Location: PHPKode > projects > QuickTalk Forum > quicktalk/qtf_form_edit.php
<?php

/**
* PHP versions 4 and 5
*
* LICENSE: This source file is subject to version 3.0 of the PHP license
* that is available through the world-wide-web at the following URI:
* http://www.php.net/license.  If you did not receive a copy of
* the PHP License and are unable to obtain it through the web, please
* send a note to hide@address.com so we can mail you a copy immediately.
*
* @package    QuickTalk
* @author     Philippe Vandenberghe <hide@address.com>
* @copyright  2008-2012 The PHP Group
* @version    2.5 build:20100924
*
* About text coding in the database
* This script will convert the text before inserting into the dabase as follow:
* 1) stripslashes
* 2) htmlspecialchar($text,ENT_QUOTES) <>&"' are converted to html
* 3) bbcodes remain UNCHANGED. They are converted while displayed
*/

session_start();
require_once('bin/qtf_init.php');
if ( !$oVIP->CanView('V6') ) die(Error(11));

function DelayAcceptable($intPosts=0)
{
  if ( isset($_SESSION[QT]['posts_delay']) ) { $intMax = intval($_SESSION[QT]['posts_delay']); } else { $intMax=5; }
  if ( $intPosts==0 ) return TRUE;
  if ( isset($_SESSION['qtf_usr_lastpost']) ) {
  if ( !empty($_SESSION['qtf_usr_lastpost']) ) {
    if ( $_SESSION['qtf_usr_lastpost']+$intMax >= time() ) return FALSE;
  }}
  return TRUE;
}

function PostsTodayAcceptable($intMax)
{
  global $oVIP;
  if ( $oVIP->id<2 || $oVIP->numpost==0 ) return TRUE;

  // count if not yet defined
  if ( !isset($_SESSION['qtf_usr_posts_today']) )
  {
    global $oDB;
    switch(substr($oDB->type,0,5))
    {
    case 'mysql': $oDB->Query( 'SELECT count(id) as td FROM '.TABPOST.' WHERE userid='.$oVIP->id.' AND LEFT(issuedate,8) = "'.date('Ymd').'"' ); break;
    case 'mssql': $oDB->Query( 'SELECT count(id) as td FROM '.TABPOST.' WHERE userid='.$oVIP->id.' AND LEFT(issuedate,8) = "'.date('Ymd').'"' ); break;
    case 'pg':    $oDB->Query( 'SELECT count(id) as td FROM '.TABPOST.' WHERE userid='.$oVIP->id.' AND SUBSTRING(issuedate,1,8) = "'.date('Ymd').'"' ); break;
    case 'ibase': $oDB->Query( 'SELECT count(id) as td FROM '.TABPOST.' WHERE userid='.$oVIP->id.' AND SUBSTRING(issuedate FROM 1 FOR 8) = "'.date('Ymd').'"' ); break;
    case 'sqlit': $oDB->Query( 'SELECT count(id) as td FROM '.TABPOST.' WHERE userid='.$oVIP->id.' AND SUBSTR(issuedate,1,8) = "'.date('Ymd').'"' ); break;
    case 'db2':   $oDB->Query( 'SELECT count(id) as td FROM '.TABPOST.' WHERE userid='.$oVIP->id.' AND SUBSTR(issuedate,1,8) = "'.date('Ymd').'"' ); break;
    case 'oci':   $oDB->Query( 'SELECT count(id) as td FROM '.TABPOST.' WHERE userid='.$oVIP->id.' AND SUBSTR(issuedate,1,8) = "'.date('Ymd').'"' ); break;
    default: die('Unknown db type '.$oDB->type);
    }
    $row = $oDB->Getrow();
    $_SESSION['qtf_usr_posts_today'] = intval($row['td']);
  }
  if ( $_SESSION['qtf_usr_posts_today']<$intMax ) return TRUE;
  return FALSE;
}

// --------
// INITIALISE
// --------

$a = -1;
if ( isset($_GET['a']) ) $a = $_GET['a'];
if ( isset($_POST['a']) ) $a = $_POST['a'];
if ( !in_array($a,array('nt','re','ed','qu')) ) die('Missing parameters a');

$t = -1;
if ( isset($_GET['t']) ) $t = intval($_GET['t']);
if ( isset($_POST['t']) ) $t = intval($_POST['t']);

$oTopic = new cTopic(($t>=0 ? $t : null));

