/**
* Check if any server-side script executed in /upload dir and push those information to detail error
* @return bool
*/
protected function checkUploadScriptExecution()
{
$baseMessageKey = "SECURITY_SITE_CHECKER_UPLOAD_EXECUTABLE";
if (self::isHtaccessOverrided()) {
$isHtaccessOverrided = true;
$this->addUnformattedDetailError("SECURITY_SITE_CHECKER_UPLOAD_HTACCESS", CSecurityCriticalLevel::LOW);
} else {
$isHtaccessOverrided = false;
}
$uniqueString = randString(20);
if (self::isScriptExecutable("test.php", "<?php echo '{$uniqueString}'; ?>", $uniqueString)) {
$isPhpExecutable = true;
$this->addUnformattedDetailError($baseMessageKey . "_PHP", CSecurityCriticalLevel::LOW);
} else {
$isPhpExecutable = false;
}
if (!$isPhpExecutable && self::isScriptExecutable("test.php.any", "<?php echo '{$uniqueString}'; ?>", $uniqueString)) {
$isPhpDoubleExtensionExecutable = true;
$this->addUnformattedDetailError($baseMessageKey . "_PHP_DOUBLE", CSecurityCriticalLevel::LOW);
} else {
$isPhpDoubleExtensionExecutable = false;
}
if (self::isScriptExecutable("test.py", "print 'Content-type:text/html\\r\\n\\r\\n{$uniqueString}'", $uniqueString)) {
$isPythonCgiExecutable = true;
$this->addUnformattedDetailError($baseMessageKey . "_PY", CSecurityCriticalLevel::LOW);
} else {
$isPythonCgiExecutable = false;
}
return !($isPhpExecutable || $isPhpDoubleExtensionExecutable || $isHtaccessOverrided || $isPythonCgiExecutable);
}
public function registerControl($CID, $controlId = "")
{
if (func_num_args() == 1) {
$controlId = $CID;
$CID = "";
}
$CID = !empty($CID) ? $CID : md5(randString(15));
$this->initSession($CID, $controlId);
return $CID;
}
function __get_vve_uid()
{
static $arUid = array();
$uid = randString(5);
while (in_array($uid, $arUid)) {
$uid = randString(5);
}
$arUid[] = $uid;
return $uid;
}
function Add($arFields)
{
$err_mess = CUser::err_mess() . "<br>Function: Add<br>Line: ";
global $DB;
if (!$this->CheckFields(&$arFields)) {
$Result = false;
$arFields["RESULT_MESSAGE"] =& $this->LAST_ERROR;
} else {
unset($arFields["ID"]);
if (is_set($arFields, "ACTIVE") && $arFields["ACTIVE"] != "Y") {
$arFields["ACTIVE"] = "N";
}
if ($arFields["PERSONAL_GENDER"] == "NOT_REF" || $arFields["PERSONAL_GENDER"] != "M" && $arFields["PERSONAL_GENDER"] != "F") {
$arFields["PERSONAL_GENDER"] = "";
}
$arFields["PASSWORD"] = md5($arFields["PASSWORD"]);
//$arFields["STORED_HASH"] = CUser::GetPasswordHash($arFields["PASSWORD"]);
unset($arFields["STORED_HASH"]);
if (strlen($arFields["CHECKWORD"]) <= 0) {
$arFields["CHECKWORD"] = randString(8);
}
$arFields["~CHECKWORD_TIME"] = $DB->CurrentTimeFunction();
if (is_set($arFields, "EMAIL")) {
$arFields["EMAIL"] = strtolower($arFields["EMAIL"]);
}
if (is_set($arFields, "WORK_COUNTRY")) {
$arFields["WORK_COUNTRY"] = intval($arFields["WORK_COUNTRY"]);
}
if (is_set($arFields, "PERSONAL_COUNTRY")) {
$arFields["PERSONAL_COUNTRY"] = intval($arFields["PERSONAL_COUNTRY"]);
}
$arInsert = $DB->PrepareInsert("b_user", $arFields, "main");
if (!is_set($arFields, "DATE_REGISTER")) {
$arInsert[0] .= ", DATE_REGISTER";
$arInsert[1] .= ", " . $DB->GetNowFunction();
}
$strSql = "\n\t\t\t\tINSERT INTO b_user (\n\t\t\t\t\t" . $arInsert[0] . "\n\t\t\t\t) VALUES (\n\t\t\t\t\t" . $arInsert[1] . "\n\t\t\t\t)\n\t\t\t\t";
$DB->Query($strSql, false, $err_mess . __LINE__);
$ID = $DB->LastID();
if (is_set($arFields, "GROUP_ID")) {
CUser::SetUserGroup($ID, $arFields["GROUP_ID"]);
}
$Result = $ID;
$arFields["ID"] =& $ID;
}
$arFields["RESULT"] =& $Result;
$events = GetModuleEvents("main", "OnAfterUserAdd");
while ($arEvent = $events->Fetch()) {
ExecuteModuleEvent($arEvent, &$arFields);
}
return $Result;
}
public static function set($msg, $level = 'Notice')
{
if ($level != 'Notice') {
self::emailError($msg);
}
loadFunc('randString');
$db = self::db();
$msg = $db->quote($msg);
defined('LOGRAND') || define('LOGRAND', randString('4'));
$sql = "INSERT INTO log (session, level, message) VALUES ('" . LOGRAND . "', '{$level}', {$msg});";
//echo $sql;die;
$db->exec($sql);
}
static function sendVerificationEmail($user)
{
if ($user->verified == "true") {
return false;
}
$user->email_verification_code = randString(70);
$user->save();
if (sendEmail(array("from" => array("email" => getSiteEmail(), "name" => getSiteName()), "to" => array("email" => $user->email, "name" => $user->first_name . " " . $user->last_name), "subject" => display("email/verify_email_subject", array("user_guid" => $user->guid)), "body" => display("email/verify_email_body", array("user_guid" => $user->guid))))) {
return true;
}
$user->email_verification_code = NULL;
$user->save();
return false;
}
public static function SaveFile($arFile, $arFileStorage)
{
$arResult = array();
if (empty($arFile)) {
