public function Authorize()
{
// var_dump( $skip_check_user_data);
$GLOBALS["APPLICATION"]->RestartBuffer();
if(isset($_REQUEST["vk_session"]["user"]["id"]))
{
global $skip_check_user_data;
if(self::CheckUserData($_REQUEST["vk_session"]["sig"]) || $skip_check_user_data)
{
CUtil::decodeURIComponent($_REQUEST);
$u_id = $_REQUEST["vk_session"]["user"]["id"];
$arFields = array(
'EXTERNAL_AUTH_ID' => self::ID,
'WORK_NOTES' => self::ID, //это для того, чтоб можно было избавится от EXTERNAL_AUTH_ID и разрешить авторизовываться несколькими способами одновременно
'XML_ID' => $u_id,
'LOGIN' => "id".$u_id,
'NAME'=> $_REQUEST["vk_session"]["user"]["first_name"],
'LAST_NAME'=> $_REQUEST["vk_session"]["user"]["last_name"],
);
if($this->AuthorizeUser($arFields)){
if($skip_check_user_data){
return true;
}
die("OK");
}
}
}
die("FAILURE");
}
public function Authorize()
{
$GLOBALS["APPLICATION"]->RestartBuffer();
if(isset($_REQUEST["mailru_sess"]["sig"]) && isset($_REQUEST["mailru_user"]["uid"]))
{
if(self::CheckUserData($_REQUEST["mailru_sess"]["sig"]))
{
CUtil::decodeURIComponent($_REQUEST);
$arFields = array(
'EXTERNAL_AUTH_ID' => self::ID,
'XML_ID' => $_REQUEST["mailru_user"]["uid"],
'LOGIN' => $_REQUEST["mailru_user"]["email"],
'EMAIL' => $_REQUEST["mailru_user"]["email"],
'NAME'=> $_REQUEST["mailru_user"]["first_name"],
'LAST_NAME'=> $_REQUEST["mailru_user"]["last_name"],
);
if($this->AuthorizeUser($arFields))
die("OK");
}
}
die("FAILURE");
}
if ($res) {
if ($apply != "") {
$_SESSION["SESS_ADMIN"]["FAVORITES_EDIT_MESSAGE"] = array("MESSAGE" => GetMessage("fav_edit_success"), "TYPE" => "OK");
LocalRedirect("favorite_edit.php?ID=" . $ID . "&lang=" . LANG);
} else {
LocalRedirect($_REQUEST["addurl"] != "" ? $_REQUEST["addurl"] : "favorite_list.php?lang=" . LANG);
}
} else {
if ($e = $APPLICATION->GetException()) {
$message = new CAdminMessage(GetMessage("fav_edit_error"), $e);
}
$bVarsFromForm = true;
}
}
if ($_REQUEST["encoded"] == "Y") {
CUtil::decodeURIComponent($_REQUEST["name"]);
}
$str_NAME = htmlspecialcharsbx($_REQUEST["name"]);
$str_URL = htmlspecialcharsbx($_REQUEST["addurl"]);
$str_C_SORT = 100;
$str_COMMON = 'N';
$str_USER_ID = $USER->GetID();
$str_LANGUAGE_ID = LANGUAGE_ID;
if ($ID > 0) {
$fav = CFavorites::GetByID($ID);
if (!($fav_arr = $fav->ExtractFields("str_"))) {
$ID = 0;
}
}
if ($bVarsFromForm) {
$DB->InitTableVarsForEdit("b_favorite", "", "str_");
private function checkActions()
{
if ($this->request["ENTITY_XML_ID"] !== $this->feed->getEntity()->getXmlId()) {
return null;
}
$post = array_merge($this->request->getQueryList()->toArray(), $this->request->getPostList()->toArray());
$action = strtolower($post["comment_review"] == "Y" ? strtolower($post['REVIEW_ACTION']) == "edit" ? "edit" : "add" : $post['REVIEW_ACTION']);
if (!in_array($action, array("add", 'del', 'hide', 'show', 'edit'))) {
return null;
}
$actionErrors = new ErrorCollection();
$arPost = array();
if (!check_bitrix_sessid()) {
$actionErrors->addOne(new Error(Loc::getMessage("F_ERR_SESSION_TIME_IS_UP"), self::ERROR_ACTION));
} else {
if (!$this->checkCaptcha($actionErrors)) {
$actionErrors->addOne(new Error(Loc::getMessage("POSTM_CAPTCHA"), self::ERROR_ACTION));
} else {
if ($post["AJAX_POST"] == "Y") {
CUtil::decodeURIComponent($post);
}
if ($action == "add" || $action == "edit") {
$arPost = array("POST_MESSAGE" => $post["REVIEW_TEXT"], "AUTHOR_NAME" => $this->getUser()->isAuthorized() ? $this->getUserName() : (empty($post["REVIEW_AUTHOR"]) ? $GLOBALS["FORUM_STATUS_NAME"]["guest"] : $post["REVIEW_AUTHOR"]), "AUTHOR_EMAIL" => $post["REVIEW_EMAIL"], "USE_SMILES" => $post["REVIEW_USE_SMILES"]);
foreach (GetModuleEvents('forum', 'OnCommentAdd', true) as $arEvent) {
if (ExecuteModuleEventEx($arEvent, array($this->feed->getEntity()->getType(), $this->feed->getEntity()->getId(), &$arPost)) === false) {
$actionErrors->addOne(new Error(isset($arPost['ERROR']) ? $arPost['ERROR'] : Loc::getMessage("F_ERR_DURING_ACTIONS") . print_r($arEvent, true), self::ERROR_ACTION));
}
}
}
}
}
if (!$actionErrors->hasErrors()) {
if ($action == "add" || $action == "edit") {
