Location: PHPKode > projects > phprofession job board > phProfession_SA/post.php
<?
#####################################
#   phprofession   September 2005      #
#   by Aidan Peiser	    	    #
#   Recruitment module for PN.712   #
#   www.galore.co.za	    #
#	.,.,.,,			    #
#	C 'C' C			    #
#	 > * <			    #
#####################################



//include("header.php");
include("config.php");
include("functions.php");
echo"<html><title>Phprofession $Version</title><head><link rel=\"STYLESHEET\" type=\"text/css\" href=\"style.css\"></head><body>";


phprofession_language();
######################
#   Temp Post        #
######################
if ($allowpost !="1")
{
	OpenTable();
	Echo "<center><font class=\"pn-Title\">section not available</font></center>";
	CloseTable();
	exit;
}

// check user is logged in
if (verify_session($authok) == "FALSE") 
	{
		OpenTable();
		echo "<a href=post.php?create_login=true>create an account</a>&nbsp;|&nbsp;";
		echo "<a href=post.php?login=true>login</a><br>";
		echo "<br>$terms";
		$user_id = verify_session($authok);

		// this lets you display login box or create login box
		if ($login == "true")
		{
			draw_login_box("Login Here", "200", $ModuleDirName);
		}
		if ($create_login == "true")
		{
			draw_create_login_box("Create Login Here", "200", $ModuleDirName);
		}
		
		//menu content for bottom of page
		User_Menu($ModuleBaseUrl);
		CloseTable();
		if($cmd == "Error")
		{
			OpenTable();
			echo "<br><center><font class=\"pn-Title\"> Error </font></center>";
			CloseTable();
			OpenTable();
		
			echo "There was an error accessing the page you requested. Please <a href=\"$ModuleAdminUrl=post\">return to the main page</a> and try again.";
		}

		CloseTable();
		exit;
	}
	else
	{//start of login code
		OpenTable();
		$user_id = verify_session($authok);
		$query = "SELECT usertype,user FROM {$prefix}_jobaccounts WHERE user = '$user_id'";
		$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
		if (mysql_num_rows($result) <= 0)
		{
			echo "<SCRIPT LANGUAGE='JavaScript'>";
			echo "document.location.href='post.php?cmd=Error'";
			echo "</SCRIPT>";
        		exit;
		}
		else 
		{
			list($usertype,$user )= mysql_fetch_row($result);
			mysql_free_result($result);

	echo"<center>logged in as $user_id <br><a href=authenticate.php?logout=true>logout</a>
	&nbsp;|&nbsp;<a href=\"post.php?cmd=Add\">Add</a>
	&nbsp;|&nbsp;<a href=\"post.php?cmd=Browse\">Browse</a>
	&nbsp;|&nbsp;<a href=\"post.php?cmd=Browse2\">Browse All</a>
	&nbsp;|&nbsp;<a href=\"post.php?cmd=BrowseResume\">Browse Resumes</a>
	&nbsp;|&nbsp;<a href=\"post.php?cmd=ResumeUploads\">Resume Uploads</a>
	";
	if ($usertype == '1')
		{	
			echo "&nbsp;|&nbsp;<a href=admin.php>"._JOBBOTADMIN."</a>";
		}
	echo"<br></center>";
	if ((!isset($cmd)) || ($cmd == ""))
	{
		$cmd = "Browse";
	}
	}

mysql_select_db($database, $connection) or die('Database Not Found');
CloseTable();
if($cmd == "Add")
{
	OpenTable();
	echo "<center><font class=\"pn-Title\"> Add New Job </font></center>";
	CloseTable();
	OpenTable();

	if (!$submit)
	{
		echo "<table border=\"0\" cellspacing=\"2\" cellpadding=\"2\">";
		echo"<form action=\"post.php?cmd=Add\" method=\"POST\">"; 
?>
<SCRIPT language=Javascript>
<!--
function CountCharacters() {
var sLimit = <? echo "$limit"; ?>;
if (sLimit < (document.forms[0].txtSkills.value).length) {
SkillsMSG.innerHTML = "<font class=small size=1 face=Arial>Characters exceeded by: " + ((document.forms[0].txtSkills.value).length - sLimit) + "</font>";
} else {
SkillsMSG.innerHTML = "<font class=small size=1 face=Arial>Characters remaining: " + (<? echo "$limit"; ?>- (document.forms[0].txtSkills.value).length) + "</font>";
	}
}

function CountCharacters2() {
var sLimit = <? echo "$limit"; ?>;
if (sLimit < (document.forms[0].txtSkills.value).length) {
SkillsMSG2.innerHTML = "<font class=small size=1 face=Arial>Characters exceeded by: " + ((document.forms[0].txtSkills2.value).length - sLimit) + "</font>";
} else {
SkillsMSG2.innerHTML = "<font class=small size=1 face=Arial>Characters remaining: " + (<? echo "$limit"; ?>- (document.forms[0].txtSkills2.value).length) + "</font>";
	}
}
//-->
</SCRIPT>
<!--            Input job details        -->

            <tr>
                <td><font class="pn-normal"><b>Designation</b></font><font color="red">*</font></td>
                <td width=50>&nbsp;</td>
                <td><font class="pn-normal"><b>Department</b></font><font color="red">*</font></td>
            </tr>
            <tr>
                <td><input type="text" name="dsg" size="25"></td>
                <td width=50>&nbsp;</td>
                <td>
                    <select name="dpt">
<?

//Get department list
	$query = "SELECT id, department from {$prefix}_jobdepartment ORDER by department asc";
	$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
        while (list($id, $department) = mysql_fetch_row($result))
        {
		echo "<option value=$id>$department</option>";
        }
        mysql_free_result($result);
?>
            </select></td>
            </tr>
            <tr>
                <td><font class="pn-normal"><b>Location</b></font><font color="red">*</font></td>
                <td width=50>&nbsp;</td>
                <td><font class="pn-normal"><b>Salary</b></font><font color="red">*</font></td>
            </tr>
            <tr>
                <td>
            <select name="loc">
<?
//Get location list
    $query = "SELECT id, location from {$prefix}_joblocation ORDER by location asc";
    $result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
        while (list($id, $location) = mysql_fetch_row($result))
        {
            echo "<option value=$id>$location</option>";
        }
        mysql_free_result($result);
?>
                </select></td>
                <td width=50>&nbsp;</td>
                <td>
                    <select name="sal">
<?
//Get salary list
    $query = "SELECT id, salary from {$prefix}_jobsalary ORDER by salary asc";
    $result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
    while (list($id, $salary) = mysql_fetch_row($result))
    {
        echo "<option value=$id>$salary</option>";
    }
    mysql_free_result($result);
?>
            </select></td>
            </tr>
            <tr>
                <td><font class="pn-normal"><b>Responsibilities</b></font><font color="red">*</font></td>
                <td width=50>&nbsp;</td>
                <td><font class="pn-normal"><b>Qualifications</b></font><font color="red">*</font></td>
            </tr>
            <tr>
                <td><textarea name="rsp" cols="30" rows="6" wrap=true onKeyUp="CountCharacters();" onBlur="CountCharacters();" onFocus="CountCharacters();" id=txtSkills></textarea><br><SPAN id=SkillsMSG>&nbsp;</SPAN></td>
                <td width=50>&nbsp;</td>
                <td><textarea name="qlf" cols="30" rows="6" wrap=true onKeyUp="CountCharacters2();" onBlur="CountCharacters2();" onFocus="CountCharacters2();" id=txtSkills2></textarea><br><SPAN id=SkillsMSG2>&nbsp;</SPAN></td>
            </tr>
            <tr>
                <td><font class="pn-normal"><b>Contact person</b></font><font color="red">*</font></td>
                <td width=50></td>
                <td><font class="pn-normal"><b>Email address</b></font><font color="red">*</font></td>
            </tr>
            <tr>
            <td><select name="cname">
<?
        echo "<option value=$user_id>$user_id</option>";
?>
            </select></td>
	<td width=50></td>
	<td><input type="text" name="cmail" size="25"></td>
	            </tr>
	            <tr>
	                <td align=center colspan=3>
			<input type=submit name=submit value="Add Listing">
	                </td>
	            </tr>
	        </table>
	</form>

<?

}else{

//Set up error list array
    $errorList = array();
    $count = 0;

//Validate text fields

    if (empty($dsg)) 
    {
        $errorList[$count] = "<font class=\"pn-normal\"><b>Invalid entry: Designation</b></font>"; $count++;
    }

    if (empty($rsp)) 
    {
        $errorList[$count] = "<font class=\"pn-normal\"><b>Invalid entry: Responsibilities</b></font>"; $count++;
    }

    if (empty($qlf)) 
    {
        $errorList[$count] = "<font class=\"pn-normal\"><b>Invalid entry: Qualifications</b></font>"; $count++;
    }

    if (empty($cname)) 
    {
        $errorList[$count] = "<font class=\"pn-normal\"><b>Invalid entry: Contact name</b></font>"; $count++;
    }

    if (empty($cmail) || isEmailInvalid($cmail)) 
    {
        $errorList[$count] = "<font class=\"pn-normal\"><b>Invalid entry: Email address</b></font>"; $count++;
    }

        if (sizeof($errorList) == 0)
        {
		mysql_select_db($database, $connection) or die('Database Not Found');
		if($WaitingContent =="1")
		{
		$query = "INSERT INTO {$prefix}_jobtemplisting (
                                        jcode,
                                        designation,
                                        responsibilities,
                                        qualifications,
                                        cname, cmail,
                                        posted,
                                        fk_department,
                                        fk_location,
                                        fk_salary,
										checked)
                             VALUES 	('',
                                         '$dsg',
                                         '$rsp',
                                         '$qlf',
                                         '$cname',
                                         '$cmail',
                                         NOW(),
                                         '$dpt',
                                         '$loc',
                                         '$sal',
										 '1')";
		$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());

