Esempio n. 1
0
 function OnCommentAdd($entityType, $entityID, &$arPost)
 {
     global $USER;
     $arParams =& $this->component->arParams;
     $arResult =& $this->component->arResult;
     $iFileSize = intval(COption::GetOptionString("forum", "file_max_size", 5242880));
     $_REQUEST['FILE_NEW'] = isset($_REQUEST['FILE_NEW']) && is_array($_REQUEST['FILE_NEW']) ? $_REQUEST['FILE_NEW'] : array();
     $arPost["FILES"] = array();
     foreach ($_REQUEST['FILE_NEW'] as $fileID) {
         $arPost["FILES"][$fileID] = array("FILE_ID" => $fileID);
         $attach_file = CFile::MakeFileArray(intval($fileID));
         $attach = "";
         if ($attach_file && is_set($attach_file, "name")) {
             if ($arParams["ALLOW_UPLOAD"] == "Y") {
                 $attach = CFile::CheckImageFile($attach_file, $iFileSize, 0, 0);
             } elseif ($arParams["ALLOW_UPLOAD"] == "F") {
                 $attach = CFile::CheckFile($attach_file, $iFileSize, false, $arParams["ALLOW_UPLOAD_EXT"]);
             } elseif ($arParams["ALLOW_UPLOAD"] == "A") {
                 $attach = CFile::CheckFile($attach_file, $iFileSize, false, false);
             }
             if ($attach != '') {
                 unset($arPost['FILES'][$fileID]);
                 $arPost['ERROR'] = $attach_file['name'] . ': ' . $attach;
                 return false;
             }
         }
     }
     return true;
 }
Esempio n. 2
0
			$arFile = array(
				"name" => $fileName,
				"size" => $_FILES["mfi_files"]["size"][$i],
				"tmp_name" => $_FILES["mfi_files"]["tmp_name"][$i],
				"type" => $_FILES["mfi_files"]["type"][$i],
				"MODULE_ID" => $mid
			);

			$res = '';

			if ($arParams["ALLOW_UPLOAD"] == "I"):
				$res = CFile::CheckImageFile($arFile, $max_file_size, 0, 0);
			elseif ($arParams["ALLOW_UPLOAD"] == "F"):
				$res = CFile::CheckFile($arFile, $max_file_size, false, $arParams["ALLOW_UPLOAD_EXT"]);
			else:
				$res = CFile::CheckFile($arFile, $max_file_size, false, false);
			endif;

			if (strlen($res) <= 0)
			{
				$fileID = CFile::SaveFile($arFile, $mid);

				$tmp = array(
					"fileName" => $fileName,
					"fileID" => $fileID
				);

				if ($fileID)
				{
					if (!isset($_SESSION["MFI_UPLOADED_FILES_".$cid]))
					{
Esempio n. 3
0
 public static function TryUploadFile(&$result, $options = array())
 {
     //Options initialization -->
     $ownerTypeID = isset($options['OWNER_TYPE_ID']) ? intval($options['OWNER_TYPE_ID']) : CCrmOwnerType::Undefined;
     if ($ownerTypeID !== CCrmOwnerType::Undefined && !CCrmOwnerType::IsDefined($ownerTypeID)) {
         $ownerTypeID = CCrmOwnerType::Undefined;
     }
     $ownerID = isset($options['OWNER_ID']) ? max(intval($options['OWNER_ID']), 0) : 0;
     $scope = isset($options['SCOPE']) ? strtoupper($options['SCOPE']) : '';
     if (!in_array($scope, array('I', 'A', 'F'), true)) {
         $scope = '';
     }
     $extensions = isset($options['EXTENSIONS']) && is_array($options['EXTENSIONS']) ? $options['EXTENSIONS'] : array();
     $maxFileSize = isset($options['MAX_FILE_SIZE']) ? max(intval($options['MAX_FILE_SIZE']), 0) : 0;
     //<-- Options initialization
     if (!is_array($result)) {
         $result = array();
     }
     $file = is_array($_FILES) && isset($_FILES['file']) ? $_FILES['file'] : null;
     if (!is_array($file)) {
         $result['ERROR_MESSAGE'] = 'No files';
         return false;
     }
     $file['MODULE_ID'] = 'crm';
     if ($scope === 'I') {
         $error = CFile::CheckImageFile($file, $maxFileSize, 0, 0);
     } elseif ($scope === 'F') {
         $error = CFile::CheckFile($file, $maxFileSize, false, implode(',', $extensions));
     } else {
         $error = CFile::CheckFile($file, $maxFileSize, false, false);
     }
     $isValid = !(is_string($error) && $error !== '');
     if (!$isValid) {
         $result['ERROR_MESSAGE'] = $error;
         return false;
     }
     $fileID = CFile::SaveFile($file, 'crm');
     if (!is_int($fileID) || $fileID <= 0) {
         $result['ERROR_MESSAGE'] = 'General error.';
         return false;
     }
     if ($ownerTypeID != CCrmOwnerType::Undefined) {
         $key = 'CRM_MBL_' . CCrmOwnerType::ResolveName($ownerTypeID) . '_' . $ownerID . '_FILES';
         if (!isset($_SESSION[$key])) {
             $_SESSION[$key] = array();
         }
         $_SESSION[$key][] = $fileID;
     }
     $result['FILE_ID'] = $fileID;
     return true;
 }
Esempio n. 4
0
						if (isset($arrAdvert['PARENTS'][$intParentId][$arrFieldProp[$strNameField]]) && count($arrAdvert['PARENTS'][$intParentId][$arrFieldProp[$strNameField]])) {
							foreach ($arrAdvert['PARENTS'][$intParentId][$arrFieldProp[$strNameField]] as $intPropID => $intFileID) {
								if ($intFileID == intval($_REQUEST['file_id'])) {
									CIBlockElement::SetPropertyValueCode($intParentId, $arrFieldProp[$strNameField], array($intPropID => array('VALUE' => array('MODULE_ID' => 'iblock', 'del' => 'Y'))));
									break;
								}//\\ if
							}//\\ foreach
						}//\\ if
					}//\\ if
				} elseif ($_REQUEST['action'] == 'file') {
					// Сохраним файл
					$arrFile = $_FILES[$strNameField];
					$arrFile['MODULE_ID'] = 'iblock';

					//$res = CFile::CheckImageFile($arrFile, 20971520, 4000, 4000);
					$res = CFile::CheckFile($arrFile, 20971520, false, 'txt,doc,docx,xls,xlsx');
					if (strlen($res)) {
						$arrResult['error'] = $res;
						$arrResult['result'] = 'fail';
					} else {
						if ($strTypeBlock == 'P' && $intParentId) {
							// Это свойство родителя
							CIBlockElement::SetPropertyValueCode($intParentId, $arrFieldProp[$strNameField], array('VALUE' => $arrFile));
							
