<?php
/**
*
* @link http://bw.bo-blog.com
* @copyright (c) 2014 bW Development Team
* @license MIT
*/
if (!defined('P')) {
die('Access Denied.');
}
@session_start();
$admin = new bwAdmin();
$view = new bwView();
if ($canonical->currentArgs['mainAction'] == '1') {
if (isset($_REQUEST['mobileToken']) && !isset($_SESSION['login-token'])) {
if (file_exists(P . 'conf/mobileauth.php')) {
include_once P . 'conf/mobileauth.php';
if (in_array($_REQUEST['mobileToken'], $allMobileKeys)) {
$admin->storeMobileToken();
$admin->verified = true;
$_SESSION['authmobile'] = 1;
}
}
}
}
if ($canonical->currentArgs['mainAction'] != 'login') {
if (!array_key_exists('login-token', $_SESSION)) {
if (defined('ajax')) {
stopError($conf['l']['admin:msg:NeedLogin']);
}
}
if (strtolower(trim($smt['userName'])) == strtolower(bw::$conf['authorName']) && $smt['socialkey'] != 'administrator') {
stopError(bw::$conf['l']['page:NameViolation']);
}
if ($conf['commentOpt'] == 2 && !$smt['socialkey']) {
stopError(bw::$conf['l']['page:LoginRequiredError']);
}
$smt = $comment->addComment($smt);
$view->setMaster('ajaxcomment');
$view->setPassData($smt);
$view->setWorkFlow(array('ajaxcomment'));
$view->finalize();
}
if ($canonical->currentArgs['subAction'] == 'check') {
if (isset($_SESSION['login-token'])) {
$admin = new bwAdmin();
$admin->verifySessionToken($_SESSION['login-token']);
if ($admin->verified) {
ajaxSuccess('');
}
}
stopError('');
}
if ($canonical->currentArgs['subAction'] == 'load') {
if (!isset($_REQUEST['aID'])) {
stopError(bw::$conf['l']['admin:msg:NotExist']);
}
$comment->alterAID($_REQUEST['aID']);
$comment->getComList();
$totalBatches = ceil($comment->totalCom / bw::$conf['comPerLoad']);
$view->setPassData(array('comments' => $comment->comList));
