diff --git a/.buildpath b/.buildpath new file mode 100644 index 0000000000000000000000000000000000000000..8bcb4b5fd612e3ad55fb07e4bed087c55afd0861 --- /dev/null +++ b/.buildpath @@ -0,0 +1,5 @@ +<?xml version="1.0" encoding="UTF-8"?> +<buildpath> + <buildpathentry kind="src" path=""/> + <buildpathentry kind="con" path="org.eclipse.php.core.LANGUAGE"/> +</buildpath> diff --git a/.project b/.project new file mode 100644 index 0000000000000000000000000000000000000000..69b35ebbdad33fa27ca4c07721e5a83d0dc890b5 --- /dev/null +++ b/.project @@ -0,0 +1,28 @@ +<?xml version="1.0" encoding="UTF-8"?> +<projectDescription> + <name>UNL_Studentjobs</name> + <comment></comment> + <projects> + </projects> + <buildSpec> + <buildCommand> + <name>org.eclipse.wst.jsdt.core.javascriptValidator</name> + <arguments> + </arguments> + </buildCommand> + <buildCommand> + <name>org.eclipse.wst.validation.validationbuilder</name> + <arguments> + </arguments> + </buildCommand> + <buildCommand> + <name>org.eclipse.dltk.core.scriptbuilder</name> + <arguments> + </arguments> + </buildCommand> + </buildSpec> + <natures> + <nature>org.eclipse.php.core.PHPNature</nature> + <nature>org.eclipse.wst.jsdt.core.jsNature</nature> + </natures> +</projectDescription> diff --git a/README b/README new file mode 100644 index 0000000000000000000000000000000000000000..276c90b9f8584fe97958dffab938ce2a27af145d --- /dev/null +++ b/README @@ -0,0 +1,92 @@ +database: studentjobs + +####application +####a new row is created for each edit so that previous submissions display the application as it looked at the time of submission + id int(10) No auto_increment + username varchar(255) utf8_general_ci No + firstname varchar(255) utf8_general_ci No + mi varchar(5) utf8_general_ci Yes NULL + lastname varchar(255) utf8_general_ci No + address varchar(255) utf8_general_ci No + city varchar(255) utf8_general_ci No + state varchar(255) utf8_general_ci No + zip varchar(10) utf8_general_ci No + phone varchar(255) utf8_general_ci No + email varchar(255) utf8_general_ci No + misdemeanor varchar(5) utf8_general_ci No + misdetails longtext utf8_general_ci Yes NULL + felony varchar(5) utf8_general_ci No + feldetails longtext utf8_general_ci Yes NULL + courtorder varchar(5) utf8_general_ci No + codetails longtext utf8_general_ci Yes NULL + +####contacts +####users granted permission to view submissions for the appropriate dept + id int(10) No auto_increment + department_id int(10) No + username varchar(255) utf8_general_ci No + name varchar(255) utf8_general_ci No + email varchar(255) utf8_general_ci No + phone varchar(255) utf8_general_ci Yes NULL + +####department +####departments that are part of the system, these are the depts that submissions can be made to + id int(10) No auto_increment + name varchar(255) utf8_general_ci No + address varchar(255) utf8_general_ci Yes NULL + sup_app_url varchar(255) utf8_general_ci Yes NULL + +####education +####0 or more education records are made for each application + id int(10) No auto_increment + application_id int(10) No + name varchar(255) utf8_general_ci No + frommonth varchar(10) utf8_general_ci Yes NULL + fromyear varchar(10) utf8_general_ci Yes NULL + tomonth varchar(10) utf8_general_ci Yes NULL + toyear varchar(10) utf8_general_ci Yes NULL + major varchar(255) utf8_general_ci Yes NULL + graduate varchar(10) utf8_general_ci Yes NULL + degree varchar(255) utf8_general_ci Yes NULL + +####employer +####0 or more previous employer records are made for each application + id int(10) No auto_increment + application_id int(10) No + name varchar(255) utf8_general_ci No + address varchar(255) utf8_general_ci Yes NULL + city varchar(255) utf8_general_ci Yes NULL + state varchar(255) utf8_general_ci Yes NULL + zip varchar(255) utf8_general_ci Yes NULL + supervisor varchar(255) utf8_general_ci Yes NULL + phone varchar(255) utf8_general_ci Yes NULL + frommonth varchar(10) utf8_general_ci Yes NULL + fromyear varchar(10) utf8_general_ci Yes NULL + tomonth varchar(10) utf8_general_ci Yes NULL + toyear varchar(10) utf8_general_ci Yes NULL + hoursweek varchar(255) utf8_general_ci Yes NULL + title varchar(255) utf8_general_ci Yes NULL + duties longtext utf8_general_ci Yes NULL + salary varchar(255) utf8_general_ci Yes NULL + +####submissions +####these are the actual submissions for consideration made to the departments + id int(10) No auto_increment + username varchar(255) utf8_general_ci No + application_id int(10) No + department_id int(10) No + positionappliedfor varchar(255) utf8_general_ci Yes NULL + timestamp timestamp No CURRENT_TIMESTAMP + resume_id int(10) No + cover_id int(10) No + +####uploads +####file uploads: resumes and cover letters + id int(10) No auto_increment + username varchar(255) utf8_general_ci No + showflag tinyint(4) No + kind varchar(20) utf8_general_ci No + name varchar(255) utf8_general_ci No + type varchar(255) utf8_general_ci No + size int(10) No + content longblob BINARY No \ No newline at end of file diff --git a/app.php b/app.php new file mode 100644 index 0000000000000000000000000000000000000000..e83c3047bdc26306f1dfaad2a5bbc7be29975efd --- /dev/null +++ b/app.php @@ -0,0 +1,598 @@ +<?php + #include our functions and vars + require_once('functions.inc.php'); + + + #SimpleCAS http://code.google.com/p/simplecas/ + require_once 'UNL/Auth.php'; + $cas_client = UNL_Auth::factory('SimpleCAS'); + + if (isset($_GET['login'])) { + $cas_client->login(); + } + + if (isset($_GET['logout'])) { + header("Location: main.php?logout"); + exit(); + } + if($cas_client->isLoggedIn()){ + $current_user = $cas_client->getUser(); + + #get the current user's application if it exists + $profile = get_users_profile($current_user); + } +?> + +<?php +#SUBMIT HAS BEEN PRESSED +if (isset($_POST['submit']) && + $_POST['student_firstname'] != '' && + $_POST['student_lastname'] != '' && + $_POST['student_address'] != '' && + $_POST['student_city'] != '' && + $_POST['student_state'] != '' && + $_POST['student_zip'] != '' && + $_POST['student_phone'] != '' && + $_POST['student_email'] != '' && + $_POST['misdemeanor'] != '' && + $_POST['felony'] != '' && + $_POST['courtorder'] != '') +{ + /* + * General Information + */ + $appID = add_application( $current_user, + $_POST['student_firstname'],$_POST['student_mi'],$_POST['student_lastname'], + $_POST['student_address'],$_POST['student_city'],$_POST['student_state'],$_POST['student_zip'], + $_POST['student_phone'],$_POST['student_email'], + $_POST['misdemeanor'],$_POST['misdetails'], + $_POST['felony'],$_POST['feldetails'], + $_POST['courtorder'],$_POST['codetails']); + + + + /* + * Employers + */ + foreach ($_POST['employer_name'] as $key => $value) { + //only start to do this if they've entered an employer, some students might not have one to enter + if($value != ""){ + add_employer( $appID, + $_POST['employer_name'][$key],$_POST['employer_address'][$key],$_POST['employer_city'][$key],$_POST['employer_state'][$key],$_POST['employer_zip'][$key], + $_POST['employer_supervisor'][$key],$_POST['employer_phone'][$key], + $_POST['employer_fromyear'][$key],$_POST['employer_frommonth'][$key],$_POST['employer_toyear'][$key],$_POST['employer_tomonth'][$key], + $_POST['employer_hoursweek'][$key],$_POST['employer_title'][$key],$_POST['employer_duties'][$key],$_POST['employer_salary'][$key] ); + } + } + + + + /* + * Schools + */ + foreach ($_POST['education_name'] as $key => $value) { + //only start to do this if they've entered an education, some students might not have one to enter + if($value != ""){ + add_education( $appID, + $_POST['education_name'][$key],$_POST['education_fromyear'][$key],$_POST['education_frommonth'][$key], + $_POST['education_toyear'][$key],$_POST['education_tomonth'][$key], + $_POST['education_major'][$key],$_POST['education_graduate'][$key],$_POST['education_degree'][$key] ); + } + } + + + + if(!$profile){ + $msg = "Successfully created your application!" ; + header("Location: main.php?msg=$msg&success"); + exit(); + }else{ + $msg = "Successfully edited your application!" ; + header("Location: main.php?msg=$msg&success"); + exit(); + } + +} +?> + + +<?php +require_once 'UNL/Templates.php'; + +UNL_Templates::$options['version'] = 3; +$page = UNL_Templates::factory('Document'); + +$page->navlinks = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/navigation.html')); +$page->breadcrumbs = "<!-- WDN: see glossary item \'breadcrumbs\' --> <ul> <li class=\"first\"><a href=\"http://www.unl.edu/\">UNL</a></li> <li><a href=\"".$site_url."\">Student Jobs Application</a></li> <li>Your Application</li></ul>"; +$page->doctitle = '<title>UNL | Student Jobs | Your Application</title>'; +$page->head = ' +<script type="text/javascript"> + +WDN.jQuery(document).ready(function(){ + + var employer_content = \''.str_replace("\n", "", displayEmployerForm()).'\'; + WDN.jQuery("#wantmoreemployer").click(function(){ + WDN.jQuery("#employerinfo").append(employer_content); + WDN.jQuery("#employerinfo fieldset:last-child").hide().fadeIn(1400); + }); + + var education_content = \''.str_replace("\n", "", displayEducationForm()).'\'; + WDN.jQuery("#wantmoreeducation").click(function(){ + WDN.jQuery("#educationinfo").append(education_content); + WDN.jQuery("#educationinfo fieldset:last-child").hide().fadeIn(1400); + }); + +}); + +</script> + +'; +$page->addStyleSheet($site_url.'style.css'); +$page->addStyleSheet('/wdn/templates_3.0/css/content/forms.css'); + +$page->titlegraphic = '<h1>Student Jobs</h1>'; +$page->pagetitle = '<h2>Your Application</h2>'; +$page->maincontentarea = ''; + + +//if they are logged in and have not created an application yet +if ( $cas_client->isLoggedIn() ) { + + + $page->maincontentarea .= '<div class="three_col left">'; + + if (isset($_POST['submit'])){ + if ($_POST['student_firstname'] == '') + $page->maincontentarea .= '<h3 class="warn">First Name cannot be blank</h3>'; + if ($_POST['student_lastname'] == '') + $page->maincontentarea .= '<h3 class="warn">Last Name cannot be blank</h3>'; + if ($_POST['student_address'] == '') + $page->maincontentarea .= '<h3 class="warn">Your Address cannot be blank</h3>'; + if ($_POST['student_city'] == '') + $page->maincontentarea .= '<h3 class="warn">Your City cannot be blank</h3>'; + if ($_POST['student_state'] == '') + $page->maincontentarea .= '<h3 class="warn">Your State cannot be blank</h3>'; + if ($_POST['student_zip'] == '') + $page->maincontentarea .= '<h3 class="warn">Your Zip cannot be blank</h3>'; + if ($_POST['student_phone'] == '') + $page->maincontentarea .= '<h3 class="warn">Your Phone cannot be blank</h3>'; + if ($_POST['student_email'] == '') + $page->maincontentarea .= '<h3 class="warn">Your Email cannot be blank</h3>'; + if ($_POST['misdemeanor'] == '' || $_POST['felony'] == '' || $_POST['courtorder'] == '' ) + $page->maincontentarea .= '<h3 class="warn">Must check "Yes" or "No" on questions related to criminal background.</h3>'; + } + + $page->maincontentarea .= ' + +<form class="cool" method="post" name="add" action="" enctype="multipart/form-data"> + <input type="hidden" name="MAX_FILE_SIZE" value="'.$size_bytes.'" /> + +<div class="two_col left"> + <p class="largertext"> + Filling out this application only saves it to your profile.<br /> + Saving it does not submit it to any employers.<br /> + You will choose departments to submit it to on the main page. + </p> +</div> + +<div class="col right"> + <p class="required">Indicates a required field.</p> +</div> + +<div class="clear"></div> + +<fieldset> +<legend>General Information</legend> +<ol> + <li> + <label class="element">My.UNL Username</label> + <div class="element" style="margin-top:10px"> + '.$current_user.' + </div> + </li> + <li class="required"> + <label class="element">First Name</label> + <div class="element"> + <input type="text" class="general-textarea" name="student_firstname" value="'.( isset($_POST['submit']) ? htmlentities($_POST['student_firstname'], ENT_QUOTES) : $profile['firstname']).'" /> + </div> + </li> + <li> + <label class="element">M.I.</label> + <div class="element"> + <input type="text" class="general-textarea" name="student_mi" value="'.( isset($_POST['submit']) ? htmlentities($_POST['student_mi'], ENT_QUOTES) : $profile['mi']).'" /> + </div> + </li> + <li class="required"> + <label class="element">Last Name</label> + <div class="element"> + <input type="text" class="general-textarea" name="student_lastname" value="'.