		echo "<font class=\"pn-normal\"><b>Entry successfully added and will be check by the site admin before it is added.<p><a href=\"post.php?cmd=Add\">Add another entry</a>, or <a href=\"$ModuleAdminUrl=index\">return to job listings</a></b></font>";
		}
		else
		{
		$query = "INSERT INTO {$prefix}_joblisting (
                                        jcode,
                                        designation,
                                        responsibilities,
                                        qualifications,
                                        cname, cmail,
                                        posted,
                                        fk_department,
                                        fk_location,
                                        fk_salary,
										checked)
                             VALUES 	('',
                                         '$dsg',
                                         '$rsp',
                                         '$qlf',
                                         '$cname',
                                         '$cmail',
                                         NOW(),
                                         '$dpt',
                                         '$loc',
                                         '$sal',
										 '1')";
		$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());

		echo "<font class=\"pn-normal\"><b>Entry successfully added.<p><a href=\"post.php?cmd=Add\">Add another entry</a>, or <a href=\"$ModuleAdminUrl=index\">return to job listings</a></b></font>";
		
		}
		}
		else
		{
		listErrors();
		}
	}
}
####################
# Browse	   #
####################

if (($cmd =="Browse")||($cmd =="Browse2"))
{
	OpenTable();
	Echo "<center><font class=\"pn-Title\">"._JOBLIST."</font></center>";
	CloseTable();
	OpenTable();
// set this $limit in config file
	if ($cmd == "Browse") 
	{
		$limit=$listings;
	}
	else 
	{
		$limit = $maxlisting;
	}

	if (!$offset) $offset=0; 
	mysql_select_db($database, $connection) or die('Database Not Found');
	$query = "select count(*) from {$prefix}_joblisting WHERE {$prefix}_joblisting.checked=1 AND {$prefix}_joblisting.cname='$user_id'";
	$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());

	list($numrec)=mysql_fetch_row($result);

	$numpage=intval($numrec/$limit);
	if ($numrec%$limit) 
	{
		$numpage++;
	} // add one page if remainder
	print("<table width=100% border=0 cellspacing=2><tr bgcolor=whitesmoke><td>&nbsp;&nbsp;<b>"._JOBTITLETXT."</b></td><td>&nbsp;&nbsp;<b>"._JOBCODETXT."</b></td><td>&nbsp;&nbsp;<b>"._JOBVIEWS."</b></td><td>&nbsp;&nbsp;<b>"._JOBPOSTED."</b></td><td>&nbsp;&nbsp;<b>"._JOBEDIT."</b></td><td>&nbsp;&nbsp;<b>"._JOBREADD."</b></td><td>&nbsp;&nbsp;<b>"._JOBDELETE."</b></td></tr>");
        mysql_select_db($database, $connection) or die('Database Not Found');
		$query = "SELECT {$prefix}_joblisting.jcode,
				  {$prefix}_joblisting.designation,
				  {$prefix}_joblisting.posted,
				  {$prefix}_joblisting.hits,
				  {$prefix}_joblisting.cname
			  FROM   {$prefix}_joblisting
			  WHERE  {$prefix}_joblisting.cname='$user_id'
			  order by posted desc limit $offset,$limit";

	$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
	while (list($jcode, $dsg, $posted, $hits, $cname )  = mysql_fetch_row($result)) 
	{
		echo "<tr><td><a href=\"index.php?cmd=Details&jcode=$jcode\"><font class=\"pn-normal\"><b>$dsg</b></font></a></td><td>[ $jcode ]</td><td>$hits</td><td>";
		echo fixDate($posted);
		echo"</td><td align=\"center\"><a href=\"post.php?cmd=Edit&jcode=$jcode\"><img src=\"lang/".$currentlang."/edit".$currentlang.".gif\" border=0 alt=\"edit $jcode\"></a></td><td align=\"center\"><a href=\"post.php?cmd=Re-Add&jcode=$jcode\"><img src=\"lang/".$currentlang."/readd".$currentlang.".gif\" border=0 alt=\"re-add $jcode\"></a></td><td align=\"center\"><a href=\"post.php?cmd=Delete&jcode=$jcode\"><img src=\"lang/".$currentlang."/delete".$currentlang.".gif\" border=0 alt=\"delete $jcode\"></td></tr>\n";
	}
	mysql_close($connection);
	print("</table>");

//<!-- result display loop next prev buttons-->
	if ($numpage>1) 
	{
		pagenav('post');
	}
}


