<?
/*
   KISGB - a Guest Book script written in PHP.
   Copyright (C) 2001-2002 Gaylen Fraley
   hide@address.com

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   License file for more details.
*/
require("config.php");
require("functions.php");
metaTags();
if ($HTTP_GET_VARS['tmp_theme']>'') $theme = $HTTP_GET_VARS['tmp_theme'];
if ($HTTP_GET_VARS['tmp_lang']>'') $language = $HTTP_GET_VARS['tmp_lang'];
if ($HTTP_POST_VARS['tmp_theme']>'') $theme = $HTTP_POST_VARS['tmp_theme'];
if ($HTTP_POST_VARS['tmp_lang']>'') $language = $HTTP_POST_VARS['tmp_lang'];
require("$path_to_themes/$theme");
require("$path_to_languages/$language");
if ($use_filter_file) require("filters.inc.php");
$action = empty($HTTP_GET_VARS['action'])?$HTTP_POST_VARS['action']:$HTTP_GET_VARS['action'];
$msgid = $HTTP_GET_VARS['msgid'];
$vpass = $HTTP_POST_VARS['vpass'];
$msg = $HTTP_POST_VARS['msg'];
if ($HTTP_GET_VARS['start']>'') $start = $HTTP_GET_VARS['start'];
if ($HTTP_POST_VARS['start']>'') $start = $HTTP_POST_VARS['start'];
$PHP_SELF = $HTTP_SERVER_VARS['PHP_SELF'];
$submit = $HTTP_POST_VARS['submit'];
?>
<html>
<head>
<? js_getPointer(); ?>
	<style type="text/css">
		<?@include("style-sheet-add.php");?>
	</style>
</head>
<body>
<?
if (!isset($vpass)||$vpass="") {
	echo "<form action=\"$PHP_SELF\" method=\"post\">\n";
	echo "<input type=\"hidden\" name=\"tmp_theme\" value=\"$theme\" />";
	echo "<input type=\"hidden\" name=\"tmp_lang\" value=\"$language\" />";
	echo "<input type=\"hidden\" name=\"action\" value=\"$action\" />";
	echo "<table align=\"center\" border=\"1\"><tr><td id=\"tdadd\">";
	echo "<center>$label_password: <input name=\"vpass\" type=\"password\" value=\"\" /><br /><br />\n";
	echo "<input type=\"hidden\" name=\"msgid\" value=\"$msgid\" />\n";
	echo "<input type=\"hidden\" name=\"start\" value=\"$start\" />\n";
	echo "<input id=\"btn\" onMouseOver=\"this.style.cursor=get_pointer();\" type=\"submit\" name=\"submit\" value=\"$label_login\" />&nbsp;&nbsp;<input id=\"btn\" onMouseOver=\"this.style.cursor=get_pointer();\" type=button value=\"$label_back\" onClick=\"history.go(-1)\" /></center></td></tr></table>";
	echo "<script type=\"text/javascript\">document.forms[0].vpass.focus();</script>";
	echo "</form>\n";
	require("footer.php");
	exit;
}
#else if(isset($submit)||$vpass>"") {
$vpass = $HTTP_POST_VARS['vpass'];
$msgid = $HTTP_POST_VARS['msgid'];
$PHP_SELF  = $HTTP_SERVER_VARS['PHP_SELF'];
$row = 0;
$tmp_data = array();
$fp = fopen("$path_to_gb","r") or die("$unable_to_access_file_msg $path_to_gb");
for ($i=0;$i<16;$i++) {
	$j = $i+1;
	$head_array[$i] = ${"col$j"};
}
$rn = 0;
while ($data = fgetcsv($fp,$csv_buffer_size,",")) {
	$row++;
	if ($row>1) {
		$num = count($data);
		if ($data[0]==$msgid) {
			if ($data[0]>10000) {
				$data[2] = date($date_format,$data[0]);
				$data[3] = date($time_format,$data[0]);
			}
			for ($c=0;$c<$num;$c++) {
				$tmp_data[$rn][$c] = $data[$c];
			}
		}
	}
}
fclose($fp);
unset($data);  #release memory;
$rows = $row;