							// Получим заново свойство
							$arrAdvert['PARENTS'][$intParentId][$arrFieldProp[$strNameField]] = array();
							//$arrFileNew = array();
							$res = CIBlockElement::GetProperty($intParentBlockID, $intParentId, 'sort', 'asc', array('ACTIVE' => 'Y', 'CODE' => $arrFieldProp[$strNameField]));
					    	while ($ob = $res->GetNext()) {
				    			if (intval($ob['VALUE'])) $arrAdvert['PARENTS'][$intParentId][$ob['CODE']][] = intval($ob['VALUE']);
					   		}//\\ while
Esempio n. 5
0
            $arResult['duplicate_url'] = SITE_DIR . 'bitrix/components/bitrix/crm.lead.import/show_file.php?name=duplicate';
        }
        Header('Content-Type: application/x-javascript; charset=' . LANG_CHARSET);
        echo CUtil::PhpToJsObject($arResult);
        die;
    }
}
$strError = '';
$arResult['STEP'] = isset($_POST['step']) ? intval($_POST['step']) : 1;
if ($_SERVER['REQUEST_METHOD'] == 'POST' && check_bitrix_sessid()) {
    if (isset($_POST['next'])) {
        if ($arResult['STEP'] == 1) {
            if ($_FILES['IMPORT_FILE']['error'] > 0) {
                ShowError(GetMessage('CRM_CSV_NF_ERROR'));
            } else {
                $error = CFile::CheckFile($_FILES['IMPORT_FILE'], 0, 0, 'csv,txt');
                if ($error !== '') {
                    ShowError($error);
                } else {
                    if (isset($_SESSION['CRM_IMPORT_FILE'])) {
                        unset($_SESSION['CRM_IMPORT_FILE']);
                    }
                    $sTmpFilePath = CTempFile::GetDirectoryName(12, 'crm');
                    CheckDirPath($sTmpFilePath);
                    $_SESSION['CRM_IMPORT_FILE_SKIP_EMPTY'] = isset($_POST['IMPORT_FILE_SKIP_EMPTY']) && $_POST['IMPORT_FILE_SKIP_EMPTY'] == 'Y' ? true : false;
                    $_SESSION['CRM_IMPORT_FILE_FIRST_HEADER'] = isset($_POST['IMPORT_FILE_FIRST_HEADER']) && $_POST['IMPORT_FILE_FIRST_HEADER'] == 'Y' ? true : false;
                    $_SESSION['CRM_IMPORT_FILE'] = $sTmpFilePath . md5($_FILES['IMPORT_FILE']['tmp_name']) . '.tmp';
                    $_SESSION['CRM_IMPORT_FILE_POS'] = 0;
                    move_uploaded_file($_FILES['IMPORT_FILE']['tmp_name'], $_SESSION['CRM_IMPORT_FILE']);
                    @chmod($_SESSION['CRM_IMPORT_FILE'], BX_FILE_PERMISSIONS);
                    if (isset($_POST['IMPORT_FILE_ENCODING'])) {
Esempio n. 6
0
 function OnCommentAdd($entityType, $entityID, &$arPost)
 {
     global $USER;
     $arParams =& $this->component->arParams;
     $arResult =& $this->component->arResult;
     $arForum =& $arResult['FORUM'];
     $iFileSize = intval(COption::GetOptionString("forum", "file_max_size", 50000));
     $arCommentParams = array("FORUM_ID" => $arParams["FORUM_ID"], "TOPIC_ID" => null, "USER_ID" => $USER->IsAuthorized() ? $USER->GetID() : null);
     $arFiles = $arNewFiles = array();
     if (isset($_REQUEST['FILE_NEW']) && is_array($_REQUEST['FILE_NEW'])) {
         foreach ($_REQUEST['FILE_NEW'] as $val) {
             $arNewFiles[$val] = array("FILE_ID" => $val);
         }
     }
     if (isset($_REQUEST['FILES']) && is_array($_REQUEST['FILES'])) {
         foreach ($_REQUEST['FILES'] as $val) {
             if (in_array($val, $_REQUEST["FILES_TO_UPLOAD"])) {
                 $arFiles[$val] = array("FILE_ID" => $val);
             }
         }
     }
     if (!empty($arNewFiles)) {
         CForumFiles::Add(array_keys($arNewFiles), $arCommentParams);
     }
     $arFiles = $arFiles + $arNewFiles;
     if (!isset($arPost['FILES'])) {
         $arPost['FILES'] = array();
     }
     $arPost['FILES'] = array_merge($arPost['FILES'], $arFiles);
     foreach ($arPost['FILES'] as $fileIndex => $fileArr) {
         $fileID = $fileArr['FILE_ID'];
         $attach_file = CFile::MakeFileArray(intval($fileID));
         $attach = "";
         if ($attach_file && is_set($attach_file, "name")) {
             // Y - Image files		F - Files of specified type		A - All files
             if ($arForum["ALLOW_UPLOAD"] == "Y") {
                 $attach = CFile::CheckImageFile($attach_file, $iFileSize, 0, 0);
             } elseif ($arForum["ALLOW_UPLOAD"] == "F") {
                 $attach = CFile::CheckFile($attach_file, $iFileSize, false, $arForum["ALLOW_UPLOAD_EXT"]);
             } elseif ($arForum["ALLOW_UPLOAD"] == "A") {
                 $attach = CFile::CheckFile($attach_file, $iFileSize, false, false);
             }
             if ($attach != '') {
                 unset($arPost['FILES'][$fileIndex]);
                 $arPost['ERROR'] = $attach_file['name'] . ': ' . $attach;
                 return false;
             }
         }
     }
 }
Esempio n. 7
0
 public static function CheckFile($arFile, $iMaxSize = 0, $iMaxWidth = 0, $iMaxHeight = 0, $access_typies = array(), $bForceMD5 = false, $bSkipExt = false)
 {
     if ($arFile["name"] == "") {
         return "";
     }
     if (preg_match("#^php://filter#i", $arFile["tmp_name"])) {
         return GetMessage("FILE_BAD_FILE_TYPE") . ".<br>";
     }
     $extension = GetFileExtension(strtolower($arFile["name"]));
     switch ($extension) {
         case "jpg":
         case "jpeg":
         case "gif":
         case "bmp":
         case "png":
             $file_type = "IMAGE";
             break;
         case "swf":
             $file_type = "FLASH";
             break;
         case "mp4":
         case "webm":
         case "ogg":
             $file_type = "VIDEO";
             break;
         default:
             $file_type = "UNKNOWN";
     }
     // IMAGE by default
     $flashEnabled = false;
     if (!in_array($file_type, $access_typies)) {
         $file_type = "IMAGE";
     }
     if ($file_type == "FLASH") {
         $flashEnabled = true;
         static $flashMime = array("application/x-shockwave-flash", "application/vnd.adobe.flash.movie");
         $res = CFile::CheckFile($arFile, $iMaxSize, $flashMime, CFile::GetFlashExtensions(), $bForceMD5, $bSkipExt);
     } else {
         if ($file_type == "VIDEO") {
             $res = CFile::CheckFile($arFile, $iMaxSize, "video/", "mp4,webm,ogg", $bForceMD5, $bSkipExt);
         } else {
             $res = CFile::CheckFile($arFile, $iMaxSize, "image/", CFile::GetImageExtensions(), $bForceMD5, $bSkipExt);
         }
     }
     if ($res != '') {
         return $res;
     }
     if ($file_type == 'IMAGE' || $file_type == "FLASH") {
         $imgArray = CFile::GetImageSize($arFile["tmp_name"], true, $flashEnabled);
         if (is_array($imgArray)) {
             $intWIDTH = $imgArray[0];
             $intHEIGHT = $imgArray[1];
         } else {
             return GetMessage("FILE_BAD_FILE_TYPE") . ".<br>";
         }
         //check for dimensions
         if ($iMaxWidth > 0 && ($intWIDTH > $iMaxWidth || $intWIDTH == 0) || $iMaxHeight > 0 && ($intHEIGHT > $iMaxHeight || $intHEIGHT == 0)) {
             return GetMessage("FILE_BAD_MAX_RESOLUTION") . " (" . $iMaxWidth . " * " . $iMaxHeight . " " . GetMessage("main_include_dots") . ").<br>";
         }
     }
     return null;
 }
Esempio n. 8
0
    $arLang[$res["LID"]] = $res;
    $arLangTitle["reference_id"][] = $res["LID"];
    $arLangTitle["reference"][] = htmlspecialcharsbx($res["NAME"]);
}
$bInitVars = false;
$bImportComplete = false;
$APPLICATION->SetTitle(GetMessage("SMILE_IMPORT_TITLE"));
$fileName = '';
if ($REQUEST_METHOD == "POST" && (strlen($save) > 0 || strlen($apply) > 0)) {
    $fileName = 'import' . $USER->GetID() . time() . '.zip';
    if (!check_bitrix_sessid()) {
        $arError[] = array("id" => "bad_sessid", "text" => GetMessage("ERROR_BAD_SESSID"));
    } elseif (!empty($_FILES["IMPORT"]["tmp_name"])) {
        $sUploadDir = CTempFile::GetDirectoryName(1);
        CheckDirPath($sUploadDir);
        $res = CFile::CheckFile($_FILES["IMPORT"], 500000, false, 'zip');
        if (strLen($res) > 0) {
            $arError[] = array("id" => "IMPORT", "text" => $res);
        } elseif (file_exists($sUploadDir . $fileName)) {
            $arError[] = array("id" => "IMPORT", "text" => GetMessage("ERROR_EXISTS_FILE"));
        } elseif (!@copy($_FILES["IMPORT"]["tmp_name"], $sUploadDir . $fileName)) {
            $arError[] = array("id" => "IMPORT", "text" => GetMessage("ERROR_COPY_FILE"));
        } else {
            @chmod($sUploadDir . $fileName, BX_FILE_PERMISSIONS);
        }
    } elseif (empty($_FILES["IMPORT"]["tmp_name"])) {
        $arError[] = array("id" => "IMPORT", "text" => GetMessage("ERROR_EXISTS_FILE"));
    }
    if (empty($arError)) {
        $GLOBALS["APPLICATION"]->ResetException();
        $importCount = CSmile::import(array('FILE' => $sUploadDir . $fileName, 'SET_ID' => intval($_REQUEST['SET_ID'])));
Esempio n. 9
0
 public function CheckFields(&$arFields, $ID = false, $options = array())
 {
     global $APPLICATION, $USER_FIELD_MANAGER;
     $this->LAST_ERROR = '';
     if (($ID == false || isset($arFields['NAME']) && isset($arFields['LAST_NAME'])) && (empty($arFields['NAME']) && empty($arFields['LAST_NAME']))) {
         $this->LAST_ERROR .= GetMessage('CRM_ERROR_REQUIRED_FIELDS') . "<br />";
     }
     if (isset($arFields['FM']) && is_array($arFields['FM'])) {
         $CCrmFieldMulti = new CCrmFieldMulti();
         if (!$CCrmFieldMulti->CheckComplexFields($arFields['FM'])) {
             $this->LAST_ERROR .= $CCrmFieldMulti->LAST_ERROR;
         }
     }
     if (isset($arFields['PHOTO']) && is_array($arFields['PHOTO'])) {
         if (($strError = CFile::CheckFile($arFields['PHOTO'], 0, 0, CFile::GetImageExtensions())) != '') {
             $this->LAST_ERROR .= $strError . "<br />";
         }
     }
     if (isset($arFields['BIRTHDATE']) && $arFields['BIRTHDATE'] !== '' && !CheckDateTime($arFields['BIRTHDATE'])) {
         $this->LAST_ERROR .= GetMessage('CRM_ERROR_FIELD_INCORRECT', array('%FIELD_NAME%' => self::GetFieldCaption('BIRTHDATE'))) . "<br />";
     }
     $enableUserFildCheck = !(is_array($options) && isset($options['DISABLE_USER_FIELD_CHECK']) && $options['DISABLE_USER_FIELD_CHECK'] === true);
     if ($enableUserFildCheck) {
         // We have to prepare field data before check (issue #22966)
         CCrmEntityHelper::NormalizeUserFields($arFields, self::$sUFEntityID, $USER_FIELD_MANAGER, array('IS_NEW' => $ID == false));
         if (!$USER_FIELD_MANAGER->CheckFields(self::$sUFEntityID, $ID, $arFields)) {
             $e = $APPLICATION->GetException();
             $this->LAST_ERROR .= $e->GetString();
         }
     }
     return $this->LAST_ERROR === '';
 }
Esempio n. 10
0
 public function CheckFields(&$arFields, $ID = false, $options = array())
 {
     global $APPLICATION, $USER_FIELD_MANAGER;
     $this->LAST_ERROR = '';
     if (($ID == false || isset($arFields['TITLE'])) && empty($arFields['TITLE'])) {
         $this->LAST_ERROR .= GetMessage('CRM_ERROR_FIELD_IS_MISSING', array('%FIELD_NAME%' => GetMessage('CRM_FIELD_TITLE'))) . "<br />";
     }
     if (isset($arFields['FM']) && is_array($arFields['FM'])) {
         $CCrmFieldMulti = new CCrmFieldMulti();
         if (!$CCrmFieldMulti->CheckComplexFields($arFields['FM'])) {
             $this->LAST_ERROR .= $CCrmFieldMulti->LAST_ERROR;
         }
     }
     if (isset($arFields['LOGO']) && is_array($arFields['LOGO'])) {
         if (($strError = CFile::CheckFile($arFields['LOGO'], 0, 0, CFile::GetImageExtensions())) != '') {
             $this->LAST_ERROR .= $strError . "<br />";
         }
     }
     $enableUserFildCheck = !(is_array($options) && isset($options['DISABLE_USER_FIELD_CHECK']) && $options['DISABLE_USER_FIELD_CHECK'] === true);
     if ($enableUserFildCheck) {
         // We have to prepare field data before check (issue #22966)
         CCrmEntityHelper::NormalizeUserFields($arFields, self::$sUFEntityID, $USER_FIELD_MANAGER, array('IS_NEW' => $ID == false));
         if (!$USER_FIELD_MANAGER->CheckFields(self::$sUFEntityID, $ID, $arFields)) {
             $e = $APPLICATION->GetException();
             $this->LAST_ERROR .= $e->GetString();
         }
     }
     if (strlen($this->LAST_ERROR) > 0) {
         return false;
     }
     return true;
 }
Esempio n. 11
0
	/**
	 * Checks file params
	 * @param $file
	 * @param $arFile
	 * @return mixed|null|string
	 */
	private function checkFile($file, &$arFile)
	{

