/** * Processes the REST request. */ public function processRequest() { // Check if the action is an user action. if ($this->isUserAction()) { if ($this->hasRequest('value')) { if (!$this->getRequest('value')) { // Throw error if the 'value' argument is set but empty. $this->throwError(1, 'value'); break; } // Create a user variable with the 'value' argument. $user = $this->xenAPI->getUser($this->getRequest('value')); if (!$user->isRegistered()) { // Throw error if the 'value' user is not registered. $this->throwError(4, 'user', $this->getRequest('value')); break; } } else { if ($this->hasRequest('hash')) { // The 'value' argument was not set, check if hash is an API key. if ($this->hasAPIKey() && !isset($this->grab_as)) { /** * The 'hash' argument is an API key, and the 'value' argument * is required but not set, throw error. */ $this->throwError(3, 'value'); } // Get the user from the hash. $user = $this->getUser(); } else { // Nor the 'value' argument or the 'hash' argument has been set, throw error. $this->throwError(3, 'value'); break; } } } switch (strtolower($this->getAction())) { case 'authenticate': /** * Authenticates the user and returns the hash that the user has to use for future requests. * * EXAMPLE: * - api.php?action=authenticate&username=USERNAME&password=PASSWORD */ if (!$this->hasRequest('username')) { // The 'username' argument has not been set, throw error. $this->throwError(3, 'username'); break; } else { if (!$this->getRequest('username')) { // Throw error if the 'username' argument is set but empty. $this->throwError(1, 'username'); break; } else { if (!$this->hasRequest('password')) { // The 'password' argument has not been set, throw error. $this->throwError(3, 'password'); break; } else { if (!$this->getRequest('password')) { // Throw error if the 'password' argument is set but empty. $this->throwError(1, 'password'); break; } } } } // Get the user object. $user = $this->xenAPI->getUser($this->getRequest('username')); if (!$user->isRegistered()) { // Requested user was not registered, throw error. $this->throwError(4, 'user', $this->getRequest('username')); } else { // Requested user was registered, check authentication. if ($user->validateAuthentication($this->getRequest('password'))) { // Authentication was valid, grab the user's authentication record. $record = $user->getAuthenticationRecord(); $ddata = unserialize($record['data']); // Send the hash in responsel. $this->sendResponse(array('hash' => base64_encode($ddata['hash']))); } else { // The username or password was wrong, throw error. $this->throwError(5, 'Invalid username or password!'); } } break; case 'createalert': if (!$this->hasRequest('user')) { // The 'user' argument has not been set, throw error. $this->throwError(3, 'user'); break; } else { if (!$this->getRequest('user')) { // Throw error if the 'user' argument is set but empty. $this->throwError(1, 'user'); break; } else { if (!$this->hasRequest('cause_user')) { // The 'cause_user' argument has not been set, throw error. $this->throwError(3, 'cause_user'); break; } else { if (!$this->getRequest('cause_user')) { // Throw error if the 'cause_user' argument is set but empty. $this->throwError(1, 'cause_user'); break; } else { if (!$this->hasRequest('content_type')) { // The 'content_type' argument has not been set, throw error. $this->throwError(3, 'content_type'); break; } else { if (!$this->getRequest('content_type')) { // Throw error if the 'content_type' argument is set but empty. $this->throwError(1, 'content_type'); break; } else { if (!$this->hasRequest('content_id')) { // The 'content_id' argument has not been set, throw error. $this->throwError(3, 'content_id'); break; } else { if (!$this->getRequest('content_id')) { // Throw error if the 'content_id' argument is set but empty. $this->throwError(1, 'content_id'); break; } else { if (!$this->hasRequest('alert_action')) { // The 'alert_action' argument has not been set, throw error. $this->throwError(3, 'alert_action'); break; } else { if (!$this->getRequest('alert_action')) { // Throw error if the 'alert_action' argument is set but empty. $this->throwError(1, 'alert_action'); break; } } } } } } } } } } $alert_user = $this->getXenAPI()->getUser($this->getRequest('user')); if (!$alert_user->isRegistered()) { // Requested user was not registered, throw error. $this->throwError(4, 'user', $this->getRequest('user')); } $cause_user = $this->getXenAPI()->getUser($this->getRequest('cause_user')); if (!$cause_user->isRegistered()) { // Requested user was not registered, throw error. $this->throwError(4, 'cause_user', $this->getRequest('cause_user')); } $alert_data = array('content_type' => $this->getRequest('content_type'), 'content_id' => $this->getRequest('content_id'), 'action' => $this->getRequest('alert_action')); // Create the thread object. $alert_results = $this->xenAPI->createAlert($alert_user, $cause_user, $alert_data); // Alert was successful, return results. $this->sendResponse($alert_results); case 'createconversation': /** * TODO * * EXAMPLE: * - api.php */ if ($this->hasAPIKey() && !$this->hasRequest('grab_as')) { // The 'grab_as' argument has not been set, throw error. $this->throwError(3, 'grab_as'); } else { if ($this->hasAPIKey() && !$this->getRequest('grab_as')) { // Throw error if the 'grab_as' argument is set but empty. $this->throwError(1, 'grab_as'); } } $conversation_data = array(); // Array of required parameters. $required_parameters = array('recipients', 'title', 'message'); // Array of additional parameters. $additional_parameters = array('open_invite', 'conversation_locked'); foreach ($required_parameters as $required_parameter) { // Check if the required parameter is set and not empty. $this->checkRequestParameter($required_parameter); // Set the request value. $conversation_data[$required_parameter] = $this->getRequest($required_parameter); } if (strpos($this->getRequest('recipients'), ',') !== FALSE) { $recipient_array = explode(',', $this->getRequest('recipients')); foreach ($recipient_array as $recipient) { $user = $this->getXenAPI()->getUser($recipient); if (!$user->isRegistered()) { // Requested user was not registered, throw error. $this->throwError(4, 'user', $recipient); } } } else { $user = $this->getXenAPI()->getUser($this->getRequest('recipients')); if (!$user->isRegistered()) { // Requested user was not registered, throw error. $this->throwError(4, 'user', $this->getRequest('recipients')); } } foreach ($additional_parameters as $additional_parameter) { if ($this->hasRequest($additional_parameter)) { // Set the request value. $conversation_data[$additional_parameter] = TRUE; } } // Create the conversation object. $conversation_results = $this->xenAPI->createConversation($this->getUser(), $conversation_data); $this->handleUserError($conversation_results, 'conversation_creation_error', 'creating a new conversation'); case 'createconversationreply': /** * TODO * * EXAMPLE: * - api.php */ if ($this->hasAPIKey() && !$this->hasRequest('grab_as')) { // The 'grab_as' argument has not been set, throw error. $this->throwError(3, 'grab_as'); } else { if ($this->hasAPIKey() && !$this->getRequest('grab_as')) { // Throw error if the 'grab_as' argument is set but empty. $this->throwError(1, 'grab_as'); } } $conversation_reply_data = array(); // Array of required parameters. $required_parameters = array('conversation_id', 'message'); foreach ($required_parameters as $required_parameter) { // Check if the required parameter is set and not empty. $this->checkRequestParameter($required_parameter); // Set the request value. $conversation_reply_data[$required_parameter] = $this->getRequest($required_parameter); } // Try to grab the thread from XenForo. $conversation = $this->getXenAPI()->getConversation($this->getRequest('conversation_id'), $this->getUser()); if ($conversation == NULL) { // Could not find the conversation, throw error. $this->throwError(19, 'conversation', $this->getRequest('conversation_id')); } // Create the conversation reply object. $conversation_reply_results = $this->xenAPI->createConversationReply($this->getUser(), $conversation_reply_data); $this->handleUserError($conversation_reply_results, 'conversation_reply_creation_error', 'creating a new conversation reply'); case 'createpost': /** * TODO * * EXAMPLE: * - api.php */ if ($this->hasAPIKey() && !$this->hasRequest('grab_as')) { // The 'grab_as' argument has not been set, throw error. $this->throwError(3, 'grab_as'); break; } else { if ($this->hasAPIKey() && !$this->getRequest('grab_as')) { // Throw error if the 'grab_as' argument is set but empty. $this->throwError(1, 'grab_as'); break; } } if (!$this->hasRequest('thread_id')) { // The 'thread_id' argument has not been set, throw error. $this->throwError(3, 'thread_id'); break; } else { if (!$this->getRequest('thread_id')) { // Throw error if the 'thread_id' argument is set but empty. $this->throwError(1, 'thread_id'); break; } } // Try to grab the thread from XenForo. $thread = $this->getXenAPI()->getThread($this->getRequest('thread_id'), array(), $this->getUser()); if ($thread === NULL) { // Could not find the thread, throw error. $this->throwError(19, 'thread', $this->getRequest('thread_id')); } if (!$this->hasRequest('message')) { // The 'message' argument has not been set, throw error. $this->throwError(3, 'message'); break; } else { if (!$this->getRequest('message')) { // Throw error if the 'message' argument is set but empty. $this->throwError(1, 'message'); break; } } $post_data = array('thread_id' => $thread['thread_id'], 'message' => $this->getRequest('message')); // Create the post object. $post_results = $this->xenAPI->createPost($this->getUser(), $post_data); $this->handleUserError($post_results, 'post_creation_error', 'creating a new post'); case 'createprofilepost': /** * TODO * * EXAMPLE: * - api.php */ // Array of required parameters. $required_parameters = array('message'); foreach ($required_parameters as $required_parameter) { // Check if the required parameter is set and not empty. $this->checkRequestParameter($required_parameter); } if ($this->hasRequest('user')) { if (!