id == 'add' or $action->id == 'edit') { $this->enableCsrfValidation = false; } return parent::beforeAction($action); } public function actionAdd(){ /** * @var \common\models\Author $user; */ $user = \Yii::$app->user->identity; if (\Yii::$app->user->isGuest) { $this->redirect([ 'site/index' ]); } $model = new Book(); if (\Yii::$app->request->isPost) { if ($model->load(\Yii::$app->request->post(), '') and $model->validate()) { $model->author_id = $user->id; $model->status = $model::STATUS_MODERATION; return($model->save() && $model->saveImage(UploadedFile::getInstanceByName('file'))); } else { return false; } } return $this->render('add', [ 'book' => array() ]); } public function actionEdit($id){ $model = Book::findOne($id); if ($model->author_id !== \Yii::$app->user->getId()){ return $this->redirect(['site/index']); } if (\Yii::$app->request->isPost) { if ($model->load(\Yii::$app->request->post(), '') and $model->validate()) { return($model->save() && $model->saveImage(UploadedFile::getInstanceByName('file'))); } else { return false; } } return $this->render('add', [ 'book' => $model->attributes ]); } public function actionIndex(){ } }