/home/mip/public_html/img/credit/datatables/sqlupdate.php.tar
home/mip/public_html_/old_mip/sqlupdate.php���������������������������������������������������������0000644�����������������00000055201�15152061660�0015065 0����������������������������������������������������������������������������������������������������ustar�00�������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������<?php
ini_set('display_errors',1);
error_reporting(E_ALL);
session_start();
require_once("common_msg.inc");
require_once("func-select.php");
require_once("func-proc.php");
$db = db_connect();
switch($what){
case 'principal':
$sql = "UPDATE principals SET name='".$_POST['name']."',
address='".$_POST['address']."',
fax='".$_POST['fax']."',
acc_date_from='".$_POST['acc_date_from']."',
acc_date_to='".$_POST['acc_date_to']."',
telephone='".$_POST['telephone']."',
email='".$_POST['email']."',
contact_person='".$_POST['contact_person']."'
WHERE principal_id='".$_POST['principal_id']."'";
$result = mysql_query($sql);
break;
case 'jo_pos':
$sql = "UPDATE jo_position SET
position_id='".$_POST['position_id']."',category_id='".$_POST['category_id']."',
no_of_male = '".$_POST['no_of_male']."',
no_of_female = '".$_POST['no_of_female']."',
no_of_coed ='".$_POST['no_of_coed']."',
wage = '".$_POST['wage']."'
WHERE jo_pos_id='".$_POST['jo_pos_id']."'";
$result = mysql_query($sql);
break;
case 'job_order':
$sql = "UPDATE job_order SET job_order_no='".$_POST['job_order_no']."',
principal_id='".$_POST['principal_id']."',
date='".$_POST['date']."',
date_needed='".$_POST['date_needed']."',
date_expired='".$_POST['date_expired']."',
status='".$_POST['status']."',
jobsite='".$_POST['jobsite']."'
WHERE job_order_id='".$_POST['job_order_id']."'";
$result = mysql_query($sql);
break;
case 'position':
$sql = "UPDATE positions SET name='".$_POST['name']."', category_id='".$_POST['category_id']."'' WHERE position_id='".$_POST['position_id']."'";
$result = mysql_query($sql);
$id = mysql_insert_id($sql);
break;
case 'ordernews':
$id = $_POST['id'];
$order_id = $_POST['order_id'];
$sql = "update web_announcements set order_id='".$order_id."' where id='".$id."'";
mysql_query($sql,$db);
break;
case 'orderjo':
$webjob_id = $_POST['webjob_id'];
$order_id = $_POST['order_id'];
$sql = "update web_jobs set order_id='".$order_id."' where webjob_id='".$webjob_id."'";
mysql_query($sql,$db);
break;
case 'jobsorder':
$fields = explode('&', $_REQUEST['ids']);
$order = 0;
foreach($fields as $field) {
$order++;
$field_key_value = explode('=', $field);
$level = urldecode($field_key_value[0]);
$id = urldecode($field_key_value[1]);
$query = "UPDATE web_jobs SET order_id = " . $order . " WHERE webjob_id = " . $id ."";
mysql_query($query,$db);
}
break;
case 'announcements':
$sql = "UPDATE web_announcements
SET title = '".$_POST['title']."',
status = '".$_POST['status']."',
announcement = '".addslashes($_POST['job_details'])."',
posting_date = '".$_POST['posting_date']."',
expiry_date = '".$_POST['expiry_date']."'
WHERE id='".$_POST['id']."'";
$result = mysql_query($sql);
echo mysql_error();
$array = array(
'title' => $_POST['title'],
'status' => $_POST['status'],
'posting_date' => $_POST['posting_date'],
'job_details' => $_POST['job_details'],
'expiry_date' => $_POST['expiry_date'],
'id' => $_POST['id']
);
echo json_encode($array);
break;
case 'webjobonly':
$sql = "UPDATE web_jobs SET position_id='".$_POST['position_id']."',category_id='".$_POST['category_id']."',
country_id='".$_POST['country_id']."',numpositions='".$_POST['numpositions']."',jo_pos_id='".$_POST['jo_pos_id']."',
posting_date='".$_POST['posting_date']."',location='".$_POST['location']."',
expiry_date='".$_POST['expiry_date']."',manpower_pooling='".$_POST['manpower_pooling']."',
min_age='".$_POST['min_age']."',yrs_exp='".$_POST['yrs_exp']."',min_reqmt='".$_POST['min_reqmt']."',
max_age='".$_POST['max_age']."',
gender='".$_POST['gender']."',
job_details='".$_POST['job_details']."',
principal_id='".$_POST['principal_id']."', status = '".$_POST['status']."',
showit='".$_POST['showit']."',
alias='".$_POST['alias']."',
order_id='".$_POST['order_id']."'
WHERE webjob_id='".$_POST['webjob_id']."'";
$result = mysql_query($sql);
$array = array(
'position_id'=>$_POST['position_id'],
'yrs_exp'=>$_POST['yrs_exp'],
'min_reqmt'=>$_POST['min_reqmt'],
'jo_pos_id'=>$_POST['jo_pos_id'],
'country_id'=>$_POST['country_id'],
'posting_date'=>$posting_date,
'expiry_date'=>$expiry_date,
'min_age'=>$_POST['min_age'],
'max_age'=>$_POST['max_age'],
'gender'=>$_POST['gender'],
'principal_id'=>$_POST['principal_id'],
'status'=>$_POST['status'],
'category_id'=>$_POST['category_id'],
'numpositions'=>$_POST['numpositions'],
'location'=>$_POST['location'],
'manpower_pooling'=>$_POST['manpower_pooling'],
'job_details'=>$_POST['job_details'],
'showit'=>$_POST['showit'],
'alias'=>$_POST['alias'],
'webjob_id'=>$_POST['webjob_id'],
'msg_status'=>'1',
'sql'=>$sql
);
echo json_encode($array);
break;
case 'agency_job':
//WA delete jobs
foreach ($jobsids as $value) {
$WA = getdata_one("WA","web_jobs","webjob_id",$value);
$WAids = $WAids."'".$WA["WA"]."',";
$sql = "DELETE FROM web_jobs WHERE webjob_id=$value";
$result = mysql_query($sql);
echo mysql_error();
if($result){
$apps = mysql_query("select applicant_id from web_personal where webjob_id = $value order by applicant_id");
while($row = mysql_fetch_array($apps)){
mysql_query("DELETE FROM web_education WHERE applicant_id=".$row['applicant_id']);
mysql_query("DELETE FROM web_employment WHERE applicant_id=".$row['applicant_id']);
mysql_query("DELETE FROM web_training WHERE applicant_id=".$row['applicant_id']);
}
mysql_query("DELETE FROM web_personal WHERE webjob_id=$value");
}
}
header("Location: ".$postjob_url."deletejobs.php?username=370757d2df51ae456bf63c165fc71817&password=ea4bfb7bd531339dfa3c58586bb804b9&site_url1=".$site_url."&what=delete&WA=".$WAids."&status=".$status."&searchword=".$searchword."&searchby=".$searchby."&sort_by=".$sort_by."&sort_order=".$sort_order."");
break;
case 'job_expiration':
//WA extend jobs
foreach ($jobsids as $value) {
$WA = getdata_one("*","web_jobs","webjob_id",$value);
if($act=='extend:1') {
$date = $WA["expiry_date"];
$date = strtotime(date("Y-m-d", strtotime($date)) . " +1 month");
$newexpiry = date("Y-m-d",$date);
}
if($act=='extend:2') {
$date = $WA["expiry_date"];
$date = strtotime(date("Y-m-d", strtotime($date)) . " +2 month");
$newexpiry = date("Y-m-d",$date);
}
if($act=='extend:3') {
$date = $WA["expiry_date"];
$date = strtotime(date("Y-m-d", strtotime($date)) . " +14 days");
$newexpiry = date("Y-m-d",$date);
}
$sql = "UPDATE web_jobs set expiry_date = '$newexpiry', status='Open', posting_date = '$sqltoday' WHERE webjob_id=$value";
