Page callback: Publishes the specified comment.
$cid: A comment identifier.
function comment_approve($cid) {
// @todo CSRF tokens are validated in page callbacks rather than access
// callbacks, because access callbacks are also invoked during menu link
// generation. Add token support to routing: http://drupal.org/node/755584.
$token = drupal_container()
->get('request')->query
->get('token');
if (!isset($token) || !drupal_valid_token($token, "comment/{$cid}/approve")) {
throw new AccessDeniedHttpException();
}
if ($comment = comment_load($cid)) {
$comment->status = COMMENT_PUBLISHED;
comment_save($comment);
drupal_set_message(t('Comment approved.'));
drupal_goto('node/' . $comment->nid);
}
throw new NotFoundHttpException();
}