Location: PHPKode > projects > JobAppr > Jobappr-1.4/admin/add_job.php
<?php 
session_start();
if(!isset($_SESSION['password'])){
	header("Location: index.php");
	exit();
}
if( $_SESSION['role'] != 1 ){
	header("Location: dashboard.php");
	exit();
}
require_once('../includes/functions.php');
require_once('inc/admin-functions.php');

# VARIABLES
$user_id = $_SESSION['user_id'];
$error = null;
$form_id = md5(date('l jS \of F Y h:i:s A') . BASE_URL);

# check to see if submit button was pushed
if (isset($_POST['submit'])) { 
	
	# check for required fields to be filled out and valid
	if (empty($_POST['title'])) { $errors = true; $err_title = 'Please enter a job title<br />'; $cls_title = 'class="error" ';}
	if (empty($_POST['category'])) { $errors = true; $err_category = 'Please choose a category<br />'; $cls_category = 'class="error" ';}
	if (empty($_POST['location'])) { $errors = true; $err_location = 'Please enter your location<br />'; $cls_location = 'class="error" ';}
	if (empty($_POST['description'])) { $errors = true; $err_description = 'Please enter your job\'s description<br />'; $cls_description = 'class="error" ';}
	if (empty($_POST['apply'])) { $errors = true; $err_apply = 'Please enter application information<br />'; $cls_apply = 'class="error" ';}
	if (empty($_POST['company'])) { $errors = true; $err_company = 'Please enter your company name<br />'; $cls_company = 'class="error" ';}
	if (!empty($_POST['website'])) { 
		if (!validate_url($_POST['website']) ) {
			$errors = true; $err_website = 'Please enter a valid website URL<br />'; $cls_website = 'class="error" ';
		}
	}
	if (empty($_POST['email'])) { 
		$errors = true; $err_email = 'Please enter your email address<br />'; $cls_email = 'class="error" ';
	} else {
		if (!validate_email($_POST['email']) ) {
			$errors = true; $err_email = 'Please enter a valid email address<br />'; $cls_email = 'class="error" ';
		}
	}
	
	# check upload of logo
	if (isset($_FILES["logo"])){
    if ($_FILES["logo"]["error"] > 0) {
      #$errors .= 'There was no logo image selected<br />';
    } else {
    	$ext = strtolower(substr($_FILES["logo"]["name"], strrpos($_FILES["logo"]["name"], '.') + 1));

      # check to see if it's an image file based on it's extention
      if ($ext != 'jpg' && $ext != 'jpeg' && $ext != 'gif' && $ext != 'png' ) {
      	$errors = true; $err_logo = 'Invalid logo file type (jpg, gif, png accepted)<br />';
    	}	else {
    		$haslogo = true;	
    	}
    }
	}	
	
	# insert into database
	if (!$errors) {
		
		$insert = "INSERT INTO ". TB_JOBS ." VALUES (
	  		NULL,
	  		'".clean($_POST['form_id'],true,true)."',
	  		'".clean($_POST['title'],true,true)."',
	  		'".clean($_POST['category'],true,true)."',
	  		'".clean($_POST['location'],true,true)."',
	  		'".clean($_POST['description'])."',
	  		'".clean($_POST['apply'])."',
	  		'".clean($_POST['company'],true,true)."',
	  		NULL,
	  		'".clean($_POST['website'],true,true)."',
	  		'".clean($_POST['email'],true,true)."',
	  		'".clean($_POST['highlight'],true,true)."',
	  		'".clean(date("D M j G:i:s T Y"))."',
	  		'".clean(date("D M j G:i:s T Y"))."',
	  		NULL,
	  		NULL,
	  		NULL
			)";
		$status = mysql_query($insert);

		# check db insert status, grab insert_id, post to preview.php to prevent url hacking
		if ($status) {
			$job_id = mysql_insert_id();
			
			# move uploaded file from temp storage b/c the job ad post was successful
			if ($haslogo) {
				 $logo_url = DATA_PATH . $insert_id . "." .$ext;
				 $logo_url_from_admin = '../'. DATA_PATH . $insert_id . "." .$ext;
				 move_uploaded_file($_FILES["logo"]["tmp_name"], $logo_url_from_admin);
	       mysql_query("UPDATE ". TB_JOBS ."	SET logo='".clean($logo_url)."' WHERE job_id='".$job_id."'");
	       #$error .= 'Problem updating ad with logo path: '. mysql_error().'<br />';
			}
			
			header('Location: jobs.php?created');
		} else {
			$error .= 'There was a database connection failure: '. mysql_error().'<br />';
		}
	}	
} else {
	# submission did not happen, fall out
}

# pull job data
$select = "SELECT * FROM ".TB_JOBS." WHERE job_id='".$job_id."'";
$data = mysql_query($select);
$count = mysql_num_rows($data);	
$job = mysql_fetch_assoc($data);



