Beispiel #1
0
	public function Authorize()
	{	
	//	var_dump( $skip_check_user_data);
		$GLOBALS["APPLICATION"]->RestartBuffer();
		
		if(isset($_REQUEST["vk_session"]["user"]["id"]))
		{	
			global $skip_check_user_data;
			if(self::CheckUserData($_REQUEST["vk_session"]["sig"]) || $skip_check_user_data)
			{
				CUtil::decodeURIComponent($_REQUEST);

				$u_id = $_REQUEST["vk_session"]["user"]["id"];
				$arFields = array(
					'EXTERNAL_AUTH_ID' => self::ID,
					'WORK_NOTES' => self::ID, //это для того, чтоб можно было избавится от EXTERNAL_AUTH_ID и разрешить авторизовываться несколькими способами одновременно
					'XML_ID' => $u_id,
					'LOGIN' => "id".$u_id,
					'NAME'=> $_REQUEST["vk_session"]["user"]["first_name"],
					'LAST_NAME'=> $_REQUEST["vk_session"]["user"]["last_name"],
				);
				
				if($this->AuthorizeUser($arFields)){
					if($skip_check_user_data){
						return true;		
					}
					die("OK");
				}	
			}
		}
		die("FAILURE");
	}
Beispiel #2
0
	public function Authorize()
	{
		$GLOBALS["APPLICATION"]->RestartBuffer();
		
		if(isset($_REQUEST["mailru_sess"]["sig"]) && isset($_REQUEST["mailru_user"]["uid"]))
		{
			if(self::CheckUserData($_REQUEST["mailru_sess"]["sig"]))
			{
				CUtil::decodeURIComponent($_REQUEST);
				$arFields = array(
					'EXTERNAL_AUTH_ID' => self::ID,
					'XML_ID' => $_REQUEST["mailru_user"]["uid"],
					'LOGIN' => $_REQUEST["mailru_user"]["email"],
					'EMAIL' => $_REQUEST["mailru_user"]["email"],
					'NAME'=> $_REQUEST["mailru_user"]["first_name"],
					'LAST_NAME'=> $_REQUEST["mailru_user"]["last_name"],
				);

				if($this->AuthorizeUser($arFields))
					die("OK");
			}
		}
		die("FAILURE");
	}
Beispiel #3
0
    if ($res) {
        if ($apply != "") {
            $_SESSION["SESS_ADMIN"]["FAVORITES_EDIT_MESSAGE"] = array("MESSAGE" => GetMessage("fav_edit_success"), "TYPE" => "OK");
            LocalRedirect("favorite_edit.php?ID=" . $ID . "&lang=" . LANG);
        } else {
            LocalRedirect($_REQUEST["addurl"] != "" ? $_REQUEST["addurl"] : "favorite_list.php?lang=" . LANG);
        }
    } else {
        if ($e = $APPLICATION->GetException()) {
            $message = new CAdminMessage(GetMessage("fav_edit_error"), $e);
        }
        $bVarsFromForm = true;
    }
}
if ($_REQUEST["encoded"] == "Y") {
    CUtil::decodeURIComponent($_REQUEST["name"]);
}
$str_NAME = htmlspecialcharsbx($_REQUEST["name"]);
$str_URL = htmlspecialcharsbx($_REQUEST["addurl"]);
$str_C_SORT = 100;
$str_COMMON = 'N';
$str_USER_ID = $USER->GetID();
$str_LANGUAGE_ID = LANGUAGE_ID;
if ($ID > 0) {
    $fav = CFavorites::GetByID($ID);
    if (!($fav_arr = $fav->ExtractFields("str_"))) {
        $ID = 0;
    }
}
if ($bVarsFromForm) {
    $DB->InitTableVarsForEdit("b_favorite", "", "str_");
Beispiel #4
0
 private function checkActions()
 {
     if ($this->request["ENTITY_XML_ID"] !== $this->feed->getEntity()->getXmlId()) {
         return null;
     }
     $post = array_merge($this->request->getQueryList()->toArray(), $this->request->getPostList()->toArray());
     $action = strtolower($post["comment_review"] == "Y" ? strtolower($post['REVIEW_ACTION']) == "edit" ? "edit" : "add" : $post['REVIEW_ACTION']);
     if (!in_array($action, array("add", 'del', 'hide', 'show', 'edit'))) {
         return null;
     }
     $actionErrors = new ErrorCollection();
     $arPost = array();
     if (!check_bitrix_sessid()) {
         $actionErrors->addOne(new Error(Loc::getMessage("F_ERR_SESSION_TIME_IS_UP"), self::ERROR_ACTION));
     } else {
         if (!$this->checkCaptcha($actionErrors)) {
             $actionErrors->addOne(new Error(Loc::getMessage("POSTM_CAPTCHA"), self::ERROR_ACTION));
         } else {
             if ($post["AJAX_POST"] == "Y") {
                 CUtil::decodeURIComponent($post);
             }
             if ($action == "add" || $action == "edit") {
                 $arPost = array("POST_MESSAGE" => $post["REVIEW_TEXT"], "AUTHOR_NAME" => $this->getUser()->isAuthorized() ? $this->getUserName() : (empty($post["REVIEW_AUTHOR"]) ? $GLOBALS["FORUM_STATUS_NAME"]["guest"] : $post["REVIEW_AUTHOR"]), "AUTHOR_EMAIL" => $post["REVIEW_EMAIL"], "USE_SMILES" => $post["REVIEW_USE_SMILES"]);
                 foreach (GetModuleEvents('forum', 'OnCommentAdd', true) as $arEvent) {
                     if (ExecuteModuleEventEx($arEvent, array($this->feed->getEntity()->getType(), $this->feed->getEntity()->getId(), &$arPost)) === false) {
                         $actionErrors->addOne(new Error(isset($arPost['ERROR']) ? $arPost['ERROR'] : Loc::getMessage("F_ERR_DURING_ACTIONS") . print_r($arEvent, true), self::ERROR_ACTION));
                     }
                 }
             }
         }
     }
     if (!$actionErrors->hasErrors()) {
         if ($action == "add" || $action == "edit") {
             $message = $action == "add" ? $this->feed->add($arPost) : $this->feed->edit($this->request["MID"], $arPost);
             if ($message && $this->request["TOPIC_SUBSCRIBE"] == "Y") {
                 ForumSubscribeNewMessagesEx($this->arParams["FORUM_ID"], $message["TOPIC_ID"], "N", $strErrorMessage, $strOKMessage);
                 BXClearCache(true, "/bitrix/forum/user/" . $this->getUser()->getId() . "/subscribe/");
             }
         } elseif ($action == "show" || $action == "hide") {
             $message = $this->feed->moderate($this->request["MID"], $action == "show");
         } else {
             $message = $this->feed->delete($this->request["MID"]);
         }
         if ($this->feed->hasErrors()) {
             $actionErrors->add($this->feed->getErrors());
         } else {
             if ($this->request["NOREDIRECT"] != "Y" && !$this->isAjaxRequest()) {
                 $strURL = $this->request["back_page"] ?: $this->getApplication()->GetCurPageParam("", array("MID", "SEF_APPLICATION_CUR_PAGE_URL", BX_AJAX_PARAM_ID, "result", "sessid", "bxajaxid"));
                 $strURL = ForumAddPageParams($strURL, array("MID" => $message["ID"], "result" => $message["APPROVED"] == "Y" ? "reply" : "not_approved"));
                 LocalRedirect($strURL);
             } else {
                 $this->arResult['RESULT'] = $message["ID"];
                 if ($action == "add") {
                     $this->arResult['OK_MESSAGE'] = $message["APPROVED"] == "Y" ? GetMessage("COMM_COMMENT_OK") : GetMessage("COMM_COMMENT_OK_AND_NOT_APPROVED");
                 } else {
                     if ($action == "edit") {
                         $this->arResult['OK_MESSAGE'] = Loc::getMessage("COMM_COMMENT_UPDATED");
                     } else {
                         if ($action == "show") {
                             $this->arResult['OK_MESSAGE'] = Loc::getMessage("COMM_COMMENT_SHOWN");
                         } else {
                             if ($action == "hide") {
                                 $this->arResult['OK_MESSAGE'] = Loc::getMessage("COMM_COMMENT_HIDDEN");
                             } else {
                                 $this->arResult['OK_MESSAGE'] = Loc::getMessage("COMM_COMMENT_DELETED");
                             }
                         }
                     }
                 }
             }
         }
     }
     if ($actionErrors->hasErrors()) {
         /** @var $error Error */
         $this->arResult["RESULT"] = false;
         $this->arResult["OK_MESSAGE"] = '';
         foreach ($actionErrors->toArray() as $error) {
             $this->arResult['ERROR_MESSAGE'] .= $error->getMessage();
         }
         return false;
     }
     return true;
 }
Beispiel #5
0
	public function UnEscape($aFilter)
	{
		if(defined("FX_UTF"))
			return;
		if(!is_array($aFilter))
			return;
		foreach($aFilter as $flt)
			if(is_string($GLOBALS[$flt]) && CUtil::DetectUTF8($GLOBALS[$flt]))
				CUtil::decodeURIComponent($GLOBALS[$flt]);
	}
Beispiel #6
0
<?php

