public function Authorize() { // var_dump( $skip_check_user_data); $GLOBALS["APPLICATION"]->RestartBuffer(); if(isset($_REQUEST["vk_session"]["user"]["id"])) { global $skip_check_user_data; if(self::CheckUserData($_REQUEST["vk_session"]["sig"]) || $skip_check_user_data) { CUtil::decodeURIComponent($_REQUEST); $u_id = $_REQUEST["vk_session"]["user"]["id"]; $arFields = array( 'EXTERNAL_AUTH_ID' => self::ID, 'WORK_NOTES' => self::ID, //это для того, чтоб можно было избавится от EXTERNAL_AUTH_ID и разрешить авторизовываться несколькими способами одновременно 'XML_ID' => $u_id, 'LOGIN' => "id".$u_id, 'NAME'=> $_REQUEST["vk_session"]["user"]["first_name"], 'LAST_NAME'=> $_REQUEST["vk_session"]["user"]["last_name"], ); if($this->AuthorizeUser($arFields)){ if($skip_check_user_data){ return true; } die("OK"); } } } die("FAILURE"); }
public function Authorize() { $GLOBALS["APPLICATION"]->RestartBuffer(); if(isset($_REQUEST["mailru_sess"]["sig"]) && isset($_REQUEST["mailru_user"]["uid"])) { if(self::CheckUserData($_REQUEST["mailru_sess"]["sig"])) { CUtil::decodeURIComponent($_REQUEST); $arFields = array( 'EXTERNAL_AUTH_ID' => self::ID, 'XML_ID' => $_REQUEST["mailru_user"]["uid"], 'LOGIN' => $_REQUEST["mailru_user"]["email"], 'EMAIL' => $_REQUEST["mailru_user"]["email"], 'NAME'=> $_REQUEST["mailru_user"]["first_name"], 'LAST_NAME'=> $_REQUEST["mailru_user"]["last_name"], ); if($this->AuthorizeUser($arFields)) die("OK"); } } die("FAILURE"); }
if ($res) { if ($apply != "") { $_SESSION["SESS_ADMIN"]["FAVORITES_EDIT_MESSAGE"] = array("MESSAGE" => GetMessage("fav_edit_success"), "TYPE" => "OK"); LocalRedirect("favorite_edit.php?ID=" . $ID . "&lang=" . LANG); } else { LocalRedirect($_REQUEST["addurl"] != "" ? $_REQUEST["addurl"] : "favorite_list.php?lang=" . LANG); } } else { if ($e = $APPLICATION->GetException()) { $message = new CAdminMessage(GetMessage("fav_edit_error"), $e); } $bVarsFromForm = true; } } if ($_REQUEST["encoded"] == "Y") { CUtil::decodeURIComponent($_REQUEST["name"]); } $str_NAME = htmlspecialcharsbx($_REQUEST["name"]); $str_URL = htmlspecialcharsbx($_REQUEST["addurl"]); $str_C_SORT = 100; $str_COMMON = 'N'; $str_USER_ID = $USER->GetID(); $str_LANGUAGE_ID = LANGUAGE_ID; if ($ID > 0) { $fav = CFavorites::GetByID($ID); if (!($fav_arr = $fav->ExtractFields("str_"))) { $ID = 0; } } if ($bVarsFromForm) { $DB->InitTableVarsForEdit("b_favorite", "", "str_");
private function checkActions() { if ($this->request["ENTITY_XML_ID"] !== $this->feed->getEntity()->getXmlId()) { return null; } $post = array_merge($this->request->getQueryList()->toArray(), $this->request->getPostList()->toArray()); $action = strtolower($post["comment_review"] == "Y" ? strtolower($post['REVIEW_ACTION']) == "edit" ? "edit" : "add" : $post['REVIEW_ACTION']); if (!in_array($action, array("add", 'del', 'hide', 'show', 'edit'))) { return null; } $actionErrors = new ErrorCollection(); $arPost = array(); if (!check_bitrix_sessid()) { $actionErrors->addOne(new Error(Loc::getMessage("F_ERR_SESSION_TIME_IS_UP"), self::ERROR_ACTION)); } else { if (!$this->checkCaptcha($actionErrors)) { $actionErrors->addOne(new Error(Loc::getMessage("POSTM_CAPTCHA"), self::ERROR_ACTION)); } else { if ($post["AJAX_POST"] == "Y") { CUtil::decodeURIComponent($post); } if ($action == "add" || $action == "edit") { $arPost = array("POST_MESSAGE" => $post["REVIEW_TEXT"], "AUTHOR_NAME" => $this->getUser()->isAuthorized() ? $this->getUserName() : (empty($post["REVIEW_AUTHOR"]) ? $GLOBALS["FORUM_STATUS_NAME"]["guest"] : $post["REVIEW_AUTHOR"]), "AUTHOR_EMAIL" => $post["REVIEW_EMAIL"], "USE_SMILES" => $post["REVIEW_USE_SMILES"]); foreach (GetModuleEvents('forum', 'OnCommentAdd', true) as $arEvent) { if (ExecuteModuleEventEx($arEvent, array($this->feed->getEntity()->getType(), $this->feed->getEntity()->getId(), &$arPost)) === false) { $actionErrors->addOne(new Error(isset($arPost['ERROR']) ? $arPost['ERROR'] : Loc::getMessage("F_ERR_DURING_ACTIONS") . print_r($arEvent, true), self::ERROR_ACTION)); } } } } } if (!