Esempio n. 1
0
 private function checkCaptcha()
 {
     if (is_object($this->captcha)) {
         $code = $this->request->getPost("captcha_code");
         $word = $this->request->getPost("captcha_word");
         if (strlen($code) > 0 && !$this->captcha->CheckCodeCrypt($word, $code, COption::GetOptionString("main", "captcha_password", "")) || strlen($code) <= 0 && !$this->captcha->CheckCode($word, 0)) {
             return false;
         }
     }
     return true;
 }
Esempio n. 2
0
 public static function KeepVoting()
 {
     global $DB, $VOTING_LAMP, $USER_ALREADY_VOTE, $USER_GROUP_PERMISSION, $USER;
     $err_mess = CAllVote::err_mess() . "<br>Function: KeepVoting<br>Line: ";
     $VOTING_LAMP = "green";
     $USER_ALREADY_VOTE = "N";
     $PUBLIC_VOTE_ID = intval($_REQUEST["PUBLIC_VOTE_ID"]);
     $aMsg = array();
     $VOTE_ID = 0;
     $arVote = array();
     $arQuestions = array();
     if (!(!empty($_REQUEST["vote"]) && $PUBLIC_VOTE_ID > 0 && check_bitrix_sessid())) {
         $aMsg[] = array("id" => "bad_params", "text" => GetMessage("VOTE_NOT_FOUND"));
     } elseif (($VOTE_ID = intVal(GetVoteDataByID($PUBLIC_VOTE_ID, $arChannel, $arVote, $arQuestions, $arAnswers, $arDropDown, $arMultiSelect, $arGroupAnswers, "N"))) && ($VOTE_ID <= 0 || $arVote["LAMP"] != "green")) {
         $VOTING_LAMP = "red";
         if ($VOTE_ID <= 0) {
             $aMsg[] = array("id" => "VOTE_ID", "text" => GetMessage("VOTE_NOT_FOUND"));
         } else {
             $aMsg[] = array("id" => "LAMP", "text" => GetMessage("VOTE_RED_LAMP"));
         }
     } elseif ($arChannel["USE_CAPTCHA"] == "Y" && !$USER->IsAuthorized()) {
         include_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/classes/general/captcha.php";
         $cpt = new CCaptcha();
         if (!empty($_REQUEST["captcha_word"])) {
             $captchaPass = COption::GetOptionString("main", "captcha_password", "");
             if (!$cpt->CheckCodeCrypt($_REQUEST["captcha_word"], $_REQUEST["captcha_code"], $captchaPass)) {
                 $GLOBALS["BAD_CAPTCHA"] = "Y";
                 $aMsg[] = array("id" => "CAPTCHA", "text" => GetMessage("VOTE_BAD_CAPTCHA"));
             }
         } else {
             if (!$cpt->CheckCode($_REQUEST["captcha_word"], 0)) {
                 $GLOBALS["NO_CAPTCHA"] = "Y";
                 $aMsg[] = array("id" => "CAPTCHA", "text" => GetMessage("VOTE_BAD_CAPTCHA"));
             }
         }
     }
     if (empty($aMsg)) {
         // get user id
         $_SESSION["VOTE_USER_ID"] = CVote::SetVoteUserID();
         $GLOBALS["VOTING_ID"] = $VOTE_ID;
         // check: can user vote
         $UNIQUE_TYPE = $arVote["UNIQUE_TYPE"];
         $KEEP_IP_SEC = $arVote["KEEP_IP_SEC"];
         $CHANNEL_ID = $arVote["CHANNEL_ID"];
         $StatusVote = CVote::UserAlreadyVote($VOTE_ID, $_SESSION["VOTE_USER_ID"], $UNIQUE_TYPE, $KEEP_IP_SEC, $USER->GetID());
         $USER_ALREADY_VOTE = $StatusVote != false ? "Y" : "N";
         $USER_GROUP_PERMISSION = CVote::UserGroupPermission($CHANNEL_ID);
         // if user can vote that
         if (($USER_ALREADY_VOTE == "N" || $StatusVote == 8 && $_REQUEST["REVOTE_ID"] == $VOTE_ID) && $USER_GROUP_PERMISSION >= 2) {
             $arSqlAnswers = array();
             // check answers
             foreach ($arQuestions as $qID => $arQuestion) {
                 $arSqlAnswers[$arQuestion["ID"]] = array();
                 $bIndicators = array();
                 foreach ($arQuestion["ANSWERS"] as $arAnswer) {
                     switch ($arAnswer["FIELD_TYPE"]) {
                         case 0:
                             // radio
                         // radio
                         case 2:
                             // dropdown list
                             $fieldName = ($arAnswer["FIELD_TYPE"] == 0 ? "vote_radio_" : "vote_dropdown_") . $qID;
                             $aID = intval($GLOBALS[$fieldName]);
                             if (!isset($bIndicators[$fieldName]) && array_key_exists($aID, $arQuestion["ANSWERS"])) {
                                 if (!empty($arAnswer['MESSAGE'])) {
                                     $arSqlAnswers[$qID][$aID] = array("ANSWER_ID" => $aID);
                                 }
                                 $bIndicators[$fieldName] = "Y";
                             }
                             break;
                         case 1:
                             // checkbox
                         // checkbox
                         case 3:
                             // multiselect list
                             $fieldName = ($arAnswer["FIELD_TYPE"] == 1 ? "vote_checkbox_" : "vote_multiselect_") . $qID;
                             $res = $GLOBALS[$fieldName];
                             if (!isset($bIndicators[$fieldName]) && is_array($res) && !empty($res)) {
                                 reset($res);
                                 foreach ($res as $aID) {
                                     if (array_key_exists($aID, $arQuestion["ANSWERS"])) {
                                         $arSqlAnswers[$qID][$aID] = array("ANSWER_ID" => $aID);
                                     }
                                 }
                                 $bIndicators[$fieldName] = "Y";
                             }
                             break;
                         case 4:
                             // field
                         // field
                         case 5:
                             // text
                             $aID = $arAnswer["ID"];
                             $fieldName = ($arAnswer["FIELD_TYPE"] == 4 ? "vote_field_" : "vote_memo_") . $aID;
                             $MESSAGE = trim($GLOBALS[$fieldName]);
