private function checkCaptcha()
{
if (is_object($this->captcha)) {
$code = $this->request->getPost("captcha_code");
$word = $this->request->getPost("captcha_word");
if (strlen($code) > 0 && !$this->captcha->CheckCodeCrypt($word, $code, COption::GetOptionString("main", "captcha_password", "")) || strlen($code) <= 0 && !$this->captcha->CheckCode($word, 0)) {
return false;
}
}
return true;
}
public static function KeepVoting()
{
global $DB, $VOTING_LAMP, $USER_ALREADY_VOTE, $USER_GROUP_PERMISSION, $USER;
$err_mess = CAllVote::err_mess() . "<br>Function: KeepVoting<br>Line: ";
$VOTING_LAMP = "green";
$USER_ALREADY_VOTE = "N";
$PUBLIC_VOTE_ID = intval($_REQUEST["PUBLIC_VOTE_ID"]);
$aMsg = array();
$VOTE_ID = 0;
$arVote = array();
$arQuestions = array();
if (!(!empty($_REQUEST["vote"]) && $PUBLIC_VOTE_ID > 0 && check_bitrix_sessid())) {
$aMsg[] = array("id" => "bad_params", "text" => GetMessage("VOTE_NOT_FOUND"));
} elseif (($VOTE_ID = intVal(GetVoteDataByID($PUBLIC_VOTE_ID, $arChannel, $arVote, $arQuestions, $arAnswers, $arDropDown, $arMultiSelect, $arGroupAnswers, "N"))) && ($VOTE_ID <= 0 || $arVote["LAMP"] != "green")) {
$VOTING_LAMP = "red";
if ($VOTE_ID <= 0) {
$aMsg[] = array("id" => "VOTE_ID", "text" => GetMessage("VOTE_NOT_FOUND"));
} else {
$aMsg[] = array("id" => "LAMP", "text" => GetMessage("VOTE_RED_LAMP"));
}
} elseif ($arChannel["USE_CAPTCHA"] == "Y" && !$USER->IsAuthorized()) {
include_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/classes/general/captcha.php";
$cpt = new CCaptcha();
if (!empty($_REQUEST["captcha_word"])) {
$captchaPass = COption::GetOptionString("main", "captcha_password", "");
if (!$cpt->CheckCodeCrypt($_REQUEST["captcha_word"], $_REQUEST["captcha_code"], $captchaPass)) {
$GLOBALS["BAD_CAPTCHA"] = "Y";
$aMsg[] = array("id" => "CAPTCHA", "text" => GetMessage("VOTE_BAD_CAPTCHA"));
}
} else {
if (!$cpt->CheckCode($_REQUEST["captcha_word"], 0)) {
$GLOBALS["NO_CAPTCHA"] = "Y";
$aMsg[] = array("id" => "CAPTCHA", "text" => GetMessage("VOTE_BAD_CAPTCHA"));
}
}
}
if (empty($aMsg)) {
// get user id
$_SESSION["VOTE_USER_ID"] = CVote::SetVoteUserID();
$GLOBALS["VOTING_ID"] = $VOTE_ID;
// check: can user vote
$UNIQUE_TYPE = $arVote["UNIQUE_TYPE"];
$KEEP_IP_SEC = $arVote["KEEP_IP_SEC"];
$CHANNEL_ID = $arVote["CHANNEL_ID"];
$StatusVote = CVote::UserAlreadyVote($VOTE_ID, $_SESSION["VOTE_USER_ID"], $UNIQUE_TYPE, $KEEP_IP_SEC, $USER->GetID());
$USER_ALREADY_VOTE = $StatusVote != false ? "Y" : "N";
$USER_GROUP_PERMISSION = CVote::UserGroupPermission($CHANNEL_ID);
// if user can vote that
if (($USER_ALREADY_VOTE == "N" || $StatusVote == 8 && $_REQUEST["REVOTE_ID"] == $VOTE_ID) && $USER_GROUP_PERMISSION >= 2) {
$arSqlAnswers = array();
// check answers
foreach ($arQuestions as $qID => $arQuestion) {
$arSqlAnswers[$arQuestion["ID"]] = array();
$bIndicators = array();
foreach ($arQuestion["ANSWERS"] as $arAnswer) {
switch ($arAnswer["FIELD_TYPE"]) {
case 0:
// radio
// radio
case 2:
// dropdown list
$fieldName = ($arAnswer["FIELD_TYPE"] == 0 ? "vote_radio_" : "vote_dropdown_") . $qID;
$aID = intval($GLOBALS[$fieldName]);
if (!isset($bIndicators[$fieldName]) && array_key_exists($aID, $arQuestion["ANSWERS"])) {
if (!empty($arAnswer['MESSAGE'])) {
$arSqlAnswers[$qID][$aID] = array("ANSWER_ID" => $aID);
}
$bIndicators[$fieldName] = "Y";
}
break;
case 1:
// checkbox
// checkbox
case 3:
// multiselect list
$fieldName = ($arAnswer["FIELD_TYPE"] == 1 ? "vote_checkbox_" : "vote_multiselect_") . $qID;
$res = $GLOBALS[$fieldName];
if (!isset($bIndicators[$fieldName]) && is_array($res) && !empty($res)) {
reset($res);
foreach ($res as $aID) {
if (array_key_exists($aID, $arQuestion["ANSWERS"])) {
$arSqlAnswers[$qID][$aID] = array("ANSWER_ID" => $aID);
}
}
$bIndicators[$fieldName] = "Y";
}
break;
case 4:
// field
// field
case 5:
// text
$aID = $arAnswer["ID"];
$fieldName = ($arAnswer["FIELD_TYPE"] == 4 ? "vote_field_" : "vote_memo_") . $aID;
$MESSAGE = trim($GLOBALS[$fieldName]);
if ($MESSAGE != "") {
$arSqlAnswers[$qID][$aID] = array("ANSWER_ID" => $aID, "MESSAGE" => "'" . $DB->ForSql(trim($MESSAGE), 2000) . "'");
}
break;
}
}
if (empty($arSqlAnswers[$qID])) {
unset($arSqlAnswers[$qID]);
if ($arQuestion['REQUIRED'] == 'Y') {
