qtf_form_preview.php at QuickTalk Forum

<?php

// 2.5 build:20100924

// This page is used in case of attachement in the forms to preview.
// Because the form input "file" cannot be filled in, the form must remains opened during the preview.

session_start();
require_once('bin/qtf_init.php');
if ( !$oVIP->CanView('V6') ) HtmlPage(11);
if ( !isset($_POST['a']) ) die('Missing parameters: action');
if ( !in_array($_POST['a'],array('nt','re','ed','qu','de')) ) die('Missing parameters action');

// INITIALISE

$s = -1;
if ( isset($_POST['s']) ) $s = intval($_POST['s']);
if ( $s<0 ) die('Missing parameters: section id');

$intBehalf=-1;
$strBehalf='';
$now = date('Y-m-d H:i');
$oVIP->selfname = $L['Post_reply'];

$oSEC = new cSection($s);
$oTopic = new cTopic();
$oPost = new cPost();
  $oPost->userid = $oVIP->id;
  $oPost->username = $oVIP->username;
  $oPost->type = 'R';
  $oPost->issuedate = $now;
  
// CHECK SUBMITTED

  if ( isset($_POST['p']) )         { $oPost->id = intval($_POST['p']); }
  if ( isset($_POST['icon']) )      { $oPost->icon = $_POST['icon']; }
  if ( isset($_POST['title']) )     { $oPost->title = trim($_POST['title']); if ( get_magic_quotes_gpc() ) $oPost->title = stripslashes($oPost->title); }
  if ( isset($_POST['text']) )      { $oPost->text = trim($_POST['text']); if ( get_magic_quotes_gpc() ) $oPost->text = stripslashes($oPost->text); }
  if ( isset($_POST['oldattach']) ) { $oPost->attach = $_POST['oldattach']; }
  if ( isset($_POST['behalf']) )    { $strBehalf = trim($_POST['behalf']); if ( get_magic_quotes_gpc() ) $strBehalf = stripslashes($strBehalf); }
    // complete if missing behalf name
    if ( $strBehalf!='' )
    {
      $arrNames = GetUsers('name',$strBehalf);
      if ( !empty($arrNames) ) { foreach($arrNames as $intKey=>$strValue) { $intBehalf = $intKey; } }
      if ( $intBehalf<0 ) $error = $L['Send_on_behalf'].S.$L['E_invalid'];
      $oPost->userid = $intBehalf;
      $oPost->username = $strBehalf;
    }
  $oPost->title = QTbbc($oPost->title);
  if ( $_POST['a']=='nt' && $oPost->title=='' && $oSEC->titlefield==2 ) $error = $L['E_no_title'];
  if ( $_POST['a']=='nt' && $oPost->title=='' && $oSEC->titlefield!=2 ) $oPost->title = QTbbc($oPost->text);
  if ( strlen($oPost->text)>$_SESSION[QT]['chars_per_post'] ) $error = $L['E_too_long'].S.sprintf($L['E_char_max'], $_SESSION[QT]['chars_per_post']);
  if ( substr_count($oPost->text,"\n")>$_SESSION[QT]['lines_per_post'] ) $error = $L['E_too_long'].S.sprintf($L['E_line_max'], $_SESSION[QT]['lines_per_post']);
  $oPost->text = substr( QTconv($oPost->text,'3',QTF_CONVERT_AMP), 0, $_SESSION[QT]['chars_per_post'] );
  if ($oPost->text=='') $error = $L['Message'].S.$L['E_invalid'];

// PREPARE DISPLAY

if ( $_POST['a']=='nt' ) { $oVIP->selfname = $L['Post_new_topic']; $oPost->type = 'P'; }
if ( $_POST['a']=='ed' ) $oVIP->selfname = $L['Edit_message'];

// get user info
$oDB->Query('SELECT signature,picture,location,role FROM '.TABUSER.' WHERE id='.$oPost->userid);
$row = $oDB->Getrow();
$oPost->userloca = $row['location'];
$oPost->useravat = $row['picture'];
$oPost->usersign = $row['signature'];
$oPost->userrole = $row['role'];

// --------
// HTML START
// --------

HtmlHead('','',$oVIP->css,'',false);

echo '
<body>
';

HtmlPageCtrl(0,'90%');

echo '
<div class="div_page_empty">

<h2>',$L['Preview'],'</h2>
';
if ( !empty($error) ) echo '<p><span class="error">',$error,'</span></p>';

$oPost->Show($oSEC,$oTopic,true,'','',$_SESSION[QT]['skin_dir'],'1');

echo '
<script type="text/javascript">
<!--
document.write(\'<a href="#" onclick="window.close();">',$L['Close'],' [x]</a>\')
-->
</script>
</div>
';

HtmlPageCtrl(1);

echo '
</body>
</html>';

?>