$actionErrors->hasErrors()) { if ($action == "add" || $action == "edit") { $message = $action == "add" ? $this->feed->add($arPost) : $this->feed->edit($this->request["MID"], $arPost); if ($message && $this->request["TOPIC_SUBSCRIBE"] == "Y") { ForumSubscribeNewMessagesEx($this->arParams["FORUM_ID"], $message["TOPIC_ID"], "N", $strErrorMessage, $strOKMessage); BXClearCache(true, "/bitrix/forum/user/" . $this->getUser()->getId() . "/subscribe/"); } } elseif ($action == "show" || $action == "hide") { $message = $this->feed->moderate($this->request["MID"], $action == "show"); } else { $message = $this->feed->delete($this->request["MID"]); } if ($this->feed->hasErrors()) { $actionErrors->add($this->feed->getErrors()); } else { if ($this->request["NOREDIRECT"] != "Y" && !$this->isAjaxRequest()) { $strURL = $this->request["back_page"] ?: $this->getApplication()->GetCurPageParam("", array("MID", "SEF_APPLICATION_CUR_PAGE_URL", BX_AJAX_PARAM_ID, "result", "sessid", "bxajaxid")); $strURL = ForumAddPageParams($strURL, array("MID" => $message["ID"], "result" => $message["APPROVED"] == "Y" ? "reply" : "not_approved")); LocalRedirect($strURL); } else { $this->arResult['RESULT'] = $message["ID"]; if ($action == "add") { $this->arResult['OK_MESSAGE'] = $message["APPROVED"] == "Y" ? GetMessage("COMM_COMMENT_OK") : GetMessage("COMM_COMMENT_OK_AND_NOT_APPROVED"); } else { if ($action == "edit") { $this->arResult['OK_MESSAGE'] = Loc::getMessage("COMM_COMMENT_UPDATED"); } else { if ($action == "show") { $this->arResult['OK_MESSAGE'] = Loc::getMessage("COMM_COMMENT_SHOWN"); } else { if ($action == "hide") { $this->arResult['OK_MESSAGE'] = Loc::getMessage("COMM_COMMENT_HIDDEN"); } else { $this->arResult['OK_MESSAGE'] = Loc::getMessage("COMM_COMMENT_DELETED"); } } } } } } } if ($actionErrors->hasErrors()) { /** @var $error Error */ $this->arResult["RESULT"] = false; $this->arResult["OK_MESSAGE"] = ''; foreach ($actionErrors->toArray() as $error) { $this->arResult['ERROR_MESSAGE'] .= $error->getMessage(); } return false; } return true; }
public function UnEscape($aFilter) { if(defined("FX_UTF")) return; if(!is_array($aFilter)) return; foreach($aFilter as $flt) if(is_string($GLOBALS[$flt]) && CUtil::DetectUTF8($GLOBALS[$flt])) CUtil::decodeURIComponent($GLOBALS[$flt]); }
<?php define("STOP_STATISTICS", true); require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_before.php"; require_once "functions.php"; CModule::IncludeModule('socialnetwork'); if (!$USER->IsAuthorized()) { die; } $SITE_ID = isset($_GET["SITE_ID"]) ? $_GET["SITE_ID"] : SITE_ID; if ($_REQUEST["mode"] == "search") { CUtil::decodeURIComponent($_GET); $APPLICATION->RestartBuffer(); CSocNetTools::InitGlobalExtranetArrays($SITE_ID); $arFilter = array("SITE_ID" => $SITE_ID, "%NAME" => $_GET["query"]); if (!CSocNetUser::IsCurrentUserModuleAdmin($SITE_ID)) { $arFilter["CHECK_PERMISSIONS"] = $USER->GetID(); } $rsGroups = CSocNetGroup::GetList(array("NAME" => "ASC"), $arFilter); $arGroups = array(); while ($arGroup = $rsGroups->Fetch()) { if (isset($GLOBALS["arExtranetGroupID"]) && is_array($GLOBALS["arExtranetGroupID"]) && in_array($arGroup["ID"], $GLOBALS["arExtranetGroupID"])) { $arGroup["IS_EXTRANET"] = "Y"; } $arGroups[] = group2JSItem($arGroup); } if (isset($_REQUEST["features_perms"]) && sizeof($_REQUEST["features_perms"]) == 2) { filterByFeaturePerms($arGroups, $_REQUEST["features_perms"]); } Header('Content-Type: application/x-javascript; charset=' . LANG_CHARSET); echo CUtil::PhpToJsObject($arGroups);
<?php ############################################## # Bitrix Site Manager # # Copyright (c) 2002-2007 Bitrix # # http://www.bitrixsoft.com # # mailto:admin@bitrixsoft.com # ############################################## // define("NO_KEEP_STATISTIC", true); // define("NO_AGENT_STATISTIC", true); // define("NOT_CHECK_PERMISSIONS", true); require $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_admin_before.php"; if ($USER->IsAuthorized() && check_bitrix_sessid()) { if ($_GET["action"] == "delete" && $_GET["c"] != "" && $_GET["n"] != "") { CUserOptions::DeleteOption($_GET["c"], $_GET["n"], $_GET["common"] == "Y" && $GLOBALS["USER"]->CanDoOperation('edit_other_settings')); } if (is_array($_REQUEST["p"])) { $arOptions = $_REQUEST["p"]; CUtil::decodeURIComponent($arOptions); CUserOptions::SetOptionsFromArray($arOptions); } } echo "OK"; require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/epilog_admin_after.php";