$result = mysql_query($sql);
echo mysql_error();
}
header("Location: manage_webjobsonly.php?status=".$status."");
break;
case 'agency_job_expiration':
//WA extend jobs
foreach ($jobsids as $value) {
$WA = getdata_one("*","web_jobs","webjob_id",$value);
$WAids = $WAids."".$WA["WA"].",";
if($act=='extend:1') {
$date = $WA["expiry_date"];
$date = strtotime(date("Y-m-d", strtotime($date)) . " +1 month");
$newexpiry = date("Y-m-d",$date);
$newmonth = '1';
}
if($act=='extend:2') {
$date = $WA["expiry_date"];
$date = strtotime(date("Y-m-d", strtotime($date)) . " +2 month");
$newexpiry = date("Y-m-d",$date);
$newmonth = '2';
}
if($act=='extend:3') {
$date = $WA["expiry_date"];
$date = strtotime(date("Y-m-d", strtotime($date)) . " +3 month");
$newexpiry = date("Y-m-d",$date);
$newmonth = '3';
}
$sql = "UPDATE web_jobs set expiry_date = '$newexpiry', status='Open' WHERE webjob_id=$value";
$result = mysql_query($sql);
echo mysql_error();
}
header("Location: ".$postjob_url."deletejobs.php?username=370757d2df51ae456bf63c165fc71817&password=ea4bfb7bd531339dfa3c58586bb804b9&site_url1=".$site_url."&what=extend&WA=".$WAids."&newmonth=".$newmonth."&status=".$status."&searchword=".$searchword."&searchby=".$searchby."&sort_by=".$sort_by."&sort_order=".$sort_order."");
break;
case 'agency_job_status':
//WA close jobs
foreach ($jobsids as $value) {
$WA = getdata_one("*","web_jobs","webjob_id",$value);
$WAids = $WAids."'".$WA["WA"]."',";
$sql = "UPDATE web_jobs set status = 'Close' WHERE webjob_id=$value";
$result = mysql_query($sql);
echo mysql_error();
}
header("Location: ".$postjob_url."deletejobs.php?username=370757d2df51ae456bf63c165fc71817&password=ea4bfb7bd531339dfa3c58586bb804b9&site_url1=".$site_url."&what=close&WA=".$WAids."&status=".$status."&searchword=".$searchword."&searchby=".$searchby."&sort_by=".$sort_by."&sort_order=".$sort_order."");
break;
case 'agency_job':
//WA delete jobs
foreach ($jobsids as $value) {
$WA = getdata_one("WA","web_jobs","webjob_id",$value);
$WAids = $WAids."'".$WA["WA"]."',";
$sql = "DELETE FROM web_jobs WHERE webjob_id=$value";
$result = mysql_query($sql);
echo mysql_error();
if($result){
$apps = mysql_query("select applicant_id from web_personal where webjob_id = $value order by applicant_id");
while($row = mysql_fetch_array($apps)){
mysql_query("DELETE FROM web_education WHERE applicant_id=".$row['applicant_id']);
mysql_query("DELETE FROM web_employment WHERE applicant_id=".$row['applicant_id']);
mysql_query("DELETE FROM web_training WHERE applicant_id=".$row['applicant_id']);
}
mysql_query("DELETE FROM web_personal WHERE webjob_id=$value");
}
}
header("Location: ".$postjob_url."deletejobs.php?username=370757d2df51ae456bf63c165fc71817&password=ea4bfb7bd531339dfa3c58586bb804b9&site_url1=".$site_url."&what=delete&WA=".$WAids."&status=".$status."&searchword=".$searchword."&searchby=".$searchby."&sort_by=".$sort_by."&sort_order=".$sort_order."");
break;
case "web_doc" :
$doc_name= trim($doc_name);
if($_FILES['docfile']['name']){
if ( strstr($_FILES['docfile']['name'], "php") ) {
error_message('Invalid Format.');
exit;
}
$filename=stripslashes($_FILES['docfile']['name']);
$temp_dir = "$doc_rootdir"."$applicant_id";
if(!is_dir($doc_rootdir)) mkdir ($doc_rootdir);
if(!is_dir($temp_dir)) mkdir ($temp_dir);
copy($_FILES['docfile']['tmp_name'],"$temp_dir/$filename");
$sql_doc = "doc_file = '".addslashes($filename)."',";
}
$date_submitted = "$year-$day-$month";
$date_withdrawn = "$wyear-$wday-$wmonth";
$sql = "UPDATE $table SET
doc_name='$doc_name',
type_id='$doc_type',
$sql_doc
date_submitted='$sqltoday',
date_withdrawn='$date_withdrawn'
WHERE id=$id and applicant_id = '$applicant_id'";
$result = mysql_query($sql);
mysql_close();
header("Location: apply_online_doc.php?table=$table&applicant_id=$applicant_id");
break;
case 'personal1':
$birthd="$bday_year-$bday_month-$bday_day";
$lname=ucwords(strtolower($lname));
$fname=ucwords(strtolower($fname));
$mname=ucwords(strtolower($mname));
$email = ltrim(rtrim($email));
$duplicate_email1 = getdata("select * from web_personal where email='$email' and applicant_id !='$applicant_id'");
if(!empty($duplicate_email1)) error_message('Email Address already exist.');
$duplicate_email2 = getdata("select * from personal where email='$email' and applicant_id !='$applicant_id'");
if(!empty($duplicate_email2)) error_message('Email Address already exist.');
$duplicate2 = getdata("select * from web_personal where lname='$lname' and fname='$fname' and mname='$mname' and applicant_id !='$applicant_id'");
if(!empty($duplicate2)) error_message('You have already applied online.');
$duplicate3 = getdata("select * from personal where lname='$lname' and fname='$fname' and mname='$mname' and applicant_id!='$applicant_id'");
if(!empty($duplicate3)) error_message('You have already applied online.');
$duplicate4 = getdata("select * from personal where lname='$lname' and fname='$fname' and mname='$mname' and blacklisted='1' and applicant_id !='$applicant_id'");
if(!empty($duplicate4)) error_message('The applicant is blacklisted.');
if($hasresume){
$sql_resume = "";
} else {
if ($_FILES['picture']['name'] && $_FILES['picture']['name'] != 'none'){
if ( strstr($_FILES['picture']['name'], "php") ) {
error_message('Invalid Format.');
exit;
}
$max = '205000';
$filesize = filesize($_FILES['picture']['tmp_name']);
if($filesize<=$max) { // imagesize validtion
$type = basename($_FILES['picture']['type']);
switch($type){
case "vnd.openxmlformats-officedocument.wordprocessingml.document":
case "msword": $pic_name = $_FILES['picture']['name'];
$filename = $doc_dir.$applicant_id."/".$pic_name;
@copy($_FILES['picture']['tmp_name'], $filename);
break;
case "pdf": $pic_name = $_FILES['picture']['name'];
$filename = $doc_dir.$applicant_id."/".$pic_name;
@copy($_FILES['picture']['tmp_name'], $filename);
break;
default: error_message("Invalid file format: $type");
}
$sql_resume = "resumefile='$pic_name',";
} else {
error_message('Filesize is greater than 200 kb');
} // imagesize validtion
}
}
$sql = "UPDATE web_personal SET
position_id1='$position1',category_id='$category_id',
webjob_id='$webjob_id',password='$password1',
lname='$lname',address1='$address1',email='$email',cellphone='$cellphone',
position1_yrsofexp='$position1_yrsofexp',
position1_mosofexp='$position1_mosofexp',
position1_yrsofexp_abroad='$position1_yrsofexp_abroad',
position1_mosofexp_abroad='$position1_mosofexp_abroad',
fname='$fname',
mname='$mname',
$sql_resume
birthdate='$birthd'
where applicant_id='$applicant_id'";
$result = mysql_query($sql);
if($limit){ $cnt = $limit-1; }
else { $cnt = 1; }
for($i=1; $i<=$cnt; $i++){
