public function profileAction()
{
//firstly, check that user is editing own profile, if not send to error
$authStorage = Zend_Auth::getInstance()->getStorage();
$userInfo = $authStorage->read();
$userID = $userInfo->id;
$request = $this->getRequest();
$reqID = $request->id;
if ($userID != $reqID) {
$request->setControllerName('error')->setActionName('denied');
} else {
//user editing own profile, proceed as usual
$this->view->title = "My Profile";
$this->view->headTitle($this->view->title, 'PREPEND');
$form = new Form_UserProfile();
$form->submit->setLabel('Update');
$this->view->form = $form;
$this->view->userID = $userID;
if ($this->getRequest()->isPost()) {
$formData = $this->getRequest()->getPost();
if ($form->isValid($formData)) {
$id = (int) $form->getValue('id');
$first = $form->getValue('first');
$last = $form->getValue('last');
$email = $form->getValue('email');
$users = new Model_DbTable_Users();
$users->updateUser($id, $first, $last, $email);
$this->view->statusMessage = "Profile updated successfully!";
//update auth storage with new info.
$authStorage = Zend_Auth::getInstance()->getStorage();
$userInfo = $authStorage->read();
$userInfo->first = $first;
$userInfo->last = $last;
$userInfo->email = $email;
$authStorage->write($userInfo);
} else {
$form->populate($formData);
}
} else {
$id = $this->_getParam('id', 0);
if ($id > 0) {
$users = new Model_DbTable_Users();
$form->populate($users->getUser($id));
}
}
}
}