####################
# Re - Add job	   #
####################

//this is still undergoing work it should be here so that a user can replace a exsisting add after its been up for a few days.
if($cmd == "Re-Add")
{
	if (!$jcode || $jcode == "")
	{
		echo "<SCRIPT LANGUAGE='JavaScript'>";
		echo "document.location.href='post.php?cmd=Error'";
		echo "</SCRIPT>";
		exit;
	}
	$query = "SELECT cname,
					jcode
			FROM {$prefix}_joblisting
                   WHERE jcode = '$jcode'";
	$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
	if (mysql_num_rows($result) <= 0)
		{
			echo "<SCRIPT LANGUAGE='JavaScript'>";
			echo "document.location.href='post.php?cmd=Error'";
			echo "</SCRIPT>";
        		exit;
		}
		else 
		{
			list($cname,
                 $jcode )= mysql_fetch_row($result);
			mysql_free_result($result);

		if (!$cname == $user_id)
		{	
			OpenTable();
			echo "You are not authorised to make these changes";
			CloseTable();
			exit;
		}
    		$query = "UPDATE {$prefix}_joblisting
    	                  SET posted=NOW()
                          WHERE jcode='$jcode'";

			$result = mysql_db_query($database, $query, $connection) or die ("Re - Add error: $query. " . mysql_error());

			OpenTable();
			echo "<br><center><font class=\"pn-Title\"> Re Added Job Listing </font></center>";
			CloseTable();
			OpenTable();
	    	echo "<font class=\"pn-normal\"><b>Entry successfully updated.<p></font>";
	}
}

#####################
# Editing a listing #
#####################

if($cmd == "Edit")
{
	OpenTable();
	Echo "<br><center><font class=\"pn-Title\"> Edit Job Listing </font></center>";
	CloseTable();
	OpenTable();

        if (!$jcode || $jcode == "")
        {
		echo "<SCRIPT LANGUAGE='JavaScript'>";
		echo "document.location.href='post.php?cmd=Error'";
		echo "</SCRIPT>";
        	exit;
        }

        if (!$submit)
        {
	mysql_select_db($database, $connection) or die('Database Not Found');
        $query = "SELECT designation,
                        jcode,
                        fk_department,
                        fk_location,
                        fk_salary,
                        responsibilities,
                        qualifications,
                        cname,
                        cmail,
						checked,
						posted
                   from {$prefix}_joblisting
                   WHERE jcode = '$jcode'";
	$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());

		if (mysql_num_rows($result) <= 0)
		{
			echo "<SCRIPT LANGUAGE='JavaScript'>";
			echo "document.location.href='post.php?cmd=Error'";
			echo "</SCRIPT>";
        		exit;
		}
		else 
		{
			list($designation,
                        $jcode,
                        $department,
                        $location,
                        $salary,
                        $description,
                        $qualification,
                        $cname,
			$cmail,
			$checked,
                        $posted) = mysql_fetch_row($result);
			mysql_free_result($result);

		if (!$cname == $user_id)
		{	
			OpenTable();
			echo "You are not authorised to make these changes";
			CloseTable();
			exit;
		}
	echo "<table border=\"0\" cellspacing=\"5\" cellpadding=\"2\">";
	echo "<form action=\"post.php?cmd=Edit&jcode=$jcode\" method=\"POST\">"; 
?>
<SCRIPT language=Javascript>
<!--
function CountCharacters() {
var sLimit = <? echo "$limit"; ?>;
if (sLimit < (document.forms[0].txtSkills.value).length) {
SkillsMSG.innerHTML = "<font class=small size=1 face=Arial>Characters exceeded by: " + ((document.forms[0].txtSkills.value).length - sLimit) + "</font>";
} else {
SkillsMSG.innerHTML = "<font class=small size=1 face=Arial>Characters remaining: " + (<? echo "$limit"; ?>- (document.forms[0].txtSkills.value).length) + "</font>";
	}
}