define("STOP_STATISTICS", true);
require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_before.php";
require_once "functions.php";
CModule::IncludeModule('socialnetwork');
if (!$USER->IsAuthorized()) {
    die;
}
$SITE_ID = isset($_GET["SITE_ID"]) ? $_GET["SITE_ID"] : SITE_ID;
if ($_REQUEST["mode"] == "search") {
    CUtil::decodeURIComponent($_GET);
    $APPLICATION->RestartBuffer();
    CSocNetTools::InitGlobalExtranetArrays($SITE_ID);
    $arFilter = array("SITE_ID" => $SITE_ID, "%NAME" => $_GET["query"]);
    if (!CSocNetUser::IsCurrentUserModuleAdmin($SITE_ID)) {
        $arFilter["CHECK_PERMISSIONS"] = $USER->GetID();
    }
    $rsGroups = CSocNetGroup::GetList(array("NAME" => "ASC"), $arFilter);
    $arGroups = array();
    while ($arGroup = $rsGroups->Fetch()) {
        if (isset($GLOBALS["arExtranetGroupID"]) && is_array($GLOBALS["arExtranetGroupID"]) && in_array($arGroup["ID"], $GLOBALS["arExtranetGroupID"])) {
            $arGroup["IS_EXTRANET"] = "Y";
        }
        $arGroups[] = group2JSItem($arGroup);
    }
    if (isset($_REQUEST["features_perms"]) && sizeof($_REQUEST["features_perms"]) == 2) {
        filterByFeaturePerms($arGroups, $_REQUEST["features_perms"]);
    }
    Header('Content-Type: application/x-javascript; charset=' . LANG_CHARSET);
    echo CUtil::PhpToJsObject($arGroups);
Beispiel #7
0
<?php

