/**
* Action called to post values of a new user.
*/
public function postnewAction()
{
// TODO prevent CSRF
$this->secure('admin');
$user = new App_Model_User();
$user->setUsername($_POST['username']);
$user->setPassword($_POST['password']);
$user->setFirstname($_POST['firstname']);
$user->setLastname($_POST['lastname']);
$user->setIsAdmin($_POST['is_admin'] == 'on');
$user->setEmail($_POST['email']);
if (0 === count($user->isValid())) {
$user->save();
return redirect_to('/admin/users');
} else {
$errors = '';
foreach ($user->isValid() as $error) {
$errors .= $error . "<br />";
}
flash_now('error', $errors);
return $this->createAction();
}
}
