/** * Edit user name (perform the real action after form has been submitted) */ public function editUsername_action() { // check if csrf token is valid if (!Csrf::isTokenValid()) { LoginModel::logout(); Redirect::home(); \Huge\Core\Application::stop(); } UserModel::editUserName(Request::post('user_name')); Redirect::to('user/editUsername'); }
/** * The login action, when you do login/login */ public function login() { // check if csrf token is valid if (!Csrf::isTokenValid()) { LoginModel::logout(); Redirect::home(); \Huge\Core\Application::stop(); } // perform the login method, put result (true or false) into $login_successful $login_successful = LoginModel::login(Request::post('user_name'), Request::post('user_password'), Request::post('set_remember_me_cookie')); // check login status: if true, then redirect user to user/index, if false, then to login form again if ($login_successful) { if (Request::post('redirect')) { Redirect::to(ltrim(urldecode(Request::post('redirect')), '/')); } else { Redirect::to('user/index'); } } else { Redirect::to('login/index'); } }
?> <div class="container"> <h1>UserController/editUsername</h1> <!-- echo out the system feedback (error and success messages) --> <?php $this->renderFeedbackMessages(); ?> <div class="box"> <h2>Change your username</h2> <form action="<?php echo Config::get('URL'); ?> user/editUserName_action" method="post"> <!-- btw http://stackoverflow.com/questions/774054/should-i-put-input-tag-inside-label-tag --> <label> New username: <input type="text" name="user_name" required /> </label> <!-- set CSRF token at the end of the form --> <input type="hidden" name="csrf_token" value="<?php echo Csrf::makeToken(); ?> " /> <input type="submit" value="Submit" /> </form> </div> </div>