$user_is_editing = false;
$admin_is_editing = false;
if ($vpass==$tmp_data[$rn][15]||md5($vpass)==$tmp_data[$rn][15]) $user_is_editing = true;
elseif ($vpass==$admin_pw||md5($vpass)==$admin_pw) $admin_is_editing = true;
if ($allow_msg_lvl_edit_by_user&&$show_password) $edit_update = true;
else if ($allow_msg_lvl_edit_by_admin) $edit_update = true;
else $edit_update = false;
/* Routine to limit when message can be updated */
if ($msgid>10000) $tmp_date = $msgid;
else $edit_update = false;
if (time() > $tmp_date+($cutoff_date_for_updates)) $edit_update = false;
if ($admin_is_editing||($cutoff_date_for_updates<0)) $edit_update = true;

if (!$edit_update||$vpass==""||(!$allow_msg_lvl_edit_by_user&&($vpass==$tmp_data[$rn][15]||md5($vpass)==$tmp_data[$rn][15]))||($vpass!=$admin_pw&&$vpass!=md5($admin_pw)&&$vpass!=$tmp_data[$rn][15]&&md5($vpass)!=$tmp_data[$rn][15])) {
	echo "<table border=\"1\" align=\"center\"><tr><td id=\"tdadd\"><center>$not_authorized_msg</td></tr></table><p><center><a href='javascript:history.go(-1)'>$label_back</a></center></p>";
	include_once 'footer.php';
	exit;
}
$id = "tdadd";
if ($action!='edit') {
	echo "<form><center><p><a href='$root_document?action=view&start=$start&tmp_theme=$theme&tmp_lang=$language'>".$label_back."</a><br /><br />";
		echo "<table align=\"center\" rules=\"none\" cellpadding=\"$Vwindow_cellpadding\" cellspacing=\"$Vwindow_cellspacing\" border=\"$Vwindow_border\">";
		echo "<tr><td id=\"$id\">".ucwords($head_array[4]).":&nbsp;".$tmp_data[$rn][4];
		echo "</td><td id=\"$id\">".ucwords($head_array[12]).":&nbsp;".$tmp_data[$rn][12];
		echo "</td><td id=\"$id\">".ucwords($head_array[5]).":&nbsp;"."<a href=\"mailto:".$tmp_data[$rn][5]."\">".$tmp_data[$rn][5]."</a>";
		echo "</td><td id=\"$id\">".ucwords($head_array[6]).":&nbsp;".$tmp_data[$rn][6];
		echo "</td></tr><tr><td id=\"$id\">".ucwords($head_array[7]).":&nbsp;"."<a href=\"".$tmp_data[$rn][7]."\" target=_n>".$tmp_data[$rn][7]."</a>";
		echo "</td><td id=\"$id\">".ucwords($head_array[8]).":&nbsp;".$tmp_data[$rn][8];
		echo "</td><td id=\"$id\">".ucwords($head_array[9]).":&nbsp;".$tmp_data[$rn][9];
		echo "</td><td id=\"$id\">".ucwords($head_array[10]).":&nbsp;".$tmp_data[$rn][10];
		echo "</td></tr><tr><td id=\"$id\">".ucwords($head_array[11]).":&nbsp;".$tmp_data[$rn][11];
		echo "</td><td id=\"$id\">".ucwords($head_array[1]).":&nbsp;".$tmp_data[$rn][1];
		echo "</td><td id=\"$id\">".ucwords($head_array[2]).":&nbsp;".$tmp_data[$rn][2];
		echo "</td><td id=\"$id\">".ucwords($head_array[3]).":&nbsp;".$tmp_data[$rn][3];
		echo "</td></tr><tr><td  id=\"$id\">".ucwords($head_array[14]).":&nbsp;".$tmp_data[$rn][14];
		echo "<td  id=\"$id\" colspan=\"3\">".ucwords($head_array[15]).":&nbsp;"."***************";
		/* This next set of code is mostly copied right from index.php */
		$tmp_data[$rn][13] = stripslashes($tmp_data[$rn][13]);
		$tmp_data[$rn][13] = str_replace("&lt;","<",$tmp_data[$rn][13]);
		$tmp_data[$rn][13] = str_replace("&gt;",">",$tmp_data[$rn][13]);
		$tmp_data[$rn][13] = str_replace("src=smilies","src=$path_to_images/smilies",$tmp_data[$rn][13]);
		$icons_in_separate_column = false;
		if (strpos(strtolower($allowed_html_tags_no_img),"<a>")&&$allow_html) $tmp_data[$rn][13] = makeLink($tmp_data[$rn][13]);

