Location: PHPKode > projects > QuickTicket > quickticket/qti_form_edit.php
<?php

/**
* PHP versions 5
*
* LICENSE: This source file is subject to version 3.0 of the PHP license
* that is available through the world-wide-web at the following URI:
* http://www.php.net/license. If you did not receive a copy of
* the PHP License and are unable to obtain it through the web, please
* send a note to hide@address.com so we can mail you a copy immediately.
*
* @package    QuickTicket
* @author     Philippe Vandenberghe <hide@address.com>
* @copyright  2008-2012 The PHP Group
* @version    2.5 build:20101222
*
* About text coding in the database
* This script will convert the text before inserting into the dabase as follow:
*
* 1) stripslashes
* 2) htmlspecialchar($text,ENT_QUOTES) <>&"' are converted to html
* 3) bbcodes remain UNCHANGED (they are converted while displayed)
*/

session_start();
require_once('bin/qti_init.php');
if ( !$oVIP->CanView('V6') ) die(Error(11));

include('bin/qti_fn_sql.php');

function DelayAcceptable($intPosts=0)
{
  if ( isset($_SESSION[QT]['posts_delay']) ) { $intMax = intval($_SESSION[QT]['posts_delay']); } else { $intMax=5; }
  if ( $intPosts==0 ) return TRUE;
  if ( isset($_SESSION['qti_usr_lastpost']) ) {
  if ( !empty($_SESSION['qti_usr_lastpost']) ) {
    if ( $_SESSION['qti_usr_lastpost']+$intMax >= time() ) return FALSE;
  }}
  return TRUE;
}

function PostsTodayAcceptable($intMax)
{
  global $oDB,$oVIP;
  if ( $oVIP->id<2 || $oVIP->numpost==0 ) return TRUE;

  // count if not yet defined
  if ( !isset($_SESSION['qti_usr_posts_today']) )
  {
    $oDB->Query( 'SELECT count(id) as td FROM '.TABPOST.' WHERE userid='.$oVIP->id.' AND '.SqlDateCondition(date('Ymd'),'issuedate',8) );
    $row = $oDB->Getrow();
    $_SESSION['qti_usr_posts_today'] = intval($row['td']);
  }
  if ( $_SESSION['qti_usr_posts_today']<$intMax ) return TRUE;
  return FALSE;
}
  
// --------
// INITIALISE
// --------

$a = -1;
$s = -1;
$t = -1;
$p = -1;
QThttpvar('a s t p','str int int int');

// check arguments
if ( $s<0 ) die('Missing parameters: section');
if ( !in_array($a,array('nt','re','ed','qu')) ) die('Missing parameters A');

// check maximum post per day (not for moderators)
if ( $oVIP->role=='U' || $oVIP->role=='V' ) {
if ( !PostsTodayAcceptable(intval($_SESSION[QT]['posts_per_day'])) ) {
  $error=$L['E_too_much'];
  // exit
  $oVIP->selfname = $L['Post_new_topic'];
  $oVIP->exiturl = 'qti_topics.php?s='.$s;
  $oVIP->EndMessage(NULL,$error,$_SESSION[QT]['skin_dir'],0);
}}

$oSEC = new cSection($s);
$oTopic = new cTopic(($t>=0 ? $t : null));
$oPost = new cPost(($p>=0 ? $p : null));

// initialise others

$now = date('Ymd His');
$bUpload = false;
$strBehalf = '';
$intNotified = -1;
$strNotified = '';

$oVIP->selfurl = 'qti_form_edit.php';
$oVIP->selfname = $L['Message'];
if ( $a=='nt' ) $oVIP->selfname = $L['Post_new_topic'];
if ( $a=='re' ) $oVIP->selfname = $L['Post_reply'];
if ( $a=='qu' ) $oVIP->selfname = $L['Post_reply'];
if ( $a=='ed' ) $oVIP->selfname = $L['Edit'];
$oVIP->exiturl = "qti_topic.php?t=$t";
$oVIP->exitname = $L['Topics'];

// MAP MODULE

if ( UseModule('map') ) { $strCheck=$s; include('qtim_map_ini.php'); } else { $bMap=false; }

// --------
// SUBMITTED
// --------

// ::::::::
if ( isset($_POST['dosend']) || isset($_POST['dopreview']) ) {
// ::::::::

$error = $oPost->SetFromPost($a!='ed'); // FALSE means author must not be changed because editing an existing message
if ( $oTopic->type=='I' && isset($_POST['titlevalue']) ) $oPost->title=trim($_POST['titlevalue']);
if ( $oTopic->type!='I' && $oPost->text=='') $error = $L['Message'].' '.$L['E_invalid'];

if ( isset($_POST['notifiedname']) )
{ 
  $strNotified = trim($_POST['notifiedname']); if ( get_magic_quotes_gpc() ) $strNotified = stripslashes($strNotified);
  // Complete if missing notified name
  if ( !empty($strNotified) )
  {
    $strNotified = htmlspecialchars($strNotified,ENT_QUOTES);
    $intNotified = current(array_keys(GetUsers('name',$strNotified) )); // can be FALSE when not found
    if ( !is_int($intNotified) ) { $intNotified=-1; $error=$L['Notify_also'].' '.$L['E_invalid']; }
  }
}

