$bEdit = false; $path = $io->CombinePath("/", $arParsedPath["PREV"]); $arParsedPath = CFileMan::ParsePath($path, true, false, "", $logical == "Y"); $abs_path = $io->CombinePath($DOC_ROOT, $path); } } else { if ($limit_php_access) { // ofp - original full path :) $ofp = $_SESSION['arOFP'][$ofp_id]; $ofp = $io->CombinePath("/", $ofp); $abs_ofp = $io->CombinePath($DOC_ROOT, $ofp); $oFile = $io->GetFile($abs_ofp); $fileContentTmp = $oFile->GetContents(); $old_res = CFileman::ParseFileContent($fileContentTmp, true); $old_filesrc = $old_res["CONTENT"]; $filesrc = CMain::ProcessLPA($filesrc, $old_filesrc); } if (!$bFullPHP) { $res = CFileman::ParseFileContent($filesrc_tmp, true); $prolog = CFileman::SetTitle($res["PROLOG"], $title); for ($i = 0; $i <= $maxind; $i++) { if (strlen(Trim($_POST["CODE_" . $i])) > 0) { if ($_POST["CODE_" . $i] != $_POST["H_CODE_" . $i]) { $prolog = CFileman::SetProperty($prolog, Trim($_POST["H_CODE_" . $i]), ""); $prolog = CFileman::SetProperty($prolog, Trim($_POST["CODE_" . $i]), Trim($_POST["VALUE_" . $i])); } else { $prolog = CFileman::SetProperty($prolog, Trim($_POST["CODE_" . $i]), Trim($_POST["VALUE_" . $i])); } } else { $prolog = CFileman::SetProperty($prolog, Trim($_POST["H_CODE_" . $i]), ""); }
function CheckFields() { global $DB, $strError, $FILENAME, $APPLICATION, $ID, $BODY, $USER, $SITE_ID, $STATUS_ID, $DOC_ROOT; $str = ""; $arMsg = array(); $SCRIPT_FILE_TYPE = GetFileType($FILENAME); $FILENAME = trim($FILENAME); $FILENAME = "/" . ltrim(_normalizePath($FILENAME), "/"); $io = CBXVirtualIo::GetInstance(); if (strlen($FILENAME) <= 0) { $arMsg[] = array("id" => "FILENAME", "text" => GetMessage("FLOW_FORGOT_FILENAME")); } elseif (!$io->ValidatePathString($FILENAME)) { $arMsg[] = array("id" => "FILENAME", "text" => GetMessage("FLOW_FILE_NAME_NOT_VALID")); } elseif ($SCRIPT_FILE_TYPE != "SOURCE") { $arMsg[] = array("id" => "FILENAME", "text" => GetMessage("FLOW_INCORRECT_FILETYPE")); } else { $SITE_ID = CWorkflow::__CheckSite($SITE_ID); if (!$SITE_ID) { $SITE_ID = CSite::GetSiteByFullPath($_SERVER['DOCUMENT_ROOT'] . $FILENAME); } if (!$USER->CanDoFileOperation('fm_edit_in_workflow', array($SITE_ID, $FILENAME))) { $s = str_replace("#FILENAME#", "{$FILENAME}", GetMessage("FLOW_ACCESS_DENIED")); $arMsg[] = array("id" => "FILENAME", "text" => $s . ": " . GetMessage("FLOW_MIN_RIGHTS")); } elseif ($STATUS_ID == 1 && !($USER->CanDoFileOperation('fm_edit_existent_file', array($SITE_ID, $FILENAME)) && $USER->CanDoFileOperation('fm_create_new_file', array($SITE_ID, $FILENAME)))) { $arMsg[] = array("id" => "FILENAME", "text" => GetMessage("FLOW_ACCESS_DENIED_FOR_FILE_WRITE", array("#FILENAME#" => $FILENAME))); } else { $z = CWorkflow::GetByFilename($FILENAME, $SITE_ID); if ($zr = $z->Fetch()) { if ($zr["ID"] != $ID && $zr["STATUS_ID"] != 1) { $arMsg[] = array("id" => "FILENAME", "text" => str_replace("#FILENAME#", $FILENAME, GetMessage("FLOW_FILENAME_EXIST"))); } } } } if (!CWorkflow::IsAdmin()) { $arGroups = $USER->GetUserGroupArray(); if (!is_array($arGroups)) { $arGroups = array(2); } $arFilter = array("GROUP_ID" => $arGroups, "PERMISSION_TYPE_1" => 1, "ID_EXACT_MATCH" => "Y", "ID" => $STATUS_ID); $rsStatuses = CWorkflowStatus::GetList($by = "s_c_sort", $strOrder, $arFilter, $is_filtered, array("ID")); if (!$rsStatuses->Fetch()) { $arMsg[] = array("id" => "STATUS_ID", "text" => GetMessage("FLOW_ERROR_WRONG_STATUS")); } } $bIsPhp = IsPHP($BODY); if ($bIsPhp) { if ($USER->CanDoFileOperation('fm_lpa', array($SITE_ID, $FILENAME)) && !$USER->CanDoOperation('edit_php')) { if (CModule::IncludeModule("fileman")) { $old_res = CFileman::ParseFileContent($APPLICATION->GetFileContent($DOC_ROOT . $FILENAME), true); $old_BODY = $old_res["CONTENT"]; $BODY = CMain::ProcessLPA($BODY, $old_BODY); } else { $arMsg[] = array("id" => "BODY", "text" => "Error! Fileman is not included!"); } } else { if (!$USER->CanDoOperation('edit_php')) { $arMsg[] = array("id" => "BODY", "text" => GetMessage("FLOW_PHP_IS_NOT_AVAILABLE")); } } } if (!empty($arMsg)) { $e = new CAdminException($arMsg); $GLOBALS["APPLICATION"]->ThrowException($e); return false; } return true; }
public function Search($file) { global $APPLICATION, $USER; if ($this->maxResultCount && count($this->Result) >= $this->maxResultCount) { return "stop"; } if ($this->bSkip) { if ($file == $this->Params['lastPath']) { $this->bSkip = false; } else { return; } // Files was handled earlier } $io = CBXVirtualIo::GetInstance(); $bIsDir = $io->DirectoryExists($file); $replFileCount = 0; if ($bIsDir && !$this->Params['bDirsToo']) { return; } $entity = $bIsDir ? $io->GetDirectory($file) : $io->GetFile($file); $path = CFilemanUtils::TrimPath($file, $this->docRoot); $arPath = array($this->Params['site'], $path); // Check access if (!$USER->CanDoFileOperation('fm_view_file', $arPath)) { return; } $name = CFileman::GetFileName($file); // Name of file or dir // Check filename if ($this->Params['fileName'] != "") { if (!$this->Params['bCaseSens']) { $name = strtolower($name); $this->Params['fileName'] = strtolower($this->Params['fileName']); } // Simple find in file name if (strpos($this->Params['fileName'], "*") === false) { if (strpos($name, $this->Params['fileName']) === false) { return; } } else { $pattern = str_replace('.', '\\.', $this->Params['fileName']); $pattern = str_replace('/', '', $pattern); $pattern = str_replace('*', '.*', $pattern); if (!preg_match('/^' . $pattern . '$/i', $io->ExtractNameFromPath($file))) { return; } } } if (!$bIsDir) { // Check filesize $size = $entity->GetFileSize(); // Filesize limits in Kb if ($this->Params['sizeFrom'] > 0 && $size < $this->Params['sizeFrom'] * 1024 || $this->Params['sizeTo'] > 0 && $size > $this->Params['sizeTo'] * 1024) { return; } } else { $size = 0; } // Check filetime $time = $entity->GetModificationTime() + CTimeZone::GetOffset(); if ($this->Params['dateFrom'] && $time < MakeTimeStamp($this->Params['dateFrom'], CLang::GetDateFormat("FULL")) || $this->Params['dateTo'] && $time > MakeTimeStamp($this->Params['dateTo'], CLang::GetDateFormat("FULL"))) { return; } if ($this->Params['phrase'] != "") { // File size limits or it's dir or access denied if ($size > $this->maxFileOpenSize || $bIsDir || $this->bReplace && !