Location: PHPKode > scripts > QT-registrations > qt-registrations/qtregistrations/qtr_cmd.php
<?php

/*
 * PHP versions 4 and 5
 *
 * LICENSE: This source file is subject to version 3.0 of the PHP license
 * that is available through the world-wide-web at the following URI:
 * http://www.php.net/license. If you did not receive a copy of
 * the PHP License and are unable to obtain it through the web, please
 * send a note to hide@address.com so we can mail you a copy immediately.
 *
 * @category   Safety
 * @package    QT-registerations
 * @author     Philippe Vandenberghe <hide@address.com>
 * @copyright  2008-2012 The PHP Group
 * @license    http://www.php.net/license  PHP License 3.0
 * @version    1.3 build:20080923
 * @link       http://www.qt-cute.org/doc/package/qtr
 * @since      File available since Release 1.0.0
 * @deprecated File deprecated in Release 2.0.0
 *
 */

session_start();
require_once('bin/qtr_init.php');
if ( !isset($_GET['a'])) die("Wrong action");

// INITIALISE

$bCmdok = false;
$strMails = '';
$a = strip_tags($_GET['a']); // mandatory action
$s = -1; // section
$t = -1; // topic
$p = -1; // post
$v = ''; // value
if (isset($_GET['s'])) $s = intval(strip_tags($_GET['s']));
if (isset($_GET['t'])) $t = intval(strip_tags($_GET['t']));
if (isset($_GET['p'])) $p = intval(strip_tags($_GET['p']));
if (isset($_GET['v'])) $v = strip_tags($_GET['v']);

$oVIP->selfurl = 'qtr_cmd.php';
$oVIP->selfname = 'QT-registerations command';

// --------
// EXECUTE COMMAND
// --------

switch($a)
{

// --------------
case 'docrename':
// --------------

  if ( $p<0 ) die('Wrong user in '.$oVIP->selfurl); // $p is the document owner
  if ( $p!=$oVIP->id && $oVIP->role!='A' && $oVIP->role!='M') die('Wrong user in '.$oVIP->selfurl);

  $oVIP->selfname = $L['Document_name'];
  $oVIP->exiturl = 'qtr_topic.php?s='.$s.'&amp;t='.$t.'&amp;tt=documents';
  $oVIP->exitname = '&laquo; '.$L['Topic'];

  // ask confirmation
  if ( !isset($_GET['ok']) )
  {
    $oDB->Query('SELECT * FROM '.TABDOC.' WHERE docfile="'.$v.'"');
    $row=$oDB->Getrow();

    $oVIP->EndMessage
    (
    NULL,
    '<table class="ta_hidden" cellspacing="0">
    <tr class="tr_hidden">
    <td class="td_hidden"></td>
    <td class="td_hidden">
    <form method="get" action="'.$oVIP->selfurl.'">
    <p><span class="bold">'.$row['docname'].'</span> ('.QTdate($row['docdate'],$arrQTdate).')<p>
    <input type="text" name="name" id="name" size="50" maxlength="255" value="'.$row['docname'].'"/>
    <input type="hidden" name="a" value="'.$a.'"/>
    <input type="hidden" name="s" value="'.$s.'"/>
    <input type="hidden" name="t" value="'.$t.'"/>
    <input type="hidden" name="p" value="'.$p.'"/>
    <input type="hidden" name="v" value="'.$v.'"/>
    <input type="submit" name="ok" value="'.$L['Ok'].'"/>
    </form></td>
    </tr></table>',
    $_SESSION[QT]['skin_dir'],
    0,
    '500px'
    );
    exit;
  }

  // CHANGE

  $str = QTconv(trim(strip_tags($_GET['name'])),'3'); if ( empty($str) ) $str='Untitled';
  $oDB->Query( 'UPDATE '.TABDOC.' SET docname="'.$str.'" WHERE docfile="'.$v.'"');

  // EXIT

  $oVIP->EndMessage('0');
  break;

// --------------
case 'docdelete':
// --------------

  if ( $p<0 ) die('Wrong user in '.$oVIP->selfurl); // $p is the document owner
  if ( $p!=$oVIP->id && $oVIP->role!='A' && $oVIP->role!='M') die('Wrong user in '.$oVIP->selfurl);

  $oVIP->selfname = $L['Delete'];
  $oVIP->exiturl = 'qtr_topic.php?s='.$s.'&amp;t='.$t.'&amp;tt=documents';
  $oVIP->exitname = '&laquo; '.$L['Topic'];