( isset($_POST['submit']) ? htmlentities($_POST['student_lastname'], ENT_QUOTES) : $profile['lastname']).'" /> + </div> + </li> +</ol> +<ol> + <li class="required"> + <label class="element">Street Address</label> + <div class="element"> + <input type="text" class="general-textarea" name="student_address" value="'.( isset($_POST['submit']) ? htmlentities($_POST['student_address'], ENT_QUOTES) : $profile['address']).'" /> + </div> + </li> + <li class="required"> + <label class="element">City</label> + <div class="element"> + <input type="text" class="general-textarea" name="student_city" value="'.( isset($_POST['submit']) ? htmlentities($_POST['student_city'], ENT_QUOTES) : $profile['city']).'" /> + </div> + </li> + <li class="required"> + <label class="element">State</label> + <div class="element"> + <select name="student_state"> + <option value=""></option> + <option value="AL" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"AL") : sel($profile['state'],"AL")).'>Alabama</option> + <option value="AK" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"AK") : sel($profile['state'],"AK")).'>Alaska</option> + <option value="AZ" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"AZ") : sel($profile['state'],"AZ")).'>Arizona</option> + <option value="AR" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"AR") : sel($profile['state'],"AR")).'>Arkansas</option> + <option value="CA" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"CA") : sel($profile['state'],"CA")).'>California</option> + <option value="CO" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"CO") : sel($profile['state'],"CO")).'>Colorado</option> + <option value="CT" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"CT") : sel($profile['state'],"CT")).'>Connecticut</option> + <option value="DE" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"DE") : sel($profile['state'],"DE")).'>Delaware</option> + <option value="DC" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"DC") : sel($profile['state'],"DC")).'>District of Columbia</option> + <option value="FL" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"FL") : sel($profile['state'],"FL")).'>Florida</option> + <option value="GA" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"GA") : sel($profile['state'],"GA")).'>Georgia</option> + <option value="HI" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"HI") : sel($profile['state'],"HI")).'>Hawaii</option> + <option value="ID" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"ID") : sel($profile['state'],"ID")).'>Idaho</option> + <option value="IL" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"IL") : sel($profile['state'],"IL")).'>Illinois</option> + <option value="IN" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"IN") : sel($profile['state'],"IN")).'>Indiana</option> + <option value="IA" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"IA") : sel($profile['state'],"IA")).'>Iowa</option> + <option value="KS" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"KS") : sel($profile['state'],"KS")).'>Kansas</option> + <option value="KY" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"KY") : sel($profile['state'],"KY")).'>Kentucky</option> + <option value="LA" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"LA") : sel($profile['state'],"LA")).'>Louisiana</option> + <option value="ME" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"ME") : sel($profile['state'],"ME")).'>Maine</option> + <option value="MD" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"MD") : sel($profile['state'],"MD")).'>Maryland</option> + <option value="MA" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"MA") : sel($profile['state'],"MA")).'>Massachusetts</option> + <option value="MI" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"MI") : sel($profile['state'],"MI")).'>Michigan</option> + <option value="MN" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"MN") : sel($profile['state'],"MN")).'>Minnesota</option> + <option value="MS" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"MS") : sel($profile['state'],"MS")).'>Mississippi</option> + <option value="MO" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"MO") : sel($profile['state'],"MO")).'>Missouri</option> + <option value="MT" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"MT") : sel($profile['state'],"MT")).'>Montana</option> + <option value="NE" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"NE") : sel($profile['state'],"NE")).'>Nebraska</option> + <option value="NV" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"NV") : sel($profile['state'],"NV")).'>Nevada</option> + <option value="NH" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"NH") : sel($profile['state'],"NH")).'>New Hampshire</option> + <option value="NJ" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"NJ") : sel($profile['state'],"NJ")).'>New Jersey</option> + <option value="NM" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"NM") : sel($profile['state'],"NM")).'>New Mexico</option> + <option value="NY" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"NY") : sel($profile['state'],"NY")).'>New York</option> + <option value="NC" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"NC") : sel($profile['state'],"NC")).'>North Carolina</option> + <option value="ND" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"ND") : sel($profile['state'],"ND")).'>North Dakota</option> + <option value="OH" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"OH") : sel($profile['state'],"OH")).'>Ohio</option> + <option value="OK" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"OK") : sel($profile['state'],"OK")).'>Oklahoma</option> + <option value="OR" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"OR") : sel($profile['state'],"OR")).'>Oregon</option> + <option value="PA" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"PA") : sel($profile['state'],"PA")).'>Pennsylvania</option> + <option value="RI" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"RI") : sel($profile['state'],"RI")).'>Rhode Island</option> + <option value="SC" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"SC") : sel($profile['state'],"SC")).'>South Carolina</option> + <option value="SD" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"SD") : sel($profile['state'],"SD")).'>South Dakota</option> + <option value="TN" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"TN") : sel($profile['state'],"TN")).'>Tennessee</option> + <option value="TX" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"TX") : sel($profile['state'],"TX")).'>Texas</option> + <option value="UT" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"UT") : sel($profile['state'],"UT")).'>Utah</option> + <option value="VT" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"VT") : sel($profile['state'],"VT")).'>Vermont</option> + <option value="VA" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"VA") : sel($profile['state'],"VA")).'>Virginia</option> + <option value="WA" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"WA") : sel($profile['state'],"WA")).'>Washington</option> + <option value="WV" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"WV") : sel($profile['state'],"WV")).'>West Virginia</option> + <option value="WI" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"WI") : sel($profile['state'],"WI")).'>Wisconsin</option> + <option value="WY" '.( isset($_POST['submit']) ? sel($_POST['student_state'],"WY") : sel($profile['state'],"WY")).'>Wyoming</option> + </select> + </div> + </li> + <li class="required"> + <label class="element">Zip Code</label> + <div class="element"> + <input type="text" class="general-textarea" name="student_zip" value="'.( isset($_POST['submit']) ? htmlentities($_POST['student_zip'], ENT_QUOTES) : $profile['zip']).'" /> + </div> + </li> +</ol> +<ol> + <li class="required"> + <label class="element">Phone Number</label> + <div class="element"> + <input type="text" class="general-textarea" name="student_phone" value="'.( isset($_POST['submit']) ? htmlentities($_POST['student_phone'], ENT_QUOTES) : $profile['phone']).'" /> + </div> + </li> + <li class="required"> + <label class="element">Email</label> + <div class="element"> + <input type="text" class="general-textarea" name="student_email" value="'.( isset($_POST['submit']) ? htmlentities($_POST['student_email'], ENT_QUOTES) : $profile['email']).'" /> + </div> + </li> + +</ol> +</fieldset> + + + + + + + + + + + + + + + +<div id="employerinfo" class="clear"> + + <h4 class="sec_header">Previous Employment</h4> + <p> + Include U.S. Armed Forces and Volunteer experiences.<br /> + Resumes are accepted (see link on main page to upload) but may <strong>not</strong> be substituted for the following information.<br /> + We will conduct references with previous employers. + </p> + '; + if(isset($_POST['submit'])) { + foreach ($_POST['employer_name'] as $key => $value) { + if($value != ""){ + $page->maincontentarea .= displayEmployerForm( htmlentities($_POST['employer_name'][$key], ENT_QUOTES), + htmlentities($_POST['employer_address'][$key], ENT_QUOTES), + htmlentities($_POST['employer_city'][$key], ENT_QUOTES), + htmlentities($_POST['employer_state'][$key], ENT_QUOTES), + htmlentities($_POST['employer_zip'][$key], ENT_QUOTES), + htmlentities($_POST['employer_supervisor'][$key], ENT_QUOTES), + htmlentities($_POST['employer_phone'][$key], ENT_QUOTES), + htmlentities($_POST['employer_fromyear'][$key], ENT_QUOTES), + htmlentities($_POST['employer_frommonth'][$key], ENT_QUOTES), + htmlentities($_POST['employer_toyear'][$key], ENT_QUOTES), + htmlentities($_POST['employer_tomonth'][$key], ENT_QUOTES), + htmlentities($_POST['employer_hoursweek'][$key], ENT_QUOTES), + htmlentities($_POST['employer_title'][$key], ENT_QUOTES), + htmlentities($_POST['employer_duties'][$key], ENT_QUOTES), + htmlentities($_POST['employer_salary'][$key], ENT_QUOTES) + ); + $wehavedisplayedaform = true; + } + } + if($wehavedisplayedaform==false) + $page->maincontentarea .= displayEmployerForm(); + }else { + $query = "SELECT * FROM employer WHERE application_id = '" . $profile['id'] . "'"; + $result = mysql_query($query); + + //this case submit has not been pressed and there are no employers in the DB for this user + if (mysql_num_rows($result) == 0) + $page->maincontentarea .= displayEmployerForm(); + //pull the employers out of the DB for this student and display each one + else { + while($row=mysql_fetch_array($result)){ + $page->maincontentarea .= displayEmployerForm( $row['name'], + $row['address'], + $row['city'], + $row['state'], + $row['zip'], + $row['supervisor'], + $row['phone'], + $row['fromyear'], + $row['frommonth'], + $row['toyear'], + $row['tomonth'], + $row['hoursweek'], + $row['title'], + $row['duties'], + $row['salary'] + ); + } + } + } + + $page->maincontentarea .= ' +</div> +<div class="clear"> + <h3 id="wantmoreemployer" class="wantmore">Click Here to Add Another Employer</h3> +</div> + + + + + + + + + + + + + + + + + + + + + + + + + +<div id="educationinfo" class="clear"> + + <h4 class="sec_header">Education Information</h4> + <p> + List post-secondary (post-high school) schools attended.<br /> + List your work at UNL, other Universities attended, and any Graduate, Professional, Business, Technical or Military school work. + </p> + '; + if(isset($_POST['submit'])) { + foreach ($_POST['education_name'] as $key => $value) { + if($value != ""){ + $page->maincontentarea .= displayEducationForm( htmlentities($_POST['education_name'][$key], ENT_QUOTES), + htmlentities($_POST['education_fromyear'][$key], ENT_QUOTES), + htmlentities($_POST['education_frommonth'][$key], ENT_QUOTES), + htmlentities($_POST['education_toyear'][$key], ENT_QUOTES), + htmlentities($_POST['education_tomonth'][$key], ENT_QUOTES), + htmlentities($_POST['education_major'][$key], ENT_QUOTES), + htmlentities($_POST['education_graduate'][$key], ENT_QUOTES), + htmlentities($_POST['education_degree'][$key], ENT_QUOTES) + ); + }else{ + $page->maincontentarea .= displayEducationForm(); + } + } + }else { + $query = "SELECT * FROM education WHERE application_id = '" . $profile['id'] . "'"; + $result = mysql_query($query); + + //this case submit has not been pressed and there are no employers in the DB for this user + if (mysql_num_rows($result) == 0) + $page->maincontentarea .