Vulnerability in EPiServer.Forms
Have a design question for you.
I have a bunch of the user pages based on a page class. When a user logged in, the menu item (block) appears that has the link to the specific to the user page. By clicking on the link, the user is able to load his profile for the editing.
The menu block has a property of type 'ContentLink' with the name 'User Profile'. On login event I have been thinking dynamically assign the menu property 'User Profile' with the content link to the corresponding user page, using 'CreateWritableClone()' for the menu block and changing the property.
AirMenuImageLinkBlock blockClone = menuLink.CreateWritableClone() as AirMenuImageLinkBlock;
blockClone.Link = userPage == null ? ContentReference.StartPage.GetFriendlyUrlAir() : userPage.GetFriendlyUrlAir();
contentRepository.Save((IContent)blockClone, EPiServer.DataAccess.SaveAction.Publish, EPiServer.Security.AccessLevel.Read);
But it does not seem to work. The menu block is not being updated with the corresponding link to the user's page. (by the way the code is located in MenuController)
In any way, may be I am overdoing it. Any recommendations? first to may be to do it differently, secondly how to make the dynamic change to the property of the block to work.
thanks for any suggestions,
By the way, I like how the prifile data is organized in this forum.
IF there is anyone that related to the design of this forum, (i assume it based on episerver), how do you guys went around it?
Did you expand the profile section in the webconfig OR you actually extended 'ApplicationUser' OR you have created your own 'UserProperties' page class?