$current_User->check_perm('blog_ismember', 'view', true, $blog); // Set admin skin, used for buttons, @see button_class() $admin_skin = $UserSettings->get('admin_skin', $current_User->ID); require_once $adminskins_path . $admin_skin . '/_adminUI.class.php'; $AdminUI = new AdminUI(); if (in_array($request_from, array('items', 'comments'))) { // AJAX request goes from backoffice and ctrl = items or comments if (strlen($statuses) > 2) { $statuses = substr($statuses, 1, strlen($statuses) - 2); } $status_list = explode(',', $statuses); if ($status_list == NULL) { // init statuses $status_list = get_visibility_statuses('keys', array('redirected', 'trash')); } echo_item_comments($blog, $item_ID, $status_list, $currentpage, NULL, array(), '', $expiry_status, $comment_type); } elseif ($request_from == 'dashboard') { // AJAX request goes from backoffice dashboard get_comments_awaiting_moderation($blog); } break; case 'dom_type_edit': // Update type of a reffering domain from list screen by clicking on the type column // Check that this action request is not a CSRF hacked request: $Session->assert_received_crumb('domtype'); // Check permission: $current_User->check_perm('stats', 'edit', true); load_funcs('sessions/model/_hitlog.funcs.php'); $dom_type = param('new_dom_type', 'string'); $dom_name = param('dom_name', 'string'); $DB->query('UPDATE T_basedomains
} $statuses = param('statuses', 'string', NULL); $item_ID = param('itemid', 'integer'); $currentpage = param('currentpage', 'integer', 1); if (strlen($statuses) > 2) { $statuses = substr($statuses, 1, strlen($statuses) - 2); } $status_list = explode(',', $statuses); if ($status_list == NULL) { $status_list = get_visibility_statuses('keys', array('redirected', 'trash')); } // In case of comments_fullview we must set a filterset name to be abble to restore filterset. // If $moderation is not NULL, then this requests came from the comments_fullview // TODO: asimo> This should be handled with a better solution $filterset_name = $item_ID > 0 ? '' : 'fullview'; echo_item_comments($blog, $item_ID, $status_list, $currentpage, $limit, array(), $filterset_name, $expiry_status); } elseif ($request_from == 'front') { // AJAX request goes from frontoffice // Send new current status as ajax response echo $edited_Comment->status; // Also send the statuses which will be after raising/lowering of a status by current user $comment_raise_status = $edited_Comment->get_next_status(true, $edited_Comment->status); $comment_lower_status = $edited_Comment->get_next_status(false, $edited_Comment->status); echo ':' . ($comment_raise_status ? $comment_raise_status[0] : ''); echo ':' . ($comment_lower_status ? $comment_lower_status[0] : ''); } break; case 'get_user_new_org': // Used in the identity user form to add a new organization if (!is_logged_in()) { // User must be logged in
$blog = param('blogid', 'integer'); $item_ID = param('itemid', 'integer', NULL); $statuses = param('statuses', 'string', NULL); $expiry_status = param('expiry_status', 'string', 'active'); $currentpage = param('currentpage', 'string', 1); // Check minimum permissions ( The comment specific permissions are checked when displaying the comments ) $current_User->check_perm('blog_ismember', 'view', true, $blog); if (strlen($statuses) > 2) { $statuses = substr($statuses, 1, strlen($statuses) - 2); } $status_list = explode(',', $statuses); if ($status_list == NULL) { // init statuses $status_list = get_visibility_statuses('keys', array('redirected', 'trash')); } echo_item_comments($blog, $item_ID, $status_list, $currentpage, 20, array(), '', $expiry_status); break; case 'get_tags': // Get list of item tags, where $term is part of the tag name (sorted) // To be used for Tag autocompletion // Crumb check and permission check are not required because this won't modify anything and it returns public info $term = param('term', 'string'); $tags = $DB->get_results(' SELECT tag_name AS id, tag_name AS title FROM T_items__tag WHERE tag_name LIKE ' . $DB->quote('%' . $term . '%') . ' ORDER BY tag_name', ARRAY_A); // Check if current term is not an existing tag $term_is_new_tag = true; foreach ($tags as $tag) { if ($tag['title'] == $term) {