$aMsg[] = array("id" => "QUESTION_" . $qID, "text" => GetMessage("VOTE_REQUIRED_MISSING"));
$GLOBALS["VOTE_REQUIRED_MISSING"] = "Y";
break;
}
}
}
if (!empty($aMsg)) {
/* do nothing; */
} elseif (!empty($arSqlAnswers)) {
// vote event
$arFields = array("VOTE_ID" => $VOTE_ID, "VOTE_USER_ID" => intval($_SESSION["VOTE_USER_ID"]), "DATE_VOTE" => $DB->GetNowFunction(), "STAT_SESSION_ID" => intval($_SESSION["SESS_SESSION_ID"]), "IP" => "'" . $DB->ForSql($_SERVER["REMOTE_ADDR"], 15) . "'", "VALID" => "'Y'");
/***************** Event onBeforeVoting ****************************/
foreach (GetModuleEvents("vote", "onBeforeVoting", true) as $arEvent) {
if (ExecuteModuleEventEx($arEvent, array(&$arFields, &$arSqlAnswers)) === false) {
return false;
}
}
/***************** /Event ******************************************/
if ($StatusVote == 8 && $_REQUEST["REVOTE_ID"] == $VOTE_ID) {
$strSql = "SELECT VE.ID, VEQ.QUESTION_ID, VEA.ANSWER_ID" . " FROM b_vote_event VE " . "\tLEFT JOIN b_vote_event_question VEQ ON (VEQ.EVENT_ID=VE.ID)" . "\tLEFT JOIN b_vote_event_answer VEA ON (VEA.EVENT_QUESTION_ID=VEQ.ID)" . "\tLEFT JOIN b_vote_user VU ON (VE.VOTE_USER_ID = VU.ID)" . " WHERE VE.VOTE_ID=" . $VOTE_ID . " AND VU.AUTH_USER_ID=" . intval($USER->GetID()) . " ORDER BY VE.ID ASC, VEQ.QUESTION_ID ASC";
$db_res = $DB->Query($strSql, false, $err_mess . __LINE__);
if ($db_res && ($res = $db_res->Fetch())) {
if ($USER->GetID() > 0 && CModule::IncludeModule("im")) {
CIMNotify::DeleteByTag("VOTING|" . $VOTE_ID, $USER->GetID());
}
$del = false;
$delQ = false;
do {
if ($delQ !== $res["QUESTION_ID"]) {
if ($del !== $res["ID"]) {
CVoteEvent::Delete($res["ID"]);
$del = $res["ID"];
$arVote["COUNTER"] = intval($arVote["COUNTER"]) - 1;
}
$delQ = $res["QUESTION_ID"];
$arQuestions[$res["QUESTION_ID"]]["COUNTER"] = intval($arQuestions[$res["QUESTION_ID"]]["COUNTER"]) - 1;
}
$arQuestions[$res["QUESTION_ID"]]["ANSWERS"][$res["ANSWER_ID"]]["COUNTER"] = intval($arQuestions[$res["QUESTION_ID"]]["ANSWERS"][$res["ANSWER_ID"]]["COUNTER"]) - 1;
} while ($res = $db_res->Fetch());
}
$USER_ALREADY_VOTE = "N";
}
unset($GLOBALS["VOTE_CACHE_VOTING"][$VOTE_ID]);
unset($GLOBALS["VOTE_CACHE"]["VOTE"][$VOTE_ID]);
$EVENT_ID = intval($DB->Insert("b_vote_event", $arFields, $err_mess . __LINE__));
if ($EVENT_ID > 0) {
$arSqlQuestionsID = array();
$arSqlAnswersID = array();
foreach ($arSqlAnswers as $qID => $arSqlAnswer) {
$arFields = array("EVENT_ID" => $EVENT_ID, "QUESTION_ID" => $qID);
$EVENT_QUESTION_ID = intval($DB->Insert("b_vote_event_question", $arFields, $err_mess . __LINE__));
if ($EVENT_QUESTION_ID > 0) {
$arSqlQuestionsID[] = $qID;
$arQuestions[$qID]["COUNTER"] = intval($arQuestions[$qID]["COUNTER"]) + 1;
foreach ($arSqlAnswer as $aID => $res) {
$res["EVENT_QUESTION_ID"] = $EVENT_QUESTION_ID;
if ($DB->Insert("b_vote_event_answer", $res, $err_mess . __LINE__)) {
$arSqlAnswersID[$aID] = $qID;
$arQuestions[$qID]["ANSWERS"][$aID]["COUNTER"] = intval($arQuestions[$qID]["ANSWERS"][$aID]["COUNTER"]) + 1;
}
}
}
}
if (empty($arSqlQuestionsID) || empty($arSqlAnswersID)) {
$DB->Query("DELETE FROM b_vote_event WHERE ID=" . $EVENT_ID, $arFields, $err_mess . __LINE__);
} else {
$arFields = array("COUNTER" => "COUNTER+1");
$DB->Update("b_vote", $arFields, "WHERE ID='" . $VOTE_ID . "'", $err_mess . __LINE__);
$arVote["COUNTER"] = intval($arVote["COUNTER"]) + 1;
$DB->Update("b_vote_question", $arFields, "WHERE ID in (" . implode(", ", $arSqlQuestionsID) . ")", $err_mess . __LINE__);
$DB->Update("b_vote_answer", $arFields, "WHERE ID in (" . implode(", ", array_keys($arSqlAnswersID)) . ")", $err_mess . __LINE__);
// increment user counter
CVote::UpdateVoteUserID($_SESSION["VOTE_USER_ID"]);
$GLOBALS["VOTING_OK"] = "Y";
$_SESSION["VOTE_ARRAY"][] = $VOTE_ID;
if ($UNIQUE_TYPE & 8) {
$_SESSION["VOTE"]["VOTES"][$VOTE_ID] = $EVENT_ID;
}
// statistic module
if (CModule::IncludeModule("statistic")) {
$event3 = $arVote["EVENT3"];
if (!empty($event3)) {
$event3 = "http://" . $_SERVER["HTTP_HOST"] . "/bitrix/admin/vote_user_results.php?EVENT_ID=" . $EVENT_ID . "&lang=" . LANGUAGE_ID;
}
CStatEvent::AddCurrent($arVote["EVENT1"], $arVote["EVENT2"], $event3);
}
// notification
if (!!$arVote["AUTHOR_ID"] && $arVote["AUTHOR_ID"] != $USER->GetID()) {
if (empty($arVote["TITLE"])) {
$arQuestion = reset($arQuestions);
$arVote["TITLE"] = $arQuestion["QUESTION"];
}
if ($arVote["NOTIFY"] == "I" && CModule::IncludeModule("im")) {
$arVote["TOTAL_URL"] = "";
if (!empty($arVote["URL"])) {
if (defined('SITE_SERVER_NAME')) {
$arVote["TOTAL_URL"] = SITE_SERVER_NAME;
}
$arVote["TOTAL_URL"] = !empty($arVote["TOTAL_URL"]) ? $arVote["TOTAL_URL"] : COption::GetOptionString("main", "server_name", $GLOBALS["SERVER_NAME"]);
if (!empty($arVote["TOTAL_URL"])) {
$arVote["TOTAL_URL"] = (CMain::IsHTTPS() ? "https" : "http") . "://" . $arVote["TOTAL_URL"] . $arVote["URL"];
}
}
// send notification
$gender = $USER->getParam("PERSONAL_GENDER") == "F" ? "_F" : "";
$arMessageFields = array("MESSAGE_TYPE" => IM_MESSAGE_SYSTEM, "TO_USER_ID" => $arVote["AUTHOR_ID"], "FROM_USER_ID" => $USER->GetID(), "NOTIFY_TYPE" => IM_NOTIFY_FROM, "NOTIFY_MODULE" => "vote", "NOTIFY_EVENT" => "voting", "NOTIFY_TAG" => "VOTING|" . $VOTE_ID, "NOTIFY_MESSAGE" => !empty($arVote["URL"]) ? GetMessage("V_NOTIFY_MESSAGE_HREF" . $gender, array("#VOTE_TITLE#" => $arVote["TITLE"], "#VOTE_URL#" => $arVote["URL"])) : GetMessage("V_NOTIFY_MESSAGE" . $gender, array("#VOTE_TITLE#" => $arVote["TITLE"])), "NOTIFY_MESSAGE_OUT" => !empty($arVote["TOTAL_URL"]) ? GetMessage("V_NOTIFY_MESSAGE_OUT_HREF" . $gender, array("#VOTE_TITLE#" => $arVote["TITLE"], "#VOTE_URL#" => $arVote["TOTAL_URL"])) : GetMessage("V_NOTIFY_MESSAGE" . $gender, array("#VOTE_TITLE#" => $arVote["TITLE"])));
CIMNotify::Add($arMessageFields);
} else {
if ($arVote["NOTIFY"] == "Y") {
// send e-mail
$db_user = CUser::GetById($arVote["AUTHOR_ID"]);
if ($db_user && ($arUser = $db_user->Fetch()) && !empty($arUser["EMAIL"])) {
$arEventFields = array("EMAIL_TO" => $arUser["EMAIL"], "VOTE_STATISTIC" => "", "ID" => $EVENT_ID, "TIME" => GetTime(time(), "FULL"), "VOTE_TITLE" => $arVote["TITLE"], "VOTE_DESCRIPTION" => $arVote["DESCRIPTION"], "VOTE_ID" => $arVote["ID"], "VOTE_COUNTER" => $arVote["COUNTER"], "URL" => $arVote["URL"], "CHANNEL" => $arChannel["TITLE"], "CHANNEL_ID" => $arChannel["ID"], "VOTER_ID" => $_SESSION["VOTE_USER_ID"], "USER_NAME" => $USER->GetFullName(), "LOGIN" => $USER->GetLogin(), "USER_ID" => $USER->GetID(), "STAT_GUEST_ID" => intval($_SESSION["SESS_GUEST_ID"]), "SESSION_ID" => intval($_SESSION["SESS_SESSION_ID"]), "IP" => $_SERVER["REMOTE_ADDR"]);
$arEventFields["USER_NAME"] = !!$arEventFields["USER_NAME"] ? $arEventFields["USER_NAME"] : $arEventFields["LOGIN"];
// VOTE_STATISTIC
$text = array();
foreach ($arSqlAnswersID as $aID => $qID) {
$text[$qID] = is_array($text[$qID]) ? $text[$qID] : array();
if ($arQuestions[$qID]["ANSWERS"][$aID]["FIELD_TYPE"] == 4 || $arQuestions[$qID]["ANSWERS"][$aID]["FIELD_TYPE"] == 5) {
if (!empty($arSqlAnswers[$qID][$aID]["MESSAGE"])) {
$text[$qID][] = $arSqlAnswers[$qID][$aID]["MESSAGE"];
}
} else {
$text[$qID][] = $arQuestions[$qID]["ANSWERS"][$aID]["MESSAGE"];
}
}
foreach ($text as $qID => $txt) {
$text[$qID] = " - " . $arQuestions[$qID]["QUESTION"] . "\n - " . implode(", ", $text[$qID]);
}
$arEventFields["VOTE_STATISTIC"] = "\n" . implode("\n\n", $text);
$arrSites = CVoteChannel::GetSiteArray($arChannel["ID"]);
CEvent::Send("VOTE_FOR", $arrSites, $arEventFields, "N");
}
}
}
}
}
/***************** Event onAfterVoting *****************************/
foreach (GetModuleEvents("vote", "onAfterVoting", true) as $arEvent) {
ExecuteModuleEventEx($arEvent, array($VOTE_ID, $EVENT_ID));
}
/***************** /Event ******************************************/
}
} else {
$GLOBALS["USER_VOTE_EMPTY"] = "Y";
$aMsg[] = array("id" => "VOTE_ID", "text" => GetMessage("USER_VOTE_EMPTY"));
}
} else {
$aMsg[] = array("id" => "VOTE_ID", "text" => $USER_GROUP_PERMISSION >= 2 ? GetMessage("VOTE_ALREADY_VOTE") : GetMessage("VOTE_ACCESS_DENIED"));
}
}
if (!empty($aMsg)) {
$e = new CAdminException($aMsg, "CVote::KeepVoting");
$GLOBALS["APPLICATION"]->ThrowException($e);
$GLOBALS["VOTING_OK"] = "N";
return false;
}
return true;
}
Action
********************************************************************/
if ($_SERVER["REQUEST_METHOD"] == "POST" && $_POST["ACTION"] == "SEND" && check_bitrix_sessid()) {
$userSend["FULL_NAME"] = trim(empty($userSend["FULL_NAME"]) ? $_POST["NAME"] : $userSend["FULL_NAME"]);
$userSend["E-MAIL"] = trim(empty($userSend["E-MAIL"]) ? $_POST["EMAIL"] : $userSend["E-MAIL"]);
// Use captcha
if ($arParams["SEND_" . strToUpper($arParams["TYPE"])] < "Y" && !$USER->IsAuthorized()) {
include_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/classes/general/captcha.php";
$cpt = new CCaptcha();
if (strlen($_REQUEST["captcha_code"]) > 0) {
$captchaPass = COption::GetOptionString("main", "captcha_password", "");
if (!$cpt->CheckCodeCrypt($_REQUEST["captcha_word"], $_REQUEST["captcha_code"], $captchaPass)) {
$arError[] = array("id" => "BAD_CAPTCHA", "text" => GetMessage("F_BAD_CAPTCHA"));
}
} else {
if (!$cpt->CheckCode($_REQUEST["captcha_word"], 0)) {
$arError[] = array("id" => "NO_CAPTCHA", "text" => GetMessage("F_BAD_CAPTCHA"));
}
}
}
if (empty($userSend["FULL_NAME"])) {
$arError[] = array("id" => "NO_NAME", "text" => GetMessage("F_NO_NAME"));
}
if (empty($userSend["E-MAIL"])) {
$arError[] = array("id" => $arParams["TYPE"] == "ICQ" ? "NO_ICQ" : "NO_MAIL", "text" => GetMessage("F_NO_EMAIL1") . " " . ($arParams["TYPE"] == "ICQ" ? GetMessage("F_NO_EMAIL2") : GetMessage("F_NO_EMAIL3")));
} elseif ($arParams["TYPE"] != "ICQ" && !check_email($userSend["E-MAIL"])) {
$arError[] = array("id" => "BAD_MAIL", "text" => GetMessage("F_BAD_EMAIL"));
}
if (empty($_POST["SUBJECT"])) {
$arError[] = array("id" => "NO_SUBJECT", "text" => GetMessage("F_NO_SUBJECT"));
}
function CaptchaCheckCode($captcha_word, $captcha_sid)
{
include_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/classes/general/captcha.php";
$cpt = new CCaptcha();
if ($cpt->CheckCode($captcha_word, $captcha_sid)) {
return True;
} else {
return False;
}
}
function ForumAddMessage($MESSAGE_TYPE, $FID, $TID, $MID, $arFieldsG, &$strErrorMessage, &$strOKMessage, $iFileSize = false, $captcha_word = "", $captcha_sid = 0, $captcha_code = "")
{
global $USER, $DB, $APPLICATION;
$APPLICATION->ResetException();
$aMsg = array();
$bUpdateTopic = False;
$bAddEditNote = $MESSAGE_TYPE == "EDIT";
$arParams = array("PERMISSION" => false);
$arUserGroups = $USER->GetUserGroupArray();
// ************ External Permission *********************************
if (!empty($arFieldsG["PERMISSION_EXTERNAL"])) {
$arParams["PERMISSION"] = CForumNew::GetUserPermission($FID, $arUserGroups);
$arParams["PERMISSION"] = $arParams["PERMISSION"] < "Q" ? $arFieldsG["PERMISSION_EXTERNAL"] : $arParams["PERMISSION"];
unset($arFieldsG["PERMISSION_EXTERNAL"]);
} elseif (!empty($arFieldsG["SONET_PERMS"])) {
$arParams["PERMISSION"] = CForumNew::GetUserPermission($FID, $arUserGroups);
if ($arParams["PERMISSION"] < "Q") {
if ($arFieldsG["SONET_PERMS"]["bCanFull"] === true) {
$arParams["PERMISSION"] = "Y";
} elseif ($arFieldsG["SONET_PERMS"]["bCanNew"] === true) {
$arParams["PERMISSION"] = "M";
} elseif ($arFieldsG["SONET_PERMS"]["bCanWrite"] === true) {
$arParams["PERMISSION"] = "I";
} else {
$arParams["PERMISSION"] = "A";
}
}
unset($arFieldsG["SONET_PERMS"]);
}
$DB->StartTransaction();
if (!in_array($MESSAGE_TYPE, array("NEW", "EDIT", "REPLY"))) {
$aMsg[] = array("id" => "MESSAGE_TYPE", "text" => GetMessage("ADDMES_NO_TYPE") . ".");
}
$MID = intval($MID);
$TID = intval($TID);
$FID = intval($FID);
$arFieldsG["EDIT_ADD_REASON"] = $arFieldsG["EDIT_ADD_REASON"] == "Y" ? "Y" : "N";
if ($MID > 0) {
$arMessage = CForumMessage::GetByID($MID, array("FILTER" => "N"));
if ($arMessage) {
$TID = IntVal($arMessage["TOPIC_ID"]);
$FID = IntVal($arMessage["FORUM_ID"]);
}
}
$arTopic = array();
if ($TID > 0) {
$arTopic = CForumTopic::GetByID($TID);
if ($arTopic) {
$FID = IntVal($arTopic["FORUM_ID"]);
}
}
$arForum = CForumNew::GetByID($FID);
//************************* Input params **************************************************************************
if ($MESSAGE_TYPE == "NEW" && !CForumTopic::CanUserAddTopic($FID, $arUserGroups, $USER->GetID(), $arForum, $arParams["PERMISSION"])) {
$aMsg[] = array("id" => "PERMISSION", "text" => GetMessage("ADDMESS_NO_PERMS2NEW") . ".");
} elseif ($MESSAGE_TYPE == "EDIT" && !CForumMessage::CanUserUpdateMessage($MID, $arUserGroups, $USER->GetID(), $arParams["PERMISSION"])) {
$aMsg[] = array("id" => "PERMISSION", "text" => GetMessage("ADDMESS_NO_PERMS2EDIT") . ".");
} elseif ($MESSAGE_TYPE == "REPLY" && !CForumMessage::CanUserAddMessage($TID, $arUserGroups, $USER->GetID(), $arParams["PERMISSION"])) {
$aMsg[] = array("id" => "PERMISSION", "text" => GetMessage("ADDMESS_NO_PERMS2REPLY") . ".");
}
if ($MESSAGE_TYPE == "NEW" || $MESSAGE_TYPE == "EDIT" && array_intersect_key($arFieldsG, array("TITLE" => "", "DESCRIPTION" => "", "ICON" => "", "TAGS" => "", "OWNER_ID" => "", "SOCNET_GROUP_ID" => "")) && CForumTopic::CanUserUpdateTopic($TID, $arUserGroups, $USER->GetID(), $arParams["PERMISSION"])) {
$bUpdateTopic = True;
}
if ($MESSAGE_TYPE == "EDIT" && (ForumCurrUserPermissions($FID, $arParams) > "Q" && $arFieldsG["EDIT_ADD_REASON"] == "N")) {
$bAddEditNote = false;
}
//*************************!CAPTCHA********************************************************************************
if (!$USER->IsAuthorized() && $arForum["USE_CAPTCHA"] == "Y") {
include_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/classes/general/captcha.php";
$cpt = new CCaptcha();
if (strlen($captcha_code) > 0) {
$captchaPass = COption::GetOptionString("main", "captcha_password", "");
if (!$cpt->CheckCodeCrypt($captcha_word, $captcha_code, $captchaPass)) {
$aMsg[] = array("id" => "CAPTCHA", "text" => GetMessage("FORUM_POSTM_CAPTCHA") . ".");
}
} else {
if (!$cpt->CheckCode($captcha_word, $captcha_sid)) {
$aMsg[] = array("id" => "CAPTCHA", "text" => GetMessage("FORUM_POSTM_CAPTCHA") . ".");
}
}
}
//*************************!CAPTCHA********************************************************************************
$arFieldsG["POST_MESSAGE"] = trim($arFieldsG["POST_MESSAGE"]);
if (empty($arFieldsG["POST_MESSAGE"])) {
$aMsg[] = array("id" => "POST_MESSAGE", "text" => GetMessage("ADDMESS_INPUT_MESSAGE") . ".");
}
if ($bUpdateTopic && is_set($arFieldsG, "TITLE")) {
$arFieldsG["TITLE"] = trim($arFieldsG["TITLE"]);
if (empty($arFieldsG["TITLE"])) {
$aMsg[] = array("id" => "TITLE", "text" => GetMessage("ADDMESS_INPUT_TITLE") . ".");
}
}
//*************************!QUOTA**********************************************************************************
/* if (empty($aMsg))
{
$quota = new CDiskQuota();
if ($MESSAGE_TYPE=="EDIT")
{
if (!$quota->checkDiskQuota(strLen($arFieldsG["POST_MESSAGE"]) - strLen($arMessage["POST_MESSAGE"])))
{
if (!$quota->LAST_ERROR)
$aMsg[] = array("id" => "QUOTA", "text" => GetMessage("MAIN_QUOTA_BAD")."( ".COption::GetOptionInt("main", "disk_space")." ).");
else
$aMsg[] = array("id" => "QUOTA", "text" => $quota->LAST_ERROR);
}
}
elseif (!$quota->checkDiskQuota($arFieldsG["POST_MESSAGE"]))
{
if (!$quota->LAST_ERROR)
$aMsg[] = array("id" => "QUOTA", "text" => GetMessage("MAIN_QUOTA_BAD")."( ".COption::GetOptionInt("main", "disk_space")." ).");
else
$aMsg[] = array("id" => "QUOTA", "text" => $quota->LAST_ERROR);
}
}*/
//*************************!QUOTA**********************************************************************************
if (empty($aMsg)) {
// *************************!ATTACH_IMG*****************************************************************************
if (is_set($arFieldsG, "ATTACH_IMG") && empty($arFieldsG["ATTACH_IMG"]["name"]) && empty($arFieldsG["ATTACH_IMG"]["del"])) {
unset($arFieldsG["ATTACH_IMG"]);
}
if (is_set($arFieldsG, "ATTACH_IMG")) {
$arFieldsG["ATTACH_IMG"]["FILE_ID"] = $arMessage["ATTACH_IMG"];
$arFieldsG["FILES"] = array($arFieldsG["ATTACH_IMG"]);
}
unset($arFieldsG["ATTACH_IMG"]);
if (!empty($arFieldsG["FILES"]) && is_array($arFieldsG["FILES"])) {
foreach ($arFieldsG["FILES"] as $key => $val) {
if (intVal($val["FILE_ID"]) > 0) {
$arFieldsG["FILES"][$key]["del"] = $val["del"] == "Y" ? "Y" : "";
}
}
$res = array("FORUM_ID" => $arForum["ID"], "TOPIC_ID" => 0, "MESSAGE_ID" => 0, "USER_ID" => $USER->GetID());
if (!in_array($arForum["ALLOW_UPLOAD"], array("Y", "F", "A"))) {
unset($arFieldsG["FILES"]);
} elseif (!CForumFiles::CheckFields($arFieldsG["FILES"], $res, "NOT_CHECK_DB")) {
if ($ex = $APPLICATION->GetException()) {
$aMsg[] = array("id" => "FILE", "text" => $ex->GetString());
} else {
$aMsg[] = array("id" => "FILE", "text" => "File upload error.");
}
}
}
}
//*************************/ATTACH_IMG*****************************************************************************
if (empty($aMsg) && ($MESSAGE_TYPE == "NEW" || $MESSAGE_TYPE == "REPLY")) {
$AUTHOR_ID = IntVal($USER->GetParam("USER_ID"));
if ($USER->IsAuthorized()) {
$res = CForumUser::GetByUSER_ID($USER->GetID());
$bSHOW_NAME = !empty($res) ? $res["SHOW_NAME"] == "Y" : true;
$arFieldsG["AUTHOR_NAME"] = $bSHOW_NAME ? trim($USER->GetFullName()) : "";
$arFieldsG["AUTHOR_NAME"] = !empty($arFieldsG["AUTHOR_NAME"]) ? $arFieldsG["AUTHOR_NAME"] : $USER->GetLogin();
}
if (empty($arFieldsG["AUTHOR_NAME"])) {
$aMsg[] = array("id" => "AUTHOR_NAME", "text" => GetMessage("ADDMESS_INPUT_AUTHOR") . ".");
}
} elseif (empty($aMsg) && $MESSAGE_TYPE == "EDIT") {
$AUTHOR_ID = IntVal($arMessage["AUTHOR_ID"]);
if (is_set($arFieldsG, "AUTHOR_NAME") && empty($arFieldsG["AUTHOR_NAME"])) {
if ($AUTHOR_ID <= 0) {
$aMsg[] = array("id" => "AUTHOR_NAME", "text" => GetMessage("ADDMESS_INPUT_AUTHOR") . ".");
} else {
$res = CForumUser::GetByUSER_ID($AUTHOR_ID);
$bSHOW_NAME = !empty($res) ? $res["SHOW_NAME"] == "Y" : true;
if ($USER->GetID() == $AUTHOR_ID) {
$arFieldsG["AUTHOR_NAME"] = $bSHOW_NAME ? trim($USER->GetFullName()) : "";
$arFieldsG["AUTHOR_NAME"] = !empty($arFieldsG["AUTHOR_NAME"]) ? $arFieldsG["AUTHOR_NAME"] : $USER->GetLogin();
} else {
$res = CForumUser::GetByUSER_IDEx($AUTHOR_ID);
if ($res) {
$arFieldsG["AUTHOR_NAME"] = trim($bSHOW_NAME ? $res["NAME"] . " " . $res["LAST_NAME"] : "");
$arFieldsG["AUTHOR_NAME"] = !empty($arFieldsG["AUTHOR_NAME"]) ? $arFieldsG["AUTHOR_NAME"] : $res["LOGIN"];
} else {
unset($arFieldsG["AUTHOR_NAME"]);
}
}
}
}
if ($USER->IsAuthorized()) {
$res = CForumUser::GetByUSER_ID($USER->GetID());
$bSHOW_NAME = !empty($res) ? $res["SHOW_NAME"] == "Y" : true;
$arFieldsG["EDITOR_NAME"] = $bSHOW_NAME ? trim($USER->GetFullName()) : "";
$arFieldsG["EDITOR_NAME"] = !empty($arFieldsG["EDITOR_NAME"]) ? $arFieldsG["EDITOR_NAME"] : $USER->GetLogin();
}
if ($bAddEditNote && empty($arFieldsG["EDITOR_NAME"])) {
$aMsg[] = array("id" => "EDITOR_NAME", "text" => GetMessage("ADDMESS_INPUT_EDITOR") . ".");
}
}
//*************************/Input params ***************************************************************************
//************************* Actions ********************************************************************************
//************************* Add/edit topic *************************************************************************
if (empty($aMsg)) {
// The longest step by time. Actualization of topic, user and forum statistic info (~0.7-0.8 sec)
if ($MESSAGE_TYPE == "EDIT" && ($arMessage["APPROVED"] == "Y" || $arMessage["APPROVED"] == "N")) {
$arFieldsG["APPROVED"] = $arMessage["APPROVED"];
} elseif (!empty($arTopic) && $arTopic["APPROVED"] != "Y") {
$arFieldsG["APPROVED"] = "N";
} else {
$arFieldsG["APPROVED"] = $arForum["MODERATION"] == "Y" ? "N" : "Y";
if (ForumCurrUserPermissions($FID, $arParams) >= "Q") {
$arFieldsG["APPROVED"] = "Y";
}
}
if ($bUpdateTopic) {
$arFields = array();
foreach (array("TITLE", "TITLE_SEO", "DESCRIPTION", "ICON", "TAGS") as $key) {
if (is_set($arFieldsG, $key)) {
$arFields[$key] = $arFieldsG[$key];
}
}
if ($MESSAGE_TYPE == "NEW") {
$arFields["FORUM_ID"] = $FID;
$arFields["USER_START_ID"] = $AUTHOR_ID;
$arFields["USER_START_NAME"] = $arFieldsG["AUTHOR_NAME"];
$arFields["LAST_POSTER_NAME"] = $arFieldsG["AUTHOR_NAME"];
$arFields["APPROVED"] = $arFieldsG["APPROVED"];
$arFields["OWNER_ID"] = $arFieldsG["OWNER_ID"];
$arFields["SOCNET_GROUP_ID"] = $arFieldsG["SOCNET_GROUP_ID"];
if (is_set($arFieldsG, "TOPIC_XML_ID")) {
$arFields["XML_ID"] = $arFieldsG["TOPIC_XML_ID"];
}
$TID = CForumTopic::Add($arFields);
if (IntVal($TID) <= 0) {
$aMsg[] = array("id" => "TOPIC_ID", "text" => GetMessage("ADDMESS_ERROR_ADD_TOPIC") . ".");
}
} else {
if (is_set($arFieldsG, "AUTHOR_NAME")) {
if ($arTopic["LAST_MESSAGE_ID"] == $MID && $arMessage["LAST_POSTER_NAME"] != $arFieldsG["AUTHOR_NAME"]) {
$arFields["LAST_POSTER_NAME"] = $arFieldsG["AUTHOR_NAME"];
}
if ($arTopic["ABS_LAST_MESSAGE_ID"] == $MID && $arMessage["ABS_LAST_POSTER_NAME"] != $arFieldsG["AUTHOR_NAME"]) {
$arFields["ABS_LAST_POSTER_NAME"] = $arFieldsG["AUTHOR_NAME"];
}
if ($arTopic["USER_START_NAME"] == $arMessage["USER_START_NAME"] && $arTopic["USER_START_NAME"] != $arFieldsG["AUTHOR_NAME"]) {
$arFields["USER_START_NAME"] = $arFieldsG["AUTHOR_NAME"];
}
}
if (!empty($arFields)) {
$TID1 = CForumTopic::Update($TID, $arFields);
if (intval($TID1) <= 0) {
$aMsg[] = array("id" => "TOPIC_ID", "text" => GetMessage("ADDMESS_ERROR_EDIT_TOPIC") . ".");
} else {
foreach ($arFields as $key => $val) {
if ($arFields[$key] != $arTopic[$key]) {
$res_log[$key] = $arFields[$key];
$res_log["before" . $key] = $arTopic[$key];
}
}
if (!empty($res_log)) {
$arTopic = CForumTopic::GetByID($TID);
$res_log['FORUM_ID'] = $arTopic['FORUM_ID'];
CForumEventLog::Log("topic", "edit", $TID, serialize($res_log));
}
}
if (is_set($arFieldsG, "AUTHOR_NAME") && $arForum["LAST_MESSAGE_ID"] == $MID && $arForum["LAST_POSTER_NAME"] != $arFieldsG["AUTHOR_NAME"]) {
$arFieldsForum = array("LAST_POSTER_NAME" => $arFieldsG["AUTHOR_NAME"]);
if ($arForum["ABS_LAST_MESSAGE_ID"] == $MID) {
$arFieldsForum["LAST_POSTER_NAME"] = $arFieldsG["AUTHOR_NAME"];
}
CForumNew::Update($arForum["ID"], $arFieldsForum);
}
}
}
}
}
//*************************/Add/edit topic *************************************************************************
//************************* Add/edit message ***********************************************************************
if (empty($aMsg)) {
$arFields = array("POST_MESSAGE" => $arFieldsG["POST_MESSAGE"], "USE_SMILES" => $arFieldsG["USE_SMILES"] == "Y" ? "Y" : "N", "APPROVED" => $arFieldsG["APPROVED"]);
if (is_set($arFieldsG, "ATTACH_IMG")) {
$arFields["ATTACH_IMG"] = $arFieldsG["ATTACH_IMG"];
} elseif (is_set($arFieldsG, "FILES")) {
$arFields["FILES"] = $arFieldsG["FILES"];
}
if (is_set($arFieldsG, "PARAM1")) {
$arFields["PARAM1"] = $arFieldsG["PARAM1"];
}
if (is_set($arFieldsG, "PARAM2")) {
$arFields["PARAM2"] = $arFieldsG["PARAM2"];
}
/* elseif ($MESSAGE_TYPE != "NEW")
{
$db_res = CForumMessage::GetList(array(), array("TOPIC_ID" => $TID, "NEW_TOPIC" => "Y"));
if ($db_res && $res = $db_res->Fetch())
$res["PARAM2"] = $res["PARAM2"];
}*/
$GLOBALS["USER_FIELD_MANAGER"]->EditFormAddFields("FORUM_MESSAGE", $arFields);
if ($MESSAGE_TYPE == "NEW" || $MESSAGE_TYPE == "REPLY") {
$arFields["AUTHOR_NAME"] = $arFieldsG["AUTHOR_NAME"];
$arFields["AUTHOR_EMAIL"] = $arFieldsG["AUTHOR_EMAIL"];
$arFields["AUTHOR_ID"] = $AUTHOR_ID;
$arFields["FORUM_ID"] = $FID;
$arFields["TOPIC_ID"] = $TID;
$AUTHOR_IP = ForumGetRealIP();
$AUTHOR_IP_tmp = $AUTHOR_IP;
$AUTHOR_REAL_IP = $_SERVER['REMOTE_ADDR'];
if (COption::GetOptionString("forum", "FORUM_GETHOSTBYADDR", "N") == "Y") {
$AUTHOR_IP = @gethostbyaddr($AUTHOR_IP);
$AUTHOR_REAL_IP = $AUTHOR_IP_tmp == $AUTHOR_REAL_IP ? $AUTHOR_IP : @gethostbyaddr($AUTHOR_REAL_IP);
}
$arFields["AUTHOR_IP"] = $AUTHOR_IP !== False ? $AUTHOR_IP : "<no address>";
$arFields["AUTHOR_REAL_IP"] = $AUTHOR_REAL_IP !== False ? $AUTHOR_REAL_IP : "<no address>";
$arFields["NEW_TOPIC"] = $MESSAGE_TYPE == "NEW" ? "Y" : "N";
$arFields["GUEST_ID"] = $_SESSION["SESS_GUEST_ID"];
$MID = CForumMessage::Add($arFields, false);
if (intVal($MID) <= 0) {
$str = $APPLICATION->GetException();
if ($str && $str->GetString()) {
$aMsg[] = array("id" => "MESSAGE_ID", "text" => $str->GetString());
} else {
$aMsg[] = array("id" => "MESSAGE_ID", "text" => GetMessage("ADDMESS_ERROR_ADD_MESSAGE") . ".");
}
if ($MESSAGE_TYPE == "NEW") {
CForumTopic::Delete($TID);
$TID = 0;
}
}
} else {
if (empty($AUTHOR_ID)) {
if (is_set($arFieldsG, "AUTHOR_NAME")) {
$arFields["AUTHOR_NAME"] = $arFieldsG["AUTHOR_NAME"];
}
if (is_set($arFieldsG, "AUTHOR_EMAIL")) {
$arFields["AUTHOR_EMAIL"] = $arFieldsG["AUTHOR_EMAIL"];
}
}
if ($bAddEditNote) {
$arFields["EDITOR_NAME"] = $arFieldsG["EDITOR_NAME"];
$arFields["EDITOR_EMAIL"] = $arFieldsG["EDITOR_EMAIL"];
$arFields["EDIT_REASON"] = $arFieldsG["EDIT_REASON"];
$arFields["EDIT_DATE"] = "";
if ($GLOBALS["USER"]->IsAuthorized()) {
$arFields["EDITOR_ID"] = $GLOBALS["USER"]->GetID();
}
}
$MID1 = CForumMessage::Update($MID, $arFields);
if (IntVal($MID1) <= 0) {
$ex = $GLOBALS['APPLICATION']->GetException();
if ($ex) {
$aMsg[] = array("id" => "MESSAGE_ID", "text" => $ex->GetString());
} else {
$aMsg[] = array("id" => "MESSAGE_ID", "text" => GetMessage("ADDMESS_ERROR_EDIT_MESSAGE") . ".");
}
} elseif ($AUTHOR_ID == $GLOBALS["USER"]->GetId() && COption::GetOptionString("forum", "LOGS", "Q") < "U") {
} else {
$res_log = array();
foreach ($arFields as $key => $val) {
