Location: PHPKode > projects > QuickTicket > quickticket/qti_change.php
<?php

/**
* PHP versions 5
*
* LICENSE: This source file is subject to version 3.0 of the PHP license
* that is available through the world-wide-web at the following URI:
* http://www.php.net/license. If you did not receive a copy of
* the PHP License and are unable to obtain it through the web, please
* send a note to hide@address.com so we can mail you a copy immediately.
*
* @package    QuickTicket
* @author     Philippe Vandenberghe <hide@address.com>
* @copyright  2008-2012 The PHP Group
* @version    2.5.1 build:20110304
*/

session_start();
require_once('bin/qti_init.php');

include('bin/qti_fn_sql.php');

// INITIALISE

$bCmdok = false;
$strMails = '';
$a = ''; // mandatory action
$s = -1; // section forum
$t = -1; // topic
$p = -1; // post
$v = ''; // value
$v1 = ''; // value
$v2 = ''; // value
$v3 = ''; // value
$ok = ''; // submitted
QThttpvar('a s t p v v1 v2 v3 ok','str int int int str str str str str',true,true,false); // reject POST method

$oVIP->selfurl = 'qti_change.php';
$oVIP->selfname = 'QuickTicket command';

// --------
// EXECUTE COMMAND
// --------

switch($a)
{

// --------------
case 'dropattach':
// --------------

  if ( !$oVIP->CanView('V6') ) HtmlPage(11);

  if ( $p>=0 )
  {
    $oVIP->exiturl = "qti_topic.php?t=$t#$p";
    $oVIP->exitname = '&laquo; '.$L['Message'];
    $oPost = new cPost($p);
    $oPost->Dropattach();
  }
  $oVIP->EndMessage($L['Drop_attachment'],$L['S_delete'],$_SESSION[QT]['skin_dir'],2);
  exit;
  break;

// --------------
case 'pwdreset':
// --------------

  if ( $oVIP->role!='A' ) die('Access is restricted to administrators only');

  if ( $s<0 ) die('Wrong id '.$s);
  if ( $s==1 && $oVIP->id!=1 ) die('First Admin password can be changed by himself only...');
  include('bin/qt_lib_smtp.php');
  include(Translate('qti_reg.php'));

  $oVIP->selfname = $L['Reset_pwd'];
  $oVIP->exiturl = 'qti_user.php?id='.$s;
  $oVIP->exitname = '&laquo; '.$L['Profile'];

  $oDB->Query('SELECT name,mail,children,parentmail,photo FROM '.TABUSER.' WHERE id='.$s);
  $row = $oDB->Getrow();

  // ask delay
  if ( empty($ok) )
  {
    $oVIP->EndMessage
    (
    NULL,
    '<form method="get" action="'.Href().'">
    <table class="hidden" cellspacing="0">
    <tr class="hidden">
    <td class="hidden">'.AsImgBox(AsImg( AsAvatarScr($row['photo']),'',$row['name'],'member'),'picbox','',$row['name']).'</td>
    <td class="hidden">
    <p style="text-align:right">'.$L['Reset_pwd_help'].'<br /><br />'.$oVIP->selfname.'&nbsp;
    <input type="hidden" name="a" value="'.$a.'" />
    <input type="hidden" name="s" value="'.$s.'" />
    <input type="submit" name="ok" value="'.$L['Send'].'" /></p>
    </td>
    </tr>
    </table></form>',
    'admin',
    0,
    '500px'
    );
    exit;

  }

  // reset user
  $strNewpwd = 'qt'.rand(0,9).rand(0,9).rand(0,9).rand(0,9);
  $oDB->Query('UPDATE '.TABUSER.' SET pwd="'.sha1($strNewpwd).'" WHERE id='.$s);

  // send email
  $strSubject = $_SESSION[QT]['site_name'].' - New password';
  $strMessage = "Here are your login and password\nLogin: %s\nPassword: %s";
  $strFile = GetLang().'mail_pwd.php';
  if ( file_exists($strFile) ) include($strFile);
  $strMessage = sprintf($strMessage,$row['name'],$strNewpwd);
  QTmail($row['mail'],QTconv($strSubject,'-4'),QTconv($strMessage,'-4'),QTI_HTML_CHAR);
  $strEndmessage = str_replace("\n",'<br />',$strMessage);