if ( isset($_POST['wisheddate']) )
{
  if ( !empty($_POST['wisheddate']) )
  {
  $str = QTdatestr(trim($_POST['wisheddate']),'Ymd','');
  if ( !is_string($str) ) $error = $L['Wisheddate'].' '.Error(1);
  if ( substr($str,0,6)=='Cannot' ) $error = $L['Wisheddate'].' '.Error(1);
  if ( substr($str,0,4)=='1970' ) $error = $L['Wisheddate'].' '.Error(1);
  if ( empty($error) ) $oTopic->wisheddate = $str;
  }
}

if ( isset($_POST['coord']) )
{
  if ( get_magic_quotes_gpc() ) $_POST['coord'] = stripslashes($_POST['coord']);
  if ( !empty($_POST['coord']) )
  {
  $_POST['coord'] = QTstr2yx($_POST['coord']);
  if ($_POST['coord']===FALSE ) $error='Invalid coordinate format';
  }
}

// Mandatory submitted fields (in case of new topic)

if ( $a=='nt' )
{
if ( $oSEC->notifycc=='2' && $intNotified<0 ) $error = $L['Notify_also'].': '.$L['Missing'];
if ( $oSEC->wisheddate=='2' && empty($_POST['wisheddate']) ) $error = $L['Wisheddate'].': '.$L['Missing'];
if ( $oPost->title=='' && $oSEC->titlefield==2 ) $error = $L['E_no_title'];
}

// Mandatory submitted fields (new topic or reply)

if ( strlen($oPost->text)>$_SESSION[QT]['chars_per_post'] ) $error = $L['E_too_long'].' '.sprintf($L['E_char_max'], $_SESSION[QT]['chars_per_post']);
if ( substr_count($oPost->text,"\n")>$_SESSION[QT]['lines_per_post'] ) $error = $L['E_too_long'].' '.sprintf($L['E_line_max'], $_SESSION[QT]['lines_per_post']);
if ( strlen($oPost->text)>999 ) $oPost->text = substr( $oPost->text, 0, $_SESSION[QT]['chars_per_post'] );

$oTopic->preview = QTcompact(QTunbbc($oPost->text),250,' ');

// Check submitted rules (when sending the message)

if ( isset($_POST['dosend']) && empty($error) )
{
  // check maximum post per user/minutes
  if ( !DelayAcceptable($oVIP->numpost) ) $error=$L['E_wait'];

  // check message
  if ( empty($error) )
  {
    // ----------
    // module antispam
    if ( UseModule('antispam') ) include('qtim_antispam.php');
    // ----------
  }

  // Check upload
  if ( empty($error) ) {
  if ( $_SESSION[QT]['upload']!='0' ) {
  if ( !empty($_FILES['attach']['name']) ) {

    include('bin/qti_upload.php');
    $error = InvalidUpload($_FILES['attach'],$arrFileextensions,$arrMimetypes,intval($_SESSION[QT]['upload_size'])*1024+16);
    if ( empty($error) )
    {
      $strFile = strtolower($_FILES['attach']['name']);
      $strExt = strrchr($strFile,'.');
      if ( $strExt ) $strFile = substr($strFile,0,-strlen($strExt));
      if ( strlen($strFile)>200 ) $strFile = substr($strFile,0,200);
      $strFile = QTconv($strFile,'F',false,false);
      $strFile .= $strExt;
      $bUpload=true;
    }

  }}}

}

// ::::::::
}
// ::::::::

// ::::::::
if ( isset($_POST['dosend']) && empty($error) ) { 
// ::::::::

// SEND a new topic

if ( $a=='nt' )
{
  $oTopic->id = $oDB->Nextid(TABTOPIC);
  $oTopic->numid = $oDB->Nextid(TABTOPIC,'numid','WHERE forum='.$s);
  $oPost->id = $oDB->Nextid(TABPOST);
  $oPost->topic = $oTopic->id;
  $oPost->section = $s;
  $oTopic->parentid = $s;
    // if moderator post
    if ( isset($_POST['topictype']) ) $oTopic->type = $_POST['topictype'];
    if ( isset($_POST['topicstatus']) ) $oTopic->status = $_POST['topicstatus'];
  $oTopic->firstpostid = $oPost->id;
  $oTopic->lastpostid = $oPost->id;
  $oTopic->firstpostuser = $oPost->userid;
  $oTopic->firstpostname = $oPost->username;
  $oTopic->lastpostuser = $oPost->userid;
  $oTopic->lastpostname = $oPost->username;
  $oTopic->firstpostdate = $now;
  $oTopic->lastpostdate = $now;
    if ( $intNotified>=0 )
    {
      $oTopic->notifiedid = $intNotified;
      $oTopic->notifiedname = $strNotified;
    }
    // replace empty title
    if ( empty($oPost->title) ) $oPost->title = str_replace("\r\n",' ',QTunbbc(QTcompact($oPost->text,50,' ')));
  $oPost->type = 'P';
  $oPost->issuedate = $now;

  if ( $bUpload )
  {
    $strDir = TargetDir(QTI_DIR_DOC,$oPost->id);
    if ( !empty($_POST['oldattach']) ) if ( file_exists(QTI_DIR_DOC.$strDir.$oPost->id.'_'.$_POST['oldattach']) ) unlink(QTI_DIR_DOC.$strDir.$oPost->id.'_'.$_POST['oldattach']);
    copy($_FILES['attach']['tmp_name'],QTI_DIR_DOC.$strDir.$oPost->id.'_'.$strFile);
    unlink($_FILES['attach']['tmp_name']);
    $oPost->attach = $strDir.$oPost->id.'_'.$strFile;
  }
  $oPost->InsertPost(); // No topic stat (topic not yet created), No user stat (computed when inserting topic)
  $oTopic->InsertTopic(true,true,$oPost,$oSEC);
  $oSEC->UpdateStats(array('tags'=>$oSEC->tags));
  $oVIP->numpost++;

