/
/
home
/
u523034047
/
domains
/
psassociate.org
/
public_html
Server: in-mum-web1112.main-hosting.eu (62.72.28.111)
You: 216.73.216.52
PHP 8.3.16
Dir:
/home/u523034047/domains/psassociate.org/public_html
Edit:
/home/u523034047/domains/psassociate.org/public_html/career_submit.php
<?php /** * career_submit.php * Validates the Post Resume form, uploads resume, stores in session, * and redirects to plan selection page. * * PRODUCTION READY */ session_start(); // Suppress errors in production — log them instead error_reporting(0); ini_set('display_errors', '0'); if (isset($_POST['submit3'])) { // ===== Form Data (sanitized) ===== $name = htmlspecialchars(trim($_POST['name'] ?? ''), ENT_QUOTES, 'UTF-8'); $email = filter_var(trim($_POST['email'] ?? ''), FILTER_SANITIZE_EMAIL); $mobile = preg_replace('/[^0-9]/', '', trim($_POST['mobile'] ?? '')); $gender = htmlspecialchars(trim($_POST['gender'] ?? ''), ENT_QUOTES, 'UTF-8'); $state = htmlspecialchars(trim($_POST['state'] ?? ''), ENT_QUOTES, 'UTF-8'); $city = htmlspecialchars(trim($_POST['city_id'] ?? ''), ENT_QUOTES, 'UTF-8'); $studying = htmlspecialchars(trim($_POST['studying'] ?? ''), ENT_QUOTES, 'UTF-8'); $phone_isd = preg_replace('/[^0-9+]/', '', $_POST['phone_isd'] ?? '91'); // ===== Validation ===== if ($name === '' || $email === '' || $mobile === '') { $_SESSION['form_error'] = 'Please fill all required fields (Name, Email, Mobile).'; header("Location: post-resume.php"); exit; } if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $_SESSION['form_error'] = 'Please enter a valid email address.'; header("Location: post-resume.php"); exit; } if (strlen($mobile) < 10) { $_SESSION['form_error'] = 'Please enter a valid mobile number (min 10 digits).'; header("Location: post-resume.php"); exit; } // ===== File Upload Validation ===== if (!isset($_FILES['file']) || $_FILES['file']['error'] === UPLOAD_ERR_NO_FILE) { $_SESSION['form_error'] = 'Please upload your resume (PDF only).'; header("Location: post-resume.php"); exit; } $fileName = $_FILES['file']['name']; $tmp_name = $_FILES['file']['tmp_name']; $fileSize = $_FILES['file']['size']; $fileError = $_FILES['file']['error']; if ($fileError !== UPLOAD_ERR_OK) { $_SESSION['form_error'] = 'File upload error (code: ' . $fileError . '). Please try again.'; header("Location: post-resume.php"); exit; } $fileExt = strtolower(pathinfo($fileName, PATHINFO_EXTENSION)); if ($fileExt !== 'pdf') { $_SESSION['form_error'] = 'Only PDF files are allowed for resume upload.'; header("Location: post-resume.php"); exit; } if ($fileSize > 10 * 1024 * 1024) { $_SESSION['form_error'] = 'Resume file size should not exceed 10 MB.'; header("Location: post-resume.php"); exit; } // Verify it's actually a PDF (check MIME type) $finfo = new finfo(FILEINFO_MIME_TYPE); $mimeType = $finfo->file($tmp_name); if ($mimeType !== 'application/pdf') { $_SESSION['form_error'] = 'Invalid file type. Only genuine PDF files are accepted.'; header("Location: post-resume.php"); exit; } // Generate safe filename: timestamp + random hash $newFileName = time() . '_' . bin2hex(random_bytes(8)) . '.pdf'; // Ensure upload directory exists $uploadDir = __DIR__ . '/admin/Career/'; if (!is_dir($uploadDir)) { @mkdir($uploadDir, 0755, true); } if (move_uploaded_file($tmp_name, $uploadDir . $newFileName)) { // Store everything in session for use after payment $_SESSION['career'] = [ 'name' => $name, 'email' => $email, 'mobile' => $phone_isd . '-' . $mobile, 'gender' => $gender, 'state' => $state, 'city' => $city, 'studying' => $studying, 'resume' => $newFileName, 'submitted_at' => date('Y-m-d H:i:s'), ]; // Redirect to plan selection header("Location: phonepe/select-plan.php"); exit; } else { $_SESSION['form_error'] = 'Resume upload failed. Please try again.'; header("Location: post-resume.php"); exit; } } // If accessed directly (no POST), redirect to form header("Location: post-resume.php"); exit; ?>
Ukuran: 4.1 KB