                             if ($MESSAGE != "") {
                                 $arSqlAnswers[$qID][$aID] = array("ANSWER_ID" => $aID, "MESSAGE" => "'" . $DB->ForSql(trim($MESSAGE), 2000) . "'");
                             }
                             break;
                     }
                 }
                 if (empty($arSqlAnswers[$qID])) {
                     unset($arSqlAnswers[$qID]);
                     if ($arQuestion['REQUIRED'] == 'Y') {
                         $aMsg[] = array("id" => "QUESTION_" . $qID, "text" => GetMessage("VOTE_REQUIRED_MISSING"));
                         $GLOBALS["VOTE_REQUIRED_MISSING"] = "Y";
                         break;
                     }
                 }
             }
             if (!empty($aMsg)) {
                 /* do nothing; */
             } elseif (!empty($arSqlAnswers)) {
                 // vote event
                 $arFields = array("VOTE_ID" => $VOTE_ID, "VOTE_USER_ID" => intval($_SESSION["VOTE_USER_ID"]), "DATE_VOTE" => $DB->GetNowFunction(), "STAT_SESSION_ID" => intval($_SESSION["SESS_SESSION_ID"]), "IP" => "'" . $DB->ForSql($_SERVER["REMOTE_ADDR"], 15) . "'", "VALID" => "'Y'");
                 /***************** Event onBeforeVoting ****************************/
                 foreach (GetModuleEvents("vote", "onBeforeVoting", true) as $arEvent) {
                     if (ExecuteModuleEventEx($arEvent, array(&$arFields, &$arSqlAnswers)) === false) {
                         return false;
                     }
                 }
                 /***************** /Event ******************************************/
                 if ($StatusVote == 8 && $_REQUEST["REVOTE_ID"] == $VOTE_ID) {
                     $strSql = "SELECT VE.ID, VEQ.QUESTION_ID, VEA.ANSWER_ID" . " FROM b_vote_event VE " . "\tLEFT JOIN b_vote_event_question VEQ ON (VEQ.EVENT_ID=VE.ID)" . "\tLEFT JOIN b_vote_event_answer VEA ON (VEA.EVENT_QUESTION_ID=VEQ.ID)" . "\tLEFT JOIN b_vote_user VU ON (VE.VOTE_USER_ID = VU.ID)" . " WHERE VE.VOTE_ID=" . $VOTE_ID . " AND VU.AUTH_USER_ID=" . intval($USER->GetID()) . " ORDER BY VE.ID ASC, VEQ.QUESTION_ID ASC";
                     $db_res = $DB->Query($strSql, false, $err_mess . __LINE__);
                     if ($db_res && ($res = $db_res->Fetch())) {
                         if ($USER->GetID() > 0 && CModule::IncludeModule("im")) {
                             CIMNotify::DeleteByTag("VOTING|" . $VOTE_ID, $USER->GetID());
                         }
                         $del = false;
                         $delQ = false;
                         do {
                             if ($delQ !== $res["QUESTION_ID"]) {
                                 if ($del !== $res["ID"]) {
                                     CVoteEvent::Delete($res["ID"]);
                                     $del = $res["ID"];
                                     $arVote["COUNTER"] = intval($arVote["COUNTER"]) - 1;
                                 }
                                 $delQ = $res["QUESTION_ID"];
                                 $arQuestions[$res["QUESTION_ID"]]["COUNTER"] = intval($arQuestions[$res["QUESTION_ID"]]["COUNTER"]) - 1;
                             }
                             $arQuestions[$res["QUESTION_ID"]]["ANSWERS"][$res["ANSWER_ID"]]["COUNTER"] = intval($arQuestions[$res["QUESTION_ID"]]["ANSWERS"][$res["ANSWER_ID"]]["COUNTER"]) - 1;
                         } while ($res = $db_res->Fetch());
                     }
                     $USER_ALREADY_VOTE = "N";
                 }
                 unset($GLOBALS["VOTE_CACHE_VOTING"][$VOTE_ID]);
                 unset($GLOBALS["VOTE_CACHE"]["VOTE"][$VOTE_ID]);
                 $EVENT_ID = intval($DB->Insert("b_vote_event", $arFields, $err_mess . __LINE__));
                 if ($EVENT_ID > 0) {
                     $arSqlQuestionsID = array();
                     $arSqlAnswersID = array();
                     foreach ($arSqlAnswers as $qID => $arSqlAnswer) {
                         $arFields = array("EVENT_ID" => $EVENT_ID, "QUESTION_ID" => $qID);
                         $EVENT_QUESTION_ID = intval($DB->Insert("b_vote_event_question", $arFields, $err_mess . __LINE__));
                         if ($EVENT_QUESTION_ID > 0) {
                             $arSqlQuestionsID[] = $qID;
                             $arQuestions[$qID]["COUNTER"] = intval($arQuestions[$qID]["COUNTER"]) + 1;
                             foreach ($arSqlAnswer as $aID => $res) {
                                 $res["EVENT_QUESTION_ID"] = $EVENT_QUESTION_ID;
                                 if ($DB->Insert("b_vote_event_answer", $res, $err_mess . __LINE__)) {
                                     $arSqlAnswersID[$aID] = $qID;
                                     $arQuestions[$qID]["ANSWERS"][$aID]["COUNTER"] = intval($arQuestions[$qID]["ANSWERS"][$aID]["COUNTER"]) + 1;
                                 }
                             }
                         }
                     }
                     if (empty($arSqlQuestionsID) || empty($arSqlAnswersID)) {
                         $DB->Query("DELETE FROM b_vote_event WHERE ID=" . $EVENT_ID, $arFields, $err_mess . __LINE__);
                     } else {
                         $arFields = array("COUNTER" => "COUNTER+1");
                         $DB->Update("b_vote", $arFields, "WHERE ID='" . $VOTE_ID . "'", $err_mess . __LINE__);
                         $arVote["COUNTER"] = intval($arVote["COUNTER"]) + 1;
                         $DB->Update("b_vote_question", $arFields, "WHERE ID in (" . implode(", ", $arSqlQuestionsID) . ")", $err_mess . __LINE__);
                         $DB->Update("b_vote_answer", $arFields, "WHERE ID in (" . implode(", ", array_keys($arSqlAnswersID)) . ")", $err_mess . __LINE__);
