/home/mip/public_html_/old_mip/home/sqlupdate.php
<?php
session_start();
require_once("../common_msg.inc");
require_once('../func-select.php');
$db = db_connect();
$what = isset($_GET['what']) ? $_GET['what'] : '';
switch($what){
case 'jobsorder':
$fields = explode('&', $_REQUEST['ids']);
$order = 0;
foreach($fields as $field) {
$order++;
$field_key_value = explode('=', $field);
$level = urldecode($field_key_value[0]);
$id = urldecode($field_key_value[1]);
$query = "UPDATE web_jobs SET order_id = " . $order . " WHERE webjob_id = " . $id ."";
mysql_query($query,$db);
}
break;
case 'web_education':
$sql = "update web_education set education='$education', from_date='$from_date', to_date='$to_date', school='$school', course='$course' where id='$id'";
mysql_query($sql,$db);
header("Location: apply_online_education.php?applicant_id=$applicant_id");
break;
case 'web_employment':
if($from_date!=''){
$fdate = explode('/',$from_date);
$from_date = $fdate[1].'-'.$fdate[0].'-01';
}
if($from_date!='' && $to_date!=''){
$tdate = explode('/',$to_date);
$to_date = $tdate[1].'-'.$tdate[0].'-01';
} else if($from_date=='' && $to_date!=''){
$from_date = '';
$to_date = '';
} else {
$to_date = '';
}
$sql = "update web_employment set company='$company',
address='$address',
position='$position',
from_date='$from_date',
to_date='$to_date',
job_desc='".addslashes($job_desc)."',
reason_for_leaving='".addslashes($reason_for_leaving)."' where id='$id'";
mysql_query($sql,$db);
header("Location: apply_online_employment.php?applicant_id=$applicant_id");
break;
case 'web_training':
$date = ($date) ? date('Y-m-d', strtotime($date)) : '';
$sql = "update web_training set title='$title',center='$center',date='$date',remarks='$remarks' where training_id='$id'";
mysql_query($sql,$db);
header("Location: apply_online_training.php?applicant_id=$applicant_id");
break;
case 'web_document':
$uploadir = 'uploads/documents/';
if(strstr($_FILES['doc_file']['name'], "php"))
{
$message = 'Oops! Your file\'s is not a valid document.';
header("Location: apply_online_document.php?applicant_id=$applicant_id&msg=$message");
} else {
//if no errors...
if(!$_FILES['doc_file']['error'])
{
//now is the time to modify the future file name and validate the file
$ext = strtolower(substr(strrchr($_FILES['doc_file']['name'], "."), 1));
$new_file_name = randomstr().'.'.$ext; //rename file
if($_FILES['doc_file']['size'] > (3024000)) //can't be larger than 3 MB
{
$valid_file = false;
$message = 'Oops! Your file\'s size is to large.';
header("Location: apply_online_document.php?applicant_id=$applicant_id&msg=$message");
} else {
$valid_file = true;
}
//if the file has passed the test
if($valid_file)
{
if ( !is_dir($uploadir.$applicant_id) ) mkdir($uploadir.$applicant_id );
$fp = fopen($uploadir.$applicant_id.'/index.php', 'w');
fwrite($fp, '404 Page is Forbidden!!!');
fclose($fp);
//move it to where we want it to be
move_uploaded_file($_FILES['doc_file']['tmp_name'], 'uploads/documents/'.$applicant_id.'/'.$new_file_name);
$message = 'Congratulations! Your file was uploaded.';
$sql = "update web_doc_library set doc_name='$doc_name',type_id='$type_id',doc_file='$new_file_name' where id='$id'";
mysql_query($sql,$db);
header("Location: apply_online_document.php?applicant_id=$applicant_id&msg=$message");
}
}
//if there is an error...
else
{
//set that to be the returned message
$message = 'Oops! Your upload triggered the following error: '.$_FILES['doc_file']['error'];
header("Location: apply_online_document.php?applicant_id=$applicant_id&msg=$message");
}
}
$sql = "update web_doc_library set doc_name='$doc_name',type_id='$type_id' where id='$id'";
mysql_query($sql,$db);
header("Location: apply_online_document.php?applicant_id=$applicant_id");
break;
case 'webjobonly':
$sql = "UPDATE web_jobs SET position_id='".$_POST['position_id']."',category_id='".$_POST['category_id']."',
country_id='".$_POST['country_id']."',numpositions='".$_POST['numpositions']."',jo_pos_id='".$_POST['jo_pos_id']."',
posting_date='".$_POST['posting_date']."',location='".$_POST['location']."',
expiry_date='".$_POST['expiry_date']."',manpower_pooling='".$_POST['manpower_pooling']."',
min_age='".$_POST['min_age']."',yrs_exp='".$_POST['yrs_exp']."',min_reqmt='".$_POST['min_reqmt']."',
max_age='".$_POST['max_age']."',
gender='".$_POST['gender']."',
job_details='".addslashes($_POST['job_details'])."',
principal_id='".$_POST['principal_id']."', status = '".$_POST['status']."',
showit='".$_POST['showit']."',
alias='".$_POST['alias']."',
order_id='".$_POST['order_id']."'
WHERE webjob_id='".$_POST['webjob_id']."'";
$result = mysql_query($sql);
$array = array(
'position_id'=>$_POST['position_id'],
'yrs_exp'=>$_POST['yrs_exp'],
'min_reqmt'=>$_POST['min_reqmt'],
'jo_pos_id'=>$_POST['jo_pos_id'],
'country_id'=>$_POST['country_id'],
'posting_date'=>$_POST['posting_date'],
'expiry_date'=>$_POST['expiry_date'],
'min_age'=>$_POST['min_age'],
'max_age'=>$_POST['max_age'],
'gender'=>$_POST['gender'],
'principal_id'=>$_POST['principal_id'],
'status'=>$_POST['status'],
'category_id'=>$_POST['category_id'],
'numpositions'=>$_POST['numpositions'],
'location'=>$_POST['location'],
'manpower_pooling'=>$_POST['manpower_pooling'],
'job_details'=>$_POST['job_details'],
'showit'=>$_POST['showit'],
'alias'=>$_POST['alias'],
'webjob_id'=>$_POST['webjob_id'],
'msg_status'=>'1',
'sql'=>$sql
);
echo json_encode($array);
// header("Location: http://mipiris-server/irisonline/edit_webjobonly.php?Action=edit&webjob_id=".$_POST['webjob_id']."&Action=add&msg=Job%20Opening has been Saved");
break;
case 'announcements':
$sql = "UPDATE web_announcements
SET title = '".$_POST['title']."',
status = '".$_POST['status']."',
announcement = '".addslashes($_POST['job_details'])."',
posting_date = '".$_POST['posting_date']."',
expiry_date = '".$_POST['expiry_date']."'
WHERE id='".$_POST['id']."'";
$result = mysql_query($sql);
echo mysql_error();
$array = array(
'title' => $_POST['title'],
'status' => $_POST['status'],
'posting_date' => $_POST['posting_date'],
'job_details' => $_POST['job_details'],
'expiry_date' => $_POST['expiry_date'],
'id' => $_POST['id']
);
echo json_encode($array);
break;
}