<?php
/**
* PHP versions 5
*
* LICENSE: This source file is subject to version 3.0 of the PHP license
* that is available through the world-wide-web at the following URI:
* http://www.php.net/license. If you did not receive a copy of
* the PHP License and are unable to obtain it through the web, please
* send a note to hide@address.com so we can mail you a copy immediately.
*
* @package QuickTicket
* @author Philippe Vandenberghe <hide@address.com>
* @copyright 2008-2012 The PHP Group
* @version 2.5 build:20101222
*/
session_start();
require_once('bin/qti_init.php');
include(Translate('qti_adm.php'));
if ( $oVIP->role!='A' ) die(Error(13));
// INITIALISE
$oVIP->selfurl = 'qti_adm_secu.php';
$oVIP->selfname = '<span class="upper">'.$L['Adm_settings'].'</span><br />'.$L['Adm_security'];
// --------
// SUBMITTED
// --------
if ( isset($_POST['ok']) )
{
// check form
$_SESSION[QT]['visitor_right']=$_POST['pal'];
$oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$_SESSION[QT]['visitor_right'].'" WHERE param="visitor_right"');
$_SESSION[QT]['register_mode']=$_POST['regmode'];
$oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$_SESSION[QT]['register_mode'].'" WHERE param="register_mode"');
$_SESSION[QT]['register_safe']=$_POST['regsafe'];
$oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$_SESSION[QT]['register_safe'].'" WHERE param="register_safe"');
$_SESSION[QT]['avatar']=$_POST['avatar'];
$oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$_POST['avatar'].'" WHERE param="avatar"');
$_SESSION[QT]['upload']=$_POST['upload'];
$oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$_POST['upload'].'" WHERE param="upload"');
$_SESSION[QT]['show_calendar'] = $_POST['show_calendar'];
$oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$_SESSION[QT]['show_calendar'].'" WHERE param="show_calendar"');
$_SESSION[QT]['show_stats'] = $_POST['show_stats'];
$oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$_SESSION[QT]['show_stats'].'" WHERE param="show_stats"');
$_SESSION[QT]['tags']=$_POST['tags'];
$oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$_POST['tags'].'" WHERE param="tags"');
if ( $_SESSION[QT]['avatar']!='0' )
{
if ( isset($_POST['avatarwidth']) )
{
$str = strip_tags(trim($_POST['avatarwidth']));
if ( !QTisbetween(intval($str),20,200) ) { $error = $L['Avatar'].' '.$L['Maximum'].' ['.$str.'] '.$L['E_invalid'].' (20-200 pixels)'; }
if ( empty($error) )
{
$oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$str.'" WHERE param="avatar_width"');
$_SESSION[QT]['avatar_width']=$str;
}
}
if ( isset($_POST['avatarheight']) )
{
$str = strip_tags(trim($_POST['avatarheight']));
if ( !QTisbetween($str,20,200) ) { $error = $L['Avatar'].' '.$L['Maximum'].' ['.$str.'] '.$L['E_invalid'].' (20-200 pixels)'; }
if ( empty($error) )
{
$oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$str.'" WHERE param="avatar_height"');
$_SESSION[QT]['avatar_height']=$str;
}
}
if ( isset($_POST['avatarsize']) )
{
$str = strip_tags(trim($_POST['avatarsize']));
if ( !QTisbetween($str,10,100) ) $error = $L['Avatar'].' '.$L['Maximum'].' ['.$str.'] '.$L['E_invalid'].' (10-100 kb)';
if ( empty($error) )
{
$oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$str.'" WHERE param="avatar_size"');
$_SESSION[QT]['avatar_size']=$str;
}
}
}
if ( $_SESSION[QT]['upload']!='0' )
{
if ( isset($_POST['uploadsize']) )
{
$str = strip_tags(trim($_POST['uploadsize']));
