public function action_deleteAvatar() { // get account id from cookie $account = new \Model_Accounts(); $cookie = $account->getAccountCookie(); if (\Input::method() == 'POST') { if (!\Extension\NoCsrf::check()) { // validate token failed $output['form_status'] = 'error'; $output['form_status_message'] = \Lang::get('fslang_invalid_csrf_token'); $output['result'] = false; } else { if (!isset($cookie['account_id']) || \Model_Accounts::isMemberLogin() == false) { $output['result'] = false; } else { $output['result'] = true; $account->deleteAccountAvatar($cookie['account_id']); } } } unset($account, $cookie); if (\Input::is_ajax()) { // re-generate csrf token for ajax form to set new csrf. $output['csrf_html'] = \Extension\NoCsrf::generate(); $response = new \Response(); $response->set_header('Content-Type', 'application/json'); $response->body(json_encode($output)); return $response; } else { if (\Input::referrer() != null && \Input::referrer() != \Uri::main()) { \Response::redirect(\Input::referrer()); } else { \Response::redirect(\Uri::base()); } } }