Merge branch 'master' into talmdal_dev

author: Tim Almdal <tnalmdal@shaw.ca> 2010-06-06 15:45:03 -0700
committer: Tim Almdal <tnalmdal@shaw.ca> 2010-06-06 15:45:03 -0700
commit: 097ef934c6fe188cc368905ee72b7cca6ad2f755 (patch)
tree: 75e92a4edf717f2a6828a802f45485af06af3c71 /modules/comment/controllers/comments.php
parent: c4d85721fc0a3b9aad45451fb917d6e23b804c05 (diff)
parent: aeee88031fed7029c3320800d237b69993e8b6d4 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/modules/comment/controllers/comments.php b/modules/comment/controllers/comments.php
index 465b1bcd..c42ad24e 100644
--- a/modules/comment/controllers/comments.php
+++ b/modules/comment/controllers/comments.php
@@ -24,6 +24,9 @@ class Comments_Controller extends Controller {
   public function create($id) {
     $item = ORM::factory("item", $id);
     access::required("view", $item);
+    if (!comment::can_comment()) {
+      access::forbidden();
+    }
 
     $form = comment::get_add_form($item);
     try {
@@ -69,6 +72,9 @@ class Comments_Controller extends Controller {
   public function form_add($item_id) {
     $item = ORM::factory("item", $item_id);
     access::required("view", $item);
+    if (!comment::can_comment()) {
+      access::forbidden();
+    }
 
     print comment::prefill_add_form(comment::get_add_form($item));
   }
author	Tim Almdal <tnalmdal@shaw.ca>	2010-06-06 15:45:03 -0700
committer	Tim Almdal <tnalmdal@shaw.ca>	2010-06-06 15:45:03 -0700
commit	097ef934c6fe188cc368905ee72b7cca6ad2f755 (patch)
tree	75e92a4edf717f2a6828a802f45485af06af3c71 /modules/comment/controllers/comments.php
parent	c4d85721fc0a3b9aad45451fb917d6e23b804c05 (diff)
parent	aeee88031fed7029c3320800d237b69993e8b6d4 (diff)