##############################################
# Bitrix Site Manager                        #
# Copyright (c) 2002-2007 Bitrix             #
# http://www.bitrixsoft.com                  #
# mailto:admin@bitrixsoft.com                #
##############################################
// define("NO_KEEP_STATISTIC", true);
// define("NO_AGENT_STATISTIC", true);
// define("NOT_CHECK_PERMISSIONS", true);
require $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_admin_before.php";
if ($USER->IsAuthorized() && check_bitrix_sessid()) {
    if ($_GET["action"] == "delete" && $_GET["c"] != "" && $_GET["n"] != "") {
        CUserOptions::DeleteOption($_GET["c"], $_GET["n"], $_GET["common"] == "Y" && $GLOBALS["USER"]->CanDoOperation('edit_other_settings'));
    }
    if (is_array($_REQUEST["p"])) {
        $arOptions = $_REQUEST["p"];
        CUtil::decodeURIComponent($arOptions);
        CUserOptions::SetOptionsFromArray($arOptions);
    }
}
echo "OK";
require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/epilog_admin_after.php";
Beispiel #8
0
 }
 if (isset($_GET['lead_id'])) {
     $arFields['LEAD_ID'] = intval($_GET['lead_id']);
     if ($arFields['LEAD_ID'] > 0) {
         $bCreateFromLead = true;
     }
 }
 if (isset($_GET['deal_id'])) {
     $arFields['DEAL_ID'] = intval($_GET['deal_id']);
     if ($arFields['DEAL_ID'] > 0) {
         $bCreateFromDeal = true;
     }
 }
 if (isset($_GET['title'])) {
     $arFields['~TITLE'] = $_GET['title'];
     CUtil::decodeURIComponent($arFields['~TITLE']);
     $arFields['TITLE'] = htmlspecialcharsbx($arFields['~TITLE']);
 }
 $bCreateFrom = $bCreateFromLead || $bCreateFromDeal || $bCreateFromCompany || $bCreateFromContact;
 $leadId = isset($arFields['LEAD_ID']) ? intval($arFields['LEAD_ID']) : 0;
 $dealId = isset($arFields['DEAL_ID']) ? intval($arFields['DEAL_ID']) : 0;
 $contactId = isset($arFields['CONTACT_ID']) ? intval($arFields['CONTACT_ID']) : 0;
 $companyId = isset($arFields['COMPANY_ID']) ? intval($arFields['COMPANY_ID']) : 0;
 // create from contact
 if ($contactId > 0) {
     $dbContact = CCrmContact::GetListEx(array('ID' => 'DESC'), array('ID' => $contactId), false, array('nTopCount' => 1), array('ID', 'LEAD_ID'));
     if ($arContact = $dbContact->Fetch()) {
         if (isset($arContact['LEAD_ID']) && intval($arContact['LEAD_ID']) > 0) {
             $arFields['~LEAD_ID'] = $arFields['LEAD_ID'] = intval($arContact['LEAD_ID']);
         }
     }
Beispiel #9
0
				if ($bCanAddComments)
				{
					// add source object and get source_id, $source_url
					$arParams = array(
						"PATH_TO_SMILE" => $_REQUEST["p_smile"],
						"PATH_TO_USER_BLOG_POST" => $_REQUEST["p_ubp"],
						"PATH_TO_GROUP_BLOG_POST" => $_REQUEST["p_gbp"],
						"PATH_TO_USER_MICROBLOG_POST" => $_REQUEST["p_umbp"],
						"PATH_TO_GROUP_MICROBLOG_POST" => $_REQUEST["p_gmbp"],
						"BLOG_ALLOW_POST_CODE" => $_REQUEST["bapc"]
					);
					$parser = new logTextParser(LANGUAGE_ID, $arParams["PATH_TO_SMILE"]);

					$comment_text = $_REQUEST["message"];
					CUtil::decodeURIComponent($comment_text);
					$comment_text = Trim($comment_text);

					if (strlen($comment_text) > 0)
					{
						$arSearchParams = array();

						if($arCommentEvent["EVENT_ID"] == "forum")
						{
							$arSearchParams["FORUM_ID"] = intval($_REQUEST["f_id"]);
							$arSearchParams["PATH_TO_GROUP_FORUM_MESSAGE"] = (
								$arLog["ENTITY_TYPE"] == SONET_SUBSCRIBE_ENTITY_GROUP 
									? str_replace(
										"#GROUPS_PATH#", 
										COption::GetOptionString("socialnetwork", "workgroups_page", false, $site_id),
										$arLog["URL"]
<?php

define("STOP_STATISTICS", true);
require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_admin_before.php";
require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_admin_js.php";
if (CModule::IncludeModule("search")) {
    CUtil::decodeURIComponent($_REQUEST);
    if (!empty($_REQUEST["search"])) {
        $arResult = array();
        $order = CUserOptions::GetOption("search_tags", "order", "CNT");
        if ($_REQUEST["order_by"] == "NAME") {
            $arOrder = array("NAME" => "ASC");
            if ($order != "NAME") {
                CUserOptions::SetOption("search_tags", "order", "NAME");
            }
        } else {
            $arOrder = array("CNT" => "DESC", "NAME" => "ASC");
            if ($order != "CNT") {
                CUserOptions::SetOption("search_tags", "order", "CNT");
            }
        }
        $db_res = CSearchTags::GetList(array("NAME", "CNT"), array("TAG" => $_REQUEST["search"], "SITE_ID" => $_REQUEST["site_id"]), $arOrder, 10);
        if ($db_res) {
            while ($res = $db_res->Fetch()) {
                $arResult[] = array("NAME" => $res["NAME"], "CNT" => $res["CNT"]);
            }
        }
        echo CUtil::PhpToJSObject($arResult);
    }
}
require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/epilog_admin_js.php";
Beispiel #11
0
	$arPermTypes[$arRes['ID']] = Array(
		'title' => $name,
		'letter' => $arRes['LETTER']
	);
}
$arPermTypes['NOT_REF'] = Array(
	'title' => GetMessage("FILEMAN_FOLDER_ACCESS_INHERIT"),
	'letter' => 'N'
);

$strWarning = "";
$arFiles = Array();
if (count($files) > 0)
{
	CUtil::decodeURIComponent($files);
	for($i=0; $i<count($files); $i++)
	{
		if(!$USER->CanDoFileOperation('fm_edit_permission',Array($site, $path."/".$files[$i])))
			$strWarning .= GetMessage("FILEMAN_ACCESS_TO_DENIED")." \"".$files[$i]."\".\n";
		elseif($files[$i] != '.')
			$arFiles[] = $files[$i];
	}
}
else
{
	$arPDirs = array();
	$arPFiles = array();
	CFileMan::GetDirList(Array($site, $path), $arPDirs, $arPFiles, array("MIN_PERMISSION" => "X"), array(), "DF");