$USER->CanDoFileOperation('fm_edit_existent_file', $arPath)) { return; } $fTmp = $io->GetFile($file); $phrase = $this->Params['phrase']; $fileContent = str_replace("\r\n", "\n", $fTmp->GetContents()); $origFileContent = $fileContent; $isPHP = CFileman::IsPHP($fileContent) || HasScriptExtension($path) || substr($name, 0, 1) == "."; if (!$this->Params['bCaseSens']) { $phrase = strtolower($phrase); $fileContent = strtolower($fileContent); } $I_PCRE_MODIFIER = $this->Params['bCaseSens'] ? '' : 'i'; // TODO: Add check Entire word //$this->Params['entire'] if (strpos($fileContent, $phrase) === false) { return; } if ($this->bReplace) { if ($isPHP && !$USER->CanDoOperation('edit_php')) { return; } // User can't write PHP files $pattern = '/' . preg_quote($this->Params['phrase'], '/') . '/' . $I_PCRE_MODIFIER . BX_UTF_PCRE_MODIFIER; $res = array(); preg_match_all($pattern, $origFileContent, $res); $origFileContent = preg_replace($pattern, $this->Params['replacePhrase'], $origFileContent); $replFileCount = count($res[0]); $APPLICATION->SaveFileContent($file, $origFileContent); } else { if ($isPHP && !($USER->CanDoOperation('edit_php') || $USER->CanDoFileOperation('fm_lpa', $arPath))) { return; } // User can't read PHP files $pattern = '/' . preg_quote($this->Params['phrase'], '/') . '/' . $I_PCRE_MODIFIER . BX_UTF_PCRE_MODIFIER; // Only for LPA. All php fragments will be cutted off if ($USER->CanDoFileOperation('fm_lpa', $arPath) && !$USER->CanDoOperation('edit_php')) { $origFileContent = CMain::ProcessLPA($origFileContent, ''); } $res = array(); preg_match_all($pattern, $origFileContent, $res); $replFileCount = count($res[0]); } } $this->Result[] = array('path' => $path, 'size' => $size, 'b_dir' => $bIsDir, 'time' => $time, 'str_date' => date(CDatabase::DateFormatToPHP(CLang::GetDateFormat("FULL")), $time), 'str_size' => $bIsDir ? "" : CFile::FormatSize($size), 'type_src' => "/bitrix/images/fileman/types/" . ($bIsDir ? "folder" : CFileMan::GetFileTypeEx($file)) . ".gif", 'repl_count' => $replFileCount); }
} } if ($step == 'chain') { IncludeModuleLangFile(dirname(__FILE__) . "/mailing_chain_edit.php"); $isUserHavePhpAccess = $USER->CanDoOperation('edit_php'); if ($REQUEST_METHOD == "POST" && !$isPostedFormProcessed && check_bitrix_sessid()) { if ($MAILING_CHAIN_ID <= 0) { if (!$isUserHavePhpAccess) { $MESSAGE_OLD = false; if ($ID > 0) { $mailingChainOld = \Bitrix\Sender\MailingChainTable::getRowById(array('ID' => $ID)); if ($mailingChainOld) { $MESSAGE_OLD = $mailingChainOld['MESSAGE']; } } $MESSAGE = CMain::ProcessLPA($MESSAGE, $MESSAGE_OLD); } $arFields = array("MAILING_ID" => $MAILING_ID, "SUBJECT" => $SUBJECT, "EMAIL_FROM" => $EMAIL_FROM, "MESSAGE" => $MESSAGE, "CREATED_BY" => $USER->GetID(), "REITERATE" => "N", "AUTO_SEND_TIME" => "", "DAYS_OF_WEEK" => "", "DAYS_OF_MONTH" => "", "TIMES_OF_DAY" => ""); if (empty($MESSAGE) && isset($IS_TEMPLATE_LIST_SHOWN) && $IS_TEMPLATE_LIST_SHOWN == 'Y') { $arError[] = GetMessage("sender_chain_edit_error_select_template"); } if (empty($arError)) { $mailingAddDb = \Bitrix\Sender\MailingChainTable::add($arFields); if ($mailingAddDb->isSuccess()) { $ID = $mailingAddDb->getId(); \Bitrix\Sender\MailingChainTable::initPosting($ID); $res = $ID > 0; $MAILING_CHAIN_ID = $ID; } else { $arError = $mailingAddDb->getErrorMessages(); }