  $oDB->Query('SELECT * FROM '.TABDOC.' WHERE docfile="'.$v.'"');
  $row=$oDB->Getrow();

  // ask confirmation
  if ( !isset($_GET['ok']) )
  {
    $oVIP->EndMessage
    (
    NULL,
    '<table class="ta_hidden" cellspacing="0">
    <tr class="tr_hidden">
    <td class="td_hidden"></td>
    <td class="td_hidden">
    <form method="get" action="'.$oVIP->selfurl.'">
    <p><span class="bold">'.$row['docname'].'</span> ('.QTdate($row['docdate'],$arrQTdate).')<p>
    <input type="hidden" name="a" value="'.$a.'"/>
    <input type="hidden" name="s" value="'.$s.'"/>
    <input type="hidden" name="t" value="'.$t.'"/>
    <input type="hidden" name="p" value="'.$p.'"/>
    <input type="hidden" name="v" value="'.$v.'"/>
    <input type="submit" name="ok" value="'.$L['Delete'].'"/>
    </form></td>
    </tr></table>',
    $_SESSION[QT]['skin_dir'],
    0,
    '500px'
    );
    exit;
  }

  // DELETE

  $oDB->Query( 'DELETE FROM '.TABDOC.' WHERE docfile="'.$v.'"');
  if (file_exists($row['docpath'].$v)) unlink($row['docpath'].$v);

  // EXIT

  $oVIP->EndMessage('0');
  break;

// --------------
case 'dropattach':
// --------------

  if ( !$oVIP->CanAccess('MUV',6) ) die($L['R_member']);

  if ( $p>=0 )
  {
    $oVIP->exiturl  = "qtr_topic.php?s=$s&amp;t=$t#$p";
    $oVIP->exitname = $L['Message'];
    $oPost = new cPost($oDB,$p);
    $bCmdok = $oPost->Dropattach($oDB);
  }
  if ( $bCmdok ) $oVIP->EndMessage($L['Drop_attachment'],$L['S_delete'],$_SESSION[QT]['skin_dir'],2);
  exit;
  break;

// --------------
case 'pwdreset':
// --------------

  if ( $oVIP->role!='A' ) die($L['R_admin']);

  if ( $s<0 ) die('Wrong id '.$s);
  if ( $s==1 && $oVIP->id!=1 ) die('First Admin password can be changed by himself only...');
  include('bin/qt_lib_smtp.php');
  include(Translate('qtr_lang_reg.inc'));

  $oVIP->selfname = $L['Reset_pwd'];
  $oVIP->exiturl  = 'qtr_usr.php?id='.$s;
  $oVIP->exitname = '&laquo;'.S.$L['Profile'];

  $oDB->Query('SELECT name,mail,children,parentmail,avatar FROM '.TABUSER.' WHERE id='.$s);
  $row = $oDB->Getrow();

  // ask delay
  if ( !isset($_GET['ok']) )
  {
    $oVIP->EndMessage
    (
    NULL,
    '<form method="get" action="'.$oVIP->selfurl.'">
    <table class="ta_hidden" cellspacing="0">
    <tr class="tr_hidden">
    <td class="td_hidden">'.AsImgBox(AsImg( (!empty($row['avatar']) ? 'avatar/'.$s.'.'.$row['avatar'] : ''),null,$row['name']),'div_pic_box',null,$row['name']).'</td>
    <td class="td_hidden">
    <p style="text-align:right">'.$L['Reset_pwd_help'].'<br/><br/>'.$oVIP->selfname.'&nbsp;
    <input type="hidden" name="a" value="'.$a.'"/>
    <input type="hidden" name="s" value="'.$s.'"/>
    <input type="submit" name="ok" value="'.$L['Send'].'"/></p>
    </td>
    </tr>
    </table></form>',
    'admin',
    0,
    '500px'
    );
    exit;

  }

  // reset user
  $strNewpwd = 'qt'.rand(0,9).rand(0,9).rand(0,9).rand(0,9);
  $oDB->Query('UPDATE '.TABUSER.' SET pwd="'.sha1($strNewpwd).'" WHERE id='.$s);