	foreach ($arPDirs as $dir)
Beispiel #12
0
}
if (!CModule::IncludeModule("forum")) {
    return false;
} elseif (!($_REQUEST["comment_review"] == "Y" || in_array($_REQUEST['REVIEW_ACTION'], array('DEL', 'HIDE', 'SHOW', 'EDIT')))) {
    return false;
} elseif ($_REQUEST['REVIEW_ACTION'] == "EDIT" && $_REQUEST["MID"] > 0 && (!$arResult["TOPIC"] || $arResult["USER"]["RIGHTS"]["MODERATE"] !== "Y" && $arParams["ALLOW_EDIT_OWN_MESSAGE"] == "N")) {
    return false;
}
$this->IncludeComponentLang("action.php");
// Check gross errors message data
$APPLICATION->RestartBuffer();
/** @var $request \Bitrix\Main\HttpRequest */
$request = \Bitrix\Main\Context::getCurrent()->getRequest();
$post = array_merge($request->getQueryList()->toArray(), $request->getPostList()->toArray());
if ($post["AJAX_POST"] == "Y") {
    CUtil::decodeURIComponent($post);
}
if (!check_bitrix_sessid()) {
    $arError[] = array("code" => "session time is up", "title" => GetMessage("F_ERR_SESSION_TIME_IS_UP"));
} elseif ($arResult["USER"]['PERMISSION'] <= "E") {
    $arError[] = array("code" => "access denied", "title" => GetMessage("F_ERR_NOT_RIGHT_FOR_ADD"));
} elseif ($post['REVIEW_ACTION'] == "EDIT" || $post['REVIEW_ACTION'] == "DEL") {
    $arResult["MESSAGE"] = CForumMessage::GetById($post["MID"]);
    if ($arResult["MESSAGE"]["TOPIC_ID"] != $arResult["TOPIC"]["ID"] || $arResult["USER"]["RIGHTS"]["EDIT"] !== "Y" && ($arResult["MESSAGE"]["AUTHOR_ID"] <= 0 || $arResult["MESSAGE"]["AUTHOR_ID"] != $GLOBALS["USER"]->GetID() || $arParams["ALLOW_EDIT_OWN_MESSAGE"] == "LAST" && $arResult["MESSAGE"]["ID"] != $arResult["TOPIC"]["ABS_LAST_MESSAGE_ID"])) {
        $arError[] = array("code" => "access denied", "title" => GetMessage("F_ERR_NOT_RIGHT_FOR_EDIT"));
    }
}
if (!empty($arError)) {
} elseif ((empty($_REQUEST["preview_comment"]) || $_REQUEST["preview_comment"] == "N") && $_REQUEST["comment_review"] == "Y") {
    $arProperties = array();
    $needProperty = array();
Beispiel #13
0
 public function executeComponent()
 {
     if (!CModule::IncludeModule('webdav')) {
         return false;
     }
     $isVisual = isset($this->arParams['VISUAL']) ? (bool) $this->arParams['VISUAL'] : true;
     $pathToAjax = isset($this->arParams['AJAX_PATH']) ? $this->arParams['AJAX_PATH'] : '/bitrix/components/bitrix/webdav.disk/ajax.php';
     try {
         if ($isVisual) {
             $diskEnabled = \Bitrix\Main\Config\Option::get('disk', 'successfully_converted', false) && CModule::includeModule('disk');
             $quota = CDiskQuota::GetDiskQuota();
             $this->arResult['showDiskQuota'] = false;
             //$quota !== true; //now without quota
             $this->arResult['diskSpace'] = (double) COption::GetOptionInt('main', 'disk_space') * 1024 * 1024;
             $this->arResult['quota'] = $quota;
             $this->arResult['ajaxIndex'] = $pathToAjax;
             $this->arResult['ajaxStorageIndex'] = '/desktop_app/storage.php';
             if ($diskEnabled) {
                 $this->arResult['isInstalledDisk'] = \Bitrix\Disk\Desktop::isDesktopDiskInstall();
                 $this->arResult['personalLibIndex'] = '/company/personal/user/' . $this->getUser()->getId() . '/disk/path/';
             } else {
                 $this->arResult['isInstalledDisk'] = (bool) CWebDavTools::isDesktopDiskInstall();
                 $this->arResult['personalLibIndex'] = '/company/personal/user/' . $this->getUser()->getId() . '/files/lib/';
             }
             $this->arResult['isInstalledPull'] = (bool) IsModuleInstalled('pull');
             $this->arResult['currentUser'] = array('id' => $this->getUser()->getId(), 'formattedName' => $this->getUser()->getFormattedName());
             $this->getApplication()->addHeadScript('/bitrix/components/bitrix/webdav.disk/disk.js');
             $this->includeComponentTemplate();
             return;
         }
         CTimeZone::Disable();
         //decode from utf-8 to site LANG_CHARSET
         CUtil::decodeURIComponent($_POST);
         $this->checkUser()->runAction();
         CTimeZone::Enable();
     } catch (CWebDavBadStorageAfterMigrateException $e) {
         CTimeZone::Enable();
         $this->sendJsonResponse(array('status' => CWebDavDiskDispatcher::STATUS_ERROR, 'message' => 'Could not get Disk\\Storage. Perhaps, it is old client, which does not reconnect. '), 500);
     } catch (CWebDavSymlinkMoveFakeErrorException $e) {
         CTimeZone::Enable();
         $this->sendJsonResponse(array('status' => CWebDavDiskDispatcher::STATUS_ERROR, 'message' => 'This is not really error. Move symlink folders.'));
     } catch (CWebDavAccessDeniedException $e) {
         CTimeZone::Enable();
         $this->sendJsonResponse(array('status' => CWebDavDiskDispatcher::STATUS_ACCESS_DENIED, 'message' => $e->getMessage()));
     } catch (Exception $e) {
         CTimeZone::Enable();
         $response = array('status' => 'error', 'message' => $e->getMessage());
         if ($this->dispatcher) {
             $errors = $this->dispatcher->getErrors();
             if ($errors) {
                 $response['detail'] = $errors;
             }
         }
         $this->sendJsonResponse($response);
     }
     return;
 }
Beispiel #14
0
if (!($USER->CanDoOperation('fileman_admin_files') || $USER->CanDoOperation('fileman_edit_existent_files') || $USER->CanDoOperation('fileman_view_file_structure')))
	$APPLICATION->AuthForm(GetMessage("ACCESS_DENIED"));

require_once($_SERVER["DOCUMENT_ROOT"]."/freetrix/modules/fileman/include.php");
IncludeModuleLangFile(__FILE__);
$addUrl = 'lang='.LANGUAGE_ID.($logical == "Y"?'&logical=Y':'');

