Location: PHPKode > projects > JobAppr > Jobappr-1.4/post.php
<?php
session_start();
require_once('includes/functions.php');
$error=null; $errors=null; $logo_url=null;
$form_id = md5(date('l jS \of F Y h:i:s A') . BASE_URL);

# see if we already started a job ad earlier in this session
$id = $_SESSION['job_ad_id_for_job_board'];

# if cancelled
if(isset($_GET['cancel'])) {
	$error .= 'Your job ad has been cancelled';
	unset($_SESSION['job_ad_id_for_job_board']);
	# attept to clean up database if this job is still left out there unfinished
	mysql_query("DELETE FROM ".TB_JOBS." WHERE form_id='".clean($id)."' AND completed IS NULL");
}



# check to see if submit button was pushed
if (isset($_POST['submit'])) { 
	
	# check for required fields to be filled out and valid
	if (empty($_POST['title'])) { $errors = true; $err_title = 'Please enter a job title<br />'; $cls_title = 'class="error" ';}
	if (empty($_POST['category'])) { $errors = true; $err_category = 'Please choose a category<br />'; $cls_category = 'class="error" ';}
	if (empty($_POST['location'])) { $errors = true; $err_location = 'Please enter your location<br />'; $cls_location = 'class="error" ';}
	if (empty($_POST['description'])) { $errors = true; $err_description = 'Please enter your job\'s description<br />'; $cls_description = 'class="error" ';}
	if (empty($_POST['apply'])) { $errors = true; $err_apply = 'Please enter application information<br />'; $cls_apply = 'class="error" ';}
	if (empty($_POST['company'])) { $errors = true; $err_company = 'Please enter your company name<br />'; $cls_company = 'class="error" ';}
	if (!empty($_POST['website'])) { 
		if (!validate_url($_POST['website']) ) {
			$errors = true; $err_website = 'Please enter a valid website URL<br />'; $cls_website = 'class="error" ';
		}
	}
	if (empty($_POST['email'])) { 
		$errors = true; $err_email = 'Please enter your email address<br />'; $cls_email = 'class="error" ';
	} else {
		if (!validate_email($_POST['email']) ) {
			$errors = true; $err_email = 'Please enter a valid email address<br />'; $cls_email = 'class="error" ';
		}
	}
	
	# check upload of logo
	if (isset($_FILES["logo"])){
    if ($_FILES["logo"]["error"] > 0) {
      #$errors .= 'There was no logo image selected<br />';
    } else {
    	$ext = strtolower(substr($_FILES["logo"]["name"], strrpos($_FILES["logo"]["name"], '.') + 1));

      # check to see if it's an image file based on it's extention
      if ($ext != 'jpg' && $ext != 'jpeg' && $ext != 'gif' && $ext != 'png' ) {
      	$errors = true; $err_logo = 'Invalid logo file type (jpg, gif, png accepted)<br />';
    	}	else {
    		$haslogo = true;	
    	}
    }
	}	
	
	# insert into database
	if (!$errors) {
		
		$insert = "INSERT INTO ". TB_JOBS ." VALUES (
	  		NULL,
	  		'".clean($_POST['form_id'],true,true)."',
	  		'".clean($_POST['title'],true,true)."',
	  		'".clean($_POST['category'],true,true)."',
	  		'".clean($_POST['location'],true,true)."',
	  		'".clean($_POST['description'])."',
	  		'".clean($_POST['apply'])."',
	  		'".clean($_POST['company'],true,true)."',
	  		NULL,
	  		'".clean($_POST['website'],true,true)."',
	  		'".clean($_POST['email'],true,true)."',
	  		'".clean($_POST['highlight'],true,true)."',
	  		NULL,
	  		NULL,
	  		NULL,
	  		NULL,
	  		NULL
			)";
		$status = mysql_query($insert);

		# check db insert status, grab insert_id, post to preview.php to prevent url hacking
		if ($status) {
			$insert_id = mysql_insert_id();
			
			# move uploaded file from temp storage b/c the job ad post was successful
			if ($haslogo) {
				 $logo_url = DATA_PATH . $insert_id . "." .$ext;
				 move_uploaded_file($_FILES["logo"]["tmp_name"], $logo_url);
	       mysql_query("UPDATE ". TB_JOBS ."	SET logo='".clean($logo_url)."' WHERE form_id='".$_POST['form_id']."'");
	       $error .= 'Problem updating ad with logo path: '. mysql_error().'<br />';
			}
			
			# create session variable so we can reference it throughout the process, then redirect
			$_SESSION['job_ad_id_for_job_board'] = $_POST['form_id'];
			header('Location: preview.php');
			exit;
		} else {
			$error .= 'There was a database connection failure: '. mysql_error().'<br />';
		}
	}	
} else {
	# submission did not happen, fall out
}


# check to see if someone is editing and aleady existing job
if ($id) {
	$select = "SELECT * FROM ".TB_JOBS." WHERE form_id='".clean($id)."' AND preview IS NULL AND completed IS NULL";
	$result = mysql_query($select);
	$count = mysql_num_rows($result);
	
	# if the sql returned an unfinished job ad with the id given, pull that data
	if($count == 1) {
		$row = mysql_fetch_assoc($result);
		$_POST['title'] = $row['title'];
		$_POST['category'] = $row['category'];
		$_POST['location'] = $row['location'];
		$_POST['description'] = $row['description'];
		$_POST['apply'] = $row['apply'];
		$_POST['company'] = $row['company'];
		$_POST['website'] = $row['url'];
		$_POST['email'] = $row['email'];
		$_POST['highlight'] = $row['highlight'];
		#mysql_query("DELETE FROM ".TB_JOBS." WHERE form_id='".clean($id)."' AND preview IS NULL AND completed IS NULL"); # clean up b/c it will get a new job_id after new submission
		