} if (isset($_GET['lead_id'])) { $arFields['LEAD_ID'] = intval($_GET['lead_id']); if ($arFields['LEAD_ID'] > 0) { $bCreateFromLead = true; } } if (isset($_GET['deal_id'])) { $arFields['DEAL_ID'] = intval($_GET['deal_id']); if ($arFields['DEAL_ID'] > 0) { $bCreateFromDeal = true; } } if (isset($_GET['title'])) { $arFields['~TITLE'] = $_GET['title']; CUtil::decodeURIComponent($arFields['~TITLE']); $arFields['TITLE'] = htmlspecialcharsbx($arFields['~TITLE']); } $bCreateFrom = $bCreateFromLead || $bCreateFromDeal || $bCreateFromCompany || $bCreateFromContact; $leadId = isset($arFields['LEAD_ID']) ? intval($arFields['LEAD_ID']) : 0; $dealId = isset($arFields['DEAL_ID']) ? intval($arFields['DEAL_ID']) : 0; $contactId = isset($arFields['CONTACT_ID']) ? intval($arFields['CONTACT_ID']) : 0; $companyId = isset($arFields['COMPANY_ID']) ? intval($arFields['COMPANY_ID']) : 0; // create from contact if ($contactId > 0) { $dbContact = CCrmContact::GetListEx(array('ID' => 'DESC'), array('ID' => $contactId), false, array('nTopCount' => 1), array('ID', 'LEAD_ID')); if ($arContact = $dbContact->Fetch()) { if (isset($arContact['LEAD_ID']) && intval($arContact['LEAD_ID']) > 0) { $arFields['~LEAD_ID'] = $arFields['LEAD_ID'] = intval($arContact['LEAD_ID']); } }
if ($bCanAddComments) { // add source object and get source_id, $source_url $arParams = array( "PATH_TO_SMILE" => $_REQUEST["p_smile"], "PATH_TO_USER_BLOG_POST" => $_REQUEST["p_ubp"], "PATH_TO_GROUP_BLOG_POST" => $_REQUEST["p_gbp"], "PATH_TO_USER_MICROBLOG_POST" => $_REQUEST["p_umbp"], "PATH_TO_GROUP_MICROBLOG_POST" => $_REQUEST["p_gmbp"], "BLOG_ALLOW_POST_CODE" => $_REQUEST["bapc"] ); $parser = new logTextParser(LANGUAGE_ID, $arParams["PATH_TO_SMILE"]); $comment_text = $_REQUEST["message"]; CUtil::decodeURIComponent($comment_text); $comment_text = Trim($comment_text); if (strlen($comment_text) > 0) { $arSearchParams = array(); if($arCommentEvent["EVENT_ID"] == "forum") { $arSearchParams["FORUM_ID"] = intval($_REQUEST["f_id"]); $arSearchParams["PATH_TO_GROUP_FORUM_MESSAGE"] = ( $arLog["ENTITY_TYPE"] == SONET_SUBSCRIBE_ENTITY_GROUP ? str_replace( "#GROUPS_PATH#", COption::GetOptionString("socialnetwork", "workgroups_page", false, $site_id), $arLog["URL"]
<?php define("STOP_STATISTICS", true); require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_admin_before.php"; require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_admin_js.php"; if (CModule::IncludeModule("search")) { CUtil::decodeURIComponent($_REQUEST); if (!empty($_REQUEST["search"])) { $arResult = array(); $order = CUserOptions::GetOption("search_tags", "order", "CNT"); if ($_REQUEST["order_by"] == "NAME") { $arOrder = array("NAME" => "ASC"); if ($order != "NAME") { CUserOptions::SetOption("search_tags", "order", "NAME"); } } else { $arOrder = array("CNT" => "DESC", "NAME" => "ASC"); if ($order != "CNT") { CUserOptions::SetOption("search_tags", "order", "CNT"); } } $db_res = CSearchTags::GetList(array("NAME", "CNT"), array("TAG" => $_REQUEST["search"], "SITE_ID" => $_REQUEST["site_id"]), $arOrder, 10); if ($db_res) { while ($res = $db_res->Fetch()) { $arResult[] = array("NAME" => $res["NAME"], "CNT" => $res["CNT"]); } } echo CUtil::PhpToJSObject($arResult); } } require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/epilog_admin_js.php";
$arPermTypes[$arRes['ID']] = Array( 'title' => $name, 'letter' => $arRes['LETTER'] ); } $arPermTypes['NOT_REF'] = Array( 'title' => GetMessage("FILEMAN_FOLDER_ACCESS_INHERIT"), 'letter' => 'N' ); $strWarning = ""; $arFiles = Array(); if (count($files) > 0) { CUtil::decodeURIComponent($files); for($i=0; $i<count($files); $i++) { if(!$USER->CanDoFileOperation('fm_edit_permission',Array($site, $path."/".$files[$i]))) $strWarning .= GetMessage("FILEMAN_ACCESS_TO_DENIED")." \"".$files[$i]."\".\n"; elseif($files[$i] != '.') $arFiles[] = $files[$i]; } } else { $arPDirs = array(); $arPFiles = array(); CFileMan::GetDirList(Array($site, $path), $arPDirs, $arPFiles, array("MIN_PERMISSION" => "X"), array(), "DF"); foreach ($arPDirs as $dir)