$arResult = array("ERROR_CODE" => "EMPTY_FILE", "ERROR_MESSAGE" => "File is empty");
}
if (!empty($arFileStorage["DISC_FOLDER"])) {
$file = $arFileStorage["DISC_FOLDER"]->uploadFile($arFile, array('NAME' => $arFile["name"], 'CREATED_BY' => $GLOBALS["USER"]->GetID()), array(), true);
$arResult["ID"] = $file->getId();
} elseif (!empty($arFileStorage["WEBDAV_DATA"]) && !empty($arFileStorage["WEBDAV_IBLOCK_OBJECT"])) {
$dropTargetID = $arFileStorage["WEBDAV_IBLOCK_OBJECT"]->GetMetaID("DROPPED");
$arParent = $arFileStorage["WEBDAV_IBLOCK_OBJECT"]->GetObject(array("section_id" => $dropTargetID));
if (!$arParent["not_found"]) {
$path = $arFileStorage["WEBDAV_IBLOCK_OBJECT"]->_get_path($arParent["item_id"], false);
$tmpName = str_replace(array(":", ".", "/", "\\"), "_", ConvertTimeStamp(time(), "FULL"));
$tmpOptions = array("path" => str_replace("//", "/", $path . "/" . $tmpName));
$arParent = $arFileStorage["WEBDAV_IBLOCK_OBJECT"]->GetObject($tmpOptions);
if ($arParent["not_found"]) {
$rMKCOL = $arFileStorage["WEBDAV_IBLOCK_OBJECT"]->MKCOL($tmpOptions);
if (intval($rMKCOL) == 201) {
$arFileStorage["WEBDAV_DATA"]["SECTION_ID"] = $arFileStorage["WEBDAV_IBLOCK_OBJECT"]->arParams["changed_element_id"];
}
} else {
$arFileStorage["WEBDAV_DATA"]["SECTION_ID"] = $arParent['item_id'];
if (!$arFileStorage["WEBDAV_IBLOCK_OBJECT"]->CheckUniqueName($tmpName, $arFileStorage["WEBDAV_DATA"]["SECTION_ID"], $tmpRes)) {
$path = $arFileStorage["WEBDAV_IBLOCK_OBJECT"]->_get_path($arFileStorage["WEBDAV_DATA"]["SECTION_ID"], false);
$tmpName = randString(6);
$tmpOptions = array("path" => str_replace("//", "/", $path . "/" . $tmpName));
$rMKCOL = $arFileStorage["WEBDAV_IBLOCK_OBJECT"]->MKCOL($tmpOptions);
if (intval($rMKCOL) == 201) {
$arFileStorage["WEBDAV_DATA"]["SECTION_ID"] = $arFileStorage["WEBDAV_IBLOCK_OBJECT"]->arParams["changed_element_id"];
}
}
}
}
$options = array("new" => true, 'dropped' => true, "arFile" => $arFile, "arDocumentStates" => false, "arUserGroups" => array_merge($arFileStorage["WEBDAV_IBLOCK_OBJECT"]->USER["GROUPS"], array("Author")), "FILE_NAME" => $arFile["name"], "IBLOCK_ID" => $arFileStorage["WEBDAV_DATA"]["IBLOCK_ID"], "IBLOCK_SECTION_ID" => $arFileStorage["WEBDAV_DATA"]["SECTION_ID"], "USER_FIELDS" => array());
$GLOBALS['USER_FIELD_MANAGER']->EditFormAddFields($arFileStorage["WEBDAV_IBLOCK_OBJECT"]->GetUfEntity(), $options['USER_FIELDS']);
$GLOBALS["DB"]->StartTransaction();
if (!$arFileStorage["WEBDAV_IBLOCK_OBJECT"]->put_commit($options)) {
$arResult = array("ERROR_CODE" => "error_put", "ERROR_MESSAGE" => $arFileStorage["WEBDAV_IBLOCK_OBJECT"]->LAST_ERROR);
$GLOBALS["DB"]->Rollback();
} else {
$GLOBALS["DB"]->Commit();
$arResult["ID"] = $options['ELEMENT_ID'];
}
} else {
$arResult["ID"] = CFile::SaveFile($arFile, $arFile["MODULE_ID"]);
}
return $arResult;
}
/**
* Initializing method: Removes slashes from GPC.
*
* @return Recipe_Request_IDS
*/
protected function init()
{
parent::init();
$this->setIds(new IDS_Monitor(array("GET" => $_GET, "POST" => $_POST, "COOKIE" => $_COOKIE), IDS_Init::init(RD . "IDS/Config/Config.ini")), array("sqli", "spam", "dt"));
$result = $this->getIds()->run();
if (!$result->isEmpty()) {
$report = $result->__toString();
$report .= "<br/>URI: " . $_SERVER["REQUEST_URI"] . "<br/>IP-Address: " . IPADDRESS;
echo $report;
$file = randString(8) . ".html";
file_put_contents(AD . "var/reports/injection_" . $file, $report);
exit;
}
return $this;
}
function generateFilename($filetype)
{
if ($filetype == "image/jpeg" || $filetype == "image/pjpeg") {
$ext = ".jpg";
} else {
if ($filetype == "image/png" || $filetype == "image/x-png") {
$ext = ".png";
} else {
if ($filetype == "image/gif") {
$ext = ".gif";
}
}
}
return randString(12) . $ext;
}
protected function prepareParams()
{
parent::prepareParams();
if (isset($this->arParams['BREADCRUMBS_ID']) && $this->arParams['BREADCRUMBS_ID'] !== '') {
$this->arParams['BREADCRUMBS_ID'] = preg_replace('/[^a-z0-9_]/i', '', $this->arParams['BREADCRUMBS_ID']);
} else {
$this->arParams['BREADCRUMBS_ID'] = 'breadcrumbs_' . strtolower(randString(5));
}
if (!isset($this->arParams['SHOW_ONLY_DELETED'])) {
$this->arParams['SHOW_ONLY_DELETED'] = false;
}
if (!isset($this->arParams['BREADCRUMBS'])) {
$this->arParams['BREADCRUMBS'] = array();
}
return $this;
}
function getRandomeStr($num)
{
$random_string = randString($num);
//dd($random_string);
$is_unique = false;
while (!$is_unique) {
$result = Cita::where('folio', '=', $random_string)->first();
if (!$result) {
// if you don't get a result, then you're good
$is_unique = true;
} else {
// if you DO get a result, keep trying
$random_string = randString($num);
}
}
return $random_string;
}
/**
* Prints this error.
