/**
* Main filtering loop also sets up global vars GET POST COOKIE and some $_SERVER keys
*/
public function process()
{
global $HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS, $HTTP_REQUEST_VARS;
if ($this->currentUserHaveRightsForSkip()) {
if ($_SERVER["REQUEST_METHOD"] === "POST" && check_bitrix_sessid() && empty($_POST['____SECFILTER_CONVERT_JS'])) {
return;
}
}
//Do not touch those variables who did not come from REQUEST
$this->cleanGlobals();
$originalPostVars = $_POST;
$_GET = $this->safeizeArray($_GET, '$_GET');
$_POST = $this->safeizeArray($_POST, '$_POST', '/^File\\d+_\\d+$/');
$_COOKIE = $this->safeizeArray($_COOKIE, '$_COOKIE');
$_SERVER = $this->safeizeServerArray($_SERVER);
$_REQUEST = $_GET;
foreach ($_POST as $k => $v) {
$_REQUEST[$k] = $v;
}
foreach ($_COOKIE as $k => $v) {
$_REQUEST[$k] = $v;
}
$HTTP_GET_VARS = $_GET;
$HTTP_POST_VARS = $_POST;
$HTTP_COOKIE_VARS = $_COOKIE;
$HTTP_REQUEST_VARS = $_REQUEST;
$this->restoreGlobals();
$this->doPostProccessActions($originalPostVars);
}
/**
* @return $this
*/
protected function checkToken()
{
if (!check_bitrix_sessid('token_sid')) {
$this->sendJsonResponse(array('status' => 'error_token_sid', 'token_sid' => bitrix_sessid()), 403);
}
return $this;
}
protected function checkRequest()
{
if (!$this->getUser() || !$this->getUser()->getId() || !$this->getUser()->IsAuthorized() || $_SERVER['REQUEST_METHOD'] !== 'POST' || !check_bitrix_sessid() || !$this->helper->checkRights()) {
$this->sendJsonAccessDeniedResponse();
}
$action = isset($_REQUEST['action']) && is_string($_REQUEST['action']) ? strtolower($_REQUEST['action']) : '';
if (empty($action)) {
$this->errors[] = array('code' => 0, 'message' => GetMessage('CRM_PRODUCT_SECTION_TREE_AJAX_ERROR_EMPTY_ACTION'));
}
if (!$this->errors) {
switch ($action) {
case 'getinitialtree':
case 'getsubsections':
$this->action = $action;
$catalogId = isset($_REQUEST['catalogId']) ? intval($_REQUEST['catalogId']) : 0;
if ($catalogId <= 0) {
$this->errors[] = array('code' => 0, 'message' => GetMessage('CRM_PRODUCT_SECTION_TREE_AJAX_ERROR_REQUIRED_PARAMETER', array('#PARAM#' => 'catalogId')));
}
$this->catalogId = $catalogId;
$sectionId = isset($_REQUEST['sectionId']) ? intval($_REQUEST['sectionId']) : 0;
if ($sectionId <= 0) {
$this->errors[] = array('code' => 0, 'message' => GetMessage('CRM_PRODUCT_SECTION_TREE_AJAX_ERROR_REQUIRED_PARAMETER', array('#PARAM#' => 'sectionId')));
}
$this->sectionId = $sectionId;
break;
default:
$this->errors[] = array('code' => 0, 'message' => GetMessage('CRM_PRODUCT_SECTION_TREE_AJAX_ERROR_UNKNOWN_ACTION', array('#ACTION#' => $_REQUEST['action'])));
}
}
if ($this->errors) {
$this->sendJsonErrorResponse();
}
}
/**
* @return array
*/
protected function toEdit()
{
/** @global CUser $USER */
global $USER;
if (!$USER->IsAuthorized()) {
return array('status' => 'error', 'error' => 'auth_error');
}
if (!check_bitrix_sessid()) {
return array('status' => 'error', 'error' => 'sessid_check_failed');
}
if ($this->request['action'] !== 'otp_check_activate') {
return array('status' => 'error', 'error' => 'unknown_action');
}
if (!CModule::includeModule('security')) {
return array('status' => 'error', 'error' => 'security_not_installed');
}
try {
$otp = Otp::getByUser($USER->getid());
$binarySecret = pack('H*', $this->request->getPost('secret'));
$otp->regenerate($binarySecret)->syncParameters($this->request->getPost('sync1'), $this->request->getPost('sync2'))->save();
return array('status' => 'ok');
} catch (\Bitrix\Security\Mfa\OtpException $e) {
return array('status' => 'error', 'error' => $e->getMessage());
}
}
public static function OnBeforeProlog()
{
if (CSecuritySystemInformation::isCliMode())
return;
if(CSecurityFilterMask::Check(SITE_ID, $_SERVER["REQUEST_URI"]))
return;
if(self::currentUserHaveRightsForSkip())
{
if(
check_bitrix_sessid()
&& (
!isset($_POST['____SECFILTER_CONVERT_JS'])
|| !$_POST['____SECFILTER_CONVERT_JS']
)
)
{
return;
}
}
$filter = new CSecurityFilter;
$filter->process();
}
public static function execute()
{
global $USER;
$result = array();
$error = false;
if (!CModule::IncludeModule('voximplant')) {
$error = 'Module voximplant is not installed.';
} else {
if (!is_object($USER) || !$USER->IsAuthorized()) {
$error = GetMessage('ACCESS_DENIED');
} else {
if (!CVoxImplantMain::CheckAccess()) {
$error = GetMessage('ACCESS_DENIED');
} else {
if (!check_bitrix_sessid()) {
$error = GetMessage('ACCESS_DENIED');
} else {
if ($_REQUEST["act"] == "edit") {
$result = self::executeEditPhones($error);
} else {
if ($_REQUEST["act"] == "getInfo") {
$result = self::executeGetInfo($error);
} else {
if ($_REQUEST["act"] == "option") {
$result = self::executeSaveOption($error);
}
}
}
}
}
}
}
self::returnJson(array_merge(array('result' => $error === false ? 'ok' : 'error', 'error' => CharsetConverter::ConvertCharset($error, SITE_CHARSET, 'UTF-8')), $result));
