Changeset 1613
- Timestamp:
- 08/06/08 07:46:14 (4 months ago)
- Files:
-
- devel/mod/commentwall/do_action.php (modified) (1 diff)
- devel/mod/commentwall/lib.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
devel/mod/commentwall/do_action.php
r1550 r1613 26 26 if ($action == "commentwall::post") 27 27 { 28 29 // Store the rating 30 $success = (empty($text)) ? false : commentwall_addcomment($wallowner, $comment_owner, $text);28 // Store the comment if successful 29 // Check the form key here 30 $success = ((empty($text)) || !elggform_key_check(optional_param('form_key'), "commentwall_{$wallowner}_post")) ? false : commentwall_addcomment($wallowner, $comment_owner, $text); 31 31 32 32 // Message devel/mod/commentwall/lib.php
r1607 r1613 202 202 if ($returnurl=="") 203 203 $returnurl = urlencode($_SERVER['REQUEST_URI']); 204 $form_key = elggform_key_get("commentwall_{$wall_owner}_post"); 204 205 $buttontxt = __gettext("Post comment"); 205 206 … … 211 212 <input type="hidden" name="comment_owner" value="{$_SESSION['userid']}" /> 212 213 <input type="hidden" name="return_url" value="$returnurl" /> 214 <input type="hidden" name="form_key" value="$form_key" /> 213 215 <textarea name="text"></textarea> 214 216 END;