                         // increment user counter
                         CVote::UpdateVoteUserID($_SESSION["VOTE_USER_ID"]);
                         $GLOBALS["VOTING_OK"] = "Y";
                         $_SESSION["VOTE_ARRAY"][] = $VOTE_ID;
                         if ($UNIQUE_TYPE & 8) {
                             $_SESSION["VOTE"]["VOTES"][$VOTE_ID] = $EVENT_ID;
                         }
                         // statistic module
                         if (CModule::IncludeModule("statistic")) {
                             $event3 = $arVote["EVENT3"];
                             if (!empty($event3)) {
                                 $event3 = "http://" . $_SERVER["HTTP_HOST"] . "/bitrix/admin/vote_user_results.php?EVENT_ID=" . $EVENT_ID . "&lang=" . LANGUAGE_ID;
                             }
                             CStatEvent::AddCurrent($arVote["EVENT1"], $arVote["EVENT2"], $event3);
                         }
                         // notification
                         if (!!$arVote["AUTHOR_ID"] && $arVote["AUTHOR_ID"] != $USER->GetID()) {
                             if (empty($arVote["TITLE"])) {
                                 $arQuestion = reset($arQuestions);
                                 $arVote["TITLE"] = $arQuestion["QUESTION"];
                             }
                             if ($arVote["NOTIFY"] == "I" && CModule::IncludeModule("im")) {
                                 $arVote["TOTAL_URL"] = "";
                                 if (!empty($arVote["URL"])) {
                                     if (defined('SITE_SERVER_NAME')) {
                                         $arVote["TOTAL_URL"] = SITE_SERVER_NAME;
                                     }
                                     $arVote["TOTAL_URL"] = !empty($arVote["TOTAL_URL"]) ? $arVote["TOTAL_URL"] : COption::GetOptionString("main", "server_name", $GLOBALS["SERVER_NAME"]);
                                     if (!empty($arVote["TOTAL_URL"])) {
                                         $arVote["TOTAL_URL"] = (CMain::IsHTTPS() ? "https" : "http") . "://" . $arVote["TOTAL_URL"] . $arVote["URL"];
                                     }
                                 }
                                 // send notification
                                 $gender = $USER->getParam("PERSONAL_GENDER") == "F" ? "_F" : "";
                                 $arMessageFields = array("MESSAGE_TYPE" => IM_MESSAGE_SYSTEM, "TO_USER_ID" => $arVote["AUTHOR_ID"], "FROM_USER_ID" => $USER->GetID(), "NOTIFY_TYPE" => IM_NOTIFY_FROM, "NOTIFY_MODULE" => "vote", "NOTIFY_EVENT" => "voting", "NOTIFY_TAG" => "VOTING|" . $VOTE_ID, "NOTIFY_MESSAGE" => !empty($arVote["URL"]) ? GetMessage("V_NOTIFY_MESSAGE_HREF" . $gender, array("#VOTE_TITLE#" => $arVote["TITLE"], "#VOTE_URL#" => $arVote["URL"])) : GetMessage("V_NOTIFY_MESSAGE" . $gender, array("#VOTE_TITLE#" => $arVote["TITLE"])), "NOTIFY_MESSAGE_OUT" => !empty($arVote["TOTAL_URL"]) ? GetMessage("V_NOTIFY_MESSAGE_OUT_HREF" . $gender, array("#VOTE_TITLE#" => $arVote["TITLE"], "#VOTE_URL#" => $arVote["TOTAL_URL"])) : GetMessage("V_NOTIFY_MESSAGE" . $gender, array("#VOTE_TITLE#" => $arVote["TITLE"])));
                                 CIMNotify::Add($arMessageFields);
                             } else {
                                 if ($arVote["NOTIFY"] == "Y") {
                                     // send e-mail
                                     $db_user = CUser::GetById($arVote["AUTHOR_ID"]);
                                     if ($db_user && ($arUser = $db_user->Fetch()) && !empty($arUser["EMAIL"])) {
                                         $arEventFields = array("EMAIL_TO" => $arUser["EMAIL"], "VOTE_STATISTIC" => "", "ID" => $EVENT_ID, "TIME" => GetTime(time(), "FULL"), "VOTE_TITLE" => $arVote["TITLE"], "VOTE_DESCRIPTION" => $arVote["DESCRIPTION"], "VOTE_ID" => $arVote["ID"], "VOTE_COUNTER" => $arVote["COUNTER"], "URL" => $arVote["URL"], "CHANNEL" => $arChannel["TITLE"], "CHANNEL_ID" => $arChannel["ID"], "VOTER_ID" => $_SESSION["VOTE_USER_ID"], "USER_NAME" => $USER->GetFullName(), "LOGIN" => $USER->GetLogin(), "USER_ID" => $USER->GetID(), "STAT_GUEST_ID" => intval($_SESSION["SESS_GUEST_ID"]), "SESSION_ID" => intval($_SESSION["SESS_SESSION_ID"]), "IP" => $_SERVER["REMOTE_ADDR"]);
                                         $arEventFields["USER_NAME"] = !!$arEventFields["USER_NAME"] ? $arEventFields["USER_NAME"] : $arEventFields["LOGIN"];
                                         // VOTE_STATISTIC
                                         $text = array();
                                         foreach ($arSqlAnswersID as $aID => $qID) {
                                             $text[$qID] = is_array($text[$qID]) ? $text[$qID] : array();
                                             if ($arQuestions[$qID]["ANSWERS"][$aID]["FIELD_TYPE"] == 4 || $arQuestions[$qID]["ANSWERS"][$aID]["FIELD_TYPE"] == 5) {
                                                 if (!empty($arSqlAnswers[$qID][$aID]["MESSAGE"])) {
                                                     $text[$qID][] = $arSqlAnswers[$qID][$aID]["MESSAGE"];
                                                 }
                                             } else {
                                                 $text[$qID][] = $arQuestions[$qID]["ANSWERS"][$aID]["MESSAGE"];
                                             }
                                         }
                                         foreach ($text as $qID => $txt) {
                                             $text[$qID] = " - " . $arQuestions[$qID]["QUESTION"] . "\n - " . implode(", ", $text[$qID]);
                                         }