		$start_tag = strpos(strtoupper($tmp_data[$rn][13]),"<IMG");
		if (($start_tag===false)||(is_string($start_tag)&&!$start_tag)) {
			// img tag not found
		}
		else {
			$a_tag_hold = strtolower($tmp_data[$rn][13]);
			$a_tag_errors = 0;
			$js_errors = 0;
			for ($x=0;$x<substr_count($a_tag_hold,"<img");$x++) {
				$start_tag = strpos($a_tag_hold,"<img");
				$end_tag = strpos($a_tag_hold,">",$start_tag);
				$a_tag = substr($a_tag_hold,$start_tag,$end_tag-$start_tag+1);
				$dquotes = substr_count($a_tag,"&quot;");
				$squotes = substr_count($a_tag,"&#039;");
				if ($dquotes%2||$squotes%2) $a_tag_errors++;
				// begin search and destroy for image tag javascript calls
				$cant_use = explode(",",$words_not_allowed_in_anchor_tag);
				for ($x=0;$x<count($cant_use);$x++) {
					$tstString = strpos($a_tag,strtolower($cant_use[$x]));
					if ($tstString) {
						$tmp_data[$rn][13] = substr_replace($tmp_data[$rn][13],"<img>",$start_tag,$end_tag-$start_tag+1);
						$js_errors++;
					}
				}
				// end search and destroy for image tag javascript calls
				$a_tag_hold = substr($a_tag_hold,$end_tag);
			}
			if (!$a_tag_errors) {
				$tmp_data[$rn][13] = str_replace("&quot;","\"",$tmp_data[$rn][13]);
				$tmp_data[$rn][13] = str_replace("&#039;","\'",$tmp_data[$rn][13]);
			}
		}

		$start_tag = strpos(strtoupper($tmp_data[$rn][13]),"<A");
		if (($start_tag===false)||(is_string($start_tag)&&!$start_tag)) {
			// anchor tag not found
			if (!$icons_in_separate_column&&$tmp_data[$rn][7]>""&&$show_pic&&!$hide_all) {
				$tmp_data[$rn][13] = "<a target=\"_new\" href=\"".$tmp_data[$rn][7]."\" onClick=\"if (this.blur) this.blur();\"><img border=\"0\" $pic_parms src=\"$use_picture\" /></a>&nbsp;&nbsp;".$tmp_data[$rn][13];
			}
		}
		else {
			$a_tag_hold = strtolower($tmp_data[$rn][13]);
			$a_tag_errors = 0;
			$js_errors = 0;
			for ($x=0;$x<substr_count($a_tag_hold,"<a");$x++) {
				$start_tag = strpos($a_tag_hold,"<a");
				$end_tag = strpos($a_tag_hold,">",$start_tag);
				$a_tag = substr($a_tag_hold,$start_tag,$end_tag-$start_tag+1);
				$dquotes = substr_count($a_tag,"&quot;");
				$squotes = substr_count($a_tag,"&#039;");
				if ($dquotes%2||$squotes%2) $a_tag_errors++;
				// begin search and destroy for anchor tag javascript calls
				$cant_use = explode(",",$words_not_allowed_in_anchor_tag);
				for ($x=0;$x<count($cant_use);$x++) {
					$tstString = strpos($a_tag,strtolower($cant_use[$x]));
					if ($tstString) {
						$tmp_data[$rn][13] = substr_replace($tmp_data[$rn][13],"<a>",$start_tag,$end_tag-$start_tag+1);
						$js_errors++;
					}
				}
				// end search and destroy for anchor tag javascript calls
				$a_tag_hold = substr($a_tag_hold,$end_tag);
			}
			if (!$a_tag_errors) {
				$tmp_data[$rn][13] = str_replace("&quot;","\"",$tmp_data[$rn][13]);
				$tmp_data[$rn][13] = str_replace("&#039;","\'",$tmp_data[$rn][13]);
				if (!$icons_in_separate_column&&$tmp_data[$rn][7]>"") {
					$tmp_data[$rn][13] = "<a target=\"_new\" href=\"".$tmp_data[$rn][7]."\" onClick=\"if (this.blur) this.blur();\"><img border=\"0\" $pic_parms src=\"$use_picture\" /></a>&nbsp;&nbsp;".$tmp_data[$rn][13];
				}
			}
			else {
				if (!$icons_in_separate_column&&$tmp_data[$rn][7]>"") {
					$tmp_data[$rn][13] = "<a target=\"_new\" href=\"".$tmp_data[$rn][7]."\" onClick=\"if (this.blur) this.blur();\"><img border=\"0\" $pic_parms src=\"$use_picture\" /></a>&nbsp;&nbsp;".$tmp_data[$rn][13];
				}
				$tmp_data[$rn][13] .= "<br /><b>$broken_link_msg</b>";