$filename = "file".$i;
if ( strstr($_FILES[$filename]['name'], "php") ) {
error_message('Invalid Format.');
exit;
}
if($_FILES[$filename]["size"]<=$max){
$newname = $_FILES[$filename];
$temp_dirA = "$doc_dir"."$applicant_id";
if(!is_dir($doc_dir)) mkdir ($doc_dir);
if(!is_dir($temp_dirA)) mkdir ($temp_dirA);
$temp_dir_finalA = "$temp_dirA" . "/" . "$newname[name]";
$file_copy = @copy($newname[tmp_name],$temp_dir_finalA);
$doc_names = @getname($_POST['doc_type'.$i.''],"doc_type","type_id");
if($file_copy){
$sql2 = "INSERT INTO web_doc_library(applicant_id,doc_file,date_submitted,type_id,doc_name)
VALUES ('$applicant_id','$newname[name]','$sqltoday','".$_POST['doc_type'.$i.'']."','".$doc_names."')";
$result2 = mysql_query($sql2);
}
}
}
if($result) {
//header("Location: apply_online.php?applicant_id=$applicant_id&resume=1&msg=Information Saved");
header("Location: thankyou_apply.php?applicant_id=$applicant_id&table=$fin&whatapply=$whatapply");
} else {
header("Location: apply_online.php?applicant_id=$applicant_id&whatapply=$whatapply&msg=Error Updating");
}
break;
case 'personal':
if($table=="web_personal") {
//$webjob="webjob_id='$webjob_id',";
}
$birthd="$bday_year-$bday_month-$bday_day";
$lname=ucwords(strtolower($lname));
$fname=ucwords(strtolower($fname));
$mname=ucwords(strtolower($mname));
$email = ltrim(rtrim($email));
$duplicate_email1 = getdata("select * from web_personal where email='$email' and applicant_id !='$applicant_id'");
if(!empty($duplicate_email1)) error_message('Email Address already exist.');
$duplicate_email2 = getdata("select * from personal where email='$email' and applicant_id !='$applicant_id'");
if(!empty($duplicate_email2)) error_message('Email Address already exist.');
$duplicate2 = getdata("select * from web_personal where lname='$lname' and fname='$fname' and mname='$mname' and applicant_id !='$applicant_id'");
if(!empty($duplicate2)) error_message('You have already applied online.');
$duplicate3 = getdata("select * from personal where lname='$lname' and fname='$fname' and mname='$mname' and applicant_id!='$applicant_id'");
if(!empty($duplicate3)) error_message('You have already applied online.');
$duplicate4 = getdata("select * from personal where lname='$lname' and fname='$fname' and mname='$mname' and blacklisted='1' and and applicant_id !='$applicant_id'");
if(!empty($duplicate4)) error_message('The applicant is blacklisted.');
if ($_FILES['picture']['name'] && $_FILES['picture']['name'] != 'none'){
if ( strstr($_FILES['picture']['name'], "php") ) {
error_message('Invalid Format.');
exit;
}
if(!is_dir("irisonline/pictures/".date("Y")."")) mkdir ("irisonline/pictures/".date("Y")."");
list($width, $height, $type, $attr) = getimagesize($_FILES['picture']['tmp_name']);
if($width>250 || $height>250) {
error_message('Picture must have a maximum dimension \n\r of 150 by 150 pixels or 2 x 2');
}
$max = '50000';
$filesize = filesize($_FILES['picture']['tmp_name']);
if($filesize<=$max) { // imagesize validtion
$type = basename($_FILES['picture']['type']);
switch($type){
case "png" : $pic_name = "".date("Y")."/$applicant_id.png";
$filename = $pic_dir."$pic_name";
copy ($_FILES['picture']['tmp_name'], $filename);
break;
case "jpeg" :
case "pjpeg" : $pic_name = "".date("Y")."/$applicant_id.jpg";
$filename = $pic_dir."$pic_name";
copy ($_FILES['picture']['tmp_name'], $filename);
break;
case "gif" : $pic_name = "".date("Y")."/$applicant_id.gif";
$filename = $pic_dir."$pic_name";
copy ($_FILES['picture']['tmp_name'], $filename);
break;
default : error_message("Invalid picture format:$type");
}
} else {
error_message('Filesize is greater than '.$max.' bytes');
} // imagesize validtion
} else {
$pic_name="$pic";
}
if($cellphone) {
$cellphone = "0".substr($cellphone,-10);
}
$sql = "UPDATE $table SET
position_id1='$position1',category_id='$category_id',password='$password1',
$webjob
position1_yrsofexp='$position1_yrsofexp',
position1_mosofexp='$position1_mosofexp',
position1_yrsofexp_abroad='$position1_yrsofexp_abroad',
position1_mosofexp_abroad='$position1_mosofexp_abroad',
lname='$lname',
fname='$fname',
mname='$mname',
address1='$address1',
office_phone='$office_phone',
home_phone='$home_phone',
cellphone='$cellphone',
email='$email',
perm_no='$perm_no',
perm_st='$perm_st',
perm_city ='$perm_city',
perm_prov='$perm_prov',
perm_zip= '$perm_zip',
birthdate='$birthd',
birthplace='$birthplace',
height1='$height1',
height2='$height2',
weight1='$weight1',
weight2='$weight2',
sex='$sex',
civil_status='$civil_status',
religion='$religion',
nationality='$nationality',
picture='$pic_name'
where applicant_id='$applicant_id'
";
$result = mysql_query($sql);
if($result) {
if ($table=="web_personal") { $table = "web_education"; } else { $table = "education"; }
header("Location: apply_online_education.php?action=update&applicant_id=$applicant_id&msg=Information Saved&what=update_resume&what1=$what1&table=$table&whatapply=$whatapply");
} else {
header("Location: apply_online.php?action=update&applicant_id=$applicant_id&msg=Error Updating&what=update_resume&what1=$what1&table=$table&whatapply=$whatapply");
}
break;
case 'web_education':
$sql = "update web_education set education='$education', from_date='$from_date', to_date='$to_date', school='$school', course='$course' where id='$id'";
mysql_query($sql,$db);
header("Location: apply_online_education.php?applicant_id=$applicant_id");
break;
case 'web_employment':
if($from_date!=''){
$fdate = explode('/',$from_date);
$from_date = $fdate[1].'-'.$fdate[0].'-01';
}
if($from_date!='' && $to_date!=''){
$tdate = explode('/',$to_date);
$to_date = $tdate[1].'-'.$tdate[0].'-01';
} else if($from_date=='' && $to_date!=''){
$from_date = '';
$to_date = '';
} else {
$to_date = '';
}
$sql = "update web_employment set company='$company',
address='$address',
position='$position',
from_date='$from_date',
to_date='$to_date',
job_desc='".addslashes($job_desc)."',
reason_for_leaving='".addslashes($reason_for_leaving)."' where id='$id'";
mysql_query($sql,$db);
header("Location: apply_online_employment.php?applicant_id=$applicant_id");
break;
case 'web_training':
$date = ($date) ? date('Y-m-d', strtotime($date)) : '';
$sql = "update web_training set title='$title',center='$center',date='$date',remarks='$remarks' where training_id='$id'";
mysql_query($sql,$db);
header("Location: apply_online_training.php?applicant_id=$applicant_id");
break;
case 'web_document':
$uploadir = 'uploads/documents/';
if(strstr($_FILES['doc_file']['name'], "php"))
{
$message = 'Oops! Your file\'s is not a valid document.';
header("Location: apply_online_document.php?applicant_id=$applicant_id&msg=$message");
} else {
//if no errors...