}
/**
* проверяет заполнение обязательных параметров
* @throws SystemException
*/
protected function checkParams()
{
if ($this -> arParams['IBLOCK_ID'] <= 0)
throw new Main\ArgumentNullException('IBLOCK_ID');
if (check_bitrix_sessid())
{
return false;
}
}
public function __construct($title, $iblockId)
{
global $APPLICATION;
$this->iblock_id = intVal($iblockId);
\CModule::IncludeModule("iblock");
if ($_REQUEST['work_start'] && check_bitrix_sessid()) {
$this->lastID = intVal($_REQUEST['lastid']);
}
$this->arSelect = array("ID", "NAME", "CODE", "IBLOCK_ID");
$this->title = $title;
$APPLICATION->SetTitle($this->title);
}
function ShowPanel()
{
global $USER, $APPLICATION;
if (defined("ADMIN_SECTION") && ADMIN_SECTION == true) {
return;
}
if ($USER->IsAdmin()) {
if ($_REQUEST['add_new_site_sol'] == 'sol' && check_bitrix_sessid()) {
$dbrSites = CSite::GetList($by, $ord);
$arSitesID = array();
$arSitesPath = array();
$siteCnt = 0;
while ($arSite = $dbrSites->Fetch()) {
if ($arSite["ACTIVE"] == "Y") {
$siteCnt++;
}
$arSitesID[] = strtolower($arSite["ID"]);
$arSitesPath[] = strtolower($arSite["PATH"]);
}
$newSiteID = "";
while (true) {
$newSiteID = chr(rand(ord("a"), ord("z"))) . chr(rand(ord("a"), ord("z")));
if (!in_array($newSiteID, $arSitesID) && !in_array("/site" . $newSiteID . "/", $arSitesPath) && !file_exists($_SERVER['DOCUMENT_ROOT'] . "/site" . $newSiteID)) {
break;
}
}
$culture = CultureTable::getRow(array('filter' => array("=FORMAT_DATE" => FORMAT_DATE, "=FORMAT_DATETIME" => FORMAT_DATETIME, "=FORMAT_NAME" => CSite::GetDefaultNameFormat(), "=CHARSET" => SITE_CHARSET)));
if ($culture) {
$cultureId = $culture["ID"];
} else {
$addResult = CultureTable::add(array("NAME" => $newSiteID, "CODE" => $newSiteID, "FORMAT_DATE" => FORMAT_DATE, "FORMAT_DATETIME" => FORMAT_DATETIME, "FORMAT_NAME" => CSite::GetDefaultNameFormat(), "CHARSET" => SITE_CHARSET));
$cultureId = $addResult->getId();
}
$arFields = array("LID" => $newSiteID, "ACTIVE" => "Y", "SORT" => 100, "DEF" => "N", "NAME" => $newSiteID, "DIR" => "/site_" . $newSiteID . "/", "SITE_NAME" => $newSiteID, "SERVER_NAME" => $_SERVER["SERVER_NAME"], "EMAIL" => COption::GetOptionString("main", "email_from"), "LANGUAGE_ID" => LANGUAGE_ID, "DOC_ROOT" => "", "CULTURE_ID" => $cultureId);
$obSite = new CSite();
$result = $obSite->Add($arFields);
if ($result) {
LocalRedirect("/bitrix/admin/wizard_install.php?lang=" . LANGUAGE_ID . "&wizardName=bitrix:portal&wizardSiteID=" . $newSiteID . "&" . bitrix_sessid_get());
} else {
echo $obSite->LAST_ERROR;
}
}
$arMenu = array(array("ACTION" => "jsUtils.Redirect([], '" . CUtil::JSEscape(SITE_DIR) . "?add_new_site_sol=sol&" . bitrix_sessid_get() . "')", "TEXT" => "<b>" . GetMessage("SOL_BUTTON_TEST_TEXT", array("#BR#" => " ")) . "</b>", "TITLE" => GetMessage("SOL_BUTTON_TEST_TITLE")));
$arSites = array();
$dbrSites = CSite::GetList($by, $ord, array("ACTIVE" => "Y"));
while ($arSite = $dbrSites->GetNext()) {
$arSites[] = array("ACTION" => "jsUtils.Redirect([], '" . CUtil::JSEscape($arSite["DIR"]) . "');", "ICON" => $arSite["LID"] == SITE_ID ? "checked" : "", "TEXT" => $arSite["NAME"], "TITLE" => GetMessage("SOL_BUTTON_GOTOSITE") . " " . $arSite["NAME"]);
}
$arMenu[] = array("SEPARATOR" => true);
$arMenu[] = array("TEXT" => GetMessage("SOL_BUTTON_GOTOSITE"), "MENU" => $arSites);
$APPLICATION->AddPanelButton(array("HREF" => SITE_DIR . "?add_new_site_sol=sol&" . bitrix_sessid_get(), "ID" => "solutions_wizard", "ICON" => "bx-panel-install-solution-icon", "TYPE" => "BIG", "ALT" => GetMessage("SOL_BUTTON_TEST_TITLE"), "TEXT" => GetMessage("SOL_BUTTON_TEST_TEXT"), "MAIN_SORT" => 2520, "SORT" => 20, "MENU" => $arMenu, 'HINT' => array('TITLE' => str_replace('#BR#', ' ', GetMessage("SOL_BUTTON_TEST_TEXT")), 'TEXT' => GetMessage('SOL_BUTTON_TEST_TEXT_HINT')), 'HINT_MENU' => array('TITLE' => str_replace('#BR#', ' ', GetMessage("SOL_BUTTON_TEST_TEXT")), 'TEXT' => GetMessage('SOL_BUTTON_TEST_MENU_HINT'))));
}
}
public function DoUninstall()
{
if (!check_bitrix_sessid()) {
return false;
}
UnRegisterModule($this->MODULE_ID);
$modPath = $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/" . $this->MODULE_ID . "/install/components";
$comPath = $_SERVER["DOCUMENT_ROOT"] . "/bitrix/components";
DeleteDirFiles($modPath, $comPath);
DeleteDirFiles($_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/" . $this->MODULE_ID . "/install/images", $_SERVER["DOCUMENT_ROOT"] . "/bitrix/images/maxposter");
LocalRedirect("partner_modules.php?lang=" . LANGUAGE_ID);
return true;
}
public function Run()
{
if ($_REQUEST['work_start'] && check_bitrix_sessid()) {
if ($this->bCallback) {
call_user_func($this->callback, $this);
} else {
$this->executeStep();
}
echo $this->getCurrentStatusString();
die;
}
$GLOBALS['assistant_filter'] = $this->getFilterHtml();
}
