function InitializeTemplate($arParams, $arResult)
{
$this->WEB_FORM_ID = $arParams["WEB_FORM_ID"];
$this->RESULT_ID = $arParams["RESULT_ID"];
$this->arParams = $arParams;
$this->arForm = $arResult["arForm"];
$this->arQuestions = $arResult["arQuestions"];
$this->arAnswers = $arResult["arAnswers"];
$this->arDropDown = $arResult["arDropDown"];
$this->arMultiSelect = $arResult["arMultiSelect"];
$this->arrVALUES = $arResult["arrVALUES"];
$this->F_RIGHT = $arResult["F_RIGHT"];
if ($this->RESULT_ID) {
if ($this->isAccessFormResult($arResult['arResultData'])) {
$this->arrRESULT_PERMISSION = CFormResult::GetPermissions($this->RESULT_ID, $v);
$this->arResult = $arResult['arResultData'];
}
}
$this->strFormNote = $arResult["FORM_NOTE"];
$this->__form_validate_errors = $arResult["FORM_ERRORS"];
$this->bIsFormValidateErrors = $arResult['isFormErrors'] == 'Y';
$this->bSimple = COption::GetOptionString("form", "SIMPLE", "Y") == "Y" ? true : false;
$this->WEB_FORM_NAME = $arResult["arForm"]["SID"];
if ($this->arForm["USE_CAPTCHA"] == "Y") {
$this->CAPTCHACode = $arResult["CAPTCHACode"];
}
}
/**
* Form initializing and checking. If form's wrong, returns false
* Use ShowErrorMsg() to output error code
*
* @param array $arParams
* @return bool
*/
function Init($arParams, $admin = false)
{
global $APPLICATION, $USER;
$this->bSimple = COption::GetOptionString("form", "SIMPLE", "Y") == "Y" ? true : false;
$this->comp2 = !empty($arParams["COMPONENT"]);
$this->SHOW_INCLUDE_AREAS = $APPLICATION->GetShowIncludeAreas();
if ($admin) {
$FORM_RIGHT = $APPLICATION->GetGroupRight("form");
if ($FORM_RIGHT <= "D") {
$APPLICATION->AuthForm(GetMessage("ACCESS_DENIED"));
}
$this->__admin = true;
}
$this->arParams = $arParams;
$this->RESULT_ID = intval($arParams["RESULT_ID"]);
if (intval($this->RESULT_ID) <= 0) {
$this->RESULT_ID = intval($_REQUEST["RESULT_ID"]);
}
// if there's result ID try to get form ID
if (intval($this->RESULT_ID) > 0) {
$DBRes = CFormResult::GetByID($this->RESULT_ID);
if ($arrResult = $DBRes->Fetch()) {
$this->WEB_FORM_ID = intval($arrResult["FORM_ID"]);
}
}
if (intval($this->WEB_FORM_ID) <= 0) {
$this->WEB_FORM_ID = intval($arParams["WEB_FORM_ID"]);
}
// if there's no WEB_FORM_ID, try to get it from $_REQUEST;
if (intval($this->WEB_FORM_ID) <= 0) {
$this->WEB_FORM_ID = intval($_REQUEST["WEB_FORM_ID"]);
}
// check WEB_FORM_ID and get web form data
$this->WEB_FORM_ID = CForm::GetDataByID($this->WEB_FORM_ID, $this->arForm, $this->arQuestions, $this->arAnswers, $this->arDropDown, $this->arMultiSelect, $this->__admin || $this->arParams["SHOW_ADDITIONAL"] == "Y" || $this->arParams["EDIT_ADDITIONAL"] == "Y" ? "ALL" : "N", $this->__admin ? 'Y' : 'N');
$this->WEB_FORM_NAME = $this->arForm["SID"];
// if wrong WEB_FORM_ID return error;
if ($this->WEB_FORM_ID > 0) {
// insert chain item
if (strlen($this->arParams["CHAIN_ITEM_TEXT"]) > 0) {
$APPLICATION->AddChainItem($this->arParams["CHAIN_ITEM_TEXT"], $this->arParams["CHAIN_ITEM_LINK"]);