*
* @return Recipe_Exception_Generic
*/
public function printError()
{
if (LOG_EXCEPTIONS) {
ob_start();
$file = randString(8);
require_once AD . "app/templates/error.phtml";
$report = ob_get_contents();
$path = AD . "var/reports/exception_" . $file . ".html";
file_put_contents($path, $report);
chmod($path, 0766);
exit;
ob_end_flush();
}
require_once AD . "app/templates/error.phtml";
exit;
return $this;
}
function forgotpassword()
{
global $handler;
global $mailer;
global $mail;
global $emptyerror;
global $catcherror;
global $notactive;
global $emailDoesNotExist;
global $website_url;
global $error;
global $contactemail;
if (!empty($_POST['email'])) {
$email = $_POST['email'];
$checkuser = $handler->prepare("SELECT * FROM users WHERE email = :email");
$checkuser->execute([':email' => $email]);
if ($checkuser->rowCount()) {
$fetch = $checkuser->fetch(PDO::FETCH_ASSOC);
$password = randString(10);
if ($mailer === '0') {
mail($email, 'Password reset', "You requested a new password for your account on {$website_url}:<br />\r\n\n Your username is: {$fetch['username']}<br />\n Your new password is: {$password}<br /><br />\n It is safer if your password when you login.", "From: {$contactemail}");
} elseif ($mailer === '1') {
$mail->setFrom($contactemail);
$mail->addAddress($email);
// Add a recipient
$mail->isHTML(true);
// Set email format to HTML
$mail->Subject = 'Password reset';
$mail->Body = "You requested a new password for your account on {$website_url}:<br />\r\n\n Your username is: {$fetch['username']}<br />\n Your new password is: {$password}<br /><br />\n It is safer if your password when you login.";
if (!$mail->send()) {
echo $error;
}
}
$options = ['cost' => 11];
$password = password_hash($password, PASSWORD_BCRYPT, $options);
perry('UPDATE users SET password = :password WHERE email = :email', [':password' => $password, ':email' => $fetch['email']]);
setcookie('newpassword', 'newpassword', time() + 10);
header("refresh:0;url={$website_url}p/login");
} else {
echo $emailDoesNotExist;
}
}
}
protected function prepareParams()
{
parent::prepareParams();
if (empty($this->arParams['BUTTONS']) || !is_array($this->arParams['BUTTONS'])) {
$this->arParams['BUTTONS'] = array();
}
if (isset($this->arParams['TOOLBAR_ID']) && $this->arParams['TOOLBAR_ID'] !== '') {
$this->arParams['TOOLBAR_ID'] = preg_replace('/[^a-z0-9_]/i', '', $this->arParams['TOOLBAR_ID']);
} else {
$this->arParams['TOOLBAR_ID'] = 'toolbar_' . strtolower(randString(5));
}
if (empty($this->arParams['DROPDOWN_FILTER']) || !is_array($this->arParams['DROPDOWN_FILTER'])) {
$this->arParams['DROPDOWN_FILTER'] = null;
$this->arParams['DROPDOWN_FILTER_CURRENT_LABEL'] = null;
}
if (empty($this->arParams['CLASS_NAME'])) {
$this->arParams['CLASS_NAME'] = '';
}
return $this;
}
public function onPrepareComponentParams($params)
{
$params["TYPE"] = isset($params["TYPE"]) ? trim($params["TYPE"]) : "";
if ($params["NOINDEX"] != "Y") {
$params["NOINDEX"] = "N";
}
if ($params["CACHE_TYPE"] == "Y" || $params["CACHE_TYPE"] == "A" && COption::GetOptionString("main", "component_cache_on", "Y") == "Y") {
$params["CACHE_TIME"] = intval($params["CACHE_TIME"]);
} else {
$params["CACHE_TIME"] = 0;
}
if (isset($params['QUANTITY']) && intval($params['QUANTITY']) > 0) {
$params['QUANTITY'] = intval($params['QUANTITY']);
} else {
$params['QUANTITY'] = 1;
}
$params['ID'] = randString(5);
$params['BANNER_ID'] = intval($params["BANNER_ID"]);
return $params;
}
static function captchaListener()
{
if (isset($_GET['qgcaptcha'])) {
$ticket = $_GET['qgcaptcha'];
$text = randString(5, "abcdefghijkmnpqrstuvwxyzABCDEFGHJKMNPQRSTUVWXYZ23456789");
$_SESSION['qg_rTicket'][$ticket]['captcha'] = $text;
header('Content-type: image/png');
$img = ImageCreateFromPNG(sysPATH . 'core/util/rTicket/captchabg.png');
//Backgroundimage
$color = ImageColorAllocate($img, 0, 0, 0);
//Farbe
$ttf = sysPATH . 'core/util/rTicket/xfiles.ttf';
//Schriftart
$ttfsize = 13;
//Schriftgrösse
$angle = rand(0, 7);
$t_x = rand(5, 20);
$t_y = 23;
imagettftext($img, $ttfsize, $angle, $t_x, $t_y, $color, $ttf, $text);
imagepng($img);
imagedestroy($img);
Abort();
}
}
}
unset($arDirValue["UF_DELETE"]);
}
if (!is_array($arDirValue) || !isset($arDirValue['UF_NAME']) || '' == trim($arDirValue['UF_NAME'])) {
continue;
}
if (isset($arImageResult[$dirKey]["FILE"]) && is_array($arImageResult[$dirKey]["FILE"]) && $arImageResult[$dirKey]["FILE"]['name'] != '' || isset($_POST['PROPERTY_DIRECTORY_VALUES_del'][$dirKey]["FILE"]) && $_POST['PROPERTY_DIRECTORY_VALUES_del'][$dirKey]["FILE"] == 'Y') {
$arDirValue['UF_FILE'] = $arImageResult[$dirKey]["FILE"];
}
if ($arDirValue["ID"] == $_POST['PROPERTY_VALUES_DEF']) {
$arDirValue['UF_DEF'] = true;
} else {
$arDirValue['UF_DEF'] = false;
}
if (!isset($arDirValue["UF_XML_ID"]) || $arDirValue["UF_XML_ID"] == '') {
$arDirValue['UF_XML_ID'] = randString(8);
}
if ($_POST["PROPERTY_USER_TYPE_SETTINGS"]["TABLE_NAME"] == '-1' && isset($result) && $result->isSuccess()) {
$entityDataClass::add($arDirValue);
} else {
if (isset($arDirValue["ID"]) && $arDirValue["ID"] > 0) {
$rsData = $entityDataClass::getList(array());
while ($arData = $rsData->fetch()) {
$arAddField = array();
if (!isset($arData["UF_DESCRIPTION"])) {
$arAddField[] = 'UF_DESCRIPTION';
}
if (!isset($arData["UF_FULL_DESCRIPTION"])) {
$arAddField[] = 'UF_FULL_DESCRIPTION';
}
$obUserField = new CUserTypeEntity();
public function users($xml)
{
// Move this function to a helper
function randString($length, $charset = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789')
{
$str = '';
$count = strlen($charset);
while ($length--) {
$str .= $charset[mt_rand(0, $count - 1)];
}
return $str;
}
foreach ($xml->channel->author as $val) {
$rand = randString(6);
$user = array('email' => (string) $val->author_email, 'password' => md5((string) $val->author_email . $rand . time()), 'salt' => $rand, 'group_id' => 1, 'active' => 1, 'created_on' => time(), 'last_login' => 0, 'username' => (string) $val->author_login);
