<?php
/**
* PHP versions 4 and 5
*
* LICENSE: This source file is subject to version 3.0 of the PHP license
* that is available through the world-wide-web at the following URI:
* http://www.php.net/license. If you did not receive a copy of
* the PHP License and are unable to obtain it through the web, please
* send a note to hide@address.com so we can mail you a copy immediately.
*
* @package QuickTalk
* @author Philippe Vandenberghe <hide@address.com>
* @copyright 2008-2012 The PHP Group
* @version 2.5 build:20100924
*
* About text coding in the database
* This script will convert the text before inserting into the dabase as follow:
* 1) stripslashes
* 2) htmlspecialchar($text,ENT_QUOTES) <>&"' are converted to html
* 3) bbcodes remain UNCHANGED. They are converted while displayed
*/
session_start();
require_once('bin/qtf_init.php');
if ( !$oVIP->CanView('V6') ) die(Error(11));
function DelayAcceptable($intPosts=0)
{
if ( isset($_SESSION[QT]['posts_delay']) ) { $intMax = intval($_SESSION[QT]['posts_delay']); } else { $intMax=5; }
if ( $intPosts==0 ) return TRUE;
if ( isset($_SESSION['qtf_usr_lastpost']) ) {
if ( !empty($_SESSION['qtf_usr_lastpost']) ) {
if ( $_SESSION['qtf_usr_lastpost']+$intMax >= time() ) return FALSE;
}}
return TRUE;
}
function PostsTodayAcceptable($intMax)
{
global $oVIP;
if ( $oVIP->id<2 || $oVIP->numpost==0 ) return TRUE;
// count if not yet defined
if ( !isset($_SESSION['qtf_usr_posts_today']) )
{
global $oDB;
switch(substr($oDB->type,0,5))
{
case 'mysql': $oDB->Query( 'SELECT count(id) as td FROM '.TABPOST.' WHERE userid='.$oVIP->id.' AND LEFT(issuedate,8) = "'.date('Ymd').'"' ); break;
case 'mssql': $oDB->Query( 'SELECT count(id) as td FROM '.TABPOST.' WHERE userid='.$oVIP->id.' AND LEFT(issuedate,8) = "'.date('Ymd').'"' ); break;
case 'pg': $oDB->Query( 'SELECT count(id) as td FROM '.TABPOST.' WHERE userid='.$oVIP->id.' AND SUBSTRING(issuedate,1,8) = "'.date('Ymd').'"' ); break;
case 'ibase': $oDB->Query( 'SELECT count(id) as td FROM '.TABPOST.' WHERE userid='.$oVIP->id.' AND SUBSTRING(issuedate FROM 1 FOR 8) = "'.date('Ymd').'"' ); break;
case 'sqlit': $oDB->Query( 'SELECT count(id) as td FROM '.TABPOST.' WHERE userid='.$oVIP->id.' AND SUBSTR(issuedate,1,8) = "'.date('Ymd').'"' ); break;
case 'db2': $oDB->Query( 'SELECT count(id) as td FROM '.TABPOST.' WHERE userid='.$oVIP->id.' AND SUBSTR(issuedate,1,8) = "'.date('Ymd').'"' ); break;
case 'oci': $oDB->Query( 'SELECT count(id) as td FROM '.TABPOST.' WHERE userid='.$oVIP->id.' AND SUBSTR(issuedate,1,8) = "'.date('Ymd').'"' ); break;
default: die('Unknown db type '.$oDB->type);
}
$row = $oDB->Getrow();
$_SESSION['qtf_usr_posts_today'] = intval($row['td']);
}
if ( $_SESSION['qtf_usr_posts_today']<$intMax ) return TRUE;
return FALSE;
}
// --------
// INITIALISE
// --------
$a = -1;
if ( isset($_GET['a']) ) $a = $_GET['a'];
if ( isset($_POST['a']) ) $a = $_POST['a'];
if ( !in_array($a,array('nt','re','ed','qu')) ) die('Missing parameters a');
$t = -1;
if ( isset($_GET['t']) ) $t = intval($_GET['t']);
if ( isset($_POST['t']) ) $t = intval($_POST['t']);
$oTopic = new cTopic(($t>=0 ? $t : null));
$s = $oTopic->section; // can be -1 (new topic)
if ( $s<0 )
{
if ( isset($_GET['s']) ) $s = intval($_GET['s']);
if ( isset($_POST['s']) ) $s = intval($_POST['s']);
}
if ( $s<0 ) die('Missing parameters: section');
$p = -1;
if ( isset($_GET['p']) ) $p = intval($_GET['p']);
if ( isset($_POST['p']) ) $p = intval($_POST['p']);
$oSEC = new cSection($s);
$oPost = new cPost(($p>=0 ? $p : null));
// initialise others
$now = date('Ymd His');
$bPreview = false;
$bUpload = false;
$intBehalf = -1;
$strBehalf = '';
$oVIP->selfurl = 'qtf_form_edit.php';
$oVIP->selfname = $L['Message'];
if ( $a=='nt' ) $oVIP->selfname = $L['Post_new_topic'];
if ( $a=='re' ) $oVIP->selfname = $L['Post_reply'];
if ( $a=='qu' ) $oVIP->selfname = $L['Post_reply'];
if ( $a=='ed' ) $oVIP->selfname = $L['Edit_message'];
$oVIP->exiturl = 'qtf_topic.php?t='.$t;
$oVIP->exitname = $L['Topics'];
include('bin/qtf_fn_sql.php');
// --------
// SUBMITTED
// --------
// ::::::::
if ( isset($_POST['dosend']) || isset($_POST['dopreview']) ) {
// ::::::::
$error = $oPost->SetFromPost($a!='ed'); // FALSE means author must not be changed because editing an existing message
// modifuser is the current editor/creator (can be the onbehalf)
// In case of New message (or Reply or Quote), this one becomes the creator (Puserid=Pmodifuser)
// In case of Edit existing message, Puserid is not changed but the Pmodifuser can be saved (if Pmodifuser!=Puserid)
$oPost->modifuser = $oVIP->id;
$oPost->modifname = $oVIP->username;
// Read submitted fields
if ( isset($_POST['icon']) ) { $oPost->icon = substr($_POST['icon'],0,2); }
if ( isset($_POST['title']) ) { $oPost->title = trim($_POST['title']); if ( get_magic_quotes_gpc() ) $oPost->title = stripslashes($oPost->title); }
if ( isset($_POST['text']) ) { $oPost->text = trim($_POST['text']); if ( get_magic_quotes_gpc() ) $oPost->text = stripslashes($oPost->text); }
if ( isset($_POST['behalf']) ) { $strBehalf = trim($_POST['behalf']); if ( get_magic_quotes_gpc() ) $strBehalf = stripslashes($strBehalf); }
if ( isset($_POST['oldattach']) ) $oPost->attach = $_POST['oldattach'];
// Complete if missing behalf name
if ( $strBehalf!='' )
{
$strBehalf = htmlspecialchars($strBehalf,ENT_QUOTES);
$arrNames = GetUsers('name',$strBehalf);
if ( !empty($arrNames) ) { foreach($arrNames as $intKey=>$strValue) { $intBehalf = $intKey; } }
if ( $intBehalf<0 ) $error = $L['Send_on_behalf'].S.$L['E_invalid'];
$oPost->modifuser = $intBehalf;
$oPost->modifname = $strBehalf;
}
// Identify user
if ( $a!='ed' )
{
$oPost->userid = $oPost->modifuser;
$oPost->username = $oPost->modifname;
}
// Mandatory submitted fields
$oPost->title = QTbbc($oPost->title);
if ( $a=='nt' && $oPost->title=='' && $oSEC->titlefield==2 ) $error = $L['E_no_title'];
if ( strlen($oPost->text)>$_SESSION[QT]['chars_per_post'] ) $error = $L['E_too_long'].S.sprintf($L['E_char_max'], $_SESSION[QT]['chars_per_post']);
if ( substr_count($oPost->text,"\n")>$_SESSION[QT]['lines_per_post'] ) $error = $L['E_too_long'].S.sprintf($L['E_line_max'], $_SESSION[QT]['lines_per_post']);
$oPost->text = substr( $oPost->text, 0, $_SESSION[QT]['chars_per_post'] );
$oTopic->preview = QTbbc($oPost->text);