}
// check web form rights;
$this->F_RIGHT = intval(CForm::GetPermission($this->WEB_FORM_ID));
// in no form access - return error
if ($this->isAccessForm()) {
if (!empty($_REQUEST["strFormNote"])) {
$this->strFormNote = $_REQUEST["strFormNote"];
}
if (!$this->comp2 || $this->arParams["COMPONENT"]["componentName"] != "bitrix:form.result.list" || $this->isAccessFormResultList()) {
if ($this->RESULT_ID) {
if ($this->isAccessFormResult($arrResult)) {
$this->arrRESULT_PERMISSION = CFormResult::GetPermissions($this->RESULT_ID, $v);
// check result rights
if (!$this->comp2 && !$this->isAccessFormResultEdit() || $this->comp2 && ($this->arParams["COMPONENT"]["componentName"] == "bitrix:form.result.edit" && !$this->isAccessFormResultEdit() || $this->arParams["COMPONENT"]["componentName"] == "bitrix:form.result.view" && !$this->isAccessFormResultView())) {
$this->__error_msg = "FORM_RESULT_ACCESS_DENIED";
} else {
if (!$arrResult) {
$z = CFormResult::GetByID($this->RESULT_ID);
$this->arResult = $z->Fetch();
} else {
$this->arResult = $arrResult;
}
if ($this->arResult) {
if ($this->comp2 && $this->arParams["COMPONENT"]["componentName"] == "bitrix:form.result.view") {
CForm::GetResultAnswerArray($this->WEB_FORM_ID, $this->arrResultColumns, $this->arrVALUES, $this->arrResultAnswersSID, array("RESULT_ID" => $this->RESULT_ID));
$this->arrVALUES = $this->arrVALUES[$this->RESULT_ID];
} else {
$this->arrVALUES = CFormResult::GetDataByIDForHTML($this->RESULT_ID, $this->arParams["EDIT_ADDITIONAL"]);
}
} else {
$this->__error_msg = "FORM_RECORD_NOT_FOUND";
}
}
} else {
$this->__error_msg = "FORM_ACCESS_DENIED";
}
$this->arForm["USE_CAPTCHA"] = "N";
} else {
// if form uses CAPCHA initialize it
if ($this->arForm["USE_CAPTCHA"] == "Y") {
$this->CaptchaInitialize();
}
}
} else {
$this->__error_msg = "FORM_ACCESS_DENIED";
}
} else {
$this->__error_msg = "FORM_ACCESS_DENIED";
}
// endif ($F_RIGHT>=10);
} else {
$this->__error_msg = "FORM_NOT_FOUND";
}
// endif ($WEB_FORM_ID>0);
return empty($this->__error_msg);
}
function Show($RESULT_ID, $TEMPLATE = "", $TEMPLATE_TYPE = "show", $SHOW_ADDITIONAL = "N", $SHOW_ANSWER_VALUE = "Y", $SHOW_STATUS = "N")
{
global $DB, $MESS, $APPLICATION, $USER, $HTTP_POST_VARS, $HTTP_GET_VARS, $arrRESULT_PERMISSION, $arrFIELDS;
$err_mess = CAllFormResult::err_mess() . "<br>Function: Show<br>Line: ";
$z = CFormResult::GetByID($RESULT_ID);
if ($zr = $z->Fetch()) {
$arrResult = $zr;
InitBVar($SHOW_ADDITIONAL);
$additional = $SHOW_ADDITIONAL == "Y" ? "ALL" : "N";
$WEB_FORM_ID = $FORM_ID = CForm::GetDataByID($arrResult["FORM_ID"], $arForm, $arQuestions, $arAnswers, $arDropDown, $arMultiSelect, $additional);
CForm::GetResultAnswerArray($WEB_FORM_ID, $arrResultColumns, $arrResultAnswers, $arrResultAnswersVarname, array("RESULT_ID" => $RESULT_ID));
$arrResultAnswers = $arrResultAnswers[$RESULT_ID];
// проверим общие права на результат
$F_RIGHT = CForm::GetPermission($WEB_FORM_ID);