			}
			if ($js_errors&&a_tag_errors) $tmp_data[$rn][13] .= "<br /><b>$attempted_use_of_javascript_msg</b>";
			elseif ($js_errors) $tmp_data[$rn][13] .= "<br /><b>$attempted_use_of_javascript_msg</b>";
		}
		$allow_tags = "";
		if ($allow_html) $allow_tags .= $allowed_html_tags_no_img;
		if ($allow_smileys) $allow_tags .= "<img>";
		$tmp_data[$rn][13] = strip_tags($tmp_data[$rn][13],$allow_tags);

		echo "<tr><td id=\"$id\" colspan=\"4\">".ucwords($head_array[13]).":&nbsp;".$tmp_data[$rn][13];
		echo "</td></tr></table></center></p>";
		$rn--;
	    echo "</form>";
}
else {
		$user_is_editing = ($vpass==$tmp_data[$rn][15]||md5($vpass)==$tmp_data[$rn][15])?true:false;
		if (!$user_is_editing) include("versionclient.php");
	    echo "<form name=kisgb_form$rn action=\"updategb.php?action=edit&vpass=$vpass&start=$start&tmp_theme=$theme&tmp_lang=$language\" method=\"post\">";

		echo "<input type=\"hidden\" name=\"cgi_id\" value=\"$cgi_id\" /><input type=\"hidden\" name=\"cgi_pw\" value=\"$cgi_pw\" />";

		echo "<table align=\"center\" rules=\"none\" cellpadding=\"$Vwindow_cellpadding\" cellspacing=\"$Vwindow_cellspacing\" border=\"$Vwindow_border\">";

		if (!$user_is_editing||$show_name) echo "<tr><td id=\"$id\"><font size=2>".$head_array[4].":&nbsp;<input name=\"$head_array[4]\" value=\"".$tmp_data[$rn][4]."\" size=\"30\" />";
		else echo "<tr></td><td id=\"$id\"><input type=\"hidden\" name=\"$head_array[4]\" value=\"".$tmp_data[$rn][4]."\" />";

		if (!$user_is_editing||$show_nation) {
			echo "</td><td id=\"$id\">".$head_array[12].":&nbsp;<select name=\"nation\" >";
			include("nation.php");
			while (list($key, $value) = each($nationArray)) {
				if ($tmp_data[$rn][12]==$key) $selected = 'selected';
				else $selected = '';
				echo "<option value=$key $selected>$value</option>\n";
			}
			echo "</select>";
		}
		else echo "</td><td id=\"$id\"><input type=\"hidden\" name=\"$head_array[12]\" value=\"".$tmp_data[$rn][12]."\" />";

		if (!$user_is_editing||$show_email) echo "</td><td id=\"$id\">".$head_array[5].":&nbsp;<input name=\"$head_array[5]\" value=\"".$tmp_data[$rn][5]."\" size=\"30\" />";
		else echo "</td><td id=\"$id\"><input type=\"hidden\" name=\"$head_array[5]\" value=\"".$tmp_data[$rn][5]."\" />";

		if (!$user_is_editing||$show_home) echo "</td><td id=\"$id\">".$head_array[6].":&nbsp;<input name=\"$head_array[6]\" value=\"".$tmp_data[$rn][6]."\" size=30 maxlength=75 />";
		else echo "</td><td id=\"$id\"><input type=\"hidden\" name=\"$head_array[6]\" value=\"".$tmp_data[$rn][6]."\" />";

		if (!$user_is_editing||$show_pic) echo "</td></tr><tr><td id=\"$id\">".$head_array[7].":&nbsp;<input name=\"$head_array[7]\" value=\"".$tmp_data[$rn][7]."\" size=30 maxlength=75 />";
		else echo "</td></tr><tr><td id=\"$id\"><input type=\"hidden\" name=\"$head_array[7]\" value=\"".$tmp_data[$rn][7]."\" />";

		if (!$user_is_editing||$show_icq) echo "</td><td id=\"$id\">".$head_array[8].":&nbsp;<input name=\"$head_array[8]\" value=\"".$tmp_data[$rn][8]."\" />";
		else echo "</td><td id=\"$id\"><input type=\"hidden\" name=\"$head_array[8]\" value=\"".$tmp_data[$rn][8]."\" />";