= displayEducationForm(); + //pull the employers out of the DB for this student and display each one + else { + while($row=mysql_fetch_array($result)){ + $page->maincontentarea .= displayEducationForm( $row['name'], + $row['fromyear'], + $row['frommonth'], + $row['toyear'], + $row['tomonth'], + $row['major'], + $row['graduate'], + $row['degree'] + ); + } + } + } + + $page->maincontentarea .= ' +</div> +<div class="clear"> + <h3 id="wantmoreeducation" class="wantmore">Click Here to Add Another School</h3> +</div> + + + + + + + + + + + + + + + +<fieldset> +<legend>Additional Information</legend> +<ol> + <li class="required"> + <p> + Have you ever been convicted of or pled guilty to a <strong>misdemeanor</strong>? + </p> + <label class="element"></label> + <div class="element"> + <input type="radio" name="misdemeanor" value="yes" '.( isset($_POST['submit']) ? sel($_POST['misdemeanor'],"yes",true) : sel($profile['misdemeanor'],"yes",true)).' /> Yes + + <input type="radio" name="misdemeanor" value="no" '.( isset($_POST['submit']) ? sel($_POST['misdemeanor'],"no",true) : sel($profile['misdemeanor'],"no",true)).' /> No + </div> + </li> + + <li> + <p> + If yes, please explain: Date(s), County, Country, State offense occurred in, and Violation(s): + </p> + <label class="element"></label> + <div class="element"> + <textarea cols="80" rows="3" name="misdetails">'.( isset($_POST['submit']) ? htmlentities($_POST['misdetails'], ENT_QUOTES) : $profile['misdetails']).'</textarea> + </div> + </li> + + <li class="required"> + <p> + Have you ever been convicted of or pled guilty to a <strong>felony</strong>? + </p> + <label class="element"></label> + <div class="element"> + <input type="radio" name="felony" value="yes" '.( isset($_POST['submit']) ? sel($_POST['felony'],"yes",true) : sel($profile['felony'],"yes",true)).' /> Yes + + <input type="radio" name="felony" value="no" '.( isset($_POST['submit']) ? sel($_POST['felony'],"no",true) : sel($profile['felony'],"no",true)).' /> No + </div> + </li> + + <li> + <p> + If yes, please explain: Date(s), County, Country, State offense occurred in, and Violation(s): + </p> + <label class="element"></label> + <div class="element"> + <textarea cols="80" rows="3" name="feldetails">'.( isset($_POST['submit']) ? htmlentities($_POST['feldetails'], ENT_QUOTES) : $profile['feldetails']).'</textarea> + </div> + </li> + + <li class="required"> + <p> + Are you subject to a court order? + </p> + <label class="element"></label> + <div class="element"> + <input type="radio" name="courtorder" value="yes" '.( isset($_POST['submit']) ? sel($_POST['courtorder'],"yes",true) : sel($profile['courtorder'],"yes",true)).' /> Yes + + <input type="radio" name="courtorder" value="no" '.( isset($_POST['submit']) ? sel($_POST['courtorder'],"no",true) : sel($profile['courtorder'],"no",true)).' /> No + </div> + </li> + + <li> + <p> + If yes, please explain: Date(s), County, Country, State, and details of the court order: + </p> + <label class="element"></label> + <div class="element"> + <textarea cols="80" rows="3" name="codetails">'.( isset($_POST['submit']) ? htmlentities($_POST['codetails'], ENT_QUOTES) : $profile['codetails']).'</textarea> + </div> + </li> +</ol> +</fieldset> + + + + + + + + + + + + + <p class="submit"> + <input type="submit" value="Save Application" class="submit_button" name="submit"/> + </p> + </form> + '; + + $page->maincontentarea .= '</div> + <div class="col right"> + <h4 class="sec_header">Menu</h4> + <ul class="appli_nav"> + <li><a href="main.php">Home</a></li> + <li><a href="resume.php">Edit Resume</a></li> + <li><a href="main.php?logout">Logout</a></li> + </ul> + </div> + '; + + +//if they are not logged in +}else { + header("Location: main.php"); + exit(); +} + + + + + +$page->leftcollinks = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/relatedLinks.html')); +$page->contactinfo = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/footerContactInfo.html')); + +$page->footercontent = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/footer.html')); + +echo $page; +?> \ No newline at end of file diff --git a/config.inc.php b/config.inc.php new file mode 100644 index 0000000000000000000000000000000000000000..20f7a76e0149325836876660ae9cfb65c363eef7 --- /dev/null +++ b/config.inc.php @@ -0,0 +1,13 @@ +<?php + $GLOBALS['mysql_host'] = 'localhost'; + $GLOBALS['mysql_db'] = 'studentjobs'; + $GLOBALS['mysql_user'] = 'root'; + $GLOBALS['mysql_passwd'] = 'ertyu9'; + $GLOBALS['mysql_prefix'] = ''; + + $site_url = 'http://ucommxsrv1.unl.edu/studentjobs/'; + $contact_person = 'Eric Rasmussen'; + $contact_email = 'erasmussen2@unl.edu'; + $contact_phone = '472-2667'; + +?> \ No newline at end of file diff --git a/config.inc.sample.php b/config.inc.sample.php new file mode 100644 index 0000000000000000000000000000000000000000..68feca01cc21c5c5ae64844e3a683fa751414a43 --- /dev/null +++ b/config.inc.sample.php @@ -0,0 +1,13 @@ +<?php + $GLOBALS['mysql_host'] = 'localhost'; + $GLOBALS['mysql_db'] = 'studentjobs'; + $GLOBALS['mysql_user'] = 'USERNAME'; + $GLOBALS['mysql_passwd'] = 'PASSWORD'; + $GLOBALS['mysql_prefix'] = ''; + + $site_url = 'http://example.com/studentjobs/'; + $contact_person = 'TECHCONTACT NAME'; + $contact_email = 'TECHCONTACT@example.com'; + $contact_phone = '555-0199'; + +?> \ No newline at end of file diff --git a/download.php b/download.php new file mode 100644 index 0000000000000000000000000000000000000000..1449c1849a77d740f7509b974e5fa65fad73635d --- /dev/null +++ b/download.php @@ -0,0 +1,77 @@ +<?php + #include our functions and vars + require_once('functions.inc.php'); + + + #SimpleCAS http://code.google.com/p/simplecas/ + require_once 'UNL/Auth.php'; + $cas_client = UNL_Auth::factory('SimpleCAS'); + + if (isset($_GET['login'])) { + $cas_client->login(); + } + + if (isset($_GET['logout'])) { + header("Location: main.php?logout"); + exit(); + } + if($cas_client->isLoggedIn()){ + $current_user = $cas_client->getUser(); + + } +?> + +<?php + if(isset($_GET['id']) && $cas_client->isLoggedIn()) { + $id = $_GET['id']; + if(!is_numeric($id)){ + header("Location: main.php"); + exit(); + } + + $allowed = false; + + + //First check to see if logged in user owns the file + $query = "SELECT username FROM uploads WHERE id = $id"; + $result = mysql_query($query); + $row = mysql_fetch_array($result); + if($row['username'] == $current_user) + $allowed=true; + + //Second check to see if logged in user is an authorized viewer for a department that this document was submitted to as part of the app + else{ + $query = "SELECT department_id FROM contacts WHERE username = '$current_user'"; + $result = mysql_query($query); + while($row = mysql_fetch_array($result)){ + $dept_id = $row['department_id']; + $query = "SELECT resume_id,cover_id FROM submissions WHERE department_id = $dept_id"; + $result1 = mysql_query($query); + while($row1 = mysql_fetch_array($result1)){ + if($row1['cover_id'] == $id || $row1['resume_id'] == $id) + $allowed = true; + } + } + } + + //We've finished checking cases where a user can download a file, now proceed if the logged in user is allowed + if($allowed){ + $query = "SELECT name, type, size, content FROM uploads WHERE id = $id"; + $result = mysql_query($query); + list($name, $type, $size, $content) = mysql_fetch_array($result); + + $name = str_replace(" ", "_", $name); + + header("Content-length: $size"); + header("Content-type: $type"); + header("Content-Disposition: attachment; filename=$name"); + echo $content; + exit(); + } + } + + //this will only occur if the user is not logged in or is unauthorized to view this file + header("Location: main.php"); + exit(); + +?> \ No newline at end of file diff --git a/functions.inc.php b/functions.inc.php new file mode 100644 index 0000000000000000000000000000000000000000..9de8aed02e599bcd8c699533acc1a057625f9f8c --- /dev/null +++ b/functions.inc.php @@ -0,0 +1,648 @@ +<?php +require_once('config.inc.php'); +/* connect to mysql database */ +mysql_connect($GLOBALS['mysql_host'], $GLOBALS['mysql_user'], $GLOBALS['mysql_passwd']); +mysql_select_db($GLOBALS['mysql_db']); + +/* THE FOLLOWING ARE VARIABLE NEEDED FOR FILE UPLOADS */ +//the file size in bytes. +$size_bytes = 1048576; // 1 MB +//Extensions you want files uploaded limited to. +$limitedext = array(".pdf",".doc",".docx",".txt"); + + + + +/* + * sanitize: escapes strings to make them SQL safe + * returns sanitized string + */ +function sanitize($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") +{ + $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; + + $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); + + switch ($theType) { + case "text": + $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; + break; + case "long": + case "int": + $theValue = ($theValue != "") ? intval($theValue) : "NULL"; + break; + case "double": + $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL"; + break; + case "date": + $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; + break; + case "defined": + $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; + break; + } + return $theValue; +} + + + +/* + * add_application: adds the student to the "student" table with his/her general info + * returns: id of that record for use in the other tables for education, employment, etc + */ +function add_application( $username, + $student_firstname, + $student_mi, + $student_lastname, + $student_address, + $student_city, + $student_state, + $student_zip, + $student_phone, + $student_email, + $misdemeanor, + $misdetails, + $felony, + $feldetails, + $courtorder, + $codetails) +{ + $username = sanitize($username, "text"); + $student_firstname = sanitize($student_firstname, "text"); + $student_mi = sanitize($student_mi, "text"); + $student_lastname = sanitize($student_lastname, "text"); + $student_address = sanitize($student_address, "text"); + $student_city = sanitize($student_city, "text"); + $student_state = sanitize($student_state, "text"); + $student_zip = sanitize($student_zip, "text"); + $student_phone = sanitize($student_phone, "text"); + $student_email = sanitize($student_email, "text"); + $misdemeanor = sanitize($misdemeanor, "text"); + $misdetails = sanitize($misdetails, "text"); + $felony = sanitize($felony, "text"); + $feldetails = sanitize($feldetails, "text"); + $courtorder = sanitize($courtorder, "text"); + $codetails = sanitize($codetails, "text"); + + //add the new student to the database + $query = "INSERT INTO ".$GLOBALS['mysql_prefix']."application (username, + firstname, + mi, + lastname, + address, + city, + state, + zip, + phone, + email, + misdemeanor, + misdetails, + felony, + feldetails, + courtorder, + codetails) VALUES( $username, + $student_firstname, + $student_mi, + $student_lastname, + $student_address, + $student_city, + $student_state, + $student_zip, + $student_phone, + $student_email, + $misdemeanor, + $misdetails, + $felony, + $feldetails, + $courtorder, + $codetails)"; + $result = mysql_query($query); + return mysql_insert_id(); +} + + + +/* + * add_employer: adds one employer record to the employer table + * returns: id of that record + */ +function add_employer( $appID, + $employer_name, + $employer_address, + $employer_city, + $employer_state, + $employer_zip, + $employer_supervisor, + $employer_phone, + $employer_fromyear, + $employer_frommonth, + $employer_toyear, + $employer_tomonth, + $employer_hoursweek, + $employer_title, + $employer_duties, + $employer_salary) +{ + //strip values of unwanted characters + $appID = sanitize($appID, "int"); + $employer_name = sanitize($employer_name, "text"); + $employer_address = sanitize($employer_address, "text"); + $employer_city = sanitize($employer_city, "text"); + $employer_state = sanitize($employer_state, "text"); + $employer_zip = sanitize($employer_zip, "text"); + $employer_supervisor= sanitize($employer_supervisor, "text"); + $employer_phone = sanitize($employer_phone, "text"); + $employer_fromyear = sanitize($employer_fromyear, "text"); + $employer_frommonth = sanitize($employer_frommonth, "text"); + $employer_toyear = sanitize($employer_toyear, "text"); + $employer_tomonth = sanitize($employer_tomonth, "text"); + $employer_hoursweek = sanitize($employer_hoursweek, "text"); + $employer_title = sanitize($employer_title, "text"); + $employer_duties = sanitize($employer_duties, "text"); + $employer_salary = sanitize($employer_salary, "text"); + + //add the new student to the database + $query = "INSERT INTO ".