if (!$input[$field]) { $fields_missing[] = $field; } } if ($fields_missing) { exit2('missing parameter(s): ' . implode(', ', $fields_missing)); } # sanitize $input['object'] $input['object'] = trim(str_replace('..', '', $input['object']), '/'); if (strpos($input['object'], 'content/') !== 0) { exit2('malformed parameter "object"'); } # sanitize $input['comment'] $input['comment'] = preg_replace('/[^0-9\\.]+/', '', $input['comment']); # look up post/page $post = GBExposedContent::findByCacheName($input['object'] . gb::$content_cache_fnext); # verify existing content and that comments are enabled if (!$post) { exit2('no such object ' . $input['object']); } # remove from comment db try { $cdb = $post->getCommentsDB(); $removed_comment = $cdb->remove($input['comment']); $referrer = gb::referrer_url(); # comment not found if (!$removed_comment) { if ($referrer) { $referrer['gb-error'] = 'Comment ' . $input['comment'] . ' not found'; header('HTTP/1.1 303 See Other'); header('Location: ' . $referrer);
public function current() { $v = current($this->objects); if (!is_object($v)) { $v = GBExposedContent::findByCacheName(key($this->objects)); if ($this->condensed) { $v = $v->condensedVersion(); } $this->objects[key($this->objects)] = $v; } return $v; }