protected function _getAttachmentOrError($attachmentId) { $attachment = $this->_getAttachmentModel()->getAttachmentById($attachmentId); if (!$attachment) { throw $this->_controller->responseException($this->_controller->responseError(new XenForo_Phrase('requested_attachment_not_found'), 404)); } return $attachment; }
protected function _checkUserCredentials_runTfaValidation($userId) { if ($userId < 1 || XenForo_Application::$versionId < 1050000) { return true; } if ($this->_controller === null) { // since XenForo 1.5+, $_controller must be set to check for two factor authentication // otherwise, deny access immediately return false; } /** @var XenForo_ControllerHelper_Login $loginHelper */ $loginHelper = $this->_controller->getHelper('Login'); $user = $this->_model->getUserModel()->getFullUserById($userId); if (!$loginHelper->userTfaConfirmationRequired($user)) { return true; } /** @var XenForo_Model_Tfa $tfaModel */ $tfaModel = $this->_model->getModelFromCache('XenForo_Model_Tfa'); $providers = $tfaModel->getTfaConfigurationForUser($user['user_id'], $userData); if (empty($providers)) { return true; } $this->_server->actionOauthToken_setTfaProviders($providers); $tfaProvider = $this->_controller->getInput()->filterSingle('tfa_provider', XenForo_Input::STRING); if (strlen($tfaProvider) === 0) { return false; } $tfaTrigger = $this->_controller->getInput()->filterSingle('tfa_trigger', XenForo_Input::BOOLEAN); if ($tfaTrigger) { $loginHelper->triggerTfaCheck($user, $tfaProvider, $providers, $userData); throw $this->_controller->responseException($this->_controller->responseMessage(new XenForo_Phrase('changes_saved'))); } $loginHelper->assertNotTfaAttemptLimited($user['user_id']); if ($loginHelper->runTfaValidation($user, $tfaProvider, $providers, $userData) === true) { return true; } throw $this->_controller->responseException($this->_controller->responseError(new XenForo_Phrase('two_step_verification_value_could_not_be_confirmed'))); }