		$error = "";

		if ($file["error"] > 0)
			$error = "BXU348: " . $file["error"];
		else if (!is_uploaded_file($file['tmp_name']))
			$error = "BXU348";
		else if (!file_exists($file['tmp_name']))
			$error = "BXU347";
		elseif ($this->params["allowUpload"] == "F")
			$error = CFile::CheckFile($file, $this->params["uploadMaxFilesize"], false, $this->params["allowUploadExt"]);
		else
			$error = CFile::CheckFile($file, $this->params["uploadMaxFilesize"]);

		if (strlen($error) <= 0)
		{
			$key = (preg_match("/\\\\(.+?)\\\\/", $file["~name"], $matches) ? $matches[1] : "default");
			$res = (array_key_exists($key, $arFile["files"]) ? $arFile["files"][$key] : array("copy" => $key));

			if (preg_match("/\/(\d+)\/(\d+)\//", $file["~name"], $matches))
			{
				$file["package"] = $matches[2];
				$file["packages"] = $matches[1];
				$res["packages"] = $matches[1];
				$res["chunks"] = (is_array($res["chunks"]) ? $res["chunks"] : array());
				$res["chunks"][self::getChunkKey($file["packages"], $file["package"])] = $file;
				$arFile["files"][$key] = $res;
			}
			else
			{
				if ($this->params["allowUpload"] == "I")
					$error = CFile::CheckImageFile($file, $this->params["uploadMaxFilesize"], 0, 0);
				if (strlen($error) <= 0)
				{
					$res = array_merge($res, $file);
					$arFile["files"][$key] = $res;
				}
			}
		}
		if (strlen($error) > 0)
		{
			$arFile["error"] = $error;
		}

		return $error;
	}
Esempio n. 12
0
        }
        $_SESSION['CRM_IMPORT_FILE_POS'] = $filePos;
        $_SESSION['CRM_IMPORT_FILE_FIRST_HEADER'] = false;
        Header('Content-Type: application/x-javascript; charset=' . LANG_CHARSET);
        echo CUtil::PhpToJsObject($arResult);
        die;
    }
}
$strError = '';
$arResult['STEP'] = isset($_POST['step']) ? intval($_POST['step']) : 1;
if ($_SERVER['REQUEST_METHOD'] == 'POST' && check_bitrix_sessid()) {
    if (isset($_POST['next'])) {
        if ($arResult['STEP'] == 1) {
            if ($_FILES['IMPORT_FILE']['error'] > 0) {
                ShowError(GetMessage('CRM_PRODUCT_IMP_CSV_NF_ERROR'));
            } elseif (($strError = CFile::CheckFile($_FILES['IMPORT_FILE'], 0, 0, 'csv,txt')) == '') {
                $arFields = array('' => '');
                $arFieldsUpper = array();
                foreach ($arResult['HEADERS'] as $arField) {
                    if ($arField['id'] === 'SECTION_ID') {
                        for ($i = 1; $i <= $catalogImportLevels; $i++) {
                            $arFields[$arField['id'] . '_' . $i] = GetMessage('CRM_PRODUCT_IMP_SECTION_HEADER', array('#LEVEL_NUM#' => $i));
                            $arFieldsUpper[$arField['id'] . '_' . $i] = ToUpper(GetMessage('CRM_PRODUCT_IMP_SECTION_HEADER', array('#LEVEL_NUM#' => $i)));
                        }
                    } else {
                        //echo '"'.$arField['name'].'";';
                        $arFields[$arField['id']] = $arField['name'];
                        $arFieldsUpper[$arField['id']] = ToUpper($arField['name']);
                        if ($arField['mandatory'] == 'Y') {
                            $arRequireFields[$arField['id']] = $arField['name'];
                        }
Esempio n. 13
0
function ForumMoveMessage($FID, $TID, $Message, $NewTID = 0, $arFields, &$strErrorMessage, &$strOKMessage, $iFileSize = false)
{
	global $USER, $DB;
	$arError = array();
	$arOK = array();
	$NewFID = 0;
	$arForum = array();
	$arTopic = array();
	$arNewForum = array();
	$arNewTopic = array();
	$arCurrUser = array();
	$SendSubscribe = false;

//************************* Input params **************************************************************************
	$TID = IntVal($TID);
	$FID = IntVal($FID);
	$NewTID = IntVal($NewTID);
	$Message = ForumDataToArray($Message);
	if (empty($Message))
		$arError[] = GetMessage("FMM_NO_MESSAGE");
	if ($TID <= 0)
		$arError[] = GetMessage("FMM_NO_TOPIC_SOURCE0");
	else
	{
		$arTopic = CForumTopic::GetByID($TID);
		if ($arTopic)
		{
			$FID = IntVal($arTopic["FORUM_ID"]);
			$arForum = CForumNew::GetByID($FID);
		}
		else
			$arError[] = GetMessage("FMM_NO_TOPIC_SOURCE1");
	}

	if (($NewTID <= 0) && (strLen(trim($arFields["TITLE"])) <= 0))
		$arError[] = GetMessage("FMM_NO_TOPIC_RECIPIENT0");
	elseif($NewTID > 0)
	{
		if ($NewTID == $TID)
			$arError[] = GetMessage("FMM_NO_TOPIC_EQUAL");
		$arNewTopic = CForumTopic::GetByID($NewTID);

		if (!$arNewTopic)
			$arError[] = GetMessage("FMM_NO_TOPIC_RECIPIENT1");
		elseif ($arNewTopic["STATE"] == "L")
			$arError[] = GetMessage("FMM_TOPIC_IS_LINK");
		else
		{
			$NewFID =  $arNewTopic["FORUM_ID"];
			$arNewForum = CForumNew::GetByID($NewFID);
		}
	}
//*************************/Input params **************************************************************************
//*************************!Proverka prav pol'zovatelya na forume-istochnike i forume-poluchatele*********************
// Tak kak realizovan mehanizm peremeweniya tem s forumov, gde tekuwij pol'zovatel' yavlyaetsya moderatorom na forumy,
// gde on moderatorov ne yavlyaetsya, to v dannom sluchae budet ispol'zovan tot zhe samyj shablon dejstvij. Isklyucheniem
// yavlyaetsya to, chto esli pol'zovatel' na forume-poluchatele ne obladaet pravami moderirovaniya, tema budet neaktivna.
//*************************!Proverka prav pol'zovatelya*************************************************************
	$arCurrUser["Perms"]["FID"] = ForumCurrUserPermissions($FID);
	$arCurrUser["Perms"]["NewFID"] = ForumCurrUserPermissions($NewFID);
	if ($arCurrUser["Perms"]["FID"] < "Q")
		$arError[] = GetMessage("FMM_NO_MODERATE");
//************************* Actions *******************************************************************************
	$DB->StartTransaction();
	if (count($arError) <= 0)
	{
		// Create topic
		if ($NewTID <= 0)
		{
			$arFields["APPROVED"] = ($arNewForum["MODERATION"]=="Y") ? "N" : "Y";
			if ($arCurrUser["Perms"]["NewFID"] >= "Q")
				$arFields["APPROVED"] = "Y";