                                         $arEventFields["VOTE_STATISTIC"] = "\n" . implode("\n\n", $text);
                                         $arrSites = CVoteChannel::GetSiteArray($arChannel["ID"]);
                                         CEvent::Send("VOTE_FOR", $arrSites, $arEventFields, "N");
                                     }
                                 }
                             }
                         }
                     }
                     /***************** Event onAfterVoting *****************************/
                     foreach (GetModuleEvents("vote", "onAfterVoting", true) as $arEvent) {
                         ExecuteModuleEventEx($arEvent, array($VOTE_ID, $EVENT_ID));
                     }
                     /***************** /Event ******************************************/
                 }
             } else {
                 $GLOBALS["USER_VOTE_EMPTY"] = "Y";
                 $aMsg[] = array("id" => "VOTE_ID", "text" => GetMessage("USER_VOTE_EMPTY"));
             }
         } else {
             $aMsg[] = array("id" => "VOTE_ID", "text" => $USER_GROUP_PERMISSION >= 2 ? GetMessage("VOTE_ALREADY_VOTE") : GetMessage("VOTE_ACCESS_DENIED"));
         }
     }
     if (!empty($aMsg)) {
         $e = new CAdminException($aMsg, "CVote::KeepVoting");
         $GLOBALS["APPLICATION"]->ThrowException($e);
         $GLOBALS["VOTING_OK"] = "N";
         return false;
     }
     return true;
 }
Esempio n. 3
0
				Action
********************************************************************/
if ($_SERVER["REQUEST_METHOD"] == "POST" && $_POST["ACTION"] == "SEND" && check_bitrix_sessid()) {
    $userSend["FULL_NAME"] = trim(empty($userSend["FULL_NAME"]) ? $_POST["NAME"] : $userSend["FULL_NAME"]);
    $userSend["E-MAIL"] = trim(empty($userSend["E-MAIL"]) ? $_POST["EMAIL"] : $userSend["E-MAIL"]);
    // Use captcha
    if ($arParams["SEND_" . strToUpper($arParams["TYPE"])] < "Y" && !$USER->IsAuthorized()) {
        include_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/classes/general/captcha.php";
        $cpt = new CCaptcha();
        if (strlen($_REQUEST["captcha_code"]) > 0) {
            $captchaPass = COption::GetOptionString("main", "captcha_password", "");
            if (!$cpt->CheckCodeCrypt($_REQUEST["captcha_word"], $_REQUEST["captcha_code"], $captchaPass)) {
                $arError[] = array("id" => "BAD_CAPTCHA", "text" => GetMessage("F_BAD_CAPTCHA"));
            }
        } else {
            if (!$cpt->CheckCode($_REQUEST["captcha_word"], 0)) {
                $arError[] = array("id" => "NO_CAPTCHA", "text" => GetMessage("F_BAD_CAPTCHA"));
            }
        }
    }
    if (empty($userSend["FULL_NAME"])) {
        $arError[] = array("id" => "NO_NAME", "text" => GetMessage("F_NO_NAME"));
    }
    if (empty($userSend["E-MAIL"])) {
        $arError[] = array("id" => $arParams["TYPE"] == "ICQ" ? "NO_ICQ" : "NO_MAIL", "text" => GetMessage("F_NO_EMAIL1") . " " . ($arParams["TYPE"] == "ICQ" ? GetMessage("F_NO_EMAIL2") : GetMessage("F_NO_EMAIL3")));
    } elseif ($arParams["TYPE"] != "ICQ" && !check_email($userSend["E-MAIL"])) {
        $arError[] = array("id" => "BAD_MAIL", "text" => GetMessage("F_BAD_EMAIL"));
    }
    if (empty($_POST["SUBJECT"])) {
        $arError[] = array("id" => "NO_SUBJECT", "text" => GetMessage("F_NO_SUBJECT"));
    }
Esempio n. 4
0
 function CaptchaCheckCode($captcha_word, $captcha_sid)
 {
     include_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/classes/general/captcha.php";
     $cpt = new CCaptcha();
     if ($cpt->CheckCode($captcha_word, $captcha_sid)) {
         return True;
     } else {
         return False;
     }
 }
Esempio n. 5
0
function ForumAddMessage($MESSAGE_TYPE, $FID, $TID, $MID, $arFieldsG, &$strErrorMessage, &$strOKMessage, $iFileSize = false, $captcha_word = "", $captcha_sid = 0, $captcha_code = "")
{
    global $USER, $DB, $APPLICATION;
    $APPLICATION->ResetException();
    $aMsg = array();
    $bUpdateTopic = False;
    $bAddEditNote = $MESSAGE_TYPE == "EDIT";
    $arParams = array("PERMISSION" => false);
    $arUserGroups = $USER->GetUserGroupArray();
    // ************ External Permission *********************************
    if (!empty($arFieldsG["PERMISSION_EXTERNAL"])) {
        $arParams["PERMISSION"] = CForumNew::GetUserPermission($FID, $arUserGroups);
        $arParams["PERMISSION"] = $arParams["PERMISSION"] < "Q" ? $arFieldsG["PERMISSION_EXTERNAL"] : $arParams["PERMISSION"];
        unset($arFieldsG["PERMISSION_EXTERNAL"]);
    } elseif (!empty($arFieldsG["SONET_PERMS"])) {
        $arParams["PERMISSION"] = CForumNew::GetUserPermission($FID, $arUserGroups);
        if ($arParams["PERMISSION"] < "Q") {
            if ($arFieldsG["SONET_PERMS"]["bCanFull"] === true) {
                $arParams["PERMISSION"] = "Y";
            } elseif ($arFieldsG["SONET_PERMS"]["bCanNew"] === true) {
                $arParams["PERMISSION"] = "M";
            } elseif ($arFieldsG["SONET_PERMS"]["bCanWrite"] === true) {
                $arParams["PERMISSION"] = "I";
            } else {
                $arParams["PERMISSION"] = "A";
            }
        }
        unset($arFieldsG["SONET_PERMS"]);
    }
    $DB->StartTransaction();
    if (!in_array($MESSAGE_TYPE, array("NEW", "EDIT", "REPLY"))) {
        $aMsg[] = array("id" => "MESSAGE_TYPE", "text" => GetMessage("ADDMES_NO_TYPE") . ".");
    }
    $MID = intval($MID);
    $TID = intval($TID);
    $FID = intval($FID);
    $arFieldsG["EDIT_ADD_REASON"] = $arFieldsG["EDIT_ADD_REASON"] == "Y" ? "Y" : "N";
    if ($MID > 0) {
        $arMessage = CForumMessage::GetByID($MID, array("FILTER" => "N"));
        if ($arMessage) {
            $TID = IntVal($arMessage["TOPIC_ID"]);
