function IsAdmin()
{
global $USER, $APPLICATION;
if (!is_object($USER)) $USER = new CUser;
if ($USER->IsAdmin()) return true;
$FORM_RIGHT = $APPLICATION->GetGroupRight("form");
if ($FORM_RIGHT>="W") return true;
}
/**
* <p>Возвращает "true", если текущий пользователь имеет административные <a href="http://dev.1c-bitrix.ru/api_help/form/permissions.php#module">права</a> на модуль <b>Веб-формы</b>, в противном случае - "false".</p>
*
*
*
*
* @return bool
*
*
* <h4>Example</h4>
* <pre>
* <?
* if (<b>CForm::IsAdmin</b>())
* {
* echo "У вас административные права на модуль Веб-форм.";
* }
* ?>
* </pre>
*
*
*
* <h4>See Also</h4>
* <ul><li> <a href="http://dev.1c-bitrix.ru/api_help/form/permissions.php#module">Права на модуль</a>
* </li></ul> <a name="examples"></a>
*
*
* @static
* @link http://dev.1c-bitrix.ru/api_help/form/classes/cform/isadmin.php
* @author Bitrix
*/
public static function IsAdmin()
{
global $USER, $APPLICATION;
if (!is_object($USER)) {
$USER = new CUser();
}
if ($USER->IsAdmin()) {
return true;
}
$FORM_RIGHT = $APPLICATION->GetGroupRight("form");
if ($FORM_RIGHT >= "W") {
return true;
}
}
public function getAllAsList()
{
$sql = 'SELECT *, (published <= NOW()) AS available FROM rm_news;';
$res = $this->db->ExecuteSelectQueryAndFetchAll($sql);
$html = '<ul>';
foreach ($res as $val) {
$html .= "<li>" . htmlentities($val->title, null, 'UTF-8') . ": är" . (!$val->available ? ' inte' : null) . " publicerad ";
if (CUser::IsAdmin()) {
$html .= "(<a href='?id={$val->id}'>editera</a> | <a href='" . (!$val->available ? "?publish={$val->id}" : "news.php?slug={$val->slug}") . "'>" . (!$val->available ? 'publisera' : 'visa') . "</a> | <a href='?delete={$val->id}'>ta bort</a>)</li>";
} else {
$html .= $val->available ? "(<a href='news.php?slug={$val->slug}'>visa</a>)</li>" : null;
}
}
$html .= '</ul>';
return $html;
}
public function getAllAsList()
{
$hits = isset($_GET['hits']) ? htmlentities($_GET['hits'], null, 'UTF-8') : 10;
$page = isset($_GET['page']) ? htmlentities($_GET['page'], null, 'UTF-8') : 1;
$orderby = isset($_GET['orderby']) ? htmlentities(strtolower($_GET['orderby']), null, 'UTF-8') : 'id';
$order = isset($_GET['order']) ? htmlentities(strtolower($_GET['order']), null, 'UTF-8') : 'desc';
// Check that incoming parameters are valid
is_numeric($hits) or header("Location: 404.php?error=Hits must be numeric.");
is_numeric($page) or header("Location: 404.php?error=Page must be numeric.");
// Get rows and max
$sql = "SELECT COUNT(id) AS rows FROM rm_movie;";
$rowsArr = $this->db->ExecuteSelectQueryAndFetchAll($sql);
$rows = $rowsArr[0]->rows;
$max = ceil($rows / $hits);
$sort = " ORDER BY {$orderby} {$order}";
// Pagination
$limit = null;
if ($hits && $page) {
$limit = " LIMIT {$hits} OFFSET " . ($page - 1) * $hits;
}
$sql = 'SELECT id, title, (published <= NOW()) AS available FROM rm_vmovie' . $sort . $limit;
$res = $this->db->ExecuteSelectQueryAndFetchAll($sql);
// Put results into a HTML-table