  // send email
  $strSubject = $_SESSION[QT]['site_name'].' - New password';
  $strMessage = "Here are your login and password\nLogin: %s\nPassword: %s";
  $strFile = $_SESSION[QT]['language'].'/mail_pwd.inc';
  if ( file_exists($strFile) ) include($strFile);
  $strMessage = sprintf($strMessage,$row['name'],$strNewpwd);
  QTmail($row['mail'],QTconv($strSubject,'-4'),QTconv($strMessage,'-4'),QTR_HTML_CHAR);
  $strEndmessage = str_replace("\n",'<br/>',$strMessage);

  // send parent email (if coppa)
  if ( QTR_USE_COPPA && $row['children']!='0' )
  {
    $strSubject = $_SESSION[QT]['site_name'].' - New password';
    $strMessage = "Here is then new password of your children.\nLogin: %s\nPassword: %s";
    $strFile = $_SESSION[QT]['language'].'/mail_pwd_coppa.inc';
    if ( file_exists($strFile) ) { include($strFile); }
    $strMessage = sprintf($strMessage, $row['name'],$strNewpwd);
    QTmail($row['parentmail'],QTconv($strSubject,'-4'),QTconv($strMessage,'-4'),QTR_HTML_CHAR);
  }

  // exit
  if ( $_SESSION[QT]['register_mode']!='direct' ) $strEndmessage='';
  $oVIP->EndMessage(NULL,$L['S_update'].'<br/><br/>'.$strEndmessage,$_SESSION[QT]['skin_dir'],0);
  exit;
  break;

// --------------
case 'topicstatus':
// --------------

  if ( $oVIP->role!='A' && $oVIP->role!='M' ) die($L['R_moderator']);

  if ( !$oVIP->CanAccess('MUV',6) ) die($L['R_member']);

  $oVIP->selfname = $L['Change'].S.$L['Status'];
  $oVIP->exiturl  = "qtr_topic.php?s=$s&amp;t=$t";
  $oVIP->exitname = '&laquo;'.S.$L['Message'];

  // ASK STATUS IF MISSING: When value "*" repost with method GET

  if ( $v=='*' )
  {
    $oVIP->selfname = $L['Change'].S.$L['Status'];
    $oVIP->EndMessage
    (
      NULL,
      '<form method="get" action="'.$oVIP->selfurl.'">
      <input type="hidden" name="a" value="'.$a.'"/>
      <input type="hidden" name="s" value="'.$s.'"/>
      <input type="hidden" name="t" value="'.$t.'"/>
      <select name="v" size="8">'.QTastags($_SESSION['qtrTstatus'],$L['Status'].': %s').'</select><br/><br/>
      <input type="submit" name="ok" value="'.$L['Ok'].'"/>
      </form>',
      $_SESSION[QT]['skin_dir']
    );
    exit;
  }

  // CHANGE STATUS

  $oTopic = new cTopic($oDB,$t);
  $oTopic->SetStatus($oDB,$L,$v,true,$oTopic->firstpostid);

  // EXIT

  $oVIP->EndMessage(NULL,$L['S_update'].$strMails,$_SESSION[QT]['skin_dir'],2);
  exit;
  break;

// --------------
case 'topictype':
// --------------

  if ( $oVIP->role!='A' && $oVIP->role!='M' ) die($L['R_moderator']);

  $oVIP->selfname = $L['Change'].S.$L['Style'];
  $oVIP->exiturl  = "qtr_topic.php?s=$s&amp;t=$t";
  $oVIP->exitname = $L['Message'];

  // ASK TYPE IF MISSING: When value "*" repost with method GET
  if ( $v=='*' )
  {
    $oVIP->selfname = $L['Change'].S.$L['Style'];
    $oVIP->EndMessage
    (
      NULL,
      '<form method="get" action="'.$oVIP->selfurl.'">
      <input type="hidden" name="a" value="'.$a.'"/>
      <input type="hidden" name="s" value="'.$s.'"/>
      <input type="hidden" name="t" value="'.$t.'"/>
      <select name="v" size="6">'.
      QTastags($_SESSION['qtrTtypes']).'
      </select><br/><br/><input type="submit" name="ok" value="'.$L['Ok'].'"/>
      </form>',
      $_SESSION[QT]['skin_dir']
    );
    exit;
  }

  // CHANGE TYPE

  cTopic::SetType($oDB,$L,$t,$v);

  // EXIT

  $oVIP->EndMessage(NULL,$L['S_update'],$_SESSION[QT]['skin_dir'],2);
  exit;
  break;