function OnBeforePrologHandler(){
global $USER_FIELD_MANAGER;
if (isset($_REQUEST['action_button']) && !isset($_REQUEST['action'])) {
$_REQUEST['action'] = $_REQUEST['action_button'];
}
if (!isset($_REQUEST['action'])) {
return;
}
$BID = (isset($_REQUEST['ID']) ? (int)$_REQUEST['ID'] : 0);
if ($_REQUEST['action']=='parsing_in_list' && check_bitrix_sessid() &&
\CModule::IncludeModule('iblock')) {
ParserActions::doParsing($BID,$_REQUEST['IBLOCK_ID']);
}
}
public function executeComponent()
{
/** @global CMain $APPLICATION */
global $APPLICATION;
$action = $this->request['action'];
$isEdit = $this->request->isPost() && $action && check_bitrix_sessid();
if ($isEdit) {
$this->arResult = $this->toEdit($action);
} else {
$APPLICATION->SetTitle(Loc::getMessage("SECURITY_USER_RECOVERY_CODES_TITLE"));
$this->arResult = $this->toView($action);
}
$this->doPostAction($isEdit, $action);
}
public function CModuleOptions($module_id, $arTabs, $arGroups, $arOptions, $need_access_tab = false)
{
$this->module_id = $module_id;
$this->arTabs = $arTabs;
$this->arGroups = $arGroups;
$this->arOptions = $arOptions;
$this->need_access_tab = $need_access_tab;
if ($need_access_tab) {
$this->arTabs[] = array('DIV' => 'edit_access_tab', 'TAB' => 'Права доступа', 'ICON' => '', 'TITLE' => 'Настройка прав доступа');
}
if ($_REQUEST['update'] == 'Y' && check_bitrix_sessid()) {
$this->SaveOptions();
if ($this->need_access_tab) {
$this->SaveGroupRight();
}
}
$this->GetCurOptionValues();
}
public function executeComponent()
{
/** @global CMain $APPLICATION */
global $APPLICATION;
$action = $this->request['action'];
$isEdit = $this->request->isPost() && $action && check_bitrix_sessid();
if ($isEdit) {
$result = $this->toEdit($action);
$result = CSecurityJsonHelper::encode($result);
$APPLICATION->RestartBuffer();
header('Content-Type: application/json', true);
echo $result;
die;
} else {
$APPLICATION->SetTitle(Loc::getMessage("SECURITY_USER_RECOVERY_CODES_TITLE"));
$this->arResult = $this->toView($action);
$this->IncludeComponentTemplate($this->templatePage);
}
}
private function processGridActions($gridId)
{
$postAction = 'action_button_' . $gridId;
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST[$postAction]) && check_bitrix_sessid()) {
$userId = $this->getUser()->getID();
if ($_POST[$postAction] == 'restore') {
if (empty($_POST['ID'])) {
return;
}
foreach ($_POST['ID'] as $targetId) {
/** @var Folder|File $object */
$object = BaseObject::loadById($targetId);
if (!$object) {
continue;
}
if (!$object->canRestore($object->getStorage()->getCurrentUserSecurityContext())) {
continue;
}
$object->restore($userId);
}
} elseif ($_POST[$postAction] == 'delete' || $_POST[$postAction] == 'destroy') {
if (empty($_POST['ID'])) {
return;
}
foreach ($_POST['ID'] as $targetId) {
/** @var Folder|File $object */
$object = BaseObject::loadById($targetId);
if (!$object) {
continue;
}
if (!$object->canDelete($object->getStorage()->getCurrentUserSecurityContext())) {
continue;
}
if ($object instanceof Folder) {
$object->deleteTree($userId);
} else {
$object->delete($userId);
}
}
}
}
}
/**
* @param string $name
*/
public function executeAction($name, $params = array())
{
global $USER;
$actionDesc = $this->getAction($name);
if ($actionDesc) {
$isSessidValid = true;
if ($actionDesc["needBitrixSessid"] == true || array_key_exists("sessid", $_REQUEST) && strlen($_REQUEST["sessid"]) > 0) {
$isSessidValid = check_bitrix_sessid();
}
if (!isset($actionDesc["fireInitMobileEvent"]) || $actionDesc["fireInitMobileEvent"] != true) {
if (!defined("MOBILE_INIT_EVENT_SKIP")) {
define("MOBILE_INIT_EVENT_SKIP", true);
}
}
if ($actionDesc["no_check_auth"] !== true && (!$USER->IsAuthorized() || !$isSessidValid)) {
header("HTTP/1.0 401 Not Authorized");
header("Content-Type: application/x-javascript");
header("BX-Authorize: " . bitrix_sessid());
echo json_encode(array("status" => "failed", "bitrix_sessid" => bitrix_sessid()));
} elseif ($actionDesc["file"]) {
if ($actionDesc["json"] === true) {
header("Content-Type: application/x-javascript");
$data = (include $actionDesc["file"]);
if ($data) {
echo json_encode($data);
}
} else {
include $actionDesc["file"];
}
}
} else {
if (!defined("MOBILE_INIT_EVENT_SKIP")) {
define("MOBILE_INIT_EVENT_SKIP", true);
}
header("Content-Type: application/x-javascript");
echo json_encode(array("error" => "unknown action for data request"));
}
}
private function processGridActions($gridId)
{
$postAction = 'action_button_' . $gridId;
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST[$postAction]) && check_bitrix_sessid()) {
if ($_POST[$postAction] == 'delete') {
if (empty($_POST['ID'])) {
return;
}
foreach ($_POST['ID'] as $targetId) {
/** @var ExternalLink $externalLink */
$externalLink = ExternalLink::loadById($targetId, array('FILE.STORAGE'));
if (!$externalLink) {
continue;
}