if (intval($F_RIGHT) >= 20 || $F_RIGHT >= 15 && $zr["USER_ID"] == $USER->GetID()) {
// проверим права в зависимости от статуса результата
$arrRESULT_PERMISSION = CFormResult::GetPermissions($RESULT_ID, $v);
if (in_array("VIEW", $arrRESULT_PERMISSION)) {
if (strlen(trim($TEMPLATE)) > 0) {
$template = $TEMPLATE;
} else {
if ($TEMPLATE_TYPE == "show") {
if (strlen($arrResult["SHOW_RESULT_TEMPLATE"]) <= 0) {
$template = "default.php";
} else {
$template = $arrResult["SHOW_RESULT_TEMPLATE"];
}
} elseif ($TEMPLATE_TYPE == "print") {
if (strlen($arrResult["PRINT_RESULT_TEMPLATE"]) <= 0) {
$template = "default.php";
} else {
$template = $arrResult["PRINT_RESULT_TEMPLATE"];
}
}
}
require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/form/include.php";
if ($TEMPLATE_TYPE == "show") {
$path = COption::GetOptionString("form", "SHOW_RESULT_TEMPLATE_PATH");
} elseif ($TEMPLATE_TYPE == "print") {
$path = COption::GetOptionString("form", "PRINT_RESULT_TEMPLATE_PATH");
}
IncludeModuleLangFile($_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/form/include.php");
include GetLangFileName($_SERVER["DOCUMENT_ROOT"] . $path . "lang/", "/" . $template);
if ($APPLICATION->GetShowIncludeAreas()) {
$arIcons = array();
if (CModule::IncludeModule("fileman")) {
$arIcons[] = array("URL" => "/bitrix/admin/fileman_file_edit.php?lang=" . LANGUAGE_ID . "&site=" . SITE_ID . "&full_src=Y&path=" . urlencode($path . $template), "SRC" => "/bitrix/images/form/panel/edit_template.gif", "ALT" => GetMessage("FORM_PUBLIC_ICON_TEMPLATE"));
$arrUrl = parse_url($_SERVER["REQUEST_URI"]);
$arIcons[] = array("URL" => "/bitrix/admin/fileman_file_edit.php?lang=" . LANGUAGE_ID . "&site=" . SITE_ID . "&full_src=Y&path=" . urlencode($arrUrl["path"]), "SRC" => "/bitrix/images/form/panel/edit_file.gif", "ALT" => GetMessage("FORM_PUBLIC_ICON_HANDLER"));
}
$arIcons[] = array("URL" => "/bitrix/admin/form_edit.php?lang=" . LANGUAGE_ID . "&ID=" . $WEB_FORM_ID, "SRC" => "/bitrix/images/form/panel/edit_form.gif", "ALT" => GetMessage("FORM_PUBLIC_ICON_SETTINGS"));
echo $APPLICATION->IncludeStringBefore($arIcons);
}
include $_SERVER["DOCUMENT_ROOT"] . $path . $template;
if ($APPLICATION->GetShowIncludeAreas()) {
echo $APPLICATION->IncludeStringAfter();
}
}
}
}
}
if (!empty($_REQUEST["formresult"]))
{
$formResult = strtoupper($_REQUEST['formresult']);
switch ($formResult)
{
case 'ADDOK':
$arResult['FORM_NOTE'] = str_replace("#RESULT_ID#", $arParams["RESULT_ID"], GetMessage('FORM_NOTE_ADDOK'));
break;
default:
$arResult['FORM_NOTE'] = str_replace("#RESULT_ID#", $arParams["RESULT_ID"], GetMessage('FORM_NOTE_EDITOK'));
}
}
if ($arResult["F_RIGHT"]>=20 || ($arResult["F_RIGHT"]>=15 && $USER->GetID()==$arResultData["USER_ID"]))
{
$arResult["arrRESULT_PERMISSION"] = CFormResult::GetPermissions($arParams["RESULT_ID"], $v);
// check result rights
if (!in_array("EDIT", $arResult["arrRESULT_PERMISSION"]))
{
