case 'sendreport':
if (SEC_checkToken()) {
$display .= CMT_sendReport(COM_applyFilter($_POST['cid'], true), COM_applyFilter($_POST['type']));
} else {
$display .= COM_refresh($_CONF['site_url'] . '/index.php');
}
break;
case 'editsubmission':
if (!SEC_hasRights('comment.moderate')) {
$display .= COM_refresh($_CONF['site_url'] . '/index.php');
break;
}
// deliberate fall-through
// deliberate fall-through
case 'edit':
$display .= handleEdit($mode);
break;
case 'unsubscribe':
$cid = 0;
$key = COM_applyFilter($_GET['key']);
if (!empty($key)) {
$key = addslashes($key);
$cid = DB_getItem($_TABLES['commentnotifications'], 'cid', "deletehash = '{$key}'");
if (!empty($cid)) {
$redirecturl = $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $cid . '&format=nested&msg=16';
DB_delete($_TABLES['commentnotifications'], 'deletehash', $key, $redirecturl);
exit;
}
}
$display = COM_refresh($_CONF['site_url'] . '/index.php');
break;
if (isset($_POST['type'])) {
$type = $_POST['type'];
if ($type != 'article') {
if (!in_array($type, $_PLUGINS)) {
$type = 'article';
}
}
} else {
$type = '';
}
$pageTitle = $LANG03[27];
$pageBody .= CMT_reportAbusiveComment(COM_applyFilter($_GET['cid'], true), $type);
break;
case 'edit':
if (SEC_checkToken()) {
$pageBody .= handleEdit();
} else {
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
}
break;
case 'subscribe':
if (isset($_GET['sid'])) {
$sid = COM_sanitizeID(COM_applyFilter($_GET['sid']));
$type = COM_applyFilter($_GET['type']);
if ($type != 'article') {
if (!in_array($type, $_PLUGINS)) {
$type = 'article';
}
}
$pageBody .= handleSubscribe($sid, $type);
