Display::display_normal_message($url, false); Display::display_footer(); exit; } $url = api_get_self() . '?action=' . Security::remove_XSS($_GET['action']); $form = $promotion->return_form($url, 'add'); // The validation or display if ($form->validate()) { if ($check) { $values = $form->exportValues(); $res = $promotion->save($values); if ($res) { Display::display_confirmation_message(get_lang('ItemAdded')); } } $promotion->display(); } else { echo '<div class="actions">'; echo Display::url(Display::return_icon('back.png', get_lang('Back'), '', ICON_SIZE_MEDIUM), api_get_self()); echo '</div>'; $form->addElement('hidden', 'sec_token'); $form->setConstants(array('sec_token' => $token)); $form->display(); } break; case 'edit': //Editing $url = api_get_self() . '?action=' . Security::remove_XSS($_GET['action']) . '&id=' . intval($_GET['id']); $form = $promotion->return_form($url, 'edit'); // The validation or display if ($form->validate()) {