$tr = "<div style='text-align: right; float:right;'>{$rows} träffar. " . $this->getHitsPerPage(array(5, 10, 20)) . "</div>\n";
$tr .= "<table class='admin'>\n";
$tr .= "<tr><th>Id{$this->orderby('id', true)}</th><th>Titel{$this->orderby('title', true)}</th><th>Status</th>" . (CUser::IsAdmin() ? "<th>Editera</th><th>Ta bort</th>" : null) . "</tr>";
foreach ($res as $key => $val) {
$id = htmlentities($val->id, null, 'UTF-8');
$tr .= "<tr>";
$tr .= "<td>{$id}</td>";
$tr .= "<td style='text-align: left;'>" . htmlentities($val->title, null, 'UTF-8') . "</td>";
if (CUser::IsAdmin()) {
$tr .= "<td>" . (!$val->available ? ' inte' : null) . " publicerad<br>";
$tr .= "<a href='" . (!$val->available ? "?publish={$val->id}" : "movies.php?id={$id}") . "'>" . (!$val->available ? 'publisera' : 'visa') . "</a></td>";
$tr .= "<td><a href='?id={$id}'><img src='img.php?src=edit.png&width=25' alt='edit'/></a></td>";
$tr .= "<td><a href='?delete={$id}'><img src='img.php?src=delete.png&width=25' alt='delete'/></a></td>";
} else {
$tr .= "<td>" . (!$val->available ? ' inte' : null) . " publicerad<br>";
$tr .= ($val->available ? "<a href='movies.php?id={$id}'>visa</a></li>" : null) . "</td>";
}
$tr .= "</tr>\n";
}
$tr .= "</table>\n";
$tr .= "<div style='text-align: center;'>" . $this->getPageNavigation($hits, $page, $max) . "</div>\n";
return $tr;
}
public static function var_dump($data, $echo = true, $isAdmin = true)
{
global $USER;
if (!is_object($USER)) {
$USER = new CUser();
}
if ($isAdmin && !$USER->IsAdmin()) {
return false;
}
ob_start();
echo '<pre>';
var_dump($data);
echo '</pre>';
$result = ob_get_clean();
if ($echo) {
echo $result;
} else {
return $result;
}
}
/**
* Checking all forms for spam
* @return null|boolean NULL when success or FALSE when spam detected
*/
public function OnPageStartHandler()
{
global $APPLICATION, $USER;
if (!is_object($USER)) {
$USER = new CUser();
}
$ct_status = COption::GetOptionString('cleantalk.antispam', 'status', '0');
$ct_global = COption::GetOptionString('cleantalk.antispam', 'form_global_check', '0');
$key = COption::GetOptionString('cleantalk.antispam', 'key', '');
$last_checked = COption::GetOptionString('cleantalk.antispam', 'last_checked', 0);
$last_status = COption::GetOptionString('cleantalk.antispam', 'is_paid', 0);
$new_checked = time();
$is_sfw = COption::GetOptionString('cleantalk.antispam', 'form_sfw', 0);
$sfw_last_updated = COption::GetOptionString('cleantalk.antispam', 'sfw_last_updated', 0);
if ($is_sfw == 1 && time() - $sfw_last_updated > 10) {
global $DB;
$data = array('auth_key' => $key, 'method_name' => '2s_blacklists_db');
$result = CleantalkAntispam::CleantalkSendRequest('https://api.cleantalk.org/2.1', $data, false);
$result = json_decode($result, true);
if (isset($result['data'])) {
$result = $result['data'];
$query = "INSERT INTO `" . $wpdb->base_prefix . "cleantalk_sfw` VALUES ";
//$wpdb->query("TRUNCATE TABLE `".$wpdb->base_prefix."cleantalk_sfw`;");
for ($i = 0; $i < sizeof($result); $i++) {
if ($i == sizeof($result) - 1) {
$query .= "(" . $result[$i][0] . "," . $result[$i][1] . ");";
} else {
$query .= "(" . $result[$i][0] . "," . $result[$i][1] . "), ";
}
}
$DB->Query($query);
}
include_once "cleantalk-sfw.class.php";
$sfw = new CleanTalkSFW();
$sfw->send_logs();
COption::SetOptionString('cleantalk.antispam', 'sfw_last_updated', time());
}
if ($is_sfw == 1 && !$USER->IsAdmin()) {
include_once "cleantalk-sfw.class.php";
$is_sfw_check = true;
$ip = CleantalkAntispam::CleantalkGetIP();
$ip = array_unique($ip);
$sfw_log = COption::GetOptionString('cleantalk.antispam', 'sfw_log', '');
for ($i = 0; $i < sizeof($ip); $i++) {
if (isset($_COOKIE['ct_sfw_pass_key']) && $_COOKIE['ct_sfw_pass_key'] == md5($ip[$i] . $key)) {
$is_sfw_check = false;
if (isset($_COOKIE['ct_sfw_passed'])) {
if ($sfw_log == '') {
$sfw_log = array();
$sfw_log[$ip[$i]] = array();
} else {
$sfw_log = json_decode($sfw_log, true);
}
$sfw_log[$ip[$i]]['allow']++;
COption::SetOptionString('cleantalk.antispam', 'sfw_log', json_encode($sfw_log));
@setcookie('ct_sfw_passed', '0', 1, "/");
}
}
}
if ($is_sfw_check) {
include_once "cleantalk-sfw.class.php";
$sfw = new CleanTalkSFW();
$sfw->cleantalk_get_real_ip();
$sfw->check_ip();
if ($sfw->result) {
$sfw->sfw_die();
}
}
}
if ($key != '' && $key != 'enter key' && $USER->IsAdmin()) {
$new_status = $last_status;
if ($new_checked - $last_checked > 86400) {
$url = 'https://api.cleantalk.org';
$dt = array('auth_key' => $key, 'method_name' => 'get_account_status');
$result = CleantalkAntispam::CleantalkSendRequest($url, $dt, false);
if ($result !== null) {
$result = json_decode($result);
if (isset($result->data) && isset($result->data->paid)) {
$new_status = intval($result->data->paid);
if ($last_status != 1 && $new_status == 1) {
COption::SetOptionString('cleantalk.antispam', 'is_paid', 1);
$show_notice = 1;
if (LANGUAGE_ID == 'ru') {
$review_message = "Нравится антиспам от CleanTalk? Расскажите другим об этом! <a target='_blank' href='http://marketplace.1c-bitrix.ru/solutions/cleantalk.antispam/#rating'>Оставьте отзыв в Bitrix.Marketplace</a>";
} else {
$review_mess = "Like Anti-spam by CleanTalk? Help others learn about CleanTalk! <a target='_blank' href='http://marketplace.1c-bitrix.ru/solutions/cleantalk.antispam/#rating'>Leave a review at the Bitrix.Marketplace</a>";
}
CAdminNotify::Add(array('MESSAGE' => $review_mess, 'TAG' => 'review_notify', 'MODULE_ID' => 'main', 'ENABLE_CLOSE' => 'Y'));
}
}
}
$url = 'https://api.cleantalk.org';
$dt = array('auth_key' => $key, 'method_name' => 'notice_paid_till');
$result = CleantalkAntispam::CleantalkSendRequest($url, $dt, false);
if ($result !== null) {
$result = json_decode($result);
if (isset($result->moderate_ip) && $result->moderate_ip == 1) {
COption::SetOptionString('cleantalk.antispam', 'moderate_ip', 1);
COption::SetOptionString('cleantalk.antispam', 'ip_license', $result['ip_license']);
} else {
COption::SetOptionString('cleantalk.antispam', 'moderate_ip', 0);
COption::SetOptionString('cleantalk.antispam', 'ip_license', 0);
}
}
COption::SetOptionString('cleantalk.antispam', 'last_checked', $new_checked);
}
}
if (!$USER->IsAdmin() && $ct_status == 1 && $ct_global == 1) {
$sender_email = null;
$message = '';
CleantalkAntispam::CleantalkGetFields($sender_email, $message, $_POST);
if ($sender_email !== null) {
$arUser = array();
$arUser["type"] = "comment";
$arUser["sender_email"] = $sender_email;
$arUser["sender_nickname"] = '';
$arUser["sender_ip"] = $_SERVER['REMOTE_ADDR'];
$arUser["message_title"] = "";
$arUser["message_body"] = $message;
$arUser["example_title"] = "";
$arUser["example_body"] = "";
$arUser["example_comments"] = "";
$aResult = CleantalkAntispam::CheckAllBefore($arUser, FALSE);
if (isset($aResult) && is_array($aResult)) {
if ($aResult['errno'] == 0) {
if ($aResult['allow'] == 1) {
//Not spammer - just return;
return;
} else {
CleantalkAntispam::CleantalkDie($aResult['ct_result_comment']);
return false;
}
}
}
}
}
}
public function GetViewTasksFilter()
{
if (parent::IsAdmin()) {
return array();
}
$arFilter = array('PROPERTY_PROJECT' => $this->getMyProjects());
return $arFilter;
}
$IBLOCK_DESC = $xCatNode->GetAttribute($nameUTF['Description']);
$res = CIBlock::GetList(array(), Array("=TYPE" => $IBLOCK_TYPE_ID, "=XML_ID"=>$IBLOCK_XML_ID, 'CHECK_PERMISSIONS' => 'Y', 'MIN_PERMISSION' => 'W'));
$bNewRecord_tmp = False;
if ($res_arr = $res->Fetch())
{
$IBLOCK_ID = $res_arr["ID"];
$res = $ib->Update($IBLOCK_ID,
Array(
"NAME"=>$IBLOCK_NAME,
"TMP_ID"=>$tmpid,
"DESCRIPTION"=>$IBLOCK_DESC
)
);
}
elseif ($USER->IsAdmin())
{
$bNewRecord_tmp = True;
$arFields = Array(
"ACTIVE"=>"Y",
"NAME"=>$IBLOCK_NAME,
"XML_ID"=>$IBLOCK_XML_ID,
"TMP_ID"=>$tmpid,
"IBLOCK_TYPE_ID"=>$IBLOCK_TYPE_ID,
"LID" => $SITE_ID,
"WORKFLOW" => "N",
);
if ('Y' == $USE_TRANSLIT && 'Y' == $ADD_TRANSLIT)
{
$arFields['FIELDS'] = array(
'CODE' => array(
//login-info
$user = new CUser($db);
//edit class
$edit = new CEditMovies($db);
if ($user->IsAuthenticated()) {
if (isset($_GET['new'])) {
$hera['main'] = $edit->printAndPostAdd();
} elseif (isset($_GET['delete'])) {
$edit->getEntryByID($_GET['delete']);
$hera['main'] = $edit->printAndPostDelete();
} elseif (isset($_GET['id'])) {
$edit->getEntryByID($_GET['id']);
$hera['main'] = $edit->printAndPostUpdate();
} else {
if (isset($_GET['publish'])) {
$edit->publish($_GET['publish']);
}
$list = $edit->getAllAsList();
$new = $user->IsAdmin() ? "<p><a class='as-button' href='?new'>Lägg till en ny film</a></p>" : "<p>För att skapa, radera och ändra filmer behöver man vara inloggad som admin.</p>";
$hera['main'] = <<<EOD
<h1>{$hera['title']}</h1>
{$new}
<p>Här är en lista på allt innehåll i film-databasen</p>
{$list}
EOD;
}
} else {
$hera['main'] = "<h1>{$hera['title']}</h1>För att visa innehållet behöver du <a href='login.php'>logga in</a>.";
}
//Finally, leave it all to the rendering phase of Hera.
include HERA_THEME_PATH;
//login-info
$user = new CUser($db);
//content handler
$content = new CContent($db);
if ($user->IsAuthenticated()) {
if (isset($_GET['new'])) {
$hera['main'] = $content->printAndPostAdd();
} elseif (isset($_GET['delete'])) {
$content->getEntryById($_GET['delete']);
$hera['main'] = $content->printAndPostDelete();
} elseif (isset($_GET['id'])) {
$content->getEntryById($_GET['id']);
$hera['main'] = $content->printAndPostUpdate();
} else {
if (isset($_GET['publish'])) {
$content->publish($_GET['publish']);
}
$list = $content->getAllAsList();
$new = $user->IsAdmin() ? "<a href='?new' class='as-button'>Skapa ett nytt inlägg</a>" : "<p>För att skapa, radera och ändra inlägg behöver man vara inloggad som admin.</p>";
$hera['main'] = <<<EOD
<h1>{$hera['title']}</h1>
<p>Här är en lista på allt innehåll i nyhets-databasen</p>
{$list}
{$new}
EOD;
}
} else {
$hera['main'] = "<h1>{$hera['title']}</h1>För att visa innehållet behöver du <a href='login.php'>logga in</a>.";
}
//Finally, leave it all to the rendering phase of Hera.
include HERA_THEME_PATH;
function Init($Params)
{
global $USER;
$access = new CAccess();
$access->UpdateCodes();
if (!$USER || !is_object($USER)) {
$USER = new CUser();
}
// Owner params
self::$siteId = isset($Params['siteId']) ? $Params['siteId'] : SITE_ID;
self::$type = $Params['type'];
self::$arTypes = CCalendarType::GetList();
self::$bIntranet = CCalendar::IsIntranetEnabled();
self::$bSocNet = self::IsSocNet();
self::$userId = isset($Params['userId']) ? intVal($Params['userId']) : CCalendar::GetCurUserId();
self::$bOwner = self::$type == 'user' || self::$type == 'group';
self::$settings = self::GetSettings();
self::$userSettings = self::GetUserSettings();
self::$pathesForSite = self::GetPathes(self::$siteId);
self::$pathToUser = self::$pathesForSite['path_to_user'];
self::$bSuperpose = $Params['allowSuperpose'] != false && self::$bSocNet;
self::$bAnonym = !$USER || !$USER->IsAuthorized();
self::$userNameTemplate = self::$settings['user_name_template'];
self::$bAMPM = IsAmPmMode();
self::$bWideDate = strpos(FORMAT_DATETIME, 'MMMM') !== false;
if (isset($Params['SectionControlsDOMId'])) {
self::$SectionsControlsDOMId = $Params['SectionControlsDOMId'];
}
if (self::$bOwner && isset($Params['ownerId']) && $Params['ownerId'] > 0) {
self::$ownerId = intVal($Params['ownerId']);
}
self::$bTasks = self::$type == 'user' && $Params['showTasks'] !== false && CModule::IncludeModule('tasks');
if (self::$bTasks && self::$ownerId != self::$userId) {
self::$bTasks = false;
}
self::GetPermissions(array('type' => self::$type, 'bOwner' => self::$bOwner, 'userId' => self::$userId, 'ownerId' => self::$ownerId));
// Cache params
if (isset($Params['cachePath'])) {
self::$cachePath = $Params['cachePath'];
}
if (isset($Params['cacheTime'])) {
self::$cacheTime = $Params['cacheTime'];
}
self::$bCache = self::$cacheTime > 0;
// Urls
$page = preg_replace(array("/EVENT_ID=.*?\\&/i", "/CHOOSE_MR=.*?\\&/i", "/action=.*?\\&/i", "/bx_event_calendar_request=.*?\\&/i", "/clear_cache=.*?\\&/i", "/bitrix_include_areas=.*?\\&/i", "/bitrix_show_mode=.*?\\&/i", "/back_url_admin=.*?\\&/i"), "", $Params['pageUrl'] . '&');
