guest || $user->id != user::active()->id) { access::forbidden(); } $form = user::get_edit_form($user); $form->edit_user->password->rules("-required"); if ($form->validate()) { // @todo: allow the user to change their name // @todo: handle password changing gracefully $user->full_name = $form->edit_user->full_name->value; if ($form->edit_user->password->value) { $user->password = $form->edit_user->password->value; } $user->email = $form->edit_user->email->value; $user->url = $form->edit_user->url->value; $user->save(); print json_encode( array("result" => "success", "resource" => url::site("users/{$user->id}"))); } else { print json_encode( array("result" => "error", "form" => $form->__toString())); } } public function _form_edit($user) { if ($user->guest || $user->id != user::active()->id) { access::forbidden(); } print user::get_edit_form($user); } }