//todo perf we can use getModelList and filter by SimpleRights with ID in (...). Also at once we make so quickly
if (!$externalLink->getFile()->canRead($externalLink->getFile()->getStorage()->getCurrentUserSecurityContext())) {
continue;
}
$externalLink->delete();
}
}
}
}
protected function checkRequest()
{
if (!$this->getUser() || !$this->getUser()->getId() || !$this->getUser()->IsAuthorized() || $_SERVER['REQUEST_METHOD'] !== 'POST' || !check_bitrix_sessid()) {
$this->sendJsonAccessDeniedResponse();
}
$action = isset($_REQUEST['action']) && is_string($_REQUEST['action']) ? strtolower($_REQUEST['action']) : '';
if (empty($action)) {
$this->errors[] = array('code' => 0, 'message' => GetMessage('CRM_PRODUCT_AJAX_ERROR_EMPTY_ACTION'));
}
if (!$this->errors) {
switch ($action) {
case 'saveviewoptions':
$this->action = $action;
$rightSideWidth = isset($_REQUEST['rightSideWidth']) ? intval($_REQUEST['rightSideWidth']) : 0;
if ($rightSideWidth <= 0) {
$this->errors[] = array('code' => 0, 'message' => GetMessage('CRM_PRODUCT_AJAX_ERROR_REQUIRED_PARAMETER', array('#PARAM#' => 'rightSideWidth')));
}
$this->rightSideWidth = $rightSideWidth;
$rightSideClosed = isset($_REQUEST['rightSideClosed']) ? strval($_REQUEST['rightSideClosed']) : '';
if ($rightSideClosed === '') {
$this->errors[] = array('code' => 0, 'message' => GetMessage('CRM_PRODUCT_AJAX_ERROR_REQUIRED_PARAMETER', array('#PARAM#' => 'rightSideClosed')));
}
$this->rightSideClosed = $rightSideClosed === 'Y' ? 'Y' : 'N';
$viewOptionId = isset($_REQUEST['viewOptionId']) ? strval($_REQUEST['viewOptionId']) : '';
if ($viewOptionId === '' || !in_array($viewOptionId, self::$allowedViewOptions, true)) {
$this->errors[] = array('code' => 0, 'message' => GetMessage('CRM_PRODUCT_AJAX_ERROR_REQUIRED_PARAMETER', array('#PARAM#' => 'viewOptionId')));
}
$this->viewOptionId = $viewOptionId;
break;
default:
$this->errors[] = array('code' => 0, 'message' => GetMessage('CRM_PRODUCT_AJAX_AJAX_ERROR_UNKNOWN_ACTION', array('#ACTION#' => $_REQUEST['action'])));
}
}
if ($this->errors) {
$this->sendJsonErrorResponse();
}
}
function DoUninstall()
{
global $APPLICATION;
$this->errors = array();
if (!check_bitrix_sessid()) {
return false;
}
if (Option::get('webdav', 'process_converted', false) === 'Y' || Option::get('disk', 'process_converted', false) === 'Y') {
$this->errors[] = GetMessage("WD_UNINSTALL_ERROR_MIGRATE_PROCESS");
$GLOBALS["webdav_installer_errors"] = $this->errors;
$APPLICATION->IncludeAdminFile(GetMessage("WD_UNINSTALL_TITLE"), $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/webdav/install/unstep1.php");
return;
}
$this->UnInstallDB();
$this->UnInstallEvents();
$this->UnInstallFiles();
}
protected function processActionCheckDataElementCreation()
{
if ($_POST["save"] != "Y" && $_POST["changePostFormTab"] != "lists" && !check_bitrix_sessid()) {
$this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_SEAC_CONNECTION_MODULE_IBLOCK'))));
}
if (!Loader::IncludeModule('bizproc')) {
$this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_SEAC_CONNECTION_MODULE_BIZPROC'))));
}
if (!Loader::includeModule('iblock')) {
$this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_SEAC_CONNECTION_MODULE_IBLOCK'))));
}
$this->iblockId = intval($this->request->getPost('IBLOCK_ID'));
$this->iblockTypeId = COption::GetOptionString("lists", "livefeed_iblock_type_id");
$this->checkPermissionElement();
if ($this->errorCollection->hasErrors()) {
$this->sendJsonErrorResponse();
}
$templateId = intval($_POST['TEMPLATE_ID']);
$documentType = BizprocDocument::generateDocumentComplexType(COption::GetOptionString("lists", "livefeed_iblock_type_id"), $this->iblockId);
if (!empty($templateId)) {
if (CModule::IncludeModule('bizproc')) {
if (!CBPWorkflowTemplateLoader::isConstantsTuned($templateId)) {
$this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_IS_CONSTANTS_TUNED_NEW'))));
$this->sendJsonErrorResponse();
}
}
} else {
if (CModule::IncludeModule("bizproc")) {
$templateObject = CBPWorkflowTemplateLoader::getTemplatesList(array('ID' => 'DESC'), array('DOCUMENT_TYPE' => $documentType, 'AUTO_EXECUTE' => CBPDocumentEventType::Create), false, false, array('ID'));
$template = $templateObject->fetch();
if (!empty($template)) {
if (!CBPWorkflowTemplateLoader::isConstantsTuned($template["ID"])) {
$this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_IS_CONSTANTS_TUNED_NEW'))));
$this->sendJsonErrorResponse();
}
} else {
$this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_NOT_BIZPROC_TEMPLATE'))));
$this->sendJsonErrorResponse();
}
}
}
$list = new CList($this->iblockId);
$fields = $list->getFields();
$elementData = array("IBLOCK_ID" => $this->iblockId, "NAME" => $_POST["NAME"]);
$props = array();
foreach ($fields as $fieldId => $field) {
if ($fieldId == "PREVIEW_PICTURE" || $fieldId == "DETAIL_PICTURE") {
