<?php
/**
* PHP versions 5
*
* LICENSE: This source file is subject to version 3.0 of the PHP license
* that is available through the world-wide-web at the following URI:
* http://www.php.net/license. If you did not receive a copy of
* the PHP License and are unable to obtain it through the web, please
* send a note to hide@address.com so we can mail you a copy immediately.
*
* @package QuickTicket
* @author Philippe Vandenberghe <hide@address.com>
* @copyright 2008-2012 The PHP Group
* @version 2.5 build:20101222
*
* About text coding in the database
* This script will convert the text before inserting into the dabase as follow:
*
* 1) stripslashes
* 2) htmlspecialchar($text,ENT_QUOTES) <>&"' are converted to html
* 3) bbcodes remain UNCHANGED (they are converted while displayed)
*/
session_start();
require_once('bin/qti_init.php');
if ( !$oVIP->CanView('V6') ) die(Error(11));
include('bin/qti_fn_sql.php');
function DelayAcceptable($intPosts=0)
{
if ( isset($_SESSION[QT]['posts_delay']) ) { $intMax = intval($_SESSION[QT]['posts_delay']); } else { $intMax=5; }
if ( $intPosts==0 ) return TRUE;
if ( isset($_SESSION['qti_usr_lastpost']) ) {
if ( !empty($_SESSION['qti_usr_lastpost']) ) {
if ( $_SESSION['qti_usr_lastpost']+$intMax >= time() ) return FALSE;
}}
return TRUE;
}
function PostsTodayAcceptable($intMax)
{
global $oDB,$oVIP;
if ( $oVIP->id<2 || $oVIP->numpost==0 ) return TRUE;
// count if not yet defined
if ( !isset($_SESSION['qti_usr_posts_today']) )
{
$oDB->Query( 'SELECT count(id) as td FROM '.TABPOST.' WHERE userid='.$oVIP->id.' AND '.SqlDateCondition(date('Ymd'),'issuedate',8) );
$row = $oDB->Getrow();
$_SESSION['qti_usr_posts_today'] = intval($row['td']);
}
if ( $_SESSION['qti_usr_posts_today']<$intMax ) return TRUE;
return FALSE;
}
// --------
// INITIALISE
// --------
$a = -1;
$s = -1;
$t = -1;
$p = -1;
QThttpvar('a s t p','str int int int');
// check arguments
if ( $s<0 ) die('Missing parameters: section');
if ( !in_array($a,array('nt','re','ed','qu')) ) die('Missing parameters A');
// check maximum post per day (not for moderators)
if ( $oVIP->role=='U' || $oVIP->role=='V' ) {
if ( !PostsTodayAcceptable(intval($_SESSION[QT]['posts_per_day'])) ) {
$error=$L['E_too_much'];
// exit
$oVIP->selfname = $L['Post_new_topic'];
$oVIP->exiturl = 'qti_topics.php?s='.$s;
$oVIP->EndMessage(NULL,$error,$_SESSION[QT]['skin_dir'],0);
}}
$oSEC = new cSection($s);
$oTopic = new cTopic(($t>=0 ? $t : null));
$oPost = new cPost(($p>=0 ? $p : null));
// initialise others
$now = date('Ymd His');
$bUpload = false;
$strBehalf = '';
$intNotified = -1;
$strNotified = '';
$oVIP->selfurl = 'qti_form_edit.php';
$oVIP->selfname = $L['Message'];
if ( $a=='nt' ) $oVIP->selfname = $L['Post_new_topic'];
if ( $a=='re' ) $oVIP->selfname = $L['Post_reply'];
if ( $a=='qu' ) $oVIP->selfname = $L['Post_reply'];
if ( $a=='ed' ) $oVIP->selfname = $L['Edit'];
$oVIP->exiturl = "qti_topic.php?t=$t";
$oVIP->exitname = $L['Topics'];
// MAP MODULE
if ( UseModule('map') ) { $strCheck=$s; include('qtim_map_ini.php'); } else { $bMap=false; }
// --------
// SUBMITTED
// --------
// ::::::::
if ( isset($_POST['dosend']) || isset($_POST['dopreview']) ) {
// ::::::::
$error = $oPost->SetFromPost($a!='ed'); // FALSE means author must not be changed because editing an existing message
if ( $oTopic->type=='I' && isset($_POST['titlevalue']) ) $oPost->title=trim($_POST['titlevalue']);
if ( $oTopic->type!='I' && $oPost->text=='') $error = $L['Message'].' '.$L['E_invalid'];
if ( isset($_POST['notifiedname']) )
{
$strNotified = trim($_POST['notifiedname']); if ( get_magic_quotes_gpc() ) $strNotified = stripslashes($strNotified);
// Complete if missing notified name
if ( !empty($strNotified) )
{
$strNotified = htmlspecialchars($strNotified,ENT_QUOTES);