# pull category list from settings admin page key 'categories'
$categories = explode("|", meta('categories'));
$options = '<option value=""></option>';
foreach ($categories as $cat) {
  $options .= '<option value="'.$cat.'" '. check_select($_POST['category'], $cat, false) .' >'.$cat.'</option>'."\n";
}

?>

<?php get_template('header', 'Edit Job Ad'); ?>

	<div id="main">
		<?php display_messages(); ?>
		
		<h1>Creating New Job Ad</h1>
		
		<form action="<?php echo get_filename(); ?>" method="post" enctype="multipart/form-data" >
			
			<table  id="list_of_fields" >
				<tr <?php echo @$cls_title; ?> >
					<td class="label"><label for="title">Job Title</label></td>
					<td><?php if($err_title) echo '<span class="req">'.$err_title.'</span>'; ?>
						<input type="text" class="text large" id="title" name="title"  value="<?php echo $_POST['title']; ?>" /><em>"Senior Designer" or "Electrical Engineer"</em></td>
				</tr>
				<tr <?php echo @$cls_category; ?> >
					<td class="label"><label for="category">Category</label></td>
					<td>
						<?php if($err_category) echo '<span class="req">'.$err_category.'</span>'; ?>
						<select class="text" id="category" name="category" >
							<?php echo $options; ?>
						</select>
					</td>
				</tr>
				<tr <?php echo @$cls_location; ?> >
					<td class="label"><label for="location">Location</label></td>
					<td>
						<?php if($err_location) echo '<span class="req">'.$err_location.'</span>'; ?>
					<input type="text" class="text" id="location" name="location"  value="<?php echo $_POST['location']; ?>" /><em>"Pittsburgh, PA", "Anywhere" or "Chicago"</em></td>
				</tr>
				<tr>
					<td class="label" >
						<label for="description">Job Description</label></td>
					<td><?php if($err_description) echo '<span class="req">'.$err_description.'</span>'; ?>
						<textarea class="text large widgEditor" name="description" id="description" ><?php echo $_POST['description']; ?></textarea>
					</td>
				</tr>
				<tr>
					<td  class="label" ><label for="apply">How do people apply?</label></td>
					<td><?php if($err_apply) echo '<span class="req">'.$err_apply.'</span>'; ?>
						<textarea class="text medium" name="apply" id="apply" ><?php echo $_POST['apply']; ?></textarea><em>"Send an email to hide@address.com"</em>
					</td>
				</tr>
				<tr <?php echo @$cls_company; ?> >
					<td class="label"><label for="company">Company</label></td>
					<td><?php if($err_company) echo '<span class="req">'.$err_company.'</span>'; ?>
						<input type="text" class="text" id="company" name="company"  value="<?php echo $_POST['company']; ?>" /><em>"Your Company Name"</em></td>
				</tr>
				<tr <?php echo @$cls_logo; ?> >
					<td class="label"><label for="logo">Logo</label></td>
					<td><?php if($err_logo) echo '<span class="req">'.$err_logo.'</span>'; ?>
						<input type="file" id="logo" name="logo" /><em>Optional - Upload your company logo. 200px wide is<br />optimal, otherwise we will resize it automatically.</em>
						<?php if($job['logo']) {?>
							<div class="joblogo">
								<a href="<?php echo $job['url']; ?>" target="_blank" ><img src="../includes/timthumb.php?src=../<?php echo $job['logo']; ?>&w=240&zc=1" alt="<?php echo $job['company']; ?>" /></a>
							</div>
						<?php } ?>
					</td>
				</tr>
				<tr <?php echo @$cls_website; ?> >
					<td class="label"><label for="website">Website</label></td>
					<td><?php if($err_website) echo '<span class="req">'.$err_website.'</span>'; ?>
						<input type="text" class="text" id="website" name="website"  value="<?php echo $_POST['website']; ?>" /><em>Example http://www.your-website.com</em></td>
				</tr>
				<tr <?php echo @$cls_email; ?> >
					<td class="label"><label for="email">Email</label></td>
					<td><?php if($err_email) echo '<span class="req">'.$err_email.'</span>'; ?>
						<input type="text" class="text" id="email" name="email" value="<?php echo $_POST['email']; ?>" /><em>This is where we will send your confirmation</em></td>
				</tr>
		
			<tr>
				<td class="label"><label for="highlight">Highlight Ad</label></td>
				<td><input type="checkbox" id="highlight" name="highlight" <?php check_radio($_POST['highlight'], "Y"); ?> <?php check_radio($job['highlight'], "Y"); ?>value="Y" /><em>This is will highlight this ad</em></td>
			</tr>
					<input type="hidden" id="form_id" name="form_id" value="<?php echo $form_id; ?>" />

			</table>
			<p class="submitline"><span><input type="submit" class="submit" name="submit" id="submit" value="Save Job Ad" /></span></p>
		
		</form>
		
	</div>
	
	
<?php get_template('sidebar'); ?>

<?php get_template('footer'); ?>
Return current item: JobAppr