$message = $action == "add" ? $this->feed->add($arPost) : $this->feed->edit($this->request["MID"], $arPost);
if ($message && $this->request["TOPIC_SUBSCRIBE"] == "Y") {
ForumSubscribeNewMessagesEx($this->arParams["FORUM_ID"], $message["TOPIC_ID"], "N", $strErrorMessage, $strOKMessage);
BXClearCache(true, "/bitrix/forum/user/" . $this->getUser()->getId() . "/subscribe/");
}
} elseif ($action == "show" || $action == "hide") {
$message = $this->feed->moderate($this->request["MID"], $action == "show");
} else {
$message = $this->feed->delete($this->request["MID"]);
}
if ($this->feed->hasErrors()) {
$actionErrors->add($this->feed->getErrors());
} else {
if ($this->request["NOREDIRECT"] != "Y" && !$this->isAjaxRequest()) {
$strURL = $this->request["back_page"] ?: $this->getApplication()->GetCurPageParam("", array("MID", "SEF_APPLICATION_CUR_PAGE_URL", BX_AJAX_PARAM_ID, "result", "sessid", "bxajaxid"));
$strURL = ForumAddPageParams($strURL, array("MID" => $message["ID"], "result" => $message["APPROVED"] == "Y" ? "reply" : "not_approved"));
LocalRedirect($strURL);
} else {
$this->arResult['RESULT'] = $message["ID"];
if ($action == "add") {
$this->arResult['OK_MESSAGE'] = $message["APPROVED"] == "Y" ? GetMessage("COMM_COMMENT_OK") : GetMessage("COMM_COMMENT_OK_AND_NOT_APPROVED");
} else {
if ($action == "edit") {
$this->arResult['OK_MESSAGE'] = Loc::getMessage("COMM_COMMENT_UPDATED");
} else {
if ($action == "show") {
$this->arResult['OK_MESSAGE'] = Loc::getMessage("COMM_COMMENT_SHOWN");
} else {
if ($action == "hide") {
$this->arResult['OK_MESSAGE'] = Loc::getMessage("COMM_COMMENT_HIDDEN");
} else {
$this->arResult['OK_MESSAGE'] = Loc::getMessage("COMM_COMMENT_DELETED");
}
}
}
}
}
}
}
if ($actionErrors->hasErrors()) {
/** @var $error Error */
$this->arResult["RESULT"] = false;
$this->arResult["OK_MESSAGE"] = '';
foreach ($actionErrors->toArray() as $error) {
$this->arResult['ERROR_MESSAGE'] .= $error->getMessage();
}
return false;
}
return true;
}
public function UnEscape($aFilter)
{
if(defined("FX_UTF"))
return;
if(!is_array($aFilter))
return;
foreach($aFilter as $flt)
if(is_string($GLOBALS[$flt]) && CUtil::DetectUTF8($GLOBALS[$flt]))
CUtil::decodeURIComponent($GLOBALS[$flt]);
}
<?php
define("STOP_STATISTICS", true);
require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_before.php";
require_once "functions.php";
CModule::IncludeModule('socialnetwork');
if (!$USER->IsAuthorized()) {
die;
}
$SITE_ID = isset($_GET["SITE_ID"]) ? $_GET["SITE_ID"] : SITE_ID;
if ($_REQUEST["mode"] == "search") {
CUtil::decodeURIComponent($_GET);
$APPLICATION->RestartBuffer();
CSocNetTools::InitGlobalExtranetArrays($SITE_ID);
$arFilter = array("SITE_ID" => $SITE_ID, "%NAME" => $_GET["query"]);
if (!CSocNetUser::IsCurrentUserModuleAdmin($SITE_ID)) {
$arFilter["CHECK_PERMISSIONS"] = $USER->GetID();
}
$rsGroups = CSocNetGroup::GetList(array("NAME" => "ASC"), $arFilter);
$arGroups = array();
while ($arGroup = $rsGroups->Fetch()) {
if (isset($GLOBALS["arExtranetGroupID"]) && is_array($GLOBALS["arExtranetGroupID"]) && in_array($arGroup["ID"], $GLOBALS["arExtranetGroupID"])) {
$arGroup["IS_EXTRANET"] = "Y";
}
$arGroups[] = group2JSItem($arGroup);
}
if (isset($_REQUEST["features_perms"]) && sizeof($_REQUEST["features_perms"]) == 2) {
filterByFeaturePerms($arGroups, $_REQUEST["features_perms"]);
}
Header('Content-Type: application/x-javascript; charset=' . LANG_CHARSET);
echo CUtil::PhpToJsObject($arGroups);
<?php
##############################################
# Bitrix Site Manager #
# Copyright (c) 2002-2007 Bitrix #
# http://www.bitrixsoft.com #
# mailto:admin@bitrixsoft.com #
##############################################
// define("NO_KEEP_STATISTIC", true);
// define("NO_AGENT_STATISTIC", true);
// define("NOT_CHECK_PERMISSIONS", true);
require $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_admin_before.php";
if ($USER->IsAuthorized() && check_bitrix_sessid()) {
if ($_GET["action"] == "delete" && $_GET["c"] != "" && $_GET["n"] != "") {
CUserOptions::DeleteOption($_GET["c"], $_GET["n"], $_GET["common"] == "Y" && $GLOBALS["USER"]->CanDoOperation('edit_other_settings'));