  // send parent email (if coppa)
  if ( QTI_USE_COPPA && $row['children']!='0' )
  {
    $strSubject = $_SESSION[QT]['site_name'].' - New password';
    $strMessage = "Here is then new password of your children.\nLogin: %s\nPassword: %s";
    $strFile = GetLang().'mail_pwd_coppa.php';
    if ( file_exists($strFile) ) { include($strFile); }
    $strMessage = sprintf($strMessage, $row['name'],$strNewpwd);
    QTmail($row['parentmail'],QTconv($strSubject,'-4'),QTconv($strMessage,'-4'),QTI_HTML_CHAR);
  }

  // exit
  $oVIP->EndMessage(NULL,$L['S_update'].'<br /><br />'.$strEndmessage,$_SESSION[QT]['skin_dir'],0);
  exit;
  break;

// --------------
case 'topicstatus':
// --------------

  if ( !$oVIP->IsStaff() ) die(Error(12));
  if ( !$oVIP->CanView('V6') ) die(Error(11));

  $oVIP->selfname = $L['Change'].' '.$L['Status'];
  $oVIP->exiturl = "qti_topic.php?t=$t";
  $oVIP->exitname = '&laquo; '.$L['Message'];

  // ASK STATUS IF MISSING: When value "*" repost with method GET

  if ( $v=='*' )
  {
    $oVIP->selfname = $L['Change'].' '.$L['Status'];
    $oVIP->EndMessage
    (
      NULL,
      '<form method="get" action="'.$oVIP->selfurl.'">
      <input type="hidden" name="a" value="'.$a.'" />
      <input type="hidden" name="s" value="'.$s.'" />
      <input type="hidden" name="t" value="'.$t.'" />
      <select name="v" size="8">'.QTasTag($oVIP->statuses,'',array('format'=>$L['Status'].': %s')).'</select><br /><br />
      <input type="submit" name="ok" value="'.$L['Ok'].'" />
      </form>',
      $_SESSION[QT]['skin_dir']
    );
    exit;
  }

  // CHANGE STATUS

  $oTopic = new cTopic($t);
  $oTopic->SetStatus($v,true,$oTopic->firstpostid); // this also updates the section stats in case of closed topics
  if ( $v=='Z' )
  {
  $oVIP->exitname = '&laquo; '.$L['Section'];
  $oVIP->exiturl = "qti_topics.php?s=$s";
  $voidSEC = new cSection(); $voidSEC->id=$s; $voidSEC->UpdateStats();
  }

  // EXIT

  $oVIP->EndMessage(NULL,$L['S_update'].$strMails,$_SESSION[QT]['skin_dir'],2);
  exit;
  break;

// --------------
case 'topictype':
// --------------

  if ( !$oVIP->IsStaff() ) die(Error(12));

  $oVIP->selfname = $L['Change'].' '.$L['Type'];
  $oVIP->exiturl  = 'qti_topic.php?t='.$t;
  $oVIP->exitname = '&laquo; '.$L['Message'];

  // ASK TYPE IF MISSING: When value "*" repost with method GET
  if ( $v=='*' )
  {
    $oVIP->selfname = $L['Change'].' '.$L['Type'];
    $oVIP->EndMessage
    (
      NULL,
      '<form method="get" action="'.$oVIP->selfurl.'">
      <input type="hidden" name="a" value="'.$a.'" />
      <input type="hidden" name="s" value="'.$s.'" />
      <input type="hidden" name="t" value="'.$t.'" />
      <select name="v" size="6">'.
      QTasTag($oVIP->types).'
      </select><br /><br /><input type="submit" name="ok" value="'.$L['Ok'].'" />
      </form>',
      $_SESSION[QT]['skin_dir']
    );
    exit;
  }

  // CHANGE TYPE

  cTopic::SetType($t,$v);
  if ( $v=='I' ) $oHtml->Redirect('qti_change.php?a=topicparam&amp;s='.$s.'&amp;t='.$t);