            $FID = IntVal($arMessage["FORUM_ID"]);
        }
    }
    $arTopic = array();
    if ($TID > 0) {
        $arTopic = CForumTopic::GetByID($TID);
        if ($arTopic) {
            $FID = IntVal($arTopic["FORUM_ID"]);
        }
    }
    $arForum = CForumNew::GetByID($FID);
    //************************* Input params **************************************************************************
    if ($MESSAGE_TYPE == "NEW" && !CForumTopic::CanUserAddTopic($FID, $arUserGroups, $USER->GetID(), $arForum, $arParams["PERMISSION"])) {
        $aMsg[] = array("id" => "PERMISSION", "text" => GetMessage("ADDMESS_NO_PERMS2NEW") . ".");
    } elseif ($MESSAGE_TYPE == "EDIT" && !CForumMessage::CanUserUpdateMessage($MID, $arUserGroups, $USER->GetID(), $arParams["PERMISSION"])) {
        $aMsg[] = array("id" => "PERMISSION", "text" => GetMessage("ADDMESS_NO_PERMS2EDIT") . ".");
    } elseif ($MESSAGE_TYPE == "REPLY" && !CForumMessage::CanUserAddMessage($TID, $arUserGroups, $USER->GetID(), $arParams["PERMISSION"])) {
        $aMsg[] = array("id" => "PERMISSION", "text" => GetMessage("ADDMESS_NO_PERMS2REPLY") . ".");
    }
    if ($MESSAGE_TYPE == "NEW" || $MESSAGE_TYPE == "EDIT" && array_intersect_key($arFieldsG, array("TITLE" => "", "DESCRIPTION" => "", "ICON" => "", "TAGS" => "", "OWNER_ID" => "", "SOCNET_GROUP_ID" => "")) && CForumTopic::CanUserUpdateTopic($TID, $arUserGroups, $USER->GetID(), $arParams["PERMISSION"])) {
        $bUpdateTopic = True;
    }
    if ($MESSAGE_TYPE == "EDIT" && (ForumCurrUserPermissions($FID, $arParams) > "Q" && $arFieldsG["EDIT_ADD_REASON"] == "N")) {
        $bAddEditNote = false;
    }
    //*************************!CAPTCHA********************************************************************************
    if (!$USER->IsAuthorized() && $arForum["USE_CAPTCHA"] == "Y") {
        include_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/classes/general/captcha.php";
        $cpt = new CCaptcha();
        if (strlen($captcha_code) > 0) {
            $captchaPass = COption::GetOptionString("main", "captcha_password", "");
            if (!$cpt->CheckCodeCrypt($captcha_word, $captcha_code, $captchaPass)) {
                $aMsg[] = array("id" => "CAPTCHA", "text" => GetMessage("FORUM_POSTM_CAPTCHA") . ".");
            }
        } else {
            if (!$cpt->CheckCode($captcha_word, $captcha_sid)) {
                $aMsg[] = array("id" => "CAPTCHA", "text" => GetMessage("FORUM_POSTM_CAPTCHA") . ".");
            }
        }
    }
    //*************************!CAPTCHA********************************************************************************
    $arFieldsG["POST_MESSAGE"] = trim($arFieldsG["POST_MESSAGE"]);
    if (empty($arFieldsG["POST_MESSAGE"])) {
        $aMsg[] = array("id" => "POST_MESSAGE", "text" => GetMessage("ADDMESS_INPUT_MESSAGE") . ".");
    }
    if ($bUpdateTopic && is_set($arFieldsG, "TITLE")) {
        $arFieldsG["TITLE"] = trim($arFieldsG["TITLE"]);
        if (empty($arFieldsG["TITLE"])) {
            $aMsg[] = array("id" => "TITLE", "text" => GetMessage("ADDMESS_INPUT_TITLE") . ".");
        }
    }
    //*************************!QUOTA**********************************************************************************
    /*	if (empty($aMsg))
    	{
    		$quota = new CDiskQuota();
    		if ($MESSAGE_TYPE=="EDIT")
    		{
    			if (!$quota->checkDiskQuota(strLen($arFieldsG["POST_MESSAGE"]) - strLen($arMessage["POST_MESSAGE"])))
    			{
    				if (!$quota->LAST_ERROR)
    					$aMsg[] = array("id" => "QUOTA", "text" => GetMessage("MAIN_QUOTA_BAD")."( ".COption::GetOptionInt("main", "disk_space")." ).");
    				else
    					$aMsg[] = array("id" => "QUOTA", "text" => $quota->LAST_ERROR);
    			}
    		}
    		elseif (!$quota->checkDiskQuota($arFieldsG["POST_MESSAGE"]))
    		{
    			if (!$quota->LAST_ERROR)
    				$aMsg[] = array("id" => "QUOTA", "text" => GetMessage("MAIN_QUOTA_BAD")."( ".COption::GetOptionInt("main", "disk_space")." ).");
    			else
    				$aMsg[] = array("id" => "QUOTA", "text" => $quota->LAST_ERROR);
    		}
    	}*/
    //*************************!QUOTA**********************************************************************************
    if (empty($aMsg)) {
        //		*************************!ATTACH_IMG*****************************************************************************
        if (is_set($arFieldsG, "ATTACH_IMG") && empty($arFieldsG["ATTACH_IMG"]["name"]) && empty($arFieldsG["ATTACH_IMG"]["del"])) {
            unset($arFieldsG["ATTACH_IMG"]);
        }
        if (is_set($arFieldsG, "ATTACH_IMG")) {
            $arFieldsG["ATTACH_IMG"]["FILE_ID"] = $arMessage["ATTACH_IMG"];
            $arFieldsG["FILES"] = array($arFieldsG["ATTACH_IMG"]);
        }
        unset($arFieldsG["ATTACH_IMG"]);
        if (!empty($arFieldsG["FILES"]) && is_array($arFieldsG["FILES"])) {
            foreach ($arFieldsG["FILES"] as $key => $val) {
                if (intVal($val["FILE_ID"]) > 0) {
                    $arFieldsG["FILES"][$key]["del"] = $val["del"] == "Y" ? "Y" : "";
                }
            }
            $res = array("FORUM_ID" => $arForum["ID"], "TOPIC_ID" => 0, "MESSAGE_ID" => 0, "USER_ID" => $USER->GetID());
            if (!in_array($arForum["ALLOW_UPLOAD"], array("Y", "F", "A"))) {
                unset($arFieldsG["FILES"]);
            } elseif (!CForumFiles::CheckFields($arFieldsG["FILES"], $res, "NOT_CHECK_DB")) {
                if ($ex = $APPLICATION->GetException()) {
                    $aMsg[] = array("id" => "FILE", "text" => $ex->GetString());
                } else {
                    $aMsg[] = array("id" => "FILE", "text" => "File upload error.");
                }
            }
        }
    }
