summaryrefslogtreecommitdiff
path: root/modules/comment/controllers/comments.php
diff options
context:
space:
mode:
Diffstat (limited to 'modules/comment/controllers/comments.php')
-rw-r--r--modules/comment/controllers/comments.php9
1 files changed, 8 insertions, 1 deletions
diff --git a/modules/comment/controllers/comments.php b/modules/comment/controllers/comments.php
index 9e0f86d2..c42ad24e 100644
--- a/modules/comment/controllers/comments.php
+++ b/modules/comment/controllers/comments.php
@@ -24,6 +24,9 @@ class Comments_Controller extends Controller {
public function create($id) {
$item = ORM::factory("item", $id);
access::required("view", $item);
+ if (!comment::can_comment()) {
+ access::forbidden();
+ }
$form = comment::get_add_form($item);
try {
@@ -58,6 +61,7 @@ class Comments_Controller extends Controller {
"view" => (string) $view,
"form" => (string) comment::get_add_form($item)));
} else {
+ $form = comment::prefill_add_form($form);
print json_encode(array("result" => "error", "form" => (string) $form));
}
}
@@ -68,7 +72,10 @@ class Comments_Controller extends Controller {
public function form_add($item_id) {
$item = ORM::factory("item", $item_id);
access::required("view", $item);
+ if (!comment::can_comment()) {
+ access::forbidden();
+ }
- print comment::get_add_form($item);
+ print comment::prefill_add_form(comment::get_add_form($item));
}
}
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-14 05:15:57 +0000