function CountCharacters2() {
var sLimit = <? echo "$limit"; ?>;
if (sLimit < (document.forms[0].txtSkills.value).length) {
SkillsMSG2.innerHTML = "<font class=small size=1 face=Arial>Characters exceeded by: " + ((document.forms[0].txtSkills2.value).length - sLimit) + "</font>";
} else {
SkillsMSG2.innerHTML = "<font class=small size=1 face=Arial>Characters remaining: " + (<? echo "$limit"; ?>- (document.forms[0].txtSkills2.value).length) + "</font>";
	}
}
//-->
</SCRIPT><tr>
                <td><font class="pn-normal"><b>Job Code</b></font></td>
                <td width=30>&nbsp;</td>
                <td><font class="pn-normal"><b>Date posted</b></font><font color="red">*</font></td>
                </tr>
				<tr>
				<td><? echo $jcode; ?></td>
				<td width=30>&nbsp;</td>
				<td><input type=text name="posted" value="<? echo $posted; ?>"></td>
				</tr>
                         <!--                    Job details                -->
                    <tr>
                        <td><font class="pn-normal"><b>Designation</b></font><font color="red">*</font></td>
                        <td width=30>&nbsp;</td>
                        <td><font class="pn-normal"><b>Department</b></font><font color="red">*</font></td>
                    </tr>
                    <tr>
                        <td><input type="text" name="dsg" size="25" value="<? echo $designation; ?>"></td>
                        <td width=30>&nbsp;</td>
                        <td>
                            <select name="dpt">
<?
//Get department list
            $query = "SELECT id, department from {$prefix}_jobdepartment ORDER by department asc";
            $result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
	            while (list($id, $dpt) = mysql_fetch_row($result))
	            {
	                echo "<option value=$id";
	                    if ($id == $department)
	                    {
	                        echo " selected";
	                    }
	                    echo ">$dpt</option>";
	            }
	            mysql_free_result($result);
?>
                    </select></td>
                    </tr>
                    <tr>
                        <td><font class="pn-normal"><b>Location</b></font><font color="red">*</font></td>
                        <td width=30>&nbsp;</td>
                        <td><font class="pn-normal"><b>Salary</b></font><font color="red">*</font></td>
                    </tr>
                    <tr>
                        <td>
                    <select name="loc">
<?
//Get location list
            $query = "SELECT id, location from {$prefix}_joblocation ORDER by location asc";
    		$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
	            while (list($id, $loc) = mysql_fetch_row($result))
	            {
	                echo "<option value=$id";
	                    if ($id == $location)
	                    {
	                        echo " selected";
	                    }
	                    echo ">$loc</option>";
	            }
	            mysql_free_result($result);
?>
                        <select></td>
                        <td width=30>&nbsp;</td>
                        <td>
                        <select name="sal">
<?
//Get salary list
            $query = "SELECT id, salary from {$prefix}_jobsalary ORDER by salary asc";
            $result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
	            while (list($id, $sal) = mysql_fetch_row($result))
	            {
	                echo "<option value=$id";
	                    if ($id == $salary)
	                    {
	                        echo " selected";
	                    }
	                    echo ">$sal</option>";
	            }
	            mysql_free_result($result);
?>
                    </select></td>
                    </tr>
                    <tr>
                        <td><font class="pn-normal"><b>Responsibilities</b></font><font color="red">*</font></td>
                        <td width=30>&nbsp;</td>
                        <td><font class="pn-normal"><b>Qualifications</b></font><font color="red">*</font></td>
                    </tr>
                    <tr>
                        <td><textarea name="rsp" cols="30" rows="6" wrap=true onKeyUp="CountCharacters();" onBlur="CountCharacters();" onFocus="CountCharacters();" id=txtSkills><? echo $description; ?></textarea><br><SPAN id=SkillsMSG>&nbsp;</SPAN></td>
                        <td width=10>&nbsp;</td>
                        <td><textarea name="qlf" cols="30" rows="6" wrap=true onKeyUp="CountCharacters2();" onBlur="CountCharacters2();" onFocus="CountCharacters2();" id=txtSkills2><? echo $qualification; ?></textarea><br><SPAN id=SkillsMSG2>&nbsp;</SPAN></td>
                    </tr>
                    <tr>
                        <td><font class="pn-normal"><b>Contact person<font color="red">*</font></td>
                        <td width=30><font class="pn-normal"><b> 1=show<br>0=dont</b></font><font color="red">*</font></td>
                        <td><font class="pn-normal"><b>Email address<font color="red">*</font></td>
                    </tr>
                    <tr>
                        <td><select name="cname">
<?
	                echo "<option value=$user_id>$user_id</option>";
?>
                    </select></td>
                        <td width=30><select name="checked">
										<option value=1>1</option>
										<option value=0>0</option>
									</select></td>
                        <td><input type="text" name="cmail" size="25" value="<? echo $cmail; ?>"></td>
                    </tr>
                    <tr>
                        <td align=center colspan=3><input type=submit name=submit value="Update Listing"></td>
                    </tr>
                </table>
            </form>
<?
		}
	}
	else 
	{
//Set up error list array
        $errorList = array();
        $count = 0;