$elementData[$fieldId] = $_FILES[$fieldId];
if (isset($_POST[$fieldId . "_del"]) && $_POST[$fieldId . "_del"] == "Y") {
$elementData[$fieldId]["del"] = "Y";
}
} elseif ($fieldId == "PREVIEW_TEXT" || $fieldId == "DETAIL_TEXT") {
if (isset($field["SETTINGS"]) && is_array($field["SETTINGS"]) && $field["SETTINGS"]["USE_EDITOR"] == "Y") {
$elementData[$fieldId . "_TYPE"] = "html";
} else {
$elementData[$fieldId . "_TYPE"] = "text";
}
$elementData[$fieldId] = $_POST[$fieldId];
} elseif ($fieldId == 'ACTIVE_FROM' || $fieldId == 'ACTIVE_TO') {
$elementData[$fieldId] = array_shift($_POST[$fieldId]);
} elseif ($list->is_field($fieldId)) {
$elementData[$fieldId] = $_POST[$fieldId];
} elseif ($field["PROPERTY_TYPE"] == "F") {
if (isset($_POST[$fieldId . "_del"])) {
$deleteArray = $_POST[$fieldId . "_del"];
} else {
$deleteArray = array();
}
$props[$field["ID"]] = array();
$files = $this->unEscape($_FILES);
CFile::ConvertFilesToPost($files[$fieldId], $props[$field["ID"]]);
foreach ($props[$field["ID"]] as $fileId => $file) {
if (isset($deleteArray[$fileId]) && (!is_array($deleteArray[$fileId]) && $deleteArray[$fileId] == "Y" || is_array($deleteArray[$fileId]) && $deleteArray[$fileId]["VALUE"] == "Y")) {
if (isset($props[$field["ID"]][$fileId]["VALUE"])) {
$props[$field["ID"]][$fileId]["VALUE"]["del"] = "Y";
} else {
$props[$field["ID"]][$fileId]["del"] = "Y";
}
}
}
} elseif ($field["PROPERTY_TYPE"] == "N") {
if (is_array($_POST[$fieldId]) && !array_key_exists("VALUE", $_POST[$fieldId])) {
$props[$field["ID"]] = array();
foreach ($_POST[$fieldId] as $key => $value) {
if (is_array($value)) {
if (strlen($value["VALUE"])) {
$value = str_replace(" ", "", str_replace(",", ".", $value["VALUE"]));
if (!is_numeric($value)) {
$this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_IS_VALIDATE_FIELD_ERROR', array('#NAME#' => $field['NAME'])))));
$this->sendJsonErrorResponse();
}
$props[$field["ID"]][$key] = doubleval($value);
}
} else {
if (strlen($value)) {
$value = str_replace(" ", "", str_replace(",", ".", $value));
if (!is_numeric($value)) {
$this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_IS_VALIDATE_FIELD_ERROR', array('#NAME#' => $field['NAME'])))));
$this->sendJsonErrorResponse();
}
$props[$field["ID"]][$key] = doubleval($value);
}
}
}
} else {
if (is_array($_POST[$fieldId])) {
if (strlen($_POST[$fieldId]["VALUE"])) {
$value = str_replace(" ", "", str_replace(",", ".", $_POST[$fieldId]["VALUE"]));
if (!is_numeric($value)) {
$this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_IS_VALIDATE_FIELD_ERROR', array('#NAME#' => $field['NAME'])))));
$this->sendJsonErrorResponse();
}
$props[$field["ID"]] = doubleval($value);
}
} else {
if (strlen($_POST[$fieldId])) {
$value = str_replace(" ", "", str_replace(",", ".", $_POST[$fieldId]));
if (!is_numeric($value)) {
$this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_IS_VALIDATE_FIELD_ERROR', array('#NAME#' => $field['NAME'])))));
$this->sendJsonErrorResponse();
}
$props[$field["ID"]] = doubleval($value);
}
}
}
} else {
$props[$field["ID"]] = $_POST[$fieldId];
}
}
$elementData["MODIFIED_BY"] = $this->getUser()->getID();
unset($elementData["TIMESTAMP_X"]);
if (!empty($props)) {
$elementData["PROPERTY_VALUES"] = $props;
}
$documentStates = CBPDocument::GetDocumentStates($documentType, null);
$userId = $this->getUser()->getId();
$write = CBPDocument::CanUserOperateDocumentType(CBPCanUserOperateOperation::WriteDocument, $userId, $documentType, array('AllUserGroups' => array(), 'DocumentStates' => $documentStates));
if (!$write) {
$this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_IS_ACCESS_DENIED_STATUS'))));
$this->sendJsonErrorResponse();
}
$bizprocParametersValues = array();
foreach ($documentStates as $documentState) {
if (strlen($documentState["ID"]) <= 0) {
$errors = array();
$bizprocParametersValues[$documentState['TEMPLATE_ID']] = CBPDocument::StartWorkflowParametersValidate($documentState['TEMPLATE_ID'], $documentState['TEMPLATE_PARAMETERS'], $documentType, $errors);
$stringError = '';
foreach ($errors as $e) {
$stringError .= $e['message'] . '<br />';
}
}
}
if (!empty($stringError)) {
$this->errorCollection->add(array(new Error($stringError)));
$this->sendJsonErrorResponse();
}
$objectElement = new CIBlockElement();
$idElement = $objectElement->Add($elementData, false, true, true);
if ($idElement) {
$bizProcWorkflowId = array();
foreach ($documentStates as $documentState) {
if (strlen($documentState["ID"]) <= 0) {
$errorsTmp = array();
$bizProcWorkflowId[$documentState['TEMPLATE_ID']] = CBPDocument::StartWorkflow($documentState['TEMPLATE_ID'], array('lists', 'BizprocDocument', $idElement), array_merge($bizprocParametersValues[$documentState['TEMPLATE_ID']], array('TargetUser' => 'user_' . intval($this->getUser()->getID()))), $errorsTmp);
}
}
if (!empty($errorsTmp)) {
$documentStates = null;