		if (!$user_is_editing||$show_aim) echo "</td><td id=\"$id\">".$head_array[9].":&nbsp;<input name=\"$head_array[9]\" value=\"".$tmp_data[$rn][9]."\" />";
		else echo "</td><td id=\"$id\"><input type=\"hidden\" name=\"$head_array[9]\" value=\"".$tmp_data[$rn][9]."\" />";

		if (!$user_is_editing||$show_yim) echo "</td><td id=\"$id\">".$head_array[10].":&nbsp;<input name=\"$head_array[10]\" value=\"".$tmp_data[$rn][10]."\" />";
		else echo "</td><td id=\"$id\"><input type=\"hidden\" name=\"$head_array[10]\" value=\"".$tmp_data[$rn][10]."\" />";

		if (!$user_is_editing||$show_msn) echo "</td></tr><tr><td id=\"$id\">".$head_array[11].":&nbsp;<input name=\"$head_array[11]\" value=\"".$tmp_data[$rn][11]."\" />";
		else echo "</td></tr><tr><td id=\"$id\"><input type=\"hidden\" name=\"$head_array[11]\" value=\"".$tmp_data[$rn][11]."\" />";

		if (!$user_is_editing) echo "</td><td id=\"$id\">".$head_array[1].":&nbsp;<input name=\"$head_array[1]\" value=\"".$tmp_data[$rn][1]."\" />";
		else echo "<input type=\"hidden\" name=\"$head_array[1]\" value=\"".$tmp_data[$rn][1]."\" /></td><td id=\"$id\">".$head_array[1].":&nbsp;".$tmp_data[$rn][1];

		/*if (!$user_is_editing) echo "</td><td id=\"$id\">".$head_array[2].":&nbsp;<input name=\"$head_array[2]\" value=\"".$tmp_data[$rn][2]."\" />";
		else*/ echo "<input type=\"hidden\" name=\"$head_array[2]\" value=\"".$tmp_data[$rn][2]."\" /></td><td id=\"$id\">".$head_array[2].":&nbsp;".$tmp_data[$rn][2];

		/*if (!$user_is_editing) echo "</td><td id=\"$id\">".$head_array[3].":&nbsp;<input name=\"$head_array[3]\" value=\"".$tmp_data[$rn][3]."\" />";
		else*/ echo "<input type=\"hidden\" name=\"$head_array[3]\" value=\"".$tmp_data[$rn][3]."\" /></td><td id=\"$id\">".$head_array[3].":&nbsp;".$tmp_data[$rn][3];

		if ($tmp_data[$rn][14]=="on") {
			$checked = "checked";
			$style = "style=\"background-color:$admin_private_message_color;\"";
		}
		else {
			$style = "";
			$checked="";
		}
		if (!$user_is_editing||$show_private) echo "</td></tr><tr><td  id=\"$id\">".$head_array[14].":&nbsp;<input type=\"checkbox\" name=\"$head_array[14]\" $checked />";
		else echo "</td></tr><tr><td  id=\"$id\"><input type=\"hidden\" name=\"$head_array[14]\" value=\"".$tmp_data[$rn][14]."\" />";

		if (!$user_is_editing||$show_password) echo "</td><td  id=\"$id\" colspan=3>".$head_array[15].":&nbsp;<input name=\"$head_array[15]\" type=\"password\" size=\"15\" maxlength=\"10\" value=\"".$tmp_data[$rn][15]."\" />";
		else echo "</td><td  id=\"$id\" colspan=3><input type=\"hidden\" name=\"$head_array[15]\" value=\"".$tmp_data[$rn][15]."\" />";

		$tmp_data[$rn][13] = stripslashes($tmp_data[$rn][13]);


//		echo "</td></tr><tr><td id=\"$id\" colspan=4>".$head_array[13].":&nbsp;<textarea name=\"$head_array[13]\" rows=\"5\" cols=\"80\" $style>".$tmp_data[$rn][13]."</textarea>";
?>


	</td></tr><tr><td id="<?=$id?>" colspan="4"><?=$label_remaining?>:&nbsp;<input type="text" name=charleft size="5" value="<?=$charleft;?>" readonly onFocus="document.<?="kisgb_form$rn"?>.comments.focus();" />&nbsp;&nbsp;&nbsp;<?=$head_array[13]?><textarea name="comments" cols="<?=$commentBoxColumns?>" rows="<?=$commentBoxRows?>" wrap="soft" onkeyup="countchars(this.form)"><?=$tmp_data[$rn][13]?></textarea>

