$bRsaError = true;
}
}
}
if ($bRsaError == false) {
if (!defined("ADMIN_SECTION") || ADMIN_SECTION !== true) {
$USER_LID = LANG;
} else {
$USER_LID = false;
}
if ($_REQUEST["TYPE"] == "AUTH") {
$arAuthResult = $GLOBALS["USER"]->Login($_REQUEST["USER_LOGIN"], $_REQUEST["USER_PASSWORD"], $_REQUEST["USER_REMEMBER"]);
} elseif ($_REQUEST["TYPE"] == "OTP") {
$arAuthResult = $GLOBALS["USER"]->LoginByOtp($_REQUEST["USER_OTP"], $_REQUEST["OTP_REMEMBER"], $_REQUEST["captcha_word"], $_REQUEST["captcha_sid"]);
} elseif ($_REQUEST["TYPE"] == "SEND_PWD") {
$arAuthResult = CUser::SendPassword($_REQUEST["USER_LOGIN"], $_REQUEST["USER_EMAIL"], $USER_LID);
} elseif ($_SERVER['REQUEST_METHOD'] == 'POST' && $_REQUEST["TYPE"] == "CHANGE_PWD") {
$arAuthResult = $GLOBALS["USER"]->ChangePassword($_REQUEST["USER_LOGIN"], $_REQUEST["USER_CHECKWORD"], $_REQUEST["USER_PASSWORD"], $_REQUEST["USER_CONFIRM_PASSWORD"], $USER_LID);
} elseif (COption::GetOptionString("main", "new_user_registration", "N") == "Y" && $_SERVER['REQUEST_METHOD'] == 'POST' && $_REQUEST["TYPE"] == "REGISTRATION" && (!defined("ADMIN_SECTION") || ADMIN_SECTION !== true)) {
$arAuthResult = $GLOBALS["USER"]->Register($_REQUEST["USER_LOGIN"], $_REQUEST["USER_NAME"], $_REQUEST["USER_LAST_NAME"], $_REQUEST["USER_PASSWORD"], $_REQUEST["USER_CONFIRM_PASSWORD"], $_REQUEST["USER_EMAIL"], $USER_LID, $_REQUEST["captcha_word"], $_REQUEST["captcha_sid"]);
}
if ($_REQUEST["TYPE"] == "AUTH" || $_REQUEST["TYPE"] == "OTP") {
//special login form in the control panel
if ($arAuthResult === true && defined('ADMIN_SECTION') && ADMIN_SECTION === true) {
//store cookies for next hit (see CMain::GetSpreadCookieHTML())
$GLOBALS["APPLICATION"]->StoreCookies();
$_SESSION['BX_ADMIN_LOAD_AUTH'] = true;
echo '<script type="text/javascript">window.onload=function(){top.BX.AUTHAGENT.setAuthResult(false);};</script>';
die;
}
}
$_97092281 = true;
}
}
}
if ($_97092281 == false) {
if (!$GLOBALS['____1574875487'][186](___1476597692(778)) || ADMIN_SECTION !== true) {
$_1534319688 = LANG;
} else {
$_1534319688 = false;
}
if ($_REQUEST[___1476597692(779)] == ___1476597692(780)) {
$_877262712 = $GLOBALS[___1476597692(781)]->Login($_REQUEST[___1476597692(782)], $_REQUEST[___1476597692(783)], $_REQUEST[___1476597692(784)]);
} elseif ($_REQUEST[___1476597692(785)] == ___1476597692(786)) {
$_877262712 = $GLOBALS[___1476597692(787)]->LoginByOtp($_REQUEST[___1476597692(788)], $_REQUEST[___1476597692(789)], $_REQUEST[___1476597692(790)], $_REQUEST[___1476597692(791)]);
} elseif ($_REQUEST[___1476597692(792)] == ___1476597692(793)) {
$_877262712 = CUser::SendPassword($_REQUEST[___1476597692(794)], $_REQUEST[___1476597692(795)], $_1534319688);
