Beispiel #1
0
}
// +-----------------------------------------------------------------------+
// | Check Access and exit when user status is not ok                      |
// +-----------------------------------------------------------------------+
check_status(ACCESS_ADMINISTRATOR);
// +-----------------------------------------------------------------------+
// |                                actions                                |
// +-----------------------------------------------------------------------+
if (!empty($_POST)) {
    if (empty($_POST['comments'])) {
        $page['errors'][] = l10n('Select at least one comment');
    } else {
        include_once PHPWG_ROOT_PATH . 'include/functions_comment.inc.php';
        check_input_parameter('comments', $_POST, true, PATTERN_ID);
        if (isset($_POST['validate'])) {
            validate_user_comment($_POST['comments']);
            $page['infos'][] = l10n_dec('%d user comment validated', '%d user comments validated', count($_POST['comments']));
        }
        if (isset($_POST['reject'])) {
            delete_user_comment($_POST['comments']);
            $page['infos'][] = l10n_dec('%d user comment rejected', '%d user comments rejected', count($_POST['comments']));
        }
    }
}
// +-----------------------------------------------------------------------+
// |                             template init                             |
// +-----------------------------------------------------------------------+
$template->set_filenames(array('comments' => 'comments.tpl'));
$template->assign(array('F_ACTION' => get_root_url() . 'admin.php?page=comments'));
// +-----------------------------------------------------------------------+
// | Tabs                                                                  |
Beispiel #2
0
        case 'delete_comment':
            check_pwg_token();
            include_once PHPWG_ROOT_PATH . 'include/functions_comment.inc.php';
            check_input_parameter('comment_to_delete', $_GET, false, PATTERN_ID);
            $author_id = get_comment_author_id($_GET['comment_to_delete']);
            if (can_manage_comment('delete', $author_id)) {
                delete_user_comment($_GET['comment_to_delete']);
            }
            redirect($url_self);
        case 'validate_comment':
            check_pwg_token();
            include_once PHPWG_ROOT_PATH . 'include/functions_comment.inc.php';
            check_input_parameter('comment_to_validate', $_GET, false, PATTERN_ID);
            $author_id = get_comment_author_id($_GET['comment_to_validate']);
            if (can_manage_comment('validate', $author_id)) {
                validate_user_comment($_GET['comment_to_validate']);
            }
            redirect($url_self);
    }
}
//---------- incrementation of the number of hits
$inc_hit_count = !isset($_POST['content']);
// don't increment counter if in the Mozilla Firefox prefetch
if (isset($_SERVER['HTTP_X_MOZ']) and $_SERVER['HTTP_X_MOZ'] == 'prefetch') {
    $inc_hit_count = false;
} else {
    // don't increment counter if comming from the same picture (actions)
    if (pwg_get_session_var('referer_image_id', 0) == $page['image_id']) {
        $inc_hit_count = false;
    }
    pwg_set_session_var('referer_image_id', $page['image_id']);
Beispiel #3
0
        $comment_id = $_GET[$action];
        break;
    }
}
if (isset($action)) {
    $comment_author_id = get_comment_author_id($comment_id);
    if (can_manage_comment($action, $comment_author_id)) {
        $perform_redirect = false;
        if ('delete' == $action) {
            check_pwg_token();
            delete_user_comment($comment_id);
            $perform_redirect = true;
        }
        if ('validate' == $action) {
            check_pwg_token();
            validate_user_comment($comment_id);
            $perform_redirect = true;
        }
        if ('edit' == $action) {
            if (!empty($_POST['content'])) {
                check_pwg_token();
                $comment_action = update_user_comment(array('comment_id' => $_GET['edit'], 'image_id' => $_POST['image_id'], 'content' => $_POST['content'], 'website_url' => @$_POST['website_url']), $_POST['key']);
                switch ($comment_action) {
                    case 'moderate':
                        $_SESSION['page_infos'][] = l10n('An administrator must authorize your comment before it is visible.');
                    case 'validate':
                        $_SESSION['page_infos'][] = l10n('Your comment has been registered');
                        $perform_redirect = true;
                        break;
                    case 'reject':
                        $_SESSION['page_errors'][] = l10n('Your comment has NOT been registered because it did not pass the validation rules');