/** * @before _secured, _admin */ public function add() { $view = $this->getActionView(); $view->set('submstoken', $this->mutliSubmissionProtectionToken()); if (RequestMethods::post('submitAddExam')) { if ($this->checkCSRFToken() !== true && $this->checkMutliSubmissionProtectionToken(RequestMethods::post('submstoken')) !== true) { self::redirect('/admin/exam/'); } $exam = new App_Model_Exam(array('title' => RequestMethods::post('title'), 'description' => RequestMethods::post('description'), 'shortcut' => RequestMethods::post('shortcut'), 'rank' => RequestMethods::post('rank', 1))); if ($exam->validate()) { $id = $exam->save(); Event::fire('admin.log', array('success', 'Exam Id: ' . $id)); $view->successMessage('Zkouška' . self::SUCCESS_MESSAGE_1); self::redirect('/admin/exam/'); } else { Event::fire('admin.log', array('fail')); $view->set('errors', $exam->getErrors())->set('submstoken', $this->revalidateMutliSubmissionProtectionToken())->set('exam', $exam); } } }