initial commit

87691fe8 · Eric Rasmussen · e175116a · 87691fe8 · 87691fe8 · 87691fe8
Commit 87691fe8 authored Dec 07, 2009 by Eric Rasmussen
--- a/.buildpath
+++ b/.buildpath
+<?xml version="1.0" encoding="UTF-8"?>
+<buildpath>
+	<buildpathentry kind="src" path=""/>
+	<buildpathentry kind="con" path="org.eclipse.php.core.LANGUAGE"/>
+</buildpath>
--- a/.project
+++ b/.project
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>UNL_Studentjobs</name>
+	<comment></comment>
+	<projects>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>org.eclipse.wst.jsdt.core.javascriptValidator</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.wst.validation.validationbuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.dltk.core.scriptbuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>org.eclipse.php.core.PHPNature</nature>
+		<nature>org.eclipse.wst.jsdt.core.jsNature</nature>
+	</natures>
+</projectDescription>
--- a/README
+++ b/README
+database: studentjobs
+
+####application
+####a new row is created for each edit so that previous submissions display the application as it looked at the time of submission
+  	id  	int(10)  	 	  	No  	 	auto_increment
+	username 	varchar(255) 	utf8_general_ci 		No 			
+	firstname 	varchar(255) 	utf8_general_ci 		No 			
+	mi 	varchar(5) 	utf8_general_ci 		Yes 	NULL 		
+	lastname 	varchar(255) 	utf8_general_ci 		No 			
+	address 	varchar(255) 	utf8_general_ci 		No 			
+	city 	varchar(255) 	utf8_general_ci 		No 			
+	state 	varchar(255) 	utf8_general_ci 		No 			
+	zip 	varchar(10) 	utf8_general_ci 		No 			
+	phone 	varchar(255) 	utf8_general_ci 		No 			
+	email 	varchar(255) 	utf8_general_ci 		No 			
+	misdemeanor 	varchar(5) 	utf8_general_ci 		No 			
+	misdetails 	longtext 	utf8_general_ci 		Yes 	NULL 		
+	felony 	varchar(5) 	utf8_general_ci 		No 			
+	feldetails 	longtext 	utf8_general_ci 		Yes 	NULL 		
+	courtorder 	varchar(5) 	utf8_general_ci 		No 			
+	codetails 	longtext 	utf8_general_ci 		Yes 	NULL 			 
+
+####contacts
+####users granted permission to view submissions for the appropriate dept
+  	id  	int(10)  	 	  	No  	 	auto_increment
+	department_id 	int(10) 			No 			
+	username 	varchar(255) 	utf8_general_ci 		No 			
+	name 	varchar(255) 	utf8_general_ci 		No 			
+	email 	varchar(255) 	utf8_general_ci 		No 			
+	phone 	varchar(255) 	utf8_general_ci 		Yes 	NULL 		
+
+####department
+####departments that are part of the system, these are the depts that submissions can be made to
+  	id  	int(10)  	 	  	No  	 	auto_increment
+	name 	varchar(255) 	utf8_general_ci 		No 			
+	address 	varchar(255) 	utf8_general_ci 		Yes 	NULL 		
+	sup_app_url 	varchar(255) 	utf8_general_ci 		Yes 	NULL 		
+
+####education
+####0 or more education records are made for each application
+  	id  	int(10)  	 	  	No  	 	auto_increment
+	application_id 	int(10) 			No 			
+	name 	varchar(255) 	utf8_general_ci 		No 			
+	frommonth 	varchar(10) 	utf8_general_ci 		Yes 	NULL 		
+	fromyear 	varchar(10) 	utf8_general_ci 		Yes 	NULL 		
+	tomonth 	varchar(10) 	utf8_general_ci 		Yes 	NULL 		
+	toyear 	varchar(10) 	utf8_general_ci 		Yes 	NULL 		
+	major 	varchar(255) 	utf8_general_ci 		Yes 	NULL 		
+	graduate 	varchar(10) 	utf8_general_ci 		Yes 	NULL 		
+	degree 	varchar(255) 	utf8_general_ci 		Yes 	NULL 		
+
+####employer
+####0 or more previous employer records are made for each application
+  	id  	int(10)  	 	  	No  	 	auto_increment
+	application_id 	int(10) 			No 			
+	name 	varchar(255) 	utf8_general_ci 		No 			
+	address 	varchar(255) 	utf8_general_ci 		Yes 	NULL 		
+	city 	varchar(255) 	utf8_general_ci 		Yes 	NULL 		
+	state 	varchar(255) 	utf8_general_ci 		Yes 	NULL 		
+	zip 	varchar(255) 	utf8_general_ci 		Yes 	NULL 		
+	supervisor 	varchar(255) 	utf8_general_ci 		Yes 	NULL 		
+	phone 	varchar(255) 	utf8_general_ci 		Yes 	NULL 		
+	frommonth 	varchar(10) 	utf8_general_ci 		Yes 	NULL 		
+	fromyear 	varchar(10) 	utf8_general_ci 		Yes 	NULL 		
+	tomonth 	varchar(10) 	utf8_general_ci 		Yes 	NULL 		
+	toyear 	varchar(10) 	utf8_general_ci 		Yes 	NULL 		
+	hoursweek 	varchar(255) 	utf8_general_ci 		Yes 	NULL 		
+	title 	varchar(255) 	utf8_general_ci 		Yes 	NULL 		
+	duties 	longtext 	utf8_general_ci 		Yes 	NULL 		
+	salary 	varchar(255) 	utf8_general_ci 		Yes 	NULL 		
+
+####submissions
+####these are the actual submissions for consideration made to the departments
+  	id  	int(10)  	 	  	No  	 	auto_increment
+	username 	varchar(255) 	utf8_general_ci 		No 			
+	application_id 	int(10) 			No 			