// --------------
case 'topicactor':
// --------------

  if ( $oVIP->role!='A' && $oVIP->role!='M' ) die($L['R_moderator']);

  $oVIP->selfname = $L['Change'].S.$L['Userrole_MA'];
  $oVIP->exiturl  = "qtr_topic.php?s=$s&amp;t=$t";
  $oVIP->exitname = $L['Message'];
  $intOldactor    = -1; if ( isset($_GET['old']) ) $intOldactor=$_GET['old'];

  // ASK ACTOR IF MISSING: When value "*" repost with method GET
  if ( $v=='*' )
  {
    $arrAdmUsers = GetUsers($oDB,'A');
    asort($arrAdmUsers);
    $strAdmUsers = QTastags($arrAdmUsers,null,$intOldactor,null,$intOldactor,'bold');
    $arrModUsers = GetUsers($oDB,'M-');
    asort($arrModUsers);
    $strModUsers = QTastags($arrModUsers,null,$intOldactor,null,$intOldactor,'bold');
    $oVIP->selfname = $L['Change'].S.$L['Userrole_MA'];
    $oVIP->EndMessage
    (
      NULL,
      '<table class="ta_hidden" cellspacing="0">
      <tr class="tr_hidden">
      <td class="td_hidden">
      '.$L['Userrole']['A'].'<br/><br/>
      <form method="get" action="'.$oVIP->selfurl.'">
      <input type="hidden" name="a" value="'.$a.'"/>
      <input type="hidden" name="s" value="'.$s.'"/>
      <input type="hidden" name="t" value="'.$t.'"/>
      <select name="v" size="12">'.$strAdmUsers.'</select><br/><br/>
      <input type="submit" name="ok" value="'.$L['Ok'].'"/>
      </form></td>
      <td class="td_hidden">
      '.$L['Userrole']['M'].'<br/><br/>
      <form method="get" action="'.$oVIP->selfurl.'">
      <input type="hidden" name="a" value="'.$a.'"/>
      <input type="hidden" name="s" value="'.$s.'"/>
      <input type="hidden" name="t" value="'.$t.'"/>
      <select name="v" size="12">'.$strModUsers.'</select><br/><br/>
      <input type="submit" name="ok" value="'.$L['Ok'].'"/>
      </form></td>
      </tr></table>',
      $_SESSION[QT]['skin_dir']
    );
    exit;
  }
  $v = intval($v);

  // CHANGE ACTOR
  $oTopic = new cTopic($oDB,$t);
  $oTopic->SetActor($oDB,$L,$v);

  // EXIT

  $oVIP->EndMessage(NULL,$L['S_update'],$_SESSION[QT]['skin_dir'],2);
  exit;
  break;

// --------------
case 'userrole':
// --------------

  if ( $oVIP->role!='A' && $oVIP->role!='M' ) die($L['R_moderator']);
  if ( $s<2 ) die('Wrong parameters: user 0 and 1 cannot be changed');
  include(Translate('qtr_lang_reg.inc'));

  $oVIP->selfname = $L['User_upd'];
  $oVIP->exiturl  = 'qtr_usr.php?id='.$s;
  $oVIP->exitname = $L['Memberlist'];

  // ask confirmation
  if ( !isset($_GET['ok']) )
  {
    $oDB->Query('SELECT name,avatar,role FROM '.TABUSER.' WHERE id='.$s);
    $row = $oDB->Getrow();
    $oVIP->EndMessage
    (
      NULL,
      '<table class="ta_hidden" cellspacing="0">
      <tr class="tr_hidden">
      <td class="td_hidden">'.AsImgBox(AsImg('avatar/'.$s.'.'.$row['avatar'],null,$row['name']),'div_pic_box',null,$row['name']).'</td>
      <td class="td_hidden">
      <form method="get" action="'.$oVIP->selfurl.'">
      <h2>'.$row['name'].' ('.$L['Userrole'][$row['role']].')</h2><br/>
      '.$L['Change_role'].' <select name="r" size="1">
      <option value="A"'.($row['role']=='A' ? QSEL : '').($oVIP->role!='A' ? ' disabled="disabled"' : '').'>'.$L['Userrole']['A'].'</option>
      <option value="M"'.($row['role']=='M' ? QSEL : '').'>'.$L['Userrole']['M'].'</option>
      <option value="U"'.($row['role']=='U' ? QSEL : '').'>'.$L['Userrole']['U'].'</option>
      </select>&nbsp;<input type="hidden" name="a" value="'.$a.'"/>
      <input type="hidden" name="s" value="'.$s.'"/>
      <input type="submit" name="ok" value="'.$L['Ok'].'"/>
      </form></td>
      </tr>
      </table>',
      'admin',
      0,
      '500px'
    );
    exit;
  }