if ($oPost->text=='') $error = $L['Message'].S.$L['E_invalid'];
// Check submitted rules (when sending the message)
if ( isset($_POST['dosend']) && empty($error) )
{
// check maximum post per user/minutes
if ( !DelayAcceptable($oVIP->numpost) ) $error=$L['E_wait'];
// check maximum post per day (not for moderators)
if ( empty($error) )
{
if ( $oVIP->role=='U' || $oVIP->role=='V' ) {
if ( !PostsTodayAcceptable(intval($_SESSION[QT]['posts_per_day'])) ) {
$error=$L['E_too_much'];
// exit
$oVIP->exiturl = "qtf_topics.php?s=$s";
$oVIP->EndMessage(NULL,$error,$_SESSION[QT]['skin_dir'],0);
}}
}
// check message
if ( empty($error) )
{
// ----------
// module antispam
if ( UseModule('antispam') ) include('qtfm_antispam.php');
// ----------
}
// check upload
if ( empty($error) ) {
if ( $_SESSION[QT]['upload']!='0' ) {
if ( !empty($_FILES['attach']['name']) ) {
include('bin/qtf_upload.php');
$error = InvalidUpload($_FILES['attach'],$arrFileextensions,$arrMimetypes,intval($_SESSION[QT]['upload_size'])*1024+16);
if ( empty($error) )
{
$strUpload=strtr($_FILES['attach']['name'],'éèêëÉÈÊËáàâäÁÀÂÄÅåíìîïÍÌÎÏóòôöÓÒÔÖõÕúùûüÚÙÛÜ','eeeeeeeeaaaaaaaaaaiiiiiiiioooooooooouuuuuuuu');
$strUpload=strtolower($strUpload);
$strUpload=preg_replace('/[^a-z0-9_\-\.]/i', '_', $strUpload);
$bUpload=true;
}
}}}
}
// ::::::::
}
// ::::::::
// ::::::::
if ( isset($_POST['dosend']) && empty($error) ) {
// ::::::::
// SEND a new topic
if ( $a=='nt' )
{
$oTopic->id = $oDB->Nextid(TABTOPIC);
$oTopic->numid = $oDB->Nextid(TABTOPIC,'numid','WHERE forum='.$s);
$oPost->id = $oDB->Nextid(TABPOST);
$oPost->topic = $oTopic->id;
$oTopic->section = $s;
$oPost->section = $s;
// if moderator post
if ( isset($_POST['topictype']) ) $oTopic->type = $_POST['topictype'];
if ( isset($_POST['topicstatus']) ) $oTopic->status = $_POST['topicstatus'];
$oTopic->firstpostid = $oPost->id;
$oTopic->lastpostid = $oPost->id;
$oTopic->firstpostuser = $oVIP->id;
$oTopic->firstpostname = $oPost->username;
$oTopic->lastpostuser = $oVIP->id;
$oTopic->lastpostname = $oPost->username;
$oTopic->firstpostdate = $now;
$oTopic->lastpostdate = $now;
// replace empty title
if ( empty($oPost->title) ) $oPost->title = QTunbbc(QTcompact($oPost->text,50,' '));
$oPost->type = 'P';
$oPost->issuedate = $now;
if ( $bUpload )
{
if ( !empty($_POST['oldattach']) ) { if ( file_exists(QTF_DIR_DOC.$_POST['oldattach']) ) unlink(QTF_DIR_DOC.$_POST['oldattach']); }
$strDir = TargetDir(QTF_DIR_DOC,$oPost->id);
$oPost->attach = $strDir.$oPost->id.'_'.$strUpload;
copy($_FILES['attach']['tmp_name'],QTF_DIR_DOC.$oPost->attach);
unlink($_FILES['attach']['tmp_name']);
}
$oPost->InsertPost(false);
$oTopic->InsertTopic(true);
$oVIP->numpost++;
// ----------
// module rss
if ( UseModule('rss') ) { if ( $_SESSION[QT]['m_rss']=='1' ) include('qtfm_rss_inc.php'); }
// ----------
}
// SEND a reply
if ( $a=='re' || $a=='qu' )
{
$oPost->id = $oDB->Nextid(TABPOST);
$oPost->topic = $t;
$oPost->section = $s;
$oPost->type = 'R';
$oPost->issuedate = $now;
if ( $bUpload )
{
if ( !empty($_POST['oldattach']) ) { if ( file_exists(QTF_DIR_DOC.$_POST['oldattach']) ) unlink(QTF_DIR_DOC.$_POST['oldattach']); }