$intNotified = current(array_keys(GetUsers('name',$strNotified) )); // can be FALSE when not found
if ( !is_int($intNotified) ) { $intNotified=-1; $error=$L['Notify_also'].' '.$L['E_invalid']; }
}
}
if ( isset($_POST['wisheddate']) )
{
if ( !empty($_POST['wisheddate']) )
{
$str = QTdatestr(trim($_POST['wisheddate']),'Ymd','');
if ( !is_string($str) ) $error = $L['Wisheddate'].' '.Error(1);
if ( substr($str,0,6)=='Cannot' ) $error = $L['Wisheddate'].' '.Error(1);
if ( substr($str,0,4)=='1970' ) $error = $L['Wisheddate'].' '.Error(1);
if ( empty($error) ) $oTopic->wisheddate = $str;
}
}
if ( isset($_POST['coord']) )
{
if ( get_magic_quotes_gpc() ) $_POST['coord'] = stripslashes($_POST['coord']);
if ( !empty($_POST['coord']) )
{
$_POST['coord'] = QTstr2yx($_POST['coord']);
if ($_POST['coord']===FALSE ) $error='Invalid coordinate format';
}
}
// Mandatory submitted fields (in case of new topic)
if ( $a=='nt' )
{
if ( $oSEC->notifycc=='2' && $intNotified<0 ) $error = $L['Notify_also'].': '.$L['Missing'];
if ( $oSEC->wisheddate=='2' && empty($_POST['wisheddate']) ) $error = $L['Wisheddate'].': '.$L['Missing'];
if ( $oPost->title=='' && $oSEC->titlefield==2 ) $error = $L['E_no_title'];
}
// Mandatory submitted fields (new topic or reply)
if ( strlen($oPost->text)>$_SESSION[QT]['chars_per_post'] ) $error = $L['E_too_long'].' '.sprintf($L['E_char_max'], $_SESSION[QT]['chars_per_post']);
if ( substr_count($oPost->text,"\n")>$_SESSION[QT]['lines_per_post'] ) $error = $L['E_too_long'].' '.sprintf($L['E_line_max'], $_SESSION[QT]['lines_per_post']);
if ( strlen($oPost->text)>999 ) $oPost->text = substr( $oPost->text, 0, $_SESSION[QT]['chars_per_post'] );
$oTopic->preview = QTcompact(QTunbbc($oPost->text),250,' ');
// Check submitted rules (when sending the message)
if ( isset($_POST['dosend']) && empty($error) )
{
// check maximum post per user/minutes
if ( !DelayAcceptable($oVIP->numpost) ) $error=$L['E_wait'];
// check message
if ( empty($error) )
{
// ----------
// module antispam
if ( UseModule('antispam') ) include('qtim_antispam.php');
// ----------
}
// Check upload
if ( empty($error) ) {
if ( $_SESSION[QT]['upload']!='0' ) {
if ( !empty($_FILES['attach']['name']) ) {
include('bin/qti_upload.php');
$error = InvalidUpload($_FILES['attach'],$arrFileextensions,$arrMimetypes,intval($_SESSION[QT]['upload_size'])*1024+16);
if ( empty($error) )
{
$strFile = strtolower($_FILES['attach']['name']);
$strExt = strrchr($strFile,'.');
if ( $strExt ) $strFile = substr($strFile,0,-strlen($strExt));
if ( strlen($strFile)>200 ) $strFile = substr($strFile,0,200);
$strFile = QTconv($strFile,'F',false,false);
$strFile .= $strExt;
$bUpload=true;
}
}}}
}
// ::::::::
}
// ::::::::
// ::::::::
if ( isset($_POST['dosend']) && empty($error) ) {
// ::::::::
// SEND a new topic
if ( $a=='nt' )
{
$oTopic->id = $oDB->Nextid(TABTOPIC);
$oTopic->numid = $oDB->Nextid(TABTOPIC,'numid','WHERE forum='.$s);
$oPost->id = $oDB->Nextid(TABPOST);
$oPost->topic = $oTopic->id;
$oPost->section = $s;
$oTopic->parentid = $s;
// if moderator post
if ( isset($_POST['topictype']) ) $oTopic->type = $_POST['topictype'];
if ( isset($_POST['topicstatus']) ) $oTopic->status = $_POST['topicstatus'];
$oTopic->firstpostid = $oPost->id;
$oTopic->lastpostid = $oPost->id;
$oTopic->firstpostuser = $oPost->userid;
$oTopic->firstpostname = $oPost->username;
$oTopic->lastpostuser = $oPost->userid;
$oTopic->lastpostname = $oPost->username;
$oTopic->firstpostdate = $now;
$oTopic->lastpostdate = $now;
if ( $intNotified>=0 )
{
$oTopic->notifiedid = $intNotified;
$oTopic->notifiedname = $strNotified;
}
// replace empty title
if ( empty($oPost->title) ) $oPost->title = str_replace("\r\n",' ',QTunbbc(QTcompact($oPost->text,50,' ')));
$oPost->type = 'P';