$s = $oTopic->section; // can be -1 (new topic)
if ( $s<0 )
{
if ( isset($_GET['s']) ) $s = intval($_GET['s']);
if ( isset($_POST['s']) ) $s = intval($_POST['s']);
}
if ( $s<0 ) die('Missing parameters: section');

$p = -1;
if ( isset($_GET['p']) ) $p = intval($_GET['p']);
if ( isset($_POST['p']) ) $p = intval($_POST['p']);

$oSEC = new cSection($s);
$oPost = new cPost(($p>=0 ? $p : null));

// initialise others

$now = date('Ymd His');
$bPreview = false;
$bUpload = false;
$intBehalf = -1;
$strBehalf = '';

$oVIP->selfurl  = 'qtf_form_edit.php';
$oVIP->selfname = $L['Message'];
if ( $a=='nt' ) $oVIP->selfname = $L['Post_new_topic'];
if ( $a=='re' ) $oVIP->selfname = $L['Post_reply'];
if ( $a=='qu' ) $oVIP->selfname = $L['Post_reply'];
if ( $a=='ed' ) $oVIP->selfname = $L['Edit_message'];
$oVIP->exiturl  = 'qtf_topic.php?t='.$t;
$oVIP->exitname = $L['Topics'];

include('bin/qtf_fn_sql.php');

// --------
// SUBMITTED
// --------

// ::::::::
if ( isset($_POST['dosend']) || isset($_POST['dopreview']) ) {
// ::::::::

$error = $oPost->SetFromPost($a!='ed'); // FALSE means author must not be changed because editing an existing message

// modifuser is the current editor/creator (can be the onbehalf)
// In case of New message (or Reply or Quote), this one becomes the creator (Puserid=Pmodifuser)
// In case of Edit existing message, Puserid is not changed but the Pmodifuser can be saved (if Pmodifuser!=Puserid)

$oPost->modifuser = $oVIP->id;
$oPost->modifname = $oVIP->username;

// Read submitted fields
 
if ( isset($_POST['icon']) )   { $oPost->icon = substr($_POST['icon'],0,2); }
if ( isset($_POST['title']) )  { $oPost->title = trim($_POST['title']); if ( get_magic_quotes_gpc() ) $oPost->title = stripslashes($oPost->title); }
if ( isset($_POST['text']) )   { $oPost->text = trim($_POST['text']); if ( get_magic_quotes_gpc() ) $oPost->text = stripslashes($oPost->text); }
if ( isset($_POST['behalf']) ) { $strBehalf = trim($_POST['behalf']); if ( get_magic_quotes_gpc() ) $strBehalf = stripslashes($strBehalf); }
if ( isset($_POST['oldattach']) ) $oPost->attach = $_POST['oldattach'];

// Complete if missing behalf name

if ( $strBehalf!='' )
{
  $strBehalf = htmlspecialchars($strBehalf,ENT_QUOTES);
  $arrNames = GetUsers('name',$strBehalf);
  if ( !empty($arrNames) ) { foreach($arrNames as $intKey=>$strValue) { $intBehalf = $intKey; } }
  if ( $intBehalf<0 ) $error = $L['Send_on_behalf'].S.$L['E_invalid'];
  $oPost->modifuser = $intBehalf;
  $oPost->modifname = $strBehalf;
}

// Identify user

if ( $a!='ed' )
{
  $oPost->userid = $oPost->modifuser;
  $oPost->username = $oPost->modifname;
}

// Mandatory submitted fields

$oPost->title = QTbbc($oPost->title);
if ( $a=='nt' && $oPost->title=='' && $oSEC->titlefield==2 ) $error = $L['E_no_title'];

if ( strlen($oPost->text)>$_SESSION[QT]['chars_per_post'] ) $error = $L['E_too_long'].S.sprintf($L['E_char_max'], $_SESSION[QT]['chars_per_post']);
if ( substr_count($oPost->text,"\n")>$_SESSION[QT]['lines_per_post'] ) $error = $L['E_too_long'].S.sprintf($L['E_line_max'], $_SESSION[QT]['lines_per_post']);

$oPost->text = substr( $oPost->text, 0, $_SESSION[QT]['chars_per_post'] );
$oTopic->preview = QTbbc($oPost->text);

if ($oPost->text=='') $error = $L['Message'].S.$L['E_invalid'];

