We’re launching a new custom Joomla eCommerce site this week. I’m especially excited about this one, because it’s one of my own ventures, via Mock-Epic LLC. The first retail site is TwistedPens.com, which sells twisted pens (some of which we make here in-house). We hope to have a total of three retail sites online before this summer. Looking forward to it!
I’ve been experimenting with modifying a copy of the Joomla “profile” plugin (/plugins/users/profile) and adding custom profile fields to use in other Components. Retrieving those stored profile values required some research, but it turns out it’s pretty straight-forward:
$User = JFactory::getUser(); $Profile = JUserHelper::getProfile(User->id);
From there, it may be easiest to just use the print_r() function to see what properties are available. In my case, they were in the “profile” property of the $Profile object, which was an array. So:
$favorite_goat = $Profile->profile['favorite_goat'];
I’ve become very accustomed to using Joomla’s JRequest class in custom Components. Since that class is now deprecated, I’m having to find new work-arounds, most involving the JInput class. Pretty much ever form had been using JRequest::checkToken() to guard against CSRF attacks, like:
if (!JRequest::checkToken()) $this->setError('Invalid (or expired) request token.');
To get around using JRequest, I’m now using this:
$app = JFactory::getApplication(); $token = JSession::getFormToken(); if (!$token || !$app->input->get($token, null, 'alnum')) $this->setError('Invalid (or expired) request token.');
…which seems to work in pretty much the same way. In the old JRequest::checkToken() method, it was also redirecting to the login page if no session was detected, which I’m generally skipping.