			$arRes = array("NAME" => GetMessage("FR_GUEST"));
			$ShowName = GetMessage("FR_GUEST");
			$db_res = CForumMessage::GetList(array("ID" => "ASC"), array("@ID" => implode(",", $Message), "TOPIC_ID" => $TID));
			if ($db_res && $res = $db_res->Fetch())
			{
				$arRes["NAME"] = $res["AUTHOR_NAME"];
				$arRes["ID"] = $res["AUTHOR_ID"];
			}
			$arFieldsTopic = array(
				"TITLE"			=> $arFields["TITLE"],
				"DESCRIPTION"	=> $arFields["DESCRIPTION"],
				"ICON_ID"		=> $arFields["ICON_ID"],
				"TAGS"		=> $arFields["TAGS"],
				"FORUM_ID"		=> $FID,
				"USER_START_ID" => $arRes["ID"],
				"USER_START_NAME" => $arRes["NAME"],
				"LAST_POSTER_NAME" => $arRes["NAME"],
				"LAST_POSTER_ID" => $arRes["ID"],
				"APPROVED" => $arFields["APPROVED"],
			);
			$NewTID = CForumTopic::Add($arFieldsTopic);
			if (IntVal($NewTID)<=0)
				$arError[] = GetMessage("FMM_NO_TOPIC_NOT_CREATED");
			else
			{
				$arNewTopic = CForumTopic::GetByID($NewTID);
				if ($arNewTopic)
				{
					$NewFID = $FID;
					$arNewForum = $arForum;
					$SendSubscribe = true;
				}
				else
					$arError[] = GetMessage("FMM_NO_TOPIC_NOT_CREATED");
			}
		}
	}

	if (count($arError) <= 0)
	{
		// Move message
		$db_res = CForumMessage::GetList(array(), array("@ID" => implode(",", $Message), "TOPIC_ID" => $TID));
		if ($db_res && $res = $db_res->Fetch())
		{
			do
			{
//				echo "NewFID: ".$NewFID." -- FID:".$FID."<br/>";
				$arMessage = array();
				if ($NewFID != $FID)
				{
					$arMessage["APPROVED"] = ($arNewForum["MODERATION"] == "Y" ? "N" : "Y");
					if ($arCurrUser["Perms"]["NewFID"] >= "Q")
						$arMessage["APPROVED"] = "Y";

					$arMessage["FORUM_ID"] = $NewFID;
					$arMessage["POST_MESSAGE_HTML"] = "";
					// check attach
					if (false && intVal($res["ATTACH_IMG"]) > 0)
					{
						$iFileSize = COption::GetOptionString("forum", "file_max_size", 50000);
						$attach_img = CFile::GetByID(intVal($res["ATTACH_IMG"]));
						$attach = "";
						if ($attach_img && is_set($attach_img, "ORIGINAL_NAME"))
						{
							// Y - Image files		F - Files of specified type		A - All files
							if ($arNewForum["ALLOW_UPLOAD"]=="Y")
								$attach = CFile::CheckImageFile($attach_img["ORIGINAL_NAME"], $iFileSize, 0, 0);
							elseif ($arNewForum["ALLOW_UPLOAD"]=="F")
								$attach = CFile::CheckFile($attach_img["ORIGINAL_NAME"], $iFileSize, false, $arNewForum["ALLOW_UPLOAD_EXT"]);
							elseif ($arNewForum["ALLOW_UPLOAD"]=="A")
								$attach = CFile::CheckFile($attach_img["ORIGINAL_NAME"], $iFileSize, false, false);
							if (strLen($attach) > 0)
								$arMessage["ATTACH_IMG"] = "";
						}
					}
				}

				if ($NewTID != $TID)
				{
					$arMessage["NEW_TOPIC"] = "N";
					$arMessage["TOPIC_ID"] = $NewTID;
				}

				if (count($arMessage) > 0)
				{
					$MID = CForumMessage::Update($res["ID"], $arMessage, true);
					$res_log = ($SendSubscribe == true ? GetMessage("F_MESSAGE_WAS_MOVED_TO_NEW") : GetMessage("F_MESSAGE_WAS_MOVED"));
					$res_log = str_replace(array("#ID#", "#TOPIC_TITLE#", "#TOPIC_ID#", "#NEW_TOPIC_TITLE#", "#NEW_TOPIC_ID#"),
						array($MID, $arTopic["TITLE"], $arTopic["ID"], $arNewTopic['TITLE'], $arNewTopic['ID']), $res_log);
					$res["TITLE"] = $arNewTopic['TITLE'];
					$res["TOPIC_ID"] = $arNewTopic['ID'];
					$res["beforeTITLE"] = $arTopic["TITLE"];
					$res["DESCRIPTION"] = $res_log;
					CForumEventLog::Log("message", "move", $MID, serialize($res));
					$db_res2 = CForumFiles::GetList(array(), array("FILE_MESSAGE_ID" => $res["ID"]));
					if ($db_res2 && $res2 = $db_res2->Fetch())
					{
						$arFiles = array();
						do
						{
							$arFiles[] = $res2["FILE_ID"];
						} while ($res2 = $db_res2->Fetch());
						CForumFiles::UpdateByID($arFiles, $arMessage);
					}
					if (IntVal($MID) <= 0)
					{
						$arError[] = str_replace("##", $res["ID"], GetMessage("FMM_NO_MESSAGE_MOVE"));
						break;
					}
				}
			}while ($res = $db_res->Fetch());
		}
	}

	if (count($arError) <= 0)
	{
		$db_res = CForumMessage::GetList(array(), array("TOPIC_ID" => $TID), false, 1);
		if (!($db_res && $res = $db_res->Fetch())):
			CForumTopic::Delete($TID);
		else:
			CForumTopic::SetStat($TID);
		endif;

		$db_res = CForumMessage::GetList(array(), array("TOPIC_ID" => $NewTID), false, 1);
		if (!($db_res && $res = $db_res->Fetch())):
			CForumTopic::Delete($NewTID);
		else:
			CForumTopic::SetStat($NewTID);
		endif;

		CForumNew::SetStat($FID);
		if ($NewFID != $FID)
			CForumNew::SetStat($NewFID);
	}
	if (count($arError) <= 0)
		$DB->Commit();
	else
		$DB->Rollback();