// Check submitted rules (when sending the message)

if ( isset($_POST['dosend']) && empty($error) )
{
  // check maximum post per user/minutes
  if ( !DelayAcceptable($oVIP->numpost) ) $error=$L['E_wait'];

  // check maximum post per day (not for moderators)
  if ( empty($error) )
  {
    if ( $oVIP->role=='U' || $oVIP->role=='V' ) {
    if ( !PostsTodayAcceptable(intval($_SESSION[QT]['posts_per_day'])) ) {
      $error=$L['E_too_much'];
      // exit
      $oVIP->exiturl = "qtf_topics.php?s=$s";
      $oVIP->EndMessage(NULL,$error,$_SESSION[QT]['skin_dir'],0);
    }}
  }

  // check message
  if ( empty($error) )
  {
    // ----------
    // module antispam
    if ( UseModule('antispam') ) include('qtfm_antispam.php');
    // ----------
  }

  // check upload
  if ( empty($error) ) {
  if ( $_SESSION[QT]['upload']!='0' ) {
  if ( !empty($_FILES['attach']['name']) ) {

    include('bin/qtf_upload.php');
    $error = InvalidUpload($_FILES['attach'],$arrFileextensions,$arrMimetypes,intval($_SESSION[QT]['upload_size'])*1024+16);
    if ( empty($error) )
    {
      $strUpload=strtr($_FILES['attach']['name'],'éèêëÉÈÊËáàâäÁÀÂÄÅåíìîïÍÌÎÏóòôöÓÒÔÖõÕúùûüÚÙÛÜ','eeeeeeeeaaaaaaaaaaiiiiiiiioooooooooouuuuuuuu');
      $strUpload=strtolower($strUpload);
      $strUpload=preg_replace('/[^a-z0-9_\-\.]/i', '_', $strUpload);
      $bUpload=true;
    }

  }}}

}

// ::::::::
}
// ::::::::

// ::::::::
if ( isset($_POST['dosend']) && empty($error) ) { 
// ::::::::

// SEND a new topic

if ( $a=='nt' )
{
  $oTopic->id = $oDB->Nextid(TABTOPIC);
  $oTopic->numid = $oDB->Nextid(TABTOPIC,'numid','WHERE forum='.$s);
  $oPost->id = $oDB->Nextid(TABPOST);
  $oPost->topic = $oTopic->id;
  $oTopic->section = $s;
  $oPost->section = $s;
    // if moderator post
    if ( isset($_POST['topictype']) ) $oTopic->type = $_POST['topictype'];
    if ( isset($_POST['topicstatus']) ) $oTopic->status = $_POST['topicstatus'];
  $oTopic->firstpostid = $oPost->id;
  $oTopic->lastpostid = $oPost->id;
  $oTopic->firstpostuser = $oVIP->id;
  $oTopic->firstpostname = $oPost->username;
  $oTopic->lastpostuser = $oVIP->id;
  $oTopic->lastpostname = $oPost->username;
  $oTopic->firstpostdate = $now;
  $oTopic->lastpostdate = $now;
    // replace empty title
    if ( empty($oPost->title) ) $oPost->title = QTunbbc(QTcompact($oPost->text,50,' '));
  $oPost->type = 'P';
  $oPost->issuedate = $now;
  if ( $bUpload )
  {
    if ( !empty($_POST['oldattach']) ) { if ( file_exists(QTF_DIR_DOC.$_POST['oldattach']) ) unlink(QTF_DIR_DOC.$_POST['oldattach']); }
    $strDir = TargetDir(QTF_DIR_DOC,$oPost->id);
    $oPost->attach = $strDir.$oPost->id.'_'.$strUpload;
    copy($_FILES['attach']['tmp_name'],QTF_DIR_DOC.$oPost->attach);
    unlink($_FILES['attach']['tmp_name']);            
  }

  $oPost->InsertPost(false);
  $oTopic->InsertTopic(true);
  $oVIP->numpost++;

  // ----------
  // module rss
  if ( UseModule('rss') ) { if ( $_SESSION[QT]['m_rss']=='1' ) include('qtfm_rss_inc.php'); }
  // ----------