} elseif ($_SERVER[___1476597692(796)] == ___1476597692(797) && $_REQUEST[___1476597692(798)] == ___1476597692(799)) {
$_877262712 = $GLOBALS[___1476597692(800)]->ChangePassword($_REQUEST[___1476597692(801)], $_REQUEST[___1476597692(802)], $_REQUEST[___1476597692(803)], $_REQUEST[___1476597692(804)], $_1534319688);
} elseif (COption::$GLOBALS['_____266107269'][91](___1476597692(805), ___1476597692(806), ___1476597692(807)) == ___1476597692(808) && $_SERVER[___1476597692(809)] == ___1476597692(810) && $_REQUEST[___1476597692(811)] == ___1476597692(812) && (!$GLOBALS['____1574875487'][187](___1476597692(813)) || ADMIN_SECTION !== true)) {
$_877262712 = $GLOBALS[___1476597692(814)]->Register($_REQUEST[___1476597692(815)], $_REQUEST[___1476597692(816)], $_REQUEST[___1476597692(817)], $_REQUEST[___1476597692(818)], $_REQUEST[___1476597692(819)], $_REQUEST[___1476597692(820)], $_1534319688, $_REQUEST[___1476597692(821)], $_REQUEST[___1476597692(822)]);
}
if ($_REQUEST[___1476597692(823)] == ___1476597692(824) || $_REQUEST[___1476597692(825)] == ___1476597692(826)) {
if ($_877262712 === true && $GLOBALS['____1574875487'][188](___1476597692(827)) && ADMIN_SECTION === true) {
$GLOBALS[___1476597692(828)]->StoreCookies();
$_SESSION[___1476597692(829)] = true;
echo ___1476597692(830);
die;
}
}
}
$GLOBALS[___1476597692(831)]->SetAuthResult($_877262712);
if (!$USER->IsAuthorized()) {
$html = "";
if (strlen($_POST['ajax_key']) && $_POST['ajax_key'] != md5('ajax_' . LICENSE_KEY) || htmlspecialcharsbx($_POST["TYPE"]) != "SEND_PWD" || !check_bitrix_sessid()) {
$html = GetMessage('AUTH_ERROR_SESSION_EXPIRED');
}
$emailTo = trim(htmlspecialcharsbx($_POST['USER_EMAIL']));
$phone = preg_replace("/[^0-9]/", '', $emailTo);
if (!CDev::check_email($emailTo) && !CDev::check_phone($phone)) {
$result['errors']["USER_EMAIL"] = GetMessage('AUTH_ERROR_DATA_FORMAT');
}
if (empty($html) && count($result['errors']) == 0) {
if (CDev::check_phone($phone)) {
$rsUsers = CUser::GetList($by = "EMAIL", $order = "desc", array("PERSONAL_PHONE" => $phone));
if ($arUser = $rsUsers->GetNext()) {
//отправить на телефон
$arResult = $USER->SendPassword($arUser["LOGIN"], $arUser["EMAIL"]);
if ($arResult["TYPE"] == "OK") {
$result['message'] = "<font style='color:green'>" . GetMessage('AUTH_RECOVERY_TEXT_1') . "</font>";
$PASS_1 = mb_substr(md5(uniqid(rand(), true)), 0, 8);
$cuser = new CUser();
$cuser->Update($arUser["ID"], array("UF_PHONE_CHECKWORD" => $PASS_1));
$text = GetMessage('AUTH_CHECKWORD') . $PASS_1;
CEchogroupSmsru::Send($phone, $text);
$result['status'] = "success";
}
} else {
$result['errors']["USER_EMAIL"] = GetMessage('AUTH_ERROR_PHONE_NOT_EXIST');
}
} else {
$rsUsers = CUser::GetList($by = "EMAIL", $order = "desc", array("=EMAIL" => $emailTo));
if ($arUser = $rsUsers->GetNext()) {