$oPost->issuedate = $now;
if ( $bUpload )
{
$strDir = TargetDir(QTI_DIR_DOC,$oPost->id);
if ( !empty($_POST['oldattach']) ) if ( file_exists(QTI_DIR_DOC.$strDir.$oPost->id.'_'.$_POST['oldattach']) ) unlink(QTI_DIR_DOC.$strDir.$oPost->id.'_'.$_POST['oldattach']);
copy($_FILES['attach']['tmp_name'],QTI_DIR_DOC.$strDir.$oPost->id.'_'.$strFile);
unlink($_FILES['attach']['tmp_name']);
$oPost->attach = $strDir.$oPost->id.'_'.$strFile;
}
$oPost->InsertPost(); // No topic stat (topic not yet created), No user stat (computed when inserting topic)
$oTopic->InsertTopic(true,true,$oPost,$oSEC);
$oSEC->UpdateStats(array('tags'=>$oSEC->tags));
$oVIP->numpost++;
// location insert
if ( $bMap ) {
if ( isset($_POST['coord']) ) {
if ( !empty($_POST['coord']) ) {
QTgpoint(TABTOPIC,$oTopic->id,QTgety($_POST['coord']),QTgetx($_POST['coord']));
}}}
// ----------
// module rss
if ( UseModule('rss') ) { if ( $_SESSION[QT]['m_rss']=='1' ) include('qtim_rss_inc.php'); }
// ----------
}
// SEND a reply
if ( $a=='re' || $a=='qu' )
{
$oPost->id = $oDB->Nextid(TABPOST);
$oPost->topic = $t;
$oPost->section = $s;
$oPost->type = 'R';
$oPost->issuedate = $now;
if ( $bUpload )
{
$strDir = TargetDir(QTI_DIR_DOC,$oPost->id);
if ( !empty($_POST['oldattach']) ) if ( file_exists(QTI_DIR_DOC.$strDir.$oPost->id.'_'.$_POST['oldattach']) ) unlink(QTI_DIR_DOC.$strDir.$oPost->id.'_'.$_POST['oldattach']);
copy($_FILES['attach']['tmp_name'],QTI_DIR_DOC.$strDir.$oPost->id.'_'.$strFile);
unlink($_FILES['attach']['tmp_name']);
$oPost->attach = $strDir.$oPost->id.'_'.$strFile;
}
$oPost->InsertPost(false,true); // No update topic stat (done after), Update the user's stat
$oTopic->UpdateStats(intval($_SESSION[QT]['posts_per_topic'])); // Update topic stats and close topic if full (and lastpost topic info)
$oVIP->numpost++;
// topic type (from staff)
if ( isset($_POST['topictype']) )
{
if ( $_POST['topictype']!=$_POST['oldtype'] ) $oTopic->SetType($t,$_POST['topictype']);
}
// topic status (from staff)
if ( isset($_POST['topicstatus']) ) {
if ( $_POST['topicstatus']!=$_POST['oldstatus'] ) {
$oTopic->SetStatus($_POST['topicstatus'],true,$oPost);
}}
$oSEC->replies++;
$oSEC->UpdateStats(array('topics'=>$oSEC->items,'replies'=>$oSEC->replies,'tags'=>$oSEC->tags));
}
// SEND a edition
if ( $a=='ed' )
{
if ( $oSEC->titlefield==0 && $oPost->type=='P' )
{
$oPost->title = str_replace("\r\n",' ',QTunbbc(QTcompact($oPost->text,50,' ')));
}
if ( empty($oPost->title) && $oPost->type=='P' )
{
$oPost->title = str_replace("\r\n",' ',QTunbbc(QTcompact($oPost->text,50,' ')));
}
// location update (or delete)
if ( $bMap ) {
if ( isset($_POST['coord']) ) {
if ( empty($_POST['coord']) ) { QTgpointdelete(TABTOPIC,$oTopic->id); } else { QTgpoint(TABTOPIC,$oTopic->id,QTgety($_POST['coord']),QTgetx($_POST['coord'])); }
}}
$strModif='';
// modifdate+modifuser if editor is not the creator
if ( $oPost->modifuser!=$oPost->userid ) $strModif=', modifdate="'.date('Ymd His').'", modifuser='.$oPost->modifuser.', modifname="'.$oPost->modifname.'"';
// modifdate+modifuser if not the last message
if ( $oTopic->lastpostid!=$oPost->id ) $strModif=', modifdate="'.date('Ymd His').'", modifuser='.$oPost->modifuser.', modifname="'.$oPost->modifname.'"';
if ( $bUpload )
{
$strDir = TargetDir(QTI_DIR_DOC,$oPost->id);
if ( !empty($_POST['oldattach']) ) if ( file_exists(QTI_DIR_DOC.$strDir.$oPost->id.'_'.$_POST['oldattach']) ) unlink(QTI_DIR_DOC.$strDir.$oPost->id.'_'.$_POST['oldattach']);
copy($_FILES['attach']['tmp_name'],QTI_DIR_DOC.$strDir.$oPost->id.'_'.$strFile);
unlink($_FILES['attach']['tmp_name']);
$oPost->attach = $strDir.$oPost->id.'_'.$strFile;
}
// if drop attachement
if ( isset($_POST['drop']) ) { if ( $_POST['drop'][0]=='1' ) $oPost->Dropattach(); }
if ( $oDB->type=='db2' )
{