}

// SEND a reply

if ( $a=='re' || $a=='qu' )
{

  $oPost->id = $oDB->Nextid(TABPOST);
  $oPost->topic = $t;
  $oPost->section = $s;
  $oPost->type = 'R';
  $oPost->issuedate = $now;
  if ( $bUpload )
  {
    if ( !empty($_POST['oldattach']) ) { if ( file_exists(QTF_DIR_DOC.$_POST['oldattach']) ) unlink(QTF_DIR_DOC.$_POST['oldattach']); }
    $strDir = TargetDir(QTF_DIR_DOC,$oPost->id);
    $oPost->attach = $strDir.$oPost->id.'_'.$strUpload;
    copy($_FILES['attach']['tmp_name'],QTF_DIR_DOC.$oPost->attach);
    unlink($_FILES['attach']['tmp_name']);            
  }

  $oPost->InsertPost(true);
  $oVIP->numpost++;

  // update topic stats and close topic if full (and lastpost topic info)
  $oTopic->UpdateTopicStats($oTopic->id,$_SESSION[QT]['posts_per_topic'],$oPost);

  // topic status/type (from staff)
  if ( isset($_POST['topictype']) )
  {
    if ( $_POST['topictype']!=$_POST['oldtype'] ) $oTopic->SetType($oTopic->id,$_POST['topictype']);
  }
  if ( isset($_POST['topicstatus']) )
  {
    if ( $_POST['topicstatus']!=$_POST['oldstatus'] ) $oTopic->SetStatus($_POST['topicstatus']);
  }

  // topic status (from user)
  if ( isset($_POST['topicstatususer']) ) { if ( $_POST['topicstatususer'][0]=='1' ) $oTopic->SetStatus('1'); }

}

// SEND a edit

if ( $a=='ed' )
{

  if ( $oSEC->titlefield==0 && $oPost->type=='P' )
  {
  $oPost->title = QTunbbc(QTcompact($oPost->text,50,' '));
  }
  if ( empty($oPost->title) && $oPost->type=='P' )
  {
  $oPost->title = QTunbbc(QTcompact($oPost->text,50,' '));
  }

  $strModif = '';

  // modifdate+modifuser if editor is not the creator
  if ( $oPost->modifuser!=$oPost->userid ) $strModif=', modifdate="'.date('Ymd His').'", modifuser='.$oPost->modifuser.', modifname="'.$oPost->modifname.'"';
  // modifdate+modifuser if not the last message
  if ( $oTopic->lastpostid!=$oPost->id ) $strModif=', modifdate="'.date('Ymd His').'", modifuser='.$oPost->modifuser.', modifname="'.$oPost->modifname.'"';

  if ( $bUpload )
  {
    if ( !empty($_POST['oldattach']) ) { if ( file_exists(QTF_DIR_DOC.$_POST['oldattach']) ) unlink(QTF_DIR_DOC.$_POST['oldattach']); }
    $strDir = TargetDir(QTF_DIR_DOC,$oPost->id);
    $oPost->attach = $strDir.$oPost->id.'_'.$strUpload;
    copy($_FILES['attach']['tmp_name'],QTF_DIR_DOC.$oPost->attach);
    unlink($_FILES['attach']['tmp_name']);            
  }

  // if drop attachement
  if ( isset($_POST['drop']) ) { if ( $_POST['drop'][0]=='1' ) $oPost->Dropattach(); }

  // save edits
  if ( $oDB->type=='db2' )
  {
  $oDB->Query( 'UPDATE '.TABPOST.' SET title="'.$oPost->FormatTitleForInsert($oPost->title).'", icon="'.$oPost->icon.'",textmsg="'.addslashes($oPost->text).'",",textmsg2="'.substr(addslashes($oPost->text),0,255).'",attach="'.$oPost->attach.'" '.$strModif.' WHERE id='.$oPost->id );
  }
  else
  {
  $oDB->Query( 'UPDATE '.TABPOST.' SET title="'.$oPost->FormatTitleForInsert($oPost->title).'", icon="'.$oPost->icon.'",textmsg="'.addslashes($oPost->text).'",attach="'.$oPost->attach.'" '.$strModif.' WHERE id='.$oPost->id );
  }

  // topic type (from staff)
  if ( isset($_POST['topictype']) )
  {
    if ( $_POST['topictype']!=$_POST['oldtype'] ) $oTopic->SetType($oTopic->id,$_POST['topictype']);
  }
  // topic status (from staff)
  if ( isset($_POST['topicstatus']) ) {
  if ( $_POST['topicstatus']!=$_POST['oldstatus'] ) {
    $oTopic->SetStatus($_POST['topicstatus']);
  }}
  // topic status (from user)
  if ( isset($_POST['topicstatususer']) ) { 
  if ( $_POST['topicstatususer'][0]=='1' ) {
    $oTopic->SetStatus('1');
  }}
}

