/** * Check if any server-side script executed in /upload dir and push those information to detail error * @return bool */ protected function checkUploadScriptExecution() { $baseMessageKey = "SECURITY_SITE_CHECKER_UPLOAD_EXECUTABLE"; if (self::isHtaccessOverrided()) { $isHtaccessOverrided = true; $this->addUnformattedDetailError("SECURITY_SITE_CHECKER_UPLOAD_HTACCESS", CSecurityCriticalLevel::LOW); } else { $isHtaccessOverrided = false; } $uniqueString = randString(20); if (self::isScriptExecutable("test.php", "<?php echo '{$uniqueString}'; ?>", $uniqueString)) { $isPhpExecutable = true; $this->addUnformattedDetailError($baseMessageKey . "_PHP", CSecurityCriticalLevel::LOW); } else { $isPhpExecutable = false; } if (!$isPhpExecutable && self::isScriptExecutable("test.php.any", "<?php echo '{$uniqueString}'; ?>", $uniqueString)) { $isPhpDoubleExtensionExecutable = true; $this->addUnformattedDetailError($baseMessageKey . "_PHP_DOUBLE", CSecurityCriticalLevel::LOW); } else { $isPhpDoubleExtensionExecutable = false; } if (self::isScriptExecutable("test.py", "print 'Content-type:text/html\\r\\n\\r\\n{$uniqueString}'", $uniqueString)) { $isPythonCgiExecutable = true; $this->addUnformattedDetailError($baseMessageKey . "_PY", CSecurityCriticalLevel::LOW); } else { $isPythonCgiExecutable = false; } return !($isPhpExecutable || $isPhpDoubleExtensionExecutable || $isHtaccessOverrided || $isPythonCgiExecutable); }
public function registerControl($CID, $controlId = "") { if (func_num_args() == 1) { $controlId = $CID; $CID = ""; } $CID = !empty($CID) ? $CID : md5(randString(15)); $this->initSession($CID, $controlId); return $CID; }
function __get_vve_uid() { static $arUid = array(); $uid = randString(5); while (in_array($uid, $arUid)) { $uid = randString(5); } $arUid[] = $uid; return $uid; }
function Add($arFields) { $err_mess = CUser::err_mess() . "<br>Function: Add<br>Line: "; global $DB; if (!$this->CheckFields(&$arFields)) { $Result = false; $arFields["RESULT_MESSAGE"] =& $this->LAST_ERROR; } else { unset($arFields["ID"]); if (is_set($arFields, "ACTIVE") && $arFields["ACTIVE"] != "Y") { $arFields["ACTIVE"] = "N"; } if ($arFields["PERSONAL_GENDER"] == "NOT_REF" || $arFields["PERSONAL_GENDER"] != "M" && $arFields["PERSONAL_GENDER"] != "F") { $arFields["PERSONAL_GENDER"] = ""; } $arFields["PASSWORD"] = md5($arFields["PASSWORD"]); //$arFields["STORED_HASH"] = CUser::GetPasswordHash($arFields["PASSWORD"]); unset($arFields["STORED_HASH"]); if (strlen($arFields["CHECKWORD"]) <= 0) { $arFields["CHECKWORD"] = randString(8); } $arFields["~CHECKWORD_TIME"] = $DB->CurrentTimeFunction(); if (is_set($arFields, "EMAIL")) { $arFields["EMAIL"] = strtolower($arFields["EMAIL"]); } if (is_set($arFields, "WORK_COUNTRY")) { $arFields["WORK_COUNTRY"] = intval($arFields["WORK_COUNTRY"]); } if (is_set($arFields, "PERSONAL_COUNTRY")) { $arFields["PERSONAL_COUNTRY"] = intval($arFields["PERSONAL_COUNTRY"]); } $arInsert = $DB->PrepareInsert("b_user", $arFields, "main"); if (!is_set($arFields, "DATE_REGISTER")) { $arInsert[0] .= ", DATE_REGISTER"; $arInsert[1] .= ", " . $DB->GetNowFunction(); } $strSql = "\n\t\t\t\tINSERT INTO b_user (\n\t\t\t\t\t" . $arInsert[0] . "\n\t\t\t\t) VALUES (\n\t\t\t\t\t" . $arInsert[1] . "\n\t\t\t\t)\n\t\t\t\t"; $DB->Query($strSql, false, $err_mess . __LINE__); $ID = $DB->LastID(); if (is_set($arFields, "GROUP_ID")) { CUser::SetUserGroup($ID, $arFields["GROUP_ID"]); } $Result = $ID; $arFields["ID"] =& $ID; } $arFields["RESULT"] =& $Result; $events = GetModuleEvents("main", "OnAfterUserAdd"); while ($arEvent = $events->Fetch()) { ExecuteModuleEvent($arEvent, &$arFields); } return $Result; }
public static function set($msg, $level = 'Notice') { if ($level != 'Notice') { self::emailError($msg); } loadFunc('randString'); $db = self::db(); $msg = $db->quote($msg); defined('LOGRAND') || define('LOGRAND', randString('4')); $sql = "INSERT INTO log (session, level, message) VALUES ('" . LOGRAND . "', '{$level}', {$msg});"; //echo $sql;die; $db->exec($sql); }
static function sendVerificationEmail($user) { if ($user->verified == "true") { return false; } $user->email_verification_code = randString(70); $user->save(); if (sendEmail(array("from" => array("email" => getSiteEmail(), "name" => getSiteName()), "to" => array("email" => $user->email, "name" => $user->first_name . " " . $user->last_name), "subject" => display("email/verify_email_subject", array("user_guid" => $user->guid)), "body" => display("email/verify_email_body", array("user_guid" => $user->guid))))) { return true; } $user->email_verification_code = NULL; $user->save(); return false; }
