.
*/
if( !isset($candidate_id) ) {
exit();
}
include("./include/Cand.php");
include("./include/CandidateUI.php");
include("./include/CandidateMail.php");
if( $setup['CandidateAdminOpen']==false ) {
// Candidatures locked by admin
echoln("The candidatures have been locked by the webmaster, as it is not ready to be used yet.");
echoln("
Before the candidatures can open, the Juridical Commission has to finalize the setup first, please be a bit patient.");
}elseif( !is_before("CandidateEndReal") AND $candidate_id==0 ) {
// Candidatures deadline passed
echoln("The candidature deadline passed, you cannot candidate any more.");
echoln("
The deadline to candidate for any position was on ".$setup['CandidateEndReal'].". For next time you are suggested to candidate well before the deadline.");
}else {
// Read the files from ./include/CandFields/*.php and add them to $fields;
$fields = array();
$sepfields = array(); // All fields including separators
$dir = dirname($_SERVER["SCRIPT_FILENAME"])."/include/CandFields/*.php";
if( is_dir(dirname($dir)) ) {
foreach( glob($dir) as $file ) {
if( is_file($file) ) {
if( substr(basename($file, ".php"), 3)!="Separator" ) {
include("./include/CandFields/".basename($file));
$fields[] = substr(basename($file, ".php"), 3);
}
$sepfields[] = substr(basename($file, ".php"), 3);
}
}
}else {
debug(dirname($dir)." does not exist, failed loading candidature form fields");
}
// Load the values from MySQL in case we are editing
$values = array();
if( $candidate_id>0 ) {
$query="SELECT * FROM `candidates` WHERE `id`=".addslashes($candidate_id);
if( @mysql_num_rows( $res=doquery($query) )==1 ) {
$values = mysql_fetch_array($res);
}else {
echoln("Failed loading your candidature. Editing not possible. Switching back to a new candidature.");
$candidate_id=0;
}
}
// Create user interface
$ui = new CandidateUI($candidate_id);
// Create the classes, add a value (from aegee.org account (new) or from MySQL (edit))
$person = array();
for( $i=0; $i0 ) {
// Edit - get value from MySQL
if( isset($values[ $fields[$i] ]) ) $person[ $fields[$i] ]->init($values[ $fields[$i] ]);
}else {
// New - get value from aegee.org account when available
if( isset($_SESSION[ 'user_'.$fields[$i] ]) ) $person[ $fields[$i] ]->init($_SESSION[ 'user_'.$fields[$i] ]);
}
}
if( $candidate_id==0 ) $person['Position']->init($Position); // If new candidature, pre-select position
if( $_SERVER['REQUEST_METHOD']=="POST" AND !isset($_REQUEST['login']) ) {
// Try to save the form
$error = false;
// Check all fields
$usefields = array();
for( $i=0; $iget_access( ($candidate_id==0) )==Cand::ACCESS_RW ) {
$usefields[] = $fields[$i];
$error += !$person[ $fields[$i] ]->check();
}
}
if( $candidate_id==0 && $person['Position']->get_id()>0 ) {
// New candidature, check for duplicate
if( isset($_SESSION['sess_functions']) ) {
$query="SELECT `id` FROM `candidates`
WHERE ((`FirstName`='".addslashes($person['FirstName']->get())."' AND `LastName`='".addslashes($person['LastName']->get())."') OR
`username`='".addslashes($person['FirstName']->get()." ".$person['LastName']->get())."') AND
`Position`=".addslashes($person['Position']->get_id());
}else {
$query="SELECT `id` FROM `candidates`
WHERE ((`FirstName`='".addslashes($person['FirstName']->get())."' AND `LastName`='".addslashes($person['LastName']->get())."') OR
