if (!NERDZ\Core\Security::refererControl()) { die(NERDZ\Core\Utils::jsonResponse('error', 'CSRF')); } $prj = isset($prj); switch (isset($_GET['action']) ? strtolower($_GET['action']) : '') { case 'add': $hpid = isset($_POST['hpid']) && is_numeric($_POST['hpid']) ? $_POST['hpid'] : false; if (!$hpid) { die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR'))); } die(NERDZ\Core\Utils::jsonDbResponse($comments->add($hpid, $_POST['message'], $prj))); case 'del': $hcid = isset($_POST['hcid']) && is_numeric($_POST['hcid']) ? $_POST['hcid'] : false; if (!$hcid || !$comments->delete($hcid, $prj)) { die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR'))); } break; case 'get': if (empty($_POST['hcid']) || !($message = Comments::getMessage($_POST['hcid'], $prj))) { die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR'))); } die(NERDZ\Core\Utils::jsonResponse('ok', $message)); case 'edit': if (empty($_POST['hcid'])) { die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR'))); } die(NERDZ\Core\Utils::jsonDbResponse($comments->edit($_POST['hcid'], $_POST['message'], $prj))); default: die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR'))); } die(NERDZ\Core\Utils::jsonResponse('ok', 'OK'));