public static function SaveFile($arFile, $arFileStorage) { $arResult = array(); if (empty($arFile)) { $arResult = array("ERROR_CODE" => "EMPTY_FILE", "ERROR_MESSAGE" => "File is empty"); } if (!empty($arFileStorage["DISC_FOLDER"])) { $file = $arFileStorage["DISC_FOLDER"]->uploadFile($arFile, array('NAME' => $arFile["name"], 'CREATED_BY' => $GLOBALS["USER"]->GetID()), array(), true); $arResult["ID"] = $file->getId(); } elseif (!empty($arFileStorage["WEBDAV_DATA"]) && !empty($arFileStorage["WEBDAV_IBLOCK_OBJECT"])) { $dropTargetID = $arFileStorage["WEBDAV_IBLOCK_OBJECT"]->GetMetaID("DROPPED"); $arParent = $arFileStorage["WEBDAV_IBLOCK_OBJECT"]->GetObject(array("section_id" => $dropTargetID)); if (!$arParent["not_found"]) { $path = $arFileStorage["WEBDAV_IBLOCK_OBJECT"]->_get_path($arParent["item_id"], false); $tmpName = str_replace(array(":", ".", "/", "\\"), "_", ConvertTimeStamp(time(), "FULL")); $tmpOptions = array("path" => str_replace("//", "/", $path . "/" . $tmpName)); $arParent = $arFileStorage["WEBDAV_IBLOCK_OBJECT"]->GetObject($tmpOptions); if ($arParent["not_found"]) { $rMKCOL = $arFileStorage["WEBDAV_IBLOCK_OBJECT"]->MKCOL($tmpOptions); if (intval($rMKCOL) == 201) { $arFileStorage["WEBDAV_DATA"]["SECTION_ID"] = $arFileStorage["WEBDAV_IBLOCK_OBJECT"]->arParams["changed_element_id"]; } } else { $arFileStorage["WEBDAV_DATA"]["SECTION_ID"] = $arParent['item_id']; if (!$arFileStorage["WEBDAV_IBLOCK_OBJECT"]->CheckUniqueName($tmpName, $arFileStorage["WEBDAV_DATA"]["SECTION_ID"], $tmpRes)) { $path = $arFileStorage["WEBDAV_IBLOCK_OBJECT"]->_get_path($arFileStorage["WEBDAV_DATA"]["SECTION_ID"], false); $tmpName = randString(6); $tmpOptions = array("path" => str_replace("//", "/", $path . "/" . $tmpName)); $rMKCOL = $arFileStorage["WEBDAV_IBLOCK_OBJECT"]->MKCOL($tmpOptions); if (intval($rMKCOL) == 201) { $arFileStorage["WEBDAV_DATA"]["SECTION_ID"] = $arFileStorage["WEBDAV_IBLOCK_OBJECT"]->arParams["changed_element_id"]; } } } } $options = array("new" => true, 'dropped' => true, "arFile" => $arFile, "arDocumentStates" => false, "arUserGroups" => array_merge($arFileStorage["WEBDAV_IBLOCK_OBJECT"]->USER["GROUPS"], array("Author")), "FILE_NAME" => $arFile["name"], "IBLOCK_ID" => $arFileStorage["WEBDAV_DATA"]["IBLOCK_ID"], "IBLOCK_SECTION_ID" => $arFileStorage["WEBDAV_DATA"]["SECTION_ID"], "USER_FIELDS" => array()); $GLOBALS['USER_FIELD_MANAGER']->EditFormAddFields($arFileStorage["WEBDAV_IBLOCK_OBJECT"]->GetUfEntity(), $options['USER_FIELDS']); $GLOBALS["DB"]->StartTransaction(); if (!$arFileStorage["WEBDAV_IBLOCK_OBJECT"]->put_commit($options)) { $arResult = array("ERROR_CODE" => "error_put", "ERROR_MESSAGE" => $arFileStorage["WEBDAV_IBLOCK_OBJECT"]->LAST_ERROR); $GLOBALS["DB"]->Rollback(); } else { $GLOBALS["DB"]->Commit(); $arResult["ID"] = $options['ELEMENT_ID']; } } else { $arResult["ID"] = CFile::SaveFile($arFile, $arFile["MODULE_ID"]); } return $arResult; }
/** * Initializing method: Removes slashes from GPC. * * @return Recipe_Request_IDS */ protected function init() { parent::init(); $this->setIds(new IDS_Monitor(array("GET" => $_GET, "POST" => $_POST, "COOKIE" => $_COOKIE), IDS_Init::init(RD . "IDS/Config/Config.ini")), array("sqli", "spam", "dt")); $result = $this->getIds()->run(); if (!$result->isEmpty()) { $report = $result->__toString(); $report .= "<br/>URI: " . $_SERVER["REQUEST_URI"] . "<br/>IP-Address: " . IPADDRESS; echo $report; $file = randString(8) . ".html"; file_put_contents(AD . "var/reports/injection_" . $file, $report); exit; } return $this; }
function generateFilename($filetype) { if ($filetype == "image/jpeg" || $filetype == "image/pjpeg") { $ext = ".jpg"; } else { if ($filetype == "image/png" || $filetype == "image/x-png") { $ext = ".png"; } else { if ($filetype == "image/gif") { $ext = ".gif"; } } } return randString(12) . $ext; }
protected function prepareParams() { parent::prepareParams(); if (isset($this->arParams['BREADCRUMBS_ID']) && $this->arParams['BREADCRUMBS_ID'] !== '') { $this->arParams['BREADCRUMBS_ID'] = preg_replace('/[^a-z0-9_]/i', '', $this->arParams['BREADCRUMBS_ID']); } else { $this->arParams['BREADCRUMBS_ID'] = 'breadcrumbs_' . strtolower(randString(5)); } if (!isset($this->arParams['SHOW_ONLY_DELETED'])) { $this->arParams['SHOW_ONLY_DELETED'] = false; } if (!isset($this->arParams['BREADCRUMBS'])) { $this->arParams['BREADCRUMBS'] = array(); } return $this; }
function getRandomeStr($num) { $random_string = randString($num); //dd($random_string); $is_unique = false; while (!$is_unique) { $result = Cita::where('folio', '=', $random_string)->first(); if (!$result) { // if you don't get a result, then you're good $is_unique = true; } else { // if you DO get a result, keep trying $random_string = randString($num); } } return $random_string; }
/** * Prints this error. * * @return Recipe_Exception_Generic */ public function printError() { if (LOG_EXCEPTIONS) { ob_start(); $file = randString(8); require_once AD . "app/templates/error.phtml"; $report = ob_get_contents(); $path = AD . "var/reports/exception_" . $file . ".html"; file_put_contents($path, $report); chmod($path, 0766); exit; ob_end_flush(); } require_once AD . "app/templates/error.phtml"; exit; return $this; }
function forgotpassword() { global $handler; global $mailer; global $mail; global $emptyerror; global $catcherror; global $notactive; global $emailDoesNotExist; global $website_url; global $error; global $contactemail; if (!empty($_POST['email'])) { $email = $_POST['email']; $checkuser = $handler->prepare("SELECT * FROM users WHERE email = :email"); $checkuser->execute([':email' => $email]); if ($checkuser->rowCount()) { $fetch = $checkuser->fetch(PDO::FETCH_ASSOC); $password = randString(10); if ($mailer === '0') { mail($email, 'Password reset', "You requested a new password for your account on {$website_url}:<br />\r\n\n Your username is: {$fetch['username']}<br />\n Your new password is: {$password}<br /><br />\n It is safer if your password when you login.", "From: {$contactemail}"); } elseif ($mailer === '1') { $mail->setFrom($contactemail); $mail->addAddress($email); // Add a recipient $mail->isHTML(true); // Set email format to HTML $mail->Subject = 'Password reset'; $mail->Body = "You requested a new password for your account on {$website_url}:<br />\r\n\n Your username is: {$fetch['username']}<br />\n Your new password is: {$password}<br /><br />\n It is safer if your password when you login."; if (!$mail->send()) { echo $error; } } $options = ['cost' => 11]; $password = password_hash($password, PASSWORD_BCRYPT, $options); perry('UPDATE users SET password = :password WHERE email = :email', [':password' => $password, ':email' => $fetch['email']]); setcookie('newpassword', 'newpassword', time() + 10); header("refresh:0;url={$website_url}p/login"); } else { echo $emailDoesNotExist; } } }