(`username`='".addslashes(isset($_SESSION['sess_name'])?$_SESSION['sess_name']:"[unknown]")."' AND `username`!='') OR `username`='".addslashes($person['FirstName']->get()." ".$person['LastName']->get())."') AND
`Position`=".addslashes($person['Position']->get_id());
}
if( @mysql_num_rows( doquery($query) )>0 ) {
// Duplicate entry
$error_duplicate = true;
$error += true;
}else {
$error_duplicate = false;
}
}else {
$error_duplicate = false;
}
if( $error!=false ) {
// Error, show them and reshow form
if( abs($error)==1 ) echoln("Your candidature has not been accepted. The following error was found:");
else echoln("Your candidature has not been accepted. The following ".abs($error)." errors were found:");
echoln("");
if( $error_duplicate ) {
echoln(" - There is already a person with this name that candidated for this position, or your ".$ldap->getSystemName()." account was used before for an candidature. ");
echoln("Log in to edit your candidature.");
}
for( $i=0; $iis_error() ) echoln("
- ".$person[ $usefields[$i] ]->get_error());
}
echoln("
");
$_SERVER['REQUEST_METHOD']="GET";
}else {
########################
### Form OK, save it ###
########################
$data = array();
$candvalues = array();
$candvalues['old']['username'] = (isset($values['username']) ? $values['username'] : "");
$candvalues['old']['Approved'] = (isset($values['Approved']) ? $values['Approved'] : "");
for( $i=0; $iget_sql( ($candidate_id==0) ));
$candvalues = array_merge_recursive($candvalues, $person[ $fields[$i] ]->get_value( ($candidate_id==0) ));
}
if( $candidate_id==0 ) {
################
### Save new ###
################
$sqlfield = "`username`, ";
if( isset($_SESSION['access_user']) && $_SESSION['access_user'] ) {
$sqlvalue = "'".addslashes($_SESSION['sess_name'])."', ";
}else {
$sqlvalue = "'', ";
}
$sqlfield .= "`Created`, `Modified`, ";
$sqlvalue .= "'".date("Y-m-d H:i:s")."', '".date("Y-m-d H:i:s")."', ";
$k = array_keys($data);
for( $i=0; $iPlease wait while we process your candidature... (wait until you see 'ready')");
flush();
if( $candidate_id==0 ) $cand_mail = new CandidateMail($candvalues['old'], $candvalues['new'], true, getinsertid());
else $cand_mail = new CandidateMail($candvalues['old'], $candvalues['new'], false, $candidate_id);
$cand_mail->Send();
echoln("
Your candidature has been saved successfully.");
echoln("
... ready
");
echoln("Your candidature has been processed. If you want to edit your candidature, come back to this page and log in with your ".$ldap->getSystemName()." account.");
if( is_anon() || (isset($_SESSION['access_user']) && $_SESSION['access_user']) ) echoln("
Back");
else echoln("
Close window");
}else {
echoln("Failed saving your candidature.");
$_SERVER['REQUEST_METHOD']="GET";
}
#debug(nl2br(strtr(print_r($candvalues, true), array(" " => " "))));
#debug(nl2br(strtr(print_r($data, true), array(" " => " "))));
#debug($query);
}
}
#################
### Show form ###
#################
if( $_SERVER['REQUEST_METHOD']=="GET" OR isset($_REQUEST['login']) ) {
// Show the form
echoln($ui->Open(true));
for( $i=0; $iSeparator());
}else {
if( $person[ $sepfields[$i] ]->get_access( ($candidate_id==0) )!=Cand::ACCESS_NO ) {
// Show field
echoln($ui->Add( $person[ $sepfields[$i] ]->get_print_name(),
$person[ $sepfields[$i] ]->get_print_value( $person[ $sepfields[$i] ]->get_access( ($candidate_id==0) )!=Cand::ACCESS_RW ),
$person[ $sepfields[$i] ]->is_error(),
$person[ $sepfields[$i] ]->get_compulsory() ));
}
}
}
echoln($ui->Close(true));
}
}
?>