  //update role
  if ( $oVIP->role!='A' && $v=='A' ) die($L['R_admin']);
  $oDB->Query('UPDATE '.TABUSER.' SET role="'.$_GET['r'].'" WHERE id='.$s);
  if ( $_GET['r']=='U' ) $oDB->Query('UPDATE '.TABSECTION.' SET moderator=1, moderatorname="Admin" WHERE moderator='.$s);

  // exit
  $oVIP->EndMessage(NULL,$L['S_update'],'admin',2);
  exit;
  break;

// --------------
case 'user_del':
// --------------

  if ( $oVIP->role!='A' && $oVIP->role!='M' ) die($L['R_moderator']);
  if ( $s<2 ) die("Wrong parameters: user 0 and 1 cannot be deleted");
  include(Translate("qtr_lang_reg.inc"));

  $oVIP->selfname = $L['User_del'];
  $oVIP->exiturl  = 'qtr_member.php'; if ( $v=='adm' ) $oVIP->exiturl = 'qtr_adm_users.php';
  $oVIP->exitname = '&laquo; '.$L['Memberlist'];

  // ask confirmation
  if ( !isset($_GET['ok']) )
  {
    $oDB->Query('SELECT name, avatar FROM '.TABUSER.' WHERE id='.$s);
    $row = $oDB->Getrow();
    $str  = '<table class="ta_hidden" cellspacing="0">';
    $str .= '<tr class="tr_hidden">'.N;
    $str .= '<td class="td_hidden">'.AsImgBox(AsImg('avatar/'.$s.'.'.$row['avatar'],null,$row['name']),'div_pic_box',null,$row['name']).'</td>';
    $str .= '<td class="td_hidden">';
    $str .= '<form method="get" action="'.$oVIP->selfurl.'">';
    $str .= '<p style="text-align:right">'.$L['User_del'].S.$row['name'].S;
    $str .= '<input type="hidden" name="a" value="'.$a.'"/><input type="hidden" name="v" value="'.$v.'"/><input type="hidden" name="s" value="'.$s.'"/><input type="submit" name="ok" value="'.$L['Delete'].'"/></p>';
    $str .= '</form></td>'.N;
    $str .= '</tr></table></form>'.N;
    $oVIP->EndMessage(NULL,$str,'admin',0,'500px');
    exit;
  }

  // delete avatar first
  if ( file_exists("avatar/$s.gif") ) unlink("avatar/$s.gif");
  if ( file_exists("avatar/$s.jpg") ) unlink("avatar/$s.jpg");
  if ( file_exists("avatar/$s.jpeg") ) unlink("avatar/$s.jpeg");
  if ( file_exists("avatar/$s.png") ) unlink("avatar/$s.png");

  // update post.userid, post.username, topic.firstpostuser, topic.lastpostuser, topic.firstpostname, topic.lastpostname
  $oDB->Query('UPDATE '.TABPOST.' SET userid=0, username="Visitor" WHERE userid='.$s);
  $oDB->Query('UPDATE '.TABTOPIC.' SET firstpostuser=0, firstpostname="Visitor" WHERE firstpostuser='.$s);
  $oDB->Query('UPDATE '.TABTOPIC.' SET lastpostuser=0, lastpostname="Visitor" WHERE lastpostuser='.$s);
  $oDB->Query('UPDATE '.TABSECTION.' SET moderator=1,moderatorname="Admin" WHERE moderator='.$s);

  // delete user
  $oDB->Query('DELETE FROM '.TABUSER.' WHERE id='.$s);


  // Unregister global sys (will be recomputed on next page)
  Unset($_SESSION[QT]['sys_members']);
  Unset($_SESSION[QT]['sys_newuserid']);

  // exit
  $oVIP->EndMessage(NULL,$L['S_delete'],'admin',2);
  exit;
  break;

// --------------
case 'user_ban':
// --------------

  if ( $oVIP->role!='A' && $oVIP->role!='M' ) die($L['R_moderator']);
  if ( $s<2 ) die('Wrong parameters: user 0 and 1 cannot be banned');
  include(Translate('qtr_lang_reg.inc'));