protected function prepareParams() { parent::prepareParams(); if (empty($this->arParams['BUTTONS']) || !is_array($this->arParams['BUTTONS'])) { $this->arParams['BUTTONS'] = array(); } if (isset($this->arParams['TOOLBAR_ID']) && $this->arParams['TOOLBAR_ID'] !== '') { $this->arParams['TOOLBAR_ID'] = preg_replace('/[^a-z0-9_]/i', '', $this->arParams['TOOLBAR_ID']); } else { $this->arParams['TOOLBAR_ID'] = 'toolbar_' . strtolower(randString(5)); } if (empty($this->arParams['DROPDOWN_FILTER']) || !is_array($this->arParams['DROPDOWN_FILTER'])) { $this->arParams['DROPDOWN_FILTER'] = null; $this->arParams['DROPDOWN_FILTER_CURRENT_LABEL'] = null; } if (empty($this->arParams['CLASS_NAME'])) { $this->arParams['CLASS_NAME'] = ''; } return $this; }
public function onPrepareComponentParams($params) { $params["TYPE"] = isset($params["TYPE"]) ? trim($params["TYPE"]) : ""; if ($params["NOINDEX"] != "Y") { $params["NOINDEX"] = "N"; } if ($params["CACHE_TYPE"] == "Y" || $params["CACHE_TYPE"] == "A" && COption::GetOptionString("main", "component_cache_on", "Y") == "Y") { $params["CACHE_TIME"] = intval($params["CACHE_TIME"]); } else { $params["CACHE_TIME"] = 0; } if (isset($params['QUANTITY']) && intval($params['QUANTITY']) > 0) { $params['QUANTITY'] = intval($params['QUANTITY']); } else { $params['QUANTITY'] = 1; } $params['ID'] = randString(5); $params['BANNER_ID'] = intval($params["BANNER_ID"]); return $params; }
static function captchaListener() { if (isset($_GET['qgcaptcha'])) { $ticket = $_GET['qgcaptcha']; $text = randString(5, "abcdefghijkmnpqrstuvwxyzABCDEFGHJKMNPQRSTUVWXYZ23456789"); $_SESSION['qg_rTicket'][$ticket]['captcha'] = $text; header('Content-type: image/png'); $img = ImageCreateFromPNG(sysPATH . 'core/util/rTicket/captchabg.png'); //Backgroundimage $color = ImageColorAllocate($img, 0, 0, 0); //Farbe $ttf = sysPATH . 'core/util/rTicket/xfiles.ttf'; //Schriftart $ttfsize = 13; //Schriftgrösse $angle = rand(0, 7); $t_x = rand(5, 20); $t_y = 23; imagettftext($img, $ttfsize, $angle, $t_x, $t_y, $color, $ttf, $text); imagepng($img); imagedestroy($img); Abort(); } }
} unset($arDirValue["UF_DELETE"]); } if (!is_array($arDirValue) || !isset($arDirValue['UF_NAME']) || '' == trim($arDirValue['UF_NAME'])) { continue; } if (isset($arImageResult[$dirKey]["FILE"]) && is_array($arImageResult[$dirKey]["FILE"]) && $arImageResult[$dirKey]["FILE"]['name'] != '' || isset($_POST['PROPERTY_DIRECTORY_VALUES_del'][$dirKey]["FILE"]) && $_POST['PROPERTY_DIRECTORY_VALUES_del'][$dirKey]["FILE"] == 'Y') { $arDirValue['UF_FILE'] = $arImageResult[$dirKey]["FILE"]; } if ($arDirValue["ID"] == $_POST['PROPERTY_VALUES_DEF']) { $arDirValue['UF_DEF'] = true; } else { $arDirValue['UF_DEF'] = false; } if (!isset($arDirValue["UF_XML_ID"]) || $arDirValue["UF_XML_ID"] == '') { $arDirValue['UF_XML_ID'] = randString(8); } if ($_POST["PROPERTY_USER_TYPE_SETTINGS"]["TABLE_NAME"] == '-1' && isset($result) && $result->isSuccess()) { $entityDataClass::add($arDirValue); } else { if (isset($arDirValue["ID"]) && $arDirValue["ID"] > 0) { $rsData = $entityDataClass::getList(array()); while ($arData = $rsData->fetch()) { $arAddField = array(); if (!isset($arData["UF_DESCRIPTION"])) { $arAddField[] = 'UF_DESCRIPTION'; } if (!isset($arData["UF_FULL_DESCRIPTION"])) { $arAddField[] = 'UF_FULL_DESCRIPTION'; } $obUserField = new CUserTypeEntity();
public function users($xml) { // Move this function to a helper function randString($length, $charset = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789') { $str = ''; $count = strlen($charset); while ($length--) { $str .= $charset[mt_rand(0, $count - 1)]; } return $str; } foreach ($xml->channel->author as $val) { $rand = randString(6); $user = array('email' => (string) $val->author_email, 'password' => md5((string) $val->author_email . $rand . time()), 'salt' => $rand, 'group_id' => 1, 'active' => 1, 'created_on' => time(), 'last_login' => 0, 'username' => (string) $val->author_login); $this->ci->db->where('username', (string) $val->author_login); $this->ci->db->or_where('email', (string) $val->author_email); $query = $this->ci->db->get('users'); if ($query->num_rows() == 0) { $this->ci->db->insert('users', $user); $user_id = $this->ci->db->insert_id(); $profile = array('user_id' => $user_id, 'display_name' => (string) $val->author_display_name, 'first_name' => '[first_name]', 'last_name' => '[last_name]', 'lang' => 'en'); $this->ci->db->insert('profiles', $profile); } } }