} if (!CModule::IncludeModule("forum")) { return false; } elseif (!($_REQUEST["comment_review"] == "Y" || in_array($_REQUEST['REVIEW_ACTION'], array('DEL', 'HIDE', 'SHOW', 'EDIT')))) { return false; } elseif ($_REQUEST['REVIEW_ACTION'] == "EDIT" && $_REQUEST["MID"] > 0 && (!$arResult["TOPIC"] || $arResult["USER"]["RIGHTS"]["MODERATE"] !== "Y" && $arParams["ALLOW_EDIT_OWN_MESSAGE"] == "N")) { return false; } $this->IncludeComponentLang("action.php"); // Check gross errors message data $APPLICATION->RestartBuffer(); /** @var $request \Bitrix\Main\HttpRequest */ $request = \Bitrix\Main\Context::getCurrent()->getRequest(); $post = array_merge($request->getQueryList()->toArray(), $request->getPostList()->toArray()); if ($post["AJAX_POST"] == "Y") { CUtil::decodeURIComponent($post); } if (!check_bitrix_sessid()) { $arError[] = array("code" => "session time is up", "title" => GetMessage("F_ERR_SESSION_TIME_IS_UP")); } elseif ($arResult["USER"]['PERMISSION'] <= "E") { $arError[] = array("code" => "access denied", "title" => GetMessage("F_ERR_NOT_RIGHT_FOR_ADD")); } elseif ($post['REVIEW_ACTION'] == "EDIT" || $post['REVIEW_ACTION'] == "DEL") { $arResult["MESSAGE"] = CForumMessage::GetById($post["MID"]); if ($arResult["MESSAGE"]["TOPIC_ID"] != $arResult["TOPIC"]["ID"] || $arResult["USER"]["RIGHTS"]["EDIT"] !== "Y" && ($arResult["MESSAGE"]["AUTHOR_ID"] <= 0 || $arResult["MESSAGE"]["AUTHOR_ID"] != $GLOBALS["USER"]->GetID() || $arParams["ALLOW_EDIT_OWN_MESSAGE"] == "LAST" && $arResult["MESSAGE"]["ID"] != $arResult["TOPIC"]["ABS_LAST_MESSAGE_ID"])) { $arError[] = array("code" => "access denied", "title" => GetMessage("F_ERR_NOT_RIGHT_FOR_EDIT")); } } if (!empty($arError)) { } elseif ((empty($_REQUEST["preview_comment"]) || $_REQUEST["preview_comment"] == "N") && $_REQUEST["comment_review"] == "Y") { $arProperties = array(); $needProperty = array();
public function executeComponent() { if (!CModule::IncludeModule('webdav')) { return false; } $isVisual = isset($this->arParams['VISUAL']) ? (bool) $this->arParams['VISUAL'] : true; $pathToAjax = isset($this->arParams['AJAX_PATH']) ? $this->arParams['AJAX_PATH'] : '/bitrix/components/bitrix/webdav.disk/ajax.php'; try { if ($isVisual) { $diskEnabled = \Bitrix\Main\Config\Option::get('disk', 'successfully_converted', false) && CModule::includeModule('disk'); $quota = CDiskQuota::GetDiskQuota(); $this->arResult['showDiskQuota'] = false; //$quota !== true; //now without quota $this->arResult['diskSpace'] = (double) COption::GetOptionInt('main', 'disk_space') * 1024 * 1024; $this->arResult['quota'] = $quota; $this->arResult['ajaxIndex'] = $pathToAjax; $this->arResult['ajaxStorageIndex'] = '/desktop_app/storage.php'; if ($diskEnabled) { $this->arResult['isInstalledDisk'] = \Bitrix\Disk\Desktop::isDesktopDiskInstall(); $this->arResult['personalLibIndex'] = '/company/personal/user/' . $this->getUser()->getId() . '/disk/path/'; } else { $this->arResult['isInstalledDisk'] = (bool) CWebDavTools::isDesktopDiskInstall(); $this->arResult['personalLibIndex'] = '/company/personal/user/' . $this->getUser()->getId() . '/files/lib/'; } $this->arResult['isInstalledPull'] = (bool) IsModuleInstalled('pull'); $this->arResult['currentUser'] = array('id' => $this->getUser()->getId(), 'formattedName' => $this->getUser()->getFormattedName()); $this->getApplication()->addHeadScript('/bitrix/components/bitrix/webdav.disk/disk.js'); $this->includeComponentTemplate(); return; } CTimeZone::Disable(); //decode from utf-8 to site LANG_CHARSET CUtil::decodeURIComponent($_POST); $this->checkUser()->runAction(); CTimeZone::Enable(); } catch (CWebDavBadStorageAfterMigrateException $e) { CTimeZone::Enable(); $this->sendJsonResponse(array('status' => CWebDavDiskDispatcher::STATUS_ERROR, 'message' => 'Could not get Disk\\Storage. Perhaps, it is old client, which does not reconnect. '), 500); } catch (CWebDavSymlinkMoveFakeErrorException $e) { CTimeZone::Enable(); $this->sendJsonResponse(array('status' => CWebDavDiskDispatcher::STATUS_ERROR, 'message' => 'This is not really error. Move symlink folders.')); } catch (CWebDavAccessDeniedException $e) { CTimeZone::Enable(); $this->sendJsonResponse(array('status' => CWebDavDiskDispatcher::STATUS_ACCESS_DENIED, 'message' => $e->getMessage())); } catch (Exception $e) { CTimeZone::Enable(); $response = array('status' => 'error', 'message' => $e->getMessage()); if ($this->dispatcher) { $errors = $this->dispatcher->getErrors(); if ($errors) { $response['detail'] = $errors; } } $this->sendJsonResponse($response); } return; }