if ( !QTisbetween($str,1,10000) ) { $error = $L['Allow_upload'].' ['.$str.'] '.$L['E_invalid'].' (1-10000 Kb)'; }
if ( empty($error) )
{
$oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$str.'" WHERE param="upload_size"');
$_SESSION[QT]['upload_size']=$str;
}
}
}
$str = strip_tags(trim($_POST['ppt']));
if ( !QTisbetween($str,10,999) ) $error = $L['Max_replies_per_topics'].' ['.$str.'] '.$L['E_invalid'].' (10-999)';
if ( empty($error) )
{
$oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$str.'" WHERE param="posts_per_topic"');
$_SESSION[QT]['posts_per_topic']=$str;
}
$str = strip_tags(trim($_POST['cpp']));
if ( !QTisbetween($str,1,32) ) $error = $L['Max_char_per_post'].' ['.$str.'] '.$L['E_invalid'].' (1-32)';
if ( $oDB->type=='db2' && !QTisbetween($str,1,32) ) $error = $L['Max_char_per_post'].' ['.$str.'] '.$L['E_invalid'].' (1-32)';
if ( $oDB->type=='oci' && !QTisbetween($str,1,4) ) $error = $L['Max_char_per_post'].' ['.$str.'] '.$L['E_invalid'].' (1-4)';
if ( empty($error) )
{
$oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$str.'000" WHERE param="chars_per_post"');
$_SESSION[QT]['chars_per_post']=intval($str)*1000;
}
$str = strip_tags(trim($_POST['lpp']));
if ( !QTisbetween($str,10,999) ) $error = $L['Max_line_per_post'].' ['.$str.'] '.$L['E_invalid'].' (10-999)';
if ( empty($error) )
{
$oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$str.'" WHERE param="lines_per_post"');
$_SESSION[QT]['lines_per_post']=$str;
}
$str = strip_tags(trim($_POST['delay']));
if ( !QTisbetween($str,1,99) ) $error = $L['Posts_delay'].' ['.$str.'] '.$L['E_invalid'].' (1-99)';
if ( empty($error) )
{
$oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$str.'" WHERE param="posts_delay"');
$_SESSION[QT]['posts_delay']=$str;
}
$str = strip_tags(trim($_POST['ppd']));
if ( !QTisbetween($str,1,999) ) $error = $L['Max_post_per_user'].' ['.$str.'] '.$L['E_invalid'].' (1-999)';
if ( empty($error) )
{
$oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$str.'" WHERE param="posts_per_day"');
$_SESSION[QT]['posts_per_day']=$str;
}
// exit
if ( empty($error) ) $strInfo = $L['S_save'];
}
// --------
// HTML START
// --------
include('qti_adm_p_header.php');
// FORM
echo '
<script type="text/javascript">
<!--
function avatardisabled(str)
{
if (str=="0")
{
document.getElementById("avatarwidth").disabled=true;
document.getElementById("avatarheight").disabled=true;
document.getElementById("avatarsize").disabled=true;
}
else
{
document.getElementById("avatarwidth").disabled=false;
document.getElementById("avatarheight").disabled=false;
document.getElementById("avatarsize").disabled=false;
}
return null;
}
function uploaddisabled(str)
{
if (str=="0")
{
document.getElementById("uploadsize").disabled=true;
}
else
{
document.getElementById("uploadsize").disabled=false;
}
return null;
}
function ValidateForm(theForm)
{
if (theForm.tpf.value.length < 1) { alert(qtHtmldecode("',$L['Missing'],': ',$L['Max_topics_per_section'],'")); return false; }
if (theForm.ppt.value.length < 1) { alert(qtHtmldecode("',$L['Missing'],': ',$L['Max_replies_per_topics'],'")); return false; }
if (theForm.delay.value.length < 1) { alert(qtHtmldecode("',$L['Missing'],': ',$L['Posts_delay'],'")); return false; }
if (theForm.ppd.value.length < 1) { alert(qtHtmldecode("',$L['Missing'],': ',$L['Max_post_per_user'],'")); return false; }
if (theForm.cpp.value.length < 1) { alert(qtHtmldecode("',$L['Missing'],': ',$L['Max_char_per_post'],'")); return false; }