$saleModulePermissions = $GLOBALS["APPLICATION"]->GetGroupRight("sale"); if (intval($arGadgetParams["ITEMS_COUNT"]) <= 0 || intval($arGadgetParams["ITEMS_COUNT"]) > 40) { $arGadgetParams["ITEMS_COUNT"] = 10; } if (strlen($arGadgetParams["SITE_ID"]) > 0) { $arGadgetParams["SITE_CURRENCY"] = CSaleLang::GetLangCurrency($arGadgetParams["SITE_ID"]); if (strlen($arGadgetParams["TITLE_STD"]) <= 0) { $rsSites = CSite::GetByID($arGadgetParams["SITE_ID"]); if ($arSite = $rsSites->GetNext()) { $arGadget["TITLE"] .= " / [" . $arSite["ID"] . "] " . $arSite["NAME"]; } } } else { $arGadgetParams["SITE_CURRENCY"] = CCurrency::GetBaseCurrency(); } $arGadgetParams["RND_STRING"] = randString(8); $arOrderStats = array(); $arOrders = array(); $arCurUsed = array(); if (strlen($arGadgetParams["SITE_ID"]) > 0) { $arFilterLID = array("LID" => $arGadgetParams["SITE_ID"]); } else { $arFilterLID = array(); } if ($saleModulePermissions != "W") { $arFilterPerms = array("STATUS_PERMS_GROUP_ID" => $GLOBALS["USER"]->GetUserGroupArray(), ">=STATUS_PERMS_PERM_VIEW" => "Y"); } else { $arFilterPerms = array(); } $BeforeLastMonth_minDate = ConvertTimeStamp(AddToTimeStamp(array("MM" => -2), mktime(0, 0, 0, date("n"), 1, date("Y"))), "FULL"); $BeforeLastMonth_maxDate = ConvertTimeStamp(AddToTimeStamp(array("MM" => -1, "SS" => -1), mktime(0, 0, 0, date("n"), 1, date("Y"))), "FULL");
/** * <p>Функция добавляет нового пользователя. При успешном выполнении возвращает ID нового пользователя, в противном случае - вернет "false", а в свойстве LAST_ERROR объекта будет содержаться текст ошибки. <br><br><b>CUser::Add()</b> можно вызывать только как метод инициализированного объекта, а не как статический метод класса CUser. </p> * * * * * @param array $fields Массив значений полей, в качестве ключей данного массива * допустимо использовать: <ul> <li> <b>LOGIN</b><font color="red">*</font> - логин (имя * входа) </li> <li> <b>NAME</b> - имя пользователя </li> <li> <b>LAST_NAME</b> - фамилия * пользователя </li> <li> <b>SECOND_NAME</b> - отчество пользователя </li> <li> * <b>EMAIL</b><font color="red">*</font> - E-Mail адрес пользователя </li> <li> <b>PASSWORD</b><font * color="red">*</font> - пароль пользователя </li> <li> <b>CONFIRM_PASSWORD</b><font * color="red">*</font> - подтверждение пароля (должно быть равным <b>PASSWORD</b>) * </li> <li> <b>GROUP_ID</b> - массив ID групп к которым будет приписан * пользователь </li> <li> <b>ACTIVE</b> - флаг активности пользователя [Y|N] </li> * <li> <b>LID</b> - ID сайта по умолчанию для уведомлений </li> <li> <b>ADMIN_NOTES</b> - * заметки администратора </li> <li> <b>XML_ID</b> - ID пользователя для связи с * внешними источниками (например, ID пользователя в какой-либо * внешний базе) </li> <li> <b>EXTERNAL_AUTH_ID</b> - код источника [link=89611]внешней * авторизации[/link] </li> <li> <b>PERSONAL_PROFESSION</b> - наименование профессии </li> * <li> <b>PERSONAL_WWW</b> - персональная WWW-страница </li> <li> <b>PERSONAL_ICQ</b> - ICQ </li> <li> * <b>PERSONAL_GENDER</b> - пол ["M" - мужчина; "F" - женщина] </li> <li> <b>PERSONAL_BIRTHDAY</b> - * дата рождения в формате текущего сайта (или текущего языка для * административной части) </li> <li> <b>PERSONAL_PHOTO</b> - массив описывающий * фотографию, допустимы следующие ключи этого массива: <ul> <li> <b>name</b> * - имя файла </li> <li> <b>size</b> - размер файла </li> <li> <b>tmp_name</b> - временный * путь на сервере </li> <li> <b>type</b> - тип загружаемого файла </li> <li> <b>del</b> - * если значение равно "Y", то изображение будет удалено </li> <li> * <b>MODULE_ID</b> - идентификатор главного модуля - "main" </li> </ul> </li> <li> * <b>PERSONAL_PHONE</b> - телефон </li> <li> <b>PERSONAL_FAX</b> - факс </li> <li> <b>PERSONAL_MOBILE</b> - * мобильный телефон </li> <li> <b>PERSONAL_PAGER</b> - пэйджер </li> <li> <b>PERSONAL_STREET</b> - * улица, дом </li> <li> <b>PERSONAL_MAILBOX</b> - почтовый ящик </li> <li> <b>PERSONAL_CITY</b> - * город </li> <li> <b>PERSONAL_STATE</b> - область / край </li> <li> <b>PERSONAL_ZIP</b> - индекс * </li> <li> <b>PERSONAL_COUNTRY</b> - страна </li> <li> <b>PERSONAL_NOTES</b> - личные заметки </li> * <li> <b>WORK_COMPANY</b> - наименование компании </li> <li> <b>WORK_DEPARTMENT</b> - * департамент / отдел </li> <li> <b>WORK_POSITION</b> - должность </li> <li> <b>WORK_WWW</b> - * WWW-страница компании </li> <li> <b>WORK_PHONE</b> - рабочий телефон </li> <li> * <b>WORK_FAX</b> - рабочий факс </li> <li> <b>WORK_PAGER</b> - рабочий пэйджер </li> <li> * <b>WORK_STREET</b> - улица, дом компании </li> <li> <b>WORK_MAILBOX</b> - почтовый ящик * компании </li> <li> <b>WORK_CITY</b> - город компании </li> <li> <b>WORK_STATE</b> - область * / край компании </li> <li> <b>WORK_ZIP</b> - индекс компании </li> <li> <b>WORK_COUNTRY</b> - * страна компании </li> <li> <b>WORK_PROFILE</b> - направления деятельности * компании </li> <li> <b>WORK_LOGO</b> - массив описывающий логотип компании, * допустимы следующие ключи этого массива: <ul> <li> <b>name</b> - имя файла * </li> <li> <b>size</b> - размер файла </li> <li> <b>tmp_name</b> - временный путь на * сервере </li> <li> <b>type</b> - тип загружаемого файла </li> <li> <b>del</b> - если * значение равно "Y", то изображение будет удалено </li> <li> <b>MODULE_ID</b> - * идентификатор главного модуля - "main" </li> </ul> </li> <li> <b>WORK_NOTES</b> - * заметки касаемо работы пользователя </li> </ul> <font color="red">*</font> - * обязательные поля. * * * * @return mixed * * * <h4>Example</h4> * <pre> * <? * // создадим массив описывающий изображение * // находящееся в файле на сервере * $arIMAGE = CFile::MakeFileArray($_SERVER["DOCUMENT_ROOT"]."