Location: PHPKode > projects > JobAppr > Jobappr-1.4/admin/edit_job.php
<?php 
session_start();
if(!isset($_SESSION['password'])){
	header("Location: index.php");
	exit();
}
if( $_SESSION['role'] != 1 ){
	header("Location: dashboard.php");
	exit();
}
require_once('../includes/functions.php');
require_once('inc/admin-functions.php');

# VARIABLES
$user_id = $_SESSION['user_id'];
$error = null;
$job_id = $_GET['id'];


# check to see if submit button was pushed
if (isset($_POST['submit'])) { 
	
	# check for required fields to be filled out and valid
	if (empty($_POST['title'])) { $errors = true; $err_title = 'Please enter a job title<br />'; $cls_title = 'class="error" ';}
	if (empty($_POST['created'])) { $errors = true; $err_created = 'Please enter a job creation date<br />'; $cls_created = 'class="error" ';}
	if (empty($_POST['category'])) { $errors = true; $err_category = 'Please choose a category<br />'; $cls_category = 'class="error" ';}
	if (empty($_POST['location'])) { $errors = true; $err_location = 'Please enter your location<br />'; $cls_location = 'class="error" ';}
	if (empty($_POST['description'])) { $errors = true; $err_description = 'Please enter your job\'s description<br />'; $cls_description = 'class="error" ';}
	if (empty($_POST['apply'])) { $errors = true; $err_apply = 'Please enter application information<br />'; $cls_apply = 'class="error" ';}
	if (empty($_POST['company'])) { $errors = true; $err_company = 'Please enter your company name<br />'; $cls_company = 'class="error" ';}
	if (!empty($_POST['website'])) { 
		if (!validate_url($_POST['website']) ) {
			$errors = true; $err_website = 'Please enter a valid website URL<br />'; $cls_website = 'class="error" ';
		}
	}
	if (empty($_POST['email'])) { 
		$errors = true; $err_email = 'Please enter your email address<br />'; $cls_email = 'class="error" ';
	} else {
		if (!validate_email($_POST['email']) ) {
			$errors = true; $err_email = 'Please enter a valid email address<br />'; $cls_email = 'class="error" ';
		}
	}
	
	# check upload of logo
	if (isset($_FILES["logo"])){
    if ($_FILES["logo"]["error"] > 0) {
      #$errors .= 'There was no logo image selected<br />';
    } else {
    	$ext = strtolower(substr($_FILES["logo"]["name"], strrpos($_FILES["logo"]["name"], '.') + 1));

      # check to see if it's an image file based on it's extention
      if ($ext != 'jpg' && $ext != 'jpeg' && $ext != 'gif' && $ext != 'png' ) {
      	$errors = true; $err_logo = 'Invalid logo file type (jpg, gif, png accepted)<br />';
    	}	else {
    		$haslogo = true;	
    	}
    }
	}	
	
	# insert into database
	if (!$errors) {
		
		$update = "UPDATE ". TB_JOBS ." 
	  		SET title='".clean($_POST['title'],true,true)."',
			  		category='".clean($_POST['category'],true,true)."',
			  		location='".clean($_POST['location'],true,true)."',
			  		description='".clean($_POST['description'])."',
			  		apply='".clean($_POST['apply'])."',
			  		company='".clean($_POST['company'],true,true)."',
			  		url='".clean($_POST['website'],true,true)."',
			  		email='".clean($_POST['email'],true,true)."',
			  		highlight='".clean($_POST['highlight'],true,true)."',
			  		created='".clean($_POST['created'],true,true)."'
			  WHERE job_id='".$job_id."'";
		$status = mysql_query($update);

		# check db insert status, grab insert_id, post to preview.php to prevent url hacking
		if ($status) {
			# move uploaded file from temp storage b/c the job ad post was successful
			if ($haslogo) {
				 $logo_url = DATA_PATH . $insert_id . "." .$ext;
				 $logo_url_from_admin = '../'. DATA_PATH . $insert_id . "." .$ext;
				 move_uploaded_file($_FILES["logo"]["tmp_name"], $logo_url_from_admin);
	       mysql_query("UPDATE ". TB_JOBS ."	SET logo='".clean($logo_url)."' WHERE job_id='".$job_id."'");
	       #$error .= 'Problem updating ad with logo path: '. mysql_error().'<br />';
			}
		} else {
			$error .= 'There was a database connection failure: '. mysql_error().'<br />';
		}
	}	
} else {
	# submission did not happen, fall out
}

# pull job data
$select = "SELECT * FROM ".TB_JOBS." WHERE job_id='".$job_id."'";
$data = mysql_query($select);
$count = mysql_num_rows($data);	
$job = mysql_fetch_assoc($data);



# pull category list from settings admin page key 'categories'
$categories = explode("|", meta('categories'));
$options = '<option value=""></option>';
foreach ($categories as $cat) {
  $options .= '<option value="'.$cat.'" '. check_select($job['category'], $cat, false) .' >'.$cat.'</option>'."\n";
}