if ($arFields[$key] != $arMessage[$key]) {
if ($key == "FILES" || $key == "ATTACH_IMG") {
$res_log[$key] = GetMessage("F_ATTACH_IS_MODIFIED");
continue;
}
$res_log["BeforeMessage"] = $arMessage[$key];
$res_log["AfterMessage"] = $arFields[$key];
}
}
if (!empty($res_log)) {
$arMessage = CForumMessage::GetByID($MID);
$TID = $arMessage['TOPIC_ID'];
$res_log['FORUM_ID'] = $arMessage['FORUM_ID'];
$arTopic = CForumTopic::GetByID($TID);
$res_log['TITLE'] = $arTopic['TITLE'];
$res_log['TOPIC_ID'] = $TID;
$res_log = serialize($res_log);
CForumEventLog::Log("message", "edit", $MID, $res_log);
}
}
}
}
//*************************/Add/edit message ***********************************************************************
if (empty($aMsg)) {
$DB->Commit();
} else {
$DB->Rollback();
}
if (empty($aMsg) && CModule::IncludeModule("statistic")) {
$F_EVENT1 = $arForum["EVENT1"];
$F_EVENT2 = $arForum["EVENT2"];
$F_EVENT3 = $arForum["EVENT3"];
if (empty($F_EVENT3)) {
$arForumSite_tmp = CForumNew::GetSites($FID);
if (defined("ADMIN_SECTION") && ADMIN_SECTION === true) {
$arForumSiteCode_tmp = array_keys($arForumSite_tmp);
$F_EVENT3 = CForumNew::PreparePath2Message(empty($arForumSite_tmp[$arForumSiteCode_tmp[0]]) ? '' : $arForumSite_tmp[$arForumSiteCode_tmp[0]], array("FORUM_ID" => $FID, "TOPIC_ID" => $TID, "MESSAGE_ID" => $MID));
} else {
$F_EVENT3 = CForumNew::PreparePath2Message(empty($arForumSite_tmp[SITE_ID]) ? '' : $arForumSite_tmp[SITE_ID], array("FORUM_ID" => $FID, "TOPIC_ID" => $TID, "MESSAGE_ID" => $MID));
}
}
CStatistics::Set_Event($F_EVENT1, $F_EVENT2, $F_EVENT3);
}
if (empty($aMsg)) {
$arNote = array();
if ($MESSAGE_TYPE == "NEW" || $MESSAGE_TYPE == "REPLY") {
CForumMessage::SendMailMessage($MID, array(), false, "NEW_FORUM_MESSAGE");
$arNote = array("id" => $MESSAGE_TYPE, "text" => GetMessage("ADDMESS_SUCCESS_ADD") . ". \n");
} else {
CForumMessage::SendMailMessage($MID, array(), false, "EDIT_FORUM_MESSAGE");
$arNote = array("id" => "EDIT", "text" => GetMessage("ADDMESS_SUCCESS_EDIT") . ". \n");
}
if ($arFieldsG["APPROVED"] != "Y") {
$arNote["id"] .= "_NOT_APPROVED";
$arNote["text"] .= GetMessage("ADDMESS_AFTER_MODERATE") . ". \n";
}
if (is_array($strOKMessage)) {
$strOKMessage[] = $arNote;
} else {
$strOKMessage .= $arNote["text"];
}
return $MID;
}
$e = new CAdminException($aMsg);
$strErrorMessage = $e->GetString();
return false;
}
$userCode = strtoupper($userCode);
}
$code = $this->CryptData($codeCrypt, "D", $_SESSION["CAPTCHA_PASSWORD"]);
if ($code != $userCode) {
return False;
}
return True;
}
}
}
$cpt = new CForumTmpCaptcha();
} else {
$cpt = new CCaptcha();
}
if (strlen($_REQUEST["captcha_code"]) <= 0) {
if (!$cpt->CheckCode($_POST["captcha_word"], 0)) {
$arError[] = array("code" => "captcha is empty", "title" => GetMessage("POSTM_CAPTCHA"));
}
} elseif (!$cpt->CheckCodeCrypt($_POST["captcha_word"], $_POST["captcha_code"], $captchaPass)) {
$arError[] = array("code" => "bad captcha", "title" => GetMessage("POSTM_CAPTCHA"));
}
}
// First exit point
if (!empty($arError)) {
return false;
}
// 1.5 Create Property
$needProperty = array();
$PRODUCT_IBLOCK_ID = intVal($arResult["ELEMENT"]["IBLOCK_ID"]);
$PRODUCT_NAME = Trim($arResult["ELEMENT"]["~NAME"]);
$FORUM_TOPIC_ID = intVal($arResult["ELEMENT"]["PROPERTY_FORUM_TOPIC_ID_VALUE"]);
$userCode = strtoupper($userCode);
}
$code = $this->CryptData($codeCrypt, "D", $_SESSION["CAPTCHA_PASSWORD"]);
if ($code != $userCode) {
return False;
}
return True;
}
}
}
$cpt = new CForumTmpCaptcha();
} else {
$cpt = new CCaptcha();
}
if (strlen($post["captcha_code"]) <= 0) {
if (!$cpt->CheckCode($post["captcha_word"], 0)) {
$arError[] = array("code" => "captcha is empty", "title" => GetMessage("POSTM_CAPTCHA"));
}
} elseif (!$cpt->CheckCodeCrypt($post["captcha_word"], $post["captcha_code"], $captchaPass)) {
$arError[] = array("code" => "bad captcha", "title" => GetMessage("POSTM_CAPTCHA"));
}
}
$arPost = array('MESSAGE' => trim($post["REVIEW_TEXT"]));
foreach (GetModuleEvents('forum', 'OnCommentAdd', true) as $arEvent) {
$result = ExecuteModuleEventEx($arEvent, array($arParams['ENTITY_TYPE'], $arParams['ENTITY_ID'], &$arPost));
if ($result === false) {
break;
}
}
if ($result === false && isset($arPost['ERROR'])) {
// validation failed