$this->getRequest('user')) { // Throw error if the 'user' argument is set but empty. $this->throwError(1, 'user'); break; } $profile_user = $this->getXenAPI()->getUser($this->getRequest('user')); if (!$user->isRegistered()) { // Requested user was not registered, throw error. $this->throwError(4, 'user', $this->getRequest('user')); } } else { $profile_user = $user; } $profile_post_data = array('user_id' => $profile_user->data['user_id'], 'message' => $this->getRequest('message')); // Create the post object. $profile_post_results = $this->xenAPI->createProfilePost($user, $profile_post_data); $this->handleUserError($profile_post_results, 'profile_post_creation_error', 'creating a new profile post'); case 'createprofilepostcomment': /** * TODO * * EXAMPLE: * - api.php */ if ($this->hasAPIKey() && !$this->hasRequest('grab_as')) { // The 'grab_as' argument has not been set, throw error. $this->throwError(3, 'grab_as'); } else { if ($this->hasAPIKey() && !$this->getRequest('grab_as')) { // Throw error if the 'grab_as' argument is set but empty. $this->throwError(1, 'grab_as'); } } // Array of required parameters. $required_parameters = array('profile_post_id', 'message'); foreach ($required_parameters as $required_parameter) { // Check if the required parameter is set and not empty. $this->checkRequestParameter($required_parameter); } // Try to grab the node from XenForo. $profile_post = $this->getXenAPI()->getProfilePost($this->getRequest('profile_post_id'), array(), $this->getUser()); if ($profile_post == NULL) { // Could not find the node, throw error. $this->throwError(19, 'profile post', $this->getRequest('profile_post_id')); } $profile_post_comment_data = array('profile_post_id' => $profile_post['profile_post_id'], 'profile_user_id' => $profile_post['profile_user_id'], 'message' => $this->getRequest('message')); // Create the post object. $profile_post_comment_results = $this->xenAPI->createProfilePostComment($this->getUser(), $profile_post_comment_data); $this->handleUserError($profile_post_comment_results, 'profile_post_comment_creation_error', 'creating a new profile post comment'); case 'createthread': /** * TODO * * EXAMPLE: * - api.php */ if ($this->hasAPIKey() && !$this->hasRequest('grab_as')) { // The 'grab_as' argument has not been set, throw error. $this->throwError(3, 'grab_as'); break; } else { if ($this->hasAPIKey() && !$this->getRequest('grab_as')) { // Throw error if the 'grab_as' argument is set but empty. $this->throwError(1, 'grab_as'); break; } } if (!$this->hasRequest('node_id')) { // The 'node_id' argument has not been set, throw error. $this->throwError(3, 'node_id'); break; } else { if (!$this->getRequest('node_id')) { // Throw error if the 'node_id' argument is set but empty. $this->throwError(1, 'node_id'); break; } } // Try to grab the node from XenForo. $node = $this->getXenAPI()->getNode($this->getRequest('node_id'), array(), $this->getUser()); if ($node == NULL) { // Could not find the node, throw error. $this->throwError(19, 'node', $this->getRequest('node_id')); } if (!$this->hasRequest('title')) { // The 'title' argument has not been set, throw error. $this->throwError(3, 'title'); break; } else { if (!$this->getRequest('title')) { // Throw error if the 'title' argument is set but empty. $this->throwError(1, 'title'); break; } } if (!$this->hasRequest('message')) { // The 'message' argument has not been set, throw error. $this->throwError(3, 'message'); break; } else { if (!$this->getRequest('message')) { // Throw error if the 'message' argument is set but empty. $this->throwError(1, 'message'); break; } } $thread_data = array(); // Array of additional parameters. $additional_parameters = array('prefix_id', 'discussion_open', 'sticky'); foreach ($additional_parameters as $additional_parameter) { // Check if the additional parameter is set and not empty. $this->checkRequestParameter($additional_parameter, FALSE); if ($this->getRequest($additional_parameter)) { // Set the request value. $thread_data[$additional_parameter] = $this->getRequest($additional_parameter); } } $thread_data += array('node_id' => $node['node_id'], 'title' => $this->getRequest('title'), 'message' => $this->getRequest('message')); // Create the thread object. $thread_results = $this->xenAPI->createThread($this->getUser(), $thread_data); $this->handleUserError($thread_results, 'thread_creation_error', 'creating a new thread'); case 'deletepost': /** * TODO * * EXAMPLE: * - api.php */ if (!$this->hasRequest('post_id')) { // The 'post_id' argument has not been set, throw error. $this->throwError(3, 'post_id'); break; } else { if (!$this->getRequest('post_id')) { // Throw error if the 'post_id' argument is set but empty. $this->throwError(1, 'post_id'); break; } } if ($this->hasRequest('reason')) { if (!$this->getRequest('reason')) { // Throw error if the 'reason' argument is set but empty. $this->throwError(1, 'reason'); break; } $reason = $this->getRequest('reason'); } else { $reason = NULL; } // Try to grab the post from XenForo. $post = $this->getXenAPI()->getPost($this->getRequest('post_id'), array(), $this->getUser()); if ($post == NULL) { // Could not find the post, throw error. $this->throwError(19, 'post', $this->getRequest('post_id')); } $delete_results = $this->xenAPI->deletePost($this->getRequest('post_id'), $reason, $this->hasRequest('hard_delete'), $this->getUser()); $this->handleUserError($delete_results, 'post_deletion_error', 'deleting post'); case 'deleteuser': /** * TODO * * EXAMPLE: * - api.php */ if ($this->hasRequest('value')) { if (!$this->getRequest('value')) { // Throw error if the 'value' argument is set but empty. $this->throwError(1, 'value'); break; } $user = $this->getRequest('value'); } else { if ($this->hasAPIKey()) { if (!$this->hasRequest('value')) { // The 'value' argument has not been set, throw error. $this->throwError(3, 'value'); break; } else { if (!$this->getRequest('value')) { // Throw error if the 'value' argument is set but empty. $this->throwError(1, 'value'); break; } } $user = $this->getRequest('value'); } else { $user = NULL; } } //if ($this->hasAPIKey() || $this->getUser()->isAdmin()) { if ($this->hasRequest('reason')) { if (!$this->getRequest('reason')) { // Throw error if the 'reason' argument is set but empty. $this->throwError(1, 'reason'); break; } $reason = $this->getRequest('reason'); } else { $reason = NULL; } // Try to grab the user from XenForo. $user = $this->getXenAPI()->getUser($user); if (!$user->isRegistered()) { // Requested user was not registered, throw error. $this->throwError(4, 'user', $this->getRequest('value')); } $delete_results = $this->getXenAPI()->deleteUser($user); $this->handleUserError($delete_results, 'user_deletion_error', 'deleting user'); case 'editpost': if ($this->hasAPIKey() && !$this->hasRequest('grab_as')) { // The 'grab_as' argument has not been set, throw error. $this->throwError(3, 'grab_as'); } else { if ($this->hasAPIKey() && !$this->getRequest('grab_as')) { // Throw error if the 'grab_as' argument is set but empty. $this->throwError(1, 'grab_as'); } } if (!$this->hasRequest('post_id')) { // The 'post_id' argument has not been set, throw error. $this->throwError(3, 'post_id'); break; } else { if (!$this->getRequest('post_id')) { // Throw error if the 'post_id' argument is set but empty. $this->throwError(1, 'post_id'); break; } } $post = $this->getXenAPI()->getPost($this->getRequest('post_id'), array(), $this->getUser()); if ($post === NULL) { // Could not find the post, throw error. $this->throwError(19, 'post', $this->getRequest('post_id')); } else { if (!$this->hasAPIKey() && !$this->getXenAPI()->canViewPost($this->getUser(), $post)) { if (isset($this->grab_as)) { // Post was found but the 'grab_as' user is not permitted to view the post. $this->throwError(20, $this->getUser()->getUsername() . ' does', 'this post'); } else { // Post was found but the user is not permitted to view the post. $this->throwError(20, 'You do', 'this post'); } } else { if ($this->hasAPIKey() && isset($this->grab_as) && !$this->getXenAPI()->canViewPost($this->getUser(), $post)) { // Post was found but the 'grab_as' user is not permitted to view the thread. $this->throwError(20, $this->getUser()->getUsername() . ' does', 'this post'); } } } // List of fields that are accepted to be edited. $edit_fields = array('thread_id', 'message'); // List of fields that the request should ignore. $ignore_fields = array('hash', 'action', 'grab_as'); // Let's check which fields are set. foreach ($this->data as $data_key => $data_item) { if (!in_array($data_key, $ignore_fields) && in_array($data_key, $edit_fields) && $this->checkRequestParameter($data_key, FALSE)) { $edit_data[$data_key] = $data_item; } } if (count($edit_data) == 0) { // There are no fields set, throw error. $this->throwError(8, $edit_fields); } else { if (array_key_exists('thread_id', $edit_data)) { $thread = $this->getXenAPI()->getThread($edit_data['thread_id'], array(), $this->getUser()); if ($thread == NULL) { // Could not find the thread, throw error. $this->throwError(19, 'thread', $edit_data['thread_id']); } } } // Get edit results. $edit_results = $this->getXenAPI()->editPost($post, $this->getUser(), $edit_data); if (empty($edit_results['error'])) { // Edit was successful, return results. $this->sendResponse($edit_results); } else { // The registration failed, process errors. if (is_array($edit_results['errors'])) { // The error message was an array, loop through the messages. $error_keys = array(); foreach ($edit_results['errors'] as $error_field => $error) { if (!