?>

<?php get_template('header', 'Edit Job Ad'); ?>

	<div id="main">
		<?php display_messages(); ?>
		
		<h1>Editing "<?php echo $job['title']; ?>"</h1>
		
		<form action="<?php echo get_filename(); ?>?id=<?php echo $job['job_id']; ?>" method="post" enctype="multipart/form-data" >
			
			<table  id="list_of_fields" >
				<tr <?php echo @$cls_title; ?> >
					<td class="label"><label for="title">Job Title</label></td>
					<td><?php if($err_title) echo '<span class="req">'.$err_title.'</span>'; ?>
						<input type="text" class="text large" id="title" name="title"  value="<?php echo _e($_POST['title'],$job['title']); ?>" /><em>"Senior Designer" or "Electrical Engineer"</em></td>
				</tr>
				<tr <?php echo @$cls_category; ?> >
					<td class="label"><label for="category">Category</label></td>
					<td>
						<?php if($err_category) echo '<span class="req">'.$err_category.'</span>'; ?>
						<select class="text" id="category" name="category" >
							<?php echo $options; ?>
						</select>
					</td>
				</tr>
				<tr <?php echo @$cls_location; ?> >
					<td class="label"><label for="location">Location</label></td>
					<td>
						<?php if($err_location) echo '<span class="req">'.$err_location.'</span>'; ?>
						<input type="text" class="text" id="location" name="location"  value="<?php _e($_POST['location'],$job['location']); ?>" /><em>"Pittsburgh, PA", "Anywhere" or "Chicago"</em></td>
				</tr>
				<tr>
					<td class="label" >
						<label for="description">Job Description</label></td>
					<td><?php if($err_description) echo '<span class="req">'.$err_description.'</span>'; ?>
						<textarea class="text large widgEditor" name="description" id="description" ><?php _e($_POST['description'],$job['description']); ?></textarea>
					</td>
				</tr>
				<tr>
					<td  class="label" ><label for="apply">How do people apply?</label></td>
					<td><?php if($err_apply) echo '<span class="req">'.$err_apply.'</span>'; ?>
						<textarea class="text medium" name="apply" id="apply" ><?php _e($_POST['apply'],$job['apply']); ?></textarea><em>"Send an email to hide@address.com"</em>
					</td>
				</tr>
				<tr <?php echo @$cls_company; ?> >
					<td class="label"><label for="company">Company</label></td>
					<td><?php if($err_company) echo '<span class="req">'.$err_company.'</span>'; ?>
						<input type="text" class="text" id="company" name="company"  value="<?php _e($_POST['company'],$job['company']); ?>" /><em>"Your Company Name"</em></td>
				</tr>
				<tr <?php echo @$cls_logo; ?> >
					<td class="label"><label for="logo">Logo</label></td>
					<td><?php if($err_logo) echo '<span class="req">'.$err_logo.'</span>'; ?>
						<input type="file" id="logo" name="logo" /><em>Optional - Upload your company logo. 200px wide is<br />optimal, otherwise we will resize it automatically.</em>
						<?php if($job['logo']) {?>
							<div class="joblogo">
								<a href="<?php echo $job['url']; ?>" target="_blank" ><img src="../includes/timthumb.php?src=../<?php echo $job['logo']; ?>&w=240&zc=1" alt="<?php echo $job['company']; ?>" /></a>
							</div>
						<?php } ?>
					</td>
				</tr>
				<tr <?php echo @$cls_website; ?> >
					<td class="label"><label for="website">Website</label></td>
					<td><?php if($err_website) echo '<span class="req">'.$err_website.'</span>'; ?>
						<input type="text" class="text" id="website" name="website"  value="<?php _e($_POST['website'],$job['url']); ?>" /><em>Example http://www.your-website.com</em></td>
				</tr>
				<tr <?php echo @$cls_email; ?> >
					<td class="label"><label for="email">Email</label></td>
					<td><?php if($err_email) echo '<span class="req">'.$err_email.'</span>'; ?>
						<input type="text" class="text" id="email" name="email" value="<?php _e($_POST['email'],$job['email']); ?>" /><em>This is where we will send your confirmation</em></td>
				</tr>
		
			<tr>
				<td class="label"><label for="highlight">Highlight Ad</label></td>
				<td><input type="checkbox" id="highlight" name="highlight" <?php check_radio($_POST['highlight'], "Y"); ?> <?php check_radio($job['highlight'], "Y"); ?>value="Y" /><em>This is will highlight this ad</em></td>
			</tr>
			<tr>
				<td class="label"><label for="created">Creation Date</label></td>
				<td><?php if($err_created) echo '<span class="req">'.$err_created.'</span>'; ?>
					<input type="text" class="text" id="created" name="created" value="<?php _e($_POST['created'],$job['created']); ?>" /><em>Format: YYYY-MM-DD HH:MM:SS</em></td>
			</tr>
			</table>
			<p class="submitline"><span><input type="submit" class="submit" name="submit" id="submit" value="Save Job Ad" /></span></p>
		
		</form>
		
	</div>
	
	
<?php get_template('sidebar'); ?>

<?php get_template('footer'); ?>
Return current item: JobAppr