var postLocation="../upload/pgbar.php"; 

/* 
 * add any extension that you do no want to upload to the list 
 * below they should be placed with in the /^ and / characters
 * separate each extension by a pipe symbol |
 */
 
var re = /^(\.php)|(\.sh)/;  // disallow shell scripts and php


/**
 * dofilter = true; to enable filtering
 */
var dofilter=true;
var submitexec= true; 
var getlater= false; 

/**
 * this method will match each of the filenames with a
 * given list of banned extension. If any one of the
 * extensions match, an alert will be popped up and the
 * upload will not continue;
 */
 
function check_types() {
	if(dofilter==false)
		return true;
//	with(document.forms[0])
	with(document.getElementById("myform"))
	{
		/*
		 * with who uses with?
		 * i do, i am an ancient. ok?
		 */
		
		for(i=0 ; i < elements.length ; i++)
		{
			if(elements[i].value.match(re))
			{
				alert('Sorry ' + elements[i].value + ' is not allowed');
				return false;
			}
		}
	}
	return true;
}

function popUP(mypage, myname, w, h, scroll, titlebar)
{

	var winl = (screen.width - w) / 2;
	var wint = (screen.height - h) / 2;
	winprops = 'height='+h+',width='+w+',top='+wint+',left='+winl+',scrollbars='+scroll+',resizable'
	win = window.open(mypage, myname, winprops)
	if (parseInt(navigator.appVersion) >= 4) {
		win.window.focus();
	}
}

function postIt(obj)
{

	if(check_types() == false)
	{
		return false;
	}
	baseUrl = postLocation;
//ok:      alert("postIt"); 
//	sid = document.forms[1].sessionid.value;
	sid = document.getElementById("myform").sessionid.value;
//      alert("postIt"); 
	iTotal = escape("-1");
	baseUrl += "?iTotal=" + iTotal;
	baseUrl += "&iRead=0";
	baseUrl += "&iStatus=1";
	baseUrl += "&sessionid=" + sid;

//	popUP(baseUrl,"Uploader",460,262,false,false);
//      alert("postIt stops because of cross-site-protection?"); 
      document.getElementById("iausgabe").src = baseUrl; 
//	if (submitexec) document.forms[0].submit();
	if (submitexec) document.getElementById("myform").submit();
      if (getlater==true) get(obj);
}

   var http_request = false;
   function makePOSTRequest(url, parameters) {
      http_request = false;
      if (window.XMLHttpRequest) { // Mozilla, Safari,...
         http_request = new XMLHttpRequest();
         if (http_request.overrideMimeType) {
         	// set type accordingly to anticipated content type
            //http_request.overrideMimeType('text/xml');
            http_request.overrideMimeType('text/html');
         }
      } else if (window.ActiveXObject) { // IE
         try {
            http_request = new ActiveXObject("Msxml2.XMLHTTP");
         } catch (e) {
            try {
               http_request = new ActiveXObject("Microsoft.XMLHTTP");
            } catch (e) {}
         }
      }
      if (!http_request) {
         alert('Cannot create XMLHTTP instance');
         return false;
      }
      
      http_request.onreadystatechange = alertContents;
      http_request.open('POST', url, true);
      http_request.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
      http_request.setRequestHeader("Content-length", parameters.length);
      http_request.setRequestHeader("Connection", "close");
      http_request.send(parameters);
   }

   function alertContents() {
      if (http_request.readyState == 4) {
         if (http_request.status == 200) {
            //alert(http_request.responseText);
            result = http_request.responseText;
            content1 = document.getElementById('myspan').innerHTML;
            document.getElementById('myspan').innerHTML = content1 + result;            
         } else {
            alert('There was a problem with the request.');
         }
      }
   }
   
   function get(obj) {
      alert("get"); 
      var poststr = "";
//          poststr += "mytextarea1=" + encodeURI( document.getElementById("mytextarea1").value ) + 
//                    "&sessionid=" + encodeURI( document.getElementById("sessionid").value ) + 
//                    "&file[0]=" + encodeURI( document.getElementById("file0").value );
// von oben:
//  sidx = document.forms[0].sessionid.value;
//  sidx = document.getElementById("myform").sessionid.value;


  var inputs = obj.getElementsByTagName('input');

  for (var i = 0; i < inputs.length; ++i) {
      xstr=inputs[i].name; 
      if (xstr=="file0") xstr="file[0]"; 
      poststr += "&" + encodeURI(xstr) + "=" + encodeURI(inputs[i].value); 
//      poststr += "&" + encodeURI(inputs[i].id) + "=" + encodeURI(inputs[i].value); 
// Achtung die Namen file[0]und file[1] machen Probleme!! 
// inputs[i].name // document.getElementsByTagName("input")[i].name 
  }

// upload.pl?sid=<?php echo $sid; ?> 
      if (getlater==false) {
         makePOSTRequest('upload.pl?sid='+encodeURI( document.getElementById("sessionid").value), poststr);
      } else {
         makePOSTRequest('upload3.php?sid='+encodeURI( document.getElementById("sessionid").value), poststr);
      }
//      makePOSTRequest('post.php?sid='+encodeURI( document.getElementById("sessionid").value), poststr);
//      makePOSTRequest('post.php', poststr);
   }

   function getboth(obj) {
//      alert("getboth"); 
      submitexec= true; 
//      getlater= true; 
      postIt(obj); 
//      alert("nach post"); 
//      if (getlater==false) get(obj);
//      alert("nach get"); 
   }

function check_js() {
   alert ("js ok"); 
}