	} else {
		#$error.= 'That job ID does not exist<br />';
	}
}


# pull category list from settings admin page key 'categories'
$categories = explode("|", meta('categories'));
$options = '<option value=""></option>';
foreach ($categories as $cat) {
  $options .= '<option value="'.$cat.'" '. check_select($_POST['category'], $cat, false) .' >'.$cat.'</option>'."\n";
}

?>
<?php get_template('header', 'Post a New Job'); ?>

	<div id="main">
		<!-- main content data -->
		<form action="<?php echo get_filename(); ?>" method="post" enctype="multipart/form-data" >
			<input type="hidden" name="form_id" value="<?php echo $form_id;?>" />
			
			<h3><span>Step 1:</span> Enter Job Details</h3>
			<table>
				<tr <?php echo @$cls_title; ?> >
					<td class="label"><label for="title">Job Title</label></td>
					<td><?php if($err_title) echo '<span class="req">'.$err_title.'</span>'; ?>
						<input type="text" class="text large" id="title" name="title"  value="<?php echo $_POST['title']; ?>" /><em>"Senior Designer" or "Electrical Engineer"</em></td>
				</tr>
				<tr <?php echo @$cls_category; ?> >
					<td class="label"><label for="category">Category</label></td>
					<td>
						<?php if($err_category) echo '<span class="req">'.$err_category.'</span>'; ?>
						<select class="text" id="category" name="category" >
							<?php echo $options; ?>
						</select>
					</td>
				</tr>
				<tr <?php echo @$cls_location; ?> >
					<td class="label"><label for="location">Location</label></td>
					<td>
						<?php if($err_location) echo '<span class="req">'.$err_location.'</span>'; ?>
						<input type="text" class="text" id="location" name="location"  value="<?php echo $_POST['location']; ?>" /><em>"Pittsburgh, PA", "Anywhere" or "Chicago"</em></td>
				</tr>
				<tr <?php echo @$cls_description; ?> >
					<td class="deuce" colspan="2">
						<label for="description">Job Description</label><?php if($err_description) echo '<span class="req">'.$err_description.'</span>'; ?>
						<textarea class="text large widgEditor" name="description" id="description" ><?php echo $_POST['description']; ?></textarea>
					</td>
				</tr>
				<tr <?php echo @$cls_apply; ?> >
					<td class="deuce" colspan="2"><label for="apply">How do people apply?</label><?php if($err_apply) echo '<span class="req">'.$err_apply.'</span>'; ?>
						<textarea class="text small" name="apply" id="apply" ><?php echo $_POST['apply']; ?></textarea><em>"Send an email to hide@address.com"</em>
					</td>
				</tr>
			</table>
			<h3>Company Information</h3>
			<table>
				<tr <?php echo @$cls_company; ?> >
					<td class="label"><label for="company">Company</label></td>
					<td><?php if($err_company) echo '<span class="req">'.$err_company.'</span>'; ?>
						<input type="text" class="text" id="company" name="company"  value="<?php echo $_POST['company']; ?>" /><em>"Your Company Name"</em></td>
				</tr>
				<tr <?php echo @$cls_logo; ?> >
					<td class="label"><label for="logo">Logo</label></td>
					<td><?php if($err_logo) echo '<span class="req">'.$err_logo.'</span>'; ?>
						<input type="file" id="logo" name="logo" /><em>Optional - Upload your company logo. 200px wide is<br />optimal, otherwise we will resize it automatically.</em></td>
				</tr>
				<tr <?php echo @$cls_website; ?> >
					<td class="label"><label for="website">Website</label></td>
					<td><?php if($err_website) echo '<span class="req">'.$err_website.'</span>'; ?>
						<input type="text" class="text" id="website" name="website"  value="<?php echo $_POST['website']; ?>" /><em>Example http://www.your-website.com</em></td>
				</tr>
				<tr <?php echo @$cls_email; ?> >
					<td class="label"><label for="email">Email</label></td>
					<td><?php if($err_email) echo '<span class="req">'.$err_email.'</span>'; ?>
						<input type="text" class="text" id="email" name="email" value="<?php echo $_POST['email']; ?>" /><em>This is where we will send your confirmation</em></td>
				</tr>
		
			</table>
			<?php 
			 $highlight_price = trim(str_replace('$', '', meta('highlight_price')));
			 if ($highlight_price != '0' && $highlight_price != '') {
			?>
				<h3>Promote Your Ad</h3>
				<p>Highlight your job posting for only $<?php echo $highlight_price; ?> more. This helps your job stand out against the others.</p>
				<p class="checklist <?php echo @$cls_highlight; ?>"><input type="checkbox" id="highlight" name="highlight" <?php check_radio($_POST['highlight'], "Y"); ?> value="Y" /> <label for="highlight">Highlight my ad for $<?php echo $highlight_price; ?></label></p>
				<p>&nbsp;</p>
			<?php } ?>
			<p class="submitline"><span><input type="submit" class="submit" name="submit" id="submit" value="Continue to Step 2  &mdash; Preview your ad" /></span></p>
		
		</form>
		


	</div>
	
	
	<div id="sidebar">
		<div class="inner">
			<h2>Why post here?</h2>
			A couple short paragraphs explaining why this job board is a great place to list the visitor's jobs.
		</div>
		
	</div>

<?php get_template('footer'); ?>
Return current item: JobAppr