//Validate text input fields
        if (empty($jcode)) 
        {
            $errorList[$count] = "<font class=\"pn-normal\"><b>Invalid entry: Job code</b></font>"; $count++;
        }

        if (empty($dsg)) 
        {
            $errorList[$count] = "<font class=\"pn-normal\"><b>Invalid entry: Designation</b></font>"; $count++;
        }

        if (empty($rsp)) 
        {
            $errorList[$count] = "<font class=\"pn-normal\"><b>Invalid entry: Responsibilities</b></font>"; $count++;
        }

        if (empty($qlf)) 
        {
            $errorList[$count] = "<font class=\"pn-normal\"><b>Invalid entry: Qualifications</b></font>"; $count++;
        }

        if (empty($cname)) 
        {
            $errorList[$count] = "<font class=\"pn-normal\"><b>Invalid entry: Contact name</b></font>"; $count++;
        }

        if (empty($cmail) || isEmailInvalid($cmail)) 
        {
            $errorList[$count] = "<font class=\"pn-normal\"><b>Invalid entry: Email address</b></font>"; $count++;
        }

        if (sizeof($errorList) == 0)
        {
		$query = "UPDATE {$prefix}_joblisting
                            SET designation='$dsg',
                                responsibilities='$rsp',
                                qualifications='$qlf',
                                cname='$cname',
                                cmail='$cmail',
								posted='$posted',
                                fk_department='$dpt',
                                fk_location='$loc',
                                fk_salary='$sal',
								checked='$checked'
                          WHERE jcode='$jcode'";
                $result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());

        echo "<font class=\"pn-normal\"><b>Entry successfully edited.<p></b></font>";
        }
        else
        {
        listErrors();
        }
	}
}
######################
# Deleting a listing #
######################

if($cmd == "Delete")
{
	OpenTable();
	echo "<br><center><font class=\"pn-Title\"> Delete Job Listing </font></center>";
	CloseTable();
    OpenTable();

		if (!$jcode || $jcode == "")
		{
			echo "<SCRIPT LANGUAGE='JavaScript'>";
			echo "document.location.href='post.php?cmd=Error'";
			echo "</SCRIPT>";
			exit;
		}
	$query = "SELECT cname,
					jcode
			FROM {$prefix}_joblisting
                   WHERE jcode = '$jcode'";
	$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
	if (mysql_num_rows($result) <= 0)
		{
			echo "<SCRIPT LANGUAGE='JavaScript'>";
			echo "document.location.href='post.php?cmd=Error'";
			echo "</SCRIPT>";
        		exit;
		}
		else 
		{
			list($cname,
                 $jcode )= mysql_fetch_row($result);
			mysql_free_result($result);

		if (!$cname == $user_id)
		{	
			OpenTable();
			echo "You are not authorised to make these changes";
			CloseTable();
			exit;
		}
			$query = "DELETE FROM {$prefix}_joblisting WHERE jcode = '$jcode'";
			$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
			mysql_close($connection);
	    	echo "<font class=\"pn-normal\"><b>Entry successfully deleted.<p>";
		}
}

#################
# ResumeUploads #
#################
if($cmd == "ResumeUploads")
{
	OpenTable();
	echo "<br><center><font class=\"pn-Title\"> Resume Uploads </font></center>";
	CloseTable();
	OpenTable();
	mysql_select_db($database, $connection) or die('Database Not Found');
    $query = "SELECT * FROM {$prefix}_jobresume, {$prefix}_jobaccounts, {$prefix}_joblisting
        WHERE (({$prefix}_jobresume.jcode = {$prefix}_joblisting.jcode) AND
        ({$prefix}_joblisting.cname = '$user_id') AND
        ({$prefix}_joblisting.cname = {$prefix}_jobaccounts.user)) ORDER BY {$prefix}_jobresume.id DESC";
	$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
	echo "<table width=\"100%\"><tr><td><b>ID</b></td><td><b>Name</b></td><td><b>Phone</b>:</td><td><b>File Name</b></td><td><b>Email</b></td><td><b>Job Code</b></td><td><b>IP Address</b></td><td><b>Host</b></td></tr>";
	
	while (list($id, $cvname, $cvphone, $cvemail, $source_name, $jcode, $ip_address, $host) = mysql_fetch_row($result))
	{
		echo "<tr bgcolor=\"#CCCCCC\"><td>$id </td><td>$cvname </td><td>$cvphone</td><td><a href=\"upload/$source_name\">$source_name</a></td><td><a href=mailto:$cvemail><b>$cvemail</b></a></td><td><a href=\"index.php?cmd=Details&jcode=$jcode\">$jcode</a></td><td>$ip_address</td><td>$host</td></tr>";	
	}
		echo "</table><br>";


    	mysql_select_db($database, $connection) or die('Database Not Found');
    $query = "SELECT * FROM {$prefix}_jobresume WHERE (({$prefix}_jobresume.jcode = '1'))ORDER BY {$prefix}_jobresume.id DESC";

	$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
	echo "<table width=\"100%\"><tr><td><b>ID</b></td><td><b>Name</b></td><td><b>Phone</b>:</td><td><b>File Name</b></td><td><b>Email</b></td><td><b>Job Code</b></td><td><b>IP Address</b></td><td><b>Host</b></td></tr>";
	
	while (list($id, $cvname, $cvphone, $cvemail, $source_name, $jcode, $ip_address, $host) = mysql_fetch_row($result))
	{
		echo "<tr bgcolor=\"#CCCCCC\"><td>$id </td><td>$cvname </td><td>$cvphone</td><td><a href=\"upload/$source_name\">$source_name</a></td><td><a href=mailto:$cvemail><b>$cvemail</b></a></td><td><a href=\"index.php?cmd=Details&jcode=$jcode\">$jcode</a></td><td>$ip_address</td><td>$host</td></tr>";	
	}
		echo "</table>";