$this->ci->db->where('username', (string) $val->author_login);
$this->ci->db->or_where('email', (string) $val->author_email);
$query = $this->ci->db->get('users');
if ($query->num_rows() == 0) {
$this->ci->db->insert('users', $user);
$user_id = $this->ci->db->insert_id();
$profile = array('user_id' => $user_id, 'display_name' => (string) $val->author_display_name, 'first_name' => '[first_name]', 'last_name' => '[last_name]', 'lang' => 'en');
$this->ci->db->insert('profiles', $profile);
}
}
}
$saleModulePermissions = $GLOBALS["APPLICATION"]->GetGroupRight("sale");
if (intval($arGadgetParams["ITEMS_COUNT"]) <= 0 || intval($arGadgetParams["ITEMS_COUNT"]) > 40) {
$arGadgetParams["ITEMS_COUNT"] = 10;
}
if (strlen($arGadgetParams["SITE_ID"]) > 0) {
$arGadgetParams["SITE_CURRENCY"] = CSaleLang::GetLangCurrency($arGadgetParams["SITE_ID"]);
if (strlen($arGadgetParams["TITLE_STD"]) <= 0) {
$rsSites = CSite::GetByID($arGadgetParams["SITE_ID"]);
if ($arSite = $rsSites->GetNext()) {
$arGadget["TITLE"] .= " / [" . $arSite["ID"] . "] " . $arSite["NAME"];
}
}
} else {
$arGadgetParams["SITE_CURRENCY"] = CCurrency::GetBaseCurrency();
}
$arGadgetParams["RND_STRING"] = randString(8);
$arOrderStats = array();
$arOrders = array();
$arCurUsed = array();
if (strlen($arGadgetParams["SITE_ID"]) > 0) {
$arFilterLID = array("LID" => $arGadgetParams["SITE_ID"]);
} else {
$arFilterLID = array();
}
if ($saleModulePermissions != "W") {
$arFilterPerms = array("STATUS_PERMS_GROUP_ID" => $GLOBALS["USER"]->GetUserGroupArray(), ">=STATUS_PERMS_PERM_VIEW" => "Y");
} else {
$arFilterPerms = array();
}
$BeforeLastMonth_minDate = ConvertTimeStamp(AddToTimeStamp(array("MM" => -2), mktime(0, 0, 0, date("n"), 1, date("Y"))), "FULL");
$BeforeLastMonth_maxDate = ConvertTimeStamp(AddToTimeStamp(array("MM" => -1, "SS" => -1), mktime(0, 0, 0, date("n"), 1, date("Y"))), "FULL");
/**
* <p>Функция добавляет нового пользователя. При успешном выполнении возвращает ID нового пользователя, в противном случае - вернет "false", а в свойстве LAST_ERROR объекта будет содержаться текст ошибки. <br><br><b>CUser::Add()</b> можно вызывать только как метод инициализированного объекта, а не как статический метод класса CUser. </p>
*
*
*
*
* @param array $fields Массив значений полей, в качестве ключей данного массива
* допустимо использовать: <ul> <li> <b>LOGIN</b><font color="red">*</font> - логин (имя
* входа) </li> <li> <b>NAME</b> - имя пользователя </li> <li> <b>LAST_NAME</b> - фамилия
* пользователя </li> <li> <b>SECOND_NAME</b> - отчество пользователя </li> <li>
* <b>EMAIL</b><font color="red">*</font> - E-Mail адрес пользователя </li> <li> <b>PASSWORD</b><font
* color="red">*</font> - пароль пользователя </li> <li> <b>CONFIRM_PASSWORD</b><font
* color="red">*</font> - подтверждение пароля (должно быть равным <b>PASSWORD</b>)
* </li> <li> <b>GROUP_ID</b> - массив ID групп к которым будет приписан
* пользователь </li> <li> <b>ACTIVE</b> - флаг активности пользователя [Y|N] </li>
* <li> <b>LID</b> - ID сайта по умолчанию для уведомлений </li> <li> <b>ADMIN_NOTES</b> -
* заметки администратора </li> <li> <b>XML_ID</b> - ID пользователя для связи с
* внешними источниками (например, ID пользователя в какой-либо
* внешний базе) </li> <li> <b>EXTERNAL_AUTH_ID</b> - код источника [link=89611]внешней
* авторизации[/link] </li> <li> <b>PERSONAL_PROFESSION</b> - наименование профессии </li>
* <li> <b>PERSONAL_WWW</b> - персональная WWW-страница </li> <li> <b>PERSONAL_ICQ</b> - ICQ </li> <li>
* <b>PERSONAL_GENDER</b> - пол ["M" - мужчина; "F" - женщина] </li> <li> <b>PERSONAL_BIRTHDAY</b> -
* дата рождения в формате текущего сайта (или текущего языка для
* административной части) </li> <li> <b>PERSONAL_PHOTO</b> - массив описывающий
* фотографию, допустимы следующие ключи этого массива: <ul> <li> <b>name</b>
* - имя файла </li> <li> <b>size</b> - размер файла </li> <li> <b>tmp_name</b> - временный
* путь на сервере </li> <li> <b>type</b> - тип загружаемого файла </li> <li> <b>del</b> -
* если значение равно "Y", то изображение будет удалено </li> <li>
* <b>MODULE_ID</b> - идентификатор главного модуля - "main" </li> </ul> </li> <li>
* <b>PERSONAL_PHONE</b> - телефон </li> <li> <b>PERSONAL_FAX</b> - факс </li> <li> <b>PERSONAL_MOBILE</b> -
* мобильный телефон </li> <li> <b>PERSONAL_PAGER</b> - пэйджер </li> <li> <b>PERSONAL_STREET</b> -
* улица, дом </li> <li> <b>PERSONAL_MAILBOX</b> - почтовый ящик </li> <li> <b>PERSONAL_CITY</b> -
* город </li> <li> <b>PERSONAL_STATE</b> - область / край </li> <li> <b>PERSONAL_ZIP</b> - индекс
* </li> <li> <b>PERSONAL_COUNTRY</b> - страна </li> <li> <b>PERSONAL_NOTES</b> - личные заметки </li>
* <li> <b>WORK_COMPANY</b> - наименование компании </li> <li> <b>WORK_DEPARTMENT</b> -
* департамент / отдел </li> <li> <b>WORK_POSITION</b> - должность </li> <li> <b>WORK_WWW</b> -
* WWW-страница компании </li> <li> <b>WORK_PHONE</b> - рабочий телефон </li> <li>
* <b>WORK_FAX</b> - рабочий факс </li> <li> <b>WORK_PAGER</b> - рабочий пэйджер </li> <li>
* <b>WORK_STREET</b> - улица, дом компании </li> <li> <b>WORK_MAILBOX</b> - почтовый ящик
* компании </li> <li> <b>WORK_CITY</b> - город компании </li> <li> <b>WORK_STATE</b> - область
* / край компании </li> <li> <b>WORK_ZIP</b> - индекс компании </li> <li> <b>WORK_COUNTRY</b> -
* страна компании </li> <li> <b>WORK_PROFILE</b> - направления деятельности
* компании </li> <li> <b>WORK_LOGO</b> - массив описывающий логотип компании,
* допустимы следующие ключи этого массива: <ul> <li> <b>name</b> - имя файла
* </li> <li> <b>size</b> - размер файла </li> <li> <b>tmp_name</b> - временный путь на
* сервере </li> <li> <b>type</b> - тип загружаемого файла </li> <li> <b>del</b> - если
* значение равно "Y", то изображение будет удалено </li> <li> <b>MODULE_ID</b> -
* идентификатор главного модуля - "main" </li> </ul> </li> <li> <b>WORK_NOTES</b> -
* заметки касаемо работы пользователя </li> </ul> <font color="red">*</font> -
* обязательные поля.
*
*
*
* @return mixed
*
*
* <h4>Example</h4>
* <pre>
* <?