$error instanceof XenForo_Phrase) { $edit_error = array('error_id' => 1, 'error_key' => 'field_not_recognised', 'error_field' => $error_field, 'error_phrase' => $error); // Throw error message. $this->throwError(self::POST_ERROR, $edit_error, 'editing a post'); } // Let's init the edit error array. $edit_error = array('error_id' => $this->getUserErrorID($error->getPhraseName()), 'error_key' => $error->getPhraseName(), 'error_field' => $error_field, 'error_phrase' => $error->render()); // Throw error message. $this->throwError(self::POST_ERROR, $edit_error, 'editing a post'); } } else { $edit_error = array('error_id' => $edit_results['error'], 'error_key' => 'general_post_edit_error', 'error_phrase' => $edit_results['errors']); // Throw error message. $this->throwError(self::POST_ERROR, $edit_error, 'editing a post'); } } case 'editthread': if ($this->hasAPIKey() && !$this->hasRequest('grab_as')) { // The 'grab_as' argument has not been set, throw error. $this->throwError(3, 'grab_as'); } else { if ($this->hasAPIKey() && !$this->getRequest('grab_as')) { // Throw error if the 'grab_as' argument is set but empty. $this->throwError(1, 'grab_as'); } } if (!$this->hasRequest('thread_id')) { // The 'thread_id' argument has not been set, throw error. $this->throwError(3, 'thread_id'); break; } else { if (!$this->getRequest('thread_id')) { // Throw error if the 'thread_id' argument is set but empty. $this->throwError(1, 'thread_id'); break; } } $thread = $this->getXenAPI()->getThread($this->getRequest('thread_id'), array(), $this->getUser()); if ($thread === NULL) { // Could not find the thread, throw error. $this->throwError(19, 'thread', $this->getRequest('thread_id')); } else { if (!$this->hasAPIKey() && !$this->getXenAPI()->canViewThread($this->getUser(), $thread)) { if (isset($this->grab_as)) { // Thread was found but the 'grab_as' user is not permitted to view the thread. $this->throwError(20, $this->getUser()->getUsername() . ' does', 'this thread'); } else { // Thread was found but the user is not permitted to view the thread. $this->throwError(20, 'You do', 'this thread'); } } else { if ($this->hasAPIKey() && isset($this->grab_as) && !$this->getXenAPI()->canViewThread($this->getUser(), $thread)) { // Thread was found but the 'grab_as' user is not permitted to view the thread. $this->throwError(20, $this->getUser()->getUsername() . ' does', 'this thread'); } } } // List of fields that are accepted to be edited. $edit_fields = array('node_id', 'title', 'prefix_id', 'discussion_open', 'sticky'); // TODO: add support for message editing // List of fields that the request should ignore. $ignore_fields = array('hash', 'action', 'grab_as'); // Let's check which fields are set. foreach ($this->data as $data_key => $data_item) { if (!in_array($data_key, $ignore_fields) && in_array($data_key, $edit_fields) && $this->checkRequestParameter($data_key, FALSE)) { $edit_data[$data_key] = $data_item; } } if (count($edit_data) == 0) { // There are no fields set, throw error. $this->throwError(8, $edit_fields); } else { if (array_key_exists('node_id', $edit_data)) { $node = $this->getXenAPI()->getNode($edit_data['node_id'], array(), $this->getUser()); if ($node == NULL) { // Could not find the node, throw error. $this->throwError(19, 'node', $edit_data['node_id']); } } } // Get edit results. $edit_results = $this->getXenAPI()->editThread($thread, $this->getUser(), $edit_data); if (empty($edit_results['error'])) { // Edit was successful, return results. $this->sendResponse($edit_results); } else { // The registration failed, process errors. if (is_array($edit_results['errors'])) { // The error message was an array, loop through the messages. $error_keys = array(); foreach ($edit_results['errors'] as $error_field => $error) { if (!$error instanceof XenForo_Phrase) { $edit_error = array('error_id' => 1, 'error_key' => 'field_not_recognised', 'error_field' => $error_field, 'error_phrase' => $error); // Throw error message. $this->throwError(self::THREAD_ERROR, $edit_error, 'editing a thread'); } // Let's init the edit error array. $edit_error = array('error_id' => $this->getUserErrorID($error->getPhraseName()), 'error_key' => $error->getPhraseName(), 'error_field' => $error_field, 'error_phrase' => $error->render()); // Throw error message. $this->throwError(self::THREAD_ERROR, $edit_error, 'editing a thread'); } } else { $edit_error = array('error_id' => $edit_results['error'], 'error_key' => 'general_thread_edit_error', 'error_phrase' => $edit_results['errors']); // Throw error message. $this->throwError(self::THREAD_ERROR, $edit_error, 'editing a thread'); } } case 'edituser': /** * Edits the user. */ if (!$this->hasRequest('user')) { // The 'user' argument has not been set, throw error. $this->throwError(3, 'user'); break; } else { if (!$this->getRequest('user')) { // Throw error if the 'user' argument is set but empty. $this->throwError(1, 'user'); break; } } if ($this->hasRequest('custom_field_identifier')) { if (!$this->getRequest('custom_field_identifier')) { // Throw error if the 'custom_field_identifier' argument is set but empty. $this->throwError(1, 'custom_field_identifier'); break; } $user = $this->getXenAPI()->getUser($this->getRequest('user'), array('custom_field' => $this->getRequest('custom_field_identifier'))); } else { // Get the user object. $user = $this->getXenAPI()->getUser($this->getRequest('user')); } if (!$user->isRegistered()) { // Requested user was not registered, throw error. $this->throwError(4, 'user', $this->getRequest('user')); } // Init the edit array. $edit_data = array(); if ($this->hasRequest('group')) { // Request has value. if (!$this->getRequest('group')) { // Throw error if the 'group' argument is set but empty. $this->throwError(1, 'group'); break; } $group = $this->getXenAPI()->getGroup($this->getRequest('group')); if (!$group) { $edit_error = array('error_id' => 2, 'error_key' => 'group_not_found', 'error_field' => 'group', 'error_phrase' => 'Could not find group with parameter "' . $this->getRequest('group') . '"'); $this->throwError(self::USER_ERROR, $edit_error, 'editing an user'); } // Set the group id of the edit. $edit_data['group_id'] = $group['user_group_id']; } $group_fields = array('add_groups', 'remove_groups'); foreach ($group_fields as $group_field) { if (!$this->hasRequest($group_field)) { continue; } // Request has value. if (!$this->getRequest($group_field)) { // Throw error if the $group_field argument is set but empty. $this->throwError(1, $group_field); } // Initialize the array. $edit_data[$group_field] = array(); // Check if value is an array. if (strpos($this->getRequest($group_field), ',') !== FALSE) { // Value is an array, explode it. $groups = explode(',', $this->getRequest($group_field)); // Loop through the group values. foreach ($groups as $group_value) { // Grab the group from the group value. $group = $this->getXenAPI()->getGroup($group_value); // Check if group was found. if (!$group) { // Group was not found, throw error. $edit_error = array('error_id' => 2, 'error_key' => 'group_not_found', 'error_field' => $group_field, 'error_phrase' => 'Could not find group with parameter "' . $group_value . '" in array "' . $this->getRequest('add_group') . '"'); $this->throwError(self::USER_ERROR, $edit_error, 'editing an user'); } // Add the group_id to the the add_group array. $edit_data[$group_field][] = $group['user_group_id']; } } else { // Grab the group from the group value. $group = $this->getXenAPI()->getGroup($this->getRequest($group_field)); // Check if group was found. if (!$group) { // Group was not found, throw error. $edit_error = array('error_id' => 2, 'error_key' => 'group_not_found', 'error_field' => $group_field, 'error_phrase' => 'Could not find group with parameter "' . $this->getRequest($group_field) . '"'); $this->throwError(self::USER_ERROR, $edit_error, 'editing an user'); } // Add the group_id to the the add_groups array. $edit_data[$group_field][] = $group['user_group_id']; } } if ($this->hasRequest('custom_fields')) { // Request has value. if (!$this->getRequest('custom_fields')) { // Throw error if the 'custom_fields' argument is set but empty. $this->throwError(1, 'custom_fields'); break; } $custom_fields = $this->getCustomArray($this->getRequest('custom_fields')); // Check if we found any valid custom fields, throw error if not. if (count($custom_fields) == 0) { // The custom fields array was empty, throw error. $edit_error = array('error_id' => 5, 'error_key' => 'invalid_custom_fields', 'error_field' => 'custom_fields', 'error_phrase' => 'The custom fields values were invalid, valid values are: ' . 'custom_fields=custom_field1=custom_value1,custom_field2=custom_value2 ' . 'but got: "' . $this->getRequest('custom_fields') . '" instead'); $this->throwError(self::USER_ERROR, $edit_error, 'editing an user'); } $edit_data['custom_fields'] = $custom_fields; } // List of fields that are accepted to be edited. $edit_fields = array('username', 'password', 'email', 'gender', 'custom_title', 'style_id', 'timezone', 'visible', 'dob_day', 'dob_month', 'dob_year', 'user_state', 'trophy_points'); // List of fields that the request should ignore. $ignore_fields = array('hash', 'action', 'user'); // Let's check which fields are set. foreach ($this->data as $data_key => $data_item) { if (!in_array($data_key, $ignore_fields) && in_array($data_key, $edit_fields) && $this->checkRequestParameter($data_key, FALSE)) { $edit_data[$data_key] = $data_item; } } if (count($edit_data) == 0) { // There are no fields set, throw error. $this->throwError(8, $edit_fields); } // Get edit results. $edit_results = $this->getXenAPI()->editUser($user, $edit_data); if (!empty($edit_results['error'])) { // The registration failed, process errors. if (is_array($edit_results['errors'])) { // The error message was an array, loop through the messages. $error_keys = array(); foreach ($edit_results['errors'] as $error_field => $error) { if (!