  // location insert
  if ( $bMap ) {
  if ( isset($_POST['coord']) ) {      
  if ( !empty($_POST['coord']) ) {
    QTgpoint(TABTOPIC,$oTopic->id,QTgety($_POST['coord']),QTgetx($_POST['coord']));
  }}}

  // ----------
  // module rss
  if ( UseModule('rss') ) { if ( $_SESSION[QT]['m_rss']=='1' ) include('qtim_rss_inc.php'); }
  // ----------
}

// SEND a reply

if ( $a=='re' || $a=='qu' )
{
  $oPost->id = $oDB->Nextid(TABPOST);
  $oPost->topic = $t;
  $oPost->section = $s;
  $oPost->type = 'R';
  $oPost->issuedate = $now;
  if ( $bUpload )
  {
    $strDir = TargetDir(QTI_DIR_DOC,$oPost->id);
    if ( !empty($_POST['oldattach']) ) if ( file_exists(QTI_DIR_DOC.$strDir.$oPost->id.'_'.$_POST['oldattach']) ) unlink(QTI_DIR_DOC.$strDir.$oPost->id.'_'.$_POST['oldattach']);
    copy($_FILES['attach']['tmp_name'],QTI_DIR_DOC.$strDir.$oPost->id.'_'.$strFile);
    unlink($_FILES['attach']['tmp_name']);
    $oPost->attach = $strDir.$oPost->id.'_'.$strFile;
  }

  $oPost->InsertPost(false,true); // No update topic stat (done after), Update the user's stat
  $oTopic->UpdateStats(intval($_SESSION[QT]['posts_per_topic'])); // Update topic stats and close topic if full (and lastpost topic info)

  $oVIP->numpost++;

  // topic type (from staff)
  if ( isset($_POST['topictype']) )
  {
    if ( $_POST['topictype']!=$_POST['oldtype'] ) $oTopic->SetType($t,$_POST['topictype']);
  }
  // topic status (from staff)
  if ( isset($_POST['topicstatus']) ) {
  if ( $_POST['topicstatus']!=$_POST['oldstatus'] ) {
    $oTopic->SetStatus($_POST['topicstatus'],true,$oPost);
  }}
  $oSEC->replies++;
  $oSEC->UpdateStats(array('topics'=>$oSEC->items,'replies'=>$oSEC->replies,'tags'=>$oSEC->tags));
}

// SEND a edition

if ( $a=='ed' )
{
  if ( $oSEC->titlefield==0 && $oPost->type=='P' )
  {
  $oPost->title = str_replace("\r\n",' ',QTunbbc(QTcompact($oPost->text,50,' ')));
  }
  if ( empty($oPost->title) && $oPost->type=='P' )
  {
  $oPost->title = str_replace("\r\n",' ',QTunbbc(QTcompact($oPost->text,50,' ')));
  }

  // location update (or delete)

  if ( $bMap ) {
  if ( isset($_POST['coord']) ) {
    if ( empty($_POST['coord']) ) { QTgpointdelete(TABTOPIC,$oTopic->id); } else { QTgpoint(TABTOPIC,$oTopic->id,QTgety($_POST['coord']),QTgetx($_POST['coord'])); }
  }}

  $strModif='';
  // modifdate+modifuser if editor is not the creator
  if ( $oPost->modifuser!=$oPost->userid ) $strModif=', modifdate="'.date('Ymd His').'", modifuser='.$oPost->modifuser.', modifname="'.$oPost->modifname.'"';
  // modifdate+modifuser if not the last message
  if ( $oTopic->lastpostid!=$oPost->id ) $strModif=', modifdate="'.date('Ymd His').'", modifuser='.$oPost->modifuser.', modifname="'.$oPost->modifname.'"';

  if ( $bUpload )
  {
    $strDir = TargetDir(QTI_DIR_DOC,$oPost->id);
    if ( !empty($_POST['oldattach']) ) if ( file_exists(QTI_DIR_DOC.$strDir.$oPost->id.'_'.$_POST['oldattach']) ) unlink(QTI_DIR_DOC.$strDir.$oPost->id.'_'.$_POST['oldattach']);
    copy($_FILES['attach']['tmp_name'],QTI_DIR_DOC.$strDir.$oPost->id.'_'.$strFile);
    unlink($_FILES['attach']['tmp_name']);
    $oPost->attach = $strDir.$oPost->id.'_'.$strFile;
  }