  // EXIT

  $oVIP->EndMessage(NULL,$L['S_update'],$_SESSION[QT]['skin_dir'],2);
  exit;
  break;

// --------------
case 'topicactor':
// --------------

  if ( !$oVIP->IsStaff() ) die($L['R_staff']);

  $oVIP->selfname = $L['Change'].' '.$L['Userrole_MA'];
  $oVIP->exiturl  = 'qti_topic.php?t='.$t;
  $oVIP->exitname = '&laquo; '.$L['Message'];
  $intOldactor    = -1; if ( isset($_GET['old']) ) $intOldactor=$_GET['old'];

  $oTopic = new cTopic($t);

  // ASK ACTOR IF MISSING: When value "*" repost with method GET
  if ( $v=='*' )
  {
    $arrAdmUsers = GetUsers('A');
    asort($arrAdmUsers);
    $strAdmUsers = QTasTag($arrAdmUsers,$intOldactor,array('current'=>$intOldactor,'classC'=>'bold'));
    $arrModUsers = GetUsers('M-');
    asort($arrModUsers);
    $strModUsers = QTasTag($arrModUsers,$intOldactor,array('current'=>$intOldactor,'classC'=>'bold'));
    $oVIP->selfname = $L['Change'].' '.$L['Userrole_MA'];
    $oVIP->EndMessage
    (
      NULL,
      '<table class="hidden" cellspacing="0">
      <tr class="hidden">
      <td class="hidden">
      '.$L['Userrole']['A'].'<br /><br />
      <form method="get" action="'.$oVIP->selfurl.'">
      <input type="hidden" name="a" value="'.$a.'" />
      <input type="hidden" name="s" value="'.$s.'" />
      <input type="hidden" name="t" value="'.$t.'" />
      <select name="v" size="12">'.$strAdmUsers.'</select><br /><br />
      <input type="submit" name="ok" value="'.$L['Ok'].'" />
      </form></td>
      <td class="hidden">
      '.$L['Userrole']['M'].'<br /><br />
      <form method="get" action="'.$oVIP->selfurl.'">
      <input type="hidden" name="a" value="'.$a.'" />
      <input type="hidden" name="s" value="'.$s.'" />
      <input type="hidden" name="t" value="'.$t.'" />
      <select name="v" size="12">'.$strModUsers.'</select><br /><br />
      <input type="submit" name="ok" value="'.$L['Ok'].'" />
      </form></td>
      </tr></table>',
      $_SESSION[QT]['skin_dir']
    );
    exit;
  }
  $v = intval($v);

  // CHANGE ACTOR
  $oTopic->SetActor($v);

  // EXIT

  $oVIP->EndMessage(NULL,$L['S_update'],$_SESSION[QT]['skin_dir'],2);
  exit;
  break;

// --------------
case 'userrole':
// --------------

  if ( !$oVIP->IsStaff() ) die($L['R_staff']);
  if ( $s<2 ) die('Wrong parameters: user 0 and 1 cannot be changed');
  include(Translate('qti_reg.php'));

  $oVIP->selfname = $L['User_upd'];
  $oVIP->exiturl  = 'qti_user.php?id='.$s;
  $oVIP->exitname = '&laquo; '.$L['Memberlist'];

  // ask confirmation
  if ( empty($ok) )
  {
    $oDB->Query('SELECT name,photo,role FROM '.TABUSER.' WHERE id='.$s);
    $row = $oDB->Getrow();
    $oVIP->EndMessage
    (
      NULL,
      '<table class="hidden" cellspacing="0">
      <tr class="hidden">
      <td class="hidden">'.AsImgBox(AsImg(AsAvatarScr($row['photo']),'',$row['name'],'member'),'picbox','',$row['name']).'</td>
      <td class="hidden">
      <form method="get" action="'.$oVIP->selfurl.'">
      <h2>'.$row['name'].' ('.$L['Userrole'][$row['role']].')</h2><br />
      '.$L['Change_role'].' <select name="r" size="1">
      <option value="A"'.($row['role']=='A' ? QSEL : '').($oVIP->role!='A' ? ' disabled="disabled"' : '').'>'.$L['Userrole']['A'].'</option>
      <option value="M"'.($row['role']=='M' ? QSEL : '').'>'.$L['Userrole']['M'].'</option>
      <option value="U"'.($row['role']=='U' ? QSEL : '').'>'.$L['Userrole']['U'].'</option>
      </select>&nbsp;<input type="hidden" name="a" value="'.$a.'" />
      <input type="hidden" name="s" value="'.$s.'" />
      <input type="submit" name="ok" value="'.$L['Ok'].'" />
      </form></td>
      </tr>
      </table>',
      'admin',
      0,
      '500px'
    );
    exit;
  }

