protected function compile() { $strAction = \Input::get('act'); // at first check for the correct request token to be set if ($strAction && !\RequestToken::validate(\Input::get('token')) && !$this->deactivateTokens) { StatusMessage::addError(sprintf($GLOBALS['TL_LANG']['frontendedit']['requestTokenExpired'], Environment::getUrl(true, true, false)), $this->id, 'requestTokenExpired'); return; } if ($strAction == FRONTENDEDIT_ACT_DELETE && ($intId = \Input::get('id'))) { if ($this->checkPermission($intId)) { $this->deleteItem($intId); // return to the list \Controller::redirect(Url::removeQueryString(array('act', 'id', 'token'), Environment::getUrl())); } else { StatusMessage::addError($GLOBALS['TL_LANG']['formhybrid_list']['noPermission'], $this->id); return; } } if ($strAction == FRONTENDEDIT_ACT_PUBLISH && ($intId = \Input::get('id'))) { if ($this->checkPermission($intId)) { $this->publishItem($intId); // return to the list \Controller::redirect(Url::removeQueryString(array('act', 'id'), Environment::getUrl())); } else { StatusMessage::addError($GLOBALS['TL_LANG']['formhybrid_list']['noPermission'], $this->id); return; } } parent::compile(); }