* // создадим массив описывающий изображение
* // находящееся в файле на сервере
* $arIMAGE = CFile::MakeFileArray($_SERVER["DOCUMENT_ROOT"]."/images/photo.gif");
* $arIMAGE["MODULE_ID"] = "main";
*
* $user = new CUser;
* $arFields = Array(
* "NAME" => "Сергей",
* "LAST_NAME" => "Иванов",
* "EMAIL" => "*****@*****.**",
* "LOGIN" => "ivan",
* "LID" => "ru",
* "ACTIVE" => "Y",
* "GROUP_ID" => array(10,11),
* "PASSWORD" => "123456",
* "CONFIRM_PASSWORD" => "123456",
* "PERSONAL_PHOTO" => $arIMAGE
* );
*
* $ID = <b>$user->Add</b>($arFields);
* if (intval($ID) > 0)
* echo "Пользователь успешно добавлен.";
* else
* echo $user->LAST_ERROR;
* ?>
* </pre>
*
*
*
* <h4>See Also</h4>
* <ul> <li> <a href="http://dev.1c-bitrix.ru/api_help/main/reference/cuser/index.php#flds">Поля CUser</a> </li> <li>
* <a href="http://dev.1c-bitrix.ru/api_help/main/reference/cuser/update.php">CUser::Update</a> </li> <li> <a
* href="http://dev.1c-bitrix.ru/api_help/main/reference/cuser/delete.php">CUser::Delete</a> </li> </ul></b<a
* name="examples"></a>
*
*
* @static
* @link http://dev.1c-bitrix.ru/api_help/main/reference/cuser/add.php
* @author Bitrix
*/
public function Add($arFields)
{
/** @global CUserTypeManager $USER_FIELD_MANAGER */
global $DB, $USER_FIELD_MANAGER, $CACHE_MANAGER;
$ID = 0;
if (!$this->CheckFields($arFields)) {
$Result = false;
$arFields["RESULT_MESSAGE"] =& $this->LAST_ERROR;
} else {
unset($arFields["ID"]);
if (is_set($arFields, "ACTIVE") && $arFields["ACTIVE"] != "Y") {
$arFields["ACTIVE"] = "N";
}
if ($arFields["PERSONAL_GENDER"] == "NOT_REF" || $arFields["PERSONAL_GENDER"] != "M" && $arFields["PERSONAL_GENDER"] != "F") {
$arFields["PERSONAL_GENDER"] = "";
}
$original_pass = $arFields["PASSWORD"];
$salt = randString(8);
$arFields["PASSWORD"] = $salt . md5($salt . $arFields["PASSWORD"]);
unset($arFields["STORED_HASH"]);
$salt = randString(8);
$checkword = $arFields["CHECKWORD"] == '' ? md5(CMain::GetServerUniqID() . uniqid()) : $arFields["CHECKWORD"];
$arFields["CHECKWORD"] = $salt . md5($salt . $checkword);
$arFields["~CHECKWORD_TIME"] = $DB->CurrentTimeFunction();
if (is_set($arFields, "EMAIL")) {
$arFields["EMAIL"] = strtolower($arFields["EMAIL"]);
}
if (is_set($arFields, "WORK_COUNTRY")) {
$arFields["WORK_COUNTRY"] = intval($arFields["WORK_COUNTRY"]);
}
if (is_set($arFields, "PERSONAL_COUNTRY")) {
$arFields["PERSONAL_COUNTRY"] = intval($arFields["PERSONAL_COUNTRY"]);
}
if (array_key_exists("PERSONAL_PHOTO", $arFields) && is_array($arFields["PERSONAL_PHOTO"]) && (!array_key_exists("MODULE_ID", $arFields["PERSONAL_PHOTO"]) || strlen($arFields["PERSONAL_PHOTO"]["MODULE_ID"]) <= 0)) {
$arFields["PERSONAL_PHOTO"]["MODULE_ID"] = "main";
}
CFile::SaveForDB($arFields, "PERSONAL_PHOTO", "main");
if (array_key_exists("WORK_LOGO", $arFields) && is_array($arFields["WORK_LOGO"]) && (!array_key_exists("MODULE_ID", $arFields["WORK_LOGO"]) || strlen($arFields["WORK_LOGO"]["MODULE_ID"]) <= 0)) {
$arFields["WORK_LOGO"]["MODULE_ID"] = "main";
}
CFile::SaveForDB($arFields, "WORK_LOGO", "main");
$arInsert = $DB->PrepareInsert("b_user", $arFields);
if (!is_set($arFields, "DATE_REGISTER")) {
$arInsert[0] .= ", DATE_REGISTER";
$arInsert[1] .= ", " . $DB->GetNowFunction();
}
$strSql = "\n\t\t\t\tINSERT INTO b_user (\n\t\t\t\t\t" . $arInsert[0] . "\n\t\t\t\t) VALUES (\n\t\t\t\t\t" . $arInsert[1] . "\n\t\t\t\t)\n\t\t\t";
$DB->Query($strSql);
$ID = $DB->LastID();
$USER_FIELD_MANAGER->Update("USER", $ID, $arFields);
if (is_set($arFields, "GROUP_ID")) {
CUser::SetUserGroup($ID, $arFields["GROUP_ID"]);
}
//update digest hash for http digest authorization
if (COption::GetOptionString('main', 'use_digest_auth', 'N') == 'Y') {
CUser::UpdateDigest($ID, $original_pass);
}
$Result = $ID;
$arFields["ID"] =& $ID;
$arFields["CHECKWORD"] = $checkword;
}
$arFields["RESULT"] =& $Result;
foreach (GetModuleEvents("main", "OnAfterUserAdd", true) as $arEvent) {
ExecuteModuleEventEx($arEvent, array(&$arFields));
}
if ($ID > 0 && defined("BX_COMP_MANAGED_CACHE")) {
$CACHE_MANAGER->ClearByTag("USER_CARD_" . intval($ID / TAGGED_user_card_size));
$CACHE_MANAGER->ClearByTag("USER_CARD");
$CACHE_MANAGER->ClearByTag("USER_NAME_" . $ID);
$CACHE_MANAGER->ClearByTag("USER_NAME");
}
return $Result;
}
function Update($ID, $arFields, $SITE_ID = SITE_ID)
{
global $DB;
$ID = intval($ID);
$this->LAST_MESSAGE = "";
if (!$this->CheckFields($arFields, $ID, $SITE_ID)) {
return false;
}
if (array_key_exists("USER_ID", $arFields) && intval($arFields["USER_ID"]) <= 0) {
$arFields["USER_ID"] = false;
}
//Check whether email changed. If changed, we must to generate new confirm code.