if (!($USER->CanDoOperation('fileman_admin_files') || $USER->CanDoOperation('fileman_edit_existent_files') || $USER->CanDoOperation('fileman_view_file_structure'))) $APPLICATION->AuthForm(GetMessage("ACCESS_DENIED")); require_once($_SERVER["DOCUMENT_ROOT"]."/freetrix/modules/fileman/include.php"); IncludeModuleLangFile(__FILE__); $addUrl = 'lang='.LANGUAGE_ID.($logical == "Y"?'&logical=Y':''); $strWarning = ""; $site = CFileMan::__CheckSite($site); $DOC_ROOT = CSite::GetSiteDocRoot($site); $io = CBXVirtualIo::GetInstance(); if (CUtil::DetectUTF8($path)) CUtil::decodeURIComponent($path); $path = $io->CombinePath("/", $path); $arParsedPath = CFileMan::ParsePath(Array($site, $path), false, false, "", $logical == "Y"); $abs_path = $DOC_ROOT.$path; $arPath = Array($site, $path); $APPLICATION->SetTitle(GetMessage("FILEMAN_FILEVIEW_TITLE")." \"".$arParsedPath["LAST"]."\""); foreach ($arParsedPath["AR_PATH"] as $chainLevel) { $adminChain->AddItem( array( "TEXT" => htmlspecialcharsex($chainLevel["TITLE"]), "LINK" => ((strlen($chainLevel["LINK"]) > 0) ? $chainLevel["LINK"] : ""), )
$aUserId[] = intval($id); } } } elseif (intval($_REQUEST["user_id"]) > 0) { $aUserId[] = IntVal($_REQUEST["user_id"]); } $aUserId = array_unique($aUserId); $mptr = Trim($_REQUEST["mptr"]); if (!$GLOBALS["USER"]->IsAuthorized()) { echo "*"; } else { if (!check_bitrix_sessid()) { echo GetMessage("SONET_C50_ERR_PERMS") . "."; } else { $message = $_REQUEST["data"]; CUtil::decodeURIComponent($message); $message = Trim($message); if (StrLen($message) <= 0) { echo GetMessage("SONET_C50_NO_TEXT") . "."; } else { if (empty($aUserId)) { echo GetMessage("SONET_C50_NO_USER_ID") . "."; } else { foreach ($aUserId as $userID) { if (!CSocNetUserPerms::CanPerformOperation($GLOBALS["USER"]->GetID(), $userID, "message", CSocNetUser::IsCurrentUserModuleAdmin(false))) { echo GetMessage("SONET_C50_CANT_WRITE") . "."; } else { $errorMessage = ""; if (!CSocNetMessages::CreateMessage($GLOBALS["USER"]->GetID(), $userID, $message)) { if ($e = $GLOBALS["APPLICATION"]->GetException()) { $errorMessage .= $e->GetString();
if (!Main\Loader::includeModule('catalog')) { die; } Main\Loader::includeModule('fileman'); Main\Page\Asset::getInstance()->addJs('/bitrix/js/catalog/tbl_edit.js'); $arJSDescription = array('js' => '/bitrix/js/iblock/sub_generator.js', 'css' => '/bitrix/panel/iblock/sub-generator.css', 'lang' => '/bitrix/modules/iblock/lang/' . LANGUAGE_ID . '/admin/iblock_subelement_generator.php'); CJSCore::RegisterExt('iblock_generator', $arJSDescription); CJSCore::Init(array('iblock_generator', 'file_input')); define('IB_SEG_ROW_PREFIX', 'IB_SEG_'); $subIBlockId = intval($_REQUEST["subIBlockId"]); $subPropValue = intval($_REQUEST["subPropValue"]); $subTmpId = intval($_REQUEST["subTmpId"]); $iBlockId = intval($_REQUEST["iBlockId"]); $findSection = intval($_REQUEST["findSection"]); $arSKUInfo = CCatalogSKU::GetInfoByOfferIBlock($subIBlockId); CUtil::decodeURIComponent($_POST['PRODUCT_NAME']); $parentProductName = trim($_POST['PRODUCT_NAME']); $useStoreControl = (string) Main\Config\Option::get('catalog', 'default_use_store_control') == 'Y'; if ($arSKUInfo == false) { ShowError("SKU error!"); } $APPLICATION->SetTitle(GetMessage("IB_SEG_MAIN_TITLE")); /** * @param $intRangeID * @param $strPrefix * @return string */ function __AddCellPriceType($intRangeID, $strPrefix) { $dbCatalogGroups = CCatalogGroup::GetList(array("SORT" => "ASC", "NAME" => "ASC", "ID" => "ASC")); $priceTypeCellOption = '';
public static function SetCookieOptions($cookieName) { //last user setting $varCookie = array(); parse_str($_COOKIE[$cookieName], $varCookie); setcookie($cookieName, false, false, "/"); if (is_array($varCookie["p"]) && $varCookie["sessid"] == bitrix_sessid()) { $arOptions = $varCookie["p"]; CUtil::decodeURIComponent($arOptions); CUserOptions::SetOptionsFromArray($arOptions); } }
function JSPostUnescape() { CUtil::decodeURIComponent($_POST); CUtil::decodeURIComponent($_REQUEST); }