// exit
$oVIP->exiturl = 'qtf_topic.php?t='.$oPost->topic.'#'.$oPost->id;
$str = ''; if ( $oSEC->numfield!='N' ) $str='<b>'.sprintf($oSEC->numfield,$oTopic->numid).'</b><br/>';
$oVIP->EndMessage(NULL,$str.$L['S_message_saved'].(empty($warning) ? '' : '<br/><br/>'.$warning),$_SESSION[QT]['skin_dir'],2);

// ::::::::
}
// ::::::::

// --------
// HTML START
// --------

if ( $a=='nt' )
{
  $oPost->icon = '00';
  $oPost->type = 'P';
}
if ( $a=='qu' )
{
  if ( $t<0 ) die('Missing parameters: topicid');
  if ( $p<0 ) die('Missing parameters: postid');
  $oPost->title = '';
  $oPost->text = "[quote=$oPost->username]$oPost->text[/quote]";
  // rest must be as reply
  $a = 're';
}
if ( $a=='re' )
{
  if ( $t<0 ) die('Missing parameters: topicid');
  $oPost->icon = '00';
  $oPost->type = 'R';
}
if ( $a=='ed' )
{
  if ( $t<0 ) die('Missing parameters: topicid');
  if ( $p<0 ) die('Missing parameters: postid');
}

$bJauto = $oVIP->IsStaff();
if ( $_SESSION[QT]['bbc']!='0' )
{
$oVIP->arrJava[]='bin/qtf_bbc.js';
$oVIP->arrCss[] = '../bin/css/qtf_bbc.css';
}
$strHeadScript = '';
if ( $bJauto ) 
{
$strHeadScript .= '<link rel="stylesheet" type="text/css" href="bin/css/qt_jquery.css"/>
<script type="text/javascript" src="bin/qt_jquery.js"></script>
<script type="text/javascript" src="bin/qt_jquery_auto.js"></script>
<script type="text/javascript">
<!--
$(document).ready(function() {
  $("#behalf").autocomplete("qtf_j_name.php", { selectFirst: false });
});
-->
</script>
';
}

if ( CanPerform('upload',$oVIP->role) ) { $intBbc=3; } else { $intBbc=2; }
$bJava=true;

include('qtf_p_header.php');

// PREVIEW

if ( isset($_POST['dopreview']) && empty($error) )
{
  echo '<h2>',$L['Preview'],'</h2>',N;

  // get user info
  $oDB->Query('SELECT signature,picture,location,role FROM '.TABUSER.' WHERE id='.$oPost->userid);
  $row = $oDB->Getrow();
  $oPost->userloca = $row['location'];
  $oPost->useravat = $row['picture'];
  $oPost->usersign = $row['signature'];
  $oPost->userrole = $row['role'];
  $oPost->issuedate = $now;
  $oPost->Show($oSEC,$oTopic,true,'','',$_SESSION[QT]['skin_dir'],'1');
}

// FORM START

echo '<h2>',$oVIP->selfname,'</h2>',N;
if ( !empty($error) ) echo '<p class="error">',$error,'</p>';

echo '
<script type="text/javascript">
<!--
function ValidateForm(theButton)
{
  theForm = theButton.form;
  if (theForm.text.value.length==0) { alert(qtHtmldecode("',$L['E_mandatory'],': ',$L['Message'],'")); return false; }
  if (theForm.text.value.length>',$_SESSION[QT]['chars_per_post']*1000,') { alert(qtHtmldecode("',$L['E_too_long'],': ',$L['Maximum'],' ',$_SESSION[QT]['chars_per_post'],'")); return false; }

  if ( theButton.name=="dosend" )
  {
    theForm.action="',$oVIP->selfurl,'";
    theForm.target="";
  }
  else
  {
    if ( theForm.attach )
    {
      if ( theForm.attach.value.length>1 )
      {
      theForm.action="qtf_form_preview.php";
      theForm.target="_blank";
      }
    }
  }
  return true;
}
-->
</script>