+	department_id 	int(10) 			No 			
+	positionappliedfor 	varchar(255) 	utf8_general_ci 		Yes 	NULL 		
+	timestamp 	timestamp 			No 	CURRENT_TIMESTAMP 		
+	resume_id 	int(10) 			No 			
+	cover_id 	int(10) 			No 			
+	
+####uploads
+####file uploads: resumes and cover letters
+  	id  	int(10)  	 	  	No  	 	auto_increment
+	username 	varchar(255) 	utf8_general_ci 		No 			
+	showflag 	tinyint(4) 			No 			
+	kind 	varchar(20) 	utf8_general_ci 		No 			
+	name 	varchar(255) 	utf8_general_ci 		No 			
+	type 	varchar(255) 	utf8_general_ci 		No 			
+	size 	int(10) 			No 			
+	content 	longblob 		BINARY 	No 			
\ No newline at end of file
--- a/app.php
+++ b/app.php
--- a/config.inc.php
+++ b/config.inc.php
+<?php
+	$GLOBALS['mysql_host']   = 'localhost';
+	$GLOBALS['mysql_db']     = 'studentjobs';
+	$GLOBALS['mysql_user'] 	 = 'root';
+	$GLOBALS['mysql_passwd'] = 'ertyu9';
+	$GLOBALS['mysql_prefix'] = '';
+
+	$site_url = 'http://ucommxsrv1.unl.edu/studentjobs/';
+	$contact_person = 'Eric Rasmussen';
+	$contact_email = 'erasmussen2@unl.edu';
+	$contact_phone = '472-2667'; 
+
+?>
\ No newline at end of file
--- a/config.inc.sample.php
+++ b/config.inc.sample.php
+<?php
+	$GLOBALS['mysql_host']   = 'localhost';
+	$GLOBALS['mysql_db']     = 'studentjobs';
+	$GLOBALS['mysql_user'] 	 = 'USERNAME';
+	$GLOBALS['mysql_passwd'] = 'PASSWORD';
+	$GLOBALS['mysql_prefix'] = '';
+	
+	$site_url = 'http://example.com/studentjobs/';
+	$contact_person = 'TECHCONTACT NAME';
+	$contact_email = 'TECHCONTACT@example.com';
+	$contact_phone = '555-0199'; 
+	
+?>
\ No newline at end of file
--- a/download.php
+++ b/download.php
+<?php 
+	#include our functions and vars
+	require_once('functions.inc.php');	
+	
+	
+	#SimpleCAS http://code.google.com/p/simplecas/
+	require_once 'UNL/Auth.php';
+	$cas_client = UNL_Auth::factory('SimpleCAS');
+	
+	if (isset($_GET['login'])) {
+	    $cas_client->login();
+	}
+	
+	if (isset($_GET['logout'])) {
+	    header("Location: main.php?logout"); 
+		exit();
+	}
+	if($cas_client->isLoggedIn()){	
+		$current_user = $cas_client->getUser();
+		
+	}
+?>
+
+<?php	
+	if(isset($_GET['id']) && $cas_client->isLoggedIn()) {
+		$id = $_GET['id'];
+		if(!is_numeric($id)){
+			header("Location: main.php");
+			exit();
+		}
+		
+		$allowed = false;
+		
+		
+		//First check to see if logged in user owns the file
+		$query = "SELECT username FROM uploads WHERE id = $id";
+		$result = mysql_query($query);		
+		$row = mysql_fetch_array($result);
+		if($row['username'] == $current_user)
+			$allowed=true;
+			
+		//Second check to see if logged in user is an authorized viewer for a department that this document was submitted to as part of the app
+		else{
+			$query = "SELECT department_id FROM contacts WHERE username = '$current_user'";
+			$result = mysql_query($query);		
+			while($row = mysql_fetch_array($result)){
+				$dept_id = $row['department_id'];
+				$query = "SELECT resume_id,cover_id FROM submissions WHERE department_id = $dept_id";
+				$result1 = mysql_query($query);		
+				while($row1 = mysql_fetch_array($result1)){
+					if($row1['cover_id'] == $id || $row1['resume_id'] == $id)
+						$allowed = true;
+				}
+			}
+		} 
+		
+		//We've finished checking cases where a user can download a file, now proceed if the logged in user is allowed
+		if($allowed){
+			$query = "SELECT name, type, size, content FROM uploads WHERE id = $id";
+			$result = mysql_query($query);
+			list($name, $type, $size, $content) = mysql_fetch_array($result);
+			
+			$name = str_replace(" ", "_", $name);
+			
+			header("Content-length: $size");
+			header("Content-type: $type");
+			header("Content-Disposition: attachment; filename=$name");
+			echo $content;
+			exit();
+		}
+	}
+	
+	//this will only occur if the user is not logged in or is unauthorized to view this file
+	header("Location: main.php");
+	exit();
+	
+?>
\ No newline at end of file
--- a/functions.inc.php
+++ b/functions.inc.php
--- a/images/+.png
+++ b/images/+.png
--- a/images/1.png
+++ b/images/1.png
--- a/images/2.png
+++ b/images/2.png
--- a/images/3.png
+++ b/images/3.png
--- a/images/4.png
+++ b/images/4.png
--- a/images/Accept.png
+++ b/images/Accept.png
--- a/images/Alert.png
+++ b/images/Alert.png
--- a/images/ArrowRight_48.png
+++ b/images/ArrowRight_48.png
--- a/images/Delete.png
+++ b/images/Delete.png
--- a/images/StopSign.png
+++ b/images/StopSign.png
--- a/images/information.png
+++ b/images/information.png
--- a/images/numbers.psd
+++ b/images/numbers.psd