$strWarning = "";

$site = CFileMan::__CheckSite($site);
$DOC_ROOT = CSite::GetSiteDocRoot($site);

$io = CBXVirtualIo::GetInstance();

if (CUtil::DetectUTF8($path))
	CUtil::decodeURIComponent($path);

$path = $io->CombinePath("/", $path);
$arParsedPath = CFileMan::ParsePath(Array($site, $path), false, false, "", $logical == "Y");
$abs_path = $DOC_ROOT.$path;
$arPath = Array($site, $path);

$APPLICATION->SetTitle(GetMessage("FILEMAN_FILEVIEW_TITLE")." \"".$arParsedPath["LAST"]."\"");

foreach ($arParsedPath["AR_PATH"] as $chainLevel)
{
	$adminChain->AddItem(
		array(
			"TEXT" => htmlspecialcharsex($chainLevel["TITLE"]),
			"LINK" => ((strlen($chainLevel["LINK"]) > 0) ? $chainLevel["LINK"] : ""),
		)
Beispiel #15
0
             $aUserId[] = intval($id);
         }
     }
 } elseif (intval($_REQUEST["user_id"]) > 0) {
     $aUserId[] = IntVal($_REQUEST["user_id"]);
 }
 $aUserId = array_unique($aUserId);
 $mptr = Trim($_REQUEST["mptr"]);
 if (!$GLOBALS["USER"]->IsAuthorized()) {
     echo "*";
 } else {
     if (!check_bitrix_sessid()) {
         echo GetMessage("SONET_C50_ERR_PERMS") . ".";
     } else {
         $message = $_REQUEST["data"];
         CUtil::decodeURIComponent($message);
         $message = Trim($message);
         if (StrLen($message) <= 0) {
             echo GetMessage("SONET_C50_NO_TEXT") . ".";
         } else {
             if (empty($aUserId)) {
                 echo GetMessage("SONET_C50_NO_USER_ID") . ".";
             } else {
                 foreach ($aUserId as $userID) {
                     if (!CSocNetUserPerms::CanPerformOperation($GLOBALS["USER"]->GetID(), $userID, "message", CSocNetUser::IsCurrentUserModuleAdmin(false))) {
                         echo GetMessage("SONET_C50_CANT_WRITE") . ".";
                     } else {
                         $errorMessage = "";
                         if (!CSocNetMessages::CreateMessage($GLOBALS["USER"]->GetID(), $userID, $message)) {
                             if ($e = $GLOBALS["APPLICATION"]->GetException()) {
                                 $errorMessage .= $e->GetString();
if (!Main\Loader::includeModule('catalog')) {
    die;
}
Main\Loader::includeModule('fileman');
Main\Page\Asset::getInstance()->addJs('/bitrix/js/catalog/tbl_edit.js');
$arJSDescription = array('js' => '/bitrix/js/iblock/sub_generator.js', 'css' => '/bitrix/panel/iblock/sub-generator.css', 'lang' => '/bitrix/modules/iblock/lang/' . LANGUAGE_ID . '/admin/iblock_subelement_generator.php');
CJSCore::RegisterExt('iblock_generator', $arJSDescription);
CJSCore::Init(array('iblock_generator', 'file_input'));
define('IB_SEG_ROW_PREFIX', 'IB_SEG_');
$subIBlockId = intval($_REQUEST["subIBlockId"]);
$subPropValue = intval($_REQUEST["subPropValue"]);
$subTmpId = intval($_REQUEST["subTmpId"]);
$iBlockId = intval($_REQUEST["iBlockId"]);
$findSection = intval($_REQUEST["findSection"]);
$arSKUInfo = CCatalogSKU::GetInfoByOfferIBlock($subIBlockId);
CUtil::decodeURIComponent($_POST['PRODUCT_NAME']);
$parentProductName = trim($_POST['PRODUCT_NAME']);
$useStoreControl = (string) Main\Config\Option::get('catalog', 'default_use_store_control') == 'Y';
if ($arSKUInfo == false) {
    ShowError("SKU error!");
}
$APPLICATION->SetTitle(GetMessage("IB_SEG_MAIN_TITLE"));
/**
 * @param $intRangeID
 * @param $strPrefix
 * @return string
 */
function __AddCellPriceType($intRangeID, $strPrefix)
{
    $dbCatalogGroups = CCatalogGroup::GetList(array("SORT" => "ASC", "NAME" => "ASC", "ID" => "ASC"));
    $priceTypeCellOption = '';
Beispiel #17
0
 public static function SetCookieOptions($cookieName)
 {
     //last user setting
     $varCookie = array();
     parse_str($_COOKIE[$cookieName], $varCookie);
     setcookie($cookieName, false, false, "/");
     if (is_array($varCookie["p"]) && $varCookie["sessid"] == bitrix_sessid()) {
         $arOptions = $varCookie["p"];
         CUtil::decodeURIComponent($arOptions);
         CUserOptions::SetOptionsFromArray($arOptions);
     }
 }
Beispiel #18
0
	function JSPostUnescape()
	{
		CUtil::decodeURIComponent($_POST);
		CUtil::decodeURIComponent($_REQUEST);
	}
Beispiel #19
0
<?php