$strDir = TargetDir(QTF_DIR_DOC,$oPost->id);
$oPost->attach = $strDir.$oPost->id.'_'.$strUpload;
copy($_FILES['attach']['tmp_name'],QTF_DIR_DOC.$oPost->attach);
unlink($_FILES['attach']['tmp_name']);
}
$oPost->InsertPost(true);
$oVIP->numpost++;
// update topic stats and close topic if full (and lastpost topic info)
$oTopic->UpdateTopicStats($oTopic->id,$_SESSION[QT]['posts_per_topic'],$oPost);
// topic status/type (from staff)
if ( isset($_POST['topictype']) )
{
if ( $_POST['topictype']!=$_POST['oldtype'] ) $oTopic->SetType($oTopic->id,$_POST['topictype']);
}
if ( isset($_POST['topicstatus']) )
{
if ( $_POST['topicstatus']!=$_POST['oldstatus'] ) $oTopic->SetStatus($_POST['topicstatus']);
}
// topic status (from user)
if ( isset($_POST['topicstatususer']) ) { if ( $_POST['topicstatususer'][0]=='1' ) $oTopic->SetStatus('1'); }
}
// SEND a edit
if ( $a=='ed' )
{
if ( $oSEC->titlefield==0 && $oPost->type=='P' )
{
$oPost->title = QTunbbc(QTcompact($oPost->text,50,' '));
}
if ( empty($oPost->title) && $oPost->type=='P' )
{
$oPost->title = QTunbbc(QTcompact($oPost->text,50,' '));
}
$strModif = '';
// modifdate+modifuser if editor is not the creator
if ( $oPost->modifuser!=$oPost->userid ) $strModif=', modifdate="'.date('Ymd His').'", modifuser='.$oPost->modifuser.', modifname="'.$oPost->modifname.'"';
// modifdate+modifuser if not the last message
if ( $oTopic->lastpostid!=$oPost->id ) $strModif=', modifdate="'.date('Ymd His').'", modifuser='.$oPost->modifuser.', modifname="'.$oPost->modifname.'"';
if ( $bUpload )
{
if ( !empty($_POST['oldattach']) ) { if ( file_exists(QTF_DIR_DOC.$_POST['oldattach']) ) unlink(QTF_DIR_DOC.$_POST['oldattach']); }
$strDir = TargetDir(QTF_DIR_DOC,$oPost->id);
$oPost->attach = $strDir.$oPost->id.'_'.$strUpload;
copy($_FILES['attach']['tmp_name'],QTF_DIR_DOC.$oPost->attach);
unlink($_FILES['attach']['tmp_name']);
}
// if drop attachement
if ( isset($_POST['drop']) ) { if ( $_POST['drop'][0]=='1' ) $oPost->Dropattach(); }
// save edits
if ( $oDB->type=='db2' )
{
$oDB->Query( 'UPDATE '.TABPOST.' SET title="'.$oPost->FormatTitleForInsert($oPost->title).'", icon="'.$oPost->icon.'",textmsg="'.addslashes($oPost->text).'",",textmsg2="'.substr(addslashes($oPost->text),0,255).'",attach="'.$oPost->attach.'" '.$strModif.' WHERE id='.$oPost->id );
}
else
{
$oDB->Query( 'UPDATE '.TABPOST.' SET title="'.$oPost->FormatTitleForInsert($oPost->title).'", icon="'.$oPost->icon.'",textmsg="'.addslashes($oPost->text).'",attach="'.$oPost->attach.'" '.$strModif.' WHERE id='.$oPost->id );
}
// topic type (from staff)
if ( isset($_POST['topictype']) )
{
if ( $_POST['topictype']!=$_POST['oldtype'] ) $oTopic->SetType($oTopic->id,$_POST['topictype']);
}
// topic status (from staff)
if ( isset($_POST['topicstatus']) ) {
if ( $_POST['topicstatus']!=$_POST['oldstatus'] ) {
$oTopic->SetStatus($_POST['topicstatus']);
}}
// topic status (from user)
if ( isset($_POST['topicstatususer']) ) {
if ( $_POST['topicstatususer'][0]=='1' ) {
$oTopic->SetStatus('1');
}}
}
// exit
$oVIP->exiturl = 'qtf_topic.php?t='.$oPost->topic.'#'.$oPost->id;