if(!$_FILES['doc_file']['error'])
{
//now is the time to modify the future file name and validate the file
$ext = strtolower(substr(strrchr($_FILES['doc_file']['name'], "."), 1));
$new_file_name = randomstr().'.'.$ext; //rename file
if($_FILES['doc_file']['size'] > (3024000)) //can't be larger than 3 MB
{
$valid_file = false;
$message = 'Oops! Your file\'s size is to large.';
header("Location: apply_online_document.php?applicant_id=$applicant_id&msg=$message");
} else {
$valid_file = true;
}
//if the file has passed the test
if($valid_file)
{
if ( !is_dir($uploadir.$applicant_id) ) mkdir($uploadir.$applicant_id );
$fp = fopen($uploadir.$applicant_id.'/index.php', 'w');
fwrite($fp, '404 Page is Forbidden!!!');
fclose($fp);
//move it to where we want it to be
move_uploaded_file($_FILES['doc_file']['tmp_name'], 'uploads/documents/'.$applicant_id.'/'.$new_file_name);
$message = 'Congratulations! Your file was uploaded.';
$sql = "update web_doc_library set doc_name='$doc_name',type_id='$type_id',doc_file='$new_file_name' where id='$id'";
mysql_query($sql,$db);
header("Location: apply_online_document.php?applicant_id=$applicant_id&msg=$message");
}
}
//if there is an error...
else
{
//set that to be the returned message
$message = 'Oops! Your upload triggered the following error: '.$_FILES['doc_file']['error'];
header("Location: apply_online_document.php?applicant_id=$applicant_id&msg=$message");
}
}
$sql = "update web_doc_library set doc_name='$doc_name',type_id='$type_id' where id='$id'";
mysql_query($sql,$db);
header("Location: apply_online_document.php?applicant_id=$applicant_id");
break;
}
?>
�����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������home/mip/public_html_/old-website/employer/sqlupdate.php��������������������������������������������0000644�����������������00000126245�15152076056�0017530 0����������������������������������������������������������������������������������������������������ustar�00�������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������<?php
session_start();
require_once("common_msg.inc");
require_once("func_all.php");
$db = db_connect();
switch($what){
case 'reserve_applicants':
if(count($arr_applicants) == 0){
header("Location: edit_source_survey.php?msg=No applicant(s) selected!&position_id=$position_id");
exit;
}
foreach($arr_applicants as $applicant_id){
$applicants .= "'" . $applicant_id . "',";
}
$applicants = substr($applicants,0,-1);
$sql = "SELECT distinct(p.applicant_id),
p.birthdate,
p.sex,
p.cellphone,
p.position1_yrsofexp,
p.position1_mosofexp,
concat(p.lname,', ',p.fname,' ',left(p.mname,1),'.') as name
FROM personal as p
WHERE applicant_id IN(" . $applicants . ")
AND p.position_id1 = '$position_id'
$sql_gender
$sql_age
ORDER BY applicant_id";
$personal = getdata($sql);
$personal_num = count($personal);
//will set applicant status to reserve
$sql = "UPDATE personal SET status='Reserved', date_reserved='$sqltoday' WHERE applicant_id IN($applicants)";
$result2 = mysql_query($sql);
echo mysql_error();
//echo $myprincipalid;
$employer=getdata_one("*","principals","principal_id",$myprincipalid);
//if mysql_query successful, will send an email to employer
if($result2){
//$sql_emp="select email from principals where principal_id=$myprincipalid";
//$employer=getdata($sql_emp);
$company =getdata("SELECT * FROM company");
$from = "IRIS - EMPLOYER'S RESERVATION";//$company[1][agency_email];
$from_name = $company[1][agency_name];
$employer_email = $employer[email];
$agency_email = $company[1][agency_email];
$to = $employer_email. ", ".$agency_email;
//$to .=$agency_email;
$to_name = $employer[name];
$contact_person = $employer[contact_person];
$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\r\n";
$headers .= "From: IRIS EMPLOYER'S RESERVATION\r\n";
// $headers .= "cc: $from\r\n";
$subject = "Reserved Applicants for $to_name";
$message = "<html><head><title>Employer Registration Data</title><style type='text/css'>";
$message .=".box {BACKGROUND-COLOR: #FFFFFF; BORDER-BOTTOM: #cccccc 1px solid; BORDER-LEFT: #cccccc 1px solid; BORDER-RIGHT: #cccccc 1px solid; BORDER-TOP: #cccccc 1px solid; COLOR: black; FONT-FAMILY: verdana; FONT-SIZE: 11px; TEXT-DECORATION: none}";
$message .=".box1 {BACKGROUND-COLOR: #FFFFFF; BORDER-BOTTOM: #cccccc 0px solid; BORDER-LEFT: #cccccc 0px solid; BORDER-RIGHT: #cccccc 0px solid; BORDER-TOP: #cccccc 0px solid; COLOR: black; FONT-FAMILY: verdana; FONT-SIZE: 13px; TEXT-DECORATION: none}";
$message .="</style></head><body>";
$message .="<span class='box1'>Mam/Sir,</span>";
$message .="<br><span class='box1'>Here's a list of applicant(s) you reserved.</span><br><br>";
$message .="<table border=0 cellpadding=4 cellspacing=2 class='box'>";
$message .= "<tr bgcolor='#f1f1f1'><td></td><td>Applicant Id</td>";
$message .= "<td>Name</td>";
$message .= "<td>Sex</td>";
$message .= "<td>Age</td>";
$message .= "<td>Education</td>";
$message .= "<td>Years of Experience</td>";
for($x=1; $x<=$personal_num; $x++){
// insert of update process
$sql ="insert into process (applicant_id,principal_id)values('".$personal[$x][applicant_id]."','$myprincipalid')";
$resultx = mysql_query($sql);
//will set applicants principal_id
$sql ="UPDATE process SET principal_id = '$myprincipalid' WHERE applicant_id =".$personal[$x][applicant_id];
$resultx = mysql_query($sql);
//
$educ = getdata("SELECT education FROM education WHERE applicant_id = '" . $personal[$x]["applicant_id"] . "' ORDER BY to_date DESC");
$na=getdata_one("*","personal","applicant_id",$personal[$x][applicant_id]);
$message.= "<tr>";
$message.= "<td class=box align=right valign=top>$x. </td>";
$message.= "<td class=box valign=top> ";
$message.= $personal[$x][applicant_id];
$message.= "</td>";
$message.= "<td class=box valign=top> ";
$message.= $na[lname].", ".$na[fname];
$message.= "</td>";
$message.= "<td class=box align=center valign=top> ".$personal[$x]["sex"]."</td>";
$message.= "<td class=box align=center valign=top> ".get_age($personal[$x]["birthdate"])."</td>";
$message.= "<td class=box valign=top> ".$educ[1]["education"]."</td>";
$message.= "<td class=box align=left valign=top> ";
$message.= ($personal[$x]["position1_yrsofexp"])? ($personal[$x]["position1_yrsofexp"])."yrs" : "";
$message.= ($personal[$x]["position1_yrsofexp"] && $personal[$x]["position1_mosofexp"])? " & " : "";
$message.= ($personal[$x]["position1_mosofexp"])? ($personal[$x]["position1_mosofexp"])."mos" : "";
$message.= "</td>";
$message.= "</tr>";
} //end of for loop
$message .="</table></body></html>";
// will send email: mail($to, $subject, $message, $headers)
if(mail($to, $subject, $message, $headers)) {
