logUserAction(); switch ($_REQUEST['command']) { case "check_login_status": $response = checkLoginStatus(); break; case "user_login": $response = userLogin($_REQUEST['user_name'], $_REQUEST['password']); break; case "user_logout": $response = userLogout(); break; case "get_comments": $response = getComments($_REQUEST['url']); break; case "new_comment": $response = newComment($_REQUEST['url'], $_REQUEST['content'], $_REQUEST['parent_id']); break; case "rate_comment": $response = rateComment($_REQUEST['comment_id'], $_REQUEST['up']); break; case "register_new_user": $response = registerNewUser($_REQUEST['user'], $_REQUEST['password'], $_REQUEST['email']); break; case "update_page_rating": $response = updatePageRating($_REQUEST['url'], $_REQUEST['url_parameter'], $_REQUEST['username'], $_REQUEST['title'], $_REQUEST['rating']); break; case "get_page_rating": $response = getPageRating($_REQUEST['url'], $_REQUEST['url_parameter']); break; case "get_page_rating_bulk": $response = getPageRatingBulk($_REQUEST['url_string'], $_REQUEST['params_string'], $_REQUEST['username']);
<?php if (isset($_POST['NewComment']) && $_SESSION['csrf'] == $_POST['csrf']) { newComment($_POST['Event_ID'], $_POST['User_ID'], $_POST['NewCommentText']); } if (isset($_POST['DeleteComment']) && $_SESSION['csrf'] == $_POST['csrf']) { if (checkIfCommentExists($_POST['Comment_ID'])) { deleteComment($_POST['Comment_ID']); } }