	<script language="JavaScript">
//		countchars(document.<?="kisgb_form$rn"?>);
		function returnLen( obj )
		{
        		if ( obj==undefined || obj==null || obj.length==0 ) return;
        		var oLen = 0;
        		for ( var i=0; i<obj.length; i++ )
        		{
                		if ( obj.charCodeAt(i)<256 )
               			 {
                       			 oLen++;
                		} else {
                       			 oLen = oLen+2;
                		}
        		}
        		return oLen;
		}

		function countchars(form) {
			var commentLen = <?=$max_comment_length;?> - returnLen(form.comments.value);
			if (commentLen < 0) {
				form.comments.value = form.comments.value.substr(0,<?=$max_comment_length;?>);
			}
			i = <?=$max_comment_length;?> - returnLen(form.comments.value);
			while ( i < 0)
			{
				form.comments.value = form.comments.value.substring(0,form.comments.value.length - 1);
				i = <?=$max_comment_length;?> - returnLen(form.comments.value);
			}
			if (isNaN(i)) i = <?=$max_comment_length;?>;
			form.charleft.value = i;
		}

		function taPos(form) {
			countchars(form);
//				form.<?=$head_array[13]?>.focus();
			form.<?=$head_array[13]?>.value=form.<?=$head_array[13]?>.value+'';
		  <?if (strpos($HTTP_USER_AGENT,'MSIE')>0) {?>
			var tr = form.<?=$head_array[13]?>.createTextRange();
			tr.move('character', <?=$max_comment_length;?>);
			tr.select();
		  <?} else {?>
			form.<?=$head_array[13]?>.value=form.<?=$head_array[13]?>.value+' ';
		  <?}?>
			form.<?=$head_array[13]?>.focus();
		}
	</script>
<?
		$time = time();
		$time_offset = ($hours_to_offset!=0) ? $hours_to_offset * 60 * 60 : 0;
		$time = $time + $time_offset;
		$date = date($date_format,$time);
		$time = date($time_format,$time);
		$cancelBtn = "<input id=\"btn\" onMouseOver=\"this.style.cursor=get_pointer();\" type=\"button\" value=\"$label_back\" onClick=\"history.go(-2);\" />&nbsp;&nbsp;";
		if ($vpass==$admin_pw) $commentIntro = 'Web Master';
		elseif ($user_is_editing) $commentIntro = $tmp_data[$rn][4];
		else $commentIntro = '???';
		$comment_btn = "<input id=\"btn\" onMouseOver=\"this.style.cursor=get_pointer();\" type=\"button\" value=\"$label_admin_comment\"  onClick=\"document.kisgb_form$rn.$head_array[13].value=document.kisgb_form$rn.$head_array[13].value+'<hr /><b>$commentIntro $label_comments_added $on ".$date." $at ".$time.":</b>&nbsp;&nbsp;';taPos(document.kisgb_form$rn);\" />&nbsp;&nbsp;";

		if ($vpass==$admin_pw||$allow_msg_lvl_delete_by_user) $delete_btn = "<input id=\"btn\" onMouseOver=\"this.style.cursor=get_pointer();\" type=\"submit\" value=\"$label_delete\" name=\"delete\" />";
		else $delete_btn = "";
		echo "</td></tr><tr><td id=\"$id\">$cancelBtn<td id=\"$id\">$comment_btn<input id=\"btn\" onMouseOver=\"this.style.cursor=get_pointer();\" type=\"button\" value=\"Smileys\" onClick=\"window.open('./showsmileys.php?tmp_theme=$theme&tmp_lang=$language&formname=kisgb_form$rn','smileys','width=$smiley_window_width,height=$smiley_window_height,scrollbars,resizable');\" />&nbsp;&nbsp;<input id=\"btn\" onMouseOver=\"this.style.cursor=get_pointer();\" type=\"submit\" value=\"$label_update\" name=\"update\" /></td><td id=\"$id\" colspan=\"3\">$delete_btn";
		echo "</td></tr></table></center></p>";
		echo "<input type=\"hidden\" name=\"msgid\" value=\"".$tmp_data[$rn][0]."\" />";
		?>
		<script>
			document.kisgb_form<?=$rn.".".$head_array[13]?>.focus();
		</script>
		<?
	    echo "</form>";
	}
	unset($tmp_data); # release memory;
	require("footer.php");
	exit;
#}
?>