$oDB->Query( 'UPDATE '.TABPOST.' SET title="'.addslashes(QTconv($oPost->title,'3',QTI_CONVERT_AMP,false)).'", icon="'.$oPost->icon.'",textmsg="'.addslashes(QTconv($oPost->text,'3',QTI_CONVERT_AMP,false)).'",",textmsg2="'.substr(addslashes(QTconv($oPost->text,'3',QTI_CONVERT_AMP,false)),0,255).'",attach="'.$oPost->attach.'" '.$strModif.' WHERE id='.$oPost->id );
}
else
{
$oDB->Query( 'UPDATE '.TABPOST.' SET title="'.addslashes(QTconv($oPost->title,'3',QTI_CONVERT_AMP,false)).'", icon="'.$oPost->icon.'",textmsg="'.addslashes(QTconv($oPost->text,'3',QTI_CONVERT_AMP,false)).'",attach="'.$oPost->attach.'" '.$strModif.' WHERE id='.$oPost->id );
}
if ( isset($_POST['wisheddate']) ) {
$oDB->Query('UPDATE '.TABTOPIC.' SET wisheddate="'.$oTopic->wisheddate.'",modifdate="'.date('Ymd His').'" WHERE id='.$t);
}
// topic type (from staff)
if ( isset($_POST['topictype']) )
{
if ( $_POST['topictype']!=$_POST['oldtype'] ) $oTopic->SetType($oTopic->id,$_POST['topictype']);
}
// topic status (from staff)
if ( isset($_POST['topicstatus']) ) {
if ( $_POST['topicstatus']!=$_POST['oldstatus'] ) {
$oTopic->SetStatus($_POST['topicstatus']);
if ( $_POST['topicstatus']=='Z' || $_POST['oldstatus']=='Z' ) $oSEC->UpdateStats(array('topics'=>$oSEC->items,'replies'=>$oSEC->replies,'tags'=>$oSEC->tags));
}}
// topic status (from user)
if ( isset($_POST['topicstatususer']) ) {
if ( $_POST['topicstatususer'][0]=='Z' ) {
$oTopic->SetStatus('Z');
$oSEC->UpdateStats(array('topics'=>$oSEC->items,'replies'=>$oSEC->replies,'tags'=>$oSEC->tags));
}}
}
// Update inspection score
if ( $oTopic->type==='I' ) $oTopic->InspectionUpdateScore();
// exit
if ( $a=='nt' && $oTopic->type=='I' )
{
$oHtml->Redirect('qti_change.php?a=topicparam&s='.$s.'&t='.$oPost->topic);
}
else
{
$oVIP->exiturl = 'qti_topic.php?t='.$oPost->topic.'#'.$oPost->id;
$str = ''; if ( $oSEC->numfield!='N' ) $str='<b>'.sprintf($oSEC->numfield,$oTopic->numid).'</b><br />';
$oVIP->EndMessage(NULL,$str.$L['S_message_saved'],$_SESSION[QT]['skin_dir'],2);
}
// ::::::::
}
// ::::::::
// --------
// HTML START
// --------
if ( $a=='nt' )
{
$oPost->icon = '00';
$oPost->type = 'P';
}
if ( $a=='qu' )
{
if ( $t<0 ) die('Missing parameters: topicid');
if ( $p<0 ) die('Missing parameters: postid');
$oPost->icon = '00';
$oPost->title = '';
$oPost->text = "[quote=$oPost->username]$oPost->text[/quote]";
// rest must be as reply
$a = 're';
}
if ( $a=='re' )
{
if ( $t<0 ) die('Missing parameters: topicid');
$oPost->icon = '00';
$oPost->type = 'R';
}
if ( $a=='ed' )
{
if ( $t<0 ) die('Missing parameters: topicid');
if ( $p<0 ) die('Missing parameters: postid');
}
$bJauto=false;
if ( $oVIP->IsStaff() ) $bJauto=true;
if ( $oSEC->notify==1 && $oPost->type=='P' && $oSEC->notifycc!=0 ) $bJauto=true;
$bJdate=false;
if ( $oSEC->wisheddate!=0 ) $bJdate=true;
// --------
// CONTENT
// --------
if ( $bJauto || $bJdate ) $oHtml->links[] = '<link rel="stylesheet" type="text/css" href="bin/css/qt_jquery.css" />';
if ( $_SESSION[QT]['bbc']!='0' )
{
$oHtml->scripts[] = '<script type="text/javascript" src="bin/qti_bbc.js"></script>';
$oHtml->links[] = '<link rel="stylesheet" type="text/css" href="bin/css/qti_bbc.css" />';
$intBbc=(CanPerform('upload',$oVIP->role) ? 3 : 2);
}
$strHeadScript = '';
if ( $bJauto || $bJdate ) $strHeadScript .= '<script type="text/javascript" src="bin/qt_jquery.js"></script>'.N;
if ( $bJauto ) $strHeadScript .= '<script type="text/javascript" src="bin/qt_jquery_auto.js"></script>'.N;
if ( $bJdate ) $strHeadScript .= '<script type="text/javascript" src="bin/qt_jquery_date.js"></script>'.N;
if ( $bJauto || $bJdate ) $strHeadScript .= '
<script type="text/javascript">
<!--
$(document).ready(function() {
'.($bJauto ? '$("#behalf").autocomplete("qti_j_name.php", { selectFirst: false });' : '').'