  $oVIP->selfname = $L['Ban_user'];
  $oVIP->exiturl  = 'qtr_usr.php?id='.$s;
  $oVIP->exitname = '&laquo; '.$L['Profile'];
  if ( $v=='adm' )
  {
      $oVIP->exiturl = 'qtr_adm_users.php';
      $oVIP->exitname = '&laquo; '.$L['User_man'];
  }

  // ask delay
  if ( !isset($_GET['ok']) || $t<0 )
  {
    $oDB->Query('SELECT closed, name, avatar FROM '.TABUSER.' WHERE id='.$s);
    $row = $oDB->Getrow();
    $oVIP->EndMessage
    (
    NULL,
    '<table class="ta_hidden" cellspacing="0"><tr class="tr_hidden">
    <td class="td_hidden">'.AsImgBox(AsImg('avatar/'.$s.'.'.$row['avatar'],null,$row['name']),'div_pic_box',null,$row['name']).'</td>
    <td class="td_hidden">
    <form method="get" action="'.$oVIP->selfurl.'">
    <p style="text-align:right">'.$L['H_ban'].' <select name="t" size="1"/>
    <option value="0"'.($row['closed']=='0' ? QSEL : '').'>'.$L['N'].'</option>
    <option value="1"'.($row['closed']=='1' ? QSEL : '').'>1 '.$L['Day'].'</option>
    <option value="2"'.($row['closed']=='2' ? QSEL : '').'>10 '.$L['Days'].'</option>
    <option value="3"'.($row['closed']=='3' ? QSEL : '').'>20 '.$L['Days'].'</option>
    <option value="4"'.($row['closed']=='4' ? QSEL : '').'>30 '.$L['Days'].'</option>
    </select>&nbsp;
    <input type="hidden" name="a" value="'.$a.'"/>
    <input type="hidden" name="s" value="'.$s.'"/>
    <input type="hidden" name="v" value="'.$v.'"/>
    <input type="submit" name="ok" value="'.$L['Ok'].'"/></p>
    </form>
    </td>
    </tr>
    </table>',
    'admin',
    0,
    '500px'
    );

    exit;
  }

  // ban user
  if ( $t==-1 ) die('Wrong parameters: delay');
  $oDB->Query('UPDATE '.TABUSER.' SET closed="'.$t.'" WHERE id='.$s);

  // exit
  $oVIP->EndMessage(NULL,$L['S_update'],'admin',2);
  exit;
  break;

// --------------
case 'topicdelete':
// --------------

  if ( $oVIP->role!='A' && $oVIP->role!='M' ) die($L['R_moderator']);
  if ( $t<0 ) die('Wrong parameters: missing topic id');

  $oVIP->selfname = $L['Delete'].S.$L['Topic'];
  $oVIP->exiturl = 'qtr_topics.php?s='.$s;
  $oVIP->exitname = '&laquo; '.$L['Section'];

  // ask confirmation
  if ( !isset($_GET['ok']) )
  {
    $oTopic = new cTopic($oDB,$t);
    if ( $oTopic->replies==0 ) { $str=$L['None']; } else { $str=$oTopic->replies.' <span class="small">('.$L['Last_message'].' '.QTdate($oTopic->lastpostdate,$arrQTdate).')</span>'; }

    $oVIP->EndMessage
    (
    NULL,
    '<form method="get" action="'.$oVIP->selfurl.'">
    <table cellspacing="0" class="ta">
    <tr>
    <th class="th_o th_o_first" style="width:150px;">'.$L['Title'].'</th>
    <td class="td_o">'.$oTopic->GetTopicTitle($oDB).'</td>
    </tr>
    <tr>
    <th class="th_o th_o_first">'.$L['Topic_starter'].'</th>
    <td class="td_o">'.$oTopic->firstpostname.' <span class="small">('.QTdate($oTopic->firstpostdate,$arrQTdate).')</span></td>
    </tr>
    <tr>
    <th class="th_o th_o_first">'.$L['Replys'].'</th>
    <td class="td_o">'.$str.'</td>
    </tr>
    <tr>
    <th class="th_o th_o_first">&nbsp;</th>
    <td class="td_o"><input type="hidden" name="a" value="'.$a.'"/><input type="hidden" name="s" value="'.$s.'"/><input type="hidden" name="t" value="'.$t.'"/><input type="submit" name="ok" value="'.$L['Delete'].'"/></td>
    </tr>
    </table>
    </form>',
    $_SESSION[QT]['skin_dir'],
    0,
    '600px'
    );
    exit;
  }