}
if (is_array($_REQUEST["p"])) {
$arOptions = $_REQUEST["p"];
CUtil::decodeURIComponent($arOptions);
CUserOptions::SetOptionsFromArray($arOptions);
}
}
echo "OK";
require $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/epilog_admin_after.php";
}
if (isset($_GET['lead_id'])) {
$arFields['LEAD_ID'] = intval($_GET['lead_id']);
if ($arFields['LEAD_ID'] > 0) {
$bCreateFromLead = true;
}
}
if (isset($_GET['deal_id'])) {
$arFields['DEAL_ID'] = intval($_GET['deal_id']);
if ($arFields['DEAL_ID'] > 0) {
$bCreateFromDeal = true;
}
}
if (isset($_GET['title'])) {
$arFields['~TITLE'] = $_GET['title'];
CUtil::decodeURIComponent($arFields['~TITLE']);
$arFields['TITLE'] = htmlspecialcharsbx($arFields['~TITLE']);
}
$bCreateFrom = $bCreateFromLead || $bCreateFromDeal || $bCreateFromCompany || $bCreateFromContact;
$leadId = isset($arFields['LEAD_ID']) ? intval($arFields['LEAD_ID']) : 0;
$dealId = isset($arFields['DEAL_ID']) ? intval($arFields['DEAL_ID']) : 0;
$contactId = isset($arFields['CONTACT_ID']) ? intval($arFields['CONTACT_ID']) : 0;
$companyId = isset($arFields['COMPANY_ID']) ? intval($arFields['COMPANY_ID']) : 0;
// create from contact
if ($contactId > 0) {
$dbContact = CCrmContact::GetListEx(array('ID' => 'DESC'), array('ID' => $contactId), false, array('nTopCount' => 1), array('ID', 'LEAD_ID'));
if ($arContact = $dbContact->Fetch()) {
if (isset($arContact['LEAD_ID']) && intval($arContact['LEAD_ID']) > 0) {
$arFields['~LEAD_ID'] = $arFields['LEAD_ID'] = intval($arContact['LEAD_ID']);
}
}
if ($bCanAddComments)
{
// add source object and get source_id, $source_url
$arParams = array(
"PATH_TO_SMILE" => $_REQUEST["p_smile"],
"PATH_TO_USER_BLOG_POST" => $_REQUEST["p_ubp"],
"PATH_TO_GROUP_BLOG_POST" => $_REQUEST["p_gbp"],
"PATH_TO_USER_MICROBLOG_POST" => $_REQUEST["p_umbp"],
"PATH_TO_GROUP_MICROBLOG_POST" => $_REQUEST["p_gmbp"],
"BLOG_ALLOW_POST_CODE" => $_REQUEST["bapc"]
);
$parser = new logTextParser(LANGUAGE_ID, $arParams["PATH_TO_SMILE"]);
$comment_text = $_REQUEST["message"];
CUtil::decodeURIComponent($comment_text);
$comment_text = Trim($comment_text);
if (strlen($comment_text) > 0)
{
$arSearchParams = array();
if($arCommentEvent["EVENT_ID"] == "forum")
{
$arSearchParams["FORUM_ID"] = intval($_REQUEST["f_id"]);
$arSearchParams["PATH_TO_GROUP_FORUM_MESSAGE"] = (
$arLog["ENTITY_TYPE"] == SONET_SUBSCRIBE_ENTITY_GROUP
? str_replace(
"#GROUPS_PATH#",
COption::GetOptionString("socialnetwork", "workgroups_page", false, $site_id),
$arLog["URL"]
<?php
define("STOP_STATISTICS", true);
require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_admin_before.php";
require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_admin_js.php";
if (CModule::IncludeModule("search")) {
CUtil::decodeURIComponent($_REQUEST);
if (!empty($_REQUEST["search"])) {
$arResult = array();
$order = CUserOptions::GetOption("search_tags", "order", "CNT");
if ($_REQUEST["order_by"] == "NAME") {
$arOrder = array("NAME" => "ASC");
if ($order != "NAME") {
CUserOptions::SetOption("search_tags", "order", "NAME");
}
} else {
$arOrder = array("CNT" => "DESC", "NAME" => "ASC");
if ($order != "CNT") {
CUserOptions::SetOption("search_tags", "order", "CNT");
}
}
$db_res = CSearchTags::GetList(array("NAME", "CNT"), array("TAG" => $_REQUEST["search"], "SITE_ID" => $_REQUEST["site_id"]), $arOrder, 10);
if ($db_res) {
while ($res = $db_res->Fetch()) {
$arResult[] = array("NAME" => $res["NAME"], "CNT" => $res["CNT"]);
}
}
echo CUtil::PhpToJSObject($arResult);
}
}
require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/epilog_admin_js.php";
$arPermTypes[$arRes['ID']] = Array(
'title' => $name,
'letter' => $arRes['LETTER']
);
}
$arPermTypes['NOT_REF'] = Array(
'title' => GetMessage("FILEMAN_FOLDER_ACCESS_INHERIT"),
'letter' => 'N'
);
$strWarning = "";
$arFiles = Array();
if (count($files) > 0)
{
CUtil::decodeURIComponent($files);
for($i=0; $i<count($files); $i++)
{
if(!$USER->CanDoFileOperation('fm_edit_permission',Array($site, $path."/".$files[$i])))
$strWarning .= GetMessage("FILEMAN_ACCESS_TO_DENIED")." \"".$files[$i]."\".\n";
elseif($files[$i] != '.')