'.($oSEC->notifycc!=0 ? '$("#notifiedname").autocomplete("qti_j_name.php", { selectFirst: false });' : '').'
'.($oSEC->wisheddate!=0 ? '$("#wisheddate").datepicker({ firstDay: 0, dateFormat: "yy-mm-dd", monthNames: ["'.implode('","',$L['dateMMM']).'"], dayNames: ["'.implode('","',$L['dateDDD']).'"], dayNamesMin: ["'.implode('","',$L['dateD']).'"]});' : '').'
});
-->
</script>
';
$strHeadScript .= '
<script type="text/javascript">
<!--
function ValidateForm(theButton)
{
theForm = theButton.form;
'.($oTopic->type!='I' ? 'if (theForm.text.value.length==0) { alert(qtHtmldecode("'.$L['Missing'].': '.$L['Message'].'")); return false; }' : '').'
if (theForm.text.value.length>'.$_SESSION[QT]['chars_per_post'].') { alert(qtHtmldecode("'.$L['E_too_long'].': '.$L['Maximum'].' '.$_SESSION[QT]['chars_per_post'].'")); return false; }
if ( theButton.name=="dosend" )
{
theForm.action="'.Href().'";
theForm.target="";
}
else
{
if ( theForm.attach )
{
if ( theForm.attach.value.length>1 )
{
theForm.action="'.Href('qti_form_preview.php').'";
theForm.target="_blank";
}
}
}
return true;
}
-->
</script>
';
if ( $bMap )
{
if ( !empty($oTopic->y) && !empty($oTopic->x) )
{
$strPname = substr($oTopic->title,0,25);
$strPlink = '<a href="http://maps.google.com?q='.$oTopic->y.','.$oTopic->x.'&z='.$_SESSION[QT]['m_map_gzoom'].'" class="small" title="'.$L['map']['In_google'].'" target="_blank">[G]</a>';
$strPinfo = '<p class="small">Lat: '.QTdd2dms($oTopic->y).' <br />Lon: '.QTdd2dms($oTopic->x).'<br /><br />DD: '.round($oTopic->y,8).', '.round($oTopic->x,8).' '.$strPlink.'</p>';
$oMapPoint = new cMapPoint($oTopic->y,$oTopic->x,$strPname,$strPinfo);
if ( isset($_SESSION[QT]['m_map'][$s]['icon']) ) $oMapPoint->icon = $_SESSION[QT]['m_map'][$s]['icon'];
if ( isset($_SESSION[QT]['m_map'][$s]['shadow']) ) $oMapPoint->shadow = $_SESSION[QT]['m_map'][$s]['shadow'];
if ( isset($_SESSION[QT]['m_map'][$s]['printicon']) ) $oMapPoint->printicon = $_SESSION[QT]['m_map'][$s]['printicon'];
if ( isset($_SESSION[QT]['m_map'][$s]['printshadow']) ) $oMapPoint->printshadow = $_SESSION[QT]['m_map'][$s]['printshadow'];
$arrExtData[] = $oMapPoint;
}
}
include('qti_p_header.php');
// PREVIEW
if ( isset($_POST['dopreview']) && empty($error) )
{
echo '<h2>',$L['Preview'],'</h2>',N;
// get user info
$oDB->Query('SELECT signature,photo,location,role FROM '.TABUSER.' WHERE id='.$oPost->userid);
$row = $oDB->Getrow();
$oPost->userloca = $row['location'];
$oPost->useravat = $row['photo'];
$oPost->usersign = $row['signature'];
$oPost->userrole = $row['role'];
$oPost->issuedate = $now;
$oPost->Show($oSEC,$oTopic,true,'','',$_SESSION[QT]['skin_dir'],'1');
}
// TOPIC (if inspection)
if ( $oTopic->type==='I' ) {
if ( $a=='re' || $a=='qu' ) {
echo '<h2>',L('Inspection'),'</h2>',N;
// ======
$strState = 'p.*, u.role, u.location, u.photo, u.signature FROM '.TABPOST.' p, '.TABUSER.' u WHERE p.userid = u.id AND p.topic='.$oTopic->id.' ';
$oDB->Query( LimitSQL($strState,'p.id ASC',0,1) );
// ======
$strAlt = 'r1';
// ======
$row=$oDB->Getrow();
$oInspectionPost = new cPost($row);
$strButton='';
if ( !empty($oInspectionPost->modifuser) ) $strButton .= '<td class="post_modif"><span class="small"> '.$L['Modified_by'].' <a href="'.Href('qti_user.php').'?id='.$oInspectionPost->modifuser.'" class="small">'.$oInspectionPost->modifname.'</a> ('.QTdatestr($oInspectionPost->modifdate,'$','$',true,true).')</span></td>'.N;
if ( !empty($strButton) ) $strButton .= '<td class="hidden">'.' '.'</td>'.N;
if ( !empty($strButton) ) $strButton = '<table class="hidden" cellspacing="0" style="margin:10px 0 1px 0;"><tr>'.$strButton.'</tr></table>'.N;
$oInspectionPost->text = QTcompact($oInspectionPost->text,0); // Pre processing data (compact, no button)