  // delete topic
  if ( $t<0 ) die('Wrong parameters: missing topic id');
  $oDB->Query('DELETE FROM '.TABPOST.' WHERE topic='.$t);
  $oDB->Query('DELETE FROM '.TABDATA.' WHERE id='.$t);
  $oDB->Query('DELETE FROM '.TABTOPIC.' WHERE id='.$t);

  // update section stats
  UpdateSectionStats($oDB,$s);

  Unset($_SESSION[QT]['sys_topics']);
  Unset($_SESSION[QT]['sys_messages']);

  // exit
  $oVIP->EndMessage(NULL,$L['S_delete'],$_SESSION[QT]['skin_dir'],2);
  exit;
  break;

// --------------
case 'topicmove':
// --------------

  if ( $oVIP->role!='A' && $oVIP->role!='M' ) die($L['R_moderator']);
  if ( $t<0 ) die('Wrong parameters: missing topic id');

  $oVIP->selfname = $L['Move'].S.$L['Topic'];
  $oVIP->exiturl = 'qtr_topics.php?s='.$s;
  $oVIP->exitname = '&laquo; '.$L['Section'];

  // ask confirmation
  if ( !isset($_GET['ok']) || $p<0 )
  {
    $oTopic = new cTopic($oDB,$t);
    $arrSections = GetSectionTitles($oDB,$oVIP->role,-1,$s);
    if ( $oTopic->replies==0 ) { $str=$L['None']; } else { $str=$oTopic->replies.' <span class="small">('.$L['Last_message'].' '.QTdate($oTopic->lastpostdate,$arrQTdate).')</span>'; }

    $oVIP->EndMessage
    (
    NULL,
    '<form method="get" action="'.$oVIP->selfurl.'">
    <table cellspacing="0" class="ta">
    <tr>
    <th class="th_o th_o_first" style="width:150px;">'.$L['Title'].'</th>
    <td class="td_o">'.$oTopic->GetTopicTitle($oDB).'</td>
    </tr>
    <tr>
    <th class="th_o th_o_first">'.$L['Topic_starter'].'</th>
    <td class="td_o">'.$oTopic->firstpostname.' <span class="small">('.QTdate($oTopic->firstpostdate,$arrQTdate).')</span></td>
    </tr>
    <tr>
    <th class="th_o th_o_first">'.$L['Replys'].'</th>
    <td class="td_o">'.$str.'</td>
    </tr>
    <tr>
    <th class="th_o th_o_first">'.$L['Move_to'].'</th>
    <td class="td_o"><select name="p" size="1">'.QTastags($arrSections).'</select></td>
    </tr>
    <tr class="tr">
    <th class="th_o th_o_first">'.$L['Ref'].'</th>
    <td class="td_o"><select name="v" size="1">
    <option value="1">'.$L['Move_keep'].'</option>
    <option value="0">'.$L['Move_reset'].'</option>
    <option value="2">'.$L['Move_follow'].'</option>
    </select></td>
    </tr>
    <tr>
    <th class="th_o th_o_first">&nbsp;</th>
    <td class="td_o"><input type="hidden" name="a" value="'.$a.'"/>
    <input type="hidden" name="s" value="'.$s.'"/>
    <input type="hidden" name="t" value="'.$t.'"/>
    <input type="submit" name="ok" value="'.$L['Ok'].'"/></td>
    </tr>
    </table>
    </form>',
    $_SESSION[QT]['skin_dir'],
    0,
    '600px'
    );
    exit;
  }

  // move topic
  if ( $s<0 ) die('Wrong parameters section id');
  if ( $t<0 ) die('Wrong parameters id');
  if ( $p<0 ) die('Wrong parameters dest');
  if ( $v<0 ) die('Wrong parameters ref');
  $oSEC = new cSection($oDB,$s);
  $oSEC->MoveTopics($oDB,$s,$p,$v,$t);

  // exit
  $oVIP->EndMessage(NULL,$L['S_update'],$_SESSION[QT]['skin_dir'],2);
  exit;
  break;

// --------------
default:
// --------------

  echo 'Unknown action';
  break;

// --------------
}

$oVIP->EndMessage('!','Command ['.$a.'] failled...',$_SESSION[QT]['skin_dir'],2);

?>
Return current item: QT-registrations