if (theForm.lpp.value.length < 1) { alert(qtHtmldecode("',$L['Missing'],': ',$L['Max_line_per_post'],'")); return false; }
return null;
}
-->
</script>
';
echo '<form method="post" action="',$oVIP->selfurl,'" onsubmit="return ValidateForm(this);">
';
echo '<table class="data_o" cellspacing="0">
';
echo '<tr class="data_o">
<td class="colhd colhdgroup" colspan="2">',$L['Public_access_level'],'</td>
</tr>
';
echo '<tr class="data_o" title="',$L['H_Visitors_can'],'">
<td class="colhd colhdfirst"><label for="pal">',$L['Visitors_can'],'</label></td>
<td class="colct">
<select id="pal" name="pal" onchange="bEdited=true;">',QTasTag($L['Pal'],$_SESSION[QT]['visitor_right']),'</select></td>
</tr>
';
echo '<tr class="data_o">
<td class="colhd colhdgroup" colspan="2">',$L['Registration'],'</td>
</tr>
';
echo '<tr class="data_o" title="',$L['Reg_mode'],'">
<td class="colhd colhdfirst" style="width:250px;"><label for="regmode">',$L['Reg_mode'],'</label></td>
<td class="colct">
<select id="regmode" name="regmode" onchange="bEdited=true;">
<option value="direct"',($_SESSION[QT]['register_mode']=='direct' ? QSEL : ''),'>',$L['Direct'],'</option>
<option value="email"',($_SESSION[QT]['register_mode']=='email' ? QSEL : ''),'>',$L['By_email'],'</option>
</select>
</tr>
';
echo '<tr class="data_o" title="',$L['H_Reg_security'],'">
<td class="colhd colhdfirst"><label for="regsafe">',$L['Reg_security'],'</label></td>
<td class="colct">
<select id="regsafe" name="regsafe" onchange="bEdited=true;">
<option value="none"',($_SESSION[QT]['register_safe']=='none' ? QSEL : ''),'>',$L['None'],'</option>
<option value="text"',($_SESSION[QT]['register_safe']=='text' ? QSEL : ''),'>',$L['Text_code'],'</option>
<option value="image"',($_SESSION[QT]['register_safe']=='image' ? QSEL : ''),'>',$L['Image_code'],'</option>
</select>
</tr>
';
echo '<tr class="data_o">
<td class="colhd colhdgroup" colspan="2">',$L['Security_rules'],'</td>
</tr>
';
echo '<tr class="data_o" title="',$L['H_Max_replies_per_topics'],'">
<td class="colhd colhdfirst"><label for="ppt">',$L['Max_replies_per_topics'],'</label></td>
<td class="colct"><input type="text" id="ppt" name="ppt" size="3" maxlength="3" value="',$_SESSION[QT]['posts_per_topic'],'" onchange="bEdited=true;" />/',$L['Topic'],'</td>
</tr>
';
echo '<tr title="',$L['H_Posts_delay'],'">
<td class="colhd colhdfirst"><label for="delay">',$L['Posts_delay'],'</label></td>
<td class="colct"><input type="text" id="delay" name="delay" size="2" maxlength="2" value="',$_SESSION[QT]['posts_delay'],'" onchange="bEdited=true;" /> '.strtolower($L['Seconds']).'</td>
</tr>
';
echo '<tr class="data_o" title="',$L['H_hacking_day'],'">
<td class="colhd colhdfirst"><label for="ppd">',$L['Max_post_per_user'],'</label></td>
<td class="colct"><input type="text" id="ppd" name="ppd" size="3" maxlength="3" value="',$_SESSION[QT]['posts_per_day'],'" onchange="bEdited=true;" />/'.strtolower($L['Day']).'</td>
</tr>
';
echo '<tr class="data_o" title="',$L['H_Max_char_per_post'],'">
<td class="colhd colhdfirst"><label for="cpp">',$L['Max_char_per_post'],'</label></td>
<td class="colct"><input type="text" id="cpp" name="cpp" size="2" maxlength="2" value="',($_SESSION[QT]['chars_per_post']/1000),'" onchange="bEdited=true;" /> x 1000</td>
</tr>
';
echo '<tr class="data_o" title="',$L['H_Max_line_per_post'],'">
<td class="colhd colhdfirst"><label for="lpp">',$L['Max_line_per_post'],'</label></td>