$error instanceof XenForo_Phrase) { $edit_error = array('error_id' => 1, 'error_key' => 'field_not_recognised', 'error_field' => $error_field, 'error_phrase' => $error); $this->throwError(self::USER_ERROR, $edit_error, 'editing an user'); } // Let's init the edit error array. $edit_error = array('error_id' => $this->getUserErrorID($error->getPhraseName()), 'error_key' => $error->getPhraseName(), 'error_field' => $error_field, 'error_phrase' => $error->render()); $this->throwError(self::USER_ERROR, $edit_error, 'editing an user'); } } else { $edit_error = array('error_id' => $edit_results['error'], 'error_key' => 'general_user_edit_error', 'error_phrase' => $edit_results['errors']); $this->throwError(self::USER_ERROR, $edit_error, 'editing an user'); // Throw error message. } } else { // Edit was successful, return results. $this->sendResponse($edit_results); } break; case 'getactions': /** * Returns the actions and their permission levels. * * EXAMPLE: * - api.php?action=getActions */ /* // TODO: Only show actions depending on what permission level the user is. $temp = array(); foreach ($this->actions as $action => $permission) { $temp[$action] = $permission; } */ // Send the response. $this->sendResponse($this->actions); break; case 'getaddon': /** * Returns the addon information depending on the 'value' argument. * * NOTE: Only addon ID's can be used for the 'value' parameter. * Addon ID's can be found by using the 'getAddons' action. * * EXAMPLE: * - api.php?action=getAddon&value=PostRating&hash=USERNAME:HASH * - api.php?action=getAddon&value=PostRating&hash=API_KEY */ if (!$this->hasRequest('value')) { // The 'value' argument has not been set, throw error. $this->throwError(3, 'value'); break; } else { if (!$this->getRequest('value')) { // Throw error if the 'value' argument is set but empty. $this->throwError(1, 'value'); break; } } $string = $this->getRequest('value'); // Try to grab the addon from XenForo. $addon = $this->getXenAPI()->getAddon($string); if (!$addon->isInstalled()) { // Could not find the addon, throw error. $this->throwError(13, $string); } else { // Addon was found, send response. $this->sendResponse(Addon::getLimitedData($addon)); } break; case 'getaddons': /** * Returns a list of addons, if a type is not specified or not supported, * default (all) is used instead. * * Options for the 'type' argument are: * - all: This is default, and will return all the addons, ignoring if they are installed or not. * - enabled: Fetches all the addons that are enabled, ignoring the disabled ones. * - disabled: Fetches all the addons that are disabled, ignoring the enabled ones. * * For more information, see /library/XenForo/Model/Alert.php. * * EXAMPLES: * - api.php?action=getAddons&hash=USERNAME:HASH * - api.php?action=getAddons&hash=API_KEY * - api.php?action=getAddons&type=enabled&hash=USERNAME:HASH * - api.php?action=getAddons&type=enabled&hash=API_KEY */ /* * Check if the request has the 'type' argument set, * if it doesn't it uses the default (all). */ if ($this->hasRequest('type')) { if (!$this->getRequest('type')) { // Throw error if the 'type' argument is set but empty. $this->throwError(1, 'type'); break; } // Use the value from the 'type' argument to get the alerts. $installed_addons = $this->xenAPI->getAddons($this->getRequest('type')); } else { // Use the default type to get the alerts. $installed_addons = $this->xenAPI->getAddons(); } // Create an array for the addons. $addons = array(); // Loop through all the addons and strip out any information that we don't need. foreach ($installed_addons as $addon) { $addons[] = Addon::getLimitedData($addon); } // Send the response. $this->sendResponse(array('count' => count($addons), 'addons' => $addons)); break; case 'getalerts': /** * Grabs the alerts from the specified user, if type is not specified, * default (recent alerts) is used instead. * * NOTE: The 'value' argument will only work for the user itself and * not on others users unless the permission argument for the * 'getalerts' action is changed (default permission: private). * * Options for the 'type' argument are: * - fetchPopupItems: Fetch alerts viewed in the last options:alertsPopupExpiryHours hours. * - fetchRecent: Fetch alerts viewed in the last options:alertExpiryDays days. * - fetchAll: Fetch alerts regardless of their view_date. * * For more information, see /library/XenForo/Model/Alert.php. * * EXAMPLES: * - api.php?action=getAlerts&hash=USERNAME:HASH * - api.php?action=getAlerts&type=fetchAll&hash=USERNAME:HASH * - api.php?action=getAlerts&value=USERNAME&hash=USERNAME:HASH * - api.php?action=getAlerts&value=USERNAME&type=fetchAll&hash=USERNAME:HASH * - api.php?action=getAlerts&value=USERNAME&hash=API_KEY * - api.php?action=getAlerts&value=USERNAME&type=fetchAll&hash=API_KEY */ /* * Check if the request has the 'type' argument set, * if it doesn't it uses the default (fetchRecent). */ if ($this->hasRequest('type')) { if (!$this->getRequest('type')) { // Throw error if the 'type' argument is set but empty. $this->throwError(1, 'type'); break; } // Use the value from the 'type' argument to get the alerts. $data = $user->getAlerts($this->getRequest('type')); } else { // Use the default type to get the alerts. $data = $user->getAlerts(); } // Send the response. $this->sendResponse($data); break; case 'getavatar': /** * Returns the avatar of the requested user. * * Options for the 'size' argument are: * - s (Small) * - m (Medium) * - l (Large) * * NOTE: The default avatar size is 'Medium'. * * EXAMPLES: * - api.php?action=getAvatar&hash=USERNAME:HASH * - api.php?action=getAvatar&size=M&hash=USERNAME:HASH * - api.php?action=getAvatar&value=USERNAME&hash=USERNAME:HASH * - api.php?action=getAvatar&value=USERNAME&size=M&hash=USERNAME:HASH * - api.php?action=getAvatar&value=USERNAME&hash=API_KEY * - api.php?action=getAvatar&value=USERNAME&size=M&hash=API_KEY */ if ($this->hasRequest('size')) { if (!$this->getRequest('size')) { // Throw error if the 'size' argument is set but empty. $this->throwError(1, 'size'); break; } // Use the value from the 'size' argument. $size = strtolower($this->getRequest('size')); if (!in_array($size, array('s', 'm', 'l'))) { /** * The value from the 'size' argument was not valid, * use default size (medium) instead. */ $size = 'm'; } } else { // No specific size was requested, use default size (medium): $size = 'm'; } // Send the response. $this->sendResponse(array('avatar' => $user->getAvatar($size))); break; case 'getconversation': if (!$this->hasRequest('conversation_id')) { // The 'conversation_id' argument has not been set, throw error. $this->throwError(3, 'conversation_id'); break; } else { if (!$this->getRequest('conversation_id')) { // Throw error if the 'conversation_id' argument is set but empty. $this->throwError(1, 'conversation_id'); break; } } // Try to grab the thread from XenForo. $conversation = $this->getXenAPI()->getConversation($this->getRequest('conversation_id'), $user, array('join' => XenForo_Model_Conversation::FETCH_FIRST_MESSAGE)); if ($conversation == NULL) { // Could not find the conversation, throw error. $this->throwError(19, 'conversation', $this->getRequest('conversation_id')); } // Send the response. $this->sendResponse($conversation); case 'getgroup': /** * Returns the group information depending on the 'value' argument. * * NOTE: Only group titles, user titles and group ID's can be used for the 'value' parameter. * * EXAMPLE: * - api.php?action=getGroup&value=1 * - api.php?action=getGroup&value=Guest */ if (!$this->hasRequest('value')) { // The 'value' argument has not been set, throw error. $this->throwError(3, 'value'); break; } else { if (!$this->getRequest('value')) { // Throw error if the 'value' argument is set but empty. $this->throwError(1, 'value'); break; } } $string = $this->getRequest('value'); // Get the group from XenForo. $group = $this->getXenAPI()->getGroup($string); if (!$group) { // Could not find any groups, throw error. $this->throwError(4, 'group', $string); } else { // Group was found, send response. $this->sendResponse($group); } break; case 'getconversations': /** * Grabs the conversations from the specified user. * * NOTE: The 'value' argument will only work for the user itself and * not on others users unless the permission argument for the * 'getconversations' action is changed (default permission: private). * * EXAMPLES: * - api.php?action=getConversations&hash=USERNAME:HASH * - api.php?action=getConversations&value=USERNAME&hash=USERNAME:HASH * - api.php?action=getConversations&value=USERNAME&hash=API_KEY */ // Init variables. $conditions = array(); $this->setLimit(10); $fetch_options = array('limit' => $this->limit, 'join' => XenForo_Model_Conversation::FETCH_FIRST_MESSAGE); // Grab the conversations. $conversations = $this->getXenAPI()->getConversations($user, $conditions, $fetch_options); // Send the response. $this->sendResponse(array('count' => count($conversations), 'conversations' => $conversations)); break; case 'getgroup': /** * Returns the group information depending on the 'value' argument. * * NOTE: Only group titles, user titles and group ID's can be used for the 'value' parameter. * * EXAMPLE: * - api.php?action=getGroup&value=1 * - api.php?action=getGroup&value=Guest */ if (!$this->hasRequest('value')) { // The 'value' argument has not been set, throw error. $this->throwError(3, 'value'); break; } else { if (!$this->getRequest('value')) { // Throw error if the 'value' argument is set but empty. $this->throwError(1, 'value'); break; } } $string = $this->getRequest('value'); // Get the group from XenForo. $group = $this->getXenAPI()->getGroup($string); if (!$group) { // Could not find any groups, throw error. $this->throwError(4, 'group', $string); } else { // Group was found, send response. $this->sendResponse($group); } break; case 'getnode': /** * Returns the node information depending on the 'value' argument. * * NOTE: Only node ID's can be used for the 'value' parameter. * Node ID's can be found by using the 'getNodes' action. * * The user needs permission to see the thread if the request is * using a user hash and not an API key. * * EXAMPLE: * - api.php?action=getNode&value=4&hash=USERNAME:HASH * - api.php?action=getNode&value=4&hash=API_KEY */ if (!$this->hasRequest('value')) { // The 'value' argument has not been set, throw error. $this->throwError(3, 'value'); break; } else { if (!