}

######################
# browse all resumes #
######################

if($cmd == "BrowseResume")
{
	OpenTable();
	echo "<br><center><font class=\"pn-Title\"> Browse Users </font></center>";
	CloseTable();
	OpenTable();
	echo "<table border=\"0\" width=\"100%\">";
    mysql_select_db($database, $connection) or die('Database Not Found');
	$query = "SELECT {$prefix}_jobuser.rid,
			 {$prefix}_jobuser.lname,
			 {$prefix}_jobuser.fname,
			 {$prefix}_jobuser.city,
			 {$prefix}_jobuser.phone,
			 {$prefix}_jobuser.email,
			 {$prefix}_jobuser.jcode,
			 {$prefix}_joblisting.cname,
			 {$prefix}_joblisting.jcode
		FROM {$prefix}_jobuser,
			 {$prefix}_joblisting 
		WHERE {$prefix}_jobuser.jcode={$prefix}_joblisting.jcode 
		AND {$prefix}_joblisting.cname='$user_id'";
	$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());

		while (list($rid, $lname, $fname, $city, $phone, $email, $jcode, $cname) = mysql_fetch_row($result))
		{
			echo "<tr><td><li><a href=post.php?cmd=Resume_Details&rid=$rid>$fname &nbsp;$lname</a></td><td>$city</td><td>$phone</td><td>$email</td></tr>";	
		}
	echo "</table>";
}


#####################
# Building a resume #
#####################
if($cmd == "Resume_Details")
{
	OpenTable();
	echo "<br><center><font class=\"pn-Title\"> Resume Details </font></center>";
	CloseTable();
	OpenTable();

        if (!$rid || $rid == "")
        {
		echo "<SCRIPT LANGUAGE='JavaScript'>";
		echo "document.location.href='post.php?cmd=Error'";
		echo "</SCRIPT>";
 	       exit;
        }

	mysql_select_db($database, $connection) or die('Database Not Found');
        $query = "SELECT {$prefix}_jobuser.fname,
                        {$prefix}_jobuser.lname,
                        {$prefix}_jobuser.dob,
                        {$prefix}_jobuser.addr1,
                        {$prefix}_jobuser.addr2,
                        {$prefix}_jobuser.city,
                        {$prefix}_jobuser.state,
                        {$prefix}_jobuser.zip,
                        {$prefix}_jobcountry.country,
                        {$prefix}_jobuser.phone,
                        {$prefix}_jobuser.email,
                        {$prefix}_jobuser.url,
                        {$prefix}_jobuser.relo,
                        {$prefix}_jobuser.posted,
			 {$prefix}_joblisting.cname,
			 {$prefix}_joblisting.jcode
                FROM    {$prefix}_jobuser,
                        {$prefix}_jobcountry,
						{$prefix}_joblisting
                WHERE   {$prefix}_jobuser.fk_country = {$prefix}_jobcountry.id
				AND 	{$prefix}_jobuser.jcode={$prefix}_joblisting.jcode
				AND 	{$prefix}_joblisting.cname='$user_id'
                AND     rid = '$rid'";
        $result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());

	if (mysql_num_rows($result) <= 0)
	{
		echo "<SCRIPT LANGUAGE='JavaScript'>";
		echo "document.location.href='post.php?cmd=Error'";
		echo "</SCRIPT>";
		exit;
	}
	else
	{
//Obtain data from query
            list(
                $fname,
                $lname,
                $dob,
                $addr1,
                $addr2,
                $city,
                $state,
                $zip,
                $country,
                $phone,
                $email,
                $url,
                $relo,
                $posted) = mysql_fetch_row($result);

	echo "<br><br><img src=\"lang/".$currentlang."/Personal".$currentlang.".gif\" border=\"1\">"; ?>
    <br><font class="pn-normal">
    <b>Name:</b></font>
<? 	echo $fname . " " . $lname; ?>
    <p><b><font class="pn-normal"><b>Date of birth:</b></font>
<? 	echo "$dob"; ?>
    <p><font class="pn-normal">
    <b>Address:</b><br></font>
<? 	echo "<font class=\"pn-normal\"><b>$addr1<br></b></font>";
	if($addr2)
	{
                echo "<font class=\"pn-normal\"><b>$addr2<br></b></font>";
	}
		echo "<font class=\"pn-normal\"><b>$city $zip<br>$state, $country</b></font>"; ?>
    <p><b><font class="pn-normal"><b>Phone:</b>
<? 	echo $phone; ?>
    <p><font class="pn-normal"><b>Email address: </b><a href="mailto:<? echo $email; ?>"><? echo $email; ?></a>
    <p><font class="pn-normal"><b>Comments:</b></font>
<? 	if($url)
	{
		echo "<font class=\"pn-normal\">$url</font>";
	}
	else 
	{
           	echo "<font class=\"pn-normal\">None</font>";
	}
?>
<p>
<?
//Get education history
        $query = "SELECT institute,
                         degree,
                         subject,
                         year
                  FROM   {$prefix}_jobeducation,
                         {$prefix}_jobdegree,
                         {$prefix}_jobsubject
                  WHERE  {$prefix}_jobeducation.fk_degree = {$prefix}_jobdegree.id
                  AND    {$prefix}_jobeducation.fk_subject = {$prefix}_jobsubject.id
                  AND    rid = '$rid'
                  ORDER BY year";
        $result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());