$GLOBALS['mysql_prefix']."employer ( application_id, + name, + address, + city, + state, + zip, + supervisor, + phone, + fromyear, + frommonth, + toyear, + tomonth, + hoursweek, + title, + duties, + salary) VALUES( $appID, + $employer_name, + $employer_address, + $employer_city, + $employer_state, + $employer_zip, + $employer_supervisor, + $employer_phone, + $employer_fromyear, + $employer_frommonth, + $employer_toyear, + $employer_tomonth, + $employer_hoursweek, + $employer_title, + $employer_duties, + $employer_salary)"; + $result = mysql_query($query); + return mysql_insert_id(); +} + + +/* + * add_education: adds one education record to the education table + * returns: id of that record + */ +function add_education( $appID, + $education_name, + $education_fromyear, + $education_frommonth, + $education_toyear, + $education_tomonth, + $education_major, + $education_graduate, + $education_degree) +{ + $appID = sanitize($appID, "int"); + $education_name = sanitize($education_name, "text"); + $education_fromyear = sanitize($education_fromyear, "text"); + $education_frommonth = sanitize($education_frommonth, "text"); + $education_toyear = sanitize($education_toyear, "text"); + $education_tomonth = sanitize($education_tomonth, "text"); + $education_major = sanitize($education_major, "text"); + $education_graduate = sanitize($education_graduate, "text"); + $education_degree = sanitize($education_degree, "text"); + + $query = "INSERT INTO ".$GLOBALS['mysql_prefix']."education ( application_id, + name, + fromyear, + frommonth, + toyear, + tomonth, + major, + graduate, + degree) VALUES( $appID, + $education_name, + $education_fromyear, + $education_frommonth, + $education_toyear, + $education_tomonth, + $education_major, + $education_graduate, + $education_degree)"; + $result = mysql_query($query); + return mysql_insert_id(); +} + + + +/* + * add_submission: creates a new application submission to a department + * returns: id of that record + */ +function add_submission( $username, + $application_id, + $department_id, + $positionappliedfor, + $resume_id, + $cover_id ) +{ + $username = sanitize($username, "text"); + $positionappliedfor = sanitize($positionappliedfor, "text"); + + $query = "INSERT INTO ".$GLOBALS['mysql_prefix']."submissions ( username, + application_id, + department_id, + positionappliedfor, + resume_id, + cover_id ) VALUES( $username, + $application_id, + $department_id, + $positionappliedfor, + $resume_id, + $cover_id)"; + $result = mysql_query($query); + return mysql_insert_id(); +} + +/* + * delete_record: deletes the row with the given ID from the specified TABLE + * returns: true + */ +function delete_record($table,$id) +{ + $query = "DELETE FROM ".$GLOBALS['mysql_prefix'].$table." WHERE id=$id"; + $result = mysql_query($query); + return true; +} + + +/* + * get_users_profile: given a CAS username (sjohnson1) it will return that user's most recent profile application + * returns: row from the application table + */ +function get_users_profile($current_user) +{ + $result = mysql_query("SELECT * FROM application WHERE username='$current_user' ORDER BY id DESC"); + $row=mysql_fetch_array($result); + return $row; +} + + + + +/* display_upload: 1) will display the most recent upload with showflag=1 for the supplied student and kind(resume,cover) + * 2) if the id param is set it will display the upload with that id + * returns html link to download the file + * */ +function display_upload($current_user='', $kind='resume', $id=0) +{ + if ($id > 0){ + $query = "SELECT id, name, type FROM uploads WHERE id = $id "; + $result1 = mysql_query($query); + }else{ + $query = "SELECT id, name, type FROM uploads WHERE kind = '$kind' AND showflag = '1' AND username = '$current_user' ORDER BY id DESC"; + $result1 = mysql_query($query); + } + + if (mysql_num_rows($result1) > 0) { + list($down_id, $name, $type) = mysql_fetch_row($result1); + $type = str_replace(array("/", "."), "-", $type); + $type = str_replace(array("gif","jpeg","png","richtext","plain"), "x-generic", $type); + $type = str_replace(array("application-vnd-openxmlformats-officedocument-wordprocessingml-document"), "application-msword", $type); + global $site_url; + $return = '<a class="'.$type.'" href="'.$site_url.'download.php?id='.$down_id.'">'.substr(substr($name,0,-4),0,35).substr($name,-4).'</a>'; + }else + $return = '[No file submitted]'; + + return $return; +} + + + + + +/* + * sel: determine if selected="selected" should be inserted into a form field, also used for checked="yes" with the third param + * returns html + */ +function sel($var,$string,$checked=false) { + + if($checked){ + if ($var==$string) + return "checked=\"yes\""; + else + return ""; + } + else{ + if ($var==$string) + return "selected=\"selected\""; + else + return ""; + } +} + + + +/* + * displayEmployerForm: outputs the html for one employer for the application page + * returns html + */ +function displayEmployerForm($name="",$address="",$city="",$state="",$zip="",$supervisor="",$phone="",$fromyear="",$frommonth="",$toyear="",$tomonth="",$hoursweek="",$title="",$duties="",$salary="") { + $output = ' + <fieldset> + <legend>Previous Employer</legend> + <ol> + <li> + <label class="element">Employer Name</label> + <div class="element"> + <input type="text" class="general-textarea" name="employer_name[]" value="'.$name.'" /> + </div> + </li> + <li> + <label class="element">Street Address</label> + <div class="element"> + <input type="text" class="general-textarea" name="employer_address[]" value="'.$address.'" /> + </div> + </li> + <li> + <label class="element">City</label> + <div class="element"> + <input type="text" class="general-textarea" name="employer_city[]" value="'.$city.'" /> + </div> + </li> + <li> + <label class="element">State</label> + <div class="element"> + <select name="employer_state[]"> + <option value=""></option> + <option value="AL" '.sel($state,"AL").'>Alabama</option> + <option value="AK" '.sel($state,"AK").'>Alaska</option> + <option value="AZ" '.sel($state,"AZ").'>Arizona</option> + <option value="AR" '.sel($state,"AR").'>Arkansas</option> + <option value="CA" '.sel($state,"CA").'>California</option> + <option value="CO" '.sel($state,"CO").'>Colorado</option> + <option value="CT" '.sel($state,"CT").'>Connecticut</option> + <option value="DE" '.sel($state,"DE").'>Delaware</option> + <option value="DC" '.sel($state,"DC").'>District of Columbia</option> + <option value="FL" '.sel($state,"FL").'>Florida</option> + <option value="GA" '.sel($state,"GA").'>Georgia</option> + <option value="HI" '.sel($state,"HI").'>Hawaii</option> + <option value="ID" '.sel($state,"ID").'>Idaho</option> + <option value="IL" '.sel($state,"IL").'>Illinois</option> + <option value="IN" '.sel($state,"IN").'>Indiana</option> + <option value="IA" '.sel($state,"IA").'>Iowa</option> + <option value="KS" '.sel($state,"KS").'>Kansas</option> + <option value="KY" '.sel($state,"KY").'>Kentucky</option> + <option value="LA" '.sel($state,"LA").'>Louisiana</option> + <option value="ME" '.sel($state,"ME").'>Maine</option> + <option value="MD" '.sel($state,"MD").'>Maryland</option> + <option value="MA" '.sel($state,"MA").'>Massachusetts</option> + <option value="MI" '.sel($state,"MI").'>Michigan</option> + <option value="MN" '.sel($state,"MN").'>Minnesota</option> + <option value="MS" '.sel($state,"MS").'>Mississippi</option> + <option value="MO" '.sel($state,"MO").'>Missouri</option> + <option value="MT" '.sel($state,"MT").'>Montana</option> + <option value="NE" '.sel($state,"NE").'>Nebraska</option> + <option value="NV" '.sel($state,"NV").'>Nevada</option> + <option value="NH" '.sel($state,"NH").'>New Hampshire</option> + <option value="NJ" '.sel($state,"NJ").'>New Jersey</option> + <option value="NM" '.sel($state,"NM").'>New Mexico</option> + <option value="NY" '.sel($state,"NY").'>New York</option> + <option value="NC" '.sel($state,"NC").'>North Carolina</option> + <option value="ND" '.sel($state,"ND").'>North Dakota</option> + <option value="OH" '.sel($state,"OH").'>Ohio</option> + <option value="OK" '.sel($state,"OK").'>Oklahoma</option> + <option value="OR" '.sel($state,"OR").'>Oregon</option> + <option value="PA" '.sel($state,"PA").'>Pennsylvania</option> + <option value="RI" '.sel($state,"RI").'>Rhode Island</option> + <option value="SC" '.sel($state,"SC").'>South Carolina</option> + <option value="SD" '.sel($state,"SD").'>South Dakota</option> + <option value="TN" '.sel($state,"TN").'>Tennessee</option> + <option value="TX" '.sel($state,"TX").'>Texas</option> + <option value="UT" '.sel($state,"UT").'>Utah</option> + <option value="VT" '.sel($state,"VT").'>Vermont</option> + <option value="VA" '.sel($state,"VA").'>Virginia</option> + <option value="WA" '.sel($state,"WA").'>Washington</option> + <option value="WV" '.sel($state,"WV").'>West Virginia</option> + <option value="WI" '.sel($state,"WI").'>Wisconsin</option> + <option value="WY" '.sel($state,"WY").'>Wyoming</option> + </select> + </div> + </li> + <li> + <label class="element">Zip Code</label> + <div class="element"> + <input type="text" class="general-textarea" name="employer_zip[]" value="'.$zip.'" /> + </div> + </li> + </ol> + <ol> + <li> + <label class="element">Immediate Supervisor</label> + <div class="element"> + <input type="text" class="general-textarea" name="employer_supervisor[]" value="'.$supervisor.'" /> + </div> + </li> + <li> + <label class="element">Phone Number</label> + <div class="element"> + <input type="text" class="general-textarea" name="employer_phone[]" value="'.$phone.'" /> + </div> + </li> + + </ol> + + <ol> + <li> + <label class="element">Date Employment Began</label> + <div class="element"> + <select name="employer_fromyear[]"> + <option value="">Year</option> + '; + + for($i=2010;$i>1989;$i--){ + $output .= '<option value="'.$i.'" '.sel($fromyear,$i).'>'.$i.'</option> '; + } + + $output .= ' + </select> + <select name="employer_frommonth[]"> + <option value="">Month</option> + '; + + for($i=1;$i<13;$i++){ + $output .= '<option value="'.$i.'" '.sel($frommonth,$i).'>'.$i.'</option> '; + } + + $output .= ' + </select> + </div> + </li> + + <li> + <label class="element">Date Left (Leave Blank if Still Employed)</label> + <div class="element"> + <select name="employer_toyear[]"> + <option value="">Year</option> + '; + + for($i=2010;$i>1989;$i--){ + $output .= '<option value="'.$i.'" '.sel($toyear,$i).'>'.$i.'</option> '; + } + + $output .= ' + </select> + <select name="employer_tomonth[]"> + <option value="">Month</option> + '; + + for($i=1;$i<13;$i++){ + $output .= '<option value="'.$i.'" '.sel($tomonth,$i).'>'.$i.'</option> '; + } + + $output .= ' + </select> + </div> + </li> + <li> + <label class="element">Hours Per Week</label> + <div class="element"> + <input type="text" class="general-textarea" name="employer_hoursweek[]" value="'.$hoursweek.'" /> + </div> + </li> + </ol> + <ol> + <li> + <label class="element">Your Position Title</label> + <div class="element"> + <input type="text" class="general-textarea" name="employer_title[]" value="'.$title.'" /> + </div> + </li> + <li> + <label class="element">Description of Duties Performed</label> + <div class="element"> + <textarea cols="80" rows="8" name="employer_duties[]">'.$duties.'</textarea> + </div> + </li> + <li> + <label class="element">Ending Salary</label> + <div class="element"> + <input type="text" class="general-textarea" name="employer_salary[]" value="'.$salary.'" /> + </div> + </li> + </ol> + </fieldset> + '; + return $output; +} + +/* + * displayEducationForm: outputs the html for one school for the application page + * returns html + */ +function displayEducationForm($name="",$fromyear="",$frommonth="",$toyear="",$tomonth="",$major="",$graduate="",$degree="") { + $output = ' + <fieldset> + <legend>School Attended</legend> + <p> + List post-secondary (post-high school) schools attended. List your work at UNL, other Universities attended, and any Graduate, Professional, Business, Technical or Military school work. + </p> + <ol> + <li> + <label class="element">School Name</label> + <div class="element"> + <input type="text" class="general-textarea" name="education_name[]" value="'.