  //update role
  if ( $oVIP->role!='A' && $v=='A' ) die('Access is restricted to administrators only');
  $oDB->Query('UPDATE '.TABUSER.' SET role="'.$_GET['r'].'" WHERE id='.$s);
  if ( $_GET['r']=='U' ) $oDB->Query('UPDATE '.TABSECTION.' SET moderator=1, moderatorname="Admin" WHERE moderator='.$s);

  // exit
  $oVIP->EndMessage(NULL,$L['S_update'],'admin',2);
  exit;
  break;

// --------------
case 'user_del':
// --------------

  if ( !$oVIP->IsStaff() ) die($L['R_staff']);
  if ( $s<2 ) die("Wrong parameters: user 0 and 1 cannot be deleted");
  include(Translate("qti_reg.php"));

  $oVIP->selfname = $L['Delete'].' '.strtolower($L['User']);
  $oVIP->exiturl  = 'qti_members.php'; if ( $v=='adm' ) $oVIP->exiturl = 'qti_adm_users.php';
  $oVIP->exitname = '&laquo; '.$L['Memberlist'];

  $oDB->Query('SELECT id,name,photo FROM '.TABUSER.' WHERE id='.$s);
  $row = $oDB->Getrow();

  // ask confirmation
  if ( empty($ok) )
  {
    $str  = '<table class="hidden" cellspacing="0">';
    $str .= '<tr>'.N;
    $str .= '<td class="hidden">'.AsImgBox(AsImg(AsAvatarScr($row['photo']),'',$row['name'],'member'),'picbox','',$row['name']).'</td>';
    $str .= '<td class="hidden">';
    $str .= '<form method="get" action="'.$oVIP->selfurl.'">';
    $str .= '<p style="text-align:right">'.$row['name'].' <input type="hidden" name="a" value="'.$a.'" /><input type="hidden" name="v" value="'.$v.'" /><input type="hidden" name="s" value="'.$s.'" /><input type="submit" name="ok" value="'.$L['Delete'].'" /></p>';
    $str .= '</form></td>'.N;
    $str .= '</tr></table></form>'.N;
    $oVIP->EndMessage(NULL,$str,'admin',0,'500px');
    exit;
  }

  $oVIP->Unregister($row);  
  $oVIP->EndMessage(NULL,$L['S_delete'],'admin',2);
  exit;
  break;

// --------------
case 'user_ban':
// --------------

  if ( !$oVIP->IsStaff() ) die($L['R_staff']);
  if ( $s<2 ) die('Wrong parameters: user 0 and 1 cannot be banned');
  include(Translate('qti_reg.php'));

  $oVIP->selfname = $L['Ban_user'];
  $oVIP->exiturl  = 'qti_user.php?id='.$s;
  $oVIP->exitname = '&laquo; '.$L['Profile'];
  if ( $v=='adm' )
  {
    $oVIP->exiturl = 'qti_adm_users.php';
    $oVIP->exitname = '&laquo; '.$L['Users'];
  }

