File: /srv/www/rectt-csmcri.res.in/public_html/process_tech.php
<?php
session_start();
// REMOVE IN PRODUCTION
// ini_set("display_errors", 1);
// ini_set("display_startup_errors", 1);
// error_reporting(E_ALL);
require 'sites/config/config.php';
require_once 'gen_tech.php';
if (!isset($_SESSION['registered']) || $_SERVER['REQUEST_METHOD'] !== 'POST') {
header("location: login.php");
exit;
}
if (!isset($_SESSION['user_id'], $_SESSION['session_token'])) {
session_destroy();
header("Location: logout.php");
exit;
}
$user_id = $_SESSION['user_id'];
$token = $_SESSION['session_token'];
$stmt = $conn->prepare("SELECT session_token FROM users WHERE id = ?");
$stmt->bind_param("i", $user_id);
$stmt->execute();
$stmt->bind_result($db_token);
$stmt->fetch();
$stmt->close();
if ($token !== $db_token) {
session_destroy();
die("You have been logged out because your account was logged in elsewhere.");
}
// $user_id = $_SESSION['user_id'];
$ad_id = $_POST['ad_id'] ?? null;
$post_id = $_POST['post_id'] ?? null;
$category = $_SESSION['category'] ?? 'General';
$disability = $_SESSION['disability'] ?? 'No';
$gender = $_SESSION['gender'] ?? '';
$ex_servicemen = $_SESSION['ex_servicemen'] ?? '';
$csir_employee = $_SESSION['csir_employee'] ?? '';
$additional_remarks = $_POST['additional_remarks'] ?? '';
$payment_reference = $_POST['paymentReferenceNo'] ?? '';
$declaration = isset($_POST['agree']) ? 1 : 0;
$is_exempt = in_array($category, ['SC', 'ST']) || $gender === 'Female' || $ex_servicemen === 'Yes' || $csir_employee === 'Yes' || $disability === 'Yes';
$errors = [];
if (!$declaration) $errors[] = "You must agree to the declaration.";
if (!$is_exempt && empty($payment_reference)) $errors[] = "Payment reference number required.";
$payment_date = $_POST['payment_date'] ?? null;
if (!$is_exempt && empty($payment_date)) {
$errors[] = "Payment date is required.";
}
// Required uploads
$required_files = ['ssc_marksheet', 'photograph', 'signature'];
if ($category !== 'General') $required_files[] = 'category_certificate';
if ($disability === 'Yes') $required_files[] = 'disability_certificate';
foreach ($required_files as $f) {
if (!isset($_FILES[$f]) || $_FILES[$f]['error'] !== UPLOAD_ERR_OK) {
$errors[] = ucfirst(str_replace('_', ' ', $f)) . " is required.";
}
}
if (!empty($errors)) {
$_SESSION['form_errors'] = $errors;
header("Location: tech_form.php?post_id=$post_id&submit_error=1");
exit;
}
$conn->begin_transaction();
try {
// 1. Insert into tech_applications
if ($is_exempt) {
$stmt = $conn->prepare("INSERT INTO tech_applications (
user_id, advertisement_id, post_id, additional_remarks, payment_reference_no, declaration_agreed
) VALUES (?, ?, ?, ?, ?, ?)");
$stmt->bind_param("iiissi", $user_id, $ad_id, $post_id, $additional_remarks, $payment_reference, $declaration);
} else {
$stmt = $conn->prepare("INSERT INTO tech_applications (
user_id, advertisement_id, post_id, additional_remarks, payment_reference_no, payment_date, declaration_agreed
) VALUES (?, ?, ?, ?, ?, ?, ?)");
$stmt->bind_param("iiisssi", $user_id, $ad_id, $post_id, $additional_remarks, $payment_reference, $payment_date, $declaration);
}
$stmt->execute();
$application_id = $conn->insert_id;
$stmt->close();
// $stmt = $conn->prepare("INSERT INTO tech_applications (user_id, advertisement_id, post_id, additional_remarks, payment_reference_no, declaration_agreed) VALUES (?, ?, ?, ?, ?, ?)");
// $stmt->bind_param("iiissi", $user_id, $ad_id, $post_id, $additional_remarks, $payment_reference, $declaration);
// $stmt->execute();
// $application_id = $conn->insert_id;
// $stmt->close();
// 2. Educational Qualifications
$qual_levels = ['ssc', 'hsc', 'iti'];
$stmt = $conn->prepare("INSERT INTO tech_qualifications (application_id, qualification_type, school_name, board_or_university, subjects, marks, scale, pass_date, mode_of_study, remarks) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
foreach ($qual_levels as $qual) {
$school = $_POST["{$qual}_school"] ?? '';
$board = $_POST["{$qual}_board"] ?? '';
$subjects = $_POST["{$qual}_subjects"] ?? '';
$marks = $_POST["{$qual}_marks"] !== '' ? floatval($_POST["{$qual}_marks"]) : null;
$raw_scale = $_POST["{$qual}_scale"] ?? null;
$valid_scales = ['percentage', 'cgpa10', 'cgpa5'];
$scale = in_array($raw_scale, $valid_scales) ? $raw_scale : null;
$pass_date = $_POST["{$qual}_pass_date"] ?? null;
if ($pass_date === '') {
$pass_date = null;
}
$mode = $_POST["{$qual}_mode"] ?? null;
if ($mode === '') {
$mode = null;
}
$remarks = $_POST["{$qual}_remarks"] ?? '';
if ($school || $board || $subjects || $marks || $scale || $pass_date || $mode || $remarks) {
