public function Add($data)
{
if (($r = self::CheckAuth()) !== false) {
return $r;
}
$arFieldsInfo = CCrmContact::GetFields();
$arFields = array();
$arEl = $data->elementsByName('Field');
foreach ($arEl as $el) {
$children = $el->children();
$sFieldName = $el->getAttribute('id');
// Fix for issue #40193
if (!isset($arFieldsInfo[$sFieldName])) {
continue;
}
if (!is_null($children)) {
$arFields[$sFieldName] = array();
foreach ($children as $child) {
$arFields[$sFieldName][] = $child->content;
}
} else {
$arFields[$sFieldName] = $el->content;
}
}
CCrmFieldMulti::PrepareFields($arFields);
if (isset($arFields['PHOTO'])) {
$arFile = null;
if (CCrmUrlUtil::HasScheme($arFields['PHOTO']) && CCrmUrlUtil::IsSecureUrl($arFields['PHOTO'])) {
$arFile = CFile::MakeFileArray($arFields['PHOTO']);
if (is_array($arFile)) {
$arFile += array('MODULE_ID' => 'crm');
}
}
if (is_array($arFile)) {
$arFields['PHOTO'] = $arFile;
} else {
unset($arFields['PHOTO']);
}
}
$arUserFields = $GLOBALS['USER_FIELD_MANAGER']->GetUserFields(CCrmContact::$sUFEntityID);
foreach ($arUserFields as $FIELD_NAME => $arUserField) {
if ($arUserField['USER_TYPE']['BASE_TYPE'] == 'file') {
if (!isset($arFields[$FIELD_NAME])) {
continue;
}
if (is_array($arFields[$FIELD_NAME])) {
$arFiles = array();
foreach ($arFields[$FIELD_NAME] as $sFilePath) {
if (!(CCrmUrlUtil::HasScheme($sFilePath) && CCrmUrlUtil::IsSecureUrl($sFilePath))) {
continue;
}
$arFile = CFile::MakeFileArray($sFilePath);
if (is_array($arFile)) {
$arFile += array('MODULE_ID' => 'crm');
$arFiles[] = $arFile;
}
}
$arFields[$FIELD_NAME] = $arFiles;
} else {
$arFile = null;
$sFilePath = $arFields[$FIELD_NAME];
if (CCrmUrlUtil::HasScheme($sFilePath) && CCrmUrlUtil::IsSecureUrl($sFilePath)) {
$arFile = CFile::MakeFileArray($sFilePath);
if (is_array($arFile)) {
$arFile += array('MODULE_ID' => 'crm');
}
}
if (is_array($arFile)) {
$arFields[$FIELD_NAME] = $arFile;
} else {
unset($arFields[$FIELD_NAME]);
}
}
}
}
$CCrmContact = new CCrmContact();
return $CCrmContact->Add($arFields) ? 'ok' : new CSoapFault('CCrmLead::Add', htmlspecialcharsbx(strip_tags(nl2br($arFields['RESULT_MESSAGE']))));
}
/**
* @return string
*/
public function getFileInfo()
{
$fileInfo = null;
if ($this->encoding === 'B' || $this->encoding === 'BASE64') {
$type = $this->type !== '' ? strtolower($this->type) : 'jpg';
if ($type === '' || !in_array($type, explode(',', \CFile::GetImageExtensions()), true)) {
$type = 'jpg';
}
$filePath = \CTempFile::GetFileName(uniqid('vcard_img') . '.' . $type);
CheckDirPath($filePath);
//Removing of line folding
$encodedData = preg_replace("/\\\\n/i", "\n", $this->value);
if (file_put_contents($filePath, base64_decode($encodedData)) !== false) {
$fileInfo = \CFile::MakeFileArray($filePath, "image/{$type}");
}
} elseif ($this->valueType === 'URI' && \CCrmUrlUtil::HasScheme($this->value) && \CCrmUrlUtil::IsSecureUrl($this->value)) {
$fileInfo = \CFile::MakeFileArray($this->value);
}
return is_array($fileInfo) && strlen(\CFile::CheckImageFile($fileInfo)) === 0 ? $fileInfo : null;
}
}
if (!function_exists('__CrmEventGetPhones')) {
function __CrmEventGetPhones($entityID, $elementID)
{
$result = array();
$arFields = CCrmFieldMulti::GetEntityFields($entityID, $elementID, 'PHONE', true, false);
foreach ($arFields as $arField) {
$result[] = array('TITLE' => $arField['ENTITY_NAME'], 'NUMBER' => $arField['VALUE']);
}
return $result;
}
}
CUtil::InitJSCore();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$eventPage = isset($_POST['EVENT_PAGE']) ? $_POST['EVENT_PAGE'] : '';
if ($eventPage === '' || !CCrmUrlUtil::IsSecureUrl($eventPage)) {
$eventPage = $GLOBALS['APPLICATION']->GetCurPage();
}