    //*************************/ATTACH_IMG*****************************************************************************
    if (empty($aMsg) && ($MESSAGE_TYPE == "NEW" || $MESSAGE_TYPE == "REPLY")) {
        $AUTHOR_ID = IntVal($USER->GetParam("USER_ID"));
        if ($USER->IsAuthorized()) {
            $res = CForumUser::GetByUSER_ID($USER->GetID());
            $bSHOW_NAME = !empty($res) ? $res["SHOW_NAME"] == "Y" : true;
            $arFieldsG["AUTHOR_NAME"] = $bSHOW_NAME ? trim($USER->GetFullName()) : "";
            $arFieldsG["AUTHOR_NAME"] = !empty($arFieldsG["AUTHOR_NAME"]) ? $arFieldsG["AUTHOR_NAME"] : $USER->GetLogin();
        }
        if (empty($arFieldsG["AUTHOR_NAME"])) {
            $aMsg[] = array("id" => "AUTHOR_NAME", "text" => GetMessage("ADDMESS_INPUT_AUTHOR") . ".");
        }
    } elseif (empty($aMsg) && $MESSAGE_TYPE == "EDIT") {
        $AUTHOR_ID = IntVal($arMessage["AUTHOR_ID"]);
        if (is_set($arFieldsG, "AUTHOR_NAME") && empty($arFieldsG["AUTHOR_NAME"])) {
            if ($AUTHOR_ID <= 0) {
                $aMsg[] = array("id" => "AUTHOR_NAME", "text" => GetMessage("ADDMESS_INPUT_AUTHOR") . ".");
            } else {
                $res = CForumUser::GetByUSER_ID($AUTHOR_ID);
                $bSHOW_NAME = !empty($res) ? $res["SHOW_NAME"] == "Y" : true;
                if ($USER->GetID() == $AUTHOR_ID) {
                    $arFieldsG["AUTHOR_NAME"] = $bSHOW_NAME ? trim($USER->GetFullName()) : "";
                    $arFieldsG["AUTHOR_NAME"] = !empty($arFieldsG["AUTHOR_NAME"]) ? $arFieldsG["AUTHOR_NAME"] : $USER->GetLogin();
                } else {
                    $res = CForumUser::GetByUSER_IDEx($AUTHOR_ID);
                    if ($res) {
                        $arFieldsG["AUTHOR_NAME"] = trim($bSHOW_NAME ? $res["NAME"] . " " . $res["LAST_NAME"] : "");
                        $arFieldsG["AUTHOR_NAME"] = !empty($arFieldsG["AUTHOR_NAME"]) ? $arFieldsG["AUTHOR_NAME"] : $res["LOGIN"];
                    } else {
                        unset($arFieldsG["AUTHOR_NAME"]);
                    }
                }
            }
        }
        if ($USER->IsAuthorized()) {
            $res = CForumUser::GetByUSER_ID($USER->GetID());
            $bSHOW_NAME = !empty($res) ? $res["SHOW_NAME"] == "Y" : true;
            $arFieldsG["EDITOR_NAME"] = $bSHOW_NAME ? trim($USER->GetFullName()) : "";
            $arFieldsG["EDITOR_NAME"] = !empty($arFieldsG["EDITOR_NAME"]) ? $arFieldsG["EDITOR_NAME"] : $USER->GetLogin();
        }
        if ($bAddEditNote && empty($arFieldsG["EDITOR_NAME"])) {
            $aMsg[] = array("id" => "EDITOR_NAME", "text" => GetMessage("ADDMESS_INPUT_EDITOR") . ".");
        }
    }
    //*************************/Input params ***************************************************************************
    //************************* Actions ********************************************************************************
    //************************* Add/edit topic *************************************************************************
    if (empty($aMsg)) {
        // The longest step by time. Actualization of topic, user and forum statistic info (~0.7-0.8 sec)
        if ($MESSAGE_TYPE == "EDIT" && ($arMessage["APPROVED"] == "Y" || $arMessage["APPROVED"] == "N")) {
            $arFieldsG["APPROVED"] = $arMessage["APPROVED"];
        } elseif (!empty($arTopic) && $arTopic["APPROVED"] != "Y") {
            $arFieldsG["APPROVED"] = "N";
        } else {
            $arFieldsG["APPROVED"] = $arForum["MODERATION"] == "Y" ? "N" : "Y";
            if (ForumCurrUserPermissions($FID, $arParams) >= "Q") {
                $arFieldsG["APPROVED"] = "Y";
            }
        }
        if ($bUpdateTopic) {
            $arFields = array();
            foreach (array("TITLE", "TITLE_SEO", "DESCRIPTION", "ICON", "TAGS") as $key) {
                if (is_set($arFieldsG, $key)) {
                    $arFields[$key] = $arFieldsG[$key];
                }
            }
            if ($MESSAGE_TYPE == "NEW") {
                $arFields["FORUM_ID"] = $FID;
                $arFields["USER_START_ID"] = $AUTHOR_ID;
                $arFields["USER_START_NAME"] = $arFieldsG["AUTHOR_NAME"];
                $arFields["LAST_POSTER_NAME"] = $arFieldsG["AUTHOR_NAME"];
                $arFields["APPROVED"] = $arFieldsG["APPROVED"];
                $arFields["OWNER_ID"] = $arFieldsG["OWNER_ID"];
                $arFields["SOCNET_GROUP_ID"] = $arFieldsG["SOCNET_GROUP_ID"];
                if (is_set($arFieldsG, "TOPIC_XML_ID")) {
                    $arFields["XML_ID"] = $arFieldsG["TOPIC_XML_ID"];
                }
                $TID = CForumTopic::Add($arFields);
                if (IntVal($TID) <= 0) {
                    $aMsg[] = array("id" => "TOPIC_ID", "text" => GetMessage("ADDMESS_ERROR_ADD_TOPIC") . ".");
                }
            } else {
                if (is_set($arFieldsG, "AUTHOR_NAME")) {
                    if ($arTopic["LAST_MESSAGE_ID"] == $MID && $arMessage["LAST_POSTER_NAME"] != $arFieldsG["AUTHOR_NAME"]) {
                        $arFields["LAST_POSTER_NAME"] = $arFieldsG["AUTHOR_NAME"];
                    }
                    if ($arTopic["ABS_LAST_MESSAGE_ID"] == $MID && $arMessage["ABS_LAST_POSTER_NAME"] != $arFieldsG["AUTHOR_NAME"]) {
                        $arFields["ABS_LAST_POSTER_NAME"] = $arFieldsG["AUTHOR_NAME"];
                    }
                    if ($arTopic["USER_START_NAME"] == $arMessage["USER_START_NAME"] && $arTopic["USER_START_NAME"] != $arFieldsG["AUTHOR_NAME"]) {
                        $arFields["USER_START_NAME"] = $arFieldsG["AUTHOR_NAME"];
                    }
                }
                if (!empty($arFields)) {
                    $TID1 = CForumTopic::Update($TID, $arFields);