$arFiles[] = $files[$i];
}
}
else
{
$arPDirs = array();
$arPFiles = array();
CFileMan::GetDirList(Array($site, $path), $arPDirs, $arPFiles, array("MIN_PERMISSION" => "X"), array(), "DF");
foreach ($arPDirs as $dir)
}
if (!CModule::IncludeModule("forum")) {
return false;
} elseif (!($_REQUEST["comment_review"] == "Y" || in_array($_REQUEST['REVIEW_ACTION'], array('DEL', 'HIDE', 'SHOW', 'EDIT')))) {
return false;
} elseif ($_REQUEST['REVIEW_ACTION'] == "EDIT" && $_REQUEST["MID"] > 0 && (!$arResult["TOPIC"] || $arResult["USER"]["RIGHTS"]["MODERATE"] !== "Y" && $arParams["ALLOW_EDIT_OWN_MESSAGE"] == "N")) {
return false;
}
$this->IncludeComponentLang("action.php");
// Check gross errors message data
$APPLICATION->RestartBuffer();
/** @var $request \Bitrix\Main\HttpRequest */
$request = \Bitrix\Main\Context::getCurrent()->getRequest();
$post = array_merge($request->getQueryList()->toArray(), $request->getPostList()->toArray());
if ($post["AJAX_POST"] == "Y") {
CUtil::decodeURIComponent($post);
}
if (!check_bitrix_sessid()) {
$arError[] = array("code" => "session time is up", "title" => GetMessage("F_ERR_SESSION_TIME_IS_UP"));
} elseif ($arResult["USER"]['PERMISSION'] <= "E") {
$arError[] = array("code" => "access denied", "title" => GetMessage("F_ERR_NOT_RIGHT_FOR_ADD"));
} elseif ($post['REVIEW_ACTION'] == "EDIT" || $post['REVIEW_ACTION'] == "DEL") {
$arResult["MESSAGE"] = CForumMessage::GetById($post["MID"]);
if ($arResult["MESSAGE"]["TOPIC_ID"] != $arResult["TOPIC"]["ID"] || $arResult["USER"]["RIGHTS"]["EDIT"] !== "Y" && ($arResult["MESSAGE"]["AUTHOR_ID"] <= 0 || $arResult["MESSAGE"]["AUTHOR_ID"] != $GLOBALS["USER"]->GetID() || $arParams["ALLOW_EDIT_OWN_MESSAGE"] == "LAST" && $arResult["MESSAGE"]["ID"] != $arResult["TOPIC"]["ABS_LAST_MESSAGE_ID"])) {
$arError[] = array("code" => "access denied", "title" => GetMessage("F_ERR_NOT_RIGHT_FOR_EDIT"));
}
}
if (!empty($arError)) {
} elseif ((empty($_REQUEST["preview_comment"]) || $_REQUEST["preview_comment"] == "N") && $_REQUEST["comment_review"] == "Y") {
$arProperties = array();
$needProperty = array();
public function executeComponent()
{
if (!CModule::IncludeModule('webdav')) {
return false;
}
$isVisual = isset($this->arParams['VISUAL']) ? (bool) $this->arParams['VISUAL'] : true;
$pathToAjax = isset($this->arParams['AJAX_PATH']) ? $this->arParams['AJAX_PATH'] : '/bitrix/components/bitrix/webdav.disk/ajax.php';
try {
if ($isVisual) {
$diskEnabled = \Bitrix\Main\Config\Option::get('disk', 'successfully_converted', false) && CModule::includeModule('disk');
$quota = CDiskQuota::GetDiskQuota();
$this->arResult['showDiskQuota'] = false;
//$quota !== true; //now without quota
$this->arResult['diskSpace'] = (double) COption::GetOptionInt('main', 'disk_space') * 1024 * 1024;
$this->arResult['quota'] = $quota;
$this->arResult['ajaxIndex'] = $pathToAjax;
$this->arResult['ajaxStorageIndex'] = '/desktop_app/storage.php';
if ($diskEnabled) {
$this->arResult['isInstalledDisk'] = \Bitrix\Disk\Desktop::isDesktopDiskInstall();
$this->arResult['personalLibIndex'] = '/company/personal/user/' . $this->getUser()->getId() . '/disk/path/';
} else {
$this->arResult['isInstalledDisk'] = (bool) CWebDavTools::isDesktopDiskInstall();
$this->arResult['personalLibIndex'] = '/company/personal/user/' . $this->getUser()->getId() . '/files/lib/';
}
$this->arResult['isInstalledPull'] = (bool) IsModuleInstalled('pull');
$this->arResult['currentUser'] = array('id' => $this->getUser()->getId(), 'formattedName' => $this->getUser()->getFormattedName());
$this->getApplication()->addHeadScript('/bitrix/components/bitrix/webdav.disk/disk.js');
$this->includeComponentTemplate();
return;
}
CTimeZone::Disable();
//decode from utf-8 to site LANG_CHARSET
CUtil::decodeURIComponent($_POST);
$this->checkUser()->runAction();
CTimeZone::Enable();
} catch (CWebDavBadStorageAfterMigrateException $e) {
CTimeZone::Enable();
$this->sendJsonResponse(array('status' => CWebDavDiskDispatcher::STATUS_ERROR, 'message' => 'Could not get Disk\\Storage. Perhaps, it is old client, which does not reconnect. '), 500);
} catch (CWebDavSymlinkMoveFakeErrorException $e) {
CTimeZone::Enable();
$this->sendJsonResponse(array('status' => CWebDavDiskDispatcher::STATUS_ERROR, 'message' => 'This is not really error. Move symlink folders.'));