$this->getRequest('value')) { // Throw error if the 'value' argument is set but empty. $this->throwError(1, 'value'); break; } } $string = $this->getRequest('value'); // Try to grab the node from XenForo. $node = $this->getXenAPI()->getNode($string); if ($node == NULL) { // Could not find the node, throw error. $this->throwError(19, 'node', $string); } else { if (!$this->hasAPIKey() && !$this->getXenAPI()->canViewNode($this->getUser(), $node)) { if (isset($this->grab_as)) { // Thread was found but the 'grab_as' user is not permitted to view the node. $this->throwError(20, $this->getUser()->getUsername() . ' does', 'this node'); } else { // Thread was found but the user is not permitted to view the node. $this->throwError(20, 'You do', 'this node'); } } else { if ($this->hasAPIKey() && isset($this->grab_as) && !$this->getXenAPI()->canViewNode($this->getUser(), $node)) { // Thread was found but the 'grab_as' user is not permitted to view the node. $this->throwError(20, $this->getUser()->getUsername() . ' does', 'this node'); } else { // Thread was found, and the request was permitted. $this->sendResponse($node); } } } break; case 'getnodes': /** * Returns a list of nodes. * * EXAMPLES: * - api.php?action=getNodes&hash=USERNAME:HASH * - api.php?action=getNodes&hash=API_KEY */ // Init variables. $this->setLimit(10); $fetch_options = array('limit' => $this->limit); // Check if request has node_type. if ($this->hasRequest('node_type')) { if (!$this->getRequest('node_type')) { // Throw error if the 'node_type' argument is set but empty. $this->throwError(1, 'node_type'); } // Set the node_type. $node_type = strtolower($this->getRequest('node_type')); // Check if the node type that is set exists. if (!in_array($node_type, $this->getXenAPI()->getNodeTypes()) && $node_type != 'all') { // Node type could not be found in the node type list, throw error. $this->throwError(23, $this->getRequest('node_type'), implode(', ', $this->getXenAPI()->getNodeTypes())); } } else { $node_type = 'all'; } // Get the nodes. $nodes = $this->getXenAPI()->getNodes($node_type, $fetch_options, $this->getUser()); // Send the response. $this->sendResponse(array('count' => count($nodes), 'nodes' => $nodes)); case 'getpost': /** * Returns the post information depending on the 'value' argument. * * NOTE: Only post ID's can be used for the 'value' parameter. * Post ID's can be found by using the 'getPosts' action. * * The user needs permission to see the thread if the request is * using a user hash and not an API key. * * EXAMPLE: * - api.php?action=getPost&value=820&hash=USERNAME:HASH * - api.php?action=getPost&value=820&hash=API_KEY */ if (!$this->hasRequest('value')) { // The 'value' argument has not been set, throw error. $this->throwError(3, 'value'); break; } else { if (!$this->getRequest('value')) { // Throw error if the 'value' argument is set but empty. $this->throwError(1, 'value'); break; } } $string = $this->getRequest('value'); // Try to grab the post from XenForo. $post = $this->getXenAPI()->getPost($string, array('join' => XenForo_Model_Post::FETCH_FORUM)); if ($post == NULL) { // Could not find the post, throw error. $this->throwError(19, 'post', $string); } else { if (!$this->hasAPIKey() && !$this->getXenAPI()->canViewPost($this->getUser(), $post)) { if (isset($this->grab_as)) { // Post was found but the 'grab_as' user is not permitted to view the post. $this->throwError(20, $this->getUser()->getUsername() . ' does', 'this post'); } else { // Post was found but the user is not permitted to view the post. $this->throwError(20, 'You do', 'this post'); } } else { if ($this->hasAPIKey() && isset($this->grab_as) && !$this->getXenAPI()->canViewPost($this->getUser(), $post)) { // Post was found but the 'grab_as' user is not permitted to view the post. $this->throwError(20, $this->getUser()->getUsername() . ' does', 'this post'); } else { // Post was found, and the request was permitted. $this->sendResponse($post); } } } break; case 'getposts': /** * Returns a list of posts. * * NOTE: Only usernames and user ID's can be used for the 'author' parameter. * * EXAMPLES: * - api.php?action=getPosts&hash=USERNAME:HASH * - api.php?action=getPosts&hash=API_KEY * - api.php?action=getPosts&author=Contex&hash=USERNAME:HASH * - api.php?action=getPosts&author=1&hash=API_KEY */ // Init variables. $conditions = array(); $this->setLimit(10); $fetch_options = array('limit' => $this->limit); // Check if request has author. if ($this->hasRequest('author')) { if (!$this->getRequest('author')) { // Throw error if the 'author' argument is set but empty. $this->throwError(1, 'author'); break; } // Grab the user object of the author. $user = $this->xenAPI->getUser($this->getRequest('author')); if (!$user->isRegistered()) { // Throw error if the 'author' user is not registered. $this->throwError(4, 'user', $this->getRequest('author')); break; } // Add the user ID to the query conditions. $conditions['user_id'] = $user->getID(); unset($user); } // Check if request has node id. if ($this->hasRequest('node_id')) { if (!$this->getRequest('node_id') && (is_numeric($this->getRequest('node_id')) && $this->getRequest('node_id') != 0)) { // Throw error if the 'node_id' argument is set but empty. $this->throwError(1, 'node_id'); } else { if (!is_numeric($this->getRequest('node_id'))) { // Throw error if the 'node_id' argument is set but not a number. $this->throwError(21, 'node_id'); } } if (!$this->xenAPI->getNode($this->getRequest('node_id'))) { // Could not find any nodes, throw error. $this->throwError(4, 'node', $this->getRequest('node_id')); } // Add the node ID to the query conditions. $conditions['node_id'] = $this->getRequest('node_id'); } // Check if request has thread id. if ($this->hasRequest('thread_id')) { if (!$this->getRequest('thread_id') && (is_numeric($this->getRequest('thread_id')) && $this->getRequest('thread_id') != 0)) { // Throw error if the 'thread_id' argument is set but empty. $this->throwError(1, 'thread_id'); } else { if (!is_numeric($this->getRequest('thread_id'))) { // Throw error if the 'thread_id' argument is set but not a number. $this->throwError(21, 'thread_id'); } } if (!$this->xenAPI->getThread($this->getRequest('thread_id'))) { // Could not find any threads, throw error. $this->throwError(4, 'thread_id', $this->getRequest('thread_id')); } // Add the node ID to the query conditions. $conditions['thread_id'] = $this->getRequest('thread_id'); } // Check if the order by argument is set. $order_by_field = $this->checkOrderBy(array('post_id', 'thread_id', 'user_id', 'username', 'post_date', 'attach_count', 'likes', 'node_id')); // Add the order by options to the fetch options. if ($this->hasRequest('order_by')) { $fetch_options['order'] = $order_by_field; $fetch_options['orderDirection'] = $this->order; } // Get the posts. $posts = $this->getXenAPI()->getPosts($conditions, $fetch_options, $this->getUser()); // Send the response. $this->sendResponse(array('count' => count($posts), 'posts' => $posts)); case 'getprofilepost': /** * Returns the profile post information depending on the 'value' argument. * * NOTE: Only profile post ID's can be used for the 'value' parameter. * Profile post ID's can be found by using the 'getProfilePosts' action. * * The user needs permission to see the profile post if the request is * using a user hash and not an API key. * * EXAMPLE: * - api.php?action=getProfilePost&value=820&hash=USERNAME:HASH * - api.php?action=getProfilePost&value=820&hash=API_KEY */ if (!$this->hasRequest('value')) { // The 'value' argument has not been set, throw error. $this->throwError(3, 'value'); break; } else { if (!$this->getRequest('value')) { // Throw error if the 'value' argument is set but empty. $this->throwError(1, 'value'); break; } } $string = $this->getRequest('value'); // Try to grab the profile post from XenForo. $profile_post = $this->getXenAPI()->getProfilePost($string); if ($profile_post == NULL) { // Could not find the profile post, throw error. $this->throwError(19, 'profile post', $string); } else { if (!$this->hasAPIKey() && !$this->getXenAPI()->canViewProfilePost($this->getUser(), $profile_post)) { if (isset($this->grab_as)) { // Thread was found but the 'grab_as' user is not permitted to view the thread. $this->throwError(20, $this->getUser()->getUsername() . ' does', 'this profile post'); } else { // Thread was found but the user is not permitted to view the profile post. $this->throwError(20, 'You do', 'this profile post'); } } else { if ($this->hasAPIKey() && isset($this->grab_as) && !$this->getXenAPI()->canViewProfilePost($this->getUser(), $profile_post)) { // Thread was found but the 'grab_as' user is not permitted to view the profile post. $this->throwError(20, $this->getUser()->getUsername() . ' does', 'this profile post'); } else { // Post was found, and the request was permitted. $this->sendResponse($profile_post); } } } break; case 'getprofileposts': /** * Returns a list of profile posts. * * NOTE: Only usernames and user ID's can be used for the 'author' parameter. * * EXAMPLES: * - api.php?action=getProfilePosts&hash=USERNAME:HASH * - api.php?action=getProfilePosts&hash=API_KEY * - api.php?action=getProfilePosts&author=Contex&hash=USERNAME:HASH * - api.php?action=getProfilePosts&author=1&hash=API_KEY */ // Init variables. $conditions = array(); $this->setLimit(10); $fetch_options = array('limit' => $this->limit); // Check if request has author. if ($this->hasRequest('author')) { if (!$this->getRequest('author')) { // Throw error if the 'author' argument is set but empty. $this->throwError(1, 'author'); break; } // Grab the user object of the author. $user = $this->xenAPI->getUser($this->getRequest('author')); if (!$user->isRegistered()) { // Throw error if the 'author' user is not registered. $this->throwError(4, 'user', $this->getRequest('author')); break; } // Add the user ID to the query conditions. $conditions['author_id'] = $user->getID(); unset($user); } // Check if request has profile user. if ($this->hasRequest('profile')) { if (!$this->getRequest('profile')) { // Throw error if the 'profile' argument is set but empty. $this->throwError(1, 'profile'); break; } // Grab the user object of the profile. $user = $this->xenAPI->getUser($this->getRequest('profile')); if (!