$str = ''; if ( $oSEC->numfield!='N' ) $str='<b>'.sprintf($oSEC->numfield,$oTopic->numid).'</b><br/>';
$oVIP->EndMessage(NULL,$str.$L['S_message_saved'].(empty($warning) ? '' : '<br/><br/>'.$warning),$_SESSION[QT]['skin_dir'],2);
// ::::::::
}
// ::::::::
// --------
// HTML START
// --------
if ( $a=='nt' )
{
$oPost->icon = '00';
$oPost->type = 'P';
}
if ( $a=='qu' )
{
if ( $t<0 ) die('Missing parameters: topicid');
if ( $p<0 ) die('Missing parameters: postid');
$oPost->title = '';
$oPost->text = "[quote=$oPost->username]$oPost->text[/quote]";
// rest must be as reply
$a = 're';
}
if ( $a=='re' )
{
if ( $t<0 ) die('Missing parameters: topicid');
$oPost->icon = '00';
$oPost->type = 'R';
}
if ( $a=='ed' )
{
if ( $t<0 ) die('Missing parameters: topicid');
if ( $p<0 ) die('Missing parameters: postid');
}
$bJauto = $oVIP->IsStaff();
if ( $_SESSION[QT]['bbc']!='0' )
{
$oVIP->arrJava[]='bin/qtf_bbc.js';
$oVIP->arrCss[] = '../bin/css/qtf_bbc.css';
}
$strHeadScript = '';
if ( $bJauto )
{
$strHeadScript .= '<link rel="stylesheet" type="text/css" href="bin/css/qt_jquery.css"/>
<script type="text/javascript" src="bin/qt_jquery.js"></script>
<script type="text/javascript" src="bin/qt_jquery_auto.js"></script>
<script type="text/javascript">
<!--
$(document).ready(function() {
$("#behalf").autocomplete("qtf_j_name.php", { selectFirst: false });
});
-->
</script>
';
}
if ( CanPerform('upload',$oVIP->role) ) { $intBbc=3; } else { $intBbc=2; }
$bJava=true;
include('qtf_p_header.php');
// PREVIEW
if ( isset($_POST['dopreview']) && empty($error) )
{
echo '<h2>',$L['Preview'],'</h2>',N;
// get user info
$oDB->Query('SELECT signature,picture,location,role FROM '.TABUSER.' WHERE id='.$oPost->userid);
$row = $oDB->Getrow();
$oPost->userloca = $row['location'];
$oPost->useravat = $row['picture'];
$oPost->usersign = $row['signature'];
$oPost->userrole = $row['role'];
$oPost->issuedate = $now;
$oPost->Show($oSEC,$oTopic,true,'','',$_SESSION[QT]['skin_dir'],'1');
}
// FORM START
echo '<h2>',$oVIP->selfname,'</h2>',N;
if ( !empty($error) ) echo '<p class="error">',$error,'</p>';
echo '
<script type="text/javascript">
<!--
function ValidateForm(theButton)
{
theForm = theButton.form;
if (theForm.text.value.length==0) { alert(qtHtmldecode("',$L['E_mandatory'],': ',$L['Message'],'")); return false; }
if (theForm.text.value.length>',$_SESSION[QT]['chars_per_post']*1000,') { alert(qtHtmldecode("',$L['E_too_long'],': ',$L['Maximum'],' ',$_SESSION[QT]['chars_per_post'],'")); return false; }
if ( theButton.name=="dosend" )
{
theForm.action="',$oVIP->selfurl,'";
theForm.target="";
}
else
{
if ( theForm.attach )
{
if ( theForm.attach.value.length>1 )
{
theForm.action="qtf_form_preview.php";
theForm.target="_blank";
}
}
}
return true;
}
-->
</script>
<form id="form_edit" method="post" action="',$oVIP->selfurl,'" enctype="multipart/form-data">
<input type="hidden" name="s" value="',$s,'"/>
<input type="hidden" name="t" value="',$t,'"/>
<input type="hidden" name="a" value="',$a,'"/>
<input type="hidden" name="p" value="',$oPost->id,'"/>
<input type="hidden" name="oldtype" value="',$oTopic->type,'"/>
<input type="hidden" name="oldstatus" value="',$oTopic->status,'"/>