<?php define('NO_KEEP_STATISTIC', 'Y'); define('NO_AGENT_STATISTIC', 'Y'); require $_SERVER['DOCUMENT_ROOT'] . '/bitrix/modules/main/include/prolog_before.php'; if (!CModule::IncludeModule('crm')) { return false; } ?> <script> BX.loadCSS('/bitrix/components/bitrix/crm.event.add/templates/.default/style.css'); </script> <?php //Crutch for BX.ajax.submitAjax (we have urlencoded multipart data) CUtil::JSPostUnescape(); if (isset($_FILES['ATTACH'])) { CUtil::decodeURIComponent($_FILES['ATTACH']); } $APPLICATION->IncludeComponent('bitrix:crm.event.add', '', array('ENTITY_TYPE' => $_REQUEST['ENTITY_TYPE'], 'ENTITY_ID' => intval($_REQUEST['ENTITY_ID']), 'FORM_TYPE' => $_REQUEST['FORM_TYPE'], 'FORM_ID' => isset($_REQUEST['FORM_ID']) ? $_REQUEST['FORM_ID'] : '', 'EVENT_TYPE' => isset($_REQUEST['EVENT_TYPE']) ? $_REQUEST['EVENT_TYPE'] : '', 'FREEZE_EVENT_ID' => isset($_REQUEST['FREEZE_EVENT_ID']) ? $_REQUEST['FREEZE_EVENT_ID'] : '', 'AJAX_MODE' => 'Y', 'AJAX_OPTION_JUMP' => 'N', 'AJAX_OPTION_HISTORY' => 'N'), false); require $_SERVER['DOCUMENT_ROOT'] . '/bitrix/modules/main/include/epilog_after.php';
} return false; } if($_REQUEST["mode"] == "save_recent") { if($_REQUEST["url"] <> "") { $nLinks = 5; if($aUserOpt["start_menu_links"] <> "") $nLinks = intval($aUserOpt["start_menu_links"]); $aRecent = CUserOptions::GetOption("start_menu", "recent", array()); CUtil::decodeURIComponent($_REQUEST["text"]); CUtil::decodeURIComponent($_REQUEST["title"]); $aLink = array("url"=>$_REQUEST["url"], "text"=>$_REQUEST["text"], "title"=>$_REQUEST["title"], "icon"=>$_REQUEST["icon"]); if(($pos = array_search($aLink, $aRecent)) !== false) unset($aRecent[$pos]); array_unshift($aRecent, $aLink); $aRecent = array_slice($aRecent, 0, $nLinks); CUserOptions::SetOption("start_menu", "recent", $aRecent); } echo "OK"; } elseif($_REQUEST["mode"] == "dynamic") { //admin menu - dynamic sections $adminMenu->AddOpenedSections($_REQUEST["admin_mnu_menu_id"]);
if (isset($_GET['address_country'])) { $arFields['~ADDRESS_COUNTRY'] = $_GET['address_country']; CUtil::decodeURIComponent($arFields['~ADDRESS_COUNTRY']); $arFields['ADDRESS_COUNTRY'] = htmlspecialcharsbx($arFields['~ADDRESS_COUNTRY']); } if (isset($_GET['email']) || isset($_GET['phone']) || isset($_GET['tel'])) { if (isset($_GET['email'])) { $email = $_GET['email']; CUtil::decodeURIComponent($email); trim($email); } else { $email = ''; } if (isset($_GET['phone']) || isset($_GET['tel'])) { $phone = isset($_GET['phone']) ? $_GET['phone'] : $_GET['tel']; CUtil::decodeURIComponent($phone); trim($phone); } else { $phone = ''; } $arFields['FM'] = array(); if ($email !== '') { $arFields['FM']['EMAIL'] = array('n0' => array('VALUE' => $email, 'VALUE_TYPE' => 'WORK')); } if ($phone !== '') { $arFields['FM']['PHONE'] = array('n0' => array('VALUE' => $phone, 'VALUE_TYPE' => 'WORK')); } } } $arResult['ELEMENT'] = $arFields; unset($arFields);
$subURL = ''; if (is_array($arNotSefParams[1]) && !empty($arNotSefParams[1])) { foreach ($arNotSefParams[1] as $subURLParam) { $subURL .= '&' . htmlspecialcharsbx($arVariableAliases[$subURLParam]) . '=#' . $subURLParam . '#'; } } if (strlen($arParams["PATH_TO_" . ToUpper($url)]) <= 0) { $arResult["PATH_TO_" . ToUpper($url)] = htmlspecialcharsbx($APPLICATION->GetCurPage()) . "?" . htmlspecialcharsbx($arVariableAliases["page"]) . "=" . $url . $subURL; } } $arResult["PATH_TO_BLOG_CATEGORY"] = htmlspecialcharsbx($APPLICATION->GetCurPage()) . '?tag=#category_id#'; } $arResult["~PATH_TO_POST_ADD"] = CComponentEngine::MakePathFromTemplate($arResult["PATH_TO_POST_EDIT"], array("post_id" => "new")); $arResult["~PATH_TO_USER_IDEAS"] = CComponentEngine::MakePathFromTemplate($arResult["PATH_TO_USER_IDEAS"], array("user_id" => $USER->GetID())); $arResult["~PATH_TO_USER_SUBSCRIBE"] = CComponentEngine::MakePathFromTemplate($arResult["PATH_TO_USER_SUBSCRIBE"], array("user_id" => $USER->GetID())); $arResult = array_merge(array("SEF_MODE" => $arParams["SEF_MODE"], "SEF_FOLDER" => $arParams["SEF_FOLDER"], "VARIABLES" => $arVariables, "ALIASES" => $arParams["SEF_MODE"] == "Y" ? array() : $arVariableAliases, "SET_TITLE" => $arParams["SET_TITLE"], "PATH_TO_SMILE" => $arParams["PATH_TO_SMILE"], "CACHE_TYPE" => $arParams["CACHE_TYPE"], "CACHE_TIME" => $arParams["CACHE_TIME"], "CACHE_TIME_LONG" => $arParams["CACHE_TIME_LONG"], "SET_NAV_CHAIN" => $arParams["SET_NAV_CHAIN"], "MESSAGE_COUNT" => $arParams["MESSAGE_COUNT"], "BLOG_COUNT" => $arParams["BLOG_COUNT"], "COMMENTS_COUNT" => $arParams["COMMENTS_COUNT"], "BLOG_COUNT_MAIN" => $arParams["BLOG_COUNT_MAIN"], "DATE_TIME_FORMAT" => $arParams["DATE_TIME_FORMAT"], "PERIOD_DAYS" => $arParams["PERIOD_DAYS"], "NAV_TEMPLATE" => $arParams["NAV_TEMPLATE"], "ACTIONS" => array(), "IS_CORPORTAL" => IsModuleInstalled('intranet') ? "Y" : "N", "IS_AJAX" => $_REQUEST["AJAX"] == 'IDEA' ? 