$msg = "A message will be sent to inform ".$company[1][agency_name]." that you have reserved these applicants. There are no guarantee that all applicants will be available";
} else {
$msg = "Error Sending Email. Please Try Again";
}
header("Location: edit_source_survey.php?category_id=$category_id&msg=$msg&position_id=$position_id&status_id=$status_id&gender=$gender&min_age=$min_age&max_age=$max_age&job_desc=$job_desc");
echo mysql_error();
}// end of if
break;
case 'cvsent_remarks':
if($remarks){
$status = '0';
} else {
$status = '';
}
$sql = "UPDATE cv_sents
SET remarks2 = '$remarks',
status='$status'
where cvsent_id='$cvsent_id' ";
$result = mysql_query($sql);
if($result)
{
/* remove this email function
//send notification to rowald
$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\r\n";
// additional headers
$agency = getdata("select agency_email from company");
$agency_email = $agency[1]["agency_email"];
$emp=getdata_one("*","principals","principal_id",$myprincipalid);
$employer_email=$emp["email"];
$applicant_p=getdata_one("*","personal","applicant_id",$applicant_id);
$applicant_name=$applicant_p["lname"].", ".$applicant_p["fname"]." ".$applicant_p["mname"];
$headers .= "From: Irisonline"; //.$employer_email;
$to = $agency_email; // destination of the email
$subject = "Remarks from ".$emp["name"];
$body = "<html>
<body>
<table width='97%' cellpadding='0' cellspacing='0' border='0' style='border-style:none' bgcolor=#FFFFFF>
<tr>
<td align=center valign=middle class=box>
<span class=style10> LINE UP REMARKS <span>
<table border='0' cellpadding='0' cellspacing='0' style=border-collapse:collapse>
<tr>
<td height='15' colspan='3'></td>
</tr>
<tr>
<td height='22' align=left><strong>Applicant's Name</strong></td>
<td align=center><strong>:</strong></td>
<td align=left>".$applicant_name."</td>
</tr>
<tr>
<td height='22' valign=top align=left><strong>Employer's Name</strong></td>
<td align=left valign=top><strong>:</strong></td>
<td align=left>".$emp["name"]."</td>
</tr>
<tr>
<td height='22' align=left><strong>Job Order No. </strong></td>
<td align=left><strong>:</strong></td>
<td align=left>".$jo_no."</td>
</tr>
<tr>
<td height='22' align=left><strong>Employer's Remarks </strong></td>
<td align=center><strong>:</strong></td>
<td align=left>".$remarks."</td>
</tr>
</table>
</body>
</html>";
echo "<script> opener.window.location.reload(); </script>";
echo "<script> window.close(); </script>";
@mail($to, $subject, $body, $headers);
}
*/
echo "<script> opener.window.location.reload(); </script>";
echo "<script> window.close(); </script>";
}elseif(!$result)
{
echo "<script> alert('Failed!! Please try again later'); </script>";
}
break;
case 'version':
if($iris==0){ $acct=0;$prof=0;}
elseif($iris==1){ $acct=0;$prof=1;}
elseif($iris==2){ $acct=1;$prof=1;}
$sql = "UPDATE version
SET accounting='$acct',
professional='$prof'";
$result = mysql_query($sql);
if($result) header("Location: edit_version.php?msg=Updated");
else header("Location: edit_version.php?msg=Error Updating");
break;
case 'company':
if($agency_logo){
$logo_dir = "img/logo/";
$filename = $logo_dir.$agency_logo_name;
copy ($agency_logo, $filename);
$sql_logo = "agency_logo='".$logo_dir.$agency_logo_name."',";
}
$sql = "UPDATE company SET
agency_name='$agency_name',
$sql_logo
agency_address='$agency_address',
agency_tel='$agency_tel',
agency_fax='$agency_fax',
agency_email='$agency_email',
president='$president',
vp_operations='$vp_operations',
liaison_officer='$liaison_officer',
agency_encoder='$agency_encoder',
rfp_requestparty='$rfp_requestparty',
rfp_submittedby='$rfp_submittedby',
rfpdirect_requestparty='$rfpdirect_requestparty',
rfpdirect_submittedby='$rfpdirect_submittedby',
visa_certificate='$visa_certificate',
visa_stamping='$visa_stamping',
poeajo_requestparty='$poeajo_requestparty',
poeajo_submittedby='$poeajo_submittedby',
ofw_infosheet='$ofw_infosheet'
";
$result = mysql_query($sql);
echo mysql_error();
header("Location: edit_configuration.php?msg=Information Saved");
break;
case 'officers':
$sql = "UPDATE company_officers SET name='$name',designation='$designation' WHERE officer_id=$officer_id";
$result = mysql_query($sql);
echo mysql_error();
header("Location: edit_configuration.php?msg=Officer Saved");
break;
case 'applicant_status':
$duplicate = get_count("applicant_status","status","$status","and status!='$old_status'");
if(!empty($duplicate)) error_message('The applicant status you entered is already existing.');
$sql = "UPDATE applicant_status SET status='".ucwords(trim($status))."', orderid=$orderid
where status = '$old_status'";
$result = mysql_query($sql);
header("Location: manage_applicant_status.php");
break;
case 'user':
if($password1 || $password2){
if($password1!=$password2) error_message('Passwords entered were not the same.');
if(strlen($password1)<3 || strlen($password1)>16) error_message('Password must be between 3 to 16 characters.');
$sql_pwd = "password=password('$password1'),";
}
$duplicate = getdata("select * from users where username='$username' and user_id!=$user_id");
if(!empty($duplicate)) error_message('There is already an existing username like the one you entered.');
$sql = "UPDATE users SET username='$username',
$sql_pwd
name='$name',
access_id='$access_id'
WHERE user_id=$user_id ";
$result = mysql_query($sql);
if($result) header("Location: manage_user.php?msg=Updated");
else header("Location: manage_user.php?msg=Error Updating");
break;
case 'other_user':
if($oldpassword){
$testname = getdata("select * from users where password = PASSWORD('$oldpassword') and user_id='$user_id'");
if($testname){
if($password1!=$password2) error_message('New Password and Re-type Password were not the same.');
if(strlen($password1)<3 || strlen($password1)>16) error_message('New Password must be between 3 to 16 characters.');
$sql_password = ",password=password('$password1')";
}
else error_message('Invalid Old Password.Try again.');
}
$sql = "UPDATE users SET username='$iris_valid_user'
$sql_password
WHERE user_id=$user_id ";
$result = mysql_query($sql);
echo mysql_error();
if($result){
header("Location: edit_password.php?user_id=$user_id&msg=Updated");
}
else{
header("Location: edit_password.php?user_id=$user_id&msg=Error in Update");
}
break;
case 'country':
$duplicate = getdata("select * from country where name='$country' and country_id!=$countryID");
if(!empty($duplicate)) error_message('There is already an existing country like the one you entered.');
$sql = "UPDATE country SET name='$country'
WHERE country_id='$countryID' ";
$result = mysql_query($sql);
header("Location: manage_country.php");
break;
case 'broker':
$duplicate = getdata("select * from brokers where name='$name' and broker_id!=$broker_id");