define('NO_KEEP_STATISTIC', 'Y');
define('NO_AGENT_STATISTIC', 'Y');
require $_SERVER['DOCUMENT_ROOT'] . '/bitrix/modules/main/include/prolog_before.php';
if (!CModule::IncludeModule('crm')) {
    return false;
}
?>
<script>
BX.loadCSS('/bitrix/components/bitrix/crm.event.add/templates/.default/style.css');
</script>
<?php 
//Crutch for BX.ajax.submitAjax (we have urlencoded multipart data)
CUtil::JSPostUnescape();
if (isset($_FILES['ATTACH'])) {
    CUtil::decodeURIComponent($_FILES['ATTACH']);
}
$APPLICATION->IncludeComponent('bitrix:crm.event.add', '', array('ENTITY_TYPE' => $_REQUEST['ENTITY_TYPE'], 'ENTITY_ID' => intval($_REQUEST['ENTITY_ID']), 'FORM_TYPE' => $_REQUEST['FORM_TYPE'], 'FORM_ID' => isset($_REQUEST['FORM_ID']) ? $_REQUEST['FORM_ID'] : '', 'EVENT_TYPE' => isset($_REQUEST['EVENT_TYPE']) ? $_REQUEST['EVENT_TYPE'] : '', 'FREEZE_EVENT_ID' => isset($_REQUEST['FREEZE_EVENT_ID']) ? $_REQUEST['FREEZE_EVENT_ID'] : '', 'AJAX_MODE' => 'Y', 'AJAX_OPTION_JUMP' => 'N', 'AJAX_OPTION_HISTORY' => 'N'), false);
require $_SERVER['DOCUMENT_ROOT'] . '/bitrix/modules/main/include/epilog_after.php';
Beispiel #20
0
	}
	return false;
}

if($_REQUEST["mode"] == "save_recent")
{
	if($_REQUEST["url"] <> "")
	{
		$nLinks = 5;
		if($aUserOpt["start_menu_links"] <> "")
			$nLinks = intval($aUserOpt["start_menu_links"]);

		$aRecent = CUserOptions::GetOption("start_menu", "recent", array());

		CUtil::decodeURIComponent($_REQUEST["text"]);
		CUtil::decodeURIComponent($_REQUEST["title"]);
		$aLink = array("url"=>$_REQUEST["url"], "text"=>$_REQUEST["text"], "title"=>$_REQUEST["title"], "icon"=>$_REQUEST["icon"]);

		if(($pos = array_search($aLink, $aRecent)) !== false)
			unset($aRecent[$pos]);
		array_unshift($aRecent, $aLink);
		$aRecent = array_slice($aRecent, 0, $nLinks);

