours'];
$motivation = trim(str_replace('\\\'', '\'', htmlentities($_POST['motivation'])));
$specialties = trim(str_replace('\\\'', '\'', htmlentities($_POST['specialties'])));
$convictions = $_POST['convictions'];
if (!$_POST['availability']) {
$availability = null;
} else {
$availability = implode(',', $_POST['availability']);
}
// these two are not visible for editing, so they go in and out unchanged
$schedule = $_POST['schedule'];
$hours = $_POST['hours'];
$birthday = $_POST['birthday'];
$start_date = $_POST['start_date'];
$howdidyouhear = $_POST['howdidyouhear'];
$notes = trim(str_replace('\\\'', '\'', htmlentities($_POST['notes'])));
//used for url path in linking user back to edit form
$path = strrev(substr(strrev($_SERVER['SCRIPT_NAME']), strpos(strrev($_SERVER['SCRIPT_NAME']), '/')));
//step two: try to make the deletion, password change, addition, or change
if ($_POST['deleteMe'] == "DELETE") {
$result = retrieve_person($id);
if (!$result) {
echo '<p>Unable to delete. ' . $first_name . ' ' . $last_name . ' is not in the database. <br>Please report this error to the House Manager.';
} else {
//What if they're the last remaining manager account?
if (strpos($type, 'manager') !== false) {
//They're a manager, we need to check that they can be deleted
$managers = getall_type('manager');
if (!$managers || mysql_num_rows($managers) <= 1) {
echo '<p class="error">You cannot remove the last remaining manager from the database.</p>';
} else {
$result = remove_person($id);
echo "<p>You have successfully removed " . $first_name . " " . $last_name . " from the database.</p>";
if ($id == $_SESSION['_id']) {
session_unset();
session_destroy();
}
}
} else {
$result = remove_person($id);
echo "<p>You have successfully removed " . $first_name . " " . $last_name . " from the database.</p>";
if ($id == $_SESSION['_id']) {
session_unset();
session_destroy();
}
}
}
} else {
if ($_POST['reset_pass'] == "RESET") {
$id = $_POST['old_id'];
$result = remove_person($id);
$pass = $first_name . $clean_phone1;
$newperson = new Person($first_name, $last_name, $location, $address, $city, $state, $zip, $clean_phone1, $phone1type, $clean_phone2, $phone2type, $email, $type, $screening_type, $screening_status, $status, $employer, $position, $credithours, $commitment, $motivation, $specialties, $convictions, $availability, $schedule, $hours, $birthday, $start_date, $howdidyouhear, $notes, "");
$result = add_person($newperson);
if (!$result) {
echo '<p class="error">Unable to reset ' . $first_name . ' ' . $last_name . "'s password.. <br>Please report this error to the House Manager.";
} else {
echo "<p>You have successfully reset " . $first_name . " " . $last_name . "'s password.</p>";
}
} else {
if ($_POST['old_id'] == 'new') {
$id = $first_name . $clean_phone1;
//check if there's already an entry
$dup = retrieve_person($id);
if ($dup) {
echo '<p class="error">Unable to add ' . $first_name . ' ' . $last_name . ' to the database. <br>Another person with the same name and phone is already there.';
} else {
$newperson = new Person($first_name, $last_name, $location, $address, $city, $state, $zip, $clean_phone1, $phone1type, $clean_phone2, $phone2type, $email, $type, $screening_type, $screening_status, $status, $employer, $position, $credithours, $commitment, $motivation, $specialties, $convictions, $availability, $schedule, $hours, $birthday, $start_date, $howdidyouhear, $notes, "");
$result = add_person($newperson);
if (!$result) {
echo '<p class="error">Unable to add " .$first_name." ".$last_name. " in the database. <br>Please report this error to the House Manager.';
} else {
if ($_SESSION['access_level'] == 0) {
echo "<p>Your application has been successfully submitted.<br> The House Manager will contact you soon. Thank you!";
} else {
echo '<p>You have successfully added <a href="' . $path . 'personEdit.php?id=' . $id . '"><b>' . $first_name . ' ' . $last_name . ' </b></a> to the database.</p>';
}
}
}
} else {
$id = $_POST['old_id'];
$pass = $_POST['old_pass'];
$result = remove_person($id);
if (!$result) {
echo '<p class="error">Unable to update ' . $first_name . ' ' . $last_name . '. <br>Please report this error to the House Manager.';
} else {
$newperson = new Person($first_name, $last_name, $location, $address, $city, $state, $zip, $clean_phone1, $phone1type, $clean_phone2, $phone2type, $email, $type, $screening_type, $screening_status, $status, $employer, $position, $credithours, $commitment, $motivation, $specialties, $convictions, $availability, $schedule, $hours, $birthday, $start_date, $howdidyouhear, $notes, $pass);
$result = add_person($newperson);
if (!$result) {
echo '<p class="error">Unable to update ' . $first_name . ' ' . $last_name . '. <br>Please report this error to the House Manager.';
} else {
echo '<p>You have successfully edited <a href="' . $path . 'personEdit.php?id=' . $id . '"><b>' . $first_name . ' ' . $last_name . ' </b></a> in the database.</p>';
}
add_log_entry('<a href=\\"personEdit.php?id=' . $id . '\\">' . $first_name . ' ' . $last_name . '</a>\'s Personnel Edit Form has been changed.');
}
}
}
}
}
}
if (!in_array("new", $screeningtypes)) {
echo '<option value="new">new</option>';
}
echo '</select>';
echo '<p>Hit <input type="submit" value="Submit" name="Submit Edits"> to select this screening.<br><br>';
} else {
echo '<input type="hidden" name = "_form_submit" value="2">';
echo '<input type="hidden" name = "_old_type" value="' . $action . '">';
echo '<input type="hidden" name = "_form_type" ';
if ($new) {
echo 'value="new">';
} else {
echo 'value="change">';
}
$screening = retrieve_dbApplicantScreenings($action);
echo "Creator: " . $screening->get_creator() . "<br><br>";
if (!$new) {
echo 'Rename ';
}
echo 'Type:  <input type="text" name="new_type" ';
if ($new) {
echo '/><p>';
} else {
echo 'value="' . $screening->get_type() . '" /><p>';
}
echo '<fieldset><legend>Steps: </legend>';
$st = $screening->get_steps();
if ($st != null) {
$i == 0;
foreach ($st as $step) {
/**
* process_form gathers data and enters it into a database
*/
function process_form($oldScreening)
{
//step one: gather data.