} catch (CWebDavAccessDeniedException $e) {
CTimeZone::Enable();
$this->sendJsonResponse(array('status' => CWebDavDiskDispatcher::STATUS_ACCESS_DENIED, 'message' => $e->getMessage()));
} catch (Exception $e) {
CTimeZone::Enable();
$response = array('status' => 'error', 'message' => $e->getMessage());
if ($this->dispatcher) {
$errors = $this->dispatcher->getErrors();
if ($errors) {
$response['detail'] = $errors;
}
}
$this->sendJsonResponse($response);
}
return;
}
if (!($USER->CanDoOperation('fileman_admin_files') || $USER->CanDoOperation('fileman_edit_existent_files') || $USER->CanDoOperation('fileman_view_file_structure')))
$APPLICATION->AuthForm(GetMessage("ACCESS_DENIED"));
require_once($_SERVER["DOCUMENT_ROOT"]."/freetrix/modules/fileman/include.php");
IncludeModuleLangFile(__FILE__);
$addUrl = 'lang='.LANGUAGE_ID.($logical == "Y"?'&logical=Y':'');
$strWarning = "";
$site = CFileMan::__CheckSite($site);
$DOC_ROOT = CSite::GetSiteDocRoot($site);
$io = CBXVirtualIo::GetInstance();
if (CUtil::DetectUTF8($path))
CUtil::decodeURIComponent($path);
$path = $io->CombinePath("/", $path);
$arParsedPath = CFileMan::ParsePath(Array($site, $path), false, false, "", $logical == "Y");
$abs_path = $DOC_ROOT.$path;
$arPath = Array($site, $path);
$APPLICATION->SetTitle(GetMessage("FILEMAN_FILEVIEW_TITLE")." \"".$arParsedPath["LAST"]."\"");
foreach ($arParsedPath["AR_PATH"] as $chainLevel)
{
$adminChain->AddItem(
array(
"TEXT" => htmlspecialcharsex($chainLevel["TITLE"]),
"LINK" => ((strlen($chainLevel["LINK"]) > 0) ? $chainLevel["LINK"] : ""),
)
$aUserId[] = intval($id);
}
}
} elseif (intval($_REQUEST["user_id"]) > 0) {
$aUserId[] = IntVal($_REQUEST["user_id"]);
}
$aUserId = array_unique($aUserId);
$mptr = Trim($_REQUEST["mptr"]);
if (!$GLOBALS["USER"]->IsAuthorized()) {
echo "*";
} else {
if (!check_bitrix_sessid()) {
echo GetMessage("SONET_C50_ERR_PERMS") . ".";
} else {
$message = $_REQUEST["data"];
CUtil::decodeURIComponent($message);
$message = Trim($message);
if (StrLen($message) <= 0) {
echo GetMessage("SONET_C50_NO_TEXT") . ".";
} else {
if (empty($aUserId)) {
echo GetMessage("SONET_C50_NO_USER_ID") . ".";
} else {
foreach ($aUserId as $userID) {
if (!CSocNetUserPerms::CanPerformOperation($GLOBALS["USER"]->GetID(), $userID, "message", CSocNetUser::IsCurrentUserModuleAdmin(false))) {
echo GetMessage("SONET_C50_CANT_WRITE") . ".";
} else {
$errorMessage = "";
if (!CSocNetMessages::CreateMessage($GLOBALS["USER"]->GetID(), $userID, $message)) {
if ($e = $GLOBALS["APPLICATION"]->GetException()) {
$errorMessage .= $e->GetString();
if (!Main\Loader::includeModule('catalog')) {
die;
}
Main\Loader::includeModule('fileman');
Main\Page\Asset::getInstance()->addJs('/bitrix/js/catalog/tbl_edit.js');
$arJSDescription = array('js' => '/bitrix/js/iblock/sub_generator.js', 'css' => '/bitrix/panel/iblock/sub-generator.css', 'lang' => '/bitrix/modules/iblock/lang/' . LANGUAGE_ID . '/admin/iblock_subelement_generator.php');
CJSCore::RegisterExt('iblock_generator', $arJSDescription);
CJSCore::Init(array('iblock_generator', 'file_input'));
define('IB_SEG_ROW_PREFIX', 'IB_SEG_');
$subIBlockId = intval($_REQUEST["subIBlockId"]);
$subPropValue = intval($_REQUEST["subPropValue"]);
$subTmpId = intval($_REQUEST["subTmpId"]);
$iBlockId = intval($_REQUEST["iBlockId"]);
$findSection = intval($_REQUEST["findSection"]);
$arSKUInfo = CCatalogSKU::GetInfoByOfferIBlock($subIBlockId);
CUtil::decodeURIComponent($_POST['PRODUCT_NAME']);
$parentProductName = trim($_POST['PRODUCT_NAME']);
$useStoreControl = (string) Main\Config\Option::get('catalog', 'default_use_store_control') == 'Y';
if ($arSKUInfo == false) {
ShowError("SKU error!");
}
$APPLICATION->SetTitle(GetMessage("IB_SEG_MAIN_TITLE"));
/**
* @param $intRangeID
* @param $strPrefix
* @return string
*/
function __AddCellPriceType($intRangeID, $strPrefix)
{
$dbCatalogGroups = CCatalogGroup::GetList(array("SORT" => "ASC", "NAME" => "ASC", "ID" => "ASC"));
$priceTypeCellOption = '';
public static function SetCookieOptions($cookieName)
{
//last user setting
$varCookie = array();
parse_str($_COOKIE[$cookieName], $varCookie);
setcookie($cookieName, false, false, "/");
if (is_array($varCookie["p"]) && $varCookie["sessid"] == bitrix_sessid()) {
$arOptions = $varCookie["p"];