/images/photo.gif"); * $arIMAGE["MODULE_ID"] = "main"; * * $user = new CUser; * $arFields = Array( * "NAME" => "Сергей", * "LAST_NAME" => "Иванов", * "EMAIL" => "*****@*****.**", * "LOGIN" => "ivan", * "LID" => "ru", * "ACTIVE" => "Y", * "GROUP_ID" => array(10,11), * "PASSWORD" => "123456", * "CONFIRM_PASSWORD" => "123456", * "PERSONAL_PHOTO" => $arIMAGE * ); * * $ID = <b>$user->Add</b>($arFields); * if (intval($ID) > 0) * echo "Пользователь успешно добавлен."; * else * echo $user->LAST_ERROR; * ?> * </pre> * * * * <h4>See Also</h4> * <ul> <li> <a href="http://dev.1c-bitrix.ru/api_help/main/reference/cuser/index.php#flds">Поля CUser</a> </li> <li> * <a href="http://dev.1c-bitrix.ru/api_help/main/reference/cuser/update.php">CUser::Update</a> </li> <li> <a * href="http://dev.1c-bitrix.ru/api_help/main/reference/cuser/delete.php">CUser::Delete</a> </li> </ul></b<a * name="examples"></a> * * * @static * @link http://dev.1c-bitrix.ru/api_help/main/reference/cuser/add.php * @author Bitrix */ public function Add($arFields) { /** @global CUserTypeManager $USER_FIELD_MANAGER */ global $DB, $USER_FIELD_MANAGER, $CACHE_MANAGER; $ID = 0; if (!$this->CheckFields($arFields)) { $Result = false; $arFields["RESULT_MESSAGE"] =& $this->LAST_ERROR; } else { unset($arFields["ID"]); if (is_set($arFields, "ACTIVE") && $arFields["ACTIVE"] != "Y") { $arFields["ACTIVE"] = "N"; } if ($arFields["PERSONAL_GENDER"] == "NOT_REF" || $arFields["PERSONAL_GENDER"] != "M" && $arFields["PERSONAL_GENDER"] != "F") { $arFields["PERSONAL_GENDER"] = ""; } $original_pass = $arFields["PASSWORD"]; $salt = randString(8); $arFields["PASSWORD"] = $salt . md5($salt . $arFields["PASSWORD"]); unset($arFields["STORED_HASH"]); $salt = randString(8); $checkword = $arFields["CHECKWORD"] == '' ? md5(CMain::GetServerUniqID() . uniqid()) : $arFields["CHECKWORD"]; $arFields["CHECKWORD"] = $salt . md5($salt . $checkword); $arFields["~CHECKWORD_TIME"] = $DB->CurrentTimeFunction(); if (is_set($arFields, "EMAIL")) { $arFields["EMAIL"] = strtolower($arFields["EMAIL"]); } if (is_set($arFields, "WORK_COUNTRY")) { $arFields["WORK_COUNTRY"] = intval($arFields["WORK_COUNTRY"]); } if (is_set($arFields, "PERSONAL_COUNTRY")) { $arFields["PERSONAL_COUNTRY"] = intval($arFields["PERSONAL_COUNTRY"]); } if (array_key_exists("PERSONAL_PHOTO", $arFields) && is_array($arFields["PERSONAL_PHOTO"]) && (!array_key_exists("MODULE_ID", $arFields["PERSONAL_PHOTO"]) || strlen($arFields["PERSONAL_PHOTO"]["MODULE_ID"]) <= 0)) { $arFields["PERSONAL_PHOTO"]["MODULE_ID"] = "main"; } CFile::SaveForDB($arFields, "PERSONAL_PHOTO", "main"); if (array_key_exists("WORK_LOGO", $arFields) && is_array($arFields["WORK_LOGO"]) && (!array_key_exists("MODULE_ID", $arFields["WORK_LOGO"]) || strlen($arFields["WORK_LOGO"]["MODULE_ID"]) <= 0)) { $arFields["WORK_LOGO"]["MODULE_ID"] = "main"; } CFile::SaveForDB($arFields, "WORK_LOGO", "main"); $arInsert = $DB->PrepareInsert("b_user", $arFields); if (!is_set($arFields, "DATE_REGISTER")) { $arInsert[0] .= ", DATE_REGISTER"; $arInsert[1] .= ", " . $DB->GetNowFunction(); } $strSql = "\n\t\t\t\tINSERT INTO b_user (\n\t\t\t\t\t" . $arInsert[0] . "\n\t\t\t\t) VALUES (\n\t\t\t\t\t" . $arInsert[1] . "\n\t\t\t\t)\n\t\t\t"; $DB->Query($strSql); $ID = $DB->LastID(); $USER_FIELD_MANAGER->Update("USER", $ID, $arFields); if (is_set($arFields, "GROUP_ID")) { CUser::SetUserGroup($ID, $arFields["GROUP_ID"]); } //update digest hash for http digest authorization if (COption::GetOptionString('main', 'use_digest_auth', 'N') == 'Y') { CUser::UpdateDigest($ID, $original_pass); } $Result = $ID; $arFields["ID"] =& $ID; $arFields["CHECKWORD"] = $checkword; } $arFields["RESULT"] =& $Result; foreach (GetModuleEvents("main", "OnAfterUserAdd", true) as $arEvent) { ExecuteModuleEventEx($arEvent, array(&$arFields)); } if ($ID > 0 && defined("BX_COMP_MANAGED_CACHE")) { $CACHE_MANAGER->ClearByTag("USER_CARD_" . intval($ID / TAGGED_user_card_size)); $CACHE_MANAGER->ClearByTag("USER_CARD"); $CACHE_MANAGER->ClearByTag("USER_NAME_" . $ID); $CACHE_MANAGER->ClearByTag("USER_NAME"); } return $Result; }
function Update($ID, $arFields, $SITE_ID = SITE_ID) { global $DB; $ID = intval($ID); $this->LAST_MESSAGE = ""; if (!$this->CheckFields($arFields, $ID, $SITE_ID)) { return false; } if (array_key_exists("USER_ID", $arFields) && intval($arFields["USER_ID"]) <= 0) { $arFields["USER_ID"] = false; } //Check whether email changed. If changed, we must to generate new confirm code. $strSql = "SELECT EMAIL, CONFIRM_CODE, CONFIRMED FROM b_subscription " . "WHERE ID='" . $ID . "' "; $db_check = $DB->Query($strSql, false, "File: " . __FILE__ . "<br>Line: " . __LINE__); if (!($db_check_arr = $db_check->Fetch())) { $this->LAST_ERROR = GetMessage("class_subscr_perm") . "<br>"; return false; } $CONFIRM_CODE = $arFields["CONFIRM_CODE"]; unset($arFields["CONFIRM_CODE"]); if (!is_set($arFields, "EMAIL") || strtoupper($db_check_arr["EMAIL"]) == strtoupper($arFields["EMAIL"])) { //the same email - check confirm code if (strlen($CONFIRM_CODE) > 0 && $db_check_arr["CONFIRMED"] != "Y") { if ($CONFIRM_CODE == $db_check_arr["CONFIRM_CODE"]) { //let's confirm the subscription $arFields["CONFIRMED"] = "Y"; $this->LAST_MESSAGE = "CONF"; } else { $this->LAST_ERROR = GetMessage("class_subscr_conf") . "<br>"; return false; } } } else { //new email - new confirm code $arFields["CONFIRM_CODE"] = randString(8); if ($arFields["CONFIRMED"] != "Y") { $arFields["CONFIRMED"] = "N"; } } $strUpdate = $DB->PrepareUpdate("b_subscription", $arFields); if (strlen($strUpdate) > 0) { $strSql = "UPDATE b_subscription SET " . $strUpdate . ", " . "\tDATE_UPDATE=" . $DB->GetNowFunction() . " " . (strlen($arFields["CONFIRM_CODE"]) > 0 ? "," . "\tDATE_CONFIRM=" . $DB->GetNowFunction() . " " : "") . "WHERE ID=" . $ID; if (!