Jump to content

Valery

Members
  • Posts

    121
  • Joined

  • Last visited

  • Days Won

    1

Community Answers

  1. Valery's post in Updating a profile via the front-end. Code check? was marked as the answer   
    Hey,
    I notice you are using the "edit_content" permission for profile update. I have to ask: why? If the user is logged in, they can update their own profile just fine. Maybe you plan permissions for editing content? Cannot say for sure. This check would be enough:
    if ($user->isLoggedIn() && $user->name == $input->urlSegment1)
    // now you may update you profile, Mr. User
    Don't forget to sanitize urlSegments, too. You can never be too paranoid with user input. Don't be politically correct with external data.
    On a side note, You might want to keep an eye on a similar topic.
  2. Valery's post in Problem: Repeaters, "why u no save?" was marked as the answer   
    teppo, thanks a ton! Now, looking at repeaters as pages makes a lot more sense to me now.
    I won't put my updated code here since it repeats renobird's code from the thread. You have to iterate through the repeaters and treat them one by one as if they were normal pages.
    Which is, as you correctly state, exactly what they are. I can even see them when browsing down the Admin page in the back-end.
    However, I must say that $page->repeater->get(0)->of(false)->save(0) does not work.

    Thanks again!
×
×
  • Create New...