$strSql = "SELECT EMAIL, CONFIRM_CODE, CONFIRMED FROM b_subscription " . "WHERE ID='" . $ID . "' ";
$db_check = $DB->Query($strSql, false, "File: " . __FILE__ . "<br>Line: " . __LINE__);
if (!($db_check_arr = $db_check->Fetch())) {
$this->LAST_ERROR = GetMessage("class_subscr_perm") . "<br>";
return false;
}
$CONFIRM_CODE = $arFields["CONFIRM_CODE"];
unset($arFields["CONFIRM_CODE"]);
if (!is_set($arFields, "EMAIL") || strtoupper($db_check_arr["EMAIL"]) == strtoupper($arFields["EMAIL"])) {
//the same email - check confirm code
if (strlen($CONFIRM_CODE) > 0 && $db_check_arr["CONFIRMED"] != "Y") {
if ($CONFIRM_CODE == $db_check_arr["CONFIRM_CODE"]) {
//let's confirm the subscription
$arFields["CONFIRMED"] = "Y";
$this->LAST_MESSAGE = "CONF";
} else {
$this->LAST_ERROR = GetMessage("class_subscr_conf") . "<br>";
return false;
}
}
} else {
//new email - new confirm code
$arFields["CONFIRM_CODE"] = randString(8);
if ($arFields["CONFIRMED"] != "Y") {
$arFields["CONFIRMED"] = "N";
}
}
$strUpdate = $DB->PrepareUpdate("b_subscription", $arFields);
if (strlen($strUpdate) > 0) {
$strSql = "UPDATE b_subscription SET " . $strUpdate . ", " . "\tDATE_UPDATE=" . $DB->GetNowFunction() . " " . (strlen($arFields["CONFIRM_CODE"]) > 0 ? "," . "\tDATE_CONFIRM=" . $DB->GetNowFunction() . " " : "") . "WHERE ID=" . $ID;
if (!$DB->Query($strSql, false, "File: " . __FILE__ . "<br>Line: " . __LINE__)) {
return false;
}
}
//subscription categories
if (is_set($arFields, "RUB_ID")) {
if (is_set($arFields, "ALL_SITES") && $arFields["ALL_SITES"] == "Y") {
$this->UpdateRubrics($ID, $arFields["RUB_ID"]);
} else {
$this->UpdateRubrics($ID, $arFields["RUB_ID"], $SITE_ID);
}
}
//send confirmation code if needed
if ($arFields["SEND_CONFIRM"] != "N" && strlen($arFields["CONFIRM_CODE"]) > 0) {
$this->ConfirmEvent($ID, $SITE_ID);
$this->LAST_MESSAGE = "SENT";
}
return true;
}
<td class="invite-list-header"><input type="checkbox" title="<?php
echo GetMessage("SONET_URE_T_CHECK_ALL");
?>
" onclick="__URECheckedAll(this)"/></td>
<td class="invite-list-header" colspan="2"><?php
echo GetMessage("SONET_URE_T_RECIPIENT");
?>
</td>
<td class="invite-list-header"><?php
echo GetMessage("SONET_URE_T_MESSAGE_OUT");
?>
</td>
</tr><?php
$ind = 0;
foreach ($arResult["RequestsOut"]["List"] as $arRequest) {
$tooltip_id = randString(8);
?>
<tr id="<?php
echo $arRequest["EVENT_TYPE"] . "_" . $arRequest["ID"];
?>
">
<td class="invite-list-checkbox">
<div class="invite-active-block">
<input type="checkbox" name="checked_<?php
echo $ind;
?>
" value="Y" onclick="BX.toggleClass(this.parentNode.parentNode.parentNode, 'invite-list-active');" />
<input type="hidden" name="id_<?php
echo $ind;
?>
" value="<?php
public function Authorize()
{
global $APPLICATION, $USER;
$errorCode = 1;
if ($arOpenID = $this->Validate()) {
$arFields = array('EXTERNAL_AUTH_ID' => 'OPENID#' . $arOpenID['server'], 'XML_ID' => $arOpenID['identity'], 'PASSWORD' => randString(30), 'LID' => SITE_ID, "PERSONAL_WWW" => $arOpenID['identity']);
if (array_key_exists('openid_sreg_email', $_GET)) {
$arFields['EMAIL'] = $_GET['openid_sreg_email'];
}
if (array_key_exists('openid_sreg_gender', $_GET) && ($_GET['openid_sreg_gender'] == 'M' || $_GET['openid_sreg_gender'] == 'F')) {
$arFields['PERSONAL_GENDER'] = $_GET['openid_sreg_gender'];
}
if (array_key_exists('openid_sreg_fullname', $_GET)) {
$fullname = defined("BX_UTF") ? $_GET['openid_sreg_fullname'] : CharsetConverter::ConvertCharset($_GET['openid_sreg_fullname'], 'UTF-8', LANG_CHARSET);
$fullname = trim($fullname);
if (($pos = strpos($fullname, ' ')) !== false) {
$arFields['NAME'] = substr($fullname, 0, $pos);
$arFields['LAST_NAME'] = substr($fullname, $pos + 1);
} else {
$arFields['NAME'] = $fullname;
}
}
if (array_key_exists('openid_sreg_postcode', $_GET)) {
$arFields['PERSONAL_ZIP'] = $_GET['openid_sreg_postcode'];
}
if (array_key_exists('openid_sreg_timezone', $_GET)) {
$arFields['TIME_ZONE'] = $_GET['openid_sreg_timezone'];
}
if (array_key_exists('openid_sreg_country', $_GET)) {
$arFields['PERSONAL_COUNTRY'] = GetCountryIdByCode($_GET['openid_sreg_country']);
}
if (array_key_exists('openid_sreg_dob', $_GET)) {
$arFields['PERSONAL_BIRTHDAY'] = CDatabase::FormatDate($_GET['openid_sreg_dob'], "YYYY-MM-DD", FORMAT_DATE);
}
if (array_key_exists('BX_OPENID_IDENTITY', $_SESSION)) {
$arFields['LOGIN'] = $_SESSION['BX_OPENID_IDENTITY'];
} else {
$arFields['LOGIN'] = $arOpenID['identity'];
}
$arFields['LOGIN'] = preg_replace("#^(http://|https://)#i", "", $arFields['LOGIN']);
$USER_ID = 0;
if ($GLOBALS["USER"]->IsAuthorized() && $GLOBALS["USER"]->GetID()) {
if (!CSocServAuth::isSplitDenied()) {
$arFields['USER_ID'] = $GLOBALS["USER"]->GetID();
CSocServAuthDB::Add($arFields);
self::CleanParam();
} else {
$errorCode = SOCSERV_REGISTRATION_DENY;
}
} else {
$dbUsersOld = $GLOBALS["USER"]->GetList($by, $ord, array('XML_ID' => $arFields['XML_ID'], 'EXTERNAL_AUTH_ID' => $arFields['EXTERNAL_AUTH_ID'], 'ACTIVE' => 'Y'), array('NAV_PARAMS' => array("nTopCount" => "1")));
$dbUsersNew = $GLOBALS["USER"]->GetList($by, $ord, array('XML_ID' => $arFields['XML_ID'], 'EXTERNAL_AUTH_ID' => 'socservices', 'ACTIVE' => 'Y'), array('NAV_PARAMS' => array("nTopCount" => "1")));
$dbSocUser = CSocServAuthDB::GetList(array(), array('XML_ID' => $arFields['XML_ID'], 'EXTERNAL_AUTH_ID' => $arFields['EXTERNAL_AUTH_ID']), false, false, array("USER_ID", "ACTIVE"));
if ($arUser = $dbSocUser->Fetch()) {
if ($arUser["ACTIVE"] === 'Y') {
$USER_ID = $arUser["USER_ID"];
}
} elseif ($arUser = $dbUsersOld->Fetch()) {
$USER_ID = $arUser['ID'];
} elseif ($arUser = $dbUsersNew->Fetch()) {
$USER_ID = $arUser["ID"];
} elseif (COption::GetOptionString("main", "new_user_registration", "N") == "Y") {
$def_group = COption::GetOptionString('main', 'new_user_registration_def_group', '');
if ($def_group != '') {
$arFields['GROUP_ID'] = explode(',', $def_group);
}
if (!empty($arFields['GROUP_ID']) && CSocServAuth::isAuthDenied($arFields['GROUP_ID'])) {
$errorCode = SOCSERV_REGISTRATION_DENY;
