} } } else { if (isset($_GET['action']) && isset($_GET['token']) && check_csrf($_GET['token'], 'suggestions_csrf')) { if ($_GET['action'] == 'delete') { if (isset($_GET['id'])) { if (actions::delete_suggestion($_GET['id'])) { echo '<div class="a-success">' . $LANG['msg_deleted'] . '</div>'; } else { echo '<div class="a-error">' . $LANG['msg_error'] . '</div>'; } } } else { if ($_GET['type'] == 'read' || $_GET['type'] == 'unread') { if (isset($_GET['id'])) { if (actions::action_suggestions($_GET['type'], $_GET['id'])) { echo '<div class="a-success">' . $LANG['msg_saved'] . '</div>'; } else { echo '<div class="a-error">' . $LANG['msg_error'] . '</div>'; } } } } } } $csrf = $_SESSION['suggestions_csrf'] = \site\utils::str_random(10); echo '<div class="page-toolbar"> <form action="#" method="GET" autocomplete="off"> <input type="hidden" name="route" value="suggestions.php" /> <input type="hidden" name="action" value="list" />