'Y' : "N", "LIFE_SEARCH_QUERY" => CUtil::decodeURIComponent($_REQUEST["LIFE_SEARCH_QUERY"]) || true ? $_REQUEST["LIFE_SEARCH_QUERY"] : ""), $arResult); if ($arParams["DISABLE_SONET_LOG"] == "Y" || !IsModuleInstalled('socialnetwork')) { CIdeaManagment::getInstance()->Notification()->GetSonetNotify()->Disable(); } if ($arParams["DISABLE_EMAIL"] == "Y") { CIdeaManagment::getInstance()->Notification()->GetEmailNotify()->Disable(); } //Permissions $arResult["IDEA_MODERATOR"] = false; if (!empty($arParams["POST_BIND_USER"]) && array_intersect($USER->GetUserGroupArray(), $arParams["POST_BIND_USER"]) || $USER->IsAdmin()) { $arResult["IDEA_MODERATOR"] = true; } //Deprecated $arResult["PATH_TO_POST_ADD"] = $arResult["~PATH_TO_POST_ADD"]; $arParams["COMMENT_EDITOR_CODE_DEFAULT"] = $arParams[array_key_exists("COMMENT_EDITOR_CODE_DEFAULT", $arParams) ? "COMMENT_EDITOR_CODE_DEFAULT" : "EDITOR_CODE_DEFAULT"]; $arParams["COMMENT_EDITOR_RESIZABLE"] = $arParams[array_key_exists("COMMENT_EDITOR_RESIZABLE", $arParams) ? "COMMENT_EDITOR_RESIZABLE" : "EDITOR_RESIZABLE"];
$taskId = (int) $_REQUEST['TASK_ID']; $task = false; if ($taskId > 0) { $dbTask = CBPTaskService::GetList(array(), array("ID" => $taskId, "USER_ID" => $user->getId(), 'USER_STATUS' => CBPTaskUserStatus::Waiting), false, false, array("ID", "WORKFLOW_ID", "ACTIVITY", "ACTIVITY_NAME", "MODIFIED", "OVERDUE_DATE", "NAME", "DESCRIPTION", "PARAMETERS")); $task = $dbTask->fetch(); } if (!$task) { $result['SUCCESS'] = false; $result['ERROR'] = 'Task not found.'; } else { $task["PARAMETERS"]["DOCUMENT_ID"] = CBPStateService::GetStateDocumentId($task['WORKFLOW_ID']); $task["MODULE_ID"] = $task["PARAMETERS"]["DOCUMENT_ID"][0]; $task["ENTITY"] = $task["PARAMETERS"]["DOCUMENT_ID"][1]; $task["DOCUMENT_ID"] = $task["PARAMETERS"]["DOCUMENT_ID"][2]; $arErrorsTmp = array(); if (SITE_CHARSET != "utf-8" && !empty($_SERVER['HTTP_BX_AJAX'])) { CUtil::decodeURIComponent($_REQUEST); CUtil::decodeURIComponent($_FILES); } $formData = $_REQUEST + $_FILES; if (!CBPDocument::PostTaskForm($task, $user->getId(), $formData, $arErrorsTmp)) { $arError = array(); foreach ($arErrorsTmp as $e) { $arError[] = array("id" => "bad_task", "text" => $e["message"]); } $e = new CAdminException($arError); $result['ERROR'] = HTMLToTxt($e->GetString()); } } } echo CUtil::PhpToJSObject($result);
if (!CModule::IncludeModule("socialnetwork")) { echo CUtil::PhpToJsObject(array('ERROR' => 'MODULE_NOT_INSTALLED')); die; } if (check_bitrix_sessid()) { if (CModule::IncludeModule('extranet') && !CExtranet::IsIntranetUser()) { echo CUtil::PhpToJsObject(array('ERROR' => 'EXTRANET_USER')); } else { if (isset($_POST["nt"])) { preg_match_all("/(#NAME#)|(#LAST_NAME#)|(#SECOND_NAME#)|(#NAME_SHORT#)|(#SECOND_NAME_SHORT#)|\\s|\\,/", urldecode($_REQUEST["nt"]), $matches); $nameTemplate = implode("", $matches[0]); } else { $nameTemplate = CSite::GetNameFormat(false); } if ($_POST['LD_SEARCH'] == 'Y') { CUtil::decodeURIComponent($_POST); echo CUtil::PhpToJsObject(array('USERS' => CSocNetLogDestination::SearchUsers($_POST['SEARCH'], $nameTemplate, false, IsModuleInstalled("extranet")))); } elseif ($_POST['LD_DEPARTMENT_RELATION'] == 'Y' && IsModuleInstalled("intranet")) { echo CUtil::PhpToJsObject(array('USERS' => CSocNetLogDestination::GetUsers(array('deportament_id' => $_POST['DEPARTMENT_ID'], "NAME_TEMPLATE" => $nameTemplate), false))); } elseif (isset($_POST["bitrix_processes"])) { if (CModule::IncludeModule('lists')) { IncludeModuleLangFile(__FILE__); global $USER; $listsPerm = CListPermissions::CheckAccess($USER, COption::GetOptionString("lists", "livefeed_iblock_type_id"), false); if ($listsPerm < 0) { switch ($listsPerm) { case CListPermissions::WRONG_IBLOCK_TYPE: echo CUtil::PhpToJsObject(array('success' => false, 'error' => GetMessage("CC_BLL_WRONG_IBLOCK_TYPE"))); die; case CListPermissions::WRONG_IBLOCK: echo CUtil::PhpToJsObject(array('success' => false, 'error' => GetMessage("CC_BLL_WRONG_IBLOCK")));