	if (count($arError) > 0)
		$strErrorMessage .= implode(". \n", $arError).". \n";
	else
	{
		$strOKMessage .= GetMessage("FMM_YES_MESSAGE_MOVE");
		if ($SendSubscribe)
		{
			foreach ($Message as $MID)
				CForumMessage::SendMailMessage($MID, array(), false, "NEW_FORUM_MESSAGE");
		}
		return true;
	}
	return false;
}
Esempio n. 14
0
 function CheckFields($arUserField, $value)
 {
     $aMsg = array();
     if ($arUserField["SETTINGS"]["MAX_ALLOWED_SIZE"] > 0 && $value["size"] > $arUserField["SETTINGS"]["MAX_ALLOWED_SIZE"]) {
         $aMsg[] = array("id" => $arUserField["FIELD_NAME"], "text" => GetMessage("USER_TYPE_FILE_MAX_SIZE_ERROR", array("#FIELD_NAME#" => $arUserField["EDIT_FORM_LABEL"], "#MAX_ALLOWED_SIZE#" => $arUserField["SETTINGS"]["MAX_ALLOWED_SIZE"])));
     }
     //Extention check
     if (is_array($arUserField["SETTINGS"]["EXTENSIONS"]) && count($arUserField["SETTINGS"]["EXTENSIONS"])) {
         foreach ($arUserField["SETTINGS"]["EXTENSIONS"] as $ext => $tmp_val) {
             $arUserField["SETTINGS"]["EXTENSIONS"][$ext] = $ext;
         }
         $error = CFile::CheckFile($value, 0, false, implode(",", $arUserField["SETTINGS"]["EXTENSIONS"]));
     } else {
         $error = "";
     }
     if (strlen($error)) {
         $aMsg[] = array("id" => $arUserField["FIELD_NAME"], "text" => $error);
     }
     //For user without edit php permissions
     //we allow only pictures upload
     global $USER;
     if (!is_object($USER) || !$USER->IsAdmin()) {
         if (HasScriptExtension($value["name"])) {
             $aMsg[] = array("id" => $arUserField["FIELD_NAME"], "text" => GetMessage("FILE_BAD_TYPE") . " (" . $value["name"] . ").");
         }
     }
     return $aMsg;
 }
Esempio n. 15
0
 public static function CheckImageFile($arFile, $iMaxSize = 0, $iMaxWidth = 0, $iMaxHeight = 0, $access_typies = array(), $bForceMD5 = false, $bSkipExt = false)
 {
     if ($arFile["name"] == "") {
         return "";
     }
     if (preg_match("#^php://filter#i", $arFile["tmp_name"])) {
         return GetMessage("FILE_BAD_FILE_TYPE") . ".<br>";
     }
     $file_type = GetFileType($arFile["name"]);
     // IMAGE by default
     $flashEnabled = false;
     if (!in_array($file_type, $access_typies)) {
         $file_type = "IMAGE";
     }
     if ($file_type == "FLASH") {
         $flashEnabled = true;
         static $flashMime = array("application/x-shockwave-flash", "application/vnd.adobe.flash.movie");
         $res = CFile::CheckFile($arFile, $iMaxSize, $flashMime, CFile::GetFlashExtensions(), $bForceMD5, $bSkipExt);
     } else {
         $res = CFile::CheckFile($arFile, $iMaxSize, "image/", CFile::GetImageExtensions(), $bForceMD5, $bSkipExt);
     }
     if ($res != '') {
         return $res;
     }
     $imgArray = CFile::GetImageSize($arFile["tmp_name"], true, $flashEnabled);
     if (is_array($imgArray)) {
         $intWIDTH = $imgArray[0];
         $intHEIGHT = $imgArray[1];
     } else {
         return GetMessage("FILE_BAD_FILE_TYPE") . ".<br>";
     }
     //check for dimensions
     if ($iMaxWidth > 0 && ($intWIDTH > $iMaxWidth || $intWIDTH == 0) || $iMaxHeight > 0 && ($intHEIGHT > $iMaxHeight || $intHEIGHT == 0)) {
         return GetMessage("FILE_BAD_MAX_RESOLUTION") . " (" . $iMaxWidth . " * " . $iMaxHeight . " " . GetMessage("main_include_dots") . ").<br>";
     }
     return null;
 }
Esempio n. 16
0
 function CheckFields(&$arFields, $ID = false, $bCheckDiskQuota = true)
 {
     global $DB, $APPLICATION, $USER;
     $this->LAST_ERROR = "";
     $APPLICATION->ResetException();
     if ($ID === false) {
         $db_events = GetModuleEvents("iblock", "OnStartIBlockElementAdd", true);
     } else {
         $arFields["ID"] = $ID;
         $db_events = GetModuleEvents("iblock", "OnStartIBlockElementUpdate", true);
     }
     foreach ($db_events as $arEvent) {
         $bEventRes = ExecuteModuleEventEx($arEvent, array(&$arFields));
         if ($bEventRes === false) {
             break;
         }
     }
     if (($ID === false || is_set($arFields, "NAME")) && strlen($arFields["NAME"]) <= 0) {
         $this->LAST_ERROR .= GetMessage("IBLOCK_BAD_ELEMENT_NAME") . "<br>";
     }
     if (isset($arFields["ACTIVE_FROM"]) && $arFields["ACTIVE_FROM"] != '' && !$DB->IsDate($arFields["ACTIVE_FROM"], false, LANG, "FULL")) {
         $this->LAST_ERROR .= GetMessage("IBLOCK_BAD_ACTIVE_FROM") . "<br>";
     }
     if (isset($arFields["ACTIVE_TO"]) && $arFields["ACTIVE_TO"] != '' && !$DB->IsDate($arFields["ACTIVE_TO"], false, LANG, "FULL")) {
         $this->LAST_ERROR .= GetMessage("IBLOCK_BAD_ACTIVE_TO") . "<br>";
     }
     if (is_set($arFields, "PREVIEW_PICTURE")) {
         if (is_array($arFields["PREVIEW_PICTURE"]) && array_key_exists("bucket", $arFields["PREVIEW_PICTURE"]) && is_object($arFields["PREVIEW_PICTURE"]["bucket"])) {
             //This is trusted image from xml import
         } elseif (is_array($arFields["PREVIEW_PICTURE"])) {
             $error = CFile::CheckImageFile($arFields["PREVIEW_PICTURE"]);
             if (strlen($error) > 0) {
                 $this->LAST_ERROR .= $error . "<br>";
             } elseif (($error = CFile::checkForDb($arFields, "PREVIEW_PICTURE")) !== "") {
                 $this->LAST_ERROR .= GetMessage("IBLOCK_ERR_PREVIEW_PICTURE") . "<br>" . $error . "<br>";
             }
         } elseif (intval($arFields["PREVIEW_PICTURE"]) > 0) {
             if (intval($arFields["WF_PARENT_ELEMENT_ID"]) <= 0 || CIBlockElement::DeleteFile($arFields["PREVIEW_PICTURE"], $ID, "PREVIEW", intval($arFields["WF_PARENT_ELEMENT_ID"]), $arFields["IBLOCK_ID"], true) <= 0) {
                 $this->LAST_ERROR .= GetMessage("IBLOCK_ERR_PREVIEW_PICTURE") . "<br>";
             }
         }
     }
     if (is_set($arFields, "DETAIL_PICTURE")) {
         if (is_array($arFields["DETAIL_PICTURE"]) && array_key_exists("bucket", $arFields["DETAIL_PICTURE"]) && is_object($arFields["DETAIL_PICTURE"]["bucket"])) {
             //This is trusted image from xml import
         } elseif (is_array($arFields["DETAIL_PICTURE"])) {
             $error = CFile::CheckImageFile($arFields["DETAIL_PICTURE"]);
             if (strlen($error) > 0) {
                 $this->LAST_ERROR .= $error . "<br>";
             } elseif (($error = CFile::checkForDb($arFields, "DETAIL_PICTURE")) !== "") {
                 $this->LAST_ERROR .= GetMessage("IBLOCK_ERR_DETAIL_PICTURE") . "<br>" . $error . "<br>";
             }
         } elseif (intval($arFields["DETAIL_PICTURE"]) > 0) {
             if (intval($arFields["WF_PARENT_ELEMENT_ID"]) <= 0 || CIBlockElement::DeleteFile($arFields["DETAIL_PICTURE"], $ID, "DETAIL", intval($arFields["WF_PARENT_ELEMENT_ID"]), $arFields["IBLOCK_ID"], true) <= 0) {
                 $this->LAST_ERROR .= GetMessage("IBLOCK_ERR_DETAIL_PICTURE") . "<br>";
             }
         }
     }
     if (array_key_exists("TAGS", $arFields) && CModule::IncludeModule('search')) {
         $arFields["TAGS"] = implode(", ", tags_prepare($arFields["TAGS"]));
     }
     if ($ID === false && !is_set($arFields, "IBLOCK_ID")) {
         $this->LAST_ERROR .= GetMessage("IBLOCK_BAD_BLOCK_ID") . "<br>";
     }
     if ($ID !== false && is_set($arFields, "XML_ID") && strlen($arFields["XML_ID"]) <= 0) {
         $this->LAST_ERROR .= GetMessage("IBLOCK_BAD_EXTERNAL_CODE") . "<br>";
     }
     //Find out IBLOCK_ID from fields or from element
     $IBLOCK_ID = intval($arFields["IBLOCK_ID"]);
     if ($IBLOCK_ID <= 0) {
         $IBLOCK_ID = 0;
         $res = $DB->Query("SELECT IBLOCK_ID FROM b_iblock_element WHERE ID=" . IntVal($ID));
         if ($ar = $res->Fetch()) {
             $IBLOCK_ID = (int) $ar["IBLOCK_ID"];
         }
     }
     //Read iblock metadata
     static $IBLOCK_CACHE = array();
     if (!isset($IBLOCK_CACHE[$IBLOCK_ID])) {
         if ($IBLOCK_ID > 0) {
             $IBLOCK_CACHE[$IBLOCK_ID] = CIBlock::GetArrayByID($IBLOCK_ID);
         } else {
             $IBLOCK_CACHE[$IBLOCK_ID] = false;
         }
     }
     if ($IBLOCK_CACHE[$IBLOCK_ID]) {
         $arFields["IBLOCK_ID"] = $IBLOCK_ID;
     } else {
         $this->LAST_ERROR .= GetMessage("IBLOCK_BAD_BLOCK_ID") . "<br>";
     }
     if (is_set($arFields, 'IBLOCK_SECTION') && !empty($arFields['IBLOCK_SECTION'])) {
         if (!is_array($arFields['IBLOCK_SECTION'])) {
             $arFields['IBLOCK_SECTION'] = array($arFields['IBLOCK_SECTION']);
         }
         $arFields['IBLOCK_SECTION'] = array_filter($arFields['IBLOCK_SECTION']);
     }
     if ($IBLOCK_CACHE[$IBLOCK_ID]) {
         $ar = $IBLOCK_CACHE[$IBLOCK_ID]["FIELDS"];
         if (is_array($ar)) {
             $WF_PARENT_ELEMENT_ID = isset($arFields["WF_PARENT_ELEMENT_ID"]) ? intval($arFields["WF_PARENT_ELEMENT_ID"]) : 0;
             if (($WF_PARENT_ELEMENT_ID == 0 || $WF_PARENT_ELEMENT_ID == intval($ID)) && array_key_exists("CODE", $arFields) && strlen($arFields["CODE"]) > 0 && is_array($ar["CODE"]["DEFAULT_VALUE"]) && $ar["CODE"]["DEFAULT_VALUE"]["UNIQUE"] == "Y") {
                 $res = $DB->Query("\n\t\t\t\t\t\tSELECT ID\n\t\t\t\t\t\tFROM b_iblock_element\n\t\t\t\t\t\tWHERE IBLOCK_ID = " . $IBLOCK_ID . "\n\t\t\t\t\t\tAND CODE = '" . $DB->ForSQL($arFields["CODE"]) . "'\n\t\t\t\t\t\tAND WF_PARENT_ELEMENT_ID IS NULL\n\t\t\t\t\t\tAND ID <> " . intval($ID));
                 if ($res->Fetch()) {
                     $this->LAST_ERROR .= GetMessage("IBLOCK_DUP_ELEMENT_CODE") . "<br>";
                 }
             }
             $arOldElement = false;
             foreach ($ar as $FIELD_ID => $field) {
                 if (preg_match("/^(SECTION_|LOG_)/", $FIELD_ID)) {
                     continue;
                 }
                 if ($field["IS_REQUIRED"] === "Y") {
                     switch ($FIELD_ID) {
                         case "NAME":
                         case "ACTIVE":
                         case "PREVIEW_TEXT_TYPE":
                         case "DETAIL_TEXT_TYPE":
                         case "SORT":
                             //We should never check for this fields
                             break;
                         case "IBLOCK_SECTION":
                             if ($ID === false || array_key_exists($FIELD_ID, $arFields)) {
                                 $sum = 0;
                                 if (is_array($arFields[$FIELD_ID])) {
                                     foreach ($arFields[$FIELD_ID] as $k => $v) {
                                         if (intval($v) > 0) {
                                             $sum += intval($v);
                                         }
                                     }
                                 } else {
                                     $sum = intval($arFields[$FIELD_ID]);
                                 }
                                 if ($sum <= 0) {
                                     $this->LAST_ERROR .= GetMessage("IBLOCK_BAD_FIELD", array("#FIELD_NAME#" => $field["NAME"])) . "<br>";
                                 }
                             }
                             break;
                         case "PREVIEW_PICTURE":
                         case "DETAIL_PICTURE":
                             if ($ID !== false && !$arOldElement) {
                                 $rs = $DB->Query("SELECT PREVIEW_PICTURE, DETAIL_PICTURE from b_iblock_element WHERE ID = " . intval($ID));
                                 $arOldElement = $rs->Fetch();
                             }
                             if ($arOldElement && $arOldElement[$FIELD_ID] > 0) {
                                 //There was an picture so just check that it is not deleted
                                 if (array_key_exists($FIELD_ID, $arFields) && is_array($arFields[$FIELD_ID]) && $arFields[$FIELD_ID]["del"] === "Y") {
                                     $this->LAST_ERROR .= GetMessage("IBLOCK_BAD_FIELD", array("#FIELD_NAME#" => $field["NAME"])) . "<br>";
                                 }
                             } else {
                                 //There was NO picture so it MUST be present
                                 if (!array_key_exists($FIELD_ID, $arFields)) {
                                     $this->LAST_ERROR .= GetMessage("IBLOCK_BAD_FIELD", array("#FIELD_NAME#" => $field["NAME"])) . "<br>";
                                 } elseif (is_array($arFields[$FIELD_ID])) {
                                     if ($arFields[$FIELD_ID]["del"] === "Y" || array_key_exists("error", $arFields[$FIELD_ID]) && $arFields[$FIELD_ID]["error"] !== 0 || $arFields[$FIELD_ID]["size"] <= 0) {
                                         $this->LAST_ERROR .= GetMessage("IBLOCK_BAD_FIELD", array("#FIELD_NAME#" => $field["NAME"])) . "<br>";
                                     }
                                 } else {
                                     if (intval($arFields[$FIELD_ID]) <= 0) {
                                         $this->LAST_ERROR .= GetMessage("IBLOCK_BAD_FIELD", array("#FIELD_NAME#" => $field["NAME"])) . "<br>";
                                     }
                                 }
                             }
                             break;
                         default:
                             if ($ID === false || array_key_exists($FIELD_ID, $arFields)) {
                                 if (is_array($arFields[$FIELD_ID])) {
                                     $val = implode("", $arFields[$FIELD_ID]);
                                 } else {
                                     $val = $arFields[$FIELD_ID];
                                 }
                                 if (strlen($val) <= 0) {
                                     $this->LAST_ERROR .= GetMessage("IBLOCK_BAD_FIELD", array("#FIELD_NAME#" => $field["NAME"])) . "<br>";
                                 }
                             }
                             break;
                     }
                 }
             }
         }
     }