                    if (intval($TID1) <= 0) {
                        $aMsg[] = array("id" => "TOPIC_ID", "text" => GetMessage("ADDMESS_ERROR_EDIT_TOPIC") . ".");
                    } else {
                        foreach ($arFields as $key => $val) {
                            if ($arFields[$key] != $arTopic[$key]) {
                                $res_log[$key] = $arFields[$key];
                                $res_log["before" . $key] = $arTopic[$key];
                            }
                        }
                        if (!empty($res_log)) {
                            $arTopic = CForumTopic::GetByID($TID);
                            $res_log['FORUM_ID'] = $arTopic['FORUM_ID'];
                            CForumEventLog::Log("topic", "edit", $TID, serialize($res_log));
                        }
                    }
                    if (is_set($arFieldsG, "AUTHOR_NAME") && $arForum["LAST_MESSAGE_ID"] == $MID && $arForum["LAST_POSTER_NAME"] != $arFieldsG["AUTHOR_NAME"]) {
                        $arFieldsForum = array("LAST_POSTER_NAME" => $arFieldsG["AUTHOR_NAME"]);
                        if ($arForum["ABS_LAST_MESSAGE_ID"] == $MID) {
                            $arFieldsForum["LAST_POSTER_NAME"] = $arFieldsG["AUTHOR_NAME"];
                        }
                        CForumNew::Update($arForum["ID"], $arFieldsForum);
                    }
                }
            }
        }
    }
    //*************************/Add/edit topic *************************************************************************
    //************************* Add/edit message ***********************************************************************
    if (empty($aMsg)) {
        $arFields = array("POST_MESSAGE" => $arFieldsG["POST_MESSAGE"], "USE_SMILES" => $arFieldsG["USE_SMILES"] == "Y" ? "Y" : "N", "APPROVED" => $arFieldsG["APPROVED"]);
        if (is_set($arFieldsG, "ATTACH_IMG")) {
            $arFields["ATTACH_IMG"] = $arFieldsG["ATTACH_IMG"];
        } elseif (is_set($arFieldsG, "FILES")) {
            $arFields["FILES"] = $arFieldsG["FILES"];
        }
        if (is_set($arFieldsG, "PARAM1")) {
            $arFields["PARAM1"] = $arFieldsG["PARAM1"];
        }
        if (is_set($arFieldsG, "PARAM2")) {
            $arFields["PARAM2"] = $arFieldsG["PARAM2"];
        }
        /*		elseif ($MESSAGE_TYPE != "NEW")
        		{
        			$db_res = CForumMessage::GetList(array(), array("TOPIC_ID" => $TID, "NEW_TOPIC" => "Y"));
        			if ($db_res && $res = $db_res->Fetch())
        				$res["PARAM2"] = $res["PARAM2"];
        		}*/
        $GLOBALS["USER_FIELD_MANAGER"]->EditFormAddFields("FORUM_MESSAGE", $arFields);
        if ($MESSAGE_TYPE == "NEW" || $MESSAGE_TYPE == "REPLY") {
            $arFields["AUTHOR_NAME"] = $arFieldsG["AUTHOR_NAME"];
            $arFields["AUTHOR_EMAIL"] = $arFieldsG["AUTHOR_EMAIL"];
            $arFields["AUTHOR_ID"] = $AUTHOR_ID;
            $arFields["FORUM_ID"] = $FID;
            $arFields["TOPIC_ID"] = $TID;
            $AUTHOR_IP = ForumGetRealIP();
            $AUTHOR_IP_tmp = $AUTHOR_IP;
            $AUTHOR_REAL_IP = $_SERVER['REMOTE_ADDR'];
            if (COption::GetOptionString("forum", "FORUM_GETHOSTBYADDR", "N") == "Y") {
                $AUTHOR_IP = @gethostbyaddr($AUTHOR_IP);
                $AUTHOR_REAL_IP = $AUTHOR_IP_tmp == $AUTHOR_REAL_IP ? $AUTHOR_IP : @gethostbyaddr($AUTHOR_REAL_IP);
            }
            $arFields["AUTHOR_IP"] = $AUTHOR_IP !== False ? $AUTHOR_IP : "<no address>";
            $arFields["AUTHOR_REAL_IP"] = $AUTHOR_REAL_IP !== False ? $AUTHOR_REAL_IP : "<no address>";
            $arFields["NEW_TOPIC"] = $MESSAGE_TYPE == "NEW" ? "Y" : "N";
            $arFields["GUEST_ID"] = $_SESSION["SESS_GUEST_ID"];
            $MID = CForumMessage::Add($arFields, false);
            if (intVal($MID) <= 0) {
                $str = $APPLICATION->GetException();
                if ($str && $str->GetString()) {
                    $aMsg[] = array("id" => "MESSAGE_ID", "text" => $str->GetString());
                } else {
                    $aMsg[] = array("id" => "MESSAGE_ID", "text" => GetMessage("ADDMESS_ERROR_ADD_MESSAGE") . ".");
                }
                if ($MESSAGE_TYPE == "NEW") {
                    CForumTopic::Delete($TID);
                    $TID = 0;
                }
            }
        } else {
            if (empty($AUTHOR_ID)) {
                if (is_set($arFieldsG, "AUTHOR_NAME")) {
                    $arFields["AUTHOR_NAME"] = $arFieldsG["AUTHOR_NAME"];
                }
                if (is_set($arFieldsG, "AUTHOR_EMAIL")) {
                    $arFields["AUTHOR_EMAIL"] = $arFieldsG["AUTHOR_EMAIL"];
                }
            }
            if ($bAddEditNote) {
                $arFields["EDITOR_NAME"] = $arFieldsG["EDITOR_NAME"];
                $arFields["EDITOR_EMAIL"] = $arFieldsG["EDITOR_EMAIL"];
                $arFields["EDIT_REASON"] = $arFieldsG["EDIT_REASON"];
                $arFields["EDIT_DATE"] = "";
                if ($GLOBALS["USER"]->IsAuthorized()) {
                    $arFields["EDITOR_ID"] = $GLOBALS["USER"]->GetID();
                }
            }
            $MID1 = CForumMessage::Update($MID, $arFields);
            if (IntVal($MID1) <= 0) {
                $ex = $GLOBALS['APPLICATION']->GetException();
                if ($ex) {
                    $aMsg[] = array("id" => "MESSAGE_ID", "text" => $ex->GetString());
                } else {
                    $aMsg[] = array("id" => "MESSAGE_ID", "text" => GetMessage("ADDMESS_ERROR_EDIT_MESSAGE") . ".");
                }
            } elseif ($AUTHOR_ID == $GLOBALS["USER"]->GetId() && COption::GetOptionString("forum", "LOGS", "Q") < "U") {
            } else {