';
if ( $oVIP->IsStaff() )
{
echo '<div class="modboard"><span class="modboard">',N;
echo $L['Type'],' <select class="small" name="topictype" size="1">',N;
echo QTasTag($oVIP->GetTypes(),$oTopic->type,array('current'=>$oTopic->type,'classC'=>'bold'));
echo '</select>',N;
echo S,$L['Status'],' <select class="small" name="topicstatus" size="1">',N;
echo QTasTag($oVIP->GetStatuses(),$oTopic->status,array('current'=>$oTopic->status,'classC'=>'bold'));
echo '</select>',N;
echo S,$L['Send_on_behalf'],S,'<input class="small" type="text" name="behalf" id="behalf" size="12" maxlength="24" value="'.(isset($strBehalf) ? $strBehalf : '').'"/></span>',N;
echo '</div>',N;
}
echo '<table class="data_o" cellspacing="0" summary="edit form">',N;
// PREFIX ICON
echo '<tr>';
echo '<td class="colhd colhdfirst" style="width:100px">',$L['Smiley'],'</td>';
echo '<td class="colct">',N;
for ($i=0;$i<10;$i++)
{
if ( file_exists($_SESSION[QT]['skin_dir'].'/ico_prefix_'.$oSEC->prefix.'_0'.$i.'.gif') )
{
echo '<input type="radio" name="icon" id="i0',$i,'" value="0',$i,'"',($oPost->icon=='0$i' ? QCHE : ''),'/><label for="i0',$i,'"><img class="ico i_pre" src="',$_SESSION[QT]['skin_dir'],'/ico_prefix_',$oSEC->prefix,'_0',$i,'.gif" alt="smile" title="',$L['Ico_prefix'][$oSEC->prefix.'_0'.$i],'"/></label> ',N;
}
}
echo '<input type="radio" name="icon" id="00" value="00"',($oPost->icon=='00' ? QCHE : ''),'/><label for="00">',$L['None'],'</label></td>';
echo '</tr>',N;
// TITLE
if ( $oSEC->titlefield!=0 )
{
echo '<tr>',N;
echo '<td class="colhd colhdfirst"><label for="title">',$L['Title'],'</label></td>',N;
echo '<td class="colct"><input type="text" id="title" name="title" size="80" maxlength="64" value="',QTconv($oPost->title,'3',QTF_CONVERT_AMP),'" tabindex="1"/></td>',N;
echo '</tr>',N;
}
// MESSAGE
echo '<tr>';
echo '<td class="colhd colhdfirst"><label for="text">',$L['Message'],'</label></td>';
echo '<td class="colct">';
echo '<table class="hidden" cellspacing="0" summary="edit message">',N;
if ( $_SESSION[QT]['bbc']!='0' )
{
echo '<tr class="hidden">',N;
echo '<td style="height:22px"><ul class="bbc">',N;
include('qtf_form_button.php');
echo '</ul></td>',N;
echo '</tr>',N;
}
echo '<tr class="hidden">',N;
echo '<td class="hidden">',N;
echo '<a href="textarea"></a><textarea id="text" name="text" ',(strlen($oPost->text)>500 ? 'rows="30" cols="85"' : 'rows="15" cols="80"' ),' tabindex="2">',QTconv($oPost->text,'3',QTF_CONVERT_AMP,false),'</textarea>',N;
if ( CanPerform('upload',$oVIP->role) )
{
echo '<br/><a href="#" id="attachlink" style="display:none" class="small" onclick="document.getElementById(\'attachtr\').style.display=\'table-row\'; document.getElementById(\'attachlink\').style.display=\'none\';">',$L['Attachment'],'</a>';
}
echo '</td>',N;
echo '</tr>',N;
echo '</table>',N;
echo '</td></tr>',N;
// ATTACHMENT
if ( CanPerform('upload',$oVIP->role) )
{
$intMax = intval($_SESSION[QT]['upload_size'])*1024;
echo '<tr id="attachtr">';
echo '<td class="colhd colhdfirst"><label for="attach">',$L['Attachment'],'</label></td>';
echo '<td class="colct">';
if ( !empty($oPost->attach) )
{