     if (array_key_exists("PROPERTY_VALUES", $arFields) && is_array($arFields["PROPERTY_VALUES"])) {
         //First "normalize" properties to form:
         //$arFields["PROPERTY_VALUES"][<PROPERTY_ID>][<PROPERTY_VALUE_ID>] => $value
         $arProperties = array();
         foreach ($arFields["PROPERTY_VALUES"] as $key => $property_values) {
             $arProperties[$key] = array();
             if (is_array($property_values)) {
                 if (array_key_exists("VALUE", $property_values)) {
                     $arProperties[$key][] = $property_values["VALUE"];
                 } elseif (array_key_exists("tmp_name", $property_values)) {
                     $arProperties[$key][] = $property_values;
                 } else {
                     foreach ($property_values as $key2 => $property_value) {
                         if (is_array($property_value) && array_key_exists("VALUE", $property_value)) {
                             //each of these may be "complex"
                             $arProperties[$key][] = $property_value["VALUE"];
                         } else {
                             //or simple
                             $arProperties[$key][] = $property_value;
                         }
                     }
                 }
             } else {
                 $arProperties[$key][] = $property_values;
             }
         }
         foreach ($arProperties as $key => $property_values) {
             $arProperty = CIBlockProperty::GetPropertyArray($key, $IBLOCK_ID);
             if ($arProperty["USER_TYPE"] != "") {
                 $arUserType = CIBlockProperty::GetUserType($arProperty["USER_TYPE"]);
             } else {
                 $arUserType = array();
             }
             if (array_key_exists("CheckFields", $arUserType)) {
                 foreach ($property_values as $key2 => $property_value) {
                     $arError = call_user_func_array($arUserType["CheckFields"], array($arProperty, array("VALUE" => $property_value)));
                     if (is_array($arError)) {
                         foreach ($arError as $err_mess) {
                             $this->LAST_ERROR .= $err_mess . "<br>";
                         }
                     }
                 }
             }
             //Files check
             $bError = false;
             if ($arProperty["IS_REQUIRED"] == "Y" && $arProperty['PROPERTY_TYPE'] == 'F') {
                 //New element
                 if ($ID === false) {
                     $bError = true;
                     foreach ($property_values as $key2 => $property_value) {
                         if (is_array($property_value) && array_key_exists("tmp_name", $property_value) && array_key_exists("size", $property_value)) {
                             if ($property_value['size'] > 0) {
                                 $bError = false;
                                 break;
                             }
                         } elseif (intval($property_value) > 0) {
                             //This is history copy of the file
                             $bError = false;
                             break;
                         }
                     }
                 } else {
                     $dbProperty = CIBlockElement::GetProperty($arProperty["IBLOCK_ID"], $ID, "sort", "asc", array("ID" => $arProperty["ORIG_ID"], "EMPTY" => "N"));
                     $bCount = 0;
                     while ($a = $dbProperty->Fetch()) {
                         if ($a["VALUE"] > 0) {
                             $bCount++;
                         }
                     }
                     foreach ($property_values as $key2 => $property_value) {
                         if (is_array($property_value)) {
                             if ($property_value['size'] > 0) {
                                 $bCount++;
                                 break;
                             } elseif ($property_value['del'] == 'Y') {
                                 $bCount--;
                             }
                         } elseif (intval($property_value) > 0) {
                             //This is history copy of the file
                             $bCount++;
                             break;
                         }
                     }
                     $bError = $bCount <= 0;
                 }
             }
             if ($arProperty["IS_REQUIRED"] == "Y" && $arProperty['PROPERTY_TYPE'] != 'F') {
                 $len = 0;
                 foreach ($property_values as $key2 => $property_value) {
                     if (array_key_exists("GetLength", $arUserType)) {
                         $len += call_user_func_array($arUserType["GetLength"], array($arProperty, array("VALUE" => $property_value)));
                     } else {
                         $len += strlen($property_value);
                     }
                     if ($len > 0) {
                         break;
                     }
                 }
                 $bError = $len <= 0;
             }
             if ($bError) {
                 $this->LAST_ERROR .= GetMessage("IBLOCK_BAD_PROPERTY", array("#PROPERTY#" => $arProperty["NAME"])) . "<br>";
             }
             // check file properties for correctness
             if ($arProperty['PROPERTY_TYPE'] == 'F') {
                 $bImageOnly = False;
                 $arImageExtentions = explode(",", strtoupper(CFile::GetImageExtensions()));
                 if (strlen($arProperty["FILE_TYPE"])) {
                     $bImageOnly = True;
                     $arAvailTypes = explode(",", strtoupper($arProperty["FILE_TYPE"]));
                     foreach ($arAvailTypes as $avail_type) {
                         if (!in_array(trim($avail_type), $arImageExtentions)) {
                             $bImageOnly = False;
                             break;
                         }
                     }
                 }
                 foreach ($property_values as $key2 => $property_value) {
                     if (!is_array($property_value) && intval($property_value) > 0 && intval($arFields["WF_PARENT_ELEMENT_ID"]) > 0) {
                         if (CIBlockElement::DeleteFile($property_value, $ID, "PROPERTY", intval($arFields["WF_PARENT_ELEMENT_ID"]), $arFields["IBLOCK_ID"], true) <= 0) {
                             $this->LAST_ERROR .= GetMessage("IBLOCK_ERR_FILE_PROPERTY") . "<br>";
                         }
                     } elseif (is_array($property_value)) {
                         if (is_object($property_value["bucket"])) {
                             //This is trusted image from xml import
                             $error = "";
                         } else {
                             if ($bImageOnly) {
                                 $error = CFile::CheckImageFile($property_value);
                             } else {
                                 $error = CFile::CheckFile($property_value, 0, false, $arProperty["FILE_TYPE"]);
                             }
                         }
                         //For user without edit php permissions
                         //we allow only pictures upload
                         if (!is_object($USER) || !$USER->IsAdmin()) {
                             if (HasScriptExtension($property_value["name"])) {
                                 $error = GetMessage("FILE_BAD_TYPE") . " (" . $property_value["name"] . ").";
                             }
                         }
                         if (strlen($error) > 0) {
                             $this->LAST_ERROR .= $error . "<br>";
                         }
                     }
                 }
             }
         }
     }
     $APPLICATION->ResetException();
     if ($ID === false) {
         $db_events = GetModuleEvents("iblock", "OnBeforeIBlockElementAdd", true);
     } else {
         $arFields["ID"] = $ID;
         $db_events = GetModuleEvents("iblock", "OnBeforeIBlockElementUpdate", true);
     }
     foreach ($db_events as $arEvent) {
         $bEventRes = ExecuteModuleEventEx($arEvent, array(&$arFields));
         if ($bEventRes === false) {
             if ($err = $APPLICATION->GetException()) {
                 $this->LAST_ERROR .= $err->GetString() . "<br>";
             } else {
                 $APPLICATION->ThrowException("Unknown error");
                 $this->LAST_ERROR .= "Unknown error.<br>";
             }
             break;
         }
     }
     /****************************** QUOTA ******************************/
     if ($bCheckDiskQuota && empty($this->LAST_ERROR) && COption::GetOptionInt("main", "disk_space") > 0) {
         $quota = new CDiskQuota();
         if (!$quota->checkDiskQuota($arFields)) {
             $this->LAST_ERROR = $quota->LAST_ERROR;
         }
     }
     /****************************** QUOTA ******************************/
     if (!empty($this->LAST_ERROR)) {
         return false;
     }
     return true;
 }
Esempio n. 17
0
 protected static function getErrorSingle(array $input, $value)
 {
     if (is_array($value)) {
         switch ($value['error']) {
             case UPLOAD_ERR_OK:
                 // success
                 $errors = array();
                 if ($input['MAXSIZE'] && $value['size'] > $input['MAXSIZE']) {
                     $errors['MAXSIZE'] = Loc::getMessage('INPUT_FILE_MAXSIZE_ERROR');
                 }
                 // TODO check: file name, mime type, extension
                 //$info = pathinfo($value['name']);
                 if ($error = \CFile::CheckFile($value, 0, false, $input['ACCEPT'])) {
                     $errors['CFILE'] = $error;
                 }
                 return $errors;
             case UPLOAD_ERR_INI_SIZE:
             case UPLOAD_ERR_FORM_SIZE:
                 return array('MAXSIZE' => Loc::getMessage('INPUT_FILE_MAXSIZE_ERROR'));
             case UPLOAD_ERR_PARTIAL:
                 return array('PARTIAL' => Loc::getMessage('INPUT_FILE_PARTIAL_ERROR'));
             case UPLOAD_ERR_NO_FILE:
                 return $input['REQUIRED'] == 'Y' && (!is_numeric($value['ID']) || $value['DELETE']) ? array('REQUIRED' => Loc::getMessage('INPUT_REQUIRED_ERROR')) : array();
                 // TODO case UPLOAD_ERR_NO_TMP_DIR  UPLOAD_ERR_CANT_WRITE  UPLOAD_ERR_EXTENSION
             // TODO case UPLOAD_ERR_NO_TMP_DIR  UPLOAD_ERR_CANT_WRITE  UPLOAD_ERR_EXTENSION
             default:
                 return array('INVALID' => Loc::getMessage('INPUT_INVALID_ERROR'));
         }
     } elseif (is_numeric($value)) {
         // TODO check if file id exists maybe ???
         return array();
     } else {
         return array('INVALID' => Loc::getMessage('INPUT_INVALID_ERROR'));
     }
 }
Esempio n. 18
0
 /**
  * Checks file params
  * @param $file
  * @param $arFile
  * @return mixed|null|string
  */
 protected function checkFile($file, &$arFile)
 {
     $status = new Status("checked");
     if ($file["error"] > 0) {
         $status = new Error("BXU347.2", $file["error"]);
     } else {
         if (array_key_exists("tmp_url", $file)) {
             $url = new Uri($file["tmp_url"]);
             if ($url->getHost() == '' && ($tmp = \CFile::MakeFileArray($url->getPath())) && is_array($tmp)) {
                 $file = array_merge($tmp, $file);
             } else {
                 if ($url->getHost() != '' && $this->http->query("HEAD", $file["tmp_url"]) && $this->http->getStatus() == "200") {
                     $file = array_merge($file, array("size" => (int) $this->http->getHeaders()->get("content-length"), "type" => $this->http->getHeaders()->get("content-type")));
                 } else {
                     $status = new Error("BXU347.2");
                 }
             }
         } else {
             if (!is_uploaded_file($file['tmp_name']) || !file_exists($file['tmp_name'])) {
                 $status = new Error("BXU347.2");
             }
         }
     }
     if ($status instanceof Error) {
         //
     } elseif ($this->params["allowUpload"] == "I") {
         $error = \CFile::CheckFile($file, $this->params["uploadMaxFilesize"], "image/", \CFile::GetImageExtensions());
         if (!empty($error)) {
             $status = new Error("BXU347.3", $error);
         }
     } elseif ($this->params["allowUpload"] == "F") {
         $error = \CFile::CheckFile($file, $this->params["uploadMaxFilesize"], false, $this->params["allowUploadExt"]);
         if (!empty($error)) {
             $status = new Error("BXU347.3", $error);
         }
     } else {
         $error = \CFile::CheckFile($file, $this->params["uploadMaxFilesize"]);
         if (!empty($error)) {
             $status = new Error("BXU347.3", $error);
         }
     }
     if ($status instanceof Status) {
         $matches = array();
         $name = $file["~name"];
         if (preg_match("/^(.+?)\\.ch(\\d+)\\.(\\d+)\\.chs(\\d+)\$/", $file["~name"], $matches)) {
             $name = $matches[1];
         }
         $key = !empty($name) ? $name : 'default';
         $file["copy"] = $key;
         if (empty($matches)) {
             $arFile["files"][$key] = $file;
         } else {
             $fileAddInfo = array("chunks" => array(), "chunksInfo" => array("count" => $matches[4], "uploaded" => array(), "written" => array()));
             if (array_key_exists($key, $arFile["files"])) {
                 $fileAddInfo = $arFile["files"][$key];
             }
             $file["status"] = "inprogress";
             $file["number"] = $matches[2];
             $file["start"] = $matches[3];
             $fileAddInfo["chunks"][self::getChunkKey($fileAddInfo["chunksInfo"]["count"], $file["number"])] = $file;
             $arFile["files"][$key] = $fileAddInfo;
         }
     }
     return $status;
 }
Esempio n. 19
0
	function CheckImageFile($arFile, $iMaxSize=0, $iMaxWidth=0, $iMaxHeight=0, $access_typies=array())
	{
		if(strlen($arFile["name"])<=0)
			return "";