$user->isRegistered()) { // Throw error if the 'author' user is not registered. $this->throwError(4, 'user', $this->getRequest('profile')); break; } // Add the user ID to the query conditions. $conditions['profile_id'] = $user->getID(); unset($user); } // Check if the order by argument is set. $order_by_field = $this->checkOrderBy(array('profile_post_id', 'profile_user_id', 'user_id', 'username', 'post_date', 'attach_count', 'likes', 'comment_count', 'first_comment_date', 'last_comment_date')); // Add the order by options to the fetch options. if ($this->hasRequest('order_by')) { $fetch_options['order'] = $order_by_field; $fetch_options['orderDirection'] = $this->order; } // Get the profile posts. $profile_posts = $this->getXenAPI()->getProfilePosts($conditions, $fetch_options, $this->getUser()); // Send the response. $this->sendResponse(array('count' => count($profile_posts), 'profile_posts' => $profile_posts)); case 'getresource': /** * Returns the resource information depending on the 'value' argument. * * NOTE: Only resource ID's can be used for the 'value' parameter. * Resource ID's can be found by using the 'getResources' action. * * EXAMPLE: * - api.php?action=getResource&value=1&hash=USERNAME:HASH * - api.php?action=getResource&value=1&hash=API_KEY */ /* * Check the resource addon is installed */ if (!$this->getXenAPI()->getModels()->hasModel('resource')) { $this->throwError(16, 'resource'); break; } $fetchOptions = array(); /* * Check if the request has the 'grab_description' argument set. */ if ($this->hasRequest('grab_description')) { // Grab resources with description $fetchOptions['join'] = XenResource_Model_Resource::FETCH_DESCRIPTION; } if (!$this->hasRequest('value')) { // The 'value' argument has not been set, throw error. $this->throwError(3, 'value'); break; } else { if (!$this->getRequest('value')) { // Throw error if the 'value' argument is set but empty. $this->throwError(1, 'value'); break; } } $string = $this->getRequest('value'); // Try to grab the addon from XenForo. $resource = $this->getXenAPI()->getResource($string, $fetchOptions); if (!$resource->isValid()) { // Could not find the resource, throw error. $this->throwError(15, $string); } else { // Resource was found, send response. $this->sendResponse(Resource::getLimitedData($resource)); } break; case 'getresources': /** * Returns a list of resources, either all the resources, * or just the resources created by an author. * * NOTE: Only usernames and user ID's can be used for the 'author' parameter. * NOTE: Only resource category ID's can be used for the 'category_id' parameter. * * EXAMPLES: * - api.php?action=getResources&hash=USERNAME:HASH * - api.php?action=getResources&hash=API_KEY * - api.php?action=getResources&author=Contex&hash=USERNAME:HASH * - api.php?action=getResources&author=1&hash=API_KEY * - api.php?action=getResources&author=Contex&category_id=1&hash=USERNAME:HASH * - api.php?action=getResources&author=1&category_id=2&hash=API_KEY */ /* * Check the resource addon is installed */ if (!$this->getXenAPI()->getModels()->hasModel('resource')) { $this->throwError(16, 'resource'); break; } $conditions = array(); $fetchOptions = array(); /* * Check if the request has the 'grab_description' argument set. */ if ($this->hasRequest('grab_description')) { // Grab resources with description $fetchOptions['join'] = XenResource_Model_Resource::FETCH_DESCRIPTION; } /* * Check if the request has the 'category_id' argument set. */ if ($this->hasRequest('category_id')) { if (!$this->getRequest('category_id')) { // Throw error if the 'category_id' argument is set but empty. $this->throwError(1, 'category_id'); break; } // Use the value from the 'category_id' argument to set the variables. $conditions['resource_category_id'] = $this->getRequest('category_id'); } /* * Check if the request has the 'author' argument set, * if it doesn't it uses the default (all). */ if ($this->hasRequest('author')) { if (!$this->getRequest('author')) { // Throw error if the 'author' argument is set but empty. $this->throwError(1, 'author'); break; } // Create a user variable with the 'author' argument. $user = $this->xenAPI->getUser($this->getRequest('author')); if (!$user->isRegistered()) { // Throw error if the 'author' user is not registered. $this->throwError(4, 'user', $this->getRequest('author')); break; } // Use the value from the 'author' argument to set the variables. $conditions['user_id'] = $user->getID(); } $resources_list = $this->getXenAPI()->getResources($conditions, $fetchOptions); // Create an array for the resources. $resources = array(); // Loop through all the resources and strip out any information that we don't need. foreach ($resources_list as $resource) { $resources[] = Resource::getLimitedData($resource); } // Send the response. $this->sendResponse(array('count' => count($resources), 'resources' => $resources)); case 'getresourcecategories': /** * Returns a list of resource categories * * EXAMPLES: * - api.php?action=getResourceCategories&hash=USERNAME:HASH * - api.php?action=getResourceCategories&hash=API_KEY */ /* * Check the resource addon is installed */ if (!$this->getXenAPI()->getModels()->hasModel('resource')) { $this->throwError(16, 'resource'); break; } // Grab the resource categories. $resource_categories = $this->getXenAPI()->getResourceCategories(); // Send the response. $this->sendResponse(array('count' => count($resource_categories), 'categories' => $resource_categories)); case 'getstats': /** * Returns a summary of stats. * * NOTE: "include_deleted" will count the deleted posts/threads as well * * EXAMPLE: * - api.php?action=getStats * - api.php?action=getStats&include_deleted */ $latest_user = $this->xenAPI->getLatestUser(); if (!$this->hasRequest('include_deleted')) { $include_deleted = TRUE; } else { $include_deleted = FALSE; } $this->sendResponse(array('threads' => $this->xenAPI->getStatsItem('threads', $include_deleted), 'posts' => $this->xenAPI->getStatsItem('posts', $include_deleted), 'conversations' => $this->xenAPI->getStatsItem('conversations', $include_deleted), 'conversations_messages' => $this->xenAPI->getStatsItem('conversations_messages', $include_deleted), 'members' => $this->xenAPI->getStatsItem('users', $include_deleted), 'latest_member' => array('user_id' => $latest_user->getID(), 'username' => $latest_user->getUsername()), 'registrations_today' => $this->xenAPI->getStatsItem('registrations_today', $include_deleted), 'threads_today' => $this->xenAPI->getStatsItem('threads_today', $include_deleted), 'posts_today' => $this->xenAPI->getStatsItem('posts_today', $include_deleted), 'users_online' => $this->xenAPI->getUsersOnlineCount($this->getUser()))); break; case 'getthread': /** * Returns the thread information depending on the 'value' argument. * * NOTE: Only thread ID's can be used for the 'value' parameter. * Thread ID's can be found by using the 'getThreads' action. * * The user needs permission to see the thread if the request is * using a user hash and not an API key. * * EXAMPLE: * - api.php?action=getThread&value=820&hash=USERNAME:HASH * - api.php?action=getThread&value=820&hash=API_KEY */ $fetchOptions = array(); if (!$this->hasRequest('value')) { // The 'value' argument has not been set, throw error. $this->throwError(3, 'value'); break; } else { if (!$this->getRequest('value')) { // Throw error if the 'value' argument is set but empty. $this->throwError(1, 'value'); break; } } $string = $this->getRequest('value'); // Check if request has grab_content. if ($this->hasRequest('grab_content')) { $fetchOptions['grab_content'] = TRUE; // Check if request has content_limit. if ($this->hasRequest('content_limit')) { if (!$this->getRequest('content_limit') && (is_numeric($this->getRequest('content_limit')) && $this->getRequest('content_limit') != 0)) { // Throw error if the 'content_limit' argument is set but empty. $this->throwError(1, 'content_limit'); break; } else { if (!is_numeric($this->getRequest('content_limit'))) { // Throw error if the 'content_limit' argument is set but not a number. $this->throwError(21, 'content_limit'); } } $fetchOptions['content_limit'] = $this->getRequest('content_limit'); } } // Try to grab the thread from XenForo. $thread = $this->getXenAPI()->getThread($string, $fetchOptions, $this->getUser()); if ($thread === NULL) { // Could not find the thread, throw error. $this->throwError(19, 'thread', $string); } else { if (!$this->hasAPIKey() && !$this->getXenAPI()->canViewThread($this->getUser(), $thread)) { if (isset($this->grab_as)) { // Thread was found but the 'grab_as' user is not permitted to view the thread. $this->throwError(20, $this->getUser()->getUsername() . ' does', 'this thread'); } else { // Thread was found but the user is not permitted to view the thread. $this->throwError(20, 'You do', 'this thread'); } } else { if ($this->hasAPIKey() && isset($this->grab_as) && !$this->getXenAPI()->canViewThread($this->getUser(), $thread)) { // Thread was found but the 'grab_as' user is not permitted to view the thread. $this->throwError(20, $this->getUser()->getUsername() . ' does', 'this thread'); } else { // Thread was found, and the request was permitted. $this->sendResponse($thread); } } } break; case 'getthreads': /** * Returns a list of threads. * * NOTE: Only usernames and user ID's can be used for the 'author' parameter. * * EXAMPLES: * - api.php?action=getThreads&hash=USERNAME:HASH * - api.php?action=getThreads&hash=API_KEY * - api.php?action=getThreads&author=Contex&hash=USERNAME:HASH * - api.php?action=getThreads&author=1&hash=API_KEY */ // Init variables. $conditions = array(); $this->setLimit(10); $fetch_options = array('limit' => $this->limit); // Check if request has author. if ($this->hasRequest('author')) { if (!$this->getRequest('author')) { // Throw error if the 'author' argument is set but empty. $this->throwError(1, 'author'); break; } // Grab the user object of the author. $user = $this->xenAPI->getUser($this->getRequest('author')); if (!