CBPDocument::AddDocumentToHistory(array('lists', 'BizprocDocument', $idElement), $elementData['NAME'], $this->getUser()->getID());
}
} else {
$this->errorCollection->add(array(new Error($objectElement->LAST_ERROR)));
$this->sendJsonErrorResponse();
}
$this->sendJsonSuccessResponse(array());
}
$arFilter["~NAME"] = "%" . $filter_name . "%";
}
if (strlen($filter_descr) > 0) {
$arFilter["~DESCRIPTION"] = "%" . $filter_descr . "%";
}
if (!empty($filter_status)) {
if ($filter_status == 2) {
unset($arFilter['USER_STATUS']);
} else {
$arFilter['USER_STATUS'] = array(CBPTaskUserStatus::Ok, CBPTaskUserStatus::Yes, CBPTaskUserStatus::No);
}
}
if (!empty($filter_workflow_template_id)) {
$arFilter['WORKFLOW_TEMPLATE_ID'] = (int) $filter_workflow_template_id;
}
if ($allowAdminAccess && !empty($_REQUEST['action']) && check_bitrix_sessid()) {
$ids = isset($_REQUEST['ID']) && is_array($_REQUEST['ID']) ? $_REQUEST['ID'] : array();
if ($ids) {
$errors = array();
$action = $_REQUEST['action'];
$status = 0;
if (strpos($action, 'set_status_') === 0) {
$status = substr($action, strlen('set_status_'));
$action = 'set_status';
}
foreach ($ids as $id) {
list($taskId, $userId) = explode('_', $id);
if ($action == 'set_status' && $status > 0) {
CBPDocument::setTasksUserStatus($userId, $status, $taskId, $errors);
} elseif ($action == 'delegate' && !empty($_REQUEST['delegate_to'])) {
CBPDocument::delegateTasks($userId, $_REQUEST['delegate_to'], $taskId, $errors);
$isNewGroup = true;
if (array_key_exists('ID', $_REQUEST) && (int) $_REQUEST['ID'] > 0) {
$varsGroup = new UserVars\VarsGroup();
$dataGroup = $varsGroup->findOneById($_REQUEST['ID'])->fetch();
if (!empty($dataGroup)) {
$isOldGroup = true;
$isNewGroup = false;
}
} else {
$dataGroup = array_fill_keys(array('ID', 'NAME', 'CODE'), '');
}
if ($isOldGroup && $request->getQuery('action') == 'delete' && check_bitrix_sessid()) {
Model\VarsGroupTable::delete($dataGroup['ID']);
LocalRedirect(sprintf('user_vars.php?lang=%s', LANGUAGE_ID));
}
if ($request->isPost() && check_bitrix_sessid()) {
$postData = array_map('strip_tags', $request->getPostList()->toArray());
$postData = array_intersect_key($postData, array('NAME' => null, 'CODE' => null));
if ($isNewGroup) {
$result = Model\VarsGroupTable::add($postData);
$groupId = $result->getId();
} else {
$result = Model\VarsGroupTable::update($dataGroup['ID'], $postData);
$groupId = $dataGroup['ID'];
}
if (!$result->isSuccess()) {
$errorsList = $result->getErrorMessages();
} else {
if ($submitTypeApply) {
$redirectPath = sprintf('user_vars_group_edit.php?ID=%dlang=%s', $groupId, LANGUAGE_ID);
} else {
<?php
if (!defined("B_PROLOG_INCLUDED") || B_PROLOG_INCLUDED !== true) {
die;
}
$requiredModules = array('report');
foreach ($requiredModules as $requiredModule) {
if (!CModule::IncludeModule($requiredModule)) {
ShowError(GetMessage("F_NO_MODULE"));
return 0;
}
}
$isPost = $_SERVER['REQUEST_METHOD'] === 'POST';
if ($isPost && !check_bitrix_sessid()) {
LocalRedirect($arParams['PATH_TO_REPORT_LIST']);
}
$helperClassName = $arResult['HELPER_CLASS'] = isset($arParams['REPORT_HELPER_CLASS']) ? $arParams['REPORT_HELPER_CLASS'] : '';
if ($isPost && isset($_POST['HELPER_CLASS'])) {
$helperClassName = $arResult['HELPER_CLASS'] = $_POST['HELPER_CLASS'];
}
$ownerId = $arResult['OWNER_ID'] = call_user_func(array($helperClassName, 'getOwnerId'));
// auto create fresh default reports only if some reports alredy exist
$userReportVersion = CUserOptions::GetOption('report', '~U_' . $ownerId, call_user_func(array($helperClassName, 'getFirstVersion')));
$sysReportVersion = call_user_func(array($helperClassName, 'getCurrentVersion'));
if ($sysReportVersion !== $userReportVersion && CheckVersion($sysReportVersion, $userReportVersion)) {
CUserOptions::SetOption('report', '~U_' . $ownerId, $sysReportVersion);
if (CReport::GetCountInt($ownerId) > 0) {
$dReports = call_user_func(array($helperClassName, 'getDefaultReports'));
foreach ($dReports as $moduleVer => $vReports) {
if ($moduleVer !== $userReportVersion && CheckVersion($moduleVer, $userReportVersion)) {
// add fresh vReports
<?php
if (!check_bitrix_sessid()) {
return;
}
IncludeModuleLangFile($_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/form/install/install.php");
if (is_array($errors) && count($errors) > 0) {
foreach ($errors as $val) {
$alErrors .= $val . "<br>";
}
echo CAdminMessage::ShowMessage(array("TYPE" => "ERROR", "MESSAGE" => GetMessage("MOD_INST_ERR"), "DETAILS" => $alErrors, "HTML" => true));
} else {
echo CAdminMessage::ShowNote(GetMessage("MOD_INST_OK"));
}
/*
if (strlen($public_dir)>0) :
?>
<p><?=GetMessage("MOD_DEMO_DIR")?></p>
<table border="0" cellspacing="0" cellpadding="3">
<tr>
<td align="center"><p><b><?=GetMessage("MOD_DEMO_SITE")?></b></p></td>
<td align="center"><p><b><?=GetMessage("MOD_DEMO_LINK")?></b></p></td>
</tr>
<?