  // if drop attachement
  if ( isset($_POST['drop']) ) { if ( $_POST['drop'][0]=='1' ) $oPost->Dropattach(); }

  if ( $oDB->type=='db2' )
  {
  $oDB->Query( 'UPDATE '.TABPOST.' SET title="'.addslashes(QTconv($oPost->title,'3',QTI_CONVERT_AMP,false)).'", icon="'.$oPost->icon.'",textmsg="'.addslashes(QTconv($oPost->text,'3',QTI_CONVERT_AMP,false)).'",",textmsg2="'.substr(addslashes(QTconv($oPost->text,'3',QTI_CONVERT_AMP,false)),0,255).'",attach="'.$oPost->attach.'" '.$strModif.' WHERE id='.$oPost->id );
  }
  else
  {
  $oDB->Query( 'UPDATE '.TABPOST.' SET title="'.addslashes(QTconv($oPost->title,'3',QTI_CONVERT_AMP,false)).'", icon="'.$oPost->icon.'",textmsg="'.addslashes(QTconv($oPost->text,'3',QTI_CONVERT_AMP,false)).'",attach="'.$oPost->attach.'" '.$strModif.' WHERE id='.$oPost->id );
  }

  if ( isset($_POST['wisheddate']) ) {
    $oDB->Query('UPDATE '.TABTOPIC.' SET wisheddate="'.$oTopic->wisheddate.'",modifdate="'.date('Ymd His').'" WHERE id='.$t);
  }

  // topic type (from staff)
  if ( isset($_POST['topictype']) )
  {
    if ( $_POST['topictype']!=$_POST['oldtype'] ) $oTopic->SetType($oTopic->id,$_POST['topictype']);
  }
  // topic status (from staff)
  if ( isset($_POST['topicstatus']) ) {
  if ( $_POST['topicstatus']!=$_POST['oldstatus'] ) {
    $oTopic->SetStatus($_POST['topicstatus']);
    if ( $_POST['topicstatus']=='Z' || $_POST['oldstatus']=='Z' ) $oSEC->UpdateStats(array('topics'=>$oSEC->items,'replies'=>$oSEC->replies,'tags'=>$oSEC->tags));
  }}
  // topic status (from user)
  if ( isset($_POST['topicstatususer']) ) { 
  if ( $_POST['topicstatususer'][0]=='Z' ) {
    $oTopic->SetStatus('Z');
    $oSEC->UpdateStats(array('topics'=>$oSEC->items,'replies'=>$oSEC->replies,'tags'=>$oSEC->tags));
  }}  
}

// Update inspection score
if ( $oTopic->type==='I' ) $oTopic->InspectionUpdateScore();

// exit
if ( $a=='nt' && $oTopic->type=='I' ) 
{
$oHtml->Redirect('qti_change.php?a=topicparam&amp;s='.$s.'&amp;t='.$oPost->topic);
}
else
{
$oVIP->exiturl = 'qti_topic.php?t='.$oPost->topic.'#'.$oPost->id;
$str = ''; if ( $oSEC->numfield!='N' ) $str='<b>'.sprintf($oSEC->numfield,$oTopic->numid).'</b><br />';
$oVIP->EndMessage(NULL,$str.$L['S_message_saved'],$_SESSION[QT]['skin_dir'],2);
}

// ::::::::
}
// ::::::::

// --------
// HTML START
// --------

if ( $a=='nt' )
{
  $oPost->icon = '00';
  $oPost->type = 'P';
}
if ( $a=='qu' )
{
  if ( $t<0 ) die('Missing parameters: topicid');
  if ( $p<0 ) die('Missing parameters: postid');
  $oPost->icon = '00';
  $oPost->title = '';
  $oPost->text = "[quote=$oPost->username]$oPost->text[/quote]";
  // rest must be as reply
  $a = 're';
}
if ( $a=='re' )
{
  if ( $t<0 ) die('Missing parameters: topicid');
  $oPost->icon = '00';
  $oPost->type = 'R';
}
if ( $a=='ed' )
{
  if ( $t<0 ) die('Missing parameters: topicid');
  if ( $p<0 ) die('Missing parameters: postid');
}

$bJauto=false;
  if ( $oVIP->IsStaff() ) $bJauto=true;
  if ( $oSEC->notify==1 && $oPost->type=='P' && $oSEC->notifycc!=0 ) $bJauto=true;
$bJdate=false;
  if ( $oSEC->wisheddate!=0 ) $bJdate=true;

// --------
// CONTENT
// --------

if ( $bJauto || $bJdate ) $oHtml->links[] = '<link rel="stylesheet" type="text/css" href="bin/css/qt_jquery.css" />';

