frontend user card safe

frontend/modules/card/controllers/UserCardController.php

@@ -68,16 +68,10 @@ class UserCardController extends Controller
         else return $this->render('index', ['info' => '<h3>Ваши личные данные не заненсены в базу.</h3>']);
     }
 
-    /**
+    public function actionUpdate()
-     * Updates an existing UserCard model.
-     * If update is successful, the browser will be redirected to the 'view' page.
-     * @param integer $id
-     * @return mixed
-     * @throws NotFoundHttpException if the model cannot be found
-     */
-    public function actionUpdate($id)
     {
-        $model = $this->findModel($id);
+        $model = UserCard::findOne(['id_user' => Yii::$app->user->identity->id]);
+
         if ($model->load(Yii::$app->request->post()) && $model->save()) {
             return $this->redirect(['index', 'id' => $model->id]);
         }
@@ -87,28 +81,22 @@ class UserCardController extends Controller
         ]);
     }
 
-    public function actionPassword($id)
+    public function actionPassword()
     {
-        $user_card = UserCard::findOne($id);
+        $model = User::findOne(Yii::$app->user->identity->id);
-        $model = User::findOne(['id' => $user_card->id_user]);
+
+        if (Yii::$app->request->post()) {
+            $model->setPassword(Yii::$app->request->post()['password']);
+            $model->save();
+
+            return $this->redirect(['index', 'id' => $model->id]);
+        }
 
         return $this->render('password', [
             'model' => $model,
         ]);
     }
 
-    public function actionAjax() {
-        if(Yii::$app->request->isAjax) {
-            $id = $_POST['id'];
-            $password = $_POST['password'];
-
-            $user_card = UserCard::findOne($id);
-            $user = User::findOne(['id' => $user_card->id_user]);
-            $user->password = $password;
-            $user->save();
-        }
-    }
-
     /**
      * Finds the Product model based on its primary key value.
      * If the model is not found, a 404 HTTP exception will be thrown.

frontend/modules/card/views/user-card/password.php

@@ -1,21 +1,26 @@
 <?php
-    use yii\helpers\Html;
+
-    use yii\widgets\ActiveForm;
+use yii\helpers\Html;
+use yii\widgets\ActiveForm;
+
+
+/* @var $this yii\web\View */
+/* @var $model */
+/* @var $form yii\widgets\ActiveForm */
 ?>
 
-<?php $form = ActiveForm::begin([
+<div class="user-card-form">
-    'id' => 'password-form',
-    'enableClientValidation' => true,
-    'enableAjaxValidation'   => false,
-    'method' => 'post',
-]); ?>
 
-<h4>Введите новый пароль</h4>
+    <?php $form = ActiveForm::begin(); ?>
 
-<?= Html::input('text', 'password', '', ['class' => 'form-control custom-input']) ?>
+    <?= Html::input('text', 'password', '', ['class' => 'form-control custom-input']) ?>
 
-<br>
+    <br>
 
-<?= Html::submitButton('Сохранить', ['class' => 'btn btn-success']) ?>
+    <div class="form-group">
+        <?= Html::submitButton('Save', ['class' => 'btn btn-success']) ?>
+    </div>
 
-<?php ActiveForm::end(); ?>
+    <?php ActiveForm::end(); ?>
+
+</div>

frontend/modules/card/views/user-card/view.php

@@ -8,14 +8,16 @@ use yii\widgets\DetailView;
 /* @var $skills \common\models\CardSkill */
 /* @var $skill \common\models\Skill */
 /* @var $modelFildValue yii\data\ActiveDataProvider */
+/* @var $model */
 
 $this->title = 'Профиль';
 ?>
 <div class="user-card-view">
     <h3>Личная информация</h3>
     <?php
-    echo Html::a('Изменить профиль', ['/card/user-card/update', 'id' => $model->id], ['class' => 'btn btn-success'])
+    echo Html::a('Изменить профиль', ['/card/user-card/update'], ['class' => 'btn btn-success'])
-    . '&nbsp' . Html::a('Изменить пароль', ['/card/user-card/password', 'id' => $model->id], ['class' => 'btn btn-success']);
+    . '&nbsp' . Html::a('Изменить пароль', ['/card/user-card/password'], ['class' => 'btn btn-success']) . '<br><br>';
+
     echo  DetailView::widget([
         'model' => $model,
         'attributes' => [