function module_flashforum()
{
echo "<!-- start module flashforum -->";
global $flashformid;
$thisdate = "";
if (isset($_REQUEST['quickpassword'])) {
$quickpassword = $_REQUEST['quickpassword'];
} else {
$quickpassword = "";
}
if (isset($_REQUEST['message'])) {
$message = $_REQUEST['message'];
}
if (isset($_REQUEST['deleteflash'])) {
$deleteflash = $_REQUEST['deleteflash'];
}
if (isset($_REQUEST['deleteflash'])) {
if (isset($_SESSION['valid_admin']) && isset($_REQUEST['dfc'])) {
$query = "DELETE FROM flashforum WHERE postid=" . $_REQUEST['deleteflash'] . ";";
$result = DB_update($query);
if ($result) {
global $logtype;
write_log_entry($_REQUEST['deleteflash'], $logtype['flashforum'], "del_flashpost,");
}
} else {
echo '<a href="index.php?deleteflash=' . $_REQUEST['deleteflash'] . '&dfc=1">Bekreft sletting</a><br/>';
}
}
echo '<div class="flashforum"><div class="flashforumheader">Lynforum</div>';
echo '<div class="flashforumlist">';
// Insert new message into the database if the spampassword is correct
if (isset($message) && !isset($REQUEST['showall']) && $flashformid == $_REQUEST['flashformidvar']) {
if (stristr($quickpassword, "hurra") == FALSE) {
echo "<b>Du må fylle inn spampassordet.</b>";
if (isset($_REQUEST['author'])) {
$author = $_REQUEST['author'];
} else {
$author = "Ditt navn";
}
$retry = $message;
} else {
$flashformid++;
$_SESSION['flashformid'] = $flashformid;
if ($_REQUEST['author'] != "Ditt navn" && strlen($_REQUEST['message']) > 5 && strlen($_REQUEST['author']) > 1) {
// Insert new msg into DB if possible
$author = $_REQUEST['author'];
$message = $_REQUEST['message'];
if (strlen($author) > 15) {
$author = substr($author, 0, 15);
}
if (strlen($message) > 200) {
$message = substr($message, 0, 200);
}
if (isset($_SESSION['valid_user'])) {
$query = "INSERT INTO flashforum VALUES ('', '" . strip_tags($author) . "', '', '" . strip_tags($message, "<a>") . "', NOW(),'" . $_SESSION['valid_user'] . "');";
} else {
$query = "INSERT INTO flashforum VALUES ('', '" . strip_tags($author) . "', '', '" . strip_tags($message, "<a>") . "', NOW(),'');";
}
$result = DB_insert($query);
if (!$result) {
echo "Whups, melding ikke lagret.<br/>";
} else {
global $logtype;
write_log_entry(mysql_insert_id(), $logtype['flashforum'], "new_flashpost,");
}
} else {
echo "<b>Navn og beskjed må fylles inn.</b><br/>";
}
}
}
if (isset($_REQUEST['showall'])) {
// Display current articles
$query = "SELECT postid, author,message,UNIX_TIMESTAMP(time_posted) as time_posted FROM flashforum ORDER BY time_posted DESC";
$result = DB_get_table($query);
$num_results = DB_rows_affected($result);
if (!$num_results > 0) {
echo "Tomt for øyeblikket.<hr/>";
} else {
$i = 0;
while ($num_results > 0 && ($row = DB_next_row($result)) && $i < 100) {
if (date("d/m", $row['time_posted']) != $thisdate) {
if (date("d/m", $row['time_posted']) == date("d/m")) {
$thisdate = date("d/m", $row['time_posted']);
echo '<div class="flashdate">I dag:</div>';
} else {
$thisdate = date("d/m", $row['time_posted']);
echo '<div class="flashdate">' . $thisdate . '</div>';
}
}
$i++;
echo '<div class="flashpost"><span class="flashauthor">' . $row['author'] . ': </span>' . htmlwrap($row['message'], 20) . ' (' . date("H:i", $row['time_posted']);
if (isset($_SESSION['valid_admin'])) {
echo ', <a href="index.php?deleteflash=' . $row['postid'] . '">slett</a>';
}
echo ")</div>";
}
}
} else {
// Display current articles
$query = "SELECT postid, author,message,UNIX_TIMESTAMP(time_posted) as time_posted FROM flashforum ORDER BY time_posted DESC";
$result = DB_get_table($query);
$num_results = DB_rows_affected($result);
if (!$num_results > 0) {
echo "Tomt for øyeblikket.<br/>";
} else {
$i = 0;
while ($num_results > 0 && ($row = DB_next_row($result)) && $i < 10) {