<td class="colct"><input type="text" id="lpp" name="lpp" size="3" maxlength="3" value="',$_SESSION[QT]['lines_per_post'],'" onchange="bEdited=true;" /></td>
</tr>
';
echo '<tr class="data_o">
<td class="colhd colhdgroup" colspan="2">',$L['User_interface'],'</td>
</tr>
';
echo '<tr class="data_o" title="',$L['H_Allow_avatar'],'">
<td class="colhd colhdfirst"><label for="avatar">',$L['Allow_avatar'],'</label></td>
<td class="colct"><select id="avatar" name="avatar" onchange="avatardisabled(this.value);bEdited=true;">
<option value="0"',($_SESSION[QT]['avatar']=='0' ? QSEL : ''),'>',$L['N'],'</option>
<option value="jpg,jpeg"',($_SESSION[QT]['avatar']=='jpg,jpeg' ? QSEL : ''),'>',$L['Y'],' (',$L['Jpg_only'],')</option>
<option value="gif,jpg,jpeg,png"'.($_SESSION[QT]['avatar']=='gif,jpg,jpeg,png' ? QSEL : '').'>',$L['Y'],' (',$L['Gif_jpg_png'],')</option>
</select> ',$L['Maximum'],' <input type="text" id="avatarwidth" name="avatarwidth" size="3" maxlength="3" value="',$_SESSION[QT]['avatar_width'],'"'.($_SESSION[QT]['avatar']=='0' ? QDIS : '').'/> x <input type="text" id="avatarheight" name="avatarheight" size="3" maxlength="3" value="',$_SESSION[QT]['avatar_height'],'"'.($_SESSION[QT]['avatar']=='0' ? QDIS : '').'/> pixels, <input type="text" id="avatarsize" name="avatarsize" size="3" maxlength="3" value="',$_SESSION[QT]['avatar_size'],'"'.($_SESSION[QT]['avatar']=='0' ? QDIS : '').'/>Kb</td>
</tr>
';
unset($L['Userroles']['A']);
unset($L['Userrole']['A']);
echo '<tr class="data_o" title="',$L['H_Show_calendar'],'">
<td class="colhd colhdfirst"><label for="show_calendar">',$L['Show_calendar'],'</label></td>
<td class="colct">
<select id="show_calendar" name="show_calendar" onchange="bEdited=true;">',QTasTag($L['Userroles'],$_SESSION[QT]['show_calendar']),'</select>
</td>
</tr>
';
echo '<tr class="data_o" title="',$L['H_Show_statistics'],'">
<td class="colhd colhdfirst"><label for="show_stats">',$L['Show_statistics'],'</label></td>
<td class="colct">
<select id="show_stats" name="show_stats" onchange="bEdited=true;">',QTasTag($L['Userroles'],$_SESSION[QT]['show_stats']),'</select>
</td>
</tr>
';
echo '<tr class="data_o" title="',$L['H_Allow_upload'],'">
<td class="colhd colhdfirst"><label for="upload">',$L['Allow_upload'],'</label></td>
<td class="colct">
<select id="upload" name="upload" onchange="uploaddisabled(this.value); bEdited=true;">
<option value="0"',($_SESSION[QT]['upload']=='0' ? QSEL : ''),'>',$L['N'],'</option>
',QTasTag($L['Userrole'],$_SESSION[QT]['upload'],array('format'=>$L['Y'].' (%s)')),'
</select> ',$L['Maximum'],' <input type="text" id="uploadsize" name="uploadsize" size="4" maxlength="4" value="',$_SESSION[QT]['upload_size'],'"',($_SESSION[QT]['upload']=='0' ? QDIS : ''),'/>Kb</td>
</tr>
';
echo '<tr class="data_o">
<td class="colhd colhdfirst"><label for="tags">',$L['Allow_tags'],'</label></td>
<td class="colct"><select id="tags" name="tags" onchange="bEdited=true;">
<option value="0"',($_SESSION[QT]['tags']=='0' ? QSEL : ''),'>',$L['N'],'</option>
',QTasTag($L['Userrole'],$_SESSION[QT]['tags'],array('format'=>$L['Y'].' (%s)')),'
</select> *</td>
</tr>
';
echo '<tr class="data_o">
<td class="colhd colhdfirst" colspan="2" style="padding:6px; text-align:center"><input type="submit" name="ok" value="',$L['Save'],'" /></td>
</tr>
';
echo '</table>
</form>
<p class="small">* ',$L['H_Allow_tags'],'</p>
';
// HTML END
include('qti_adm_p_footer.php');
?>