$stmt->bind_param("issssdssss", $application_id, $qual, $school, $board, $subjects, $marks, $scale, $pass_date, $mode, $remarks);
$stmt->execute();
}
}
$stmt->close();
// 3. Trade Details
$stmt = $conn->prepare("INSERT INTO tech_trade_details (
application_id, trade_name, trade_certificate, trade_board, from_date, to_date, year_of_passing, percentage
) VALUES (?, ?, ?, ?, ?, ?, ?, ?)");
$trade_name = $_POST['trade_name'] ?? '';
$trade_certificate = $_POST['trade_certificate'] ?? '';
$trade_board = $_POST['trade_board'] ?? '';
$from_date = $_POST['trade_from_date'] ?? null;
if ($from_date === '') {
$from_date = null;
}
$to_date = $_POST['trade_to_date'] ?? null;
if ($to_date === '') {
$to_date = null;
}
$year_of_passing = $_POST['trade_year'] !== '' ? intval($_POST['trade_year']) : null;
$percentage = $_POST['trade_percentage'] !== '' ? floatval($_POST['trade_percentage']) : null;
$stmt->bind_param(
"isssssii",
$application_id,
$trade_name,
$trade_certificate,
$trade_board,
$from_date,
$to_date,
$year_of_passing,
$percentage
);
$stmt->execute();
$stmt->close();
// 4. Work Experience
if (!empty($_POST['experience'])) {
$stmt = $conn->prepare("INSERT INTO tech_experience (
application_id, org_type, organization, position, from_date, to_date, nature_of_work, last_pay, job_status
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)");
foreach ($_POST['experience'] as $exp) {
$org_type = $exp['org_type'] ?? '';
$organization = $exp['organization'] ?? '';
$position = $exp['position'] ?? '';
$from_date = $exp['from'] ?? null;
if ($from_date === '') {
$from_date = null;
}
$to_date = $exp['to'] ?? null;
if ($to_date === '') {
$to_date = null;
}
$nature = $exp['nature'] ?? '';
$last_pay = $exp['last_pay'] ?? '';
$status = $exp['status'] ?? '';
$stmt->bind_param(
"issssssss",
$application_id,
$org_type,
$organization,
$position,
$from_date,
$to_date,
$nature,
$last_pay,
$status
);
$stmt->execute();
}
$stmt->close();
}
// 5. Uploads
$uploadBaseDir = "sites/upload/tech_applications/";
$absPath = dirname(__DIR__) . "/public_html/$uploadBaseDir";
$relPath = $uploadBaseDir . $application_id . '/';
$fullAbsPath = $absPath . $application_id . '/';
// CHMOD 777 USED here
if (!is_dir($fullAbsPath)) mkdir($fullAbsPath, 0777, true);
$allowedMimes = ['image/jpeg', 'image/png', 'application/pdf'];
$maxSizes = [
'photograph' => 100 * 1024,
'signature' => 100 * 1024,
'category_certificate' => 1024 * 1024,
'disability_certificate' => 1024 * 1024,
'ssc_marksheet' => 1024 * 1024,
'hsc_marksheet' => 1024 * 1024,
'trade_certificate' => 1024 * 1024
];
$stmt = $conn->prepare("INSERT INTO tech_uploads (application_id, document_type, file_path) VALUES (?, ?, ?)");
foreach (array_merge($required_files, ['hsc_marksheet', 'trade_certificate']) as $field) {
if (isset($_FILES[$field]) && $_FILES[$field]['error'] === UPLOAD_ERR_OK) {
$file = $_FILES[$field];
$mime = (new finfo(FILEINFO_MIME_TYPE))->file($file['tmp_name']);
if (!in_array($mime, $allowedMimes)) throw new Exception("Invalid file type for $field");
if ($file['size'] > ($maxSizes[$field] ?? 1048576)) throw new Exception("File too large: $field");
$ext = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION));
$safeName = uniqid($field . '_', true) . '.' . $ext;
$destAbs = $fullAbsPath . $safeName;
$destRel = $relPath . $safeName;
if (!move_uploaded_file($file['tmp_name'], $destAbs)) throw new Exception("Upload failed for $field");
$stmt->bind_param("iss", $application_id, $field, $destRel);
$stmt->execute();
}
}
$stmt->close();
$date_only = date("dmY");
$registration_id = $date_only . "U" . $user_id . "A" . $ad_id . "P" . $post_id;
$outputPath = genTechApplicationHtml($user_id, $post_id, $application_id, $registration_id, $ad_id);
// 6. Insert into master application table
$stmt = $conn->prepare("INSERT INTO all_applications (user_id,registration_id, post_id, ad_id, application_type, application_table_id, status, pdf_path) VALUES (?, ?, ?, ?, ?, ?, ?, ?)");
$app_type = 'tech';
$status = 'submitted';
$stmt->bind_param("isiisiss", $user_id, $registration_id, $post_id, $ad_id, $app_type, $application_id, $status, $outputPath);
$stmt->execute();
$stmt->close();
$conn->commit();
$_SESSION['app_submitted'] = "True";
unset($_SESSION['active_post_id']);
header("Location: dashboard.php?submitted=1");
exit;
} catch (Exception $e) {
$conn->rollback();
// $_SESSION['form_errors'] = [$e->getMessage()];
header("Location: tech_form.php?post_id=$post_id");
$_SESSION["flash"] = [$e->getMessage()];
exit;
} finally {
$conn->close();
}