CUtil::decodeURIComponent($arOptions);
CUserOptions::SetOptionsFromArray($arOptions);
}
}
function JSPostUnescape()
{
CUtil::decodeURIComponent($_POST);
CUtil::decodeURIComponent($_REQUEST);
}
<?php
define('NO_KEEP_STATISTIC', 'Y');
define('NO_AGENT_STATISTIC', 'Y');
require $_SERVER['DOCUMENT_ROOT'] . '/bitrix/modules/main/include/prolog_before.php';
if (!CModule::IncludeModule('crm')) {
return false;
}
?>
<script>
BX.loadCSS('/bitrix/components/bitrix/crm.event.add/templates/.default/style.css');
</script>
<?php
//Crutch for BX.ajax.submitAjax (we have urlencoded multipart data)
CUtil::JSPostUnescape();
if (isset($_FILES['ATTACH'])) {
CUtil::decodeURIComponent($_FILES['ATTACH']);
}
$APPLICATION->IncludeComponent('bitrix:crm.event.add', '', array('ENTITY_TYPE' => $_REQUEST['ENTITY_TYPE'], 'ENTITY_ID' => intval($_REQUEST['ENTITY_ID']), 'FORM_TYPE' => $_REQUEST['FORM_TYPE'], 'FORM_ID' => isset($_REQUEST['FORM_ID']) ? $_REQUEST['FORM_ID'] : '', 'EVENT_TYPE' => isset($_REQUEST['EVENT_TYPE']) ? $_REQUEST['EVENT_TYPE'] : '', 'FREEZE_EVENT_ID' => isset($_REQUEST['FREEZE_EVENT_ID']) ? $_REQUEST['FREEZE_EVENT_ID'] : '', 'AJAX_MODE' => 'Y', 'AJAX_OPTION_JUMP' => 'N', 'AJAX_OPTION_HISTORY' => 'N'), false);
require $_SERVER['DOCUMENT_ROOT'] . '/bitrix/modules/main/include/epilog_after.php';
}
return false;
}
if($_REQUEST["mode"] == "save_recent")
{
if($_REQUEST["url"] <> "")
{
$nLinks = 5;
if($aUserOpt["start_menu_links"] <> "")
$nLinks = intval($aUserOpt["start_menu_links"]);
$aRecent = CUserOptions::GetOption("start_menu", "recent", array());
CUtil::decodeURIComponent($_REQUEST["text"]);
CUtil::decodeURIComponent($_REQUEST["title"]);
$aLink = array("url"=>$_REQUEST["url"], "text"=>$_REQUEST["text"], "title"=>$_REQUEST["title"], "icon"=>$_REQUEST["icon"]);
if(($pos = array_search($aLink, $aRecent)) !== false)
unset($aRecent[$pos]);
array_unshift($aRecent, $aLink);
$aRecent = array_slice($aRecent, 0, $nLinks);
CUserOptions::SetOption("start_menu", "recent", $aRecent);
}
echo "OK";
}
elseif($_REQUEST["mode"] == "dynamic")
{
//admin menu - dynamic sections
$adminMenu->AddOpenedSections($_REQUEST["admin_mnu_menu_id"]);
if (isset($_GET['address_country'])) {
$arFields['~ADDRESS_COUNTRY'] = $_GET['address_country'];
CUtil::decodeURIComponent($arFields['~ADDRESS_COUNTRY']);
$arFields['ADDRESS_COUNTRY'] = htmlspecialcharsbx($arFields['~ADDRESS_COUNTRY']);
}
if (isset($_GET['email']) || isset($_GET['phone']) || isset($_GET['tel'])) {
if (isset($_GET['email'])) {
$email = $_GET['email'];
CUtil::decodeURIComponent($email);
trim($email);
} else {
$email = '';
}
if (isset($_GET['phone']) || isset($_GET['tel'])) {
$phone = isset($_GET['phone']) ? $_GET['phone'] : $_GET['tel'];
CUtil::decodeURIComponent($phone);
trim($phone);
} else {
$phone = '';
}
$arFields['FM'] = array();
if ($email !== '') {
$arFields['FM']['EMAIL'] = array('n0' => array('VALUE' => $email, 'VALUE_TYPE' => 'WORK'));
}
if ($phone !== '') {
$arFields['FM']['PHONE'] = array('n0' => array('VALUE' => $phone, 'VALUE_TYPE' => 'WORK'));
}
}
}
$arResult['ELEMENT'] = $arFields;
unset($arFields);
$subURL = '';
if (is_array($arNotSefParams[1]) && !empty($arNotSefParams[1])) {
foreach ($arNotSefParams[1] as $subURLParam) {
$subURL .= '&' . htmlspecialcharsbx($arVariableAliases[$subURLParam]) . '=#' . $subURLParam . '#';
}
}
if (strlen($arParams["PATH_TO_" . ToUpper($url)]) <= 0) {
$arResult["PATH_TO_" . ToUpper($url)] = htmlspecialcharsbx($APPLICATION->GetCurPage()) . "?" . htmlspecialcharsbx($arVariableAliases["page"]) . "=" . $url . $subURL;
}
}
$arResult["PATH_TO_BLOG_CATEGORY"] = htmlspecialcharsbx($APPLICATION->GetCurPage()) . '?tag=#category_id#';
}
$arResult["~PATH_TO_POST_ADD"] = CComponentEngine::MakePathFromTemplate($arResult["PATH_TO_POST_EDIT"], array("post_id" => "new"));
$arResult["~PATH_TO_USER_IDEAS"] = CComponentEngine::MakePathFromTemplate($arResult["PATH_TO_USER_IDEAS"], array("user_id" => $USER->GetID()));
$arResult["~PATH_TO_USER_SUBSCRIBE"] = CComponentEngine::MakePathFromTemplate($arResult["PATH_TO_USER_SUBSCRIBE"], array("user_id" => $USER->GetID()));
