public function bdApi_actionPostVotes(array $poll, bdApi_ControllerApi_Abstract $controller) { if (!$this->canVoteOnPoll($poll, $errorPhraseKey)) { throw $controller->getErrorOrNoPermissionResponseException($errorPhraseKey); } $responseIds = $controller->getInput()->filterSingle('response_ids', XenForo_Input::UINT, array('array' => true)); $responseId = $controller->getInput()->filterSingle('response_id', XenForo_Input::UINT); if ($responseId > 0) { $responseIds[] = $responseId; $responseIds = array_unique($responseIds); } if (empty($responseIds)) { if (!$responseIds) { return $controller->responseError(new XenForo_Phrase('bdapi_slash_poll_vote_requires_response_id')); } } if ($poll['max_votes'] > 0 && count($responseIds) > $poll['max_votes']) { return $controller->responseError(new XenForo_Phrase('you_may_select_up_to_x_choices', array('max' => $poll['max_votes']))); } if ($this->voteOnPoll($poll['poll_id'], $responseIds)) { return $controller->responseMessage(new XenForo_Phrase('changes_saved')); } else { return $controller->responseError(new XenForo_Phrase('unexpected_error_occurred')); } }
protected function _getAttachmentOrError($attachmentId) { $attachment = $this->_getAttachmentModel()->getAttachmentById($attachmentId); if (!$attachment) { throw $this->_controller->responseException($this->_controller->responseError(new XenForo_Phrase('requested_attachment_not_found'), 404)); } return $attachment; }
protected function _checkUserCredentials_runTfaValidation($userId) { if ($userId < 1 || XenForo_Application::$versionId < 1050000) { return true; } if ($this->_controller === null) { // since XenForo 1.5+, $_controller must be set to check for two factor authentication // otherwise, deny access immediately return false; } /** @var XenForo_ControllerHelper_Login $loginHelper */ $loginHelper = $this->_controller->getHelper('Login'); $user = $this->_model->getUserModel()->getFullUserById($userId); if (!$loginHelper->userTfaConfirmationRequired($user)) { return true; } /** @var XenForo_Model_Tfa $tfaModel */ $tfaModel = $this->_model->getModelFromCache('XenForo_Model_Tfa'); $providers = $tfaModel->getTfaConfigurationForUser($user['user_id'], $userData); if (empty($providers)) { return true; } $this->_server->actionOauthToken_setTfaProviders($providers); $tfaProvider = $this->_controller->getInput()->filterSingle('tfa_provider', XenForo_Input::STRING); if (strlen($tfaProvider) === 0) { return false; } $tfaTrigger = $this->_controller->getInput()->filterSingle('tfa_trigger', XenForo_Input::BOOLEAN); if ($tfaTrigger) { $loginHelper->triggerTfaCheck($user, $tfaProvider, $providers, $userData); throw $this->_controller->responseException($this->_controller->responseMessage(new XenForo_Phrase('changes_saved'))); } $loginHelper->assertNotTfaAttemptLimited($user['user_id']); if ($loginHelper->runTfaValidation($user, $tfaProvider, $providers, $userData) === true) { return true; } throw $this->_controller->responseException($this->_controller->responseError(new XenForo_Phrase('two_step_verification_value_could_not_be_confirmed'))); }