$name.'" /> + </div> + </li> + <li> + <label class="element">Attended From</label> + <div class="element"> + <select name="education_fromyear[]"> + <option value="">Year</option> + '; + + for($i=2010;$i>1989;$i--){ + $output .= '<option value="'.$i.'" '.sel($fromyear,$i).'>'.$i.'</option> '; + } + + $output .= ' + </select> + <select name="education_frommonth[]"> + <option value="">Month</option> + '; + + for($i=1;$i<13;$i++){ + $output .= '<option value="'.$i.'" '.sel($frommonth,$i).'>'.$i.'</option> '; + } + + $output .= ' + </select> + </div> + </li> + + <li> + <label class="element">To</label> + <div class="element"> + <select name="education_toyear[]"> + <option value="">Year</option> + '; + + for($i=2018;$i>1989;$i--){ + $output .= '<option value="'.$i.'" '.sel($toyear,$i).'>'.$i.'</option> '; + } + + $output .= ' + </select> + <select name="education_tomonth[]"> + <option value="">Month</option> + '; + + for($i=1;$i<13;$i++){ + $output .= '<option value="'.$i.'" '.sel($tomonth,$i).'>'.$i.'</option> '; + } + + $output .= ' + </select> + </div> + </li> + <li> + <label class="element">Major/Primary Field</label> + <div class="element"> + <input type="text" class="general-textarea" name="education_major[]" value="'.$major.'" /> + </div> + </li> + <li> + <label class="element">Did You Graduate?</label> + <div class="element"> + <select name="education_graduate[]"> + <option value=""></option> + <option value="notyet" '.sel($graduate,"notyet").'>Still Attending This School</option> + <option value="yes" '.sel($graduate,"yes").'>Yes</option> + <option value="no" '.sel($graduate,"no").'>No</option> + </select> + </div> + </li> + <li> + <label class="element">Degree Earned</label> + <div class="element"> + <input type="text" class="general-textarea" name="education_degree[]" value="'.$degree.'" /> + </div> + </li> + </ol> + </fieldset> + '; + return $output; +} + + +?> diff --git a/images/+.png b/images/+.png new file mode 100644 index 0000000000000000000000000000000000000000..e165270ea73aaf711829995676ba5a0ae5535acc Binary files /dev/null and b/images/+.png differ diff --git a/images/1.png b/images/1.png new file mode 100644 index 0000000000000000000000000000000000000000..1adcfd9dc323f1879627d8be8099ec52f3b72d22 Binary files /dev/null and b/images/1.png differ diff --git a/images/2.png b/images/2.png new file mode 100644 index 0000000000000000000000000000000000000000..1fa2b8454f2217e4910f5c5617b1c11696e37d03 Binary files /dev/null and b/images/2.png differ diff --git a/images/3.png b/images/3.png new file mode 100644 index 0000000000000000000000000000000000000000..b4c94f48c5868a1d2e6e3e7526a4def367ab7ca7 Binary files /dev/null and b/images/3.png differ diff --git a/images/4.png b/images/4.png new file mode 100644 index 0000000000000000000000000000000000000000..485d64576eaa087e213e656af429832d7eb0b53d Binary files /dev/null and b/images/4.png differ diff --git a/images/Accept.png b/images/Accept.png new file mode 100644 index 0000000000000000000000000000000000000000..f2aa816d147f8cb7a2542568ca48531d8a539955 Binary files /dev/null and b/images/Accept.png differ diff --git a/images/Alert.png b/images/Alert.png new file mode 100644 index 0000000000000000000000000000000000000000..850bfa66bbc724b8f74d641e12aceabecdfacebc Binary files /dev/null and b/images/Alert.png differ diff --git a/images/ArrowRight_48.png b/images/ArrowRight_48.png new file mode 100644 index 0000000000000000000000000000000000000000..38b3a3b3eca2a4d369b0aa4539315449e062b8df Binary files /dev/null and b/images/ArrowRight_48.png differ diff --git a/images/Delete.png b/images/Delete.png new file mode 100755 index 0000000000000000000000000000000000000000..b8755ef9f677a763cb9381e3eb60985a78746455 Binary files /dev/null and b/images/Delete.png differ diff --git a/images/StopSign.png b/images/StopSign.png new file mode 100644 index 0000000000000000000000000000000000000000..13d614935aed40f884729b9c086f669c093f1eb5 Binary files /dev/null and b/images/StopSign.png differ diff --git a/images/information.png b/images/information.png new file mode 100644 index 0000000000000000000000000000000000000000..52ad1ff9606db967693454db0ca121fd62d6927a Binary files /dev/null and b/images/information.png differ diff --git a/images/numbers.psd b/images/numbers.psd new file mode 100644 index 0000000000000000000000000000000000000000..5e5cf7146b2b0a095edec2f4c7b31abc07f934d7 Binary files /dev/null and b/images/numbers.psd differ diff --git a/index.php b/index.php new file mode 100644 index 0000000000000000000000000000000000000000..97ffac45e3dd766e0c2b498371456e04d0474235 --- /dev/null +++ b/index.php @@ -0,0 +1,4 @@ +<?php + header("Location: main.php"); + exit(); +?> diff --git a/main.php b/main.php new file mode 100644 index 0000000000000000000000000000000000000000..842b190d4af2a07aa2c255463a8423d7a7c257b2 --- /dev/null +++ b/main.php @@ -0,0 +1,343 @@ +<?php + #include our functions and vars + require_once('functions.inc.php'); + + + #SimpleCAS http://code.google.com/p/simplecas/ + require_once 'UNL/Auth.php'; + $cas_client = UNL_Auth::factory('SimpleCAS'); + + if (isset($_GET['login'])) { + $cas_client->login(); + } + + if (isset($_GET['logout'])) { + $cas_client->logout(); + } + + if($cas_client->isLoggedIn()){ + $current_user = $cas_client->getUser(); + + #get the current user's mysql record id number from the student table if it exists + $profile = get_users_profile($current_user); + } + + $msg = htmlentities(trim($_GET['msg']), ENT_QUOTES); +?> + + + +<?php +require_once 'UNL/Templates.php'; + +UNL_Templates::$options['version'] = 3; +$page = UNL_Templates::factory('Document'); + +$page->navlinks = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/navigation.html')); +$page->breadcrumbs = "<!-- WDN: see glossary item \'breadcrumbs\' --> <ul> <li class=\"first\"><a href=\"http://www.unl.edu/\">UNL</a></li> <li>Student Jobs Application</li> </ul>"; +$page->doctitle = '<title>UNL | Student Jobs </title>'; +$page->head = ' + + +'; +$page->addStyleSheet($site_url.'style.css'); +$page->addStyleSheet('/wdn/templates_3.0/css/content/forms.css'); + +$page->titlegraphic = '<h1>Student Jobs</h1>'; +if(isset($current_user)) + $page->pagetitle = '<h2>Welcome, '.$current_user.'</h2>'; +else + $page->pagetitle = '<h2>Welcome</h2>'; + + + + + +$page->maincontentarea = '<div class="three_col left">'; + +if ( $cas_client->isLoggedIn() ) { + + if (isset($msg) && $msg !== '' && isset($_GET['success'])) + $page->maincontentarea .= '<h3 class="success">'.$msg.'</h3>'; + else if (isset($msg) && $msg !== '' && !isset($_GET['success'])) + $page->maincontentarea .= '<h3 class="warn">'.$msg.'</h3>'; + + + +$page->maincontentarea .= ' + + <p class="largertext"> + Be sure to visit <a href="http://www.unl.edu/careers/">Career Services</a> for info about <a href="http://www.unl.edu/careers/seic/studentjobs.shtml">Student Job Opportunities</a>. + </p> + <br /> + '; + + + + + if(!isset($profile['id'])){ + $page->maincontentarea .= ' + <div class="wdn_notice mb1" style="cursor:pointer;" onclick="window.open(\'app.php\',\'_self\')"> + <div class="message"> + <h4><a href="app.php">Create Your Application</a></h4> + <p>Fill out your contact, education, and previous employment information.</p> + </div> + </div> + '; + }else{ + $page->maincontentarea .= ' + <div class="wdn_notice mb1" style="cursor:pointer;" onclick="window.open(\'app.php\',\'_self\')"> + <div class="message"> + <h4><a href="app.php">Edit Your Application</a></h4> + <p>You\'ve saved your application, now make changes if needed.</p> + </div> + </div> + '; + } + + + + + + if(!isset($profile['id'])){ + $page->maincontentarea .= ' + <div class="wdn_notice mb2"> + <div class="message"> + <h4>Upload Your Resume</h4> + <p>Optional but recommended: add a resume file to your application.</p> + </div> + </div> + '; + }else{ + $query = "SELECT * FROM ".$GLOBALS['mysql_prefix']."uploads WHERE showflag = '1' AND kind = 'resume' AND username = '$current_user' ORDER BY id DESC"; + $result = mysql_query($query); + + if (mysql_num_rows($result)){ + $page->maincontentarea .= ' + <div class="wdn_notice mb2" style="cursor:pointer;" onclick="window.open(\'resume.php\',\'_self\')"> + <div class="message"> + <h4><a href="resume.php">Edit Your Resume</a></h4> + <p>Upload a new resume to replace your existing one.</p> + </div> + </div> + '; + }else{ + $page->maincontentarea .= ' + <div class="wdn_notice mb2" style="cursor:pointer;" onclick="window.open(\'resume.php\',\'_self\')"> + <div class="message"> + <h4><a href="resume.php">Upload Your Resume</a></h4> + <p>Optional but recommended: add a resume file to your application.</p> + </div> + </div> + '; + } + } + + + + + + if(!isset($profile['id'])){ + $page->maincontentarea .= ' + <div class="wdn_notice mb3"> + <div class="message"> + <h4>Submit It</h4> + <p>Choose a department to submit your application to. You can also attach a cover letter.</p> + </div> + </div> + '; + }else{ + $page->maincontentarea .= ' + <div class="wdn_notice mb3" style="cursor:pointer;" onclick="window.open(\'submit.php\',\'_self\')"> + <div class="message"> + <h4><a href="submit.php">Submit It</a></h4> + <p>Choose a department to submit your application to. You can also attach a cover letter.</p> + </div> + </div> + '; + } + + + + + + + $page->maincontentarea .= ' + <div class="wdn_notice mb4"> + <div class="message"> + <h4>Answer Supplemental Questions</h4> + <p>Some departments may have an additional form with specific questions related to that job. Once you complete step 2, you will be linked to this form if neccessary.</p> + </div> + </div> + <br /><br /> + <h4 class="sec_header">My Submitted Applications</h4> + <table> + '; + + + + $result = mysql_query("SELECT * FROM submissions WHERE username='$current_user' ORDER BY timestamp DESC"); + + if(mysql_num_rows($result) < 1) + $page->maincontentarea .= '<tr><td>You have not submitted an application for consideration yet.</td></tr>'; + + while($row=mysql_fetch_array($result)){ + //get the row from department table with the dept's info that matches who the applicaiton was submitted to + $deptid = $row['department_id']; + $res = mysql_query("SELECT * FROM department WHERE id='$deptid'"); + $row_dept = mysql_fetch_array($res); + + $page->maincontentarea .= ' + <tr> + <td colspan="3">'.$row_dept["name"].'</td> + </tr> + <tr> + <td width="100"> </td> + <td colspan="2">'.$row_dept['address'].'</td> + </tr> + <tr> + <td> </td> + <td width="120">Position:</td> + <td>'.$row['positionappliedfor'].'</td> + </tr> + <tr> + <td> </td> + <td width="120">Application:</td> + <td><a href="view.php?id='.$row['application_id'].'">View</a></td> + </tr> + <tr> + <td> </td> + <td>Resume:</td> + <td>'.display_upload(0,'resume',$row["resume_id"]).'</td> + </tr> + <tr> + <td> </td> + <td>Cover Letter:</td> + <td>'.display_upload(0,'cover',$row["cover_id"]).'</td> + </tr> + <tr> + <td> </td> + <td>Submitted:</td> + <td>'.$row['timestamp'].'</td> + </tr> + '; + } + + + + + + + $page->maincontentarea .= ' + </table> + </div> + <div class="col right"> + <h4 class="sec_header">Menu</h4> + <ul class="appli_nav"> + '; + + + + + + + #This displays a link to manage applications for each department that the logged in user is listed as a contact for in the "contacts" table + $result = mysql_query("SELECT * FROM contacts WHERE username='$current_user'"); + if(mysql_num_rows($result)) + $page->maincontentarea .= 'Applications You Can Review:'; + while($row=mysql_fetch_array($result)){ + $deptid = $row['department_id']; + $res = mysql_query("SELECT * FROM department WHERE id='$deptid'"); + $row_dept = mysql_fetch_array($res); + + $page->maincontentarea .= ' + <li><a href="manage.php?department_id='.$deptid.'">'.$row_dept["name"].' Applications</a></li> + '; + } + if(mysql_num_rows($result)) + $page->maincontentarea .= 'Your Own Student Application:'; + + + + + + + + #the main right hand navigation dependent on whether the user has created an applicaiton yet + if(!isset($profile['id'])){ + $page->maincontentarea .= ' + <li><a href="app.php">Create Application</a></li> + '; + }else{ + $page->maincontentarea .