		CUserOptions::SetOption("start_menu", "recent", $aRecent);
	}
	echo "OK";
}
elseif($_REQUEST["mode"] == "dynamic")
{
	//admin menu - dynamic sections
	$adminMenu->AddOpenedSections($_REQUEST["admin_mnu_menu_id"]);
Beispiel #21
0
    if (isset($_GET['address_country'])) {
        $arFields['~ADDRESS_COUNTRY'] = $_GET['address_country'];
        CUtil::decodeURIComponent($arFields['~ADDRESS_COUNTRY']);
        $arFields['ADDRESS_COUNTRY'] = htmlspecialcharsbx($arFields['~ADDRESS_COUNTRY']);
    }
    if (isset($_GET['email']) || isset($_GET['phone']) || isset($_GET['tel'])) {
        if (isset($_GET['email'])) {
            $email = $_GET['email'];
            CUtil::decodeURIComponent($email);
            trim($email);
        } else {
            $email = '';
        }
        if (isset($_GET['phone']) || isset($_GET['tel'])) {
            $phone = isset($_GET['phone']) ? $_GET['phone'] : $_GET['tel'];
            CUtil::decodeURIComponent($phone);
            trim($phone);
        } else {
            $phone = '';
        }
        $arFields['FM'] = array();
        if ($email !== '') {
            $arFields['FM']['EMAIL'] = array('n0' => array('VALUE' => $email, 'VALUE_TYPE' => 'WORK'));
        }
        if ($phone !== '') {
            $arFields['FM']['PHONE'] = array('n0' => array('VALUE' => $phone, 'VALUE_TYPE' => 'WORK'));
        }
    }
}
$arResult['ELEMENT'] = $arFields;
unset($arFields);
Beispiel #22
0
        $subURL = '';
        if (is_array($arNotSefParams[1]) && !empty($arNotSefParams[1])) {
            foreach ($arNotSefParams[1] as $subURLParam) {
                $subURL .= '&' . htmlspecialcharsbx($arVariableAliases[$subURLParam]) . '=#' . $subURLParam . '#';
            }
        }
        if (strlen($arParams["PATH_TO_" . ToUpper($url)]) <= 0) {
            $arResult["PATH_TO_" . ToUpper($url)] = htmlspecialcharsbx($APPLICATION->GetCurPage()) . "?" . htmlspecialcharsbx($arVariableAliases["page"]) . "=" . $url . $subURL;
        }
    }
    $arResult["PATH_TO_BLOG_CATEGORY"] = htmlspecialcharsbx($APPLICATION->GetCurPage()) . '?tag=#category_id#';
}
$arResult["~PATH_TO_POST_ADD"] = CComponentEngine::MakePathFromTemplate($arResult["PATH_TO_POST_EDIT"], array("post_id" => "new"));
$arResult["~PATH_TO_USER_IDEAS"] = CComponentEngine::MakePathFromTemplate($arResult["PATH_TO_USER_IDEAS"], array("user_id" => $USER->GetID()));
$arResult["~PATH_TO_USER_SUBSCRIBE"] = CComponentEngine::MakePathFromTemplate($arResult["PATH_TO_USER_SUBSCRIBE"], array("user_id" => $USER->GetID()));
$arResult = array_merge(array("SEF_MODE" => $arParams["SEF_MODE"], "SEF_FOLDER" => $arParams["SEF_FOLDER"], "VARIABLES" => $arVariables, "ALIASES" => $arParams["SEF_MODE"] == "Y" ? array() : $arVariableAliases, "SET_TITLE" => $arParams["SET_TITLE"], "PATH_TO_SMILE" => $arParams["PATH_TO_SMILE"], "CACHE_TYPE" => $arParams["CACHE_TYPE"], "CACHE_TIME" => $arParams["CACHE_TIME"], "CACHE_TIME_LONG" => $arParams["CACHE_TIME_LONG"], "SET_NAV_CHAIN" => $arParams["SET_NAV_CHAIN"], "MESSAGE_COUNT" => $arParams["MESSAGE_COUNT"], "BLOG_COUNT" => $arParams["BLOG_COUNT"], "COMMENTS_COUNT" => $arParams["COMMENTS_COUNT"], "BLOG_COUNT_MAIN" => $arParams["BLOG_COUNT_MAIN"], "DATE_TIME_FORMAT" => $arParams["DATE_TIME_FORMAT"], "PERIOD_DAYS" => $arParams["PERIOD_DAYS"], "NAV_TEMPLATE" => $arParams["NAV_TEMPLATE"], "ACTIONS" => array(), "IS_CORPORTAL" => IsModuleInstalled('intranet') ? "Y" : "N", "IS_AJAX" => $_REQUEST["AJAX"] == 'IDEA' ? 'Y' : "N", "LIFE_SEARCH_QUERY" => CUtil::decodeURIComponent($_REQUEST["LIFE_SEARCH_QUERY"]) || true ? $_REQUEST["LIFE_SEARCH_QUERY"] : ""), $arResult);
if ($arParams["DISABLE_SONET_LOG"] == "Y" || !IsModuleInstalled('socialnetwork')) {
    CIdeaManagment::getInstance()->Notification()->GetSonetNotify()->Disable();
}
if ($arParams["DISABLE_EMAIL"] == "Y") {
    CIdeaManagment::getInstance()->Notification()->GetEmailNotify()->Disable();
}
//Permissions
$arResult["IDEA_MODERATOR"] = false;
if (!empty($arParams["POST_BIND_USER"]) && array_intersect($USER->GetUserGroupArray(), $arParams["POST_BIND_USER"]) || $USER->IsAdmin()) {
    $arResult["IDEA_MODERATOR"] = true;
}
//Deprecated
$arResult["PATH_TO_POST_ADD"] = $arResult["~PATH_TO_POST_ADD"];
$arParams["COMMENT_EDITOR_CODE_DEFAULT"] = $arParams[array_key_exists("COMMENT_EDITOR_CODE_DEFAULT", $arParams) ? "COMMENT_EDITOR_CODE_DEFAULT" : "EDITOR_CODE_DEFAULT"];
$arParams["COMMENT_EDITOR_RESIZABLE"] = $arParams[array_key_exists("COMMENT_EDITOR_RESIZABLE", $arParams) ? "COMMENT_EDITOR_RESIZABLE" : "EDITOR_RESIZABLE"];
    $taskId = (int) $_REQUEST['TASK_ID'];
    $task = false;
    if ($taskId > 0) {
        $dbTask = CBPTaskService::GetList(array(), array("ID" => $taskId, "USER_ID" => $user->getId(), 'USER_STATUS' => CBPTaskUserStatus::Waiting), false, false, array("ID", "WORKFLOW_ID", "ACTIVITY", "ACTIVITY_NAME", "MODIFIED", "OVERDUE_DATE", "NAME", "DESCRIPTION", "PARAMETERS"));
        $task = $dbTask->fetch();
    }
    if (!$task) {
        $result['SUCCESS'] = false;
        $result['ERROR'] = 'Task not found.';
    } else {
        $task["PARAMETERS"]["DOCUMENT_ID"] = CBPStateService::GetStateDocumentId($task['WORKFLOW_ID']);
        $task["MODULE_ID"] = $task["PARAMETERS"]["DOCUMENT_ID"][0];
        $task["ENTITY"] = $task["PARAMETERS"]["DOCUMENT_ID"][1];
        $task["DOCUMENT_ID"] = $task["PARAMETERS"]["DOCUMENT_ID"][2];
        $arErrorsTmp = array();
        if (SITE_CHARSET != "utf-8" && !empty($_SERVER['HTTP_BX_AJAX'])) {
            CUtil::decodeURIComponent($_REQUEST);
            CUtil::decodeURIComponent($_FILES);
        }
        $formData = $_REQUEST + $_FILES;
        if (!CBPDocument::PostTaskForm($task, $user->getId(), $formData, $arErrorsTmp)) {
            $arError = array();
            foreach ($arErrorsTmp as $e) {
                $arError[] = array("id" => "bad_task", "text" => $e["message"]);
            }
            $e = new CAdminException($arError);
            $result['ERROR'] = HTMLToTxt($e->GetString());
        }
    }
}
echo CUtil::PhpToJSObject($result);
Beispiel #24
0
if (!CModule::IncludeModule("socialnetwork")) {
    echo CUtil::PhpToJsObject(array('ERROR' => 'MODULE_NOT_INSTALLED'));
    die;
}
if (check_bitrix_sessid()) {
    if (CModule::IncludeModule('extranet') && !CExtranet::IsIntranetUser()) {
        echo CUtil::PhpToJsObject(array('ERROR' => 'EXTRANET_USER'));
    } else {
        if (isset($_POST["nt"])) {
            preg_match_all("/(#NAME#)|(#LAST_NAME#)|(#SECOND_NAME#)|(#NAME_SHORT#)|(#SECOND_NAME_SHORT#)|\\s|\\,/", urldecode($_REQUEST["nt"]), $matches);
            $nameTemplate = implode("", $matches[0]);
        } else {
            $nameTemplate = CSite::GetNameFormat(false);
        }
        if ($_POST['LD_SEARCH'] == 'Y') {
            CUtil::decodeURIComponent($_POST);
            echo CUtil::PhpToJsObject(array('USERS' => CSocNetLogDestination::SearchUsers($_POST['SEARCH'], $nameTemplate, false, IsModuleInstalled("extranet"))));
        } elseif ($_POST['LD_DEPARTMENT_RELATION'] == 'Y' && IsModuleInstalled("intranet")) {
            echo CUtil::PhpToJsObject(array('USERS' => CSocNetLogDestination::GetUsers(array('deportament_id' => $_POST['DEPARTMENT_ID'], "NAME_TEMPLATE" => $nameTemplate), false)));
        } elseif (isset($_POST["bitrix_processes"])) {
            if (CModule::IncludeModule('lists')) {
                IncludeModuleLangFile(__FILE__);
                global $USER;
                $listsPerm = CListPermissions::CheckAccess($USER, COption::GetOptionString("lists", "livefeed_iblock_type_id"), false);
                if ($listsPerm < 0) {
                    switch ($listsPerm) {
                        case CListPermissions::WRONG_IBLOCK_TYPE:
                            echo CUtil::PhpToJsObject(array('success' => false, 'error' => GetMessage("CC_BLL_WRONG_IBLOCK_TYPE")));
                            die;
                        case CListPermissions::WRONG_IBLOCK:
                            echo CUtil::PhpToJsObject(array('success' => false, 'error' => GetMessage("CC_BLL_WRONG_IBLOCK")));
Beispiel #25
0
 public function AcceptFromForm($arParams)
 {
     if (!$this->provider) {
         return self::ERROR_NO_LIBRARY;
     }
     //no crypto library found
     $data = $_REQUEST['__RSA_DATA'];
     unset($_POST['__RSA_DATA']);
     unset($_REQUEST['__RSA_DATA']);
     unset($GLOBALS['__RSA_DATA']);
     if ($data == '') {
         return self::ERROR_EMPTY_DATA;
     }
     //no encrypted data
     if (strlen($data) >= self::MAX_ENCRIPTED_DATA) {
         return self::ERROR_BIG_DATA;
     }
     //too big encrypted data
     $data = $this->provider->Decrypt($data);
     if ($data == '') {
         return self::ERROR_DECODE;
     }
     //decoding error
     $data1 = substr($data, 0, -47);
     $sha1 = substr($data, -40);
     if ($sha1 != sha1($data1)) {
         return self::ERROR_INTEGRITY;
     }
     //integrity check error
     parse_str($data, $accepted_params);
     if ($accepted_params['__RSA_RAND'] == '') {
         return self::ERROR_SESS_VALUE;
     }
     //no session control value
     if ($accepted_params['__RSA_RAND'] != $_SESSION['__STORED_RSA_RAND']) {
         return self::ERROR_SESS_CHECK;
     }
     //session control value does not match
     CUtil::decodeURIComponent($accepted_params);
     foreach ($arParams as $k) {
         if (isset($accepted_params[$k])) {
             if (is_array($accepted_params[$k])) {
                 foreach ($accepted_params[$k] as $key => $val) {
                     $GLOBALS[$k][$key] = $_REQUEST[$k][$key] = $_POST[$k][$key] = $val;
                 }
             } else {
                 $GLOBALS[$k] = $_REQUEST[$k] = $_POST[$k] = $accepted_params[$k];
             }
         }
     }
     return 0;
     //OK
 }
Beispiel #26
0
define("NO_AGENT_STATISTIC", true);
define("NOT_CHECK_PERMISSIONS", true);
define("FX_SEARCH_ADMIN", true);
require($_SERVER["DOCUMENT_ROOT"]."/freetrix/modules/main/include/prolog_admin_before.php");
require($_SERVER["DOCUMENT_ROOT"]."/freetrix/modules/main/include/prolog_admin_js.php");