if ( $_SESSION[QT]['bbc']!='0' )
{
$oHtml->scripts[] = '<script type="text/javascript" src="bin/qti_bbc.js"></script>';
$oHtml->links[] = '<link rel="stylesheet" type="text/css" href="bin/css/qti_bbc.css" />';
$intBbc=(CanPerform('upload',$oVIP->role) ? 3 : 2);
}
$strHeadScript = '';
if ( $bJauto || $bJdate ) $strHeadScript .= '<script type="text/javascript" src="bin/qt_jquery.js"></script>'.N;
if ( $bJauto )            $strHeadScript .= '<script type="text/javascript" src="bin/qt_jquery_auto.js"></script>'.N;
if ( $bJdate )            $strHeadScript .= '<script type="text/javascript" src="bin/qt_jquery_date.js"></script>'.N;
if ( $bJauto || $bJdate ) $strHeadScript .= '
<script type="text/javascript">
<!--
$(document).ready(function() {
  '.($bJauto              ? '$("#behalf").autocomplete("qti_j_name.php", { selectFirst: false });' : '').'
  '.($oSEC->notifycc!=0   ? '$("#notifiedname").autocomplete("qti_j_name.php", { selectFirst: false });' : '').'
  '.($oSEC->wisheddate!=0 ? '$("#wisheddate").datepicker({ firstDay: 0, dateFormat: "yy-mm-dd", monthNames: ["'.implode('","',$L['dateMMM']).'"], dayNames: ["'.implode('","',$L['dateDDD']).'"], dayNamesMin: ["'.implode('","',$L['dateD']).'"]});' : '').'
});
-->
</script>
';

$strHeadScript .= '
<script type="text/javascript">
<!--
function ValidateForm(theButton)
{
  theForm = theButton.form;
  '.($oTopic->type!='I' ? 'if (theForm.text.value.length==0) { alert(qtHtmldecode("'.$L['Missing'].': '.$L['Message'].'")); return false; }' : '').'
  if (theForm.text.value.length>'.$_SESSION[QT]['chars_per_post'].') { alert(qtHtmldecode("'.$L['E_too_long'].': '.$L['Maximum'].' '.$_SESSION[QT]['chars_per_post'].'")); return false; }

  if ( theButton.name=="dosend" )
  {
    theForm.action="'.Href().'";
    theForm.target="";
  }
  else
  {
    if ( theForm.attach )
    {
      if ( theForm.attach.value.length>1 )
      {
      theForm.action="'.Href('qti_form_preview.php').'";
      theForm.target="_blank";
      }
    }
  }
  return true;
}
-->
</script>
';

if ( $bMap )
{
  if ( !empty($oTopic->y) && !empty($oTopic->x) )
  {
    $strPname = substr($oTopic->title,0,25);
    $strPlink = '<a href="http://maps.google.com?q='.$oTopic->y.','.$oTopic->x.'&z='.$_SESSION[QT]['m_map_gzoom'].'" class="small" title="'.$L['map']['In_google'].'" target="_blank">[G]</a>';
    $strPinfo = '<p class="small">Lat: '.QTdd2dms($oTopic->y).' <br />Lon: '.QTdd2dms($oTopic->x).'<br /><br />DD: '.round($oTopic->y,8).', '.round($oTopic->x,8).' '.$strPlink.'</p>';
    $oMapPoint = new cMapPoint($oTopic->y,$oTopic->x,$strPname,$strPinfo);
    if ( isset($_SESSION[QT]['m_map'][$s]['icon']) )        $oMapPoint->icon        = $_SESSION[QT]['m_map'][$s]['icon'];
    if ( isset($_SESSION[QT]['m_map'][$s]['shadow']) )      $oMapPoint->shadow      = $_SESSION[QT]['m_map'][$s]['shadow'];
    if ( isset($_SESSION[QT]['m_map'][$s]['printicon']) )   $oMapPoint->printicon   = $_SESSION[QT]['m_map'][$s]['printicon'];
    if ( isset($_SESSION[QT]['m_map'][$s]['printshadow']) ) $oMapPoint->printshadow = $_SESSION[QT]['m_map'][$s]['printshadow'];
    $arrExtData[] = $oMapPoint;
  }
}

include('qti_p_header.php');

// PREVIEW

if ( isset($_POST['dopreview']) && empty($error) )
{
  echo '<h2>',$L['Preview'],'</h2>',N;

  // get user info
  $oDB->Query('SELECT signature,photo,location,role FROM '.TABUSER.' WHERE id='.$oPost->userid);
  $row = $oDB->Getrow();
  $oPost->userloca = $row['location'];
  $oPost->useravat = $row['photo'];
  $oPost->usersign = $row['signature'];
  $oPost->userrole = $row['role'];
  $oPost->issuedate = $now;
  $oPost->Show($oSEC,$oTopic,true,'','',$_SESSION[QT]['skin_dir'],'1');
}

// TOPIC (if inspection)

if ( $oTopic->type==='I' ) {
if ( $a=='re' || $a=='qu' ) {

  echo '<h2>',L('Inspection'),'</h2>',N;
  // ======
  $strState = 'p.*, u.role, u.location, u.photo, u.signature FROM '.TABPOST.' p, '.TABUSER.' u WHERE p.userid = u.id AND p.topic='.$oTopic->id.' ';
  $oDB->Query( LimitSQL($strState,'p.id ASC',0,1) );
  // ======
  $strAlt = 'r1';
  // ======
  $row=$oDB->Getrow();
  $oInspectionPost = new cPost($row);
  $strButton='';
  if ( !empty($oInspectionPost->modifuser) ) $strButton .= '<td class="post_modif"><span class="small">&nbsp;'.$L['Modified_by'].' <a href="'.Href('qti_user.php').'?id='.$oInspectionPost->modifuser.'" class="small">'.$oInspectionPost->modifname.'</a> ('.QTdatestr($oInspectionPost->modifdate,'$','$',true,true).')</span></td>'.N;
  if ( !empty($strButton) ) $strButton .= '<td class="hidden">'.' '.'</td>'.N;
  if ( !empty($strButton) ) $strButton = '<table class="hidden" cellspacing="0" style="margin:10px 0 1px 0;"><tr>'.$strButton.'</tr></table>'.N;
  $oInspectionPost->text = QTcompact($oInspectionPost->text,0); // Pre processing data (compact, no button)
  $oInspectionPost->Show($oSEC,$oTopic,false,$strButton,'',$_SESSION[QT]['skin_dir'],$strAlt);
  if ( $strAlt=='r1' ) { $strAlt='r2'; } else { $strAlt='r1'; }
  // ======