$DB->Query($strSql, false, "File: " . __FILE__ . "<br>Line: " . __LINE__)) { return false; } } //subscription categories if (is_set($arFields, "RUB_ID")) { if (is_set($arFields, "ALL_SITES") && $arFields["ALL_SITES"] == "Y") { $this->UpdateRubrics($ID, $arFields["RUB_ID"]); } else { $this->UpdateRubrics($ID, $arFields["RUB_ID"], $SITE_ID); } } //send confirmation code if needed if ($arFields["SEND_CONFIRM"] != "N" && strlen($arFields["CONFIRM_CODE"]) > 0) { $this->ConfirmEvent($ID, $SITE_ID); $this->LAST_MESSAGE = "SENT"; } return true; }
<td class="invite-list-header"><input type="checkbox" title="<?php echo GetMessage("SONET_URE_T_CHECK_ALL"); ?> " onclick="__URECheckedAll(this)"/></td> <td class="invite-list-header" colspan="2"><?php echo GetMessage("SONET_URE_T_RECIPIENT"); ?> </td> <td class="invite-list-header"><?php echo GetMessage("SONET_URE_T_MESSAGE_OUT"); ?> </td> </tr><?php $ind = 0; foreach ($arResult["RequestsOut"]["List"] as $arRequest) { $tooltip_id = randString(8); ?> <tr id="<?php echo $arRequest["EVENT_TYPE"] . "_" . $arRequest["ID"]; ?> "> <td class="invite-list-checkbox"> <div class="invite-active-block"> <input type="checkbox" name="checked_<?php echo $ind; ?> " value="Y" onclick="BX.toggleClass(this.parentNode.parentNode.parentNode, 'invite-list-active');" /> <input type="hidden" name="id_<?php echo $ind; ?> " value="<?php
public function Authorize() { global $APPLICATION, $USER; $errorCode = 1; if ($arOpenID = $this->Validate()) { $arFields = array('EXTERNAL_AUTH_ID' => 'OPENID#' . $arOpenID['server'], 'XML_ID' => $arOpenID['identity'], 'PASSWORD' => randString(30), 'LID' => SITE_ID, "PERSONAL_WWW" => $arOpenID['identity']); if (array_key_exists('openid_sreg_email', $_GET)) { $arFields['EMAIL'] = $_GET['openid_sreg_email']; } if (array_key_exists('openid_sreg_gender', $_GET) && ($_GET['openid_sreg_gender'] == 'M' || $_GET['openid_sreg_gender'] == 'F')) { $arFields['PERSONAL_GENDER'] = $_GET['openid_sreg_gender']; } if (array_key_exists('openid_sreg_fullname', $_GET)) { $fullname = defined("BX_UTF") ? $_GET['openid_sreg_fullname'] : CharsetConverter::ConvertCharset($_GET['openid_sreg_fullname'], 'UTF-8', LANG_CHARSET); $fullname = trim($fullname); if (($pos = strpos($fullname, ' ')) !== false) { $arFields['NAME'] = substr($fullname, 0, $pos); $arFields['LAST_NAME'] = substr($fullname, $pos + 1); } else { $arFields['NAME'] = $fullname; } } if (array_key_exists('openid_sreg_postcode', $_GET)) { $arFields['PERSONAL_ZIP'] = $_GET['openid_sreg_postcode']; } if (array_key_exists('openid_sreg_timezone', $_GET)) { $arFields['TIME_ZONE'] = $_GET['openid_sreg_timezone']; } if (array_key_exists('openid_sreg_country', $_GET)) { $arFields['PERSONAL_COUNTRY'] = GetCountryIdByCode($_GET['openid_sreg_country']); } if (array_key_exists('openid_sreg_dob', $_GET)) { $arFields['PERSONAL_BIRTHDAY'] = CDatabase::FormatDate($_GET['openid_sreg_dob'], "YYYY-MM-DD", FORMAT_DATE); } if (array_key_exists('BX_OPENID_IDENTITY', $_SESSION)) { $arFields['LOGIN'] = $_SESSION['BX_OPENID_IDENTITY']; } else { $arFields['LOGIN'] = $arOpenID['identity']; } $arFields['LOGIN'] = preg_replace("#^(http://|https://)#i", "", $arFields['LOGIN']); $USER_ID = 0; if ($GLOBALS["USER"]->IsAuthorized() && $GLOBALS["USER"]->GetID()) { if (!CSocServAuth::isSplitDenied()) { $arFields['USER_ID'] = $GLOBALS["USER"]->GetID(); CSocServAuthDB::Add($arFields); self::CleanParam(); } else { $errorCode = SOCSERV_REGISTRATION_DENY; } } else { $dbUsersOld = $GLOBALS["USER"]->GetList($by, $ord, array('XML_ID' => $arFields['XML_ID'], 'EXTERNAL_AUTH_ID' => $arFields['EXTERNAL_AUTH_ID'], 'ACTIVE' => 'Y'), array('NAV_PARAMS' => array("nTopCount" => "1"))); $dbUsersNew = $GLOBALS["USER"]->GetList($by, $ord, array('XML_ID' => $arFields['XML_ID'], 'EXTERNAL_AUTH_ID' => 'socservices', 'ACTIVE' => 'Y'), array('NAV_PARAMS' => array("nTopCount" => "1"))); $dbSocUser = CSocServAuthDB::GetList(array(), array('XML_ID' => $arFields['XML_ID'], 'EXTERNAL_AUTH_ID' => $arFields['EXTERNAL_AUTH_ID']), false, false, array("USER_ID", "ACTIVE")); if ($arUser = $dbSocUser->Fetch()) { if ($arUser["ACTIVE"] === 'Y') { $USER_ID = $arUser["USER_ID"]; } } elseif ($arUser = $dbUsersOld->Fetch()) { $USER_ID = $arUser['ID']; } elseif ($arUser = $dbUsersNew->Fetch()) { $USER_ID = $arUser["ID"]; } elseif (COption::GetOptionString("main", "new_user_registration", "N") == "Y") { $def_group = COption::GetOptionString('main', 'new_user_registration_def_group', ''); if ($def_group != '') { $arFields['GROUP_ID'] = explode(',', $def_group); } if (!empty($arFields['GROUP_ID']) && CSocServAuth::isAuthDenied($arFields['GROUP_ID'])) { $errorCode = SOCSERV_REGISTRATION_DENY; } else { foreach (GetModuleEvents("main", "OnBeforeOpenIDUserAdd", true) as $arEvent) { ExecuteModuleEventEx($arEvent, array($arFields)); } $arFieldsUser = $arFields; $arFieldsUser["EXTERNAL_AUTH_ID"] = "socservices"; if (!