$start = getmicrotime();

$query = ltrim($_POST["q"]);
if(
	!empty($query)
	&& $_REQUEST["ajax_call"] === "y"
	&& CModule::IncludeModule("search")
):

CUtil::decodeURIComponent($query);

$adminPage->Init();
//$adminMenu->AddOpenedSections("global_menu_content, global_menu_services, global_menu_store, global_menu_statistics, global_menu_settings");
$adminMenu->Init($adminPage->aModules);

$arResult = array("CATEGORIES"=>array(
			"global_menu_content"=>array("ITEMS"=>array(), "TITLE"=>GetMessage('admin_lib_menu_content')),
			"global_menu_services"=>array("ITEMS"=>array(), "TITLE"=>GetMessage('admin_lib_menu_services')),
			"global_menu_store"=>array("ITEMS"=>array(), "TITLE"=>GetMessage('admin_lib_menu_store')),
			"global_menu_statistics"=>array("ITEMS"=>array(), "TITLE"=>GetMessage('admin_lib_menu_stat')),
			"global_menu_settings"=>array("ITEMS"=>array(), "TITLE"=>GetMessage('admin_lib_menu_settings')),
		)
	);

$arStemFunc = stemming_init(LANGUAGE_ID);
if ($result['SUCCESS']) {
    $taskId = (int) $_REQUEST['TASK_ID'];
    $task = false;
    if ($taskId > 0) {
        $dbTask = CBPTaskService::GetList(array(), array("ID" => $taskId, "USER_ID" => $user->getId(), 'USER_STATUS' => CBPTaskUserStatus::Waiting), false, false, array("ID", "WORKFLOW_ID", "ACTIVITY", "ACTIVITY_NAME", "MODIFIED", "OVERDUE_DATE", "NAME", "DESCRIPTION", "PARAMETERS"));
        $task = $dbTask->fetch();
    }
    if (!$task) {
        $result['SUCCESS'] = false;
        $result['ERROR'] = 'Task not found.';
    } else {
        $task["PARAMETERS"]["DOCUMENT_ID"] = CBPStateService::GetStateDocumentId($task['WORKFLOW_ID']);
        $task["MODULE_ID"] = $task["PARAMETERS"]["DOCUMENT_ID"][0];
        $task["ENTITY"] = $task["PARAMETERS"]["DOCUMENT_ID"][1];
        $task["DOCUMENT_ID"] = $task["PARAMETERS"]["DOCUMENT_ID"][2];
        $arErrorsTmp = array();
        $formData = $_REQUEST + $_FILES;
        if (SITE_CHARSET != "utf-8" && !empty($_SERVER['HTTP_BX_AJAX'])) {
            CUtil::decodeURIComponent($formData);
        }
        if (!CBPDocument::PostTaskForm($task, $user->getId(), $formData, $arErrorsTmp)) {
            $arError = array();
            foreach ($arErrorsTmp as $e) {
                $arError[] = array("id" => "bad_task", "text" => $e["message"]);
            }
            $e = new CAdminException($arError);
            $result['ERROR'] = HTMLToTxt($e->GetString());
        }
    }
}
echo CUtil::PhpToJSObject($result);