$arResult = array_merge(array("SEF_MODE" => $arParams["SEF_MODE"], "SEF_FOLDER" => $arParams["SEF_FOLDER"], "VARIABLES" => $arVariables, "ALIASES" => $arParams["SEF_MODE"] == "Y" ? array() : $arVariableAliases, "SET_TITLE" => $arParams["SET_TITLE"], "PATH_TO_SMILE" => $arParams["PATH_TO_SMILE"], "CACHE_TYPE" => $arParams["CACHE_TYPE"], "CACHE_TIME" => $arParams["CACHE_TIME"], "CACHE_TIME_LONG" => $arParams["CACHE_TIME_LONG"], "SET_NAV_CHAIN" => $arParams["SET_NAV_CHAIN"], "MESSAGE_COUNT" => $arParams["MESSAGE_COUNT"], "BLOG_COUNT" => $arParams["BLOG_COUNT"], "COMMENTS_COUNT" => $arParams["COMMENTS_COUNT"], "BLOG_COUNT_MAIN" => $arParams["BLOG_COUNT_MAIN"], "DATE_TIME_FORMAT" => $arParams["DATE_TIME_FORMAT"], "PERIOD_DAYS" => $arParams["PERIOD_DAYS"], "NAV_TEMPLATE" => $arParams["NAV_TEMPLATE"], "ACTIONS" => array(), "IS_CORPORTAL" => IsModuleInstalled('intranet') ? "Y" : "N", "IS_AJAX" => $_REQUEST["AJAX"] == 'IDEA' ? 'Y' : "N", "LIFE_SEARCH_QUERY" => CUtil::decodeURIComponent($_REQUEST["LIFE_SEARCH_QUERY"]) || true ? $_REQUEST["LIFE_SEARCH_QUERY"] : ""), $arResult);
if ($arParams["DISABLE_SONET_LOG"] == "Y" || !IsModuleInstalled('socialnetwork')) {
CIdeaManagment::getInstance()->Notification()->GetSonetNotify()->Disable();
}
if ($arParams["DISABLE_EMAIL"] == "Y") {
CIdeaManagment::getInstance()->Notification()->GetEmailNotify()->Disable();
}
//Permissions
$arResult["IDEA_MODERATOR"] = false;
if (!empty($arParams["POST_BIND_USER"]) && array_intersect($USER->GetUserGroupArray(), $arParams["POST_BIND_USER"]) || $USER->IsAdmin()) {
$arResult["IDEA_MODERATOR"] = true;
}
//Deprecated
$arResult["PATH_TO_POST_ADD"] = $arResult["~PATH_TO_POST_ADD"];
$arParams["COMMENT_EDITOR_CODE_DEFAULT"] = $arParams[array_key_exists("COMMENT_EDITOR_CODE_DEFAULT", $arParams) ? "COMMENT_EDITOR_CODE_DEFAULT" : "EDITOR_CODE_DEFAULT"];
$arParams["COMMENT_EDITOR_RESIZABLE"] = $arParams[array_key_exists("COMMENT_EDITOR_RESIZABLE", $arParams) ? "COMMENT_EDITOR_RESIZABLE" : "EDITOR_RESIZABLE"];
$taskId = (int) $_REQUEST['TASK_ID'];
$task = false;
if ($taskId > 0) {
$dbTask = CBPTaskService::GetList(array(), array("ID" => $taskId, "USER_ID" => $user->getId(), 'USER_STATUS' => CBPTaskUserStatus::Waiting), false, false, array("ID", "WORKFLOW_ID", "ACTIVITY", "ACTIVITY_NAME", "MODIFIED", "OVERDUE_DATE", "NAME", "DESCRIPTION", "PARAMETERS"));
$task = $dbTask->fetch();
}
if (!$task) {
$result['SUCCESS'] = false;
$result['ERROR'] = 'Task not found.';
} else {
$task["PARAMETERS"]["DOCUMENT_ID"] = CBPStateService::GetStateDocumentId($task['WORKFLOW_ID']);
$task["MODULE_ID"] = $task["PARAMETERS"]["DOCUMENT_ID"][0];
$task["ENTITY"] = $task["PARAMETERS"]["DOCUMENT_ID"][1];
$task["DOCUMENT_ID"] = $task["PARAMETERS"]["DOCUMENT_ID"][2];
$arErrorsTmp = array();
if (SITE_CHARSET != "utf-8" && !empty($_SERVER['HTTP_BX_AJAX'])) {
CUtil::decodeURIComponent($_REQUEST);
CUtil::decodeURIComponent($_FILES);
}
$formData = $_REQUEST + $_FILES;
if (!CBPDocument::PostTaskForm($task, $user->getId(), $formData, $arErrorsTmp)) {
$arError = array();
foreach ($arErrorsTmp as $e) {
$arError[] = array("id" => "bad_task", "text" => $e["message"]);
}
$e = new CAdminException($arError);
$result['ERROR'] = HTMLToTxt($e->GetString());
}
}
}
echo CUtil::PhpToJSObject($result);
if (!CModule::IncludeModule("socialnetwork")) {
echo CUtil::PhpToJsObject(array('ERROR' => 'MODULE_NOT_INSTALLED'));
die;
}
if (check_bitrix_sessid()) {
if (CModule::IncludeModule('extranet') && !CExtranet::IsIntranetUser()) {
echo CUtil::PhpToJsObject(array('ERROR' => 'EXTRANET_USER'));
} else {
if (isset($_POST["nt"])) {
preg_match_all("/(#NAME#)|(#LAST_NAME#)|(#SECOND_NAME#)|(#NAME_SHORT#)|(#SECOND_NAME_SHORT#)|\\s|\\,/", urldecode($_REQUEST["nt"]), $matches);
$nameTemplate = implode("", $matches[0]);
} else {
$nameTemplate = CSite::GetNameFormat(false);
}
if ($_POST['LD_SEARCH'] == 'Y') {
CUtil::decodeURIComponent($_POST);
echo CUtil::PhpToJsObject(array('USERS' => CSocNetLogDestination::SearchUsers($_POST['SEARCH'], $nameTemplate, false, IsModuleInstalled("extranet"))));
} elseif ($_POST['LD_DEPARTMENT_RELATION'] == 'Y' && IsModuleInstalled("intranet")) {
echo CUtil::PhpToJsObject(array('USERS' => CSocNetLogDestination::GetUsers(array('deportament_id' => $_POST['DEPARTMENT_ID'], "NAME_TEMPLATE" => $nameTemplate), false)));
} elseif (isset($_POST["bitrix_processes"])) {
if (CModule::IncludeModule('lists')) {
IncludeModuleLangFile(__FILE__);
global $USER;