} else {
foreach (GetModuleEvents("main", "OnBeforeOpenIDUserAdd", true) as $arEvent) {
ExecuteModuleEventEx($arEvent, array($arFields));
}
$arFieldsUser = $arFields;
$arFieldsUser["EXTERNAL_AUTH_ID"] = "socservices";
if (!($USER_ID = $GLOBALS["USER"]->Add($arFieldsUser))) {
return false;
}
$arFields['CAN_DELETE'] = 'N';
$arFields['USER_ID'] = $USER_ID;
CSocServAuthDB::Add($arFields);
unset($arFields['CAN_DELETE']);
}
} elseif (COption::GetOptionString("main", "new_user_registration", "N") == "N") {
$errorCode = 2;
}
if (intval($USER_ID) > 0) {
$arGroups = $USER->GetUserGroup($USER_ID);
if (CSocServAuth::isAuthDenied($arGroups)) {
$errorCode = SOCSERV_AUTHORISATION_ERROR;
} else {
$USER->AuthorizeWithOtp($USER_ID);
$arKillParams = array("auth_service_id", "check_key");
foreach (array_keys($_GET) as $k) {
if (strpos($k, 'openid_') === 0) {
$arKillParams[] = $k;
}
}
$redirect_url = $APPLICATION->GetCurPageParam('', $arKillParams, false);
foreach (GetModuleEvents("main", "OnBeforeOpenIDAuthFinalRedirect", true) as $arEvent) {
ExecuteModuleEventEx($arEvent, array($redirect_url, $USER_ID, $arFields));
}
if ($redirect_url) {
LocalRedirect($redirect_url, true);
}
return $USER_ID;
}
}
}
}
$arKillParams = array("check_key");
foreach (array_keys($_GET) as $k) {
if (strpos($k, 'openid') === 0) {
$arKillParams[] = $k;
}
}
$redirect_url = $APPLICATION->GetCurPageParam('auth_service_error=' . $errorCode, $arKillParams, false);
LocalRedirect($redirect_url, true);
return false;
}
$arParams["~INPUT_NAME"] = trim($arParams["INPUT_NAME"]);
$arParams["INPUT_NAME"] = $arParams["~INPUT_NAME"] . ($arParams["MULTIPLE"] == "Y" ? "[]" : "");
$arParams["INPUT_VALUE"] = empty($arParams["INPUT_VALUE"]) ? array() : (is_array($arParams["INPUT_VALUE"]) ? $arParams["INPUT_VALUE"] : array($arParams["INPUT_VALUE"]));
$arParams["VOTE_UNIQUE"] = is_array($arParams["VOTE_UNIQUE"]) ? $arParams["VOTE_UNIQUE"] : array($arParams["VOTE_UNIQUE"]);
if (!isset($arParams["VOTE_UNIQUE_IP_DELAY"]) || !preg_match("/\\d+ \\w/is", $arParams["VOTE_UNIQUE_IP_DELAY"], $matches)) {
$arParams["VOTE_UNIQUE_IP_DELAY"] = "10 D";
}
$arParams["CONTROL_ID"] = preg_match("/^[a-zA-Z0-9_]+\$/", $arParams["CONTROL_ID"]) ? $arParams["CONTROL_ID"] : randString();
$arParams["bVarsFromForm"] = $arParams["bVarsFromForm"] ? true : false;
/********************************************************************
/Input params
********************************************************************/
/********************************************************************
Data
********************************************************************/
$arResult["CONTROL_UID"] = md5(randString(15));
$arResult["VOTES"] = array();
if ($arParams["bVarsFromForm"]) {
$arResult["VOTES"] = is_array($_POST[$arParams["~INPUT_NAME"]]) ? $_POST[$arParams["~INPUT_NAME"] . "_DATA"] : array($_POST[$arParams["~INPUT_NAME"] . "_DATA"]);
} else {
if (!empty($arParams["INPUT_VALUE"])) {
$db_res = CVote::GetListEx(array("ID" => "ASC"), array("CHANNEL_ID" => $arParams["CHANNEL_ID"], "ACTIVE" => "Y", "@ID" => $arParams["INPUT_VALUE"]));
while ($res = $db_res->Fetch()) {
$arResult["VOTES"][$res["ID"]] = $res + array("QUESTIONS" => array());
}
if (!empty($arResult["VOTES"])) {
$db_res = CVoteQuestion::GetListEx(array("ID" => "ASC"), array("CHANNEL_ID" => $arParams["CHANNEL_ID"], "ACTIVE" => "Y", "@VOTE_ID" => array_keys($arResult["VOTES"])));
while ($res = $db_res->Fetch()) {
$arResult["VOTES"][$res["VOTE_ID"]]["QUESTIONS"][$res["ID"]] = $res + array("ANSWERS" => array());
}
$db_res = CVoteAnswer::GetListEx(array("ID" => "ASC"), array("CHANNEL_ID" => $arParams["CHANNEL_ID"], "ACTIVE" => "Y", "@VOTE_ID" => array_keys($arResult["VOTES"])));
function i()
{
return randString(10);
}
$defaultGroup = COption::GetOptionString("main", "new_user_registration_def_group", "");
if ($defaultGroup != "") {
$arDefaultGroup = explode(",", $defaultGroup);
$arPolicy = CUser::GetGroupPolicy($arDefaultGroup);
} else {
$arPolicy = CUser::GetGroupPolicy(array());
}
$passwordMinLength = intval($arPolicy["PASSWORD_LENGTH"]);
if ($passwordMinLength <= 10) {
$passwordMinLength = 10;
}
$passwordChars = array("abcdefghijklnmopqrstuvwxyz", "ABCDEFGHIJKLNMOPQRSTUVWXYZ", "0123456789");
if ($arPolicy["PASSWORD_PUNCTUATION"] === "Y") {
$passwordChars[] = ",.<>/?;:'\"[]{}\\|`~!@#\$%^&*()-_+=";
}
$salePassword = randString($passwordMinLength + 2, $passwordChars);
$saleEMail = $saleLogin . '@' . $_SERVER["SERVER_NAME"];
if (!check_email($saleEMail)) {
$saleEMail = $saleLogin . '@temporary.temp';
}
$arUserFields = array("LOGIN" => $saleLogin, "NAME" => "CRM", "LAST_NAME" => "IMPORT", "PASSWORD" => $salePassword, "PASSWORD_CONFIRM" => $salePassword, "EMAIL" => $saleEMail, "GROUP_ID" => $arDefaultGroup, "ACTIVE" => "Y", "LID" => SITE_ID);
$user = new CUser();
$userId = $user->Add($arUserFields);
$userId = intval($userId);
if ($userId <= 0) {
$errorMessage .= GetMessage("SPTEN_SCRM_ERR_REG") . (strlen($user->LAST_ERROR) > 0 ? ": " . $user->LAST_ERROR : "");
}
}
if (empty($errorMessage)) {
$group = new CGroup();
$arGroupFields = array("ACTIVE" => "Y", "NAME" => "CRM SALE IMPORT", "USER_ID" => array(array("USER_ID" => $userId, "DATE_ACTIVE_FROM" => false, "DATE_ACTIVE_TO" => false)));
DISK_FOLDER_TOOLBAR_MW_CREATE_TYPE_XLS: '<?php
echo GetMessageJS("DISK_FOLDER_TOOLBAR_MW_CREATE_TYPE_XLS");
?>
',
DISK_FOLDER_TOOLBAR_MW_CREATE_TYPE_PPT : '<?php
echo GetMessageJS("DISK_FOLDER_TOOLBAR_MW_CREATE_TYPE_PPT");
?>
',
DISK_FOLDER_TOOLBAR_LABEL_TOOLTIP_SHARING : '<?php
echo GetMessageJS("DISK_FOLDER_TOOLBAR_LABEL_TOOLTIP_SHARING");
?>
'
});
var BXSocNetLogDestinationFormName = '<?php
echo randString(6);
?>
';
BX.ready(function () {
BX.Disk['FolderToolbarClass_<?php
echo $component->getComponentId();
?>
'] = new BX.Disk.FolderToolbarClass({
id: 'folder_toolbar',
destFormName: BXSocNetLogDestinationFormName,
<?php
if (!empty($arResult['CLOUD_DOCUMENT'])) {
?>
defaultService: "<?php
echo CUtil::JSUrlEscape($arResult['CLOUD_DOCUMENT']['DEFAULT_SERVICE']);
<?
