case "delete_review": $ids = explode(',', $bid[0]); delete_review($option, $ids[1]); editBook($option, $ids[0]); break; case "edit_review": $ids = explode(',', $bid[0]); edit_review($option, $ids[1], $ids[0]); break; case "update_review": $title = mosGetParam($_POST, 'title'); $comment = mosGetParam($_POST, 'comment'); $rating = mosGetParam($_POST, 'rating'); $book_id = mosGetParam($_POST, 'book_id'); $review_id = mosGetParam($_POST, 'review_id'); update_review($title, $comment, $rating, $review_id); editBook($option, $book_id); break; case "cancel_review_edit": $book_id = mosGetParam($_POST, 'book_id'); editBook($option, $book_id); break; default: showBooks($option); break; } } /* * CAT_Utils Class */ class CAT_Utils
if (insert_review($HTTP_VARS['item_id'], get_opendb_session_var('user_id'), $HTTP_VARS['comment'], $HTTP_VARS['rating'])) { echo "<p class=\"success\">" . get_opendb_lang_var('review_added') . "</p>"; } else { echo "<p class=\"error\">" . get_opendb_lang_var('review_not_added') . "</p>"; } } else { echo format_error_block($errors); echo get_edit_form('insert', array(), $HTTP_VARS); } } else { if ($HTTP_VARS['op'] == 'update') { if (get_opendb_config_var('item_review', 'update_support') !== FALSE) { if (is_review_author($review_r['sequence_number']) || is_user_granted_permission(PERM_ADMIN_REVIEWER)) { $HTTP_VARS['comment'] = filter_input_field('htmlarea(55,10)', $HTTP_VARS['comment']); if (validate_review_input($HTTP_VARS, $errors)) { if (update_review($HTTP_VARS['sequence_number'], $HTTP_VARS['comment'], $HTTP_VARS['rating'])) { echo "<p class=\"success\">" . get_opendb_lang_var('review_updated') . "</p>"; } else { echo "<p class=\"error\">" . get_opendb_lang_var('review_not_updated') . "</p>"; } } else { echo format_error_block($errors); echo get_edit_form('update', array(), $HTTP_VARS); } } else { echo "<p class=\"error\">" . get_opendb_lang_var('operation_not_available') . "</p>"; } } else { echo "<p class=\"error\">" . get_opendb_lang_var('operation_not_available') . "</p>"; } } else {