$oInspectionPost->Show($oSEC,$oTopic,false,$strButton,'',$_SESSION[QT]['skin_dir'],$strAlt);
if ( $strAlt=='r1' ) { $strAlt='r2'; } else { $strAlt='r1'; }
// ======
}}
// FORM START
echo '<h2>',$oVIP->selfname,'</h2>',N;
if ( !empty($error) ) echo '<p><span class="error">',$error,'</span></p>';
echo '
<form id="form_edit" method="post" action="',Href(),'" enctype="multipart/form-data">
<input type="hidden" name="s" value="',$s,'" />
<input type="hidden" name="t" value="',$t,'" />
<input type="hidden" name="a" value="',$a,'" />
<input type="hidden" name="p" value="',$p,'" />
<input type="hidden" name="oldtype" value="',$oTopic->type,'" />
<input type="hidden" name="oldstatus" value="',$oTopic->status,'" />
';
if ( $oVIP->IsStaff() )
{
echo '<div class="modboard"><span class="modboard">',N;
if ( $oPost->type=='P')
{
echo $L['Type'],' <select class="small" name="topictype" size="1">',N;
echo QTasTag($oVIP->types,$oTopic->type,array('current'=>$oTopic->type,'classC'=>'bold'));
echo '</select>',N;
}
echo S,$L['Status'],' <select class="small" name="topicstatus" size="1">',N;
echo QTasTag($oVIP->statuses,$oTopic->status,array('current'=>$oTopic->status,'classC'=>'bold'));
echo '</select> ',N;
echo $L['Send_on_behalf'],' <input class="small" type="text" name="behalf" id="behalf" size="14" maxlength="24" value="'.(empty($strBehalf) ? '' : $strBehalf).'" /></span>',N;
echo '</div>',N;
}
// End of rule for status and types
echo '<table class="data_o" cellspacing="0">',N;
// PREFIX ICON
if ( !empty($oSEC->prefix) )
{
echo '<tr>',N;
echo '<td class="colhd colhdfirst" style="width:100px">',$L['Smiley'],'</td>',N;
echo '<td class="colct">',N;
for ($i=0;$i<10;$i++)
{
if ( file_exists($_SESSION[QT]['skin_dir'].'/ico_prefix_'.$oSEC->prefix.'_0'.$i.'.gif') )
{
echo '<input type="radio" name="icon" id="0',$i,'" value="0',$i,'"',($oPost->icon=='0$i' ? QCHE : ''),' tabindex="',$i,'" /><label for="0',$i,'"><img class="ico_prefi" src="',$_SESSION[QT]['skin_dir'],'/ico_prefix_',$oSEC->prefix,'_0',$i,'.gif" label="smile" title="',$L['Ico_prefix'][$oSEC->prefix.'_0'.$i],'" /></label> ',N;
}
}
echo '<input type="radio" name="icon" id="00" value="00"',($oPost->icon=='00' ? QCHE : ''),' tabindex="10" /><label for="00">',$L['None'],'</label></td>',N;
echo '</tr>',N;
}
// TITLE
if ( $oTopic->type==='I' && $oPost->type!='P' )
{
echo '<tr>',N;
echo '<td class="colhd colhdfirst"><label for="title">',L('Score'),'</label></td>',N;
echo '<td class="colct">',HtmlScore($oTopic->ReadOptions('Ilevel'),' ',$oPost->title),'</td>',N;
echo '</tr>',N;
}
else
{
if ( $oSEC->titlefield!=0 )
{
echo '<tr>',N;
echo '<td class="colhd colhdfirst"><label for="title">',$L['Title'],'</label></td>',N;
echo '<td class="colct"><input type="text" id="title" name="title" size="80" maxlength="64" value="',QTconv($oPost->title,'3',QTI_CONVERT_AMP),'" tabindex="20" /></td>',N;
echo '</tr>',N;
}
}
// MESSAGE
echo '<tr>',N;
echo '<td class="colhd colhdfirst"><label for="text">',$L['Message'],'</label></td>',N;
echo '<td class="colct">',N;
echo '<table class="hidden" cellspacing="0">',N;
if ( $_SESSION[QT]['bbc']!='0' )
{
echo '<tr class="hidden">',N;
echo '<td style="height:22px"><ul class="bbc">',N;
include('qti_form_button.php');
echo '</ul></td>',N;
echo '</tr>',N;
}
echo '<tr class="hidden">',N;
echo '<td class="hidden">',N;
echo '<a href="textarea"></a><textarea id="text" name="text" ',(strlen($oPost->text)>500 ? 'rows="30" cols="85"' : 'rows="15" cols="80"' ),' tabindex="25">',QTconv($oPost->text,'3',QTI_CONVERT_AMP,false),'</textarea>',N;
if ( CanPerform('upload',$oVIP->role) )
{
echo '<br /><a href="#" id="attachlink" style="display:none" class="small" onclick="document.getElementById(\'attachtr\').style.display=\'table-row\'; document.getElementById(\'attachlink\').style.display=\'none\';">',$L['Attachment'],'</a>';