  // ask delay
  if ( empty($ok) || $t<0 )
  {
    $oDB->Query('SELECT closed,name,photo FROM '.TABUSER.' WHERE id='.$s);
    $row = $oDB->Getrow();
    $oVIP->EndMessage
    (
    NULL,
    '<table class="hidden" cellspacing="0"><tr>
    <td class="hidden">'.AsImgBox(AsImg(AsAvatarScr($row['photo']),'',$row['name'],'member'),'picbox','',$row['name']).'</td>
    <td class="hidden">
    <form method="get" action="'.$oVIP->selfurl.'">
    <p style="text-align:right">'.$L['H_ban'].' <select name="t" size="1" />
    <option value="0"'.($row['closed']=='0' ? QSEL : '').'>'.$L['N'].'</option>
    <option value="1"'.($row['closed']=='1' ? QSEL : '').'>1 '.$L['Day'].'</option>
    <option value="2"'.($row['closed']=='2' ? QSEL : '').'>10 '.$L['Days'].'</option>
    <option value="3"'.($row['closed']=='3' ? QSEL : '').'>20 '.$L['Days'].'</option>
    <option value="4"'.($row['closed']=='4' ? QSEL : '').'>30 '.$L['Days'].'</option>
    </select>&nbsp;
    <input type="hidden" name="a" value="'.$a.'" />
    <input type="hidden" name="s" value="'.$s.'" />
    <input type="hidden" name="v" value="'.$v.'" />
    <input type="submit" name="ok" value="'.$L['Ok'].'" /></p>
    </form>
    </td>
    </tr>
    </table>',
    'admin',
    0,
    '500px'
    );

    exit;
  }

  // ban user
  if ( $t==-1 ) die('Wrong parameters: delay');
  $oDB->Query('UPDATE '.TABUSER.' SET closed="'.$t.'" WHERE id='.$s);

  // exit
  $oVIP->EndMessage(NULL,$L['S_update'],'admin',2);
  exit;
  break;

// --------------
case 'topicdelete':
// --------------

  if ( !$oVIP->IsStaff() ) die($L['R_staff']);
  if ( $t<0 ) die('Wrong parameters: missing topic id');

  $oVIP->selfname = $L['Delete'].' '.$L['Topic'];
  $oVIP->exiturl = 'qti_topics.php?s='.$s;
  $oVIP->exitname = '&laquo; '.$L['Section'];

  // ask confirmation
  if ( empty($ok) )
  {
    $oTopic = new cTopic($t);
    if ( $oTopic->items==0 ) { $str=$L['None']; } else { $str=$oTopic->items.' <span class="small">('.$L['Last_message'].' '.QTdatestr($oTopic->lastpostdate).')</span>'; }

    $oVIP->EndMessage
    (
    NULL,
    '<form method="get" action="'.$oVIP->selfurl.'">
    <table cellspacing="0" class="data_o">
    <tr>
    <td class="colhd colhdfirst" style="width:150px;">'.$L['Title'].'</td>
    <td class="colct">'.$oTopic->GetTopicTitle().'</td>
    </tr>
    <tr>
    <td class="colhd colhdfirst">'.$L['Author'].'</td>
    <td class="colct">'.$oTopic->firstpostname.' <span class="small">('.QTdatestr($oTopic->firstpostdate).')</span></td>
    </tr>
    <tr>
    <td class="colhd colhdfirst">'.$L['Replys'].'</td>
    <td class="colct">'.$str.'</td>
    </tr>
    <tr>
    <td class="colhd colhdfirst">&nbsp;</td>
    <td class="colct"><input type="hidden" name="a" value="'.$a.'" /><input type="hidden" name="s" value="'.$s.'" /><input type="hidden" name="t" value="'.$t.'" /><input type="submit" name="ok" value="'.$L['Delete'].'" /></td>
    </tr>
    </table>
    </form>',
    $_SESSION[QT]['skin_dir'],
    0,
    '600px'
    );
    exit;
  }

  // delete topic
  if ( $t<0 ) die('Wrong parameters: missing topic id');
  $oDB->Query('DELETE FROM '.TABPOST.' WHERE topic='.$t);
  $oDB->Query('DELETE FROM '.TABTOPIC.' WHERE id='.$t);

  // update section stats
  $voidSEC = new cSection(); $voidSEC->id=$s; $voidSEC->UpdateStats(array(),true,true);

  // exit
  $oVIP->EndMessage(NULL,$L['S_delete'],$_SESSION[QT]['skin_dir'],2);
  exit;
  break;

