$Session->assert_received_crumb('goal'); // Check permission: $current_User->check_perm('stats', 'edit', true); // Make sure we got an ftyp_ID: param('goal_ID', 'integer', true); // load data from request if ($edited_Goal->load_from_Request()) { // We could load data from form without errors: // Update in DB: $DB->begin(); $q = $edited_Goal->dbexists(); if ($q) { // We have a duplicate entry: param_error('goal_key', sprintf(T_('This goal already exists. Do you want to <a %s>edit the existing goal</a>?'), 'href="?ctrl=goals&action=edit&goal_ID=' . $q . '"')); } else { $edited_Goal->dbupdate(); $Messages->add(T_('Goal updated.'), 'success'); } $DB->commit(); if (empty($q)) { $action = 'list'; // Redirect so that a reload doesn't write to the DB twice: header_redirect('?ctrl=goals', 303); // Will EXIT // We have EXITed already at this point!! } } break; case 'delete': // Delete file type: // Check that this action request is not a CSRF hacked request: