protected function processActionDefault()
{
$pathToAjax = isset($this->arParams['AJAX_PATH']) ? $this->arParams['AJAX_PATH'] : '/bitrix/components/bitrix/disk.bitrix24disk/ajax.php';
/** @noinspection PhpDynamicAsStaticMethodCallInspection */
$quota = CDiskQuota::getDiskQuota();
$this->arResult['showDiskQuota'] = false;
//$quota !== true; //now without quota
$this->arResult['diskSpace'] = (double) COption::getOptionInt('main', 'disk_space') * 1024 * 1024;
$this->arResult['quota'] = $quota;
$this->arResult['ajaxIndex'] = $pathToAjax;
$this->arResult['ajaxStorageIndex'] = '/desktop_app/storage.php';
$this->arResult['isInstalledDisk'] = \Bitrix\Disk\Desktop::isDesktopDiskInstall();
$this->arResult['personalLibIndex'] = '/company/personal/user/' . $this->getUser()->getId() . '/disk/path/';
$this->arResult['isInstalledPull'] = (bool) isModuleInstalled('pull');
$this->arResult['currentUser'] = array('id' => $this->getUser()->getId(), 'formattedName' => $this->getUser()->getFormattedName());
Asset::getInstance()->addJs('/bitrix/components/bitrix/disk.bitrix24disk/disk.js');
$this->includeComponentTemplate();
}
/**
* @param string $ip
* @return bool
*/
protected function blockCurrentUser($ip = "")
{
if(self::currentUserHaveRightsForSkip())
return false;
if(!is_string($ip) || $ip === "")
$ip = $_SERVER["REMOTE_ADDR"];
$rule = new CSecurityIPRule;
CTimeZone::Disable();
$added = $rule->Add(array(
"RULE_TYPE" => "A",
"ACTIVE" => "Y",
"ADMIN_SECTION" => "Y",
"NAME" => getMessage("SECURITY_FILTER_IP_RULE", array("#IP#" => $ip)),
"ACTIVE_FROM" => ConvertTimeStamp(false, "FULL"),
"ACTIVE_TO" => ConvertTimeStamp(time()+COption::getOptionInt("security", "filter_duration")*60, "FULL"),
"INCL_IPS" => array($ip),
"INCL_MASKS" => array("/*"),
));
CTimeZone::Enable();
return ($added > 0);
}
/**
* Return WAF events count for Admin's informer popup and Admin's gadget
* @param string $pTimestamp - from date
* @return integer
*/
public function getEventsCount($pTimestamp = '')
{
if (!$this->isDBEngineActive) {
return 0;
}
/**
* @global CCacheManager $CACHE_MANAGER
* @global CDataBase $DB
*/
global $DB, $CACHE_MANAGER;
$ttl = 3600;
$cacheId = 'sec_events_count';
$cacheDir = '/security/events';
if ($CACHE_MANAGER->read($ttl, $cacheId, $cacheDir)) {
$result = $CACHE_MANAGER->get($cacheId);
} else {
if (strlen($pTimestamp) <= 0) {
$days = COption::getOptionInt("main", "event_log_cleanup_days", 7);
if ($days > 7) {
$days = 7;
}
$pTimestamp = convertTimeStamp(time() - $days * 24 * 3600 + CTimeZone::getOffset());
}
$arAudits = array("SECURITY_FILTER_SQL", "SECURITY_FILTER_XSS", "SECURITY_FILTER_XSS2", "SECURITY_FILTER_PHP");
$strAuditsSql = implode("', '", $arAudits);
$strSql = "\n\t\t\t\tSELECT COUNT(ID) AS COUNT\n\t\t\t\tFROM\n\t\t\t\t\tb_event_log\n\t\t\t\tWHERE\n\t\t\t\t\tAUDIT_TYPE_ID in ('" . $strAuditsSql . "')\n\t\t\t\tAND\n\t\t\t\t\t(MODULE_ID = 'security' and MODULE_ID is not null)\n\t\t\t\tAND\n\t\t\t\t\tTIMESTAMP_X >= " . $DB->charToDateFunction($DB->forSQL($pTimestamp)) . "\n\t\t\t";
$res = $DB->query($strSql, false, "FILE: " . __FILE__ . "<br>LINE: " . __LINE__);
if ($arRes = $res->fetch()) {
$result = $arRes["COUNT"];
} else {
$result = 0;
}
$CACHE_MANAGER->set($cacheId, $result);
}
return $result;
}
public static function initializeBasicKernel()
{
//language independed classes
require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/classes/general/punycode.php";
require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/classes/general/charset_converter.php";
require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/" . $GLOBALS["DBType"] . "/main.php";
//main class
require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/" . $GLOBALS["DBType"] . "/option.php";
//options and settings class
require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/general/cache.php";
//various cache classes
require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/general/cache_html.php";
//html cache class support
require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/general/module.php";
error_reporting(E_COMPILE_ERROR | E_ERROR | E_CORE_ERROR | E_PARSE);
require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/classes/general/virtual_io.php";
require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/classes/general/virtual_file.php";
//define global application object
$GLOBALS["APPLICATION"] = new \CMain();
if (defined("SITE_ID")) {
define("LANG", SITE_ID);
}
if (defined("LANG")) {
if (defined("ADMIN_SECTION") && ADMIN_SECTION === true) {
$db_lang = CLangAdmin::getByID(LANG);
} else {
$db_lang = CLang::getByID(LANG);
}
$arLang = $db_lang->fetch();
} else {
$arLang = $GLOBALS["APPLICATION"]->getLang();
// define("LANG", $arLang["LID"]);
}
$lang = $arLang["LID"];
// define("SITE_ID", $arLang["LID"]);
// define("SITE_DIR", $arLang["DIR"]);
// define("SITE_SERVER_NAME", $arLang["SERVER_NAME"]);
// define("SITE_CHARSET", $arLang["CHARSET"]);
// define("FORMAT_DATE", $arLang["FORMAT_DATE"]);
// define("FORMAT_DATETIME", $arLang["FORMAT_DATETIME"]);
// define("LANG_DIR", $arLang["DIR"]);
// define("LANG_CHARSET", $arLang["CHARSET"]);
// define("LANG_ADMIN_LID", $arLang["LANGUAGE_ID"]);
// define("LANGUAGE_ID", $arLang["LANGUAGE_ID"]);
/// нужна кодировка для конвертации
$GLOBALS["APPLICATION"]->reinitPath();
//global var, is used somewhere
$GLOBALS["sDocPath"] = $GLOBALS["APPLICATION"]->getCurPage();
IncludeModuleLangFile($_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/tools.php");
IncludeModuleLangFile($_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/date_format.php");
IncludeModuleLangFile($_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/general/database.php");
IncludeModuleLangFile($_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/general/main.php");
IncludeModuleLangFile(__FILE__);
error_reporting(\COption::getOptionInt("main", "error_reporting", E_COMPILE_ERROR | E_ERROR | E_CORE_ERROR | E_PARSE) & ~E_STRICT);
if (!defined("BX_COMP_MANAGED_CACHE") && \COption::getOptionString("main", "component_managed_cache_on", "Y") != "N") {
}
// define("BX_COMP_MANAGED_CACHE", true);
require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/filter_tools.php";
require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/ajax_tools.php";
require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/general/urlrewriter.php";
\CModule::addAutoloadClasses("main", array("CBitrixComponent" => "classes/general/component.php", "CComponentEngine" => "classes/general/component_engine.php", "CComponentAjax" => "classes/general/component_ajax.php", "CBitrixComponentTemplate" => "classes/general/component_template.php", "CComponentUtil" => "classes/general/component_util.php", "CControllerClient" => "classes/general/controller_member.php", "PHPParser" => "classes/general/php_parser.php", "CDiskQuota" => "classes/" . $GLOBALS["DBType"] . "/quota.php", "CEventLog" => "classes/general/event_log.php", "CEventMain" => "classes/general/event_log.php", "CAdminFileDialog" => "classes/general/file_dialog.php", "WLL_User" => "classes/general/liveid.php", "WLL_ConsentToken" => "classes/general/liveid.php", "WindowsLiveLogin" => "classes/general/liveid.php", "CAllFile" => "classes/general/file.php", "CFile" => "classes/" . $GLOBALS["DBType"] . "/file.php", "CTempFile" => "classes/general/file_temp.php", "CFavorites" => "classes/" . $GLOBALS["DBType"] . "/favorites.php", "CUserOptions" => "classes/general/user_options.php", "CGridOptions" => "classes/general/grids.php", "CUndo" => "/classes/general/undo.php", "CAutoSave" => "/classes/general/undo.php", "CRatings" => "classes/" . $GLOBALS["DBType"] . "/ratings.php", "CRatingsComponentsMain" => "classes/" . $GLOBALS["DBType"] . "/ratings_components.php", "CRatingRule" => "classes/general/rating_rule.php", "CRatingRulesMain" => "classes/" . $GLOBALS["DBType"] . "/rating_rules.php", "CTopPanel" => "public/top_panel.php", "CEditArea" => "public/edit_area.php", "CComponentPanel" => "public/edit_area.php", "CTextParser" => "classes/general/textparser.php", "CPHPCacheFiles" => "classes/general/cache_files.php", "CTimeZone" => "classes/general/time.php", "CDataXML" => "classes/general/xml.php", "CRsaProvider" => "classes/general/rsasecurity.php", "CRsaSecurity" => "classes/general/rsasecurity.php", "CRsaBcmathProvider" => "classes/general/rsabcmath.php", "CRsaOpensslProvider" => "classes/general/rsaopenssl.php", "CASNReader" => "classes/general/asn.php", "CBXShortUri" => "classes/" . $GLOBALS["DBType"] . "/short_uri.php", "CFinder" => "classes/general/finder.php", "CAccess" => "classes/general/access.php", "CAuthProvider" => "classes/general/authproviders.php", "IProviderInterface" => "classes/general/authproviders.php", "CGroupAuthProvider" => "classes/general/authproviders.php", "CUserAuthProvider" => "classes/general/authproviders.php", "Bitrix\\Main\\Entity\\Base" => "lib/entity/base.php", "Bitrix\\Main\\Entity\\DataManager" => "lib/entity/base.php", "Bitrix\\Main\\Entity\\Field" => "lib/entity/field.php", "Bitrix\\Main\\Entity\\ScalarField" => "lib/entity/scalarfield.php", "Bitrix\\Main\\Entity\\IntegerField" => "lib/entity/integerfield.php", "Bitrix\\Main\\Entity\\FloatField" => "lib/entity/floatfield.php", "Bitrix\\Main\\Entity\\StringField" => "lib/entity/stringfield.php", "Bitrix\\Main\\Entity\\TextField" => "lib/entity/textfield.php", "Bitrix\\Main\\Entity\\BooleanField" => "lib/entity/booleanfield.php", "Bitrix\\Main\\Entity\\DateField" => "lib/entity/datefield.php", "Bitrix\\Main\\Entity\\DatetimeField" => "lib/entity/datetimefield.php", "Bitrix\\Main\\Entity\\EnumField" => "lib/entity/enumfield.php", "Bitrix\\Main\\Entity\\ExpressionField" => "lib/entity/expressionfield.php", "Bitrix\\Main\\Entity\\UField" => "lib/entity/ufield.php", "WorkgroupEntity" => "lib/workgroup.php", "Bitrix\\Main\\Entity\\ReferenceField" => "lib/entity/referencefield.php", "Bitrix\\Main\\Entity\\Query" => "lib/entity/query.php", "Bitrix\\Main\\Entity\\QueryChain" => "lib/entity/querychain.php", "Bitrix\\Main\\Entity\\QueryChainElement" => "lib/entity/querychainelement.php", "SiteEntity" => "lib/site.php", "Site" => "lib/site.php", "UserEntity" => "lib/user.php", "UtsUserEntity" => "lib/utsuser.php", "UtmUserEntity" => "lib/utmuser.php", "UserGroupEntity" => "lib/usergroup.php", "GroupEntity" => "lib/group.php", "CTableSchema" => "classes/general/table_schema.php", "CUserCounter" => "classes/" . $GLOBALS["DBType"] . "/user_counter.php", "CHotKeys" => "classes/general/hot_keys.php", "CHotKeysCode" => "classes/general/hot_keys.php", "CBXSanitizer" => "classes/general/sanitizer.php", "CBXArchive" => "classes/general/archive.php", "CAdminNotify" => "classes/general/admin_notify.php", "CBXFavAdmMenu" => "classes/general/favorites.php", "CAdminInformer" => "classes/general/admin_informer.php"));
require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/" . $GLOBALS["DBType"] . "/agent.php";
require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/" . $GLOBALS["DBType"] . "/user.php";
require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/" . $GLOBALS["DBType"] . "/event.php";
require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/general/menu.php";
AddEventHandler("main", "OnAfterEpilog", array("CCacheManager", "_Finalize"));
require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/" . $GLOBALS["DBType"] . "/usertype.php";
//component 2.0 template engines
// нужно до подключения init.php
$GLOBALS["arCustomTemplateEngines"] = array();
}
<?php
require $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_admin_before.php";
if (check_bitrix_sessid()) {
$IBLOCK_ID = COption::getOptionInt('intranet', 'iblock_structure', 0);
$SECTION_ID = intval($_REQUEST['SECTION_ID']);
$USER_ID = intval($_REQUEST['USER_ID']);
if ($IBLOCK_ID && $SECTION_ID && $USER_ID && CModule::IncludeModule('iblock')) {
$perm = CIBlock::GetPermission($IBLOCK_ID);
if ($perm >= 'W') {
$obS = new CIBlockSection();
if ($obS->Update($SECTION_ID, array('UF_HEAD' => $USER_ID))) {
echo '<script>BX.reload(true);</script>';
} elseif ($obS->LAST_ERROR) {
echo '<script>alert(\'' . CUtil::JSEscape($obS->LAST_ERROR) . '\');</script>';
}
} else {
echo '<script>alert(\'Access denied!\');</script>';
}
} else {
echo '<script>alert(\'Params error!\');</script>';
}
} else {
echo '<script>alert(\'Session expired!\');</script>';
}
function Connect($mailbox_id)
{
global $DB;
$mailbox_id = IntVal($mailbox_id);
$strSql = "SELECT MB.*, C.CHARSET as LANG_CHARSET " . "FROM b_mail_mailbox MB, b_lang L, b_culture C " . "WHERE MB.LID=L.LID AND C.ID=L.CULTURE_ID " . "\tAND MB.ID=" . $mailbox_id;
$dbr = $DB->Query($strSql, false, "File: " . __FILE__ . "<br>Line: " . __LINE__);
$dbr = new _CMailBoxDBRes($dbr);
if (!($arMAILBOX_PARAMS = $dbr->Fetch())) {
return CMailError::SetError("ERR_MAILBOX_NOT_FOUND", GetMessage("MAIL_CL_ERR_MAILBOX_NOT_FOUND"), GetMessage("MAIL_CL_ERR_MAILBOX_NOT_FOUND"));
}
@set_time_limit(0);
// https://support.google.com/mail/answer/47948
if ($arMAILBOX_PARAMS["SERVER"] == 'pop.gmail.com') {
$arMAILBOX_PARAMS["LOGIN"] = '******' . $arMAILBOX_PARAMS["LOGIN"];
}
$server = $arMAILBOX_PARAMS["SERVER"];
if (($arMAILBOX_PARAMS['USE_TLS'] == 'Y' || $arMAILBOX_PARAMS['USE_TLS'] == 'S') && strpos($server, 'tls://') === false) {
$server = 'tls://' . $server;
}
$pop3_conn =& $this->pop3_conn;
$pop3_conn = stream_socket_client(sprintf('%s:%s', $server, $arMAILBOX_PARAMS["PORT"]), $errno, $errstr, COption::getOptionInt('mail', 'connect_timeout', B_MAIL_TIMEOUT), STREAM_CLIENT_CONNECT, stream_context_create(array('ssl' => array('allow_self_signed' => $arMAILBOX_PARAMS['USE_TLS'] == 'S'))));
CMailLog::AddMessage(array("MAILBOX_ID" => $mailbox_id, "STATUS_GOOD" => "Y", "MESSAGE" => GetMessage("MAIL_CL_CONNECT_TO") . " " . $arMAILBOX_PARAMS["SERVER"]));
if (!$pop3_conn || !is_resource($pop3_conn)) {
CMailLog::AddMessage(array("MAILBOX_ID" => $mailbox_id, "STATUS_GOOD" => "N", "MESSAGE" => GetMessage("MAIL_CL_TIMEOUT")));
return CMailError::SetError("ERR_CONNECT_TIMEOUT", GetMessage("MAIL_CL_TIMEOUT"), "{$errstr} ({$errno})");
}
$this->mailbox_id = $mailbox_id;
if ($arMAILBOX_PARAMS["CHARSET"] != '') {
$this->charset = $arMAILBOX_PARAMS["CHARSET"];
} else {
$this->charset = $arMAILBOX_PARAMS["LANG_CHARSET"];
}
$this->use_md5 = $arMAILBOX_PARAMS["USE_MD5"];
$session_id = md5(uniqid(""));
$this->GetResponse();
$greeting = $this->GetResponseString();
if ($this->use_md5 == "Y" && preg_match("'(<.+>)'", $greeting, $reg)) {
$this->SendCommand("APOP " . $arMAILBOX_PARAMS["LOGIN"] . " " . md5($reg[1] . $arMAILBOX_PARAMS["PASSWORD"]));
if (!$this->GetResponse()) {
return CMailError::SetError("ERR_AFTER_USER", GetMessage("MAIL_CL_ERR_APOP"), $this->GetResponseString());
}
} else {
$this->SendCommand("USER " . $arMAILBOX_PARAMS["LOGIN"]);
if (!$this->GetResponse()) {
return CMailError::SetError("ERR_AFTER_USER", GetMessage("MAIL_CL_ERR_USER"), $this->GetResponseString());
}
$this->SendCommand("PASS " . $arMAILBOX_PARAMS["PASSWORD"]);
if (!$this->GetResponse()) {
return CMailError::SetError("ERR_AFTER_PASS", GetMessage("MAIL_CL_ERR_PASSWORD"), $this->GetResponseString());
}
}
$this->SendCommand("STAT");
if (!$this->GetResponse()) {
return CMailError::SetError("ERR_AFTER_STAT", GetMessage("MAIL_CL_ERR_STAT"), $this->GetResponseString());
}
$stat = trim($this->GetResponseBody());
$arStat = explode(" ", $stat);
$this->mess_count = $arStat[1];
if ($this->mess_count > 0) {
$this->mess_size = $arStat[2];
$arLIST = array();
if ($arMAILBOX_PARAMS["MAX_MSG_SIZE"] > 0) {
$this->SendCommand("LIST");
if (!$this->GetResponse(true)) {
return CMailError::SetError("ERR_AFTER_LIST", "LIST command error", $this->GetResponseString());
}
$list = $this->GetResponseBody();
preg_match_all("'([0-9]+)[ ]+?(.+)'", $list, $arLIST_temp, PREG_SET_ORDER);
for ($i = 0, $n = count($arLIST_temp); $i < $n; $i++) {
$arLIST[IntVal($arLIST_temp[$i][1])] = IntVal($arLIST_temp[$i][2]);
}
}
$this->SendCommand("UIDL");
if (!$this->GetResponse(true)) {
return CMailError::SetError("ERR_AFTER_UIDL", GetMessage("MAIL_CL_ERR_UIDL"), $this->GetResponseString());
}
$uidl = $this->GetResponseBody();
preg_match_all("'([0-9]+)[ ]+?(.+)'", $uidl, $arUIDL_temp, PREG_SET_ORDER);
$arUIDL = array();
$cnt = count($arUIDL_temp);
for ($i = 0; $i < $cnt; $i++) {
$arUIDL[md5($arUIDL_temp[$i][2])] = $arUIDL_temp[$i][1];
}
$skipOldUIDL = $cnt < $this->mess_count;
if ($skipOldUIDL) {
AddMessage2Log(sprintf("%s\n%s of %s", $this->response, $cnt, $this->mess_count), 'mail');
}
$arOldUIDL = array();
if (count($arUIDL) > 0) {
$strSql = 'SELECT ID FROM b_mail_message_uid WHERE MAILBOX_ID = ' . $mailbox_id;
$db_res = $DB->query($strSql, false, 'File: ' . __FILE__ . '<br>Line: ' . __LINE__);
while ($ar_res = $db_res->fetch()) {
if (isset($arUIDL[$ar_res['ID']])) {
unset($arUIDL[$ar_res['ID']]);
} else {
if (!$skipOldUIDL) {
$arOldUIDL[] = $ar_res['ID'];
}
}
}
}
while (count($arOldUIDL) > 0) {
$ids = "'" . join("','", array_splice($arOldUIDL, 0, 1000)) . "'";
$strSql = 'DELETE FROM b_mail_message_uid WHERE MAILBOX_ID = ' . $mailbox_id . ' AND ID IN (' . $ids . ')';
$DB->query($strSql, false, 'File: ' . __FILE__ . '<br>Line: ' . __LINE__);
}
$this->new_mess_count = 0;
$this->deleted_mess_count = 0;
$session_id = md5(uniqid(""));
foreach ($arUIDL as $msguid => $msgnum) {
if ($arMAILBOX_PARAMS["MAX_MSG_SIZE"] <= 0 || $arLIST[$msgnum] <= $arMAILBOX_PARAMS["MAX_MSG_SIZE"]) {
$this->GetMessage($mailbox_id, $msgnum, $msguid, $session_id);
}
if ($arMAILBOX_PARAMS["DELETE_MESSAGES"] == "Y") {
$this->DeleteMessage($msgnum);
$this->deleted_mess_count++;
}
$this->new_mess_count++;
if ($arMAILBOX_PARAMS["MAX_MSG_COUNT"] > 0 && $arMAILBOX_PARAMS["MAX_MSG_COUNT"] <= $this->new_mess_count) {
break;
}
}
}
$this->SendCommand("QUIT");
if (!$this->GetResponse()) {
return CMailError::SetError("ERR_AFTER_QUIT", GetMessage("MAIL_CL_ERR_DISCONNECT"), $this->GetResponseString());
}
fclose($pop3_conn);
return true;
}
/**
* @param string $pIP
*/
protected function blockCurrentUser($pIP = "")
{
static $blocked = array();
if($this->currentUserHaveRightsForSkip())
return;
if(is_string($pIP) && $pIP != "")
{
$ip = $pIP;
}
else
{
$ip = $_SERVER["REMOTE_ADDR"];
}
if(!array_key_exists($ip, $blocked))
{
$rule = new CSecurityIPRule;
CTimeZone::Disable();
$rule->Add(array(
"RULE_TYPE" => "A",
"ACTIVE" => "Y",
"ADMIN_SECTION" => "Y",
"NAME" => getMessage("SECURITY_FILTER_IP_RULE", array("#IP#" => $ip)),
"ACTIVE_FROM" => ConvertTimeStamp(false, "FULL"),
"ACTIVE_TO" => ConvertTimeStamp(time()+COption::getOptionInt("security", "filter_duration")*60, "FULL"),
"INCL_IPS" => array($ip),
"INCL_MASKS" => array("*"),
));
CTimeZone::Enable();
$blocked[$ip] = true;
$this->isUserBlocked = true;
}
}
/**
* @param $userId
* @return bool
*/
public function canRead($userId)
{
if ($this->canRead !== null) {
return $this->canRead;
}
if (($res = $this->getDataToCheck($this->entityId)) && !empty($res)) {
list($message, $topic) = $res;
$entityId = null;
$entityType = null;
if (!empty($topic["XML_ID"])) {
$entityId = substr($topic["XML_ID"], strrpos($topic["XML_ID"], "_") + 1);
$entityType = substr($topic["XML_ID"], 0, strrpos($topic["XML_ID"], "_"));
}
switch ($entityType) {
case "TASK":
if (Loader::includeModule("tasks")) {
$connector = new TaskConnector($entityId, $this->attachedObject);
$this->canRead = $connector->canRead($userId);
return $this->canRead;
}
break;
case "EVENT":
if (Loader::includeModule("calendar")) {
$connector = new CalendarEventConnector($entityId, $this->attachedObject);
$this->canRead = $connector->canRead($userId);
return $this->canRead;
}
break;
case "IBLOCK":
if ((int) $topic["USER_ID"] > 0 && Loader::includeModule("socialnetwork")) {
$codes = array();
if (($res = \CSocNetLog::getList(array(), array("SOURCE_ID" => $entityId, "EVENT_ID" => array("photo_photo", "news", "wiki")), false, false, array("ID"))->fetch()) && $res) {
$db_res = \CSocNetLogRights::getList(array(), array("LOG_ID" => $res["ID"]));
while ($res = $db_res->fetch()) {
$codes[] = $res["GROUP_CODE"];
}
}
$this->canRead = $this->canAccess($userId, $codes);
return $this->canRead;
}
$this->canRead = true;
return $this->canRead;
case "MEETING":
$this->canRead = (int) $message["FORUM_ID"] == (int) \COption::getOptionInt('meeting', 'comments_forum_id', 0, SITE_ID);
return $this->canRead;
case "TIMEMAN_ENTRY":
if (Loader::includeModule("timeman")) {
$dbEntry = \CTimeManEntry::getList(array(), array("ID" => $entityId), false, false, array("ID", "USER_ID"));
if ($arEntry = $dbEntry->fetch()) {
if ($arEntry["USER_ID"] == $userId) {
$this->canRead = true;
return $this->canRead;
} else {
$arManagers = \CTimeMan::getUserManagers($arEntry["USER_ID"]);
$this->canRead = in_array($userId, $arManagers);
return $this->canRead;
}
}
}
$this->canRead = false;
return $this->canRead;
case "TIMEMAN_REPORT":
if (Loader::includeModule("timeman")) {
$dbReport = \CTimeManReportFull::getList(array(), array("ID" => $entityId), array("ID", "USER_ID"));
if ($arReport = $dbReport->fetch()) {
if ($arReport["USER_ID"] == $userId) {
$this->canRead = true;
return $this->canRead;
} else {
$arManagers = \CTimeMan::getUserManagers($arReport["USER_ID"]);
$this->canRead = in_array($userId, $arManagers);
return $this->canRead;
}
}
}
$this->canRead = false;
return $this->canRead;
case "WF":
$this->canRead = false;
if (Loader::includeModule("bizproc")) {
$currentUserId = (int) $this->getUser()->getId();
$participants = \CBPTaskService::getWorkflowParticipants($entityId);
if (in_array($currentUserId, $participants)) {
$this->canRead = true;
} else {
$state = \CBPStateService::getWorkflowStateInfo($entityId);
if ($state && $currentUserId === (int) $state['STARTED_BY']) {
$this->canRead = true;
}
}
}
return $this->canRead;
}
if ((!empty($topic["SOCNET_GROUP_ID"]) || !empty($topic["OWNER_ID"])) && Loader::includeModule("socialnetwork")) {
if (!empty($topic["SOCNET_GROUP_ID"])) {
$this->canRead = \CSocNetFeatures::isActiveFeature(SONET_ENTITY_GROUP, $topic["SOCNET_GROUP_ID"], "forum") && \CSocNetFeaturesPerms::canPerformOperation($userId, SONET_ENTITY_GROUP, $topic["SOCNET_GROUP_ID"], "forum", "view");
return $this->canRead;
} else {
$this->canRead = \CSocNetFeatures::isActiveFeature(SONET_ENTITY_USER, $topic["OWNER_ID"], "forum") && \CSocNetFeaturesPerms::canPerformOperation($userId, SONET_ENTITY_USER, $topic["OWNER_ID"], "forum", "view");
return $this->canRead;
}
}
if ($message) {
$user = $this->getUser();
if ($user && $userId == $user->getId()) {
$userGroups = $user->getUserGroupArray();
} else {
$userGroups = array(2);
}
/** @noinspection PhpDynamicAsStaticMethodCallInspection */
if (\CForumUser::isAdmin($userId, $userGroups)) {
$this->canRead = true;
return $this->canRead;
}
/** @noinspection PhpDynamicAsStaticMethodCallInspection */
$perms = \CForumNew::getUserPermission($message["FORUM_ID"], $userGroups);
if ($perms >= "Y") {
$this->canRead = true;
return $this->canRead;
}
if ($perms < "E" || $perms < "Q" && $message["APPROVED"] != "Y") {
$this->canRead = false;
return $this->canRead;
}
/** @noinspection PhpDynamicAsStaticMethodCallInspection */
$forum = \CForumNew::getByID($message["FORUM_ID"]);
$this->canRead = $forum["ACTIVE"] == "Y";
return $this->canRead;
}
}
$this->canRead = false;
return $this->canRead;
}