}}

// FORM START

echo '<h2>',$oVIP->selfname,'</h2>',N;
if ( !empty($error) ) echo '<p><span class="error">',$error,'</span></p>';

echo '
<form id="form_edit" method="post" action="',Href(),'" enctype="multipart/form-data">
<input type="hidden" name="s" value="',$s,'" />
<input type="hidden" name="t" value="',$t,'" />
<input type="hidden" name="a" value="',$a,'" />
<input type="hidden" name="p" value="',$p,'" />
<input type="hidden" name="oldtype" value="',$oTopic->type,'" />
<input type="hidden" name="oldstatus" value="',$oTopic->status,'" />
';
if ( $oVIP->IsStaff() )
{
  echo '<div class="modboard"><span class="modboard">',N;
  if ( $oPost->type=='P')
  {
  echo $L['Type'],' <select class="small" name="topictype" size="1">',N;
  echo QTasTag($oVIP->types,$oTopic->type,array('current'=>$oTopic->type,'classC'=>'bold'));
  echo '</select>',N;
  }
  echo S,$L['Status'],' <select class="small" name="topicstatus" size="1">',N;
  echo QTasTag($oVIP->statuses,$oTopic->status,array('current'=>$oTopic->status,'classC'=>'bold'));
  echo '</select>&nbsp;',N;
  echo $L['Send_on_behalf'],'&nbsp;<input class="small" type="text" name="behalf" id="behalf" size="14" maxlength="24" value="'.(empty($strBehalf) ? '' : $strBehalf).'" /></span>',N;
  echo '</div>',N;
}
// End of rule for status and types

echo '<table class="data_o" cellspacing="0">',N;

// PREFIX ICON

if ( !empty($oSEC->prefix) )
{
echo '<tr>',N;
echo '<td class="colhd colhdfirst" style="width:100px">',$L['Smiley'],'</td>',N;
echo '<td class="colct">',N;
for ($i=0;$i<10;$i++)
{
  if ( file_exists($_SESSION[QT]['skin_dir'].'/ico_prefix_'.$oSEC->prefix.'_0'.$i.'.gif') )
  {
  echo '<input type="radio" name="icon" id="0',$i,'" value="0',$i,'"',($oPost->icon=='0$i' ? QCHE : ''),' tabindex="',$i,'" /><label for="0',$i,'"><img class="ico_prefi" src="',$_SESSION[QT]['skin_dir'],'/ico_prefix_',$oSEC->prefix,'_0',$i,'.gif" label="smile" title="',$L['Ico_prefix'][$oSEC->prefix.'_0'.$i],'" /></label> &nbsp;',N;
  }
}
echo '<input type="radio" name="icon" id="00" value="00"',($oPost->icon=='00' ? QCHE : ''),' tabindex="10" /><label for="00">',$L['None'],'</label></td>',N;
echo '</tr>',N;
}

// TITLE

if ( $oTopic->type==='I' && $oPost->type!='P' )
{
  echo '<tr>',N;
  echo '<td class="colhd colhdfirst"><label for="title">',L('Score'),'</label></td>',N;
  echo '<td class="colct">',HtmlScore($oTopic->ReadOptions('Ilevel'),' &nbsp; ',$oPost->title),'</td>',N;
  echo '</tr>',N;
}
else
{
  if ( $oSEC->titlefield!=0 )
  {
  echo '<tr>',N;
  echo '<td class="colhd colhdfirst"><label for="title">',$L['Title'],'</label></td>',N;
  echo '<td class="colct"><input type="text" id="title" name="title" size="80" maxlength="64" value="',QTconv($oPost->title,'3',QTI_CONVERT_AMP),'" tabindex="20" /></td>',N;
  echo '</tr>',N;
  }
}

// MESSAGE

echo '<tr>',N;
echo '<td class="colhd colhdfirst"><label for="text">',$L['Message'],'</label></td>',N;
echo '<td class="colct">',N;

  echo '<table class="hidden" cellspacing="0">',N;
  if ( $_SESSION[QT]['bbc']!='0' )
  {
  echo '<tr class="hidden">',N;
  echo '<td style="height:22px"><ul class="bbc">',N;
  include('qti_form_button.php');
  echo '</ul></td>',N;
  echo '</tr>',N;
  }
  echo '<tr class="hidden">',N;
  echo '<td class="hidden">',N;
  echo '<a href="textarea"></a><textarea id="text" name="text" ',(strlen($oPost->text)>500 ? 'rows="30" cols="85"' : 'rows="15" cols="80"' ),' tabindex="25">',QTconv($oPost->text,'3',QTI_CONVERT_AMP,false),'</textarea>',N;
  if ( CanPerform('upload',$oVIP->role) ) 
  {
  echo '<br /><a href="#" id="attachlink" style="display:none" class="small" onclick="document.getElementById(\'attachtr\').style.display=\'table-row\'; document.getElementById(\'attachlink\').style.display=\'none\';">',$L['Attachment'],'</a>';
  } 
  echo '</td>',N;
  echo '</tr>',N;
  echo '</table>',N;

echo '</td></tr>',N;

