.
*/
include("./include/include.php");
include("./include/CandidateMail.php");
include("./include/g_approved.php");
include("./include/AjaxResponse.php");
include("./include/Popup.php");
define("POPUP_HEIGHT", 335);
define("POPUP_WIDTH", 330);
if( !in_array("candidate_approve", $_SESSION['sess_functions']) ) {
$popup = new Popup("Edit approved", "You are not authorized to see this page.");
$popup->setHeight(POPUP_HEIGHT)->setWidth(POPUP_WIDTH);
echo $popup->createPopup();
}else {
admin_header(true, true);
if( !isset($_POST['approved']) ) {
// Show form with data
$query="SELECT `FirstName`, `LastName`, `BodyName`, `candidatepost`.`position` AS `Position`, `Approved`
FROM `candidates`, `ab_bodies`, `candidatepost`
WHERE `candidates`.`BodyCode`=`ab_bodies`.`BodyCode` AND `candidates`.`Position`=`candidatepost`.`id` AND `candidates`.`id`=".addslashes(get_int("id"));
if( @mysql_num_rows( $res=doquery($query) )==1 ) {
$row = mysql_fetch_array($res);
$content = "";
$content .= "";
$content .= "";
$content .= "![\"\"/](\"./image/save.png\")
Save";
$content .= "";
$content .= "
";
$content .= "
";
$content .= "Never change from 'rejected' to anything else, unless you by accident rejected the application. If people canceled and decide to still candidate, they have to edit first their own candidature before you should approve it (and then you change from 'pending' to 'accepted').";
$popup = new Popup("Edit approved", $content);
$popup->setHeight(POPUP_HEIGHT)->setWidth(POPUP_WIDTH);
echo $popup->createPopup();
}else {
$content = "Error: unable to load the data. The person was not found.";
$popup = new Popup("Edit accepted", $content);
$popup->setHeight(POPUP_HEIGHT)->setWidth(POPUP_WIDTH);
echo $popup->createPopup();
}
}else {
// Process data
if( array_key_exists($_POST['approved'], $Approved_img) ) {
// valid approved status entered
$query = "SELECT `FirstName`, `LastName`, `Email`, `Approved`, `candidatepost`.`position` AS `Position`
FROM `candidates`, `candidatepost`
WHERE `candidates`.`Position`=`candidatepost`.`id` AND `candidates`.`id`=".addslashes(get_int('id'));
if( @mysql_num_rows( $res=doquery($query) )==1 ) {
$row = mysql_fetch_array($res);
if( $row['Approved']!=$_POST['approved'] ) {
// Approval has been updated
$query = "UPDATE `candidates` SET `Approved`='".addslashes($_POST['approved'])."' WHERE `id`=".addslashes(get_int('id'));
if( doquery($query) ) {
// query successfull
$newrow = $row;
$newrow['Approved'] = $_POST['approved'];
$mail = new CandidateMail($row, $newrow, false, get_int('id'));
$content = $mail->sendapproval();
$content .= "
Close popup";
$img = "![\"".$Approved_text[](\"".$Approved_img[ "\\"\".$Approved_text[")
";
$response = new AjaxResponse(false);
$response->addRefresh("Approved_".get_int('id'), $img);
$response->addRefresh("popup_content", $content);
header("Content-type: text/xml; charset=utf-8");
echo $response->createResponse();
}else {
// query failed
$response = new AjaxResponse(false);
$response->addRefresh("popup_content", "Error: update failed");
header("Content-type: text/xml; charset=utf-8");
echo $response->createResponse();
}
}else {
// Nothing was updated
$response = new AjaxResponse(true);
header("Content-type: text/xml; charset=utf-8");
echo $response->createResponse();
}
}else {
$response = new AjaxResponse(false);
$response->addRefresh("popup_content", "Unable to find the candidature. Updating the approval is not possible");
header("Content-type: text/xml; charset=utf-8");
echo $response->createResponse();
}
}else {
// Invalid approved status entered
$response = new AjaxResponse(false);
$response->addRefresh("popup_content", "Error: unknown approved status entered");
header("Content-type: text/xml; charset=utf-8");
echo $response->createResponse();
}
}
admin_footer(true, true);
}
?>