$arResult["ERROR"] = "FORM_RESULT_ACCESS_DENIED";
}
else
{
if (!$arResultData)
{
$z = CFormResult::GetByID($arParams["RESULT_ID"]);
$arResult["arResultData"] = $z->Fetch();
}
else
{
// result not found
$title = str_replace("#FORM_ID#", "{$WEB_FORM_ID}", GetMessage("FORM_RESULT_LIST"));
require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_admin_after.php";
echo "<p><a href='/bitrix/admin/form_result_list.php?lang=" . LANGUAGE_ID . "&WEB_FORM_ID=" . $WEB_FORM_ID . "'>" . $title . "</a></p>";
echo ShowError(GetMessage("FORM_RESULT_NOT_FOUND"));
require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/epilog_admin.php";
die;
}
$WEB_FORM_ID = intval($arrResult["FORM_ID"]);
} else {
$arrResult = array();
}
$F_RIGHT = intval(CForm::GetPermission($WEB_FORM_ID));
// form rights
if ($RESULT_ID > 0) {
$arrRESULT_PERMISSION = CFormResult::GetPermissions($RESULT_ID, $v);
} else {
$arrRESULT_PERMISSION = array();
if ($F_RIGHT >= 20) {
$arrRESULT_PERMISSION[] = 'EDIT';
}
}
$EDIT_ADDITIONAL = "Y";
// whether to edit additional fields
$EDIT_STATUS = "Y";
// whether to edit status
if ($bSimple) {
$EDIT_ADDITIONAL = "N";
// whether to edit additional fields
$EDIT_STATUS = "N";
// whether to edit status
/**
* <p>Устанавливает новый <a href="http://dev.1c-bitrix.ru/api_help/form/terms.php#status">статус</a> для <a href="http://dev.1c-bitrix.ru/api_help/form/terms.php#result">результата</a>. Возвращает "true" в случае успеха, в противном случае - "false".</p>
*
*
*
*
* @param int $result_id ID <a href="http://dev.1c-bitrix.ru/api_help/form/terms.php#result">результата</a>.
*
*
*
* @param int $status_id ID нового <a href="http://dev.1c-bitrix.ru/api_help/form/terms.php#status">статуса</a>.
*
*
*
* @param string $check_rights = "Y" Флаг необходимости проверки прав текущего пользователя.
* Возможны следующие значения: <ul> <li> <b>Y</b> - права необходимо
* проверить; </li> <li> <b>N</b> - права не нужно проверять. </li> </ul> Для
* успешной установки нового <a
* href="http://dev.1c-bitrix.ru/api_help/form/terms.php#status">статуса</a> для указанного <a
* href="http://dev.1c-bitrix.ru/api_help/form/terms.php#result">результата</a> необходимо
* обладать следующими <a
* href="http://dev.1c-bitrix.ru/api_help/form/permissions.php">правами</a>: <ol> <li>На веб-форму к
* которой принадлежит редактируемый результат: <br><br><b>[20] Работа со
* всеми результатами в соответствии с их статусами</b> <br><br>или, в
* случае, если вы являетесь создателем удаляемого результата,
* достаточно права: <br><br><b>[15] Работа со своим результатом в
* соответствии с его статусом</b> <br> </li> <li>На статус, в котором
* находится редактируемый результат, необходимо иметь право:
* <br><br><b>[EDIT] редактирование</b> <br> </li> <li>На новый статус <i>status_id</i>
* необходимо иметь право: <br><br><b>[MOVE] перевод результатов в данный
* статус</b> </li> </ol> Параметр необязательный. По умолчанию - "Y" (права
* необходимо проверить).
