/** * Respond to a `module.users.ui.process_edit` event to store profile data gathered when editing or creating a user account. * * Parameters passed in via POST: * ------------------------------ * array dynadata An array containing the profile items to store for the user. * * @param Zikula_Event $event The event that triggered this function call, containing the id of the user for which profile information should be stored. * * @return void */ public function processEdit(Zikula_Event $event) { if ($this->request->isPost()) { if ($this->validation && !$this->validation->hasErrors()) { $user = $event->getSubject(); $dynadata = $this->request->getPost()->has('dynadata') ? $this->request->getPost()->get('dynadata') : array(); foreach ($dynadata as $dudName => $dudItem) { UserUtil::setVar($dudName, $dudItem, $user['uid']); } } } }
/** * Check Csrf token. * * @param string $token The token, if not set, will pull from $_POST['csrftoken']. * * @throws Zikula_Exception_Forbidden If check fails. * * @return void */ public function checkCsrfToken($token=null) { if (is_null($token)) { $token = $this->request->getPost()->get('csrftoken', false); } $tokenValidator = $this->serviceManager->getService('token.validator'); if (System::getVar('sessioncsrftokenonetime') && $tokenValidator->validate($token, false, false)) { return; } if ($tokenValidator->validate($token)) { return; } // Should we expire the session also? drak. throw new Zikula_Exception_Forbidden(__('Security token validation failed')); }