		if(GetFileNameWithoutExtension(RemoveScriptExtension($arFile["name"])) == '')
			return GetMessage("FILE_BAD_FILENAME");

		$file_type = GetFileType($arFile["name"]);
		// если тип файла не входит в массив допустимых типов то
		// присваиваем ему тип IMAGE по умолчанию
		if(!in_array($file_type, $access_typies))
			$file_type = "IMAGE";

		switch ($file_type)
		{
			case "FLASH":
				$res = CFile::CheckFile($arFile, $iMaxSize, "application/x-shockwave-flash", CFile::GetFlashExtensions());
				break;
			default:
				$res = CFile::CheckFile($arFile, $iMaxSize, "image/", CFile::GetImageExtensions());
		}

		if(strlen($res)>0)
			return $res;

		$imgArray = CFile::GetImageSize($arFile["tmp_name"]);

		if(is_array($imgArray))
		{
			$intWIDTH = $imgArray[0];
			$intHEIGHT = $imgArray[1];
		}
		else
			return GetMessage("FILE_BAD_FILE_TYPE").".<br>";

		//проверка на максимальный размер картинки (ширина/высота)
		if($iMaxWidth > 0 && ($intWIDTH > $iMaxWidth || $intWIDTH == 0) || $iMaxHeight > 0 && ($intHEIGHT > $iMaxHeight || $intHEIGHT == 0))
			return GetMessage("FILE_BAD_MAX_RESOLUTION")." (".$iMaxWidth." * ".$iMaxHeight." ".GetMessage("main_include_dots").").<br>";

