case 'add':
if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
api_not_allowed();
}
$url = api_get_self() . '?action=' . Security::remove_XSS($_GET['action']);
$form = $timeline->return_form($url, 'add');
// The validation or display
if ($form->validate()) {
if ($check) {
$values = $form->exportValues();
$res = $timeline->save($values);
if ($res) {
$message = Display::return_message(get_lang('ItemAdded'), 'success');
}
}
$content = $timeline->listing();
} else {
$actions .= '<a href="' . api_get_self() . '">' . Display::return_icon('back.png', get_lang('Back'), '', ICON_SIZE_MEDIUM) . '</a>';
$form->addElement('hidden', 'sec_token');
$form->setConstants(array('sec_token' => $token));
$content = $form->return_form();
}
break;
case 'edit':
// Action handling: Editing
$url = api_get_self() . '?action=' . Security::remove_XSS($_GET['action']) . '&id=' . intval($_GET['id']);
$form = $timeline->return_form($url, 'edit');
// The validation or display
if ($form->validate()) {
if ($check) {
$values = $form->exportValues();
