guest || $user->id != user::active()->id) { access::forbidden(); } $form = user::get_edit_form($user); $form->edit_user->password->rules("-required"); if ($form->validate()) { // @todo: allow the user to change their name $user->full_name = $form->edit_user->full_name->value; $user->password = $form->edit_user->password->value; $user->email = $form->edit_user->email->value; $user->save(); print json_encode( array("result" => "success", "resource" => url::site("users/{$user->id}"))); } else { print json_encode( array("result" => "error", "form" => $form->__toString())); } } public function _form_edit($user) { if ($user->guest || $user->id != user::active()->id) { access::forbidden(); } print user::get_edit_form($user); } }