// --------------
case 'topicmove':
// --------------

  if ( !$oVIP->IsStaff() ) die($L['R_staff']);
  if ( $t<0 ) die('Wrong parameters: missing topic id');

  $oVIP->selfname = $L['Move'].' '.$L['Topic'];
  $oVIP->exiturl = 'qti_topics.php?s='.$s;
  $oVIP->exitname = '&laquo; '.$L['Section'];

  // ask confirmation
  if ( empty($ok) || $p<0 )
  {
    $oTopic = new cTopic($t);
    $arrSections = QTarrget(GetSections($oVIP->role,-1,$s));
    if ( $oTopic->items==0 ) { $str=$L['None']; } else { $str=$oTopic->items.' <span class="small">('.$L['Last_message'].' '.QTdatestr($oTopic->lastpostdate).')</span>'; }

    $oVIP->EndMessage
    (
    NULL,
    '<form method="get" action="'.$oVIP->selfurl.'">
    <table cellspacing="0" class="data_o">
    <tr>
    <td class="colhd colhdfirst" style="width:150px;">'.$L['Title'].'</td>
    <td class="colct">'.$oTopic->GetTopicTitle().'</td>
    </tr>
    <tr>
    <td class="colhd colhdfirst">'.$L['Author'].'</td>
    <td class="colct">'.$oTopic->firstpostname.' <span class="small">('.QTdatestr($oTopic->firstpostdate).')</span></td>
    </tr>
    <tr>
    <td class="colhd colhdfirst">'.$L['Replys'].'</td>
    <td class="colct">'.$str.'</td>
    </tr>
    <tr>
    <td class="colhd colhdfirst">'.$L['Move_to'].'</td>
    <td class="colct"><select name="p" size="1">'.QTasTag($arrSections).'</select></td>
    </tr>
    <tr class="tr">
    <td class="colhd colhdfirst">'.$L['Ref'].'</td>
    <td class="colct"><select name="v" size="1">
    <option value="1">'.$L['Move_keep'].'</option>
    <option value="0">'.$L['Move_reset'].'</option>
    <option value="2">'.$L['Move_follow'].'</option>
    </select></td>
    </tr>
    <tr>
    <td class="colhd colhdfirst">&nbsp;</td>
    <td class="colct"><input type="hidden" name="a" value="'.$a.'" />
    <input type="hidden" name="s" value="'.$s.'" />
    <input type="hidden" name="t" value="'.$t.'" />
    <input type="submit" name="ok" value="'.$L['Ok'].'" /></td>
    </tr>
    </table>
    </form>',
    $_SESSION[QT]['skin_dir'],
    0,
    '600px'
    );
    exit;
  }

  // move topic
  if ( $s<0 ) die('Wrong parameters forum id');
  if ( $t<0 ) die('Wrong parameters id');
  if ( $p<0 ) die('Wrong parameters dest');
  if ( $v<0 ) die('Wrong parameters ref');
  $oSEC = new cSection($s);
  $oSEC->MoveTopics($p,$v,$t);

  // exit
  $oVIP->EndMessage(NULL,$L['S_update'],$_SESSION[QT]['skin_dir'],2);
  exit;
  break;

// --------------
case 'topicparam':
// --------------

  if ( !$oVIP->IsStaff() ) die($L['R_staff']);
  if ( $t<0 ) die('Wrong parameters: missing topic id');

  $oVIP->selfname = L('Inspection').' '.L('Parameters');
  $oVIP->exiturl = 'qti_topic.php?t='.$t;
  $oVIP->exitname = '&laquo; '.$L['Topic'];

  $oTopic = new cTopic($t);  
  if ( $oTopic->type!='I' ) { $oVIP->EndMessage(NULL,'Specific parameters cannot be confirgured.',$_SESSION[QT]['skin_dir'],2); exit; }

  $arr = $oTopic->ReadOptions();
  
