/**
* @see \wcf\action\IAction::readParameters()
*/
public function readParameters()
{
if (!MODULE_POLL) {
throw new IllegalLinkException();
}
AbstractSecureAction::readParameters();
if (isset($_POST['actionName'])) {
$this->actionName = StringUtil::trim($_POST['actionName']);
}
if (isset($_POST['pollID'])) {
$this->pollID = intval($_POST['pollID']);
}
$polls = PollManager::getInstance()->getPolls(array($this->pollID));
if (!isset($polls[$this->pollID])) {
throw new UserInputException('pollID');
}
$this->poll = $polls[$this->pollID];
// load related object
$this->relatedObject = PollManager::getInstance()->getRelatedObject($this->poll);
if ($this->relatedObject === null) {
if ($this->poll->objectID) {
throw new SystemException("Missing related object for poll id '" . $this->poll->pollID . "'");
}
} else {
$this->poll->setRelatedObject($this->relatedObject);
}
// validate action
switch ($this->actionName) {
case 'getResult':
if (!$this->poll->canSeeResult()) {
throw new PermissionDeniedException();
}
break;
case 'getVote':
case 'vote':
if (!$this->poll->canVote()) {
throw new PermissionDeniedException();
}
break;
default:
throw new SystemException("Unknown action '" . $this->actionName . "'");
break;
}
if (isset($_POST['optionIDs']) && is_array($_POST['optionIDs'])) {
$this->optionIDs = ArrayUtil::toIntegerArray($_POST['optionIDs']);
if (count($this->optionIDs) > $this->poll->maxVotes) {
throw new PermissionDeniedException();
}
$optionIDs = array();
foreach ($this->poll->getOptions() as $option) {
$optionIDs[] = $option->optionID;
}
foreach ($this->optionIDs as $optionID) {
if (!in_array($optionID, $optionIDs)) {
throw new PermissionDeniedException();
}
}
}
}