$formID = isset($_POST['FORM_ID']) ? $_POST['FORM_ID'] : '';
if ($formID === '') {
$formID = 'CRM_' . trim($_POST['ENTITY_TYPE']) . '_' . trim($_POST['FORM_TYPE']) . '_V12';
}
$arResult['EVENT_PAGE'] = CHTTP::urlAddParams($eventPage, array($formID . '_active_tab' => !empty($_POST['TAB_ID']) ? $_POST['TAB_ID'] : 'tab_event'));
if (check_bitrix_sessid()) {
$entityTypeID = isset($_POST['ENTITY_TYPE']) ? trim($_POST['ENTITY_TYPE']) : '';
$entityID = isset($_POST['ENTITY_ID']) ? intval($_POST['ENTITY_ID']) : 0;
$eventID = isset($_POST['EVENT_ID']) ? trim($_POST['EVENT_ID']) : '';
$eventDesc = isset($_POST['EVENT_DESC']) ? trim($_POST['EVENT_DESC']) : '';
$eventDate = isset($_POST['EVENT_DATE']) ? trim($_POST['EVENT_DATE']) : '';
$postFiles = isset($_FILES['ATTACH']) ? $_FILES['ATTACH'] : array();
$attachedFiles = array();
} else {
if ($arProps[$currentKey]['PROPERTY_TYPE'] === 'L' && $arProps[$currentKey]['USER_TYPE'] === '') {
$propValueHash = md5($data);
if (!isset($arPropertyListCache[$propID])) {
$arPropertyListCache[$propID] = array();
$propEnumRes = CIBlockPropertyEnum::GetList(array('SORT' => 'ASC', 'VALUE' => 'ASC'), array('IBLOCK_ID' => $catalogID, 'PROPERTY_ID' => $propID));
while ($propEnumValue = $propEnumRes->Fetch()) {
$arPropertyListCache[$propID][md5($propEnumValue['VALUE'])] = $propEnumValue['ID'];
}
}
if (isset($arPropertyListCache[$propID][$propValueHash])) {
$prop = array('VALUE' => $arPropertyListCache[$propID][$propValueHash]);
}
} else {
if ($arProps[$currentKey]['PROPERTY_TYPE'] === 'F' && $arProps[$currentKey]['USER_TYPE'] === '') {
if (CCrmUrlUtil::HasScheme($data) && CCrmUrlUtil::IsSecureUrl($data)) {
$data = CFile::MakeFileArray($data);
$file = new CFile();
if (is_array($data) && strlen($file->CheckFile($data)) === 0) {
$prop = array('VALUE' => array_merge($data, array('MODULE_ID' => 'crm')));
}
unset($file);
}
} else {
if ($arProps[$currentKey]['PROPERTY_TYPE'] === 'S' && $arProps[$currentKey]['USER_TYPE'] === 'HTML') {
if (strtoupper(substr($data, 0, 6)) !== '[TEXT]') {
if ($sanitizer === null || !$sanitizer instanceof CBXSanitizer) {
$sanitizer = new CBXSanitizer();
$sanitizer->ApplyDoubleEncode(false);
$sanitizer->SetLevel(CBXSanitizer::SECURE_LEVEL_LOW);
}
public static function TryResolveFile($var, &$file, $options = array())
{
if (!is_array($options)) {
$options = array();
}
$result = null;
if (is_array($var)) {
if (isset($options['ENABLE_UPLOAD']) && $options['ENABLE_UPLOAD'] && self::IsUploadedFile($var)) {
$result = $var;
}
} elseif (is_numeric($var)) {
if (isset($options['ENABLE_ID']) && $options['ENABLE_ID']) {
$result = CFile::MakeFileArray($var);
}
} elseif (is_string($var)) {
$path = CCrmUrlUtil::ToAbsoluteUrl($var);
//Parent directories and not secure URLs are not allowed.
if ($path !== '' && !CHTTP::isPathTraversalUri($path) && CCrmUrlUtil::IsSecureUrl($path)) {
$result = CFile::MakeFileArray($path);
}
}
if (is_array($result)) {
$result['MODULE_ID'] = 'crm';
$file = $result;
return true;
}
return false;
}
public static function TryResolveFile(&$path, &$file, $arOptions = array())
{
$result = null;
if (is_numeric($path)) {
if (is_array($arOptions) && isset($arOptions['ENABLE_ID']) && $arOptions['ENABLE_ID']) {
$result = CFile::MakeFileArray($path);
}
} elseif (is_string($path)) {
$absPath = CCrmUrlUtil::ToAbsoluteUrl($path);
//Parent directories and not secure URLs are not allowed.
if ($absPath !== '' && preg_match('/[\\/,\\\\]\\.\\.[\\/,\\\\]/', $absPath) !== 1 && CCrmUrlUtil::IsSecureUrl($absPath)) {
$result = CFile::MakeFileArray($absPath);
}
}
if (is_array($result)) {
$result['MODULE_ID'] = 'crm';
$file = $result;
return true;
}
return false;
}