*
*
*
* @return bool
*
*
* <h4>Example</h4>
* <pre>
* <?
* $RESULT_ID = 189; // ID результата
* $STATUS_ID = 1; // ID статуса "Опубликовано"
*
* // установим новый статус для результата
* // с проверкой прав текущего пользователя
* if (<b>CFormResult::SetStatus</b>($RESULT_ID, $STATUS_ID))
* {
* echo "Статус #".$STATUS_ID." для результата #".$RESULT_ID." успешно установлен.";
* }
* else // ошибка
* {
* global $strError;
* echo $strError;
* }
* ?>
* </pre>
*
*
* @static
* @link http://dev.1c-bitrix.ru/api_help/form/classes/cformresult/setstatus.php
* @author Bitrix
*/
public static function SetStatus($RESULT_ID, $NEW_STATUS_ID, $CHECK_RIGHTS="Y")
{
$err_mess = (CAllFormResult::err_mess())."<br>Function: SetStatus<br>Line: ";
global $DB, $USER, $strError, $APPLICATION;
$NEW_STATUS_ID = intval($NEW_STATUS_ID);
$RESULT_ID = intval($RESULT_ID);
if ($RESULT_ID <= 0 || $NEW_STATUS_ID <= 0)
return false;
$strSql = "SELECT USER_ID, FORM_ID FROM b_form_result WHERE ID='".$RESULT_ID."'";
$z = $DB->Query($strSql, false, $err_mess.__LINE__);
if ($zr = $z->Fetch())
{
$WEB_FORM_ID = intval($zr["FORM_ID"]);
// rights check
$RIGHT_OK = "N";
if ($CHECK_RIGHTS!="Y")
{
$dbRes = CFormStatus::GetByID($NEW_STATUS_ID);
if ($dbRes->Fetch())
{
$RIGHT_OK="Y";
}
}
else
{
// form rights
$F_RIGHT = CForm::GetPermission($WEB_FORM_ID);
if ($F_RIGHT>=20 || ($F_RIGHT>=15 && $USER->GetID()==$zr["USER_ID"]))
{
// result rights
$arrRESULT_PERMISSION = CFormResult::GetPermissions($RESULT_ID, $v);
// new status rights
$arrNEW_STATUS_PERMISSION = CFormStatus::GetPermissions($NEW_STATUS_ID);
if (in_array("EDIT", $arrRESULT_PERMISSION) && in_array("MOVE", $arrNEW_STATUS_PERMISSION))
{
$RIGHT_OK = "Y";
}
}
}
if ($RIGHT_OK=="Y")
{
$dbEvents = GetModuleEvents('form', 'onBeforeResultStatusChange');
while ($arEvent = $dbEvents->Fetch())
{
ExecuteModuleEventEx($arEvent, array($WEB_FORM_ID, $RESULT_ID, &$NEW_STATUS_ID, $CHECK_RIGHTS));
if ($ex = $APPLICATION->GetException())
$strError .= $ex->GetString().'<br />';
}
if (strlen($strError) <= 0)
{
// call handler before change status
CForm::ExecHandlerBeforeChangeStatus($RESULT_ID, "SET_STATUS", $NEW_STATUS_ID);
$arFields = Array(
"TIMESTAMP_X" => $DB->GetNowFunction(),
"STATUS_ID" => "'".intval($NEW_STATUS_ID)."'"