= ' + <li><a href="app.php">Edit Application</a></li> + <li><a href="resume.php">Your Resume</a></li> + <li><a href="submit.php">Submit Application</a></li> + '; + } + + + + + $page->maincontentarea .= ' + <li><a href="main.php?logout">Logout</a></li> + </ul> + </div> + '; + + +}else { + $page->maincontentarea .= ' + <div class="wdn_notice"> + <div class="message" style="background-image:url(images/ArrowRight_48.png)"> + <h4><a href="main.php?login">Login to Get Started</a></h4> + <p>You will need your My.UNL username and password. (This is the same as your Blackboard account.)</p> + </div> + </div> + <div class="wdn_notice mb1"> + <div class="message"> + <h4>Create Your Application</h4> + <p>Fill out your contact, education, and previous employment information.</p> + </div> + </div> + <div class="wdn_notice mb2"> + <div class="message"> + <h4>Upload Your Resume</h4> + <p>Optional but recommended: add a resume file to your application.</p> + </div> + </div> + <div class="wdn_notice mb3"> + <div class="message"> + <h4>Submit It</h4> + <p>Choose a department to submit your application to. You can also attach a cover letter.</p> + </div> + </div> + <div class="wdn_notice mb4"> + <div class="message"> + <h4>Answer Supplemental Questions</h4> + <p>Some departments may have an additional form with specific questions related to that job. Once you complete step 2, you will be linked to this form if neccessary.</p> + </div> + </div> + + </div> + <div class="col right"> + <h4 class="sec_header">Menu</h4> + <ul class="appli_nav"> + <li><a href="main.php?login">Login</a></li> + </ul> + + </div> + '; +} + + + + + +$page->leftcollinks = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/relatedLinks.html')); +$page->contactinfo = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/footerContactInfo.html')); + +$page->footercontent = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/footer.html')); + +echo $page; +?> diff --git a/manage.php b/manage.php new file mode 100644 index 0000000000000000000000000000000000000000..cca431cb92fe0b921de1d2ce78cc27ed10ea1e19 --- /dev/null +++ b/manage.php @@ -0,0 +1,141 @@ +<?php + #include our functions and vars + require_once('functions.inc.php'); + + + #SimpleCAS http://code.google.com/p/simplecas/ + require_once 'UNL/Auth.php'; + $cas_client = UNL_Auth::factory('SimpleCAS'); + + if (isset($_GET['login'])) { + $cas_client->login(); + } + + if (isset($_GET['logout'])) { + $cas_client->logout(); + } + + if($cas_client->isLoggedIn()){ + $current_user = $cas_client->getUser(); + + #get the current user's mysql record id number from the student table if it exists + $profile = get_users_profile($current_user); + $current_user_id = $profile['id']; + } + + + $department_id = $_GET['department_id']; + if(!is_numeric($department_id)){ + header("Location: main.php"); + exit(); + } +?> + + + +<?php +require_once 'UNL/Templates.php'; + +UNL_Templates::$options['version'] = 3; +$page = UNL_Templates::factory('Document'); + +$page->navlinks = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/navigation.html')); +$page->breadcrumbs = "<!-- WDN: see glossary item \'breadcrumbs\' --> <ul> <li class=\"first\"><a href=\"http://www.unl.edu/\">UNL</a></li> <li><a href=\"".$site_url."\">Student Jobs Application</a></li> <li>Manage Applications</li></ul>"; +$page->doctitle = '<title>UNL | Student Jobs | Manage Applications</title>'; +$page->head = ' + + +'; +$page->addStyleSheet($site_url.'style.css'); +$page->addStyleSheet('/wdn/templates_3.0/css/content/forms.css'); + +$page->titlegraphic = '<h1>Student Jobs</h1>'; + $result = mysql_query("SELECT * FROM department WHERE id='$department_id'"); + $row=mysql_fetch_array($result); +$page->pagetitle = '<h2>Applications Submitted to '.$row["name"].'</h2>'; + + + + + + + +#Check to see if the current user is allowed to view this department's applications +$result = mysql_query("SELECT * FROM contacts WHERE department_id='$department_id' AND username='$current_user'"); +$row=mysql_fetch_array($result); + +if ( $cas_client->isLoggedIn() && $row['id']>0 ) { + $page->maincontentarea = ' + <div class="three_col left"> + For technical assistance contact '.$contact_person.' at <a href="mailto:'.$contact_email.'">'.$contact_email.'</a> + </div> + <div class="col right"> + <ul class="appli_nav"> + <h4 class="sec_header">Menu</h4> + <li><a href="main.php">Home</a></li> + <li><a href="main.php?logout">Logout</a></li> + </ul> + + </div> + + + + + + + + + <table class="zentable neutral"> + <thead> + <tr> + <th>Application</th> + <th>Position</th> + <th>Resume</th> + <th>Cover Letter</th> + <th>Date</th> + </tr> + </thead> + '; + + + $result = mysql_query("SELECT * FROM submissions WHERE department_id='$department_id' ORDER BY timestamp DESC"); + while($row=mysql_fetch_array($result)){ + $app_id = $row['id']; + $application_id = $row['application_id']; + $res = mysql_query("SELECT * FROM application WHERE id='$application_id'"); + $row_student = mysql_fetch_array($res); + + $page->maincontentarea .= ' + <tr> + <td><a href="view.php?id='.$application_id.'">'.$row_student["firstname"].' '.$row_student["mi"].' '.$row_student["lastname"].'</a></td> + <td>'.$row["positionappliedfor"].'</td> + <td>'.display_upload(0,0,$row['resume_id']).'</td> + <td>'.display_upload(0,0,$row['cover_id']).'</td> + <td>'.$row["timestamp"].'</td> + </tr> + '; + } + + + + $page->maincontentarea .= ' + </table> + + '; + +}else { + header("Location: main.php"); + exit(); +} + + + + + +$page->leftcollinks = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/relatedLinks.html')); +$page->contactinfo = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/footerContactInfo.html')); + +$page->footercontent = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/footer.html')); + +echo $page; +?> \ No newline at end of file diff --git a/resume.php b/resume.php new file mode 100644 index 0000000000000000000000000000000000000000..890dd64c8a7a7c824503f001420bbe42ab027581 --- /dev/null +++ b/resume.php @@ -0,0 +1,222 @@ +<?php + #include our functions and vars + require_once('functions.inc.php'); + + + #SimpleCAS http://code.google.com/p/simplecas/ + require_once 'UNL/Auth.php'; + $cas_client = UNL_Auth::factory('SimpleCAS'); + + if (isset($_GET['login'])) { + $cas_client->login(); + } + + if (isset($_GET['logout'])) { + header("Location: main.php?logout"); + exit(); + } + if($cas_client->isLoggedIn()){ + $current_user = $cas_client->getUser(); + + #get the current user's application if it exists + $profile = get_users_profile($current_user); + } +?> + +<?php +#SUBMIT HAS BEEN PRESSED +if (isset($_POST['submit']) ) +{ + //not actaully deleting, but changing the showflag from 1 to 0. The user no longer sees their old resumes but we still need them for old apps. + $query = "UPDATE ".$GLOBALS['mysql_prefix']."uploads SET showflag='0' WHERE username = '$current_user'"; + $result = mysql_query($query); + + //Process the uploads - in this case there's only going to be one- the resume + $error = $_FILES["upFile"]["error"]; + if ($error == UPLOAD_ERR_OK) { + $fileName = $_FILES['upFile']['name']; + $tmpName = $_FILES['upFile']['tmp_name']; + $fileSize = $_FILES['upFile']['size']; + $fileType = $_FILES['upFile']['type']; + + + //check to see if file type is in approved limitedext list + $ext = strrchr($fileName,'.'); + if (!in_array(strtolower($ext),$limitedext)) + $unapprovedfile = true; + + if(!isset($unapprovedfile) && !isset($toobig)){ + $fp = fopen($tmpName, 'r'); + $content = fread($fp, filesize($tmpName)); + $content = addslashes($content); + fclose($fp); + + $fileName = sanitize($fileName, "text"); + + $studentID = $profile['id']; + $query = "INSERT INTO ".$GLOBALS['mysql_prefix']."uploads (name, size, type, content, username, showflag, kind) " . + "VALUES ($fileName, '$fileSize', '$fileType', '$content', '$current_user', '1', 'resume')"; + if(!mysql_query($query)) + $fail=true; + } + }else if($error == 2) + $toobig = true; + + if(!isset($unapprovedfile) && !isset($toobig) && !isset($fail)){ + //resume has been added, redirect to main with success message + $msg = "Successfully uploaded your resume!" ; + header("Location: main.php?msg=$msg&success"); + exit(); + } + +}else if(isset($_GET['delete']) && isset($profile['id'])){ + //not actaully deleting, but changing the showflag from 1 to 0. The user no longer sees their old resumes but we still need them for old apps. + $query = "UPDATE ".$GLOBALS['mysql_prefix']."uploads SET showflag='0' WHERE username = '$current_user'"; + $result = mysql_query($query); +} +?> + + +<?php +require_once 'UNL/Templates.php'; + +UNL_Templates::$options['version'] = 3; +$page = UNL_Templates::factory('Document'); + +$page->navlinks = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/navigation.html')); +$page->breadcrumbs = "<!-- WDN: see glossary item \'breadcrumbs\' --> <ul> <li class=\"first\"><a href=\"http://www.unl.edu/\">UNL</a></li> <li><a href=\"".$site_url."\">Student Jobs Application</a></li> <li>Your Resume</li></ul>"; +$page->doctitle = '<title>UNL | Student Jobs | Your Resume</title>'; +$page->head = ' + + +'; +$page->addStyleSheet($site_url.'style.css'); +$page->addStyleSheet('/wdn/templates_3.0/css/content/forms.css'); + +$page->titlegraphic = '<h1>Student Jobs</h1>'; +$page->pagetitle = '<h2>Your Resume</h2>'; +$page->maincontentarea = ''; + + +//if they are logged in and have not created an application yet +if ( $cas_client->isLoggedIn() && isset($profile['id']) ) { + + + $page->maincontentarea .= '<div class="three_col left">'; + + if (isset($_POST['submit'])){ + if (isset($unapprovedfile)) + $page->maincontentarea .= '<h3 class="warn">You have tried to upload an unapproved type of file, try again</h3>'; + if (isset($fail)) + $page->maincontentarea .= '<h3 class="warn">File upload failed, try again</h3>'; + if (isset($toobig)) + $page->maincontentarea .= '<h3 class="warn">Your upload is too big, max allowed is '.($size_bytes/1048576).' mb</h3>'; + } + +$page->maincontentarea .= ' + +<form class="cool" method="post" name="add" action="" enctype="multipart/form-data"> + <input type="hidden" name="MAX_FILE_SIZE" value="'.$size_bytes.'" /> + +'; + + $query = "SELECT * FROM ".$GLOBALS['mysql_prefix']."uploads WHERE showflag = '1' AND kind = 'resume' AND username = '$current_user' ORDER BY id DESC"; + $result = mysql_query($query); + + if (mysql_num_rows($result) > 0){ + $page->maincontentarea .= ' + <h4>Your Uploaded Resume:</h4> + <h3 class="document" style="width:90%"> + <a href="resume.php?delete" title="Click to Delete this File" class="right"><img src="images/Delete.png" style="margin-right:10px" alt="Click here to delete your uploaded resume" /></a> + '.display_upload($current_user, "resume").' + </h3> + '; + } + + +$page->maincontentarea .= ' + +<div class="clear"></div> + + + + + + + +<fieldset> +<legend>Upload Resume</legend> +'; + if (mysql_num_rows($result) > 0){ + $page->maincontentarea .= '<p>Uploading a new resume will overwrite the existing one,</p>'; + } +$page->maincontentarea .= ' + <p> + Accepted formats are .pdf .txt or Word (.doc & .docx) + </p> +<ol> +<li> + <label class="element">Resume</label> + <div class="element" id="uploads"> + <input size="50" name="upFile" type="file" /> + <span class="form-field-description"><br />Maximum file size is '.($size_bytes/1048576).' MB. Accepted formats are .pdf .txt or Word (.doc & .docx)</span> + </div> +</li> +</ol> +</fieldset> + + + + + + + <p class="submit"> + <input type="submit" value="Upload File" class="submit_button" name="submit"/> + </p> + </form> + '; + + $page->maincontentarea .= '</div> + <div class="col right"> + <h4 class="sec_header">Menu</h4> + <ul class="appli_nav"> + <li><a href="main.php">Home</a></li> + <li><a href="app.php">Edit Application</a></li> + <li><a href="main.php?logout">Logout</a></li> + </ul> + </div> + '; + +}else if( $cas_client->isLoggedIn() && !isset($profile['id']) ){ + $page->maincontentarea .= ' + <div class="three_col left"> + <h3 class="warn">You must <a href="app.php">Create an Application</a> before uplaoding.