            if(mysql_num_rows($result) > 0){
                echo "<br><br><img src=\"lang/".$currentlang."/Education".$currentlang.".gif\" border=\"1\"><br>";

                while (list($institute, $degree, $subject, $year ) = mysql_fetch_row($result)){
                    echo "<font class=\"pn-normal\"><b>Institute:</b> $institute<br></font>";
                    echo "<font class=\"pn-normal\"><b>Degree:</b> $degree ($subject, $year)<p></font>";
                }
            }

//Get employment history
        $query = "SELECT employer,
                         industry,
                         start_year,
                         end_year,
                         responsibilities
                   FROM  {$prefix}_jobemployment,
                         {$prefix}_jobindustry
                   WHERE {$prefix}_jobemployment.fk_industry = {$prefix}_jobindustry.id
                   AND   rid = '$rid'
                   ORDER BY end_year";
        $result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());

            if(mysql_num_rows($result) > 0){
                echo "<br><br><img src=\"lang/".$currentlang."/Employment".$currentlang.".gif\" border=\"1\"><br>";
                while (list($employer, $industry, $start_year, $end_year, $responsibilities) = mysql_fetch_row($result))
                {
			echo "<font class=\"pn-normal\"><b>Employer</b>: $employer ($start_year-$end_year)<br></font>";
			echo "<font class=\"pn-normal\"><b>Industry</b>: $industry<br></font>";
			echo "<font class=\"pn-normal\"><b>Responsibilities</b>: <br>$responsibilities<p></font>";
                }
	}

//Get skills
        $query = "SELECT skill,experience
		FROM   {$prefix}_jobskill
		WHERE  rid = '$rid' 
		ORDER BY experience";
        $result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());

	if(mysql_num_rows($result) > 0)
	{
		echo "<br><br><img src=\"lang/".$currentlang."/Skills".$currentlang.".gif\" border=\"1\"><br>";
                while (list($skill, $experience) = mysql_fetch_row($result))
                {
			echo "<font class=\"pn-normal\"><b>$skill</b><br></font>";
			echo "<font class=\"pn-normal\"><b>$experience years experience<p></b></font>";
		}
	}

//Get references
        $query = "SELECT name,
		phone,
		email 
	FROM   {$prefix}_jobreference
	WHERE rid = '$rid'";
        $result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
	if(mysql_num_rows($result) > 0)
	{
		echo "<br><br><img src=\"lang/".$currentlang."/References".$currentlang.".gif\" border=\"1\"><br>";
                while (list($name, $phone, $ref_email) = mysql_fetch_row($result))
                {
			echo "<font class=\"pn-normal\"><b>Name:</b> $name<br></font>";
			echo "<font class=\"pn-normal\"><b>Phone:</b> $phone<br></font>";
			if ($ref_email) 
			{
				echo "<font class=\"pn-normal\"><b>Email address:</b> <a href=mailto:$ref_email>$ref_email</a><p></font>";
			} 
			else 
			{
                        echo "<p>";
			}
		}
	}
	echo "<img src=\" lang/".$currentlang."/Miscellaneous".$currentlang.".gif\" border=\"1\">";?>
	<br><font class=\"pn-normal\"><b>Willing to relocate:</b></font>
<?
	if($relo == 1) 
	{
		echo "<font class=\"pn-normal\"><b>Yes</b></font>";
	} 
	else 
	{
		echo "<font class=\"pn-normal\"><b>No</b></font>";
	}
	echo "<p>Resume posted on <b>";
	fixDate($posted);
	echo "</b><p>";

	}
}

//menu content for bottom of page
User_Menu($ModuleBaseUrl);
if($cmd == "Error")
{
	OpenTable();
	echo "<br><center><font class=\"pn-Title\"> Error </font></center>";
	CloseTable();
	OpenTable();

	echo "There was an error accessing the page you requested. Please <a href=\"$ModuleAdminUrl=post\">return to the main page</a> and try again.";
}


CloseTable();
//include("footer.php");
}//end of login code


?>
Return current item: phprofession job board