diff options
| author | Nathan Kinkade <nkinkade@nkinka.de> | 2010-07-08 00:29:37 +0000 |
|---|---|---|
| committer | Nathan Kinkade <nkinkade@nkinka.de> | 2010-07-08 00:29:37 +0000 |
| commit | c83650d83ad8b1f4bda30cac2ae8efa6e1c97287 (patch) | |
| tree | 482cf980e87cd7c80c28a89bb9395eba6b53026f /modules/comment/controllers/comments.php | |
| parent | a0b0b415515bff5f9edd43d373e8e78f3b3f8e4d (diff) | |
| parent | 9d66783f47636153bf3661d1d89e694dd5188c36 (diff) | |
Merge branch 'master' of git://github.com/gallery/gallery3
Diffstat (limited to 'modules/comment/controllers/comments.php')
| -rw-r--r-- | modules/comment/controllers/comments.php | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/modules/comment/controllers/comments.php b/modules/comment/controllers/comments.php index 9e0f86d2..c42ad24e 100644 --- a/modules/comment/controllers/comments.php +++ b/modules/comment/controllers/comments.php @@ -24,6 +24,9 @@ class Comments_Controller extends Controller { public function create($id) { $item = ORM::factory("item", $id); access::required("view", $item); + if (!comment::can_comment()) { + access::forbidden(); + } $form = comment::get_add_form($item); try { @@ -58,6 +61,7 @@ class Comments_Controller extends Controller { "view" => (string) $view, "form" => (string) comment::get_add_form($item))); } else { + $form = comment::prefill_add_form($form); print json_encode(array("result" => "error", "form" => (string) $form)); } } @@ -68,7 +72,10 @@ class Comments_Controller extends Controller { public function form_add($item_id) { $item = ORM::factory("item", $item_id); access::required("view", $item); + if (!comment::can_comment()) { + access::forbidden(); + } - print comment::get_add_form($item); + print comment::prefill_add_form(comment::get_add_form($item)); } } |