$page = preg_replace(array("/^(.*?)\\&\$/i", "/^(.*?)\\?\$/i"), "\$1", $page);
self::$actionUrl = $page;
if (self::$bOwner && !empty(self::$ownerId)) {
self::$path = self::GetPath(self::$type, self::$ownerId, true);
} else {
self::$path = CCalendar::GetServerPath() . $page;
}
self::$outerUrl = $GLOBALS['APPLICATION']->GetCurPageParam('', array("action", "bx_event_calendar_request", "clear_cache", "bitrix_include_areas", "bitrix_show_mode", "back_url_admin", "SEF_APPLICATION_CUR_PAGE_URL", "EVENT_ID", "CHOOSE_MR"), false);
// Superposing
self::$bCanAddToSuperpose = false;
if (self::$bSuperpose) {
if (self::$type == 'user' || self::$type == 'group') {
self::$bCanAddToSuperpose = true;
}
foreach (self::$arTypes as $t) {
if (is_array(self::$settings['denied_superpose_types']) && !in_array($t['XML_ID'], self::$settings['denied_superpose_types'])) {
self::$arSPTypes[] = $t['XML_ID'];
}
}
self::$bCanAddToSuperpose = is_array(self::$arSPTypes) && in_array(self::$type, self::$arSPTypes);
}
// **** Reserve meeting and reserve video meeting
// *** Meeting room params ***
$RMiblockId = self::$settings['rm_iblock_id'];
self::$allowReserveMeeting = $Params["allowResMeeting"] && $RMiblockId > 0;
if (self::$allowReserveMeeting && !$USER->IsAdmin() && CIBlock::GetPermission($RMiblockId) < "R") {
self::$allowReserveMeeting = false;
}
// *** Video meeting room params ***
$VMiblockId = self::$settings['vr_iblock_id'];
self::$allowVideoMeeting = $Params["allowVideoMeeting"] && $VMiblockId > 0;
if (self::$allowVideoMeeting && !$USER->IsAdmin() && CIBlock::GetPermission($VMiblockId) < "R" || !CModule::IncludeModule("video")) {
self::$allowVideoMeeting = false;
}
}
<?php
/**
* This is a Hera pagecontroller.
*
*/
// Include the essential config-file which also creates the $anax variable with its defaults.
include __DIR__ . '/config.php';
// Get user functions
$db = new CDatabase($hera['database']);
$user = new CUser($db);
if ($user->IsAdmin()) {
$html = "<p>Som admin har du tillgång till många funktioner som andra användare inte har.</p>\n";
$html .= "<p><a class='as-button' href='edit_movies.php'>Hantera filmer</a> - Skapa, updatera eller radera filmer. Du kan även publicera och opublicera dem.</p>\n";
$html .= "<p><a class='as-button' href='edit_news.php'>Hantera nyheter</a> - Skapa, updatera eller radera nyhets-inlägg. Du kan även publicera och opublicera dem.</p>\n";
$html .= "<p><a class='as-button' href='edit_users.php'>Hantera användare</a> - Skapa, updatera eller radera användare. Befodra en vanlig användare till admin, samt återställa deras lösenord.</p>\n";
$html .= "<br><p><a class='as-button' href='logout.php'>Logga ut</a></p>\n";
} else {
$html = "För att komma åt adimn-funktionerna behöver du <a href='login.php'>logga in som admin</a>.";
}
// Do it and store it all in variables in the Hera container.
$hera['title'] = "Admin";
$hera['main'] = <<<EOD
<h1>{$hera['title']}</h1>
{$html}
EOD;
//Finally, leave it all to the rendering phase of Hera.
include HERA_THEME_PATH;