$user->isRegistered()) { // Throw error if the 'author' user is not registered. $this->throwError(4, 'user', $this->getRequest('author')); break; } // Add the user ID to the query conditions. $conditions['user_id'] = $user->getID(); unset($user); } // Check if request has author. if ($this->hasRequest('node_id')) { if (!$this->getRequest('node_id') && (is_numeric($this->getRequest('node_id')) && $this->getRequest('node_id') != 0)) { // Throw error if the 'node_id' argument is set but empty. $this->throwError(1, 'node_id'); } else { if (!is_numeric($this->getRequest('node_id'))) { // Throw error if the 'limit' argument is set but not a number. $this->throwError(21, 'node_id'); } } if (!$this->xenAPI->getNode($this->getRequest('node_id'))) { // Could not find any nodes, throw error. $this->throwError(4, 'node', $this->getRequest('node_id')); } // Add the node ID to the query conditions. $conditions['node_id'] = $this->getRequest('node_id'); } // Check if request has grab_content. if ($this->hasRequest('grab_content')) { $fetch_options['grab_content'] = TRUE; // Check if request has content_limit. if ($this->hasRequest('content_limit')) { if (!$this->getRequest('content_limit') && (is_numeric($this->getRequest('content_limit')) && $this->getRequest('content_limit') != 0)) { // Throw error if the 'content_limit' argument is set but empty. $this->throwError(1, 'content_limit'); break; } else { if (!is_numeric($this->getRequest('content_limit'))) { // Throw error if the 'content_limit' argument is set but not a number. $this->throwError(21, 'content_limit'); } } $fetch_options['content_limit'] = $this->getRequest('content_limit'); } } // Check if the order by argument is set. $order_by_field = $this->checkOrderBy(array('title', 'post_date', 'view_count', 'reply_count', 'first_post_likes', 'last_post_date')); // Add the order by options to the fetch options. if ($this->hasRequest('order_by')) { $fetch_options['order'] = $order_by_field; $fetch_options['orderDirection'] = $this->order; } // Get the threads. $threads = $this->getXenAPI()->getThreads($conditions, $fetch_options, $this->getUser()); // Send the response. $this->sendResponse(array('count' => count($threads), 'threads' => $threads)); case 'getuser': /** * Grabs and returns an user object. * * EXAMPLES: * - api.php?action=getUser&hash=USERNAME:HASH * - api.php?action=getUser&value=USERNAME&hash=USERNAME:HASH * - api.php?action=getUser&value=USERNAME&hash=API_KEY */ $data = $user->getData(); /* * Run through an additional permission check if the request is * not using an API key, unset some variables depending on the * user level. */ if (!$this->hasAPIKey()) { // Unset variables since the API key isn't used. if (isset($data['style_id'])) { unset($data['style_id']); } if (isset($data['display_style_group_id'])) { unset($data['display_style_group_id']); } if (isset($data['permission_combination_id'])) { unset($data['permission_combination_id']); } if (!$this->getUser()->isAdmin()) { // Unset variables if user is not an admin. if (isset($data['is_banned'])) { unset($data['is_banned']); } } if (!$this->getUser()->isModerator() && $this->getUser()->getID() != $user->getID()) { // Unset variables if user is not a moderator. if (isset($data['user_state'])) { unset($data['user_state']); } if (isset($data['visible'])) { unset($data['visible']); } if (isset($data['email'])) { unset($data['email']); } if (isset($data['custom_fields'])) { unset($data['custom_fields']); } } if ($this->getUser()->getID() != $user->getID()) { // Unset variables if user does not equal the requested user by the 'value' argument. if (isset($data['language_id'])) { unset($data['language_id']); } if (isset($data['message_count'])) { unset($data['message_count']); } if (isset($data['conversations_unread'])) { unset($data['conversations_unread']); } if (isset($data['alerts_unread'])) { unset($data['alerts_unread']); } } } // Send the response. $this->sendResponse($data); break; case 'getusers': /** * Searches through the usernames depending on the input. * * NOTE: Asterisk (*) can be used as a wildcard. * * EXAMPLE: * - api.php?action=getUsers&value=Contex * - api.php?action=getUsers&value=Cont* * - api.php?action=getUsers&value=C* */ if ($this->hasRequest('value')) { // Request has value. if (!$this->getRequest('value')) { // Throw error if the 'value' argument is set but empty. $this->throwError(1, 'value'); break; } // Replace the wildcard with '%' for the SQL query. $string = str_replace('*', '%', $this->getRequest('value')); } else { if (!$this->hasRequest('order_by')) { // Nor the 'value' argument or the 'order_by' argument has been set, throw error. $this->throwError(3, 'value'); break; } } // Check if the order by argument is set. $order_by_field = $this->checkOrderBy(array('user_id', 'message_count', 'conversations_unread', 'register_date', 'last_activity', 'trophy_points', 'alerts_unread', 'like_count')); // Perform the SQL query and grab all the usernames and user id's. $results = $this->xenAPI->getDatabase()->fetchAll("SELECT `user_id`, `username`" . ($this->hasRequest('order_by') ? ", `{$order_by_field}`" : '') . " FROM `xf_user`" . ($this->hasRequest('value') ? " WHERE `username` LIKE '{$string}'" : '') . ($this->hasRequest('order_by') ? " ORDER BY `{$order_by_field}` " . $this->order : '') . ($this->limit > 0 ? ' LIMIT ' . $this->limit : '')); // Send the response. $this->sendResponse($results); break; case 'getuserupgrade': /** * TODO * * EXAMPLES: */ if (!$this->hasRequest('id')) { // The 'id' argument has not been set, throw error. $this->throwError(3, 'id'); break; } else { if (!$this->getRequest('id')) { // Throw error if the 'id' argument is set but empty. $this->throwError(1, 'id'); break; } } $user_upgrade = $this->getXenAPI()->getUserUpgrade($this->getRequest('id')); if (!$user_upgrade) { $this->throwError(4, 'user upgrade', $this->getRequest('id')); break; } // Send the response. $this->sendResponse($user_upgrade); case 'getuserupgrades': /** * TODO * * EXAMPLES: */ $user = NULL; if ($this->hasRequest('user')) { if (!$this->getRequest('user')) { // Throw error if the 'user' argument is set but empty. $this->throwError(1, 'user'); } $user = $this->getXenAPI()->getUser($this->getRequest('user')); if (!$user->isRegistered()) { // Requested user was not registered, throw error. $this->throwError(4, 'user', $this->getRequest('user')); } } $user_upgrades = $this->getXenAPI()->getUserUpgrades($user); if (!$user_upgrades && $this->hasRequest('user')) { $this->throwError(4, 'user upgrades', $this->getRequest('user')); } // Send the response. $this->sendResponse($user_upgrades); case 'downgradeuser': if (!$this->hasRequest('user')) { // The 'user' argument has not been set, throw error. $this->throwError(3, 'user'); } else { if (!$this->getRequest('user')) { // Throw error if the 'user' argument is set but empty. $this->throwError(1, 'user'); } } $user = $this->getXenAPI()->getUser($this->getRequest('user')); if (!$user->isRegistered()) { // Requested user was not registered, throw error. $this->throwError(4, 'user', $this->getRequest('user')); } if (!$this->hasRequest('upgrade_id')) { // The 'upgrade_id' argument has not been set, throw error. $this->throwError(3, 'upgrade_id'); } else { if (!$this->getRequest('upgrade_id')) { // Throw error if the 'upgrade_id' argument is set but empty. $this->throwError(1, 'upgrade_id'); } } $user_upgrades = $this->getXenAPI()->getUserUpgrades($user); if (!$user_upgrades && $this->hasRequest('user')) { $this->throwError(4, 'user upgrades', $this->getRequest('user')); } $user_upgrade_object = NULL; foreach ($user_upgrades as $user_upgrade) { if ($user_upgrade['user_upgrade_id'] == $this->getRequest('upgrade_id')) { $user_upgrade_object = $user_upgrade; } } if ($user_upgrade_object === NULL) { $this->throwError(4, 'user upgrade', $this->getRequest('upgrade_id')); } $record = $this->getXenAPI()->getUserUpgradeRecord($user_upgrade_object['user_upgrade_record_id']); $this->getXenAPI()->downgradeUserUpgrade($record); // Recheck upgrades to see if the user was downgraded. $user_upgrades = $this->getXenAPI()->getUserUpgrades($user); $user_upgrade_object = NULL; foreach ($user_upgrades as $user_upgrade) { if ($user_upgrade['user_upgrade_id'] == $this->getRequest('upgrade_id')) { $user_upgrade_object = $user_upgrade; } } if ($user_upgrade_object === NULL) { $this->sendResponse(array('success' => TRUE)); } else { $this->sendResponse(array('success' => FALSE)); } case 'upgradeuser': if (!$this->hasRequest('user')) { // The 'user' argument has not been set, throw error. $this->throwError(3, 'user'); } else { if (!$this->getRequest('user')) { // Throw error if the 'user' argument is set but empty. $this->throwError(1, 'user'); } } $user = $this->getXenAPI()->getUser($this->getRequest('user')); if (!$user->isRegistered()) { // Requested user was not registered, throw error. $this->throwError(4, 'user', $this->getRequest('user')); } if (!$this->hasRequest('id')) { // The 'id' argument has not been set, throw error. $this->throwError(3, 'id'); } else { if (!$this->getRequest('id')) { // Throw error if the 'id' argument is set but empty. $this->throwError(1, 'id'); } } $upgrade = $this->getXenAPI()->getUserUpgrade($this->getRequest('id')); if (!$upgrade) { $this->throwError(4, 'user upgrade', $this->getRequest('id')); } $end_date = NULL; if ($this->hasRequest('end_date')) { // Request has end_date. if (!$this->getRequest('end_date')) { // Throw error if the 'end_date' argument is set but empty. $this->throwError(1, 'end_date'); } // Set the language id of the registration. $end_date = $this->getRequest('end_date'); if (!((string) (int) $this->getRequest('end_date') === $this->getRequest('end_date') && $this->getRequest('end_date') <= PHP_INT_MAX && $this->getRequest('end_date') >= ~PHP_INT_MAX)) { $this->throwError(6, $this->getRequest('end_date'), 'unix timestamp'); } } $record_id = $this->getXenAPI()->upgradeUser($user, $upgrade, TRUE, $end_date); $record = $this->getXenAPI()->getUserUpgradeRecord($record_id); $return = array(); if (is_int($record_id)) { $return['result'] = 'exists'; } else { $return['result'] = 'new'; } $return['record'] = $record; $this->sendResponse($return); case 'login': /** * Logins the user. * * EXAMPLE: * - api.php?action=login&username=USERNAME&password=PASSWORD */ if (!