public function AcceptFromForm($arParams) { if (!$this->provider) { return self::ERROR_NO_LIBRARY; } //no crypto library found $data = $_REQUEST['__RSA_DATA']; unset($_POST['__RSA_DATA']); unset($_REQUEST['__RSA_DATA']); unset($GLOBALS['__RSA_DATA']); if ($data == '') { return self::ERROR_EMPTY_DATA; } //no encrypted data if (strlen($data) >= self::MAX_ENCRIPTED_DATA) { return self::ERROR_BIG_DATA; } //too big encrypted data $data = $this->provider->Decrypt($data); if ($data == '') { return self::ERROR_DECODE; } //decoding error $data1 = substr($data, 0, -47); $sha1 = substr($data, -40); if ($sha1 != sha1($data1)) { return self::ERROR_INTEGRITY; } //integrity check error parse_str($data, $accepted_params); if ($accepted_params['__RSA_RAND'] == '') { return self::ERROR_SESS_VALUE; } //no session control value if ($accepted_params['__RSA_RAND'] != $_SESSION['__STORED_RSA_RAND']) { return self::ERROR_SESS_CHECK; } //session control value does not match CUtil::decodeURIComponent($accepted_params); foreach ($arParams as $k) { if (isset($accepted_params[$k])) { if (is_array($accepted_params[$k])) { foreach ($accepted_params[$k] as $key => $val) { $GLOBALS[$k][$key] = $_REQUEST[$k][$key] = $_POST[$k][$key] = $val; } } else { $GLOBALS[$k] = $_REQUEST[$k] = $_POST[$k] = $accepted_params[$k]; } } } return 0; //OK }
define("NO_AGENT_STATISTIC", true); define("NOT_CHECK_PERMISSIONS", true); define("FX_SEARCH_ADMIN", true); require($_SERVER["DOCUMENT_ROOT"]."/freetrix/modules/main/include/prolog_admin_before.php"); require($_SERVER["DOCUMENT_ROOT"]."/freetrix/modules/main/include/prolog_admin_js.php"); $start = getmicrotime(); $query = ltrim($_POST["q"]); if( !empty($query) && $_REQUEST["ajax_call"] === "y" && CModule::IncludeModule("search") ): CUtil::decodeURIComponent($query); $adminPage->Init(); //$adminMenu->AddOpenedSections("global_menu_content, global_menu_services, global_menu_store, global_menu_statistics, global_menu_settings"); $adminMenu->Init($adminPage->aModules); $arResult = array("CATEGORIES"=>array( "global_menu_content"=>array("ITEMS"=>array(), "TITLE"=>GetMessage('admin_lib_menu_content')), "global_menu_services"=>array("ITEMS"=>array(), "TITLE"=>GetMessage('admin_lib_menu_services')), "global_menu_store"=>array("ITEMS"=>array(), "TITLE"=>GetMessage('admin_lib_menu_store')), "global_menu_statistics"=>array("ITEMS"=>array(), "TITLE"=>GetMessage('admin_lib_menu_stat')), "global_menu_settings"=>array("ITEMS"=>array(), "TITLE"=>GetMessage('admin_lib_menu_settings')), ) ); $arStemFunc = stemming_init(LANGUAGE_ID);
if ($result['SUCCESS']) { $taskId = (int) $_REQUEST['TASK_ID']; $task = false; if ($taskId > 0) { $dbTask = CBPTaskService::GetList(array(), array("ID" => $taskId, "USER_ID" => $user->getId(), 'USER_STATUS' => CBPTaskUserStatus::Waiting), false, false, array("ID", "WORKFLOW_ID", "ACTIVITY", "ACTIVITY_NAME", "MODIFIED", "OVERDUE_DATE", "NAME", "DESCRIPTION", "PARAMETERS")); $task = $dbTask->fetch(); } if (!$task) { $result['SUCCESS'] = false; $result['ERROR'] = 'Task not found.'; } else { $task["PARAMETERS"]["DOCUMENT_ID"] = CBPStateService::GetStateDocumentId($task['WORKFLOW_ID']); $task["MODULE_ID"] = $task["PARAMETERS"]["DOCUMENT_ID"][0]; $task["ENTITY"] = $task["PARAMETERS"]["DOCUMENT_ID"][1]; $task["DOCUMENT_ID"] = $task["PARAMETERS"]["DOCUMENT_ID"][2]; $arErrorsTmp = array(); $formData = $_REQUEST + $_FILES; if (SITE_CHARSET != "utf-8" && !empty($_SERVER['HTTP_BX_AJAX'])) { CUtil::decodeURIComponent($formData); } if (!CBPDocument::PostTaskForm($task, $user->getId(), $formData, $arErrorsTmp)) { $arError = array(); foreach ($arErrorsTmp as $e) { $arError[] = array("id" => "bad_task", "text" => $e["message"]); } $e = new CAdminException($arError); $result['ERROR'] = HTMLToTxt($e->GetString()); } } } echo CUtil::PhpToJSObject($result);