($USER_ID = $GLOBALS["USER"]->Add($arFieldsUser))) { return false; } $arFields['CAN_DELETE'] = 'N'; $arFields['USER_ID'] = $USER_ID; CSocServAuthDB::Add($arFields); unset($arFields['CAN_DELETE']); } } elseif (COption::GetOptionString("main", "new_user_registration", "N") == "N") { $errorCode = 2; } if (intval($USER_ID) > 0) { $arGroups = $USER->GetUserGroup($USER_ID); if (CSocServAuth::isAuthDenied($arGroups)) { $errorCode = SOCSERV_AUTHORISATION_ERROR; } else { $USER->AuthorizeWithOtp($USER_ID); $arKillParams = array("auth_service_id", "check_key"); foreach (array_keys($_GET) as $k) { if (strpos($k, 'openid_') === 0) { $arKillParams[] = $k; } } $redirect_url = $APPLICATION->GetCurPageParam('', $arKillParams, false); foreach (GetModuleEvents("main", "OnBeforeOpenIDAuthFinalRedirect", true) as $arEvent) { ExecuteModuleEventEx($arEvent, array($redirect_url, $USER_ID, $arFields)); } if ($redirect_url) { LocalRedirect($redirect_url, true); } return $USER_ID; } } } } $arKillParams = array("check_key"); foreach (array_keys($_GET) as $k) { if (strpos($k, 'openid') === 0) { $arKillParams[] = $k; } } $redirect_url = $APPLICATION->GetCurPageParam('auth_service_error=' . $errorCode, $arKillParams, false); LocalRedirect($redirect_url, true); return false; }
$arParams["~INPUT_NAME"] = trim($arParams["INPUT_NAME"]); $arParams["INPUT_NAME"] = $arParams["~INPUT_NAME"] . ($arParams["MULTIPLE"] == "Y" ? "[]" : ""); $arParams["INPUT_VALUE"] = empty($arParams["INPUT_VALUE"]) ? array() : (is_array($arParams["INPUT_VALUE"]) ? $arParams["INPUT_VALUE"] : array($arParams["INPUT_VALUE"])); $arParams["VOTE_UNIQUE"] = is_array($arParams["VOTE_UNIQUE"]) ? $arParams["VOTE_UNIQUE"] : array($arParams["VOTE_UNIQUE"]); if (!isset($arParams["VOTE_UNIQUE_IP_DELAY"]) || !preg_match("/\\d+ \\w/is", $arParams["VOTE_UNIQUE_IP_DELAY"], $matches)) { $arParams["VOTE_UNIQUE_IP_DELAY"] = "10 D"; } $arParams["CONTROL_ID"] = preg_match("/^[a-zA-Z0-9_]+\$/", $arParams["CONTROL_ID"]) ? $arParams["CONTROL_ID"] : randString(); $arParams["bVarsFromForm"] = $arParams["bVarsFromForm"] ? true : false; /******************************************************************** /Input params ********************************************************************/ /******************************************************************** Data ********************************************************************/ $arResult["CONTROL_UID"] = md5(randString(15)); $arResult["VOTES"] = array(); if ($arParams["bVarsFromForm"]) { $arResult["VOTES"] = is_array($_POST[$arParams["~INPUT_NAME"]]) ? $_POST[$arParams["~INPUT_NAME"] . "_DATA"] : array($_POST[$arParams["~INPUT_NAME"] . "_DATA"]); } else { if (!empty($arParams["INPUT_VALUE"])) { $db_res = CVote::GetListEx(array("ID" => "ASC"), array("CHANNEL_ID" => $arParams["CHANNEL_ID"], "ACTIVE" => "Y", "@ID" => $arParams["INPUT_VALUE"])); while ($res = $db_res->Fetch()) { $arResult["VOTES"][$res["ID"]] = $res + array("QUESTIONS" => array()); } if (!empty($arResult["VOTES"])) { $db_res = CVoteQuestion::GetListEx(array("ID" => "ASC"), array("CHANNEL_ID" => $arParams["CHANNEL_ID"], "ACTIVE" => "Y", "@VOTE_ID" => array_keys($arResult["VOTES"]))); while ($res = $db_res->Fetch()) { $arResult["VOTES"][$res["VOTE_ID"]]["QUESTIONS"][$res["ID"]] = $res + array("ANSWERS" => array()); } $db_res = CVoteAnswer::GetListEx(array("ID" => "ASC"), array("CHANNEL_ID" => $arParams["CHANNEL_ID"], "ACTIVE" => "Y", "@VOTE_ID" => array_keys($arResult["VOTES"])));
function i() { return randString(10); }
$defaultGroup = COption::GetOptionString("main", "new_user_registration_def_group", ""); if ($defaultGroup != "") { $arDefaultGroup = explode(",", $defaultGroup); $arPolicy = CUser::GetGroupPolicy($arDefaultGroup); } else { $arPolicy = CUser::GetGroupPolicy(array()); } $passwordMinLength = intval($arPolicy["PASSWORD_LENGTH"]); if ($passwordMinLength <= 10) { $passwordMinLength = 10; } $passwordChars = array("abcdefghijklnmopqrstuvwxyz", "ABCDEFGHIJKLNMOPQRSTUVWXYZ", "0123456789"); if ($arPolicy["PASSWORD_PUNCTUATION"] === "Y") { $passwordChars[] = ",.<>/?;:'\"[]{}\\|`~!@#\$%^&*()-_+="; } $salePassword = randString($passwordMinLength + 2, $passwordChars); $saleEMail = $saleLogin . '@' . $_SERVER["SERVER_NAME"]; if (!check_email($saleEMail)) { $saleEMail = $saleLogin . '@temporary.temp'; } $arUserFields = array("LOGIN" => $saleLogin, "NAME" => "CRM", "LAST_NAME" => "IMPORT", "PASSWORD" => $salePassword, "PASSWORD_CONFIRM" => $salePassword, "EMAIL" => $saleEMail, "GROUP_ID" => $arDefaultGroup, "ACTIVE" => "Y", "LID" => SITE_ID); $user = new CUser(); $userId = $user->Add($arUserFields); $userId = intval($userId); if ($userId <= 0) { $errorMessage .= GetMessage("SPTEN_SCRM_ERR_REG") . (strlen($user->LAST_ERROR) > 0 ? ": " . $user->LAST_ERROR : ""); } } if (empty($errorMessage)) { $group = new CGroup(); $arGroupFields = array("ACTIVE" => "Y", "NAME" => "CRM SALE IMPORT", "USER_ID" => array(array("USER_ID" => $userId, "DATE_ACTIVE_FROM" => false, "DATE_ACTIVE_TO" => false)));