define("NO_KEEP_STATISTIC", true); // Не собираем стату по действиям AJAX
require($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/include/prolog_before.php");
if ($_GET["mode"] == 'captcha_sid')
echo $APPLICATION->CaptchaGetCode();
elseif ($_GET["mode"] == 'captcha_code')
{
if (!$GLOBALS["USER"]->IsAuthorized())
{
include_once($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/classes/general/captcha.php");
$cpt = new CCaptcha();
$captchaPass = COption::GetOptionString("main", "captcha_password", "");
if (strLen($captchaPass) <= 0)
{
$captchaPass = randString(10);
COption::SetOptionString("main", "captcha_password", $captchaPass);
}
$cpt->SetCodeCrypt($captchaPass);
echo htmlspecialchars($cpt->GetCodeCrypt());
}
}
require($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/include/epilog_after.php");
?>
define('TABLE_CARDS', '142_cards');
define('TABLE_PLAYERS_IN_GAMES', '142_players');
define('TABLE_CARDS_IN_GAMES', '142_cards_in_games');
define('MAX_PLAYERS_EVER', 10);
require_once 'inc.db_mysql.php';
db_set(db_connect('localhost', 'usager', 'usager', 'games'));
// CLEAN UP //
#db_delete(TABLE_PLAYERS_IN_GAMES, 'last_online+16 < '.time());
// Two stages for every user: logged in, not logged in
// not logged in
if (!logincheck()) {
if (isset($_POST['username'], $_POST['password'])) {
$szMessage = 'FOUT';
$arrUser = db_select(TABLE_PLAYERS, "username = '******'username']) . "' AND password = MD5(CONCAT(id,':" . addslashes($_POST['password']) . "'))");
if (1 == count($arrUser)) {
$arrSession = array('hash' => randString(20), 'ip' => ifsetor($_SERVER['REMOTE_ADDR'], ""), 'uid' => $arrUser[0]['id']);
db_update(TABLE_PLAYERS, array('hash' => $arrSession['hash']), "id = '" . $arrSession['uid'] . "'");
$_SESSION[SESSION_NAME] = $arrSession;
$szMessage = 'INGELOGD';
}
header("Location: " . BASEPAGE . "?msg=" . $szMessage);
exit;
}
?>
<html>
<head>
<title>MPP :: OUT</title>
</head>
<body style="overflow:auto;" onload="document.forms[0]['username'].focus();">
$additional_data = '<script type="text/javascript" bxrunfirst="true">' . "\n";
$additional_data .= 'top.__logGetNextPageLinkEntities(' . CUtil::PhpToJSObject($component->arResult["ENTITIES_XML_ID"]) . ', ' . CUtil::PhpToJSObject($component->arResult["ENTITIES_CORRESPONDENCE"]) . ');';
$additional_data .= '</script>';
if ($arResult["AJAX_CALL"]) {
$strText = ob_get_clean();
echo CUtil::PhpToJSObject(array("PROPS" => array("CONTENT" => $additional_data . $strText, "STRINGS" => array(), "JS" => $arAdditionalData["SCRIPTS"], "CSS" => $arAdditionalData["CSS"]), "LAST_TS" => $arResult["dateLastPageTS"] ? intval($arResult["dateLastPageTS"]) : 0));
} else {
echo $additional_data;
}
if (CModule::IncludeModule("pull")) {
CPullWatch::DeferredSql();
}
die;
}
CUtil::InitJSCore(array("ajax"));
$arParams["UID"] = randString(4);
$arParams["FORM_ID"] = "sonetCommentForm" . $arParams["UID"];
$arParams["ALLOW_VIDEO"] = $arParams["ALLOW_VIDEO"] == "Y" ? "Y" : "N";
$arSmiles = array();
if (!empty($arResult["Smiles"])) {
foreach ($arResult["Smiles"] as $arSmile) {
$arSmiles[] = array('name' => $arSmile["NAME"], 'path' => $arSmile["IMAGE"], 'code' => str_replace("\\\\", "\\", $arSmile["TYPE"]), 'codes' => str_replace("\\\\", "\\", $arSmile["TYPING"]), 'width' => $arSmile["IMAGE_WIDTH"], 'height' => $arSmile["IMAGE_HEIGHT"]);
}
}
$formParams = array("FORM_ID" => $arParams["FORM_ID"], "SHOW_MORE" => "Y", "PARSER" => array("Bold", "Italic", "Underline", "Strike", "ForeColor", "FontList", "FontSizeList", "RemoveFormat", "Quote", "Code", "CreateLink", "Image", "UploadFile", "InputVideo", "Table", "Justify", "InsertOrderedList", "InsertUnorderedList", "Source", "MentionUser", "Spoiler"), "BUTTONS" => array(in_array("UF_SONET_COM_FILE", $arParams["COMMENT_PROPERTY"]) || in_array("UF_SONET_COM_DOC", $arParams["COMMENT_PROPERTY"]) ? "UploadFile" : "", "CreateLink", "InputVideo", "Quote", "MentionUser"), "TEXT" => array("NAME" => "comment", "VALUE" => "", "HEIGHT" => "80px"), "UPLOAD_FILE" => isset($arResult["COMMENT_PROPERTIES"]["DATA"]["UF_SONET_COM_DOC"]) ? false : (is_array($arResult["COMMENT_PROPERTIES"]["DATA"]) ? $arResult["COMMENT_PROPERTIES"]["DATA"]["UF_SONET_COM_FILE"] : false), "UPLOAD_WEBDAV_ELEMENT" => $arResult["COMMENT_PROPERTIES"]["DATA"]["UF_SONET_COM_DOC"], "UPLOAD_FILE_PARAMS" => array("width" => 400, "height" => 400), "FILES" => array("VALUE" => array(), "DEL_LINK" => $arResult["urlToDelImage"], "SHOW" => "N"), "SMILES" => array("VALUE" => $arSmiles), "LHE" => array("id" => "id" . $arParams["FORM_ID"], "documentCSS" => "body {color:#434343;}", "ctrlEnterHandler" => "__logSubmitCommentForm" . $arParams["UID"], "fontFamily" => "'Helvetica Neue', Helvetica, Arial, sans-serif", "fontSize" => "12px", "bInitByJS" => true, "height" => 80));
?>
<div style="display: none;">
<form action="" id="<?php
echo $arParams["FORM_ID"];
?>
" name="<?php