}
echo '</td>',N;
echo '</tr>',N;
echo '</table>',N;
echo '</td></tr>',N;
// ATTACHMENT
if ( CanPerform('upload',$oVIP->role) )
{
$intMax = intval($_SESSION[QT]['upload_size'])*1024;
echo '<tr id="attachtr">',N;
echo '<td class="colhd colhdfirst"><label for="attach">',$L['Attachment'],'</label></td>',N;
echo '<td class="colct">';
if ( !empty($oPost->attach) )
{
if ( strstr($oPost->attach,'/') ) { $str = substr(strrchr($oPost->attach,'/'),1); } else { $str=$oPost->attach; }
if ( substr($str,0,strlen($oPost->id.'_'))==($oPost->id).'_' ) $str = substr($str,strlen($oPost->id.'_'));
echo AsImg($_SESSION[QT]['skin_dir'].'/ico_attachment.gif','-',$L['Attachment']),' ',$str,'<input type="hidden" id="oldattach" name="oldattach" value="',$oPost->attach,'" />';
echo ' · <input type="checkbox" id="drop" name="drop[]" value="1" tabindex="26" /><label for="drop"> ',$L['Drop_attachment'],'</label>';
}
else
{
echo '<input type="hidden" name="MAX_FILE_SIZE" value="',$intMax,'" />';
echo '<input type="file" id="attach" name="attach" size="42" tabindex="3" />';
}
echo '</td>',N,'</tr>',N;
}
// WISHEDDATE
if ( $oSEC->wisheddate!=0 ) {
if ( $oPost->type=='P' ) {
$strValue = '';
if ( $oSEC->wisheddflt>0 ) $strValue = ( $oSEC->wisheddflt==1 ? date('Y-m-d') : date('Y-m-d',strtotime('+'.($oSEC->wisheddflt-1).' day')) );
if ( isset($_POST['wisheddate']) ) $strValue = $_POST['wisheddate'];
if ( !empty($oTopic->wisheddate) ) $strValue = substr($oTopic->wisheddate,0,4).'-'.substr($oTopic->wisheddate,4,2).'-'.substr($oTopic->wisheddate,-2,2);
echo '<tr>',N;
echo '<td class="colhd colhdfirst"><label for="wisheddate">',$L['Wisheddate'],'</label></td>',N;
echo '<td class="colct"><input type="text" id="wisheddate" name="wisheddate" size="20" maxlength="10" value="',$strValue,'" tabindex="30" /> ',N;
echo '<a href="#" onclick="document.getElementById(\'wisheddate\').value=\'',date('Y-m-d'),'\';"><img src="',$_SESSION[QT]['skin_dir'],'/ico_date.gif" alt="today" title="',$L['dateSQL']['Today'],'" style="vertical-align:bottom" /></a>',N;
echo ' <span class="small">',$L['H_Wisheddate'],'</span></td>',N;
echo '</tr>',N;
}}
// NOTIFIED
if ( $oSEC->notify==1 ) {
if ( $oPost->type=='P' ) {
if ( $oSEC->notifycc!=0 ) {
// default value
$intValue = -1;
$strValue = '';
if ( $oSEC->notifycc==3 ) { $intValue = $oVIP->id; $strValue = $oVIP->username; }
if ( $intNotified>=0 ) { $intValue = $intNotified; $strValue = $strNotified; }
if ( $oTopic->notifiedid>=0 ) { $intValue = $oTopic->notifiedid; $strValue = $oTopic->notifiedname; }
//
echo '<tr>',N;
echo '<td class="colhd colhdfirst"><label for="notifiedname">',$L['Notify_also'],'</label></td>',N;
echo '<td class="colct"><input type="hidden" id="notifiedid" name="notifiedid" value="',$intValue,'" tabindex="31" /><input type="text" id="notifiedname" name="notifiedname" size="20" maxlength="24" value="',$strValue,'" /></div></td>',N;
echo '</tr>',N;
}}}
// MAP
if ( $oPost->type=='P' ) {
if ( $bMap ) {
$strPosition = '<div class="mapeditform"><p class="small" style="margin:2px 0 4px 2px;text-align:right">'.$L['map']['cancreate'];
$strPosition .= ' | <a class="small" href="javascript:void(0)" onclick="createMarker(); return false;" title="'.$L['map']['H_pntadd'].'" />'.$L['map']['pntadd'].'</a>';
if ( !empty($oTopic->x) || !empty($oTopic->y) )
{
$strPosition = '<div class="mapeditform"><p class="small" style="margin:2px 0 4px 2px;text-align:right">'.$L['map']['canmove'];
$strPosition .= ' | <a class="small" href="javascript:void(0)" onclick="deleteMarker(); return false;" />'.$L['map']['pntdelete'].'</a>';
}