);
$DB->Update("b_form_result",$arFields,"WHERE ID='".$RESULT_ID."'",$err_mess.__LINE__);
$dbEvents = GetModuleEvents('form', 'onAfterResultStatusChange');
while ($arEvent = $dbEvents->Fetch())
{
ExecuteModuleEventEx($arEvent, array($WEB_FORM_ID, $RESULT_ID, $NEW_STATUS_ID, $CHECK_RIGHTS));
}
// call handler after change status
CForm::ExecHandlerAfterChangeStatus($RESULT_ID, "SET_STATUS");
return true;
}
}
else $strError .= GetMessage("FORM_ERROR_ACCESS_DENIED")."<br>";
}
else $strError .= GetMessage("FORM_ERROR_RESULT_NOT_FOUND")."<br>";
return false;
}
else
{
$arrResult = array();
}
if($WEB_FORM_ID <= 0)
{
require_once ($_SERVER["DOCUMENT_ROOT"]."/freetrix/modules/main/include/prolog_admin_after.php");
echo ShowError(GetMessage("FORM_NOT_FOUND"));
require_once ($_SERVER["DOCUMENT_ROOT"]."/freetrix/modules/main/include/epilog_admin.php");
die();
}
$F_RIGHT = intval(CForm::GetPermission($WEB_FORM_ID)); // form rights
if ($RESULT_ID > 0)
$arrRESULT_PERMISSION = CFormResult::GetPermissions($RESULT_ID, $v=0); // result rights array
else
{
$arrRESULT_PERMISSION = array();
if ($F_RIGHT >= 20)
$arrRESULT_PERMISSION[] = 'EDIT';
}
$EDIT_ADDITIONAL = "Y"; // whether to edit additional fields
$EDIT_STATUS = "Y"; // whether to edit status
if ($bSimple)
{
$EDIT_ADDITIONAL = "N"; // whether to edit additional fields
$EDIT_STATUS = "N"; // whether to edit status
}
//endif(!is_array($arrNOT_SHOW_TABLE) || !in_array($arrCol["SID"],$arrNOT_SHOW_TABLE));
}
//endwhile(list($key, $arrCol) = each($arrColumns)) ;
}
//endif(is_array($arrColumns)) ;
?>
</tr>
<?php
/***********************************************
table body
************************************************/
$j = 0;
$arrUsers = array();
while ($arResult = $rsResults->NavNext(true, "f_")) {
$j++;
$arrRESULT_PERMISSION = CFormResult::GetPermissions($GLOBALS["f_ID"], $v);
//echo "<tr><td colspan=10><pre>"; print_r($arrRESULT_PERMISSION); echo "</pre></td></tr>";
$can_view = false;
$can_edit = false;
$can_delete = false;
if ($F_RIGHT >= 20 || $F_RIGHT >= 15 && $USER_ID == $GLOBALS["f_USER_ID"]) {
if (in_array("VIEW", $arrRESULT_PERMISSION)) {
$can_view = true;
}
if (in_array("EDIT", $arrRESULT_PERMISSION)) {
$can_edit = true;
}
if (in_array("DELETE", $arrRESULT_PERMISSION)) {
$can_delete = true;
}
}
$arResult['FORMS'][$FORM_ID] = $arForm;
$arResult['RESULTS'][$FORM_ID] = array();
$dbRes = CFormResult::GetList($FORM_ID, $by = 's_timestamp', $order = 'desc', array('USER_ID' => $USER->GetID()), $is_filtered, 'Y', $arParams['NUM_RESULTS']);
$bFirst = true;
while ($arRes = $dbRes->GetNext()) {
//if ($FORM_ID == 6) print_r($arRes);
if ($bFirst) {
$arResult['FORMS'][$FORM_ID]['__LAST_TS'] = MakeTimeStamp($arRes['TIMESTAMP_X']);
$bFirst = false;
}
$arValues = CFormResult::GetDataByID($arRes['ID'], array(), $arRes1 = null, $arAnswers = null);
//if ($FORM_ID == 6) print_r($arValues);