// ATTACHMENT

if ( CanPerform('upload',$oVIP->role) )
{
  $intMax = intval($_SESSION[QT]['upload_size'])*1024;
  echo '<tr id="attachtr">',N;
  echo '<td class="colhd colhdfirst"><label for="attach">',$L['Attachment'],'</label></td>',N;
  echo '<td class="colct">';
  if ( !empty($oPost->attach) )
  {
    if ( strstr($oPost->attach,'/') ) { $str = substr(strrchr($oPost->attach,'/'),1); } else { $str=$oPost->attach; }
    if ( substr($str,0,strlen($oPost->id.'_'))==($oPost->id).'_' ) $str = substr($str,strlen($oPost->id.'_'));
    echo AsImg($_SESSION[QT]['skin_dir'].'/ico_attachment.gif','-',$L['Attachment']),'&nbsp;',$str,'<input type="hidden" id="oldattach" name="oldattach" value="',$oPost->attach,'" />';
    echo ' &middot; <input type="checkbox" id="drop" name="drop[]" value="1" tabindex="26" /><label for="drop">&nbsp;',$L['Drop_attachment'],'</label>';
  }
  else
  {
    echo '<input type="hidden" name="MAX_FILE_SIZE" value="',$intMax,'" />';
    echo '<input type="file" id="attach" name="attach" size="42" tabindex="3" />';
  }
  echo '</td>',N,'</tr>',N;
}

// WISHEDDATE

if ( $oSEC->wisheddate!=0 ) {
if ( $oPost->type=='P' ) {

  $strValue = '';
  if ( $oSEC->wisheddflt>0 ) $strValue = ( $oSEC->wisheddflt==1 ? date('Y-m-d') : date('Y-m-d',strtotime('+'.($oSEC->wisheddflt-1).' day')) );
  if ( isset($_POST['wisheddate']) ) $strValue = $_POST['wisheddate'];
  if ( !empty($oTopic->wisheddate) ) $strValue = substr($oTopic->wisheddate,0,4).'-'.substr($oTopic->wisheddate,4,2).'-'.substr($oTopic->wisheddate,-2,2);

  echo '<tr>',N;
  echo '<td class="colhd colhdfirst"><label for="wisheddate">',$L['Wisheddate'],'</label></td>',N;
  echo '<td class="colct"><input type="text" id="wisheddate" name="wisheddate" size="20" maxlength="10" value="',$strValue,'" tabindex="30" /> ',N;
  echo '<a href="#" onclick="document.getElementById(\'wisheddate\').value=\'',date('Y-m-d'),'\';"><img src="',$_SESSION[QT]['skin_dir'],'/ico_date.gif" alt="today" title="',$L['dateSQL']['Today'],'" style="vertical-align:bottom" /></a>',N;
  echo '&nbsp;<span class="small">',$L['H_Wisheddate'],'</span></td>',N;
  echo '</tr>',N;

}}

// NOTIFIED

if ( $oSEC->notify==1 ) {
if ( $oPost->type=='P' ) {
if ( $oSEC->notifycc!=0 ) {

  // default value
  $intValue = -1;
  $strValue = '';
  if ( $oSEC->notifycc==3 ) { $intValue = $oVIP->id; $strValue = $oVIP->username; }
  if ( $intNotified>=0 ) { $intValue = $intNotified; $strValue = $strNotified; }
  if ( $oTopic->notifiedid>=0 ) { $intValue = $oTopic->notifiedid; $strValue = $oTopic->notifiedname; }
  //

  echo '<tr>',N;
  echo '<td class="colhd colhdfirst"><label for="notifiedname">',$L['Notify_also'],'</label></td>',N;
  echo '<td class="colct"><input type="hidden" id="notifiedid" name="notifiedid" value="',$intValue,'" tabindex="31" /><input type="text" id="notifiedname" name="notifiedname" size="20" maxlength="24" value="',$strValue,'" /></div></td>',N;
  echo '</tr>',N;

}}}

// MAP

if ( $oPost->type=='P' ) {
if ( $bMap ) {

  $strPosition = '<div class="mapeditform"><p class="small" style="margin:2px 0 4px 2px;text-align:right">'.$L['map']['cancreate'];
  $strPosition .= ' | <a class="small" href="javascript:void(0)" onclick="createMarker(); return false;" title="'.$L['map']['H_pntadd'].'" />'.$L['map']['pntadd'].'</a>';
  if ( !empty($oTopic->x) || !empty($oTopic->y) )
  {
    $strPosition = '<div class="mapeditform"><p class="small" style="margin:2px 0 4px 2px;text-align:right">'.$L['map']['canmove'];
    $strPosition .= ' | <a class="small" href="javascript:void(0)" onclick="deleteMarker(); return false;" />'.$L['map']['pntdelete'].'</a>';
  }
  $strPosition .= ' | <a class="small" href="javascript:void(0)" onclick="undoChanges(); return false;" />'.$L['map']['undo'].'</a></p>';
  $strPosition .= '
  <div id="map_canvas" style="width:100%; height:350px;"></div>
  <input type="hidden" id="m_map_gcenter" name="m_map_gcenter" value="" />
  ';
  $strPosition .= '<p class="small" style="margin:4px 0 2px 2px;text-align:right">'.$L['map']['addrlatlng'].' <input type="text" size="24" id="find" name="find" class="small" value="'.$_SESSION[QT]['m_map_gfind'].'" onkeyup="qtKeypress(event,\'findit\')" title="'.$L['map']['H_addrlatlng'].'" /> <input type="submit" id="findit" class="small" onclick="showLocation(document.getElementById(\'find\').value); return false;" value="'.$L['Search'].'" /></p></div>';
  echo '<tr><td class="colhd colhdfirst">',$L['map']['position'],'</td><td class="colct">',$strPosition,'</td></tr>';

  echo '<tr class="data_o">
  <td class="colhd">',$L['Coord'],'</td>
  <td class="colct"><input type="text" id="m_map_coord" name="coord" size="32" value="'.(!empty($oTopic->y) ? $oTopic->y.','.$oTopic->x : '').'" tabindex="32" /> <span class="small">',$L['Coord_latlon'],'</span></td>
  </tr>
  ';

}}

// SUBMIT

echo '<tr>',N;
echo '<td class="colhd colhdfirst">&nbsp;</td>',N;
echo '<td class="colct">',N;

if ( $oTopic->type!='I' && $oTopic->status!='Z' && $oTopic->firstpostuser==$oVIP->id )
{
    // topic status (from user)
  $bChecked = false;
  if ( isset($_POST['topicstatususer']) ) { if ( $_POST['topicstatususer'][0]=='Z' ) $bChecked=true; }
  echo '<input type="checkbox" id="topicstatususer" name="topicstatususer[]" value="Z"',($bChecked ? QCHE : ''),' tabindex="97" /><label for="topicstatususer">&nbsp;',$L['Close_my_topic'],' </label>';
}

echo '&nbsp;<input type="submit" id="dopreview" name="dopreview" value="',$L['Preview'],'" tabindex="98" onclick="return ValidateForm(this);" />';
echo '&nbsp;<input type="submit" id="dosend" name="dosend" value="',$L['Send'],'" tabindex="99" onclick="return ValidateForm(this);" />&nbsp;',N;
echo '</td>',N;
echo '</tr>',N;

// FORM END

echo '
</table>
</form>
';

// PREVIOUS POSTS (not for inspection)

if ( $oTopic->type!='I' ) {
if ( $a=='re' || $a=='qu' ) {

  echo '<h2>',$L['Previous_replies'],'</h2>',N;
  // ======
  $strState = 'p.*, u.role, u.location, u.photo, u.signature FROM '.TABPOST.' p, '.TABUSER.' u WHERE p.userid = u.id AND p.topic='.$oTopic->id.' ';
  $oDB->Query( LimitSQL($strState,'p.id DESC',0,5) );
  // ======
  $intPosts = 5;
  $iMsgNum = $oTopic->items + 2;
  $intWhile= 0;
  $strAlt = 'r1';
  $bButton = false;
  $bAvatar = false;
  // ======
  while($row=$oDB->Getrow())
  {
    $iMsgNum = $iMsgNum-1;
    $oPost = new cPost($row,$iMsgNum);
    $strButton='';
    if ( !empty($oPost->modifuser) ) $strButton .= '<td class="post_modif"><span class="small">&nbsp;'.$L['Modified_by'].' <a href="'.Href('qti_user.php').'?id='.$oPost->modifuser.'" class="small">'.$oPost->modifname.'</a> ('.QTdatestr($oPost->modifdate,'$','$',true,true).')</span></td>'.N;
    if ( !empty($strButton) ) $strButton .= '<td class="hidden">'.' '.'</td>'.N;
    if ( !empty($strButton) ) $strButton = '<table class="hidden" cellspacing="0" style="margin:10px 0 1px 0;"><tr>'.$strButton.'</tr></table>'.N;
    $oPost->text = QTcompact($oPost->text,0); // Pre processing data (compact, no button)
    $oPost->Show($oSEC,$oTopic,false,$strButton,'',$_SESSION[QT]['skin_dir'],$strAlt);
    if ( $strAlt=='r1' ) { $strAlt='r2'; } else { $strAlt='r1'; }
    $intWhile++;
  }
  // ======
}}

// HTML END

$strFooterAddScript = '
<script type="text/javascript">
<!--
if ( document.getElementById("attachlink") ) document.getElementById("attachlink").style.display="inline";
if ( document.getElementById("attachtr") ) document.getElementById("attachtr").style.display="none";
-->
</script>
';

if ( $bMap ) { $bEdit=true; include('qtim_map_load.php'); } // MAP MODULE

include('qti_p_footer.php');

?>
Return current item: QuickTicket