case 'add':
if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
api_not_allowed();
}
$url = api_get_self() . '?action=' . Security::remove_XSS($_GET['action']) . '&' . $params;
$form = $obj->return_form($url, 'add');
// The validation or display
if ($form->validate()) {
if ($check) {
$values = $form->exportValues();
$res = $obj->save_one_item($values);
if ($res) {
Display::display_confirmation_message(get_lang('ItemAdded'));
}
}
$obj->display();
} else {
/*echo '<div class="actions">';
echo '<a href="'.api_get_self().'">'.Display::return_icon('back.png',get_lang('Back'),'',ICON_SIZE_MEDIUM).'</a>';
echo '</div>'; */
$form->addElement('hidden', 'sec_token');
$form->setConstants(array('sec_token' => $token));
$form->display();
}
break;
case 'edit':
// Action handling: Editing
$url = api_get_self() . '?action=' . Security::remove_XSS($_GET['action']) . '&id=' . intval($_GET['id']) . '&' . $params;
$form = $obj->return_form($url, 'edit');
// The validation or display
if ($form->validate()) {