if(!empty($duplicate)) error_message('There is already an existing broker like the one you entered.');
$acc_date = "$year-$month-$day";
$sql = "UPDATE brokers SET name='$name',
address='$address',
fax='$fax',
telephone='$telephone',
contact_person='$contact_person',
contact_position='$contact_position',
acc_no='$acc_no',
acc_date='$acc_date',
country_id='$country_id',
RO='$RO'
WHERE broker_id=$broker_id ";
$result = mysql_query($sql);
echo mysql_error();
if($result) header("Location: manage_broker.php?msg=Updated");
else header("Location: manage_broker.php?msg=Error Updating");
break;
case 'principal':
$duplicate = getdata("select * from principals where principal_name='$principal_name' and principal_id!=$principal_id");
if(!empty($duplicate)) error_message('There is already an existing principal like the one you entered.');
$acc_date = "$year-$month-$day";
$sql = "UPDATE principals SET principal_name='$principal_name',
address='$address',
fax='$fax',
telephone='$telephone',
email='$email',
contact_person='$contact_person',
contact_position='$contact_position',
acc_no='$acc_no',
acc_date='$acc_date',
country_id='$country_id',
city='$city',
RO='$RO',
broker_id='$broker_id',
username='$username',
password='$password'
WHERE principal_id=$principal_id ";
$result = mysql_query($sql);
if($result) header("Location: manage_principal.php?msg=Updated");
else header("Location: manage_principal.php?msg=Error Updating");
break;
case 'position':
$duplicate = getdata("select * from positions where name='$position' and position_id!='$position_id'");
if(!empty($duplicate)) error_message('There is already an existing position $position.');
$sql = "UPDATE positions SET name='$position'
WHERE position_id='$position_id' ";
$result = mysql_query($sql);
header("Location: manage_position.php");
break;
case 'clinic':
$duplicate = getdata("select * from clinics where name='$name' and address='$address' and clinic_id!=$clinic_id");
if(!empty($duplicate)) error_message('There is already an existing clinic like the one you entered.');
$sql = "UPDATE clinics SET name='$name',
address='$address',
telephone='$telephone',
contact='$contact',
remarks='$remarks'
WHERE clinic_id=$clinic_id ";
$result = mysql_query($sql);
if($result) header("Location: manage_clinic.php?msg=Updated");
else header("Location: manage_clinic.php?msg=Error Updating");
break;
case 'job_order':
$duplicate = getdata("select * from job_order where job_order_no='$job_order_no' and job_order_id != $job_order_id");
if(!empty($duplicate)) error_message('Job Order ID already exists.');
$date = "$year-$month-$day";
$sql = "UPDATE job_order SET job_order_no='$job_order_no',
principal_id='$principal_id',
date='$date',
status='$status'
WHERE job_order_id=$job_order_id ";
$result = mysql_query($sql);
$sql1 = "UPDATE process SET principal_id='$principal_id'
WHERE job_order_id=$job_order_id ";
$result1 = mysql_query($sql1);
if($result) header("Location: edit_job_order.php?Action=edit&job_order_id=$job_order_id&msg=Updated");
else header("Location: edit_job_order.php?Action=edit&job_order_id=$job_order_id&msg=Error Updating");
break;
case 'jo_pos':
$duplicate = getdata("select * from jo_position where job_order_id='$job_order_id' and position_id='$position_id' and jo_pos_id != $jo_pos_id");
if(!empty($duplicate)) error_message('Duplicate position for this job order.');
if(eregi("[[:punct:]]|[[:alpha:]]",$no_of_male))error_message('No. of male is in wrong type.Integers only.');
if(eregi("[[:punct:]]|[[:alpha:]]",$no_of_female))error_message('No. of female is in wrong type.Integers only.');
if(eregi("[[:punct:]]|[[:alpha:]]",$no_of_coed))error_message('No. of male/female is in wrong type.Integers only.');
$sql = "UPDATE jo_position SET position_id='$position_id',
no_of_male='$no_of_male',
no_of_female='$no_of_female',
no_of_coed='$no_of_coed',
wage='$wage'
WHERE jo_pos_id=$jo_pos_id";
$result = mysql_query($sql);
header("Location: edit_job_order.php?Action=edit&job_order_id=$job_order_id");
break;
case 'visa':
$duplicate = getdata("select * from visa where visa_no='$visa_no' and visa_id != $visa_id");
if(!empty($duplicate)) error_message('Visa No. already exists.');
$sql = "UPDATE visa SET visa_no='$visa_no',
principal_id='$principal_id',
expiry_date='$expiry_date',
status='$status'
WHERE visa_id=$visa_id ";
$result = mysql_query($sql);
if($result) header("Location: edit_visa.php?Action=edit&visa_id=$visa_id&msg=Updated");
else header("Location: edit_visa.php?Action=edit&visa_id=$visa_id&msg=Error Updating");
break;
case 'visa_pos':
$duplicate = getdata("select * from visa_position where visa_id='$visa_id' and position_id='$position_id' and visa_pos_id != $visa_pos_id");
if(!empty($duplicate)) error_message('Duplicate position for this visa.');
if(eregi("[[:punct:]]|[[:alpha:]]",$no_of_male))error_message('No. of male is in wrong type.Integers only.');
if(eregi("[[:punct:]]|[[:alpha:]]",$no_of_female))error_message('No. of female is in wrong type.Integers only.');
if(eregi("[[:punct:]]|[[:alpha:]]",$no_of_coed))error_message('No. of male/female is in wrong type.Integers only.');
$sql = "UPDATE visa_position SET position_id='$position_id',
no_of_male='$no_of_male',
no_of_female='$no_of_female',
no_of_coed='$no_of_coed',
wage='$wage'
WHERE visa_pos_id=$visa_pos_id";
$result = mysql_query($sql);
header("Location: edit_visa.php?Action=edit&visa_id=$visa_id");
break;
case 'personal':
$apply_date = "$applied_year-$applied_month-$applied_day";
$birthdate = "$bday_year-$bday_month-$bday_day";
$lname=ucfirst($lastname);
$fname=ucfirst($firstname);
$mname=ucfirst($mname);
$duplicate = getdata("select * from personal
where lname='$lname' and
fname='$fname' and
mname='$mname' and
applicant_id!='$applicant_id'");
if(!empty($duplicate)) error_message('Applicant already in the database.');
// If there is a new picture
if ($picture && $picture!="none"){
$type = basename($picture_type);
switch($type){
case "png" : $pic_name = "pngImage/$applicant_id.png";
$filename = $pic_dir."$pic_name";
copy ($picture, $filename);
break;
case "jpeg" :
case "pjpeg" : $pic_name = "jpegImage/$applicant_id.jpg";
$filename = $pic_dir."$pic_name";
copy ($picture, $filename);
break;
case "gif" : $pic_name = "gifImage/$applicant_id.gif";
$filename = $pic_dir."$pic_name";
copy ($picture, $filename);
break;
default : error_message("Invalid picture format:$type");
}// switch
}// end of if there is a picture
else{// if there is no pic
$pic_name="$pic";
}
if($agent_id)$text=",agent_id=$agent_id";
$sql = "UPDATE personal SET
apply_date='$apply_date',
fname='$fname',
mname='$mname',
lname='$lname',
address1='$address1',
perm_no='$perm_no',
perm_st='$perm_st',
perm_city='$perm_city',
