/**
* Respond to a `module.users.ui.process_edit` event to store profile data gathered when editing or creating a user account.
*
* Parameters passed in via POST:
* ------------------------------
* array dynadata An array containing the profile items to store for the user.
*
* @param Zikula_Event $event The event that triggered this function call, containing the id of the user for which profile information should be stored.
*
* @return void
*/
public function processEdit(Zikula_Event $event)
{
if ($this->request->isPost()) {
if ($this->validation && !$this->validation->hasErrors()) {
$user = $event->getSubject();
$dynadata = $this->request->getPost()->has('dynadata') ? $this->request->getPost()->get('dynadata') : array();
foreach ($dynadata as $dudName => $dudItem) {
UserUtil::setVar($dudName, $dudItem, $user['uid']);
}
}
}
}
/**
* Check Csrf token.
*
* @param string $token The token, if not set, will pull from $_POST['csrftoken'].
*
* @throws Zikula_Exception_Forbidden If check fails.
*
* @return void
*/
public function checkCsrfToken($token=null)
{
if (is_null($token)) {
$token = $this->request->getPost()->get('csrftoken', false);
}
$tokenValidator = $this->serviceManager->getService('token.validator');
if (System::getVar('sessioncsrftokenonetime') && $tokenValidator->validate($token, false, false)) {
return;
}
if ($tokenValidator->validate($token)) {
return;
}
// Should we expire the session also? drak.
throw new Zikula_Exception_Forbidden(__('Security token validation failed'));
}