reset($arValues);
list(, $first_res) = each($arValues);
$arRes['__TITLE'] = trim($first_res[0]['USER_TEXT'] ? $first_res[0]['USER_TEXT'] : $first_res[0]['MESSAGE']);
$arRes['__RIGHTS'] = CFormResult::GetPermissions($arRes['ID'], $status);
if ($arParams['EDIT_URL'] && in_array('EDIT', $arRes['__RIGHTS'])) {
$arRes['__LINK'] = str_replace(array('#FORM_ID#', '#RESULT_ID#'), array($FORM_ID, $arRes['ID']), $arParams['EDIT_URL']);
} elseif ($arParams['VIEW_URL']) {
$arRes['__LINK'] = str_replace(array('#FORM_ID#', '#RESULT_ID#'), array($FORM_ID, $arRes['ID']), $arParams['VIEW_URL']);
}
$arResult['RESULTS'][$FORM_ID][] = $arRes;
}
}
if (!is_array($arResult['RESULTS'][$FORM_ID]) || count($arResult['RESULTS'][$FORM_ID]) <= 0) {
unset($arResult['FORMS'][$FORM_ID]);
unset($arResult['RESULTS'][$FORM_ID]);
}
}
//echo '<pre>'; print_r($arResult['RESULTS'][6]); /*print_r($arResult['FORMS'][6]);*/ echo '</pre>';
if (!function_exists('BX_FSBT')) {
function GetResultPermission($RESULT_ID, &$CURRENT_STATUS_ID)
{
return CFormResult::GetPermissions($RESULT_ID, $CURRENT_STATUS_ID);
}
function SetStatus($RESULT_ID, $NEW_STATUS_ID, $CHECK_RIGHTS = "Y")
{
$err_mess = CAllFormResult::err_mess() . "<br>Function: SetStatus<br>Line: ";
global $DB, $USER, $strError;
$NEW_STATUS_ID = intval($NEW_STATUS_ID);
$RESULT_ID = intval($RESULT_ID);
$strSql = "SELECT USER_ID, FORM_ID FROM b_form_result WHERE ID='" . $RESULT_ID . "'";
$z = $DB->Query($strSql, false, $err_mess . __LINE__);
if ($zr = $z->Fetch()) {
$WEB_FORM_ID = intval($zr["FORM_ID"]);
// проверка прав
$RIGHT_OK = "N";
if ($CHECK_RIGHTS != "Y") {
$RIGHT_OK = "Y";
} else {
// права на форму
$F_RIGHT = CForm::GetPermission($WEB_FORM_ID);
if ($F_RIGHT >= 20 || $F_RIGHT >= 15 && $USER->GetID() == $zr["USER_ID"]) {
// права на результат
$arrRESULT_PERMISSION = CFormResult::GetPermissions($RESULT_ID, $v);
// права на новый статус
$arrNEW_STATUS_PERMISSION = CFormStatus::GetPermissions($NEW_STATUS_ID);
// если имеем право редактировать данный результат и
// имеем право перевести этот результат в новый статус
if (in_array("EDIT", $arrRESULT_PERMISSION) && in_array("MOVE", $arrNEW_STATUS_PERMISSION)) {
$RIGHT_OK = "Y";
}
}
}
if ($RIGHT_OK == "Y") {
// вызываем обработчик на смену статуса перед обновлением
CForm::ExecHandlerBeforeChangeStatus($RESULT_ID, "SET_STATUS", $NEW_STATUS_ID);
$arFields = array("TIMESTAMP_X" => $DB->GetNowFunction(), "STATUS_ID" => "'" . intval($NEW_STATUS_ID) . "'");
$DB->Update("b_form_result", $arFields, "WHERE ID='" . $RESULT_ID . "'", $err_mess . __LINE__);
// вызываем обработчик на смену статуса после обновления
CForm::ExecHandlerAfterChangeStatus($RESULT_ID, "SET_STATUS");
return true;
} else {
$strError .= GetMessage("FORM_ERROR_ACCESS_DENIED") . "<br>";
}
} else {
$strError .= GetMessage("FORM_ERROR_RESULT_NOT_FOUND") . "<br>";
}
return false;
}