perm_prov='$perm_prov',
perm_zip='$perm_zip',
office_phone='$office_phone',
home_phone='$home_phone',
cellphone='$cellphone',
birthdate='$birthdate',
birthplace='$birthplace',
sex='$sex',
height1='$height1',
height2='$height2',
weight1='$weight1',
weight2='$weight2',
civil_status='$civil_status',
religion='$religion',
nationality='$nationality',
position_id1='$position1',
position_id2='$position2',
position1_yrsofexp='$position1_yrsofexp',
position1_mosofexp='$position1_mosofexp',
position2_yrsofexp='$position2_yrsofexp',
position2_mosofexp='$position2_mosofexp',
country_id='$country_id',
status='$status',
picture='$pic_name',
remarks='$remarks'
$text
WHERE applicant_id='$applicant_id' ";
$result = mysql_query($sql);
echo mysql_error();
if($result) header("Location: edit_personal.php?Action=edit&applicant_id=$applicant_id&msg=Information Saved");
else header("Location: edit_personal.php?Action=edit&applicant_id=$applicant_id&msg=Error Updating");
break;
case 'family':
$duplicate = getdata("select * from family where applicant_id='$applicant_id'");
if(empty($duplicate)){
$sql_family = "INSERT INTO family(applicant_id) VALUES ('$applicant_id')";
$result_family = mysql_query($sql_family);
}
$sql = "UPDATE family SET f_name='$f_name',
f_occup='$f_occup',
m_name='$m_name',
m_occup='$m_occup',
num_brother='$num_brother',
age_brother='$age_brother',
num_sister='$num_sister',
age_sister='$age_sister',
address='$address'
WHERE applicant_id='$applicant_id'";
$result = mysql_query($sql);
if($result) header("Location: edit_family.php?Action=edit&applicant_id=$applicant_id&msg=Information Saved");
else header("Location: edit_family.php?Action=edit&applicant_id=$applicant_id&msg=Error Updating");
break;
case 'beneficiary':
$duplicate = getdata("select * from beneficiary where applicant_id='$applicant_id'");
if(empty($duplicate)){
$sql_ben = "INSERT INTO beneficiary(applicant_id) VALUES ('$applicant_id')";
$result_ben = mysql_query($sql_ben);
}
$sql = "UPDATE beneficiary SET ben_fname='$ben_fname',
ben_lname='$ben_lname',
ben_mname='$ben_mname',
ben_relationship='$ben_relationship',
allo_fname='$allo_fname',
allo_lname='$allo_lname',
allo_mname='$allo_mname',
allo_relationship='$allo_relationship',
add_no='$add_no',
add_st='$add_st',
tel_no='$tel_no',
add_city='$add_city',
add_prov='$add_prov',
add_zip='$add_zip'
WHERE applicant_id='$applicant_id' ";
$result = mysql_query($sql);
echo mysql_error();
if($result)
header("Location: edit_beneficiary.php?Action=edit&applicant_id=$applicant_id&msg=Information Saved");
else
header("Location: edit_beneficiary.php?Action=edit&applicant_id=$applicant_id&msg=Error Updating");
break;
case 'dependents':
$duplicate = getdata("select * from dependents where applicant_id='$applicant_id'");
if(empty($duplicate)){
$sql_dep = "INSERT INTO dependents(applicant_id) VALUES ('$applicant_id')";
$result_dep = mysql_query($sql_dep);
}
$spouse_bday = "$sp_year-$sp_month-$sp_day";
$f_bday = "$f_year-$f_month-$f_day";
$m_bday = "$m_year-$m_month-$m_day";
$sql = "UPDATE dependents SET
spouse_lname='$spouse_lname',
spouse_fname='$spouse_fname',
spouse_mname='$spouse_mname',
spouse_bday='$spouse_bday',
spouse_occup='$spouse_occup',
f_lname='$f_lname',
f_fname='$f_fname',
f_mname='$f_mname',
f_bday='$f_bday',
f_status='$f_status',
m_lname='$m_lname',
m_fname='$m_fname',
m_mname='$m_mname',
m_bday='$m_bday',
m_status='$m_status'
WHERE applicant_id='$applicant_id'";
$result = mysql_query($sql);
echo mysql_error();
if($result)
header("Location: edit_dependents.php?Action=edit&applicant_id=$applicant_id&msg=Information Saved");
else
header("Location: edit_dependents.php?Action=edit&applicant_id=$applicant_id&msg=Error in Update");
break;
case 'children':
$sql = "UPDATE children SET disable=0,disability='',date_sustained='' WHERE applicant_id='$applicant_id'";
$result = mysql_query($sql);
echo mysql_error();
if($disable){
foreach($disable as $id){
$year = "sus_year_$id";
$month = "sus_month_$id";
$day = "sus_day_$id";
$date_sustained = $$year."-".$$month."-".$$day;
$dis = "disability_$id";
$disability = $$dis;
$sql = "UPDATE children SET disable=1,
disability='$disability',
date_sustained='$date_sustained'
WHERE id=$id";
$result = mysql_query($sql);
echo mysql_error();
}// end of for each disable
}// end of if disable
header("Location: edit_dependents.php?Action=edit&applicant_id=$applicant_id&msg=$msg");
break;
case 'education':
$sql = "UPDATE education SET applicant_id='$applicant_id',
education='$education',
school='$school',
from_date='$from_date',
to_date='$to_date',
course='$course'
WHERE id='$id'";
$result = mysql_query($sql);
header("Location: edit_education.php?Action=edit&applicant_id=$applicant_id");
break;
case 'employment':
$from_day = ($from_day)? $from_day : "00";
$from_month = ($from_month)? $from_month : "00";
$from_year = ($from_year)? $from_year : "000";
$to_day = ($to_day)? $to_day : "00";
$to_month = ($to_month)? $to_month : "00";
$to_year = ($to_year)? $to_year : "000";
$from_date = "$from_year-$from_month-$from_day";
$to_date = "$to_year-$to_month-$to_day";
$sql = "UPDATE employment SET applicant_id='$applicant_id',
company='$company',
address='$address',
position='$position',
department='$department',
salary='$salary',
currency='$currency',
from_date='$from_date',
to_date='$to_date',
job_desc='$job_desc',
reason_for_leaving='$reason_for_leaving'
WHERE id= '$id'";
$result = mysql_query($sql);
header("Location: edit_employment.php?Action=edit&applicant_id=$applicant_id");
break;
case 'training':
$day = ($day)? $day : "00";
$month = ($month)? $month : "00";
$year = ($year)? $year : "000";
$date = "$year-$month-$day";
$sql = "UPDATE training SET applicant_id='$applicant_id',
center='$center',
title='$title',
date='$date',
remarks='$remarks'
WHERE training_id = '$training_id'";
$result = mysql_query($sql);
header("Location: edit_training.php?Action=edit&applicant_id=$applicant_id");
break;
case 'medical': $date = "$year-$month-$day";
$sql = "UPDATE medical SET applicant_id='$applicant_id',
status='$status',
description='$description',
clinic_id='$clinic',
phase=$phase,
date='$date'
WHERE medical_id='$medical_id'";
$result = mysql_query($sql);
header("Location: edit_medical.php?Action=edit&applicant_id=$applicant_id");
break;
case 'prequalify':
$duplicate = getdata("select * from prequalify
where applicant_id='$applicant_id'");
if(empty($duplicate)){
$sql_prequalify = "INSERT INTO prequalify(applicant_id)
VALUES ('$applicant_id')";
$result_prequalify = mysql_query($sql_prequalify);
}
$date= "$year-$month-$day";
$sql = "UPDATE prequalify SET date='$date',
RO='$RO',
appearance='$appearance',
personality='$personality',
experience='$experience',
