<?php



// QuickTicket 1.9.0.3 build:20081001



include('bin/qt_lib_txt.php');

include('bin/qt_lib_db.php');

include('bin/qti_fn_common.php');



// Protection against injection (accept only 3 'lang')

$id = strip_tags($_POST['id']);

$lang = strip_tags($_POST['lang']);

if ( !in_array($lang,array('language/english','language/francais','language/nederlands')) ) $lang = 'language/english';



$id = intval(substr($id,1));

 

include($lang.'/qti_lang_main.inc');

include('bin/config.php');



$oDBAJAX = new cDB($qti_dbsystem,$qti_host,$qti_database,$qti_user,$qti_pwd,$qti_port,$qti_dsn);

if ( !empty($oDBAJAX->error) ) exit;



// query



$oDBAJAX->Query('SELECT t.*,p.icon,p.title,p.icon as smile,p.textmsg FROM ('.$qti_prefix.'qtitopic t INNER JOIN '.$qti_prefix.'qtipost p ON t.firstpostid = p.id) WHERE t.id='.$id);

$row = $oDBAJAX->GetRow();

$row['title'] = QTconv(stripslashes($row['title']),'-4');

$row['textmsg'] = QTconv(stripslashes($row['textmsg']),'-4');



$oDBAJAX->Query('SELECT * FROM '.$qti_prefix.'qtiforum s WHERE s.id='.$row['forum']);

$row2 = $oDBAJAX->GetRow();



//output the response

echo '<p class="preview_section">',$L['Section'],': ',stripslashes($row2['title']),'</p>';

echo '<div class="div_preview"><p class="preview_title">';

if ( $row2['numfield']!='N' )

{

  printf($row2['numfield'],$row['numid']);

  echo '<br/>';

}

echo htmlentities($row['title'],ENT_NOQUOTES),'</p>';



echo '<p class="preview_message">',htmlentities(QTbbc(QTcompactline($row['textmsg'],250),'drop',' ',200,null,null,' '),ENT_NOQUOTES),'</p>';

echo '<p class="preview_user">',$row['firstpostname'],'</p></div>';

echo '<p class="preview_date">',QTdate($row['firstpostdate'],array('n','date','M d (H:i)'),null,$L['dateSQL']),'</p>';

if ( $row['actorid']>=0 ) echo '<p class="preview_date">',$L['Userrole_MA'],': ',$row['actorname'],'</p>';



?>