		return null;
	}
Esempio n. 20
0
 function CheckImageFile($arFile, $iMaxSize = 0, $iMaxWidth = 0, $iMaxHeight = 0, $access_typies = array())
 {
     if ($arFile["name"] == "") {
         return "";
     }
     $file_type = GetFileType($arFile["name"]);
     // IMAGE by default
     if (!in_array($file_type, $access_typies)) {
         $file_type = "IMAGE";
     }
     switch ($file_type) {
         case "FLASH":
             $res = CFile::CheckFile($arFile, $iMaxSize, "application/x-shockwave-flash", CFile::GetFlashExtensions());
             break;
         default:
             $res = CFile::CheckFile($arFile, $iMaxSize, "image/", CFile::GetImageExtensions());
     }
     if ($res != '') {
         return $res;
     }
     $imgArray = CFile::GetImageSize($arFile["tmp_name"], true);
     if (is_array($imgArray)) {
         $intWIDTH = $imgArray[0];
         $intHEIGHT = $imgArray[1];
     } else {
         return GetMessage("FILE_BAD_FILE_TYPE") . ".<br>";
     }
     //check for dimensions
     if ($iMaxWidth > 0 && ($intWIDTH > $iMaxWidth || $intWIDTH == 0) || $iMaxHeight > 0 && ($intHEIGHT > $iMaxHeight || $intHEIGHT == 0)) {
         return GetMessage("FILE_BAD_MAX_RESOLUTION") . " (" . $iMaxWidth . " * " . $iMaxHeight . " " . GetMessage("main_include_dots") . ").<br>";
     }
     return null;
 }
Esempio n. 21
0
 function CheckFields(&$arFields, &$arParams, $ACTION = "ADD", $extParams = array())
 {
     $aMsg = array();
     $arFiles = !is_array($arFields) ? array($arFields) : $arFields;
     $arParams = !is_array($arParams) ? array($arParams) : $arParams;
     $arParams["FORUM_ID"] = intVal($arParams["FORUM_ID"]);
     if (isset($arParams["TOPIC_ID"])) {
         $arParams["TOPIC_ID"] = intVal($arParams["TOPIC_ID"]);
     }
     $arParams["MESSAGE_ID"] = intVal($arParams["MESSAGE_ID"]);
     $arParams["USER_ID"] = intVal($arParams["USER_ID"]);
     if (empty($arFiles)) {
         return true;
     } elseif (!empty($arFiles["name"])) {
         $arFiles = array($arFiles);
     }
     $ACTION = $ACTION == "UPDATE" || "NOT_CHECK_DB" ? $ACTION : "ADD";
     if ($arParams["FORUM_ID"] <= 0) {
         $aMsg[] = array("id" => 'bad_forum', "text" => GetMessage("F_ERR_EMPTY_FORUM_ID"));
     } else {
         // Y - Image files		F - Files of specified type		A - All files
         $arForum = !!$extParams["FORUM"] ? $extParams["FORUM"] : CForumNew::GetByID($arParams["FORUM_ID"]);
         if (empty($arForum)) {
             $aMsg[] = array("id" => 'bad_forum', "text" => GetMessage("F_ERR_FORUM_IS_LOST"));
         } elseif (!in_array($arForum["ALLOW_UPLOAD"], array("Y", "F", "A"))) {
             $aMsg[] = array("id" => 'bad_forum_permission', "text" => GetMessage("F_ERR_UPOAD_IS_DENIED"));
         }
     }
     if (empty($aMsg)) {
         $arFilesExists = array();
         $iFileSize = intVal(COption::GetOptionString("forum", "file_max_size", 5242880));
         foreach ($arFiles as $key => $val) {
             $res = "";
             if (strLen($val["name"]) <= 0 && intVal($val["FILE_ID"]) <= 0) {
                 unset($arFiles[$key]);
                 continue;
             } elseif (strLen($val["name"]) > 0) {
                 if ($arForum["ALLOW_UPLOAD"] == "Y") {
                     $res = CFile::CheckImageFile($val, $iFileSize, 0, 0);
                 } elseif ($arForum["ALLOW_UPLOAD"] == "F") {
                     $res = CFile::CheckFile($val, $iFileSize, false, $arForum["ALLOW_UPLOAD_EXT"]);
                 } else {
                     $res = CFile::CheckFile($val, $iFileSize, false, false);
                 }
                 if (strLen($res) > 0) {
                     $aMsg[] = array("id" => 'attach_error', "text" => $res);
                 }
             }
             if (intVal($val["FILE_ID"]) > 0) {
                 $arFiles[$key]["old_file"] = $val["FILE_ID"];
                 $arFilesExists[$val["FILE_ID"]] = $val;
                 continue;
             }
         }
         if ($ACTION != "NOT_CHECK_DB" && !empty($arFilesExists)) {
             $arFilter = array("FILE_FORUM_ID" => $arParams["FORUM_ID"]);
             if (isset($arParams["TOPIC_ID"])) {
                 $arFilter["FILE_TOPIC_ID"] = $arParams["TOPIC_ID"];
             }
             if (isset($arParams["MESSAGE_ID"])) {
                 $arFilter["FILE_MESSAGE_ID"] = $arParams["MESSAGE_ID"];
             }
             $arFilter["@FILE_ID"] = array_keys($arFilesExists);
             $db_res = CForumFiles::GetList(array("FILE_ID" => "ASC"), $arFilter);
             if ($db_res && ($res = $db_res->Fetch())) {
                 do {
                     unset($arFilesExists[$res["FILE_ID"]]);
                 } while ($res = $db_res->Fetch());
             }
             if (!empty($arFilesExists)) {
                 $aMsg[] = array("id" => 'attach_error', "text" => str_replace("#FILE_ID#", implode(", ", array_keys($arFilesExists)), GetMessage("F_ERR_UPOAD_FILES_IS_LOST")));
             }
         }
     }
     if (!empty($aMsg)) {
         $e = new CAdminException($aMsg);
         $GLOBALS["APPLICATION"]->ThrowException($e);
         return false;
     }
     $arFields = $arFiles;
     return true;
 }
Esempio n. 22
0
 function SaveFile($name, $arRestriction = array())
 {
     $wizard = $this->GetWizard();
     $deleteFile = $wizard->GetVar($name . "_del");
     $wizard->UnSetVar($name . "_del");
     $oldFileID = $wizard->GetVar($name);
     $fileNew = $wizard->GetRealName($name . "_new");
     if (!array_key_exists($fileNew, $_FILES) || strlen($_FILES[$fileNew]["name"]) <= 0 && $deleteFile === null) {
         return;
     }
     if (strlen($_FILES[$fileNew]["tmp_name"]) <= 0 && $deleteFile === null) {
         $this->SetError(GetMessage("MAIN_WIZARD_FILE_UPLOAD_ERROR"), $name . "_new");
         return;
     }
     $arFile = $_FILES[$fileNew] + array("del" => $deleteFile == "Y" ? "Y" : "", "old_file" => intval($oldFileID) > 0 ? intval($oldFileID) : 0, "MODULE_ID" => "tmp_wizard");
     $max_file_size = array_key_exists("max_file_size", $arRestriction) ? intval($arRestriction["max_file_size"]) : 0;
     $max_width = array_key_exists("max_width", $arRestriction) ? intval($arRestriction["max_width"]) : 0;
     $max_height = array_key_exists("max_height", $arRestriction) ? intval($arRestriction["max_height"]) : 0;
     $extensions = array_key_exists("extensions", $arRestriction) && strlen($arRestriction["extensions"]) > 0 ? trim($arRestriction["extensions"]) : false;
     $make_preview = array_key_exists("make_preview", $arRestriction) && $arRestriction["make_preview"] == "Y" ? true : false;
     $error = CFile::CheckFile($arFile, $max_file_size, false, $extensions);
     if (strlen($error) > 0) {
         $this->SetError($error, $name . "_new");
         return;
     }
     if ($make_preview && $max_width > 0 && $max_height > 0) {
         list($sourceWidth, $sourceHeight, $type, $attr) = CFile::GetImageSize($arFile["tmp_name"]);
         if ($sourceWidth > $max_width || $sourceHeight > $max_height) {
             $success = CWizardUtil::CreateThumbnail($arFile["tmp_name"], $arFile["tmp_name"], $max_width, $max_height);
             if ($success) {
                 $arFile["size"] = @filesize($arFile["tmp_name"]);
             }
         }
     } elseif ($max_width > 0 || $max_height > 0) {
         $error = CFile::CheckImageFile($arFile, $max_file_size, $max_width, $max_height);
         if (strlen($error) > 0) {
             $this->SetError($error, $name . "_new");
             return;
         }
     }
     $fileID = (int) CFile::SaveFile($arFile, "tmp");
     if ($fileID > 0) {
         $wizard->SetVar($name, $fileID);
     } else {
         $wizard->UnSetVar($name);
     }
     return $fileID;
 }
Esempio n. 23
0
 public static function getFrameAsData($file, $width, $height, $seconds, $for_html = true, $use_cache = true)
 {
     if ($program = static::findProgram("ffmpeg")) {
         if (file_exists($file)) {
             $param_string = serialize(func_get_args());
             //$hash = sha1(md5_file($file).md5($param_string));
             $time = static::seconds_to_format($seconds);
             $output = abs_path("/upload/frames/out" . md5($param_string) . ".jpg");
             if ($use_cache) {
                 $result = static::getCache(__FUNCTION__ . $param_string);
             }
             if (empty($result['RESULT'])) {
                 $comm = $program . " -ss {$time} -i {$file} -frames:v 1 {$output}";
                 exec($comm);
                 if (file_exists($output)) {
                     if (intval($width) && intval($height)) {
                         $obFile = new CFile();
                         $arFile = \CFile::MakeFileArray($output);
                         $checkfile = $obFile->CheckFile($arFile, 400000, 'image/', 'gif,png,jpeg,jpg');
                         if (empty($checkfile)) {
                             $obFile->ResizeImage($arFile, array("width" => $width, "height" => $height), BX_RESIZE_IMAGE_EXACT);
                             $output = $arFile['tmp_name'];
                         }
                     }
                     $base64data = static::getBase64File($output, $for_html);
                     if (!empty($base64data)) {
                         $result['RESULT'] = $base64data;
                         unlink($output);
                         static::setCache(__FUNCTION__ . $param_string, $result['RESULT']);
                     }
                 }
             }
             return $result['RESULT'];
         }
     }
     return false;
 }