$listsPerm = CListPermissions::CheckAccess($USER, COption::GetOptionString("lists", "livefeed_iblock_type_id"), false);
if ($listsPerm < 0) {
switch ($listsPerm) {
case CListPermissions::WRONG_IBLOCK_TYPE:
echo CUtil::PhpToJsObject(array('success' => false, 'error' => GetMessage("CC_BLL_WRONG_IBLOCK_TYPE")));
die;
case CListPermissions::WRONG_IBLOCK:
echo CUtil::PhpToJsObject(array('success' => false, 'error' => GetMessage("CC_BLL_WRONG_IBLOCK")));
public function AcceptFromForm($arParams)
{
if (!$this->provider) {
return self::ERROR_NO_LIBRARY;
}
//no crypto library found
$data = $_REQUEST['__RSA_DATA'];
unset($_POST['__RSA_DATA']);
unset($_REQUEST['__RSA_DATA']);
unset($GLOBALS['__RSA_DATA']);
if ($data == '') {
return self::ERROR_EMPTY_DATA;
}
//no encrypted data
if (strlen($data) >= self::MAX_ENCRIPTED_DATA) {
return self::ERROR_BIG_DATA;
}
//too big encrypted data
$data = $this->provider->Decrypt($data);
if ($data == '') {
return self::ERROR_DECODE;
}
//decoding error
$data1 = substr($data, 0, -47);
$sha1 = substr($data, -40);
if ($sha1 != sha1($data1)) {
return self::ERROR_INTEGRITY;
}
//integrity check error
parse_str($data, $accepted_params);
if ($accepted_params['__RSA_RAND'] == '') {
return self::ERROR_SESS_VALUE;
}
//no session control value
if ($accepted_params['__RSA_RAND'] != $_SESSION['__STORED_RSA_RAND']) {
return self::ERROR_SESS_CHECK;
}
//session control value does not match
CUtil::decodeURIComponent($accepted_params);
foreach ($arParams as $k) {
if (isset($accepted_params[$k])) {
if (is_array($accepted_params[$k])) {
foreach ($accepted_params[$k] as $key => $val) {
$GLOBALS[$k][$key] = $_REQUEST[$k][$key] = $_POST[$k][$key] = $val;
}
} else {
$GLOBALS[$k] = $_REQUEST[$k] = $_POST[$k] = $accepted_params[$k];
}
}
}
return 0;
//OK
}
define("NO_AGENT_STATISTIC", true);
define("NOT_CHECK_PERMISSIONS", true);
define("FX_SEARCH_ADMIN", true);
require($_SERVER["DOCUMENT_ROOT"]."/freetrix/modules/main/include/prolog_admin_before.php");
require($_SERVER["DOCUMENT_ROOT"]."/freetrix/modules/main/include/prolog_admin_js.php");
$start = getmicrotime();
$query = ltrim($_POST["q"]);
if(
!empty($query)
&& $_REQUEST["ajax_call"] === "y"
&& CModule::IncludeModule("search")
):
CUtil::decodeURIComponent($query);
$adminPage->Init();
//$adminMenu->AddOpenedSections("global_menu_content, global_menu_services, global_menu_store, global_menu_statistics, global_menu_settings");
$adminMenu->Init($adminPage->aModules);
$arResult = array("CATEGORIES"=>array(
"global_menu_content"=>array("ITEMS"=>array(), "TITLE"=>GetMessage('admin_lib_menu_content')),
"global_menu_services"=>array("ITEMS"=>array(), "TITLE"=>GetMessage('admin_lib_menu_services')),
"global_menu_store"=>array("ITEMS"=>array(), "TITLE"=>GetMessage('admin_lib_menu_store')),
"global_menu_statistics"=>array("ITEMS"=>array(), "TITLE"=>GetMessage('admin_lib_menu_stat')),
"global_menu_settings"=>array("ITEMS"=>array(), "TITLE"=>GetMessage('admin_lib_menu_settings')),
)
);
$arStemFunc = stemming_init(LANGUAGE_ID);
if ($result['SUCCESS']) {
$taskId = (int) $_REQUEST['TASK_ID'];
$task = false;
if ($taskId > 0) {
$dbTask = CBPTaskService::GetList(array(), array("ID" => $taskId, "USER_ID" => $user->getId(), 'USER_STATUS' => CBPTaskUserStatus::Waiting), false, false, array("ID", "WORKFLOW_ID", "ACTIVITY", "ACTIVITY_NAME", "MODIFIED", "OVERDUE_DATE", "NAME", "DESCRIPTION", "PARAMETERS"));
$task = $dbTask->fetch();
}
if (!$task) {
$result['SUCCESS'] = false;
$result['ERROR'] = 'Task not found.';
} else {
$task["PARAMETERS"]["DOCUMENT_ID"] = CBPStateService::GetStateDocumentId($task['WORKFLOW_ID']);
$task["MODULE_ID"] = $task["PARAMETERS"]["DOCUMENT_ID"][0];
$task["ENTITY"] = $task["PARAMETERS"]["DOCUMENT_ID"][1];
$task["DOCUMENT_ID"] = $task["PARAMETERS"]["DOCUMENT_ID"][2];
$arErrorsTmp = array();
$formData = $_REQUEST + $_FILES;
if (SITE_CHARSET != "utf-8" && !empty($_SERVER['HTTP_BX_AJAX'])) {
CUtil::decodeURIComponent($formData);
}
if (!CBPDocument::PostTaskForm($task, $user->getId(), $formData, $arErrorsTmp)) {
$arError = array();
foreach ($arErrorsTmp as $e) {
$arError[] = array("id" => "bad_task", "text" => $e["message"]);
}
$e = new CAdminException($arError);
$result['ERROR'] = HTMLToTxt($e->GetString());
}
}
}
echo CUtil::PhpToJSObject($result);