$this->hasRequest('username')) { // The 'username' argument has not been set, throw error. $this->throwError(3, 'username'); break; } else { if (!$this->getRequest('username')) { // Throw error if the 'username' argument is set but empty. $this->throwError(1, 'username'); break; } else { if (!$this->hasRequest('password')) { // The 'password' argument has not been set, throw error. $this->throwError(3, 'password'); break; } else { if (!$this->getRequest('password')) { // Throw error if the 'password' argument is set but empty. $this->throwError(1, 'password'); break; } else { if (!$this->hasRequest('ip_address')) { // The 'ip_address' argument has not been set, throw error. $this->throwError(3, 'ip_address'); break; } else { if (!$this->getRequest('ip_address')) { // Throw error if the 'ip_address' argument is set but empty. $this->throwError(1, 'ip_address'); break; } } } } } } // Get the user object. $user = $this->xenAPI->getUser($this->getRequest('username')); if (!$user->isRegistered()) { // Requested user was not registered, throw error. $this->throwError(4, 'user', $this->getRequest('username')); } else { // Requested user was registered, check authentication. if ($user->validateAuthentication($this->getRequest('password'))) { // Authentication was valid, grab the user's authentication record. $record = $user->getAuthenticationRecord(); $ddata = unserialize($record['data']); // Start session and saves the session to the database $session = $this->getXenAPI()->login($user->getID(), $user->getUsername(), XenForo_Helper_Ip::convertIpStringToBinary($this->getRequest('ip_address'))); $cookie_domain = XenForo_Application::get('config')->cookie->domain; // Check if cookie domain is empty, grab board url and use its domain if it is empty if (empty($cookie_domain)) { $url = XenForo_Application::getOptions()->boardUrl; $parse = parse_url($url); $cookie_domain = $parse['host']; } // Return data required for creating cookie $this->sendResponse(array('hash' => base64_encode($ddata['hash']), 'cookie_name' => XenForo_Application::get('config')->cookie->prefix . 'session', 'cookie_id' => $session->getSessionId(), 'cookie_path' => XenForo_Application::get('config')->cookie->path, 'cookie_domain' => $cookie_domain, 'cookie_expiration' => 0, 'cookie_secure' => XenForo_Application::$secure)); } else { // The username or password was wrong, throw error. $this->throwError(5, 'Invalid username or password!'); } } break; case 'register': /** * Registers a user. */ // Init user array. $user_data = array(); // Array of required parameters. $required_parameters = array('username', 'password', 'email'); // Array of additional parameters. $additional_parameters = array('timezone', 'gender', 'dob_day', 'dob_month', 'dob_year', 'ip_address'); foreach ($required_parameters as $required_parameter) { // Check if the required parameter is set and not empty. $this->checkRequestParameter($required_parameter); // Set the request value. $user_data[$required_parameter] = $this->getRequest($required_parameter); } foreach ($additional_parameters as $additional_parameter) { // Check if the additional parameter is set and not empty. $this->checkRequestParameter($additional_parameter, FALSE); if ($this->getRequest($additional_parameter)) { // Set the request value. $user_data[$additional_parameter] = $this->getRequest($additional_parameter); } } if ($this->hasRequest('group')) { // Request has value. if (!$this->getRequest('group')) { // Throw error if the 'group' argument is set but empty. $this->throwError(1, 'group'); break; } $group = $this->getXenAPI()->getGroup($this->getRequest('group')); if (!$group) { $registration_error = array('error_id' => 2, 'error_key' => 'group_not_found', 'error_field' => 'group', 'error_phrase' => 'Could not find group with parameter "' . $this->getRequest('group') . '"'); $this->throwError(self::USER_ERROR, $registration_error, 'registering a new user'); } // Set the group id of the registration. $user_data['group_id'] = $group['user_group_id']; } if ($this->hasRequest('custom_fields')) { // Request has value. if (!$this->getRequest('custom_fields')) { // Throw error if the 'custom_fields' argument is set but empty. $this->throwError(1, 'custom_fields'); break; } $custom_fields = $this->getCustomArray($this->getRequest('custom_fields')); // Check if we found any valid custom fields, throw error if not. if (count($custom_fields) == 0) { // The custom fields array was empty, throw error. $registration_error = array('error_id' => 5, 'error_key' => 'invalid_custom_fields', 'error_field' => 'custom_fields', 'error_phrase' => 'The custom fields values were invalid, valid values are: ' . 'custom_fields=custom_field1=custom_value1,custom_field2=custom_value2 ' . 'but got: "' . $this->getRequest('custom_fields') . '" instead'); $this->throwError(self::USER_ERROR, $registration_error, 'registering a new user'); } $user_data['custom_fields'] = $custom_fields; } // Check if add groups is set. if ($this->hasRequest('add_groups')) { // Request has value. if (!$this->getRequest('add_groups')) { // Throw error if the 'add_groups' argument is set but empty. $this->throwError(1, 'add_groups'); } // Initialize the array. $user_data['add_groups'] = array(); // Check if value is an array. if (strpos($this->getRequest('add_groups'), ',') !== FALSE) { // Value is an array, explode it. $groups = explode(',', $this->getRequest('add_groups')); // Loop through the group values. foreach ($groups as $group_value) { // Grab the group from the group value. $group = $this->getXenAPI()->getGroup($group_value); // Check if group was found. if (!$group) { // Group was not found, throw error. $registration_error = array('error_id' => 2, 'error_key' => 'group_not_found', 'error_field' => 'add_groups', 'error_phrase' => 'Could not find group with parameter "' . $group_value . '" in array "' . $this->getRequest('add_group') . '"'); $this->throwError(self::USER_ERROR, $registration_error, 'registering a new user'); } // Add the group_id to the the add_group array. $user_data['add_groups'][] = $group['user_group_id']; } } else { // Grab the group from the group value. $group = $this->getXenAPI()->getGroup($this->getRequest('add_groups')); // Check if group was found. if (!$group) { // Group was not found, throw error. $registration_error = array('error_id' => 2, 'error_key' => 'group_not_found', 'error_field' => 'add_groups', 'error_phrase' => 'Could not find group with parameter "' . $this->getRequest('add_groups') . '"'); $this->throwError(self::USER_ERROR, $registration_error, 'registering a new user'); } // Add the group_id to the the add_groups array. $user_data['add_groups'][] = $group['user_group_id']; } } if ($this->hasRequest('user_state')) { // Request has user_state. if (!$this->getRequest('user_state')) { // Throw error if the 'user_state' argument is set but empty. $this->throwError(1, 'user_state'); break; } // Set the user state of the registration. $user_data['user_state'] = $this->getRequest('user_state'); } if ($this->hasRequest('language_id')) { // Request has language_id. if (!$this->getRequest('language_id')) { // Throw error if the 'language_id' argument is set but empty. $this->throwError(1, 'language_id'); break; } // Set the language id of the registration. $user_data['language_id'] = $this->getRequest('language_id'); } $registration_results = $this->getXenAPI()->register($user_data); if (!empty($registration_results['error'])) { // The registration failed, process errors. if (is_array($registration_results['errors'])) { // The error message was an array, loop through the messages. $error_keys = array(); foreach ($registration_results['errors'] as $error_field => $error) { if (!$error instanceof XenForo_Phrase) { $registration_error = array('error_id' => 1, 'error_key' => 'field_not_recognised', 'error_field' => $error_field, 'error_phrase' => $error); $this->throwError(self::USER_ERROR, $registration_error, 'registering a new user'); } // Let's init the registration error array. $registration_error = array('error_id' => $this->getUserErrorID($error->getPhraseName()), 'error_key' => $error->getPhraseName(), 'error_field' => $error_field, 'error_phrase' => $error->render()); $this->throwError(self::USER_ERROR, $registration_error, 'registering a new user'); } } else { $registration_error = array('error_id' => $registration_results['error'], 'error_key' => 'general_user_registration_error', 'error_phrase' => $registration_results['errors']); $this->throwError(self::USER_ERROR, $registration_error, 'registering a new user'); } } else { // Registration was successful, return results. $this->sendResponse($registration_results); } break; case 'search': if (!$this->hasRequest('value')) { // The 'value' argument has not been set, throw error. $this->throwError(3, 'value'); break; } else { if (!$this->getRequest('value')) { // Throw error if the 'value' argument is set but empty. $this->throwError(1, 'value'); break; } } $order = 'asc'; $type = NULL; if ($this->hasRequest('order')) { // Request has order. if (!$this->getRequest('order')) { // Throw error if the 'order' argument is set but empty. $this->throwError(1, 'order'); break; } // Set the language id of the registration. $order = $this->getRequest('order'); } if ($this->hasRequest('type')) { // Request has type. if (!$this->getRequest('type')) { // Throw error if the 'type' argument is set but empty. $this->throwError(1, 'type'); break; } // Set the language id of the registration. $type = $this->getRequest('type'); } $this->sendResponse($this->getXenAPI()->search($this->getRequest('value'), $order, $type)); break; default: // Action was supported but has not yet been added to the switch statement, throw error. $this->throwError(11, $this->getAction()); } $this->throwError(7, 'executing action', $this->getAction()); }