$oldType = $_POST['_old_type'];
if ($_POST['_form_type'] == "new") {
$creator = $_SESSION['_id'];
} else {
$creator = $oldScreening->get_creator();
}
$steps = [];
// reset steps array
if (isset($_POST['steps'])) {
foreach ($_POST['steps'] as $step) {
$steps[] = $step;
}
} else {
$steps = $oldScreening->get_steps();
}
$type = $_POST['new_type'];
foreach ($steps as $key => $value) {
if (empty($value)) {
unset($steps[$key]);
}
}
$steps = implode(',', $steps);
// set published variable
if ($_POST['Status'] == "published") {
$newstatus = "published";
} else {
$newstatus = "unpublished";
}
$status = $newstatus;
if (empty($type)) {
$type = $oldType;
// keeps "new" screening free from predefined steps and status
if ($type == "new") {
$steps = null;
$status = "unpublished";
}
}
//used to put together url for return to screenings link
$path = strrev(substr(strrev($_SERVER['SCRIPT_NAME']), strpos(strrev($_SERVER['SCRIPT_NAME']), '/')));
//step two: try to delete, add new, or replace
if ($_POST['deleteMe'] == "DELETE") {
$result = retrieve_dbApplicantScreenings($type);
if (!$result) {
echo '<p>Unable to delete. ' . $type . ' is not in the screenings database. To delete ' . $oldType . ',
try to delete again but do not rename screening type.';
} else {
$result = delete_dbApplicantScreenings($type);
echo "<p>You have successfully removed " . $type . " from the screnings database.</p>";
echo '<p><a href="' . $path . 'viewScreenings.php?type=' . $type . '"><b>click here</b> to
return to applicant screenings.</a><br><br></p>';
add_log_entry('ApplicantScreening type <a href=\\"viewScreenings.php?type=' . $type . '\\">' . $type . '</a>\'
has been deleted.');
}
} else {
if ($_POST['_form_type'] == "new") {
if ($_POST['$type_s']) {
$dup = retrieve_dbApplicantScreenings($type);
}
if ($dup) {
echo '<p class="error">Unable to add new screening type: ' . $type . ' to the screenings database. <br>
Another screening with the same type is already there.';
} else {
$screening = new ApplicantScreening($type, $creator, $steps, $status);
$result = insert_dbApplicantScreenings($screening);
if (!$result) {
echo '<p class="error">Unable to add ' . $type . ' in the screenings database. <br>
Please report this error to the House Manager.';
} else {
echo "<p>You have successfully added '{$type}' to the screenings database.</p>";
}
echo '<p>click <a href="' . $path . 'viewScreenings.php?type=' . $type . '">here</a> to
return to applicant screenings.<br><br></p>';
add_log_entry('ApplicantScreening process <a href=\\"viewScreenings.php?type=' . $type . '\\">' . $type . '</a>\'
has been added.');
}
} else {
$result = delete_dbApplicantScreenings($oldType);
if (!$result) {
echo '<p class="error">Unable to update ' . $oldType . ' as ' . $type;
} else {
$newscreening = new ApplicantScreening($type, $creator, $steps, $status);
$result = insert_dbApplicantScreenings($newscreening);
if (!$result) {
echo '<p class="error">Unable to update ' . $type . ' in the screenings database. <br>
Please report this error to the House Manager.';
} else {
echo '<p>You have successfully edited "' . $type . '" in the screenings database.</p>';
}
echo '<p><a href="' . $path . 'viewScreenings.php?type=' . $type . '"><b>click here</b> to
return to applicant screenings.</a><br><br></p>';
add_log_entry('ApplicantScreening process <a href=\\"viewScreenings.php?type=' . $type . '\\">' . $type . '</a>\'
has been changed.');
}
}
}
//if (retrieve_dbApplicantScreenings("new")!= null)
// delete_dbApplicantScreenings("new");
}