<form id="form_edit" method="post" action="',$oVIP->selfurl,'" enctype="multipart/form-data">
<input type="hidden" name="s" value="',$s,'"/>
<input type="hidden" name="t" value="',$t,'"/>
<input type="hidden" name="a" value="',$a,'"/>
<input type="hidden" name="p" value="',$oPost->id,'"/>
<input type="hidden" name="oldtype" value="',$oTopic->type,'"/>
<input type="hidden" name="oldstatus" value="',$oTopic->status,'"/>
';
if ( $oVIP->IsStaff() )
{
  echo '<div class="modboard"><span class="modboard">',N;
  echo $L['Type'],' <select class="small" name="topictype" size="1">',N;
  echo QTasTag($oVIP->GetTypes(),$oTopic->type,array('current'=>$oTopic->type,'classC'=>'bold'));
  echo '</select>',N;
  echo S,$L['Status'],' <select class="small" name="topicstatus" size="1">',N;
  echo QTasTag($oVIP->GetStatuses(),$oTopic->status,array('current'=>$oTopic->status,'classC'=>'bold'));
  echo '</select>',N;
  echo S,$L['Send_on_behalf'],S,'<input class="small" type="text" name="behalf" id="behalf" size="12" maxlength="24" value="'.(isset($strBehalf) ? $strBehalf : '').'"/></span>',N;
  echo '</div>',N;
}

echo '<table class="data_o" cellspacing="0" summary="edit form">',N;

// PREFIX ICON

echo '<tr>';
echo '<td class="colhd colhdfirst" style="width:100px">',$L['Smiley'],'</td>';
echo '<td class="colct">',N;
for ($i=0;$i<10;$i++)
{
  if ( file_exists($_SESSION[QT]['skin_dir'].'/ico_prefix_'.$oSEC->prefix.'_0'.$i.'.gif') )
  {
  echo '<input type="radio" name="icon" id="i0',$i,'" value="0',$i,'"',($oPost->icon=='0$i' ? QCHE : ''),'/><label for="i0',$i,'"><img class="ico i_pre" src="',$_SESSION[QT]['skin_dir'],'/ico_prefix_',$oSEC->prefix,'_0',$i,'.gif" alt="smile" title="',$L['Ico_prefix'][$oSEC->prefix.'_0'.$i],'"/></label> &nbsp;',N;
  }
}
echo '<input type="radio" name="icon" id="00" value="00"',($oPost->icon=='00' ? QCHE : ''),'/><label for="00">',$L['None'],'</label></td>';
echo '</tr>',N;

// TITLE

if ( $oSEC->titlefield!=0 )
{
echo '<tr>',N;
echo '<td class="colhd colhdfirst"><label for="title">',$L['Title'],'</label></td>',N;
echo '<td class="colct"><input type="text" id="title" name="title" size="80" maxlength="64" value="',QTconv($oPost->title,'3',QTF_CONVERT_AMP),'" tabindex="1"/></td>',N;
echo '</tr>',N;
}

// MESSAGE

echo '<tr>';
echo '<td class="colhd colhdfirst"><label for="text">',$L['Message'],'</label></td>';
echo '<td class="colct">';

    echo '<table class="hidden" cellspacing="0" summary="edit message">',N;
    if ( $_SESSION[QT]['bbc']!='0' )
    {
    echo '<tr class="hidden">',N;
    echo '<td style="height:22px"><ul class="bbc">',N;
    include('qtf_form_button.php');
    echo '</ul></td>',N;
    echo '</tr>',N;
    }
    echo '<tr class="hidden">',N;
    echo '<td class="hidden">',N;
    echo '<a href="textarea"></a><textarea id="text" name="text" ',(strlen($oPost->text)>500 ? 'rows="30" cols="85"' : 'rows="15" cols="80"' ),' tabindex="2">',QTconv($oPost->text,'3',QTF_CONVERT_AMP,false),'</textarea>',N;
    if ( CanPerform('upload',$oVIP->role) ) 
    {
    echo '<br/><a href="#" id="attachlink" style="display:none" class="small" onclick="document.getElementById(\'attachtr\').style.display=\'table-row\'; document.getElementById(\'attachlink\').style.display=\'none\';">',$L['Attachment'],'</a>';
    } 
    echo '</td>',N;
    echo '</tr>',N;
    echo '</table>',N;
    

echo '</td></tr>',N;

