From 5de8aeafad74a35be113fd34917d66a5b10fce1e Mon Sep 17 00:00:00 2001
From: rvelices <rv-github@modusoptimus.com>
Date: Wed, 22 Nov 2006 04:41:25 +0000
Subject: feature 440: send mail to admin when comment is entered

git-svn-id: http://piwigo.org/svn/trunk@1617 68402e56-0260-453c-a942-63ccdbb3a9ee
---
 comments.php | 28 +++++++++++++++-------------
 1 file changed, 15 insertions(+), 13 deletions(-)

(limited to 'comments.php')

diff --git a/comments.php b/comments.php
index 8786605ef..4d9ca26db 100644
--- a/comments.php
+++ b/comments.php
@@ -155,28 +155,30 @@ else
 // +-----------------------------------------------------------------------+
 // |                         comments management                           |
 // +-----------------------------------------------------------------------+
-if (is_admin() and !is_adviser() )
-{
-  if (isset($_GET['delete']) and is_numeric($_GET['delete']) )
-  {// comments deletion
-    $query = '
+if (isset($_GET['delete']) and is_numeric($_GET['delete'])
+      and !is_adviser() )
+{// comments deletion
+  check_status(ACCESS_ADMINISTRATOR);
+  $query = '
 DELETE FROM '.COMMENTS_TABLE.'
   WHERE id='.$_GET['delete'].'
 ;';
-    pwg_query($query);
-  }
+  pwg_query($query);
+}
 
-  if (isset($_GET['validate']) and is_numeric($_GET['validate']) )
-  {  // comments validation
-    $query = '
+if (isset($_GET['validate']) and is_numeric($_GET['validate'])
+      and !is_adviser() )
+{  // comments validation
+  check_status(ACCESS_ADMINISTRATOR);
+  $query = '
 UPDATE '.COMMENTS_TABLE.'
   SET validated = \'true\'
-    , validation_date = NOW()
+  , validation_date = NOW()
   WHERE id='.$_GET['validate'].'
 ;';
-    pwg_query($query);
-  }
+  pwg_query($query);
 }
+
 // +-----------------------------------------------------------------------+
 // |                       page header and options                         |
 // +-----------------------------------------------------------------------+
-- 
cgit v1.2.3