$strPosition .= ' | <a class="small" href="javascript:void(0)" onclick="undoChanges(); return false;" />'.$L['map']['undo'].'</a></p>';
$strPosition .= '
<div id="map_canvas" style="width:100%; height:350px;"></div>
<input type="hidden" id="m_map_gcenter" name="m_map_gcenter" value="" />
';
$strPosition .= '<p class="small" style="margin:4px 0 2px 2px;text-align:right">'.$L['map']['addrlatlng'].' <input type="text" size="24" id="find" name="find" class="small" value="'.$_SESSION[QT]['m_map_gfind'].'" onkeyup="qtKeypress(event,\'findit\')" title="'.$L['map']['H_addrlatlng'].'" /> <input type="submit" id="findit" class="small" onclick="showLocation(document.getElementById(\'find\').value); return false;" value="'.$L['Search'].'" /></p></div>';
echo '<tr><td class="colhd colhdfirst">',$L['map']['position'],'</td><td class="colct">',$strPosition,'</td></tr>';
echo '<tr class="data_o">
<td class="colhd">',$L['Coord'],'</td>
<td class="colct"><input type="text" id="m_map_coord" name="coord" size="32" value="'.(!empty($oTopic->y) ? $oTopic->y.','.$oTopic->x : '').'" tabindex="32" /> <span class="small">',$L['Coord_latlon'],'</span></td>
</tr>
';
}}
// SUBMIT
echo '<tr>',N;
echo '<td class="colhd colhdfirst"> </td>',N;
echo '<td class="colct">',N;
if ( $oTopic->type!='I' && $oTopic->status!='Z' && $oTopic->firstpostuser==$oVIP->id )
{
// topic status (from user)
$bChecked = false;
if ( isset($_POST['topicstatususer']) ) { if ( $_POST['topicstatususer'][0]=='Z' ) $bChecked=true; }
echo '<input type="checkbox" id="topicstatususer" name="topicstatususer[]" value="Z"',($bChecked ? QCHE : ''),' tabindex="97" /><label for="topicstatususer"> ',$L['Close_my_topic'],' </label>';
}
echo ' <input type="submit" id="dopreview" name="dopreview" value="',$L['Preview'],'" tabindex="98" onclick="return ValidateForm(this);" />';
echo ' <input type="submit" id="dosend" name="dosend" value="',$L['Send'],'" tabindex="99" onclick="return ValidateForm(this);" /> ',N;
echo '</td>',N;
echo '</tr>',N;
// FORM END
echo '
</table>
</form>
';
// PREVIOUS POSTS (not for inspection)
if ( $oTopic->type!='I' ) {
if ( $a=='re' || $a=='qu' ) {
echo '<h2>',$L['Previous_replies'],'</h2>',N;
// ======
$strState = 'p.*, u.role, u.location, u.photo, u.signature FROM '.TABPOST.' p, '.TABUSER.' u WHERE p.userid = u.id AND p.topic='.$oTopic->id.' ';
$oDB->Query( LimitSQL($strState,'p.id DESC',0,5) );
// ======
$intPosts = 5;
$iMsgNum = $oTopic->items + 2;
$intWhile= 0;
$strAlt = 'r1';
$bButton = false;
$bAvatar = false;
// ======
while($row=$oDB->Getrow())
{
$iMsgNum = $iMsgNum-1;
$oPost = new cPost($row,$iMsgNum);
$strButton='';
if ( !empty($oPost->modifuser) ) $strButton .= '<td class="post_modif"><span class="small"> '.$L['Modified_by'].' <a href="'.Href('qti_user.php').'?id='.$oPost->modifuser.'" class="small">'.$oPost->modifname.'</a> ('.QTdatestr($oPost->modifdate,'$','$',true,true).')</span></td>'.N;
if ( !empty($strButton) ) $strButton .= '<td class="hidden">'.' '.'</td>'.N;
if ( !empty($strButton) ) $strButton = '<table class="hidden" cellspacing="0" style="margin:10px 0 1px 0;"><tr>'.$strButton.'</tr></table>'.N;
$oPost->text = QTcompact($oPost->text,0); // Pre processing data (compact, no button)
$oPost->Show($oSEC,$oTopic,false,$strButton,'',$_SESSION[QT]['skin_dir'],$strAlt);
if ( $strAlt=='r1' ) { $strAlt='r2'; } else { $strAlt='r1'; }
$intWhile++;
}
// ======
}}
// HTML END
$strFooterAddScript = '
<script type="text/javascript">
<!--
if ( document.getElementById("attachlink") ) document.getElementById("attachlink").style.display="inline";
if ( document.getElementById("attachtr") ) document.getElementById("attachtr").style.display="none";
-->
</script>
';
if ( $bMap ) { $bEdit=true; include('qtim_map_load.php'); } // MAP MODULE
include('qti_p_footer.php');
?>