</h3> + </div> + <div class="col right"> + <h4 class="sec_header">Menu</h4> + <ul class="appli_nav"> + <li><a href="main.php">Home</a></li> + <li><a href="app.php">Create Application</a></li> + <li><a href="main.php?logout">Logout</a></li> + </ul> + </div> + '; + +//if they are not logged in +}else { + header("Location: main.php"); + exit(); +} + + + + + + +$page->leftcollinks = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/relatedLinks.html')); +$page->contactinfo = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/footerContactInfo.html')); + +$page->footercontent = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/footer.html')); + +echo $page; +?> \ No newline at end of file diff --git a/style.css b/style.css new file mode 100644 index 0000000000000000000000000000000000000000..6276e201fda5089a291e0c3a510de835c7dac2c3 --- /dev/null +++ b/style.css @@ -0,0 +1,114 @@ +#maincontent .largertext{ + font-size:1.2em; +} + + +/* FIELD STYLE OVERRIDES */ +#maincontent form.cool fieldset { + margin-bottom:2px !important; +} +#maincontent form.cool p.submit { + margin-top:15px !important; +} + + + +/********** +MESSAGE BOXES **********/ + +/*warning message */ +#maincontent h3.warn { + margin-bottom:10px; + background:#FDFADF url(images/Alert.png) no-repeat 5px 4px; + border:1px solid #F2E570; + padding:5px 10px 5px 40px; +} +/*success message */ +#maincontent h3.success { + margin-bottom:10px; + background:#D1F9D4 url(images/Accept.png) no-repeat 5px 4px; + border:1px solid #70F277; + padding:5px 10px 5px 40px; +} +/*document message */ +#maincontent h3.document { + margin-bottom:10px; + background:#D1EAF7; + border:1px solid #B0DFF8; + padding:5px 5px 5px 5px; +} +/*click boxes for more*/ +#maincontent h3.wantmore { + background:#FDFADF url(images/+.png) no-repeat 5px 4px; + border:1px solid #F2E570; + padding:5px 10px 5px 40px; + cursor:pointer; +} + + + + + + + + +/*right hand menu */ +#maincontent ul.appli_nav { + padding:0 0 1.1em 5px; + border-left:1px solid #e5e5e5; + border-bottom:1px solid #e5e5e5; +} +#maincontent ul.appli_nav li { + font-family:Verdana,Helvetica,sans-serif; + font-weight:normal; + letter-spacing:-1px; + margin-bottom:10px; + + list-style-image:none; + list-style-position:outside; + list-style-type:none; +} +#maincontent ul.appli_nav li a{ + display:block; + min-height:22px; + padding:8px 8px 8px 10px; + font-size:1.2em; + + background-color:#f0f0f0; + border:1px solid #e0e0e0; +} +#maincontent ul.appli_nav li a:hover{ + background-color:#f1f7fb; + border:1px solid #cddeea; +} + + +/*boxes on the main page */ +#maincontent div.wdn_notice { + border:1px solid #cad094; + background:#f8f9d1; + -moz-border-radius:5px; + padding:10px; + margin-bottom:10px; +} +#maincontent div.wdn_notice a{ + text-decoration:underline; +} +#maincontent div.wdn_notice.mb1 .message{ + background-image:url(images/1.png); +} +#maincontent div.wdn_notice.mb2 .message{ + background-image:url(images/2.png); +} +#maincontent div.wdn_notice.mb3 .message{ + background-image:url(images/3.png); +} +#maincontent div.wdn_notice.mb4 .message{ + background-image:url(images/4.png); +} +#maincontent div.wdn_notice .message{ + min-height:60px; + padding:10px 5px 0 68px; + background-position:top left; + background-repeat:no-repeat; +} \ No newline at end of file diff --git a/submit.php b/submit.php new file mode 100644 index 0000000000000000000000000000000000000000..57eb0cd1095a19ecfe74e45b78e319daa4094ad8 --- /dev/null +++ b/submit.php @@ -0,0 +1,359 @@ +<?php + #include our functions and vars + require_once('functions.inc.php'); + + + #SimpleCAS http://code.google.com/p/simplecas/ + require_once 'UNL/Auth.php'; + $cas_client = UNL_Auth::factory('SimpleCAS'); + + if (isset($_GET['login'])) { + $cas_client->login(); + } + + if (isset($_GET['logout'])) { + $cas_client->logout(); + } + + if($cas_client->isLoggedIn()){ + $current_user = $cas_client->getUser(); + + #get the current user's mysql record id number from the student table if it exists + $profile = get_users_profile($current_user); + } + $msg = htmlentities(trim($_GET['msg']), ENT_QUOTES); +?> + + +<?php +if (isset($_POST['submit']) && $_POST['department'] !== "" && isset($_POST['statement'])){ + //if there's no cover letter uploaded later, we'll insert 0 into the application for the cover letter id + $cover_id = 0; + + //Process the uploads - in this case there's only going to be one- the cover letter + $error = $_FILES["upFile"]["error"]; + if ($error == UPLOAD_ERR_OK) { + $fileName = $_FILES['upFile']['name']; + $tmpName = $_FILES['upFile']['tmp_name']; + $fileSize = $_FILES['upFile']['size']; + $fileType = $_FILES['upFile']['type']; + + //check to see if file type is in approved limitedext list + $ext = strrchr($fileName,'.'); + if (!in_array(strtolower($ext),$limitedext)) + $unapprovedfile = true; + + if(!isset($unapprovedfile) && !isset($toobig)){ + $fp = fopen($tmpName, 'r'); + $content = fread($fp, filesize($tmpName)); + $content = addslashes($content); + fclose($fp); + + $fileName = sanitize($fileName, "text"); + + $query = "INSERT INTO ".$GLOBALS['mysql_prefix']."uploads (name, size, type, content, username, showflag, kind) " . + "VALUES ($fileName, '$fileSize', '$fileType', '$content', '$current_user', '1', 'cover')"; + if(!mysql_query($query)) + $fail=true; + $cover_id = mysql_insert_id(); + } + }else if($error == 2) + $toobig = true; + + //The file upload went ok, now move to retriving the resume + if(!isset($unapprovedfile) && !isset($toobig) && !isset($fail)){ + //Get the id of the resume that will be attached to this application + $query = "SELECT * FROM ".$GLOBALS['mysql_prefix']."uploads WHERE showflag = '1' AND kind = 'resume' AND username = '$current_user' ORDER BY id DESC"; + $result = mysql_query($query); + if (mysql_num_rows($result) > 0){ + $row = mysql_fetch_array($result); + $resume_id = $row['id']; + }else + $resume_id = 0; + + //add the details to the submissions table + $submissionID = add_submission( $current_user, + $profile['id'], + $_POST['department'], + $_POST['positionappliedfor'], + $resume_id, + $cover_id + ); + + //Email the people in the department and set up the message to return to the user on the main page + $deptid = (int) $_POST['department']; + $query = "SELECT * FROM department WHERE id=$deptid"; + $result = mysql_query($query); + $row=mysql_fetch_array($result); + + /* + * PEAR Mail + */ + include('Mail.php'); + include('Mail/mime.php'); + $text = $profile['firstname'].' '.$profile['lastname'].' has submitted a job application'. + "\n\n". + 'View it at http://ucommxsrv1.unl.edu/studentjobs/'. + "\n\n\n\n". + 'This message was sent from http://ucommxsrv1.unl.edu/studentjobs/'."\n".'Contact Eric Rasmussen at erasmussen2@unl.edu for help with this system'; + $crlf = "\n"; + $hdrs = array( + 'From' => 'no-reply@ucommxsrv1.unl.edu', + 'Subject' => 'New Student Job Application Submitted To '.$row['name'] + ); + + $mime = new Mail_mime($crlf); + $mime->setTXTBody($text); + + //do not ever try to call these lines in reverse order + $body = $mime->get(); + $hdrs = $mime->headers($hdrs); + + $mail =& Mail::factory('mail'); + + $query = "SELECT * FROM contacts WHERE department_id=$deptid"; + $result1 = mysql_query($query); + while($row1=mysql_fetch_array($result1)){ + $res = $mail->send($row1['email'], $hdrs, $body); + } + $res = $mail->send('ericrasmussen1@gmail.com', $hdrs, $body); + if(PEAR::isError($res)){ + $fail = true; + }else { + $success = true; + } + //END PEAR Mail + + $msg = $row['name'] ; + header("Location: supplemental.php?msg=".$msg."&deptid=".$deptid."&success"); + exit(); + } + +} +?> + +<?php +require_once 'UNL/Templates.php'; + +UNL_Templates::$options['version'] = 3; +$page = UNL_Templates::factory('Document'); + +$page->navlinks = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/navigation.html')); +$page->breadcrumbs = "<!-- WDN: see glossary item \'breadcrumbs\' --> <ul> <li class=\"first\"><a href=\"http://www.unl.edu/\">UNL</a></li> <li><a href=\"".$site_url."\">Student Jobs Application</a></li> <li>Submit Application</li></ul>"; +$page->doctitle = '<title>UNL | Student Jobs | Submit Application</title>'; +$page->head = ' + + +'; +$page->addStyleSheet($site_url.'style.css'); +$page->addStyleSheet('/wdn/templates_3.0/css/content/forms.css'); + +$page->titlegraphic = '<h1>Student Jobs</h1>'; +$page->pagetitle = '<h2>Submit an Application</h2>'; + +$page->maincontentarea = ''; + +if ( $cas_client->isLoggedIn() ) { + + //they have created a profile application (record in the student table) so they are allowed to continue + if($profile['id']){ + + + + $page->maincontentarea .= ' + <div class="three_col left">'; + + if ($msg !== '') + $page->maincontentarea .= '<h3 class="warn">'.$msg.'</h3>'; + if (isset($_POST['submit'])){ + if(isset($unapprovedfile)) + $page->maincontentarea .= '<h3 class="warn">You have tried to upload an unapproved type of file. Submit the application below without the file attached or try uploading again.</h3>'; + if(isset($fail)) + $page->maincontentarea .= '<h3 class="warn">File upload failed, try again</h3>'; + if(isset($toobig)) + $page->maincontentarea .= '<h3 class="warn">Your upload is too big, max allowed is '.($size_bytes/1048576).' mb</h3>'; + if($_POST['department'] == '') + $page->maincontentarea .= '<h3 class="warn">You need to select a department</h3>'; + if(!isset($_POST['statement'])) + $page->maincontentarea .= '<h3 class="warn">You must read and agree to the statement at the bottom of the form</h3>'; + } + + $page->maincontentarea .= ' + + + <form class="cool" method="post" name="add" action="" enctype="multipart/form-data"> + <input type="hidden" name="MAX_FILE_SIZE" value="'.$size_bytes.'" /> + + <div class="two_col left" style="font-size:1.2em"> + Choose a department to submit your application to.<br /> + Attaching a cover letter is optional. + </div> + + <div class="col right"> + <p class="required">Indicates a required field.</p> + </div> + + + <fieldset> + <legend>Submit Your Application</legend> + <ol> + <li> + <label class="element">My.UNL Username</label> + <div class="element" style="margin-top:10px"> + '.$current_user.' + </div> + </li> + <li> + <label class="element">My Application</label> + <div class="element" style="margin-top:10px"> + <span style="color:#B08A21">Has Been Successfully Loaded By The System</span> + </div> + </li> + <li> + <label class="element">My Resume</label> + <div class="element" style="margin-top:10px"> + '.display_upload($current_user,'resume').' + <a href="resume.php">Edit Resume</a> + </div> + </li> + <li class="required"> + <label class="element">Department</label> + <div class="element"> + <select name="department"> + <option value=""></option> + '; + + $result = mysql_query("SELECT name,id FROM department"); + + while($row=mysql_fetch_array($result)){ + $i = $row['id']; + $page->maincontentarea .= '<option value="'.$i.'" '.( isset($_POST['submit']) ? sel($_POST['department'],"$i") : "").'>'.$row["name"].'</option> '; + } + + $page->maincontentarea .= ' + </select> + </div> + </li> + <li> + <label class="element">Position Applying For</label> + <div class="element"> + <input type="text" class="general-textarea" name="positionappliedfor" value="'.( isset($_POST['submit']) ? htmlentities($_POST['positionappliedfor']) : "").'" /> + </div> + </li> + + <li> + <label class="element">Cover Letter</label> + <div class="element" id="uploads"> + <input size="50" name="upFile" type="file" /> + <span class="form-field-description"><br />Maximum file size is '.($size_bytes/1048576).' MB. Accepted formats are .pdf .txt or Word (.doc & .docx)</span> + </div> + </li> + + + </ol> + </fieldset> + + + + + + + + <fieldset> + <legend>Statement</legend> + <p> + Students and Employees on Temporary appointments are subject to at-will status.<br /> + Applications that are not checked below will not be considered. + </p> + <p> + "I certify that the information contained in this application is true to the best of my knowledge and belief. I understand that any material + omission of facts or misrepresentation may result in my discharge, if hired, regardless of when discovered. Unless otherwise expressly stated + in a written appointment to a position or in a written contract of employment duly approved and executed by UNL, regular office/service and + managerial/professional employees are considered employees at will, and either UNL or the employee may terminate the employment + relationship upon giving proper advance notice. I grant permission to the University of Nebraska-Lincoln to investigate my employment + record, educational record, and other records to verify the information I have + provided on this application and/or any additional information I have provided and release the University from any liability resulting + from such investigation." + </p> + <ol> + <li class="required"> + <label class="element"></label> + <div class="element"> + <input type="checkbox" value="1" name="statement" '.