  // ask confirmation

  if ( empty($ok) )
  {
    if ( !isset($arr['Itype']) ) $arr['Itype'] = '0';
    if ( !isset($arr['Ilevel']) ) $arr['Ilevel'] = '3' ;
    if ( !isset($arr['Istat']) ) $arr['Istat'] = 'mean';
    $oVIP->EndMessage
    (
    NULL,
    '<form method="get" action="'.$oVIP->selfurl.'">
    <table cellspacing="0" class="data_o">
    <tr>
    <td class="colhd colhdfirst" style="width:150px;">'.$L['Status'].'</td>
    <td class="colct"><select name="v" size="1">'.QTasTag(array('0'=>L('I_closed'),'1'=>L('I_running')),$arr['Itype']).'</select></td>
    </tr>
    <tr>
    <td class="colhd colhdfirst">'.L('I_level').'</td>
    <td class="colct"><select name="v1" size="1">'.QTasTag(array('2'=>'2) '.L('I_r_yes').' / '.L('I_r_no'),'3'=>'3) '.L('I_r_good').' / '.L('I_r_medium').' / '.L('I_r_bad'),'5'=>'5) '.L('I_r_veryhigh').' / '.L('I_r_high').' / '.L('I_r_medium').' / '.L('I_r_low').' / '.L('I_r_verylow'),'100'=>'100) '.L('Percent')),$arr['Ilevel']).'</select></td>
    </tr>
    <tr>
    <td class="colhd colhdfirst">'.L('I_aggregation').'</td>
    <td class="colct"><select name="v2" size="1">'.QTasTag(array('mean'=>L('I_v_mean'),'min'=>L('I_v_min'),'max'=>L('I_v_max'),'first'=>L('I_v_first'),'last'=>L('I_v_last')),$arr['Istat']).'</select></td>
    </tr>
    <tr>
    <td class="colhd colhdfirst">&nbsp;</td>
    <td class="colct"><input type="hidden" name="a" value="'.$a.'" />
    <input type="hidden" name="s" value="'.$s.'" />
    <input type="hidden" name="t" value="'.$t.'" />
    <input type="submit" name="ok" value="'.$L['Ok'].'" /></td>
    </tr>
    </table>
    </form>',
    $_SESSION[QT]['skin_dir'],
    0,
    '600px'
    );
    exit;
  }

  // save

  $arr = QTarradd($arr,'Itype',$v);
  $arr = QTarradd($arr,'Ilevel',$v1);
  $arr = QTarradd($arr,'Istat',$v2);
  $oTopic->options = QTimplode($arr);
  $oTopic->WriteOptions();
  
  // activate inspection and recompute aggregation

  $oTopic->SetStatus(($arr['Itype']=='0' ? 'Z' : 'A'),false);
  if ( $oTopic->items>0 ) 
  {
    $oTopic->z = $oTopic->InspectionAggregate();
    $oDB->Query( 'UPDATE '.TABTOPIC.' SET z='.$oTopic->z.' WHERE id='.$oTopic->id );
  }

  // exit
  $oVIP->EndMessage(NULL,$L['S_update'],$_SESSION[QT]['skin_dir'],2);
  exit;
  break;

// --------------
case 'post':
// --------------

  $oVIP->selfname = $L['Message'];
  $oVIP->exiturl  = 'qti_topic.php?t='.$t;
  $oVIP->exitname = '&laquo; '.$L['Topic'];

  $oSEC = new cSection($s);
  $oTopic = new cTopic($t);
  $oPost = new cPost($p);

  echo $oHtml->Head();
  echo $oHtml->Body();

  HtmlPageCtrl(0,'90%');

  echo '
  <div class="msgboxpreview">

  <h2>',$oVIP->selfname,'</h2>
  ';
  $oPost->Show($oSEC,$oTopic,true,'','',$_SESSION[QT]['skin_dir'],'1');

  echo '
  </div>
  ';
  echo '<p><a id="exiturl" href="',Href($oVIP->exiturl),'">',$oVIP->exitname,'</a></p>';

  HtmlPageCtrl(1);

  echo $oHtml->End();

  exit;
  break;
  
// --------------
default:
// --------------

  echo 'Unknown action';
  break;

// --------------
}

$oVIP->EndMessage('!','Command ['.$a.'] failled...',$_SESSION[QT]['skin_dir'],2);

?>
Return current item: QuickTicket