DISK_FOLDER_TOOLBAR_MW_CREATE_TYPE_XLS: '<?php echo GetMessageJS("DISK_FOLDER_TOOLBAR_MW_CREATE_TYPE_XLS"); ?> ', DISK_FOLDER_TOOLBAR_MW_CREATE_TYPE_PPT : '<?php echo GetMessageJS("DISK_FOLDER_TOOLBAR_MW_CREATE_TYPE_PPT"); ?> ', DISK_FOLDER_TOOLBAR_LABEL_TOOLTIP_SHARING : '<?php echo GetMessageJS("DISK_FOLDER_TOOLBAR_LABEL_TOOLTIP_SHARING"); ?> ' }); var BXSocNetLogDestinationFormName = '<?php echo randString(6); ?> '; BX.ready(function () { BX.Disk['FolderToolbarClass_<?php echo $component->getComponentId(); ?> '] = new BX.Disk.FolderToolbarClass({ id: 'folder_toolbar', destFormName: BXSocNetLogDestinationFormName, <?php if (!empty($arResult['CLOUD_DOCUMENT'])) { ?> defaultService: "<?php echo CUtil::JSUrlEscape($arResult['CLOUD_DOCUMENT']['DEFAULT_SERVICE']);
<? define("NO_KEEP_STATISTIC", true); // Не собираем стату по действиям AJAX require($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/include/prolog_before.php"); if ($_GET["mode"] == 'captcha_sid') echo $APPLICATION->CaptchaGetCode(); elseif ($_GET["mode"] == 'captcha_code') { if (!$GLOBALS["USER"]->IsAuthorized()) { include_once($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/classes/general/captcha.php"); $cpt = new CCaptcha(); $captchaPass = COption::GetOptionString("main", "captcha_password", ""); if (strLen($captchaPass) <= 0) { $captchaPass = randString(10); COption::SetOptionString("main", "captcha_password", $captchaPass); } $cpt->SetCodeCrypt($captchaPass); echo htmlspecialchars($cpt->GetCodeCrypt()); } } require($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/include/epilog_after.php"); ?>
define('TABLE_CARDS', '142_cards'); define('TABLE_PLAYERS_IN_GAMES', '142_players'); define('TABLE_CARDS_IN_GAMES', '142_cards_in_games'); define('MAX_PLAYERS_EVER', 10); require_once 'inc.db_mysql.php'; db_set(db_connect('localhost', 'usager', 'usager', 'games')); // CLEAN UP // #db_delete(TABLE_PLAYERS_IN_GAMES, 'last_online+16 < '.time()); // Two stages for every user: logged in, not logged in // not logged in if (!logincheck()) { if (isset($_POST['username'], $_POST['password'])) { $szMessage = 'FOUT'; $arrUser = db_select(TABLE_PLAYERS, "username = '******'username']) . "' AND password = MD5(CONCAT(id,':" . addslashes($_POST['password']) . "'))"); if (1 == count($arrUser)) { $arrSession = array('hash' => randString(20), 'ip' => ifsetor($_SERVER['REMOTE_ADDR'], ""), 'uid' => $arrUser[0]['id']); db_update(TABLE_PLAYERS, array('hash' => $arrSession['hash']), "id = '" . $arrSession['uid'] . "'"); $_SESSION[SESSION_NAME] = $arrSession; $szMessage = 'INGELOGD'; } header("Location: " . BASEPAGE . "?msg=" . $szMessage); exit; } ?> <html> <head> <title>MPP :: OUT</title> </head> <body style="overflow:auto;" onload="document.forms[0]['username'].focus();">
$additional_data = '<script type="text/javascript" bxrunfirst="true">' . "\n"; $additional_data .= 'top.__logGetNextPageLinkEntities(' . CUtil::PhpToJSObject($component->arResult["ENTITIES_XML_ID"]) . ', ' . CUtil::PhpToJSObject($component->arResult["ENTITIES_CORRESPONDENCE"]) . ');'; $additional_data .= '</script>'; if ($arResult["AJAX_CALL"]) { $strText = ob_get_clean(); echo CUtil::PhpToJSObject(array("PROPS" => array("CONTENT" => $additional_data . $strText, "STRINGS" => array(), "JS" => $arAdditionalData["SCRIPTS"], "CSS" => $arAdditionalData["CSS"]), "LAST_TS" => $arResult["dateLastPageTS"] ? intval($arResult["dateLastPageTS"]) : 0)); } else { echo $additional_data; } if (CModule::IncludeModule("pull")) { CPullWatch::DeferredSql(); } die; } CUtil::InitJSCore(array("ajax")); $arParams["UID"] = randString(4); $arParams["FORM_ID"] = "sonetCommentForm" . $arParams["UID"]; $arParams["ALLOW_VIDEO"] = $arParams["ALLOW_VIDEO"] == "Y" ? "Y" : "N"; $arSmiles = array(); if (!empty($arResult["Smiles"])) { foreach ($arResult["Smiles"] as $arSmile) { $arSmiles[] = array('name' => $arSmile["NAME"], 'path' => $arSmile["IMAGE"], 'code' => str_replace("\\\\", "\\", $arSmile["TYPE"]), 'codes' => str_replace("\\\\", "\\", $arSmile["TYPING"]), 'width' => $arSmile["IMAGE_WIDTH"], 'height' => $arSmile["IMAGE_HEIGHT"]); } } $formParams = array("FORM_ID" => $arParams["FORM_ID"], "SHOW_MORE" => "Y", "PARSER" => array("Bold", "Italic", "Underline", "Strike", "ForeColor", "FontList", "FontSizeList", "RemoveFormat", "Quote", "Code", "CreateLink", "Image", "UploadFile", "InputVideo", "Table", "Justify", "InsertOrderedList", "InsertUnorderedList", "Source", "MentionUser", "Spoiler"), "BUTTONS" => array(in_array("UF_SONET_COM_FILE", $arParams["COMMENT_PROPERTY"]) || in_array("UF_SONET_COM_DOC", $arParams["COMMENT_PROPERTY"]) ? "UploadFile" : "", "CreateLink", "InputVideo", "Quote", "MentionUser"), "TEXT" => array("NAME" => "comment", "VALUE" => "", "HEIGHT" => "80px"), "UPLOAD_FILE" => isset($arResult["COMMENT_PROPERTIES"]["DATA"]["UF_SONET_COM_DOC"]) ? false : (is_array($arResult["COMMENT_PROPERTIES"]["DATA"]) ? $arResult["COMMENT_PROPERTIES"]["DATA"]["UF_SONET_COM_FILE"] : false), "UPLOAD_WEBDAV_ELEMENT" => $arResult["COMMENT_PROPERTIES"]["DATA"]["UF_SONET_COM_DOC"], "UPLOAD_FILE_PARAMS" => array("width" => 400, "height" => 400), "FILES" => array("VALUE" => array(), "DEL_LINK" => $arResult["urlToDelImage"], "SHOW" => "N"), "SMILES" => array("VALUE" => $arSmiles), "LHE" => array("id" => "id" . $arParams["FORM_ID"], "documentCSS" => "body {color:#434343;}", "ctrlEnterHandler" => "__logSubmitCommentForm" . $arParams["UID"], "fontFamily" => "'Helvetica Neue', Helvetica, Arial, sans-serif", "fontSize" => "12px", "bInitByJS" => true, "height" => 80)); ?> <div style="display: none;"> <form action="" id="<?php echo $arParams["FORM_ID"]; ?> " name="<?php