( isset($_POST['submit']) && isset($_POST['statement']) ? sel($_POST['statement'],"1",true) : "").' /> + <span class="form-field-description">"By checking this box, I ('.$current_user.') certify that I have read and agree with the above statements."</span> + </div> + </li> + </ol> + </fieldset> + + + + + + + + + + + + + + <p class="submit"> + <input type="submit" value="Submit for Consideration" class="submit_button" name="submit"/> + </p> + </form> + + + + + + + + + + + </div> + <div class="col right"> + <h4 class="sec_header">Menu</h4> + <ul class="appli_nav"> + <li><a href="main.php">Home</a></li> + <li><a href="app.php">Edit Application</a></li> + <li><a href="resume.php">Edit Resume</a></li> + <li><a href="main.php?logout">Logout</a></li> + </ul> + + </div> + + '; + } + //they are logged in but don't have a profile application yet so there is nothing to submit + else{ + $msg = "You need to create an application first before you can submit one." ; + header("Location: main.php?msg=$msg"); + exit(); + } +}else { + $page->maincontentarea .= ' + <div class="three_col left"> + <h3 class="warn">You are not logged in</h3> + </div> + <div class="col right"> + <h4 class="sec_header">Menu</h4> + <ul class="appli_nav"> + <li><a href="main.php?login">Login</a></li> + </ul> + + </div>'; +} + + + + + +$page->leftcollinks = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/relatedLinks.html')); +$page->contactinfo = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/footerContactInfo.html')); + +$page->footercontent = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/footer.html')); + +echo $page; +?> diff --git a/supplemental.php b/supplemental.php new file mode 100644 index 0000000000000000000000000000000000000000..63e18d9cc36011cdb9fc9b0577e97c316e53c790 --- /dev/null +++ b/supplemental.php @@ -0,0 +1,113 @@ +<?php + #include our functions and vars + require_once('functions.inc.php'); + + + #SimpleCAS http://code.google.com/p/simplecas/ + require_once 'UNL/Auth.php'; + $cas_client = UNL_Auth::factory('SimpleCAS'); + + if (isset($_GET['login'])) { + $cas_client->login(); + } + + if (isset($_GET['logout'])) { + $cas_client->logout(); + } + + if($cas_client->isLoggedIn()){ + $current_user = $cas_client->getUser(); + } + + $msg = htmlentities(trim($_GET['msg']), ENT_QUOTES); +?> + + + +<?php +require_once 'UNL/Templates.php'; + +UNL_Templates::$options['version'] = 3; +$page = UNL_Templates::factory('Document'); + +$page->navlinks = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/navigation.html')); +$page->breadcrumbs = "<!-- WDN: see glossary item \'breadcrumbs\' --> <ul> <li class=\"first\"><a href=\"http://www.unl.edu/\">UNL</a></li> <li>Student Jobs Application</li> </ul>"; +$page->doctitle = '<title>UNL | Student Jobs </title>'; +$page->head = ' + + +'; +$page->addStyleSheet($site_url.'style.css'); +$page->addStyleSheet('/wdn/templates_3.0/css/content/forms.css'); + +$page->titlegraphic = '<h1>Student Jobs</h1>'; +$page->pagetitle = '<h2>Supplemental Application</h2>'; + +$page->maincontentarea = ''; + +if ( $cas_client->isLoggedIn() && isset($_GET['deptid'])) { + + //get the Supplemental questions url + $deptid = (int) $_GET['deptid']; + $result = mysql_query("SELECT name,sup_app_url FROM department WHERE id='$deptid'"); + $row=mysql_fetch_array($result); + $sup_app_url = $row['sup_app_url']; + + //we have a Supplemental app, direct the user to go fill it out + if($sup_app_url != NULL && $sup_app_url != ""){ + $page->maincontentarea .= ' + <div class="three_col left"> + '; + + if (isset($msg) && $msg !== '' && isset($_GET['success'])) + $page->maincontentarea .= '<h3 class="success">Successfully Submitted Part 1 to '.$msg.'</h3>'; + else if (isset($msg) && $msg !== '' && !isset($_GET['success'])) + $page->maincontentarea .= '<h3 class="warn">'.$msg.'</h3>'; + + $page->maincontentarea .= ' + <div style="font-size:1.3em;color:white;background:#C4A0D0 url(images/StopSign.png) no-repeat; border:1px solid #CA4747;padding:10px 5px 5px 140px;"> + <h3 style="color:#353535;font-size:2em">STOP!</h3> + <h3 style="color:#353535">You are not done yet!</h3> + <p> + '.$msg.' requires the completion of a supplemental questionaire: + </p> + <p> + <a href="'.$sup_app_url.'" target="_blank" style="font-size:1.3em;text-decoration:underline">Complete the additional questions</a> + </p> + </div> + <p><br /><br /> + <a href="main.php">Home</a> + </p> + </div> + <div class="col right"> + <ul class="appli_nav"> + <li><a href="main.php">Home</a></li> + <li><a href="main.php?logout">Logout</a></li> + </ul> + + </div> + + '; + } + //no Supplemental questions so return to main page + else{ + $msg = "Submitted application to ".$row['name'] ; + header("Location: main.php?msg=".$msg."&success"); + exit(); + } +}else { + header("Location: main.php"); + exit(); +} + + + + + +$page->leftcollinks = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/relatedLinks.html')); +$page->contactinfo = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/footerContactInfo.html')); + +$page->footercontent = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/footer.html')); + +echo $page; +?> diff --git a/test.php b/test.php new file mode 100644 index 0000000000000000000000000000000000000000..1b3bbb9881274a3802b39c2ccbc5b264e6895c65 --- /dev/null +++ b/test.php @@ -0,0 +1,47 @@ +<?php +if (isset($_REQUEST['submit'])){ + + + + foreach ($_POST['education_name'] as $key => $value) { + if($value != ""){ + + echo($_POST['education_name'][$key]); + echo("<br>"); + echo($_POST['education_phone'][$key]); + echo("<hr>"); + } + } + +} + + +?> + +<html> +<body> + +<form method="post"> + +<input type="text" name="education_name[]" /> + +<input type="text" name="education_name[]" /> + +<input type="text" name="education_name[]" /> + +<input type="text" name="education_name[]" /> + +<br><br> +<input type="text" name="education_phone[]" /> + +<input type="text" name="education_phone[]" /> + +<input type="text" name="education_phone[]" /> + +<input type="text" name="education_phone[]" /> + +<input type="submit" name="submit" /> + +</form> + +</body></html> \ No newline at end of file diff --git a/view.php b/view.php new file mode 100644 index 0000000000000000000000000000000000000000..d83898d8aa81eecf2c4481b7bbf72ec40bcdf44a --- /dev/null +++ b/view.php @@ -0,0 +1,154 @@ +<?php + #include our functions and vars + require_once('functions.inc.php'); + + + #SimpleCAS http://code.google.com/p/simplecas/ + require_once 'UNL/Auth.php'; + $cas_client = UNL_Auth::factory('SimpleCAS'); + + if (isset($_GET['login'])) { + $cas_client->login(); + } + + if (isset($_GET['logout'])) { + header("Location: main.php?logout"); + exit(); + } + if($cas_client->isLoggedIn()){ + $current_user = $cas_client->getUser(); + } +?> + + +<?php +require_once 'UNL/Templates.php'; + +UNL_Templates::$options['version'] = 3; +$page = UNL_Templates::factory('Document'); + +$page->navlinks = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/navigation.html')); +$page->breadcrumbs = "<!-- WDN: see glossary item \'breadcrumbs\' --> <ul> <li class=\"first\"><a href=\"http://www.unl.edu/\">UNL</a></li> <li><a href=\"".$site_url."\">Student Jobs Application</a></li> <li>View Application</li></ul>"; +$page->doctitle = '<title>UNL | Student Jobs | View Application</title>'; +$page->head = ' +<style type="text/css" media="print"> + #footer{display:none;} +</style> +'; +$page->addStyleSheet($site_url.'style.css'); +$page->addStyleSheet('/wdn/templates_3.0/css/content/forms.css'); + +$page->titlegraphic = '<h1>Student Jobs</h1>'; +$page->pagetitle = '<h2>View Application</h2>'; +$page->maincontentarea = ''; + + + + if(isset($_GET['id']) && $cas_client->isLoggedIn()) { + $id = $_GET['id']; + if(!is_numeric($id)){ + header("Location: main.php"); + exit(); + } + + + //First check to see if logged in user is the one who filled out the app + $query = "SELECT * FROM application WHERE id = $id"; + $result = mysql_query($query); + $row = mysql_fetch_array($result); + if($row['username'] == $current_user) + $allowed=true; + + //Second check to see if logged in user is an authorized viewer for a department that this application was submitted to + else{ + $query = "SELECT department_id FROM contacts WHERE username = '$current_user'"; + $result = mysql_query($query); + while($row1 = mysql_fetch_array($result)){ + $dept_id = $row1['department_id']; + $query = "SELECT username FROM submissions WHERE department_id = $dept_id"; + $result1 = mysql_query($query); + while($row2 = mysql_fetch_array($result1)){ + if($row2['username'] == $row['username']) + $allowed = true; + } + } + } + + //We've finished checking cases where a user can view this app, now proceed if the logged in user is allowed + if(isset($allowed)){ + $page->maincontentarea .= ' + + <table border="1"> + <tr><td>My.UNL ID</td> <td>'.htmlspecialchars($row['username']).'</td></tr> + <tr><td>Name</td> <td>'.htmlspecialchars($row['firstname']).' '.htmlspecialchars($row['mi']).' '.htmlspecialchars($row['lastname']).'</td></tr> + <tr><td>Address</td> <td>'.htmlspecialchars($row['address']).'<br />'.htmlspecialchars($row['city']).' '.htmlspecialchars($row['state']).' '.htmlspecialchars($row['zip']).'</td></tr> + <tr><td>Phone</td> <td>'.htmlspecialchars($row['phone']).'</td></tr> + <tr><td>Email</td> <td>'.htmlspecialchars($row['email']).'</td></tr> + <tr><td>Misdemeanor?</td> <td>'.htmlspecialchars($row['misdemeanor']).'</td></tr> + <tr><td>Explanation</td> <td>'.htmlspecialchars($row['misdetails']).'</td></tr> + <tr><td>Felony?</td> <td>'.htmlspecialchars($row['felony']).'</td></tr> + <tr><td>Explanation</td> <td>'.htmlspecialchars($row['feldetails']).'</td></tr> + <tr><td>Court Order</td> <td>'.htmlspecialchars($row['courtorder']).'</td></tr> + <tr><td>Explanation</td> <td>'.htmlspecialchars($row['codetails']).'</td></tr> + + </table> + <br /><br /> + '; + + $query = "SELECT * FROM employer WHERE application_id = $id"; + $result = mysql_query($query); + while($row = mysql_fetch_array($result)){ + $page->maincontentarea .= ' + <table border="1"> + <tr><td>Employer</td> <td>'.$row['name'].'</td></tr> + <tr><td>Address</td> <td>'.$row['address'].'<br />'.$row['city'].' '.$row['state'].' '.$row['zip'].'</td></tr> + <tr><td>Supervisor</td> <td>'.$row['supervisor'].'</td></tr> + <tr><td>Phone</td> <td>'.$row['phone'].'</td></tr> + <tr><td>Started</td> <td>'.$row['frommonth'].'/'.$row['fromyear'].'</td></tr> + <tr><td>Ended</td> <td>'.$row['tomonth'].'/'.$row['toyear'].'</td></tr> + <tr><td>Hours</td> <td>'.$row['hoursweek'].' per week</td></tr> + <tr><td>Title</td> <td>'.$row['title'].'</td></tr> + <tr><td>Duties</td> <td>'.$row['duties'].'</td></tr> + <tr><td>Salary</td> <td>'.$row['salary'].'</td></tr> + </table> + <br /><br /> + '; + } + + $query = "SELECT * FROM education WHERE application_id = $id"; + $result = mysql_query($query); + while($row = mysql_fetch_array($result)){ + $page->maincontentarea .= ' + <table border="1"> + <tr><td>School</td> <td>'.$row['name'].'</td></tr> + <tr><td>Started</td> <td>'.$row['frommonth'].'/'.$row['fromyear'].'</td></tr> + <tr><td>Ended</td> <td>'.$row['tomonth'].'/'.$row['toyear'].'</td></tr> + <tr><td>Major</td> <td>'.$row['major'].'</td></tr> + <tr><td>Graduate?</td> <td>'.$row['graduate'].'</td></tr> + <tr><td>Degree</td> <td>'.$row['degree'].'</td></tr> + </table> + <br /><br /> + '; + } + } + } + + //this will only occur if the user is not logged in or is unauthorized to view this application + if(!isset($allowed)){ + header("Location: main.php"); + exit(); + } + + + + + + + +$page->leftcollinks = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/relatedLinks.html')); +$page->contactinfo = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/footerContactInfo.html')); + +$page->footercontent = str_replace('="/', '="http://www.unl.edu/', file_get_contents('http://www.unl.edu/ucomm/sharedcode/footer.html')); + +echo $page; +?> \ No newline at end of file