knowledge='$knowledge',
comm_skills='$comm_skills',
remarks='$remarks'
WHERE applicant_id='$applicant_id' ";
$result = mysql_query($sql);
if($result) header("Location: edit_prequalify.php?Action=edit&applicant_id=$applicant_id&msg=Information Saved");
else header("Location: edit_prequalify.php?Action=edit&applicant_id=$applicant_id&msg=Error Updating");
break;
case 'process':
$duplicate = getdata("select * from process where applicant_id='$applicant_id'");
if(empty($duplicate)){
$sql_process = "INSERT INTO process(applicant_id) VALUES ('$applicant_id')";
$result_process = mysql_query($sql_process);
}
$job_acceptance = "$job_acceptance_year-$job_acceptance_month-$job_acceptance_day";
$drug_test = "$drug_test_year-$drug_test_month-$drug_test_day";
$pdos = "$pdos_year-$pdos_month-$pdos_day";
$attest = "$attest_year-$attest_month-$attest_day";
$visa_filed = "$visa_filed_year-$visa_filed_month-$visa_filed_day";
$visa_released = "$visa_released_year-$visa_released_month-$visa_released_day";
$poea_filed = "$poea_filed_year-$poea_filed_month-$poea_filed_day";
$poea_released = "$poea_released_year-$poea_released_month-$poea_released_day";
$ticket = "$ticket_year-$ticket_month-$ticket_day";
$deployed = "$deployed_year-$deployed_month-$deployed_day";
$cla_date = "$cla_year-$cla_month-$cla_day";
$pp_date_expires = "$pp_expiratn_year-$pp_expiratn_month-$pp_expiratn_day";
$pp_date_issued = "$pp_issued_year-$pp_issued_month-$pp_issued_day";
$arrival = "$arrival_year-$arrival_month-$arrival_day";
@$job_order_id = getfield("job_order_id","jo_position","jo_pos_id",$jopos_id);
@$visa_id = getfield("visa_id","visa_position","visa_pos_id",$visapos_id);
$sql = "UPDATE process SET principal_id='$principal_id',
job_order_id='$job_order_id',
jo_pos_id='$jopos_id',
visa_id='$visa_id',
visa_pos_id='$visapos_id',
direct_hire='$direct_hire',
basic_salary='$basic_salary',
contract_duration='$contract_duration',
food_allowance='$food_allowance',
job_acceptance='$job_acceptance',
pdos='$pdos',
attest='$attest',
drug_test='$drug_test',
passport='$passport',
pp_place_issued='$pp_place_issued',
pp_date_issued='$pp_date_issued',
pp_date_expires='$pp_date_expires',
nbi='$nbi',
tin='$tin',
visa_filed='$visa_filed',
visa_released='$visa_released',
poea_filed='$poea_filed',
poea_released='$poea_released',
deployment='$deployed',
ticket='$ticket',
OEC='$OEC',
cla='$cla',
cla_date='$cla_date',
mofa='$mofa',
position='$position',
arrival='$arrival',
sirb='$sirb',
src='$src',
remarks='$remarks'
WHERE applicant_id='$applicant_id' ";
$result = mysql_query($sql);
echo mysql_error();
if($status) {
$sql1 = "UPDATE personal SET status='$status' WHERE applicant_id='$applicant_id'";
$result1 = mysql_query($sql1);
}
if($result) header("Location: edit_process.php?Action=edit&applicant_id=$applicant_id&msg=Information Saved");
else header("Location: edit_process.php?Action=edit&applicant_id=$applicant_id&msg=Error Updating");
break;
case 'complaint':
$complaint_date = "$complaint_year-$complaint_month-$complaint_day";
$resolved_date = "$resolved_year-$resolved_month-$resolved_day";
$sql = "UPDATE complaints SET applicant_id='$applicant_id',
complaint_date='$complaint_date',
complaint='$complaint',
remarks='$remarks',
comment='$comment',
resolved_date='$resolved_date',
resolvedby='$resolvedby'
WHERE complaint_id = '$complaint_id'";
$result = mysql_query($sql);
header("Location: edit_complaint.php?Action=edit&applicant_id=$applicant_id");
break;
case 'payment':
$date = "$year-$month-$day";
$sql = "UPDATE payment SET applicant_id='$applicant_id',
description='$description',
total_amount='$amount',
total_amountdollars='$amountdollars',
date='$date'
WHERE payment_id='$payment_id'";
$result = mysql_query($sql);
header("Location: edit_payment.php?Action=edit&applicant_id=$applicant_id");
break;
case 'payment_detail':
$date = "$year-$month-$day";
$sql = "UPDATE payment_detail SET payment_id='$payment_id',
or_no='$or',
description='$description',
amount='$amount',
amountdollars='$amountdollars',
date='$date'
WHERE id='$id'";
$result = mysql_query($sql);
echo mysql_error();
header("Location: edit_payment_detail.php?Action=edit&applicant_id=$applicant_id&payment_id=$payment_id");
break;
case 'cv_sent':
$date = "$year-$month-$day";
$sql = "UPDATE cv_sents SET
principal_id=$principal_id,
jo_pos_id='$jo_pos_id',
date='$date'
WHERE cvsent_id=$cvsent_id";
$result = mysql_query($sql);
echo mysql_error();
header("Location: edit_cvsent.php?applicant_id=$applicant_id");
break;
case 'agent':
$duplicate = getdata("select * from acct_agents where name='$name' and address='$address' and agent_id!=$agent_id");
if(!empty($duplicate)) error_message('There is already an existing agent like the one you entered.');
$sql = "UPDATE acct_agents SET name='$name',
address='$address',
fax='$fax',
telephone='$telephone' ,
price='$price'
WHERE agent_id=$agent_id ";
$result = mysql_query($sql);
header("Location: manage_agent.php?msg=Updated");
break;
case 'account':
$duplicate = getdata("select * from acct_accounts where name='$account' and account_id!=$accountID");
if(!empty($duplicate)) error_message('There is already an existing account like the one you entered.');
$sql = "UPDATE acct_accounts SET name='$account'
WHERE account_id='$accountID' ";
$result = mysql_query($sql);
header("Location: manage_accounts.php");
break;
case 'expense':
$date = "$year-$month-$day";
$sql = "UPDATE acct_expenses SET
account_id='$account_id',
job_order_id='$job_order_id',
description='$description',
amount=$amount,
date='$date'
WHERE expense_id='$expense_id' ";
$result = mysql_query($sql);
header("Location: input_expense.php");
break;
case 'income':
$date = "$year-$month-$day";
$sql = "UPDATE acct_incomes SET
account_id='$account_id',
job_order_id='$job_order_id',
description='$description',
amount=$amount,
date='$date'
WHERE income_id='$income_id' ";
$result = mysql_query($sql);
header("Location: input_income.php");
break;
case 'broker_paid':
$sql = "UPDATE personal set broker_paid='$broker_paid'
WHERE applicant_id='$applicant_id' ";
$result = mysql_query($sql);
header("Location: report_Payables.php?job_order_id=$job_order_id&paid=$paid&from_month=$from_month&from_day=$from_day&from_year=$from_year&to_month=$to_month&to_day$to_day&to_year=$to_year");
break;
case 'agent_paid':
$sql = "UPDATE personal set agent_paid='$agent_paid'
WHERE applicant_id='$applicant_id' ";
$result = mysql_query($sql);
header("Location: report_Commissions.php?agent_id=$agent_id&paid=$paid&from_month=$from_month&from_day=$from_day&from_year=$from_year&to_month=$to_month&to_day$to_day&to_year=$to_year");
break;
}
?>
���������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������
