Location: PHPKode > projects > QuickTicket > quickticket/quickticket/qti_form_del.php
<?php

/*
 * PHP versions 4 and 5
 *
 * LICENSE: This source file is subject to version 3.0 of the PHP license
 * that is available through the world-wide-web at the following URI:
 * http://www.php.net/license. If you did not receive a copy of
 * the PHP License and are unable to obtain it through the web, please
 * send a note to hide@address.com so we can mail you a copy immediately.
 *
 * @category   Troubleticket
 * @package    QuickTicket
 * @author     Philippe Vandenberghe <hide@address.com>
 * @copyright  2008-2012 The PHP Group
 * @license    http://www.php.net/license  PHP License 3.0
 * @version    1.9.0.3 build:20081001
 * @link       http://www.qt-cute.org/doc/package/qti
 * @since      File available since Release 1.0.0
 * @deprecated File deprecated in Release 2.0.0
 *
 */

session_start();
require_once('bin/qti_init.php');
if ( !$oVIP->CanAccess('MUV',6) ) die($L['R_member']);

// INITIALISE

$s = -1; // section
$t = -1; // topic
$p = -1; // post
if (isset($_GET['s'])) $s = intval(strip_tags($_GET['s']));
if (isset($_POST['s'])) $s = intval(strip_tags($_POST['s']));
if (isset($_GET['t'])) $t = intval(strip_tags($_GET['t']));
if (isset($_POST['t'])) $t = intval(strip_tags($_POST['t']));
if (isset($_GET['p'])) $p = intval(strip_tags($_GET['p']));
if (isset($_POST['p'])) $p = intval(strip_tags($_POST['p']));
if ( $s<0 ) die('Missing parameters f');
if ( $t<0 ) die('Missing parameters t');
if ( $p<0 ) die('Missing parameters p');

$oSEC = new cSection($s);
$oTopic = new cTopic($t);
$oPost = new cPost($p);

$bReason = true;
$strDisabled = '';

$oVIP->selfurl = 'qti_form_del.php';
$oVIP->selfname = $L['Message'];
$oVIP->exiturl = 'qti_topic.php?s='.$s.'&amp;t='.$t;
$oVIP->exitname = $L['Topics'];

// --------
// SUBMITTED
// --------

if ( isset($_POST['ok']) )
{

  // check user is creator (or M A)

  if ( $oVIP->role=='V' ) die($L['E_member']);
  if ( $oVIP->role=='U' && $oPost->userid!=$oVIP->id ) die($L['E_member']);

  // topic delete if only one post

  if ( $oTopic->lastpostid==$p && $oTopic->firstpostid==$p )
  {
    // check & delete attachment
    if ( !empty($oPost->attach) ) if ( file_exists(QTI_DOC_FOLDER.$p.'_'.$oPost->attach) ) unlink(QTI_DOC_FOLDER.$p.'_'.$oPost->attach);
    // delete post and topic
    $oDB->Query('DELETE FROM '.TABPOST.' WHERE topic='.$t);
    $oDB->Query('DELETE FROM '.TABTOPIC.' WHERE id='.$t);
    UpdateSectionStats($s);
    $oVIP->exiturl = 'qti_topics.php?s='.$s;
  }
  else
  {
    // physical delete if last post
    if ( $oTopic->lastpostid==$p )
    {
      // check & delete attachment
      if ( !empty($oPost->attach) ) if ( file_exists(QTI_DOC_FOLDER.$p.'_'.$oPost->attach) ) unlink(QTI_DOC_FOLDER.$p.'_'.$oPost->attach);
      // delete post
      $oDB->Query('DELETE FROM '.TABPOST.' WHERE id='.$p);
      // find the new topic lastpost
      $oDB->Query('SELECT max(id) as maxid FROM '.TABPOST.' WHERE topic='.$t);
      $row = $oDB->Getrow();
      $intPost = intval($row['maxid']);
      $oPost->cPost($intPost);
      $oTopic->UpdateTopicStats($t,$_SESSION[QT]['posts_per_topic'],$oPost);
    }
    else
    {
      // logical delete if not last post
      $str = trim($_POST['text']); if ( get_magic_quotes_gpc() ) $str = stripslashes($str);
      $str = substr(QTconv($str,'6'),0,255);
      if ( $oDB->type=='db2' || $oDB->type=='ifx')
      {
      $oDB->Query('UPDATE '.TABPOST.' SET type="D",title="'.$L['Message_deleted'].'", textmsg="'.addslashes($str).'",textmsg2="'.addslashes($str).'", modifdate="'.Date('Ymd His').'", modifuser='.$oVIP->id.' WHERE id='.$p);
      }
      else
      {
      $oDB->Query('UPDATE '.TABPOST.' SET type="D",title="'.$L['Message_deleted'].'", textmsg="'.addslashes($str).'", modifdate="'.Date('Ymd His').'", modifuser='.$oVIP->id.' WHERE id='.$p);
      }
    }
    $oVIP->exiturl = 'qti_topic.php?s='.$s.'&amp;t='.$t;
  }

  Unset($_SESSION[QT]['sys_topics']);
  Unset($_SESSION[QT]['sys_messages']);

  // exit
  $oVIP->EndMessage(NULL,$L['S_delete'],$_SESSION[QT]['skin_dir'],2);

}

// --------
// HTML START
// --------

$oVIP->selfname = $L['Delete_message'];

if ( $oTopic->lastpostid == $p ) $bReason=false;

// CONTENT

include('qti_p_header.php');

echo '<h2>'.$oVIP->selfname.'</h2><br/>',N;
echo '<form method="post" action="',$oVIP->selfurl,'">',N;
echo '<input type="hidden" name="s" value="',$s,'"/>';
echo '<input type="hidden" name="t" value="',$t,'"/>';
echo '<input type="hidden" name="p" value="',$p,'"/>';
echo '<table cellspacing="0" class="ta">',N;

if ( !empty($oSEC->prefix) )
{
echo '<tr>';
echo '<th class="th_o th_o_first" style="width:100px">',$L['Smiley'],'</th>';
echo '<td class="td_o">';
for ($i=0;$i<10;$i++)
{
  if ( file_exists($_SESSION[QT]['skin_dir'].'/ico_prefix_'.$oSEC->prefix.'_0'.$i.'.gif') )
  {
  echo '<input'.QDIS.' type="radio" name="icon" id="0',$i,'" value="0',$i,'"',($oPost->icon=='0'.$i ? QCHE : ''),'/><label for="0',$i,'"><img class="ico_prefi" src="',$_SESSION[QT]['skin_dir'],'/ico_prefix_',$oSEC->prefix,'_0',$i,'.gif" label="smile" title="',$L['Ico_prefix'][$oSEC->prefix.'_0'.$i],'"/></label> &nbsp;';
  }
}
echo '<input'.QDIS.' type="radio" name="icon" id="00" value="00"',($oPost->icon=='00' ? QCHE : ''),'/><label for="00">',$L['None'],'</label></td>';
echo '</tr>',N;
}
echo '<tr>';
echo '<th class="th_o th_o_first"><label for="title">',$L['Title'],'</label></th>';
echo '<td class="td_o"><input disabled="disabled" type="text" id="title" name="title" size="80" maxlength="100" value="',$oPost->title,'"/></td>';
echo '</tr>',N;
echo '<tr>';
echo '<th class="th_o th_o_first"><label for="oldtext">'.$L['Message'].'</label><br/></th>';
echo '<td class="td_o">';
echo '<a href="textarea"></a>';
echo '<textarea'.QDIS.' id="oldtext" name="oldtext" rows="10" wrap="virtual" cols="80">',$oPost->text,'</textarea></td>';
echo '</tr>',N;
if ( $_SESSION[QT]['upload']!='0' ) {
if ( !empty($oPost->attach) ) {
echo '<tr>';
echo '<th class="th_o th_o_first">',$L['Attachment'],'</th>';
echo '<td class="td_o"><input'.QDIS.' type="text" size="75" value="',$oPost->attach,'"/><input type="hidden" id="attach" name="attach" value="'.$oPost->attach.'"/></td>';
echo '</tr>',N;
}}
if ( $bReason )
{
echo '<tr>';
echo '<th class="th_o th_o_first"><label for="text">',$L['Reason'],'</label><br/></th>';
echo '<td class="td_o">';
echo '<textarea id="text" name="text" rows="2" wrap="virtual" cols="80"></textarea></td>';
echo '</tr>',N;
}
echo '<tr>';
echo '<th class="th_o th_o_first">&nbsp;</th>';
echo '<td class="td_o"><input type="submit" name="ok" value="',$L['Delete'],'"/>&nbsp;';
if ( !empty($qti_error) ) echo '<span class="error">',$qti_error,'</span>';
echo '</td>';
echo '</tr>',N;
echo '</table></form><br/>',N;

// HTML END

include('qti_p_footer.php');

?>
Return current item: QuickTicket