$aTabs = array( array("DIV" => "edit1", "TAB" => GetMessage("MAIN_TAB1"), "ICON" => "template_edit", "TITLE" => GetMessage("MAIN_TAB1_TITLE")), array("DIV" => "edit2", "TAB" => GetMessage("MAIN_TAB2"), "ICON" => "template_edit", "TITLE" => GetMessage("MAIN_TAB2_TITLE")), array("DIV" => "edit3", "TAB" => GetMessage("MAIN_TAB4"), "ICON" => "template_edit", "TITLE" => GetMessage("MAIN_TAB4_TITLE")), ); if($bEdit) $aTabs[] = array("DIV" => "edit4", "TAB" => GetMessage("MAIN_TAB3"), "ICON" => "template_edit", "TITLE" => GetMessage("MAIN_TAB3_TITLE")); $tabControl = new CAdminTabControl("tabControl", $aTabs); if($REQUEST_METHOD == "POST" && (strlen($save) > 0 || strlen($apply) > 0) && check_bitrix_sessid() && ($edit_php || $lpa)) { $strError = ""; if ($lpa) { $CONTENT = CMain::ProcessLPA($CONTENT, htmlspecialcharsback($str_CONTENT)); //Add ..->ShowPanel() and WORK_AREA $ucont = strtolower($CONTENT); $sp = '<?$APPLICATION->ShowPanel();?>'; $body = '<body>'; $wa = '#WORK_AREA#'; $body_pos = strpos($ucont, $body); $sp_pos = strpos($ucont, strtolower($sp)); $wa_pos = strpos($ucont, strtolower($wa), $body_pos); if ($body_pos !== false && $sp_pos === false) // Add $APPLICATION->ShowPanel(); $CONTENT = substr($CONTENT, 0, $body_pos + strlen($body)).$sp.substr($CONTENT, $body_pos + strlen($body)); if ($wa_pos === false) $CONTENT .= $wa; } if(!class_exists('CFileMan'))
$aTabs = array( array("DIV" => "edit1", "TAB" => GetMessage("MAIN_TAB1"), "ICON" => "template_edit", "TITLE" => GetMessage("MAIN_TAB1_TITLE")), array("DIV" => "edit2", "TAB" => GetMessage("MAIN_TAB2"), "ICON" => "template_edit", "TITLE" => GetMessage("MAIN_TAB2_TITLE")), array("DIV" => "edit3", "TAB" => GetMessage("MAIN_TAB4"), "ICON" => "template_edit", "TITLE" => GetMessage("MAIN_TAB4_TITLE")), ); if($bEdit) $aTabs[] = array("DIV" => "edit4", "TAB" => GetMessage("MAIN_TAB3"), "ICON" => "template_edit", "TITLE" => GetMessage("MAIN_TAB3_TITLE")); $tabControl = new CAdminTabControl("tabControl", $aTabs); if($_SERVER["REQUEST_METHOD"] == "POST" && ($_POST["save"] <> '' || $_POST["apply"] <> '') && check_bitrix_sessid() && ($edit_php || $lpa)) { $strError = ""; if ($lpa) { $CONTENT = CMain::ProcessLPA($_POST["CONTENT"], htmlspecialcharsback($str_CONTENT)); //Add ..->ShowPanel() and WORK_AREA $ucont = strtolower($CONTENT); $sp = '<?$APPLICATION->ShowPanel();?>'; $body = '<body>'; $wa = '#WORK_AREA#'; $body_pos = strpos($ucont, $body); $sp_pos = strpos($ucont, strtolower($sp)); $wa_pos = strpos($ucont, strtolower($wa), $body_pos); if ($body_pos !== false && $sp_pos === false) // Add $APPLICATION->ShowPanel(); $CONTENT = substr($CONTENT, 0, $body_pos + strlen($body)).$sp.substr($CONTENT, $body_pos + strlen($body)); if ($wa_pos === false) $CONTENT .= $wa; } else {