// Will EXIT // We have EXITed already at this point!! } $action = 'edit'; break; case 'delete': // Delete tag: // Check that this action request is not a CSRF hacked request: $Session->assert_received_crumb('tag'); // Check that current user has permission to edit tags: $current_User->check_perm('options', 'edit', true); // Make sure we got an tag_ID: param('tag_ID', 'integer', true); if (param('confirm', 'integer', 0)) { // confirmed, Delete from DB: $msg = sprintf(T_('Tag "%s" has been deleted.'), '<b>' . $edited_ItemTag->dget('name') . '</b>'); $edited_ItemTag->dbdelete(); unset($edited_ItemTag); forget_param('tag_ID'); $Messages->add($msg, 'success'); // Redirect so that a reload doesn't write to the DB twice: header_redirect(regenerate_url('action', '', '', '&'), 303); // Will EXIT // We have EXITed already at this point!! } else { // not confirmed, Check for restrictions: if (!$edited_ItemTag->check_delete(sprintf(T_('Cannot delete tag "%s"'), '<b>' . $edited_ItemTag->dget('name') . '</b>'), array(), true)) { // There are restrictions: $action = 'list'; } }