if (date("d/m", $row['time_posted']) != $thisdate) {
if (date("d/m", $row['time_posted']) == date("d/m")) {
$thisdate = date("d/m", $row['time_posted']);
echo '<div class="flashdate">I dag:</div>';
} else {
$thisdate = date("d/m", $row['time_posted']);
echo '<div class="flashdate">' . $thisdate . '</div>';
}
}
$i++;
echo '<div class="flashpost"><span class="flashauthor">' . $row['author'] . ': </span>' . htmlwrap(createLinks($row['message']), 20) . ' (' . date("H:i", $row['time_posted']);
if (isset($_SESSION['valid_admin'])) {
echo ', <a href="index.php?deleteflash=' . $row['postid'] . '">slett</a>';
}
echo ")</div>";
}
}
}
?>
</div>
<form method="get" action="index.php">
<?php
if (isset($_SESSION['valid_user'])) {
echo '<input style="width:140px" type="text" name="author" value=' . $_SESSION['user_firstname'] . ' /><br/>';
echo 'Hipp, hipp, <input size="5" readonly type="textfield" name="quickpassword" value="hurra"/>!';
} else {
if (isset($retry)) {
echo '<input style="width:140px" type="text" name="author" onFocus="this.value=wipeOut(this.value);" value="' . $author . '" /><br/>';
} else {
echo '<input style="width:140px" type="text" name="author" onFocus="this.value=wipeOut(this.value);" value="Ditt navn" /><br/>';
}
echo 'Hipp, hipp, <input size="5" type="textfield" name="quickpassword" />!';
}
?>
<?php
if (isset($retry)) {
?>
<input onKeyDown="limitText(this.form.message,this.form.countdown,180);"
onKeyUp="limitText(this.form.message,this.form.countdown,180);" style="width:140px" type="text" name="message" onFocus="this.value=wipeOut(this.value);" value="<?php
echo $retry;
?>
" />
<?php
} else {
?>
<input onKeyDown="limitText(this.form.message,this.form.countdown,180);"
onKeyUp="limitText(this.form.message,this.form.countdown,180);" style="width:140px" type="text" name="message" onFocus="this.value=wipeOut(this.value);" value="Maks 180 tegn" />
<?php
}
?>
<input class="nice1" type="submit" name="submit" value="Post" style="width:80px">
<input readonly type="text" name="countdown" size="3" value="180" style="width:30px">
<input type="hidden" value="<?php
echo $flashformid;
?>
" name="flashformidvar">
</form>
<br/><a href="index.php?showall=1">Vis siste 100</a>
<br/><a href="index.php?m_c=mfa">Arkiv</a>
<br/><a href="rss.xml?type=flash">RSS</a>
</div>
<?php
}
url_change("/bb/");
} elseif (isset($_GET["deleteFollowupID"])) {
db_query("UPDATE bulletin_board_followups SET \n\t\t\t\tisActive = 0,\n\t\t\t\tdeletedOn = GETDATE(),\n\t\t\t\tdeletedBy = {$user["id"]}\n\t\t\t WHERE ID = " . $_GET["deleteFollowupID"]);
url_query_drop("deleteFollowupID");
}
//get topic data
$r = db_grab("SELECT \n\t\tt.title,\n\t\tt.description,\n\t\tt.createdOn,\n\t\tt.isAdmin,\n\t\tu.userID,\n\t\tISNULL(u.nickname, u.firstname) firstname,\n\t\tu.lastname\n\t\tFROM bulletin_board_topics t\n\t\tJOIN intranet_users u ON t.createdBy = u.userID\n\t\tWHERE t.id = " . $_GET["id"]);
//check that it exists
if (empty($r)) {
url_change("/bb/");
}
drawTop();
echo drawSyndicateLink("bb");
$isPoster = $r["userID"] == $user["id"] ? true : false;
if (!$printing) {
$r["description"] = htmlwrap($r["description"]);
}
//if ($_GET["id"] == 7966) echo drawServerMessage("<b>Note</b>: This comments on this post are organized in reverse-chronological order.");
if ($r["isAdmin"]) {
echo drawServerMessage("<b>Note</b>: This is an Administration/Human Resources topic. For more information, please contact the <a href='mailto:hrpayroll@seedco.org'>Human Resources Department</a>.");
}
?>
<script language="javascript">
<!--
function checkDelete() {
if (confirm("Are you sure you want to delete this topic?")) location.href="<?php
echo $_josh["request"]["path_query"];
?>
&delete=true";
}
function checkDeleteFollowup(id) {