if ( strstr($oPost->attach,'/') ) { $str = substr(strrchr($oPost->attach,'/'),1); } else { $str=$oPost->attach; }
if ( substr($str,0,strlen($oPost->id.'_'))==($oPost->id).'_' ) $str = substr($str,strlen($oPost->id.'_'));
echo AsImg($_SESSION[QT]['skin_dir'].'/ico_attachment.gif','-',$L['Attachment']),S,$str,'<input type="hidden" id="oldattach" name="oldattach" value="',$oPost->attach,'"/>';
echo ' · <input type="checkbox" id="drop" name="drop[]" value="1"/><label for="drop"> ',$L['Drop_attachment'],'</label>';
}
else
{
echo '<input type="hidden" name="MAX_FILE_SIZE" value="',$intMax,'"/>';
echo '<input type="file" id="attach" name="attach" size="42" tabindex="3"/>';
}
echo '</td></tr>',N;
}
// SUBMIT
echo '<tr>',N;
echo '<td class="colhd colhdfirst"> </td>',N;
echo '<td class="colct">',N;
if ( $oTopic->status=='0' && $oTopic->firstpostuser==$oVIP->id )
{
// topic status (from user)
$bChecked = false;
if ( isset($_POST['topicstatususer']) ) { if ( $_POST['topicstatususer'][0]=='1' ) $bChecked=true; }
echo '<input type="checkbox" id="topicstatususer" name="topicstatususer[]" value="1"',($bChecked ? QCHE : ''),'/><label for="topicstatususer"> ',$L['Close_my_topic'],'</label> ';
}
echo ' <input type="submit" id="dopreview" name="dopreview" value="',$L['Preview'],'" onclick="return ValidateForm(this);"/>';
echo ' <input type="submit" id="dosend" name="dosend" value="',$L['Send'],'" tabindex="3" onclick="return ValidateForm(this);"/> ',N;
echo '</td>',N;
echo '</tr>',N;
// FORM END
echo '
</table>
</form>
';
// PREVIOUS POSTS
if ( $a=='re' || $a=='qu' )
{
echo '<h2>',$L['Previous_replies'],'</h2>',N;
// ========
$strState = 'p.*, u.role, u.location, u.picture, u.signature FROM '.TABPOST.' p, '.TABUSER.' u WHERE p.userid = u.id AND p.topic='.$oTopic->id.' ';
$oDB->Query( LimitSQL($strState,'p.id DESC',0,5) );
// ========
$intPosts = 5;
$iMsgNum = $oTopic->replies + 2;
$intWhile= 0;
$strAlt = 'r1';
$bButton = false;
$bAvatar = false;
// ========
while($row=$oDB->Getrow())
{
$iMsgNum = $iMsgNum-1;
$oPost = new cPost($row,$iMsgNum);
$strButton='';
if ( !empty($oPost->modifuser) ) $strButton .= '<td class="post_modif"><span class="small"> '.$L['Modified_by'].' <a href="qtf_user.php?id='.$oPost->modifuser.'" class="small">'.$oPost->modifname.'</a> ('.QTdatestr($oPost->modifdate,'$','$',true,true).')</span></td>'.N;
if ( !empty($strButton) ) $strButton .= '<td class="hidden">'.S.'</td>'.N;
if ( !empty($strButton) ) $strButton = '<table class="hidden" cellspacing="0" style="margin:10px 0 1px 0;" summary="edit"><tr>'.$strButton.'</tr></table>'.N;
$oPost->text = QTcompact($oPost->text); // Pre processing data (compact, no button)
$oPost->Show($oSEC,$oTopic,false,$strButton,'',$_SESSION[QT]['skin_dir'],$strAlt);
if ( $strAlt=='r1' ) { $strAlt='r2'; } else { $strAlt='r1'; }
$intWhile++;
}
// ========
}
// HTML END
$strFooterAddScript = '
<script type="text/javascript">
<!--
if ( document.getElementById("attachlink") ) document.getElementById("attachlink").style.display="inline";
if ( document.getElementById("attachtr") ) document.getElementById("attachtr").style.display="none";
-->
</script>
';
include('qtf_p_footer.php');
?>