                $res_log = array();
                foreach ($arFields as $key => $val) {
                    if ($arFields[$key] != $arMessage[$key]) {
                        if ($key == "FILES" || $key == "ATTACH_IMG") {
                            $res_log[$key] = GetMessage("F_ATTACH_IS_MODIFIED");
                            continue;
                        }
                        $res_log["BeforeMessage"] = $arMessage[$key];
                        $res_log["AfterMessage"] = $arFields[$key];
                    }
                }
                if (!empty($res_log)) {
                    $arMessage = CForumMessage::GetByID($MID);
                    $TID = $arMessage['TOPIC_ID'];
                    $res_log['FORUM_ID'] = $arMessage['FORUM_ID'];
                    $arTopic = CForumTopic::GetByID($TID);
                    $res_log['TITLE'] = $arTopic['TITLE'];
                    $res_log['TOPIC_ID'] = $TID;
                    $res_log = serialize($res_log);
                    CForumEventLog::Log("message", "edit", $MID, $res_log);
                }
            }
        }
    }
    //*************************/Add/edit message ***********************************************************************
    if (empty($aMsg)) {
        $DB->Commit();
    } else {
        $DB->Rollback();
    }
    if (empty($aMsg) && CModule::IncludeModule("statistic")) {
        $F_EVENT1 = $arForum["EVENT1"];
        $F_EVENT2 = $arForum["EVENT2"];
        $F_EVENT3 = $arForum["EVENT3"];
        if (empty($F_EVENT3)) {
            $arForumSite_tmp = CForumNew::GetSites($FID);
            if (defined("ADMIN_SECTION") && ADMIN_SECTION === true) {
                $arForumSiteCode_tmp = array_keys($arForumSite_tmp);
                $F_EVENT3 = CForumNew::PreparePath2Message(empty($arForumSite_tmp[$arForumSiteCode_tmp[0]]) ? '' : $arForumSite_tmp[$arForumSiteCode_tmp[0]], array("FORUM_ID" => $FID, "TOPIC_ID" => $TID, "MESSAGE_ID" => $MID));
            } else {
                $F_EVENT3 = CForumNew::PreparePath2Message(empty($arForumSite_tmp[SITE_ID]) ? '' : $arForumSite_tmp[SITE_ID], array("FORUM_ID" => $FID, "TOPIC_ID" => $TID, "MESSAGE_ID" => $MID));
            }
        }
        CStatistics::Set_Event($F_EVENT1, $F_EVENT2, $F_EVENT3);
    }
    if (empty($aMsg)) {
        $arNote = array();
        if ($MESSAGE_TYPE == "NEW" || $MESSAGE_TYPE == "REPLY") {
            CForumMessage::SendMailMessage($MID, array(), false, "NEW_FORUM_MESSAGE");
            $arNote = array("id" => $MESSAGE_TYPE, "text" => GetMessage("ADDMESS_SUCCESS_ADD") . ". \n");
        } else {
            CForumMessage::SendMailMessage($MID, array(), false, "EDIT_FORUM_MESSAGE");
            $arNote = array("id" => "EDIT", "text" => GetMessage("ADDMESS_SUCCESS_EDIT") . ". \n");
        }
        if ($arFieldsG["APPROVED"] != "Y") {
            $arNote["id"] .= "_NOT_APPROVED";
            $arNote["text"] .= GetMessage("ADDMESS_AFTER_MODERATE") . ". \n";
        }
        if (is_array($strOKMessage)) {
            $strOKMessage[] = $arNote;
        } else {
            $strOKMessage .= $arNote["text"];
        }
        return $MID;
    }
    $e = new CAdminException($aMsg);
    $strErrorMessage = $e->GetString();
    return false;
}
Esempio n. 6
0
                         $userCode = strtoupper($userCode);
                     }
                     $code = $this->CryptData($codeCrypt, "D", $_SESSION["CAPTCHA_PASSWORD"]);
                     if ($code != $userCode) {
                         return False;
                     }
                     return True;
                 }
             }
         }
         $cpt = new CForumTmpCaptcha();
     } else {
         $cpt = new CCaptcha();
     }
     if (strlen($_REQUEST["captcha_code"]) <= 0) {
         if (!$cpt->CheckCode($_POST["captcha_word"], 0)) {
             $arError[] = array("code" => "captcha is empty", "title" => GetMessage("POSTM_CAPTCHA"));
         }
     } elseif (!$cpt->CheckCodeCrypt($_POST["captcha_word"], $_POST["captcha_code"], $captchaPass)) {
         $arError[] = array("code" => "bad captcha", "title" => GetMessage("POSTM_CAPTCHA"));
     }
 }
 // First exit point
 if (!empty($arError)) {
     return false;
 }
 // 1.5 Create Property
 $needProperty = array();
 $PRODUCT_IBLOCK_ID = intVal($arResult["ELEMENT"]["IBLOCK_ID"]);
 $PRODUCT_NAME = Trim($arResult["ELEMENT"]["~NAME"]);
 $FORUM_TOPIC_ID = intVal($arResult["ELEMENT"]["PROPERTY_FORUM_TOPIC_ID_VALUE"]);
Esempio n. 7
0
                         $userCode = strtoupper($userCode);
                     }
                     $code = $this->CryptData($codeCrypt, "D", $_SESSION["CAPTCHA_PASSWORD"]);
                     if ($code != $userCode) {
                         return False;
                     }
                     return True;
                 }
             }
         }
         $cpt = new CForumTmpCaptcha();
     } else {
         $cpt = new CCaptcha();
     }
     if (strlen($post["captcha_code"]) <= 0) {
         if (!$cpt->CheckCode($post["captcha_word"], 0)) {
             $arError[] = array("code" => "captcha is empty", "title" => GetMessage("POSTM_CAPTCHA"));
         }
     } elseif (!$cpt->CheckCodeCrypt($post["captcha_word"], $post["captcha_code"], $captchaPass)) {
         $arError[] = array("code" => "bad captcha", "title" => GetMessage("POSTM_CAPTCHA"));
     }
 }
 $arPost = array('MESSAGE' => trim($post["REVIEW_TEXT"]));
 foreach (GetModuleEvents('forum', 'OnCommentAdd', true) as $arEvent) {
     $result = ExecuteModuleEventEx($arEvent, array($arParams['ENTITY_TYPE'], $arParams['ENTITY_ID'], &$arPost));
     if ($result === false) {
         break;
     }
 }
 if ($result === false && isset($arPost['ERROR'])) {
     // validation failed