$sites = CSite::GetList($by, $order, Array("ACTIVE"=>"Y"));
while($site = $sites->Fetch())
{
?>
<tr>
<td width="0%"><p>[<?=$site["ID"]?>] <?=$site["NAME"]?></p></td>
<td width="0%"><p><a href="<?if(strlen($site["SERVER_NAME"])>0) echo "http://".$site["SERVER_NAME"];?><?=$site["DIR"].$public_dir?>/result_list.php?WEB_FORM_NAME=ANKETA"><?=$site["DIR"].$public_dir?>/result_list.php?WEB_FORM_NAME=ANKETA</a></p></td>
<?php
require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_admin_before.php";
require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/support/include.php";
require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/support/prolog.php";
IncludeModuleLangFile(__FILE__);
if (!check_bitrix_sessid("b_sessid")) {
die;
}
if (isset($_REQUEST["action"]) && $_REQUEST["action"] === 'reindex' && isset($_REQUEST["data"]) && is_array($_REQUEST["data"])) {
$interval = intval($_REQUEST["data"]["interval"]);
$firstID = $_REQUEST["data"]["firstID"];
$lastID = CSupportSearch::reindexAllTickets($firstID, $interval ?: 10);
// build progress bar
$maxID = CTicket::getMaxId();
$progressBar = new CAdminMessage(array("DETAILS" => str_replace(array('#LAST_ID#', '#MAX_ID#'), array($lastID, $maxID), GetMessage('SUP_SEARCH_NDX_PROGRESS_BAR')), "HTML" => true, "TYPE" => "PROGRESS", "PROGRESS_TOTAL" => $maxID, "PROGRESS_VALUE" => $lastID));
$progressBarHtml = $progressBar->Show();
echo CUtil::PhpToJSObject(array('LAST_ID' => $lastID, 'BAR' => $progressBarHtml));
} elseif ($_REQUEST['MY_AJAX'] == 'restartAgentsAJAX') {
CTicketReminder::StartAgent();
echo json_encode(array("ALL_OK" => "OK"));
} else {
echo '{};';
}
function getData(&$arResult)
{
global $APPLICATION, $USER;
//$arResult = $this->__prepareDataForTpl();
$arResult["WEB_FORM_ID"] = $this->WEB_FORM_ID;
$arResult["WEB_FORM_NAME"] = $this->WEB_FORM_NAME;
if ($this->RESULT_ID > 0) {
$arResult["RESULT_ID"] = $this->RESULT_ID;
}
$arResult["F_RIGHT"] = $this->F_RIGHT;
if (strlen($_REQUEST["web_form_submit"]) > 0 || strlen($_REQUEST["web_form_apply"]) > 0) {
$this->arrVALUES = $_REQUEST;
if ($this->RESULT_ID) {
$this->__form_validate_errors = CForm::Check($this->WEB_FORM_ID, $this->arrVALUES, $this->RESULT_ID);
} else {
$this->__form_validate_errors = CForm::Check($this->WEB_FORM_ID, $this->arrVALUES);
}
if (!$this->isFormErrors()) {
if (check_bitrix_sessid()) {
$return = false;
if ($this->RESULT_ID) {
CFormResult::Update($this->RESULT_ID, $this->arrVALUES, $this->arParams["EDIT_ADDITIONAL"]);
$this->strFormNote = GetMessage("FORM_DATA_SAVED");
if (strlen($_REQUEST["web_form_submit"]) > 0 && !(defined("ADMIN_SECTION") && ADMIN_SECTION === true)) {
if ($this->arParams["SEF_MODE"] == "Y") {
LocalRedirect($this->arParams["LIST_URL"] . "?strFormNote=" . urlencode($this->strFormNote));
} else {
LocalRedirect($this->arParams["LIST_URL"] . (strpos($this->arParams["LIST_URL"], "?") === false ? "?" : "&") . "WEB_FORM_ID=" . $this->WEB_FORM_ID . "&strFormNote=" . urlencode($this->strFormNote));
}
die;
}
if (strlen($_REQUEST["web_form_apply"]) > 0 && !(defined("ADMIN_SECTION") && ADMIN_SECTION === true) && $this->arParams["SEF_MODE"] == "Y") {
// !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
LocalRedirect($this->arParams["EDIT_URL"] . (strpos($this->arParams["EDIT_URL"], "?") === false ? "?" : "&") . "strFormNote=" . urlencode($this->strFormNote));
die;
}
if (defined("ADMIN_SECTION") && ADMIN_SECTION === true) {
if (strlen($_REQUEST["web_form_submit"]) > 0) {
LocalRedirect(BX_ROOT . "/admin/form_result_list.php?lang=" . LANG . "&WEB_FORM_ID=" . $this->WEB_FORM_ID . "&strFormNote=" . urlencode($this->strFormNote));
} elseif (strlen($_REQUEST["web_form_apply"]) > 0) {
LocalRedirect(BX_ROOT . "/admin/form_result_edit.php?lang=" . LANG . "&WEB_FORM_ID=" . $this->WEB_FORM_ID . "&RESULT_ID=" . $this->RESULT_ID . "&strFormNote=" . urlencode($this->strFormNote));
}
die;
}
} else {
if ($this->RESULT_ID = CFormResult::Add($this->WEB_FORM_ID, $this->arrVALUES)) {
$this->strFormNote = GetMessage("FORM_DATA_SAVED1") . $this->RESULT_ID . GetMessage("FORM_DATA_SAVED2");
CFormResult::SetEvent($this->RESULT_ID);
CFormResult::Mail($this->RESULT_ID);
if ($this->F_RIGHT >= 15) {
if (strlen($_REQUEST["web_form_submit"]) > 0 && strlen($this->arParams["LIST_URL"]) > 0) {
if ($this->arParams["SEF_MODE"] == "Y") {
LocalRedirect($this->arParams["LIST_URL"] . "?strFormNote=" . urlencode($this->strFormNote));
} else {
LocalRedirect($this->arParams["LIST_URL"] . (strpos($this->arParams["LIST_URL"], "?") === false ? "?" : "&") . "WEB_FORM_ID=" . $this->WEB_FORM_ID . "&RESULT_ID=" . $this->RESULT_ID . "&strFormNote=" . urlencode($this->strFormNote));
}
die;
} elseif (strlen($_REQUEST["web_form_apply"]) > 0 && strlen($this->arParams["EDIT_URL"]) > 0) {
if ($this->arParams["SEF_MODE"] == "Y") {
LocalRedirect(str_replace("#RESULT_ID#", $this->RESULT_ID . $this->arParams["EDIT_URL"]) . "?strFormNote=" . urlencode($this->strFormNote));
} else {
LocalRedirect($this->arParams["EDIT_URL"] . (strpos($this->arParams["EDIT_URL"], "?") === false ? "?" : "&") . "RESULT_ID=" . $this->RESULT_ID . "&strFormNote=" . urlencode($this->strFormNote));
}
die;
}
$arResult["return"] = true;
} else {
LocalRedirect($APPLICATION->GetCurPage() . "?WEB_FORM_ID=" . $this->WEB_FORM_ID . "&strFormNote=" . urlencode($this->strFormNote));
die;
}
} else {
$this->__form_validate_errors = $GLOBALS["strError"];
}
}
}
}
}
return $arResult;
}
",
'url' : "<?php
echo POST_FORM_ACTION_URI;
?>
",
'voteId' : <?php
echo $arParams["VOTE_ID"];
?>
,
'startCheck' : <?php
echo $lastVote;
?>
});
}
);
}
}
window.__vote<?php
echo $uid;
?>
();
</script>
<?php
if ($_REQUEST["VOTE_ID"] == $arParams["VOTE_ID"] && $_REQUEST["AJAX_POST"] == "Y" && check_bitrix_sessid()) {
$res = ob_get_clean();
$APPLICATION->RestartBuffer();
echo $res;
die;
}
?>
</div>
require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_admin_before.php";
if (!\Bitrix\Main\Loader::includeModule("sender")) {
ShowError(\Bitrix\Main\Localization\Loc::getMessage("MAIN_MODULE_NOT_INSTALLED"));
}
IncludeModuleLangFile(__FILE__);
$POST_RIGHT = $APPLICATION->GetGroupRight("sender");
if ($POST_RIGHT == "D") {
$APPLICATION->AuthForm(GetMessage("ACCESS_DENIED"));
}
$aTabs = array(array("DIV" => "edit1", "TAB" => GetMessage("sender_mailing_edit_tab_main"), "ICON" => "main_user_edit", "TITLE" => GetMessage("sender_mailing_edit_tab_main_title")), array("DIV" => "edit2", "TAB" => GetMessage("sender_mailing_edit_tab_grp"), "ICON" => "main_user_edit", "TITLE" => GetMessage("sender_mailing_edit_tab_grp_title")));
$tabControl = new CAdminTabControl("tabControl", $aTabs);
$ID = intval($ID);
// Id of the edited record
$message = null;
$bVarsFromForm = false;
if ($REQUEST_METHOD == "POST" && ($save != "" || $apply != "") && $POST_RIGHT == "W" && check_bitrix_sessid()) {
$arError = array();
$NAME = trim($NAME);
$arFields = array("ACTIVE" => $ACTIVE != "Y" ? "N" : "Y", "TRACK_CLICK" => $TRACK_CLICK != "Y" ? "N" : "Y", "SORT" => $SORT, "IS_PUBLIC" => $IS_PUBLIC != "Y" ? "N" : "Y", "NAME" => $NAME, "DESCRIPTION" => $DESCRIPTION, "SITE_ID" => $SITE_ID);
if ($ID > 0) {
$mailingUpdateDb = \Bitrix\Sender\MailingTable::update($ID, $arFields);
$res = $mailingUpdateDb->isSuccess();
if (!$res) {
$arError = $mailingUpdateDb->getErrorMessages();
}
} else {
$mailingAddDb = \Bitrix\Sender\MailingTable::add($arFields);
if ($mailingAddDb->isSuccess()) {
$ID = $mailingAddDb->getId();
$res = $ID > 0;
} else {
/**
* Main filtering loop also sets up global vars GET POST COOKIE and some $_SERVER keys
*/
public function process()
{
global $HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS, $HTTP_REQUEST_VARS;
if($this->currentUserHaveRightsForSkip())
{
if(
$_SERVER["REQUEST_METHOD"] === "POST"
&& check_bitrix_sessid()
&& empty($_POST['____SECFILTER_CONVERT_JS'])
)
{
return;
}
}
//Do not touch those variables who did not come from REQUEST
self::cleanGlobals();
$originalPostVars = $_POST;
$_GET = $this->safeizeArray($_GET, "\$_GET");
$_POST = $this->safeizeArray($_POST, "\$_POST", "/^File\d+_\d+$/");
$_COOKIE = $this->safeizeArray($_COOKIE, "\$_COOKIE");
$_SERVER = $this->safeizeServerArray($_SERVER);
$HTTP_GET_VARS = $_GET;
$HTTP_POST_VARS = $_POST;
$HTTP_COOKIE_VARS = $_COOKIE;
$HTTP_REQUEST_VARS = $_REQUEST;
self::reconstructRequest();
self::restoreGlobals();
$this->doPostProccessActions($originalPostVars);
}