$permissions = is_array($_REQUEST['permissions']) ? $_REQUEST['permissions'] : unserialize(urldecode($_REQUEST['permissions']));
} else {
$permissions = false;
}
if (!empty($_REQUEST['action']) && ($_REQUEST['action'] == 'edit' || $_REQUEST['action'] == 'add' || $_REQUEST['action'] == 'delete')) {
if (!$token1) {
if (!empty($_REQUEST['request_2fa'])) {
if (!($token1 > 0)) {
$no_token = true;
$request_2fa = true;
Errors::add(Lang::string('security-no-token'));
}
}
if (User::$info['verified_authy'] == 'Y' || User::$info['verified_google'] == 'Y') {
if (!empty($_REQUEST['send_sms']) || User::$info['using_sms'] == 'Y') {
if (User::sendSMS()) {
$sent_sms = true;
Messages::add(Lang::string('withdraw-sms-sent'));
}
}
$request_2fa = true;
}
} else {
API::token($token1);
if ($_REQUEST['action'] == 'edit') {
API::add('APIKeys', 'edit', array($permissions));
} elseif ($_REQUEST['action'] == 'add') {
API::add('APIKeys', 'add');
} elseif ($_REQUEST['action'] == 'delete') {
API::add('APIKeys', 'delete', array($remove_id1));
}
if ($_REQUEST['method'] != 'google') {
API::add('User', 'registerAuthy', array($cell1, $country_code1));
$query = API::send();
$authy_id = $query['User']['registerAuthy']['results'][0]['user']['id'];
$response = $query['User']['registerAuthy']['results'][0];
if (!$response || !is_array($response)) {
Errors::merge(Lang::string('security-com-error'));
}
if ($response['success'] == 'false') {
Errors::merge($response['errors']);
}
}
if (!is_array(Errors::$errors)) {
if ($_REQUEST['method'] != 'google') {
if ($_REQUEST['method'] == 'sms') {
if (User::sendSMS($authy_id)) {
$using_sms = 'Y';
}
} else {
$using_sms = 'N';
}
if (!is_array(Errors::$errors)) {
API::add('User', 'enableAuthy', array($cell1, $country_code1, $authy_id, $using_sms));
API::add('User', 'settingsEmail2fa', array(array('authy' => 1), 1));
$query = API::send();
//$step1 = true;
if ($query['User']['settingsEmail2fa']['results'][0]) {
Link::redirect('security.php?notice=email');
}
}
} else {