// ATTACHMENT

if ( CanPerform('upload',$oVIP->role) )
{
  $intMax = intval($_SESSION[QT]['upload_size'])*1024;
  echo '<tr id="attachtr">';
  echo '<td class="colhd colhdfirst"><label for="attach">',$L['Attachment'],'</label></td>';
  echo '<td class="colct">';
  if ( !empty($oPost->attach) )
  {
    if ( strstr($oPost->attach,'/') ) { $str = substr(strrchr($oPost->attach,'/'),1); } else { $str=$oPost->attach; }
    if ( substr($str,0,strlen($oPost->id.'_'))==($oPost->id).'_' ) $str = substr($str,strlen($oPost->id.'_'));
    echo AsImg($_SESSION[QT]['skin_dir'].'/ico_attachment.gif','-',$L['Attachment']),S,$str,'<input type="hidden" id="oldattach" name="oldattach" value="',$oPost->attach,'"/>';
    echo ' &middot; <input type="checkbox" id="drop" name="drop[]" value="1"/><label for="drop">&nbsp;',$L['Drop_attachment'],'</label>';
  }
  else
  {
    echo '<input type="hidden" name="MAX_FILE_SIZE" value="',$intMax,'"/>';
    echo '<input type="file" id="attach" name="attach" size="42" tabindex="3"/>';
  }
  echo '</td></tr>',N;
}

// SUBMIT

echo '<tr>',N;
echo '<td class="colhd colhdfirst">&nbsp;</td>',N;
echo '<td class="colct">',N;

if ( $oTopic->status=='0' && $oTopic->firstpostuser==$oVIP->id )
{
  // topic status (from user)
  $bChecked = false;
  if ( isset($_POST['topicstatususer']) ) { if ( $_POST['topicstatususer'][0]=='1' ) $bChecked=true; }
  echo '<input type="checkbox" id="topicstatususer" name="topicstatususer[]" value="1"',($bChecked ? QCHE : ''),'/><label for="topicstatususer">&nbsp;',$L['Close_my_topic'],'</label>&nbsp;';
}

echo '&nbsp;<input type="submit" id="dopreview" name="dopreview" value="',$L['Preview'],'" onclick="return ValidateForm(this);"/>';
echo '&nbsp;<input type="submit" id="dosend" name="dosend" value="',$L['Send'],'" tabindex="3" onclick="return ValidateForm(this);"/>&nbsp;',N;
echo '</td>',N;
echo '</tr>',N;

// FORM END

echo '
</table>
</form>
';

// PREVIOUS POSTS

if ( $a=='re' || $a=='qu' )
{
  echo '<h2>',$L['Previous_replies'],'</h2>',N;
  // ========
  $strState = 'p.*, u.role, u.location, u.picture, u.signature FROM '.TABPOST.' p, '.TABUSER.' u WHERE p.userid = u.id AND p.topic='.$oTopic->id.' ';
  $oDB->Query( LimitSQL($strState,'p.id DESC',0,5) );
  // ========
  $intPosts = 5;
  $iMsgNum = $oTopic->replies + 2;
  $intWhile= 0;
  $strAlt  = 'r1';
  $bButton = false;
  $bAvatar = false;
  // ========
  while($row=$oDB->Getrow())
  {
    $iMsgNum = $iMsgNum-1;
    $oPost = new cPost($row,$iMsgNum);
    $strButton='';
    if ( !empty($oPost->modifuser) ) $strButton .= '<td class="post_modif"><span class="small">&nbsp;'.$L['Modified_by'].' <a href="qtf_user.php?id='.$oPost->modifuser.'" class="small">'.$oPost->modifname.'</a> ('.QTdatestr($oPost->modifdate,'$','$',true,true).')</span></td>'.N;
    if ( !empty($strButton) ) $strButton .= '<td class="hidden">'.S.'</td>'.N;
    if ( !empty($strButton) ) $strButton = '<table class="hidden" cellspacing="0" style="margin:10px 0 1px 0;" summary="edit"><tr>'.$strButton.'</tr></table>'.N;
    $oPost->text = QTcompact($oPost->text); // Pre processing data (compact, no button)
    $oPost->Show($oSEC,$oTopic,false,$strButton,'',$_SESSION[QT]['skin_dir'],$strAlt);
    if ( $strAlt=='r1' ) { $strAlt='r2'; } else { $strAlt='r1'; }
    $intWhile++;
  }
  // ========
}

// HTML END

$strFooterAddScript = '
<script type="text/javascript">
<!--
if ( document.getElementById("attachlink") ) document.getElementById("attachlink").style.display="inline";
if ( document.getElementById("attachtr") ) document.getElementById("attachtr").style.display="none";
-->
</script>
';

include('qtf_p_footer.php');

?>
Return current item: QuickTalk Forum