public static function OnSearchCheckPermissions($FIELD) { global $USER; $access = new CAccess(); $access->UpdateCodes(); $res = CAccess::GetUserCodes($USER->GetID(), array("PROVIDER_ID" => "intranet")); $arResult = array(); while ($arr = $res->Fetch()) { $arResult[] = $arr["ACCESS_CODE"]; } return $arResult; }
/** * @return array of access codes, includes AU symbol (if user is authorized) */ protected function GetAccessCodes($isUseCache = false) { global $USER; static $cache = array(); $isNeedCAccessUpdate = true; if ($isUseCache) { // Cache hits? if (isset($cache['str' . $this->userId])) { return $cache['str' . $this->userId]; } // Prevent call CAccess->UpdateCodes() multiple times per hit, // except long time period (three seconds) expired. if ($this->CAccessLastUpdated === false || microtime(true) - $this->CAccessLastUpdated > 3) { $isNeedCAccessUpdate = true; } else { $isNeedCAccessUpdate = false; } } else { $isNeedCAccessUpdate = true; } if ($isNeedCAccessUpdate) { $oAcc = new CAccess(); $oAcc->UpdateCodes(); if ($isUseCache) { $this->CAccessLastUpdated = microtime(true); } unset($oAcc); } $rc = CAccess::GetUserCodes($this->userId); if ($rc === false) { throw new LearnException('', LearnException::EXC_ERR_ALL_GIVEUP | LearnException::EXC_ERR_ALL_ACCESS_DENIED); } $arData = array(); while ($arItem = $rc->Fetch()) { if ((int) $arItem['USER_ID'] !== $this->userId) { throw new LearnException('', LearnException::EXC_ERR_ALL_GIVEUP | LearnException::EXC_ERR_ALL_LOGIC | LearnException::EXC_ERR_ALL_ACCESS_DENIED); } $arData[] = $arItem['ACCESS_CODE']; } if (is_object($USER) && $this->userId === (int) $USER->GetID()) { $arData[] = 'AU'; } // Cache in case when $isUseCache === false too. // Because, this will refresh cache, if it exists before. $cache['str' . $this->userId] = $arData; return $arData; }
function _check_rights_sql($min_permission) { global $DB, $USER; $min_permission = strlen($min_permission) == 1 ? $min_permission : "R"; if (is_object($USER)) { $iUserID = intval($USER->GetID()); $strGroups = $USER->GetGroups(); $bAuthorized = $USER->IsAuthorized(); } else { $iUserID = 0; $strGroups = "2"; $bAuthorized = false; } $stdPermissions = "\n\t\t\tSELECT IBLOCK_ID\n\t\t\tFROM b_iblock_group IBG\n\t\t\tWHERE IBG.GROUP_ID IN (" . $strGroups . ")\n\t\t\tAND IBG.PERMISSION >= '" . $DB->ForSQL($min_permission) . "'\n\t\t"; if (!defined("ADMIN_SECTION")) { $stdPermissions .= "\n\t\t\t\tAND (IBG.PERMISSION='X' OR B.ACTIVE='Y')\n\t\t\t"; } if ($min_permission >= "X") { $operation = 'element_rights_edit'; } elseif ($min_permission >= "W") { $operation = 'element_edit'; } elseif ($min_permission >= "R") { $operation = 'element_read'; } else { $operation = ''; } if ($operation) { $acc = new CAccess(); $acc->UpdateCodes(); } if ($operation == "element_read") { $extPermissions = "\n\t\t\t\tSELECT ER.ELEMENT_ID\n\t\t\t\tFROM b_iblock_element_right ER\n\t\t\t\tINNER JOIN b_iblock_right IBR ON IBR.ID = ER.RIGHT_ID\n\t\t\t\t" . ($iUserID > 0 ? "LEFT" : "INNER") . " JOIN b_user_access UA ON UA.ACCESS_CODE = IBR.GROUP_CODE AND UA.USER_ID = " . $iUserID . "\n\t\t\t\tWHERE ER.ELEMENT_ID = BE.ID\n\t\t\t\tAND IBR.OP_EREAD = 'Y'\n\t\t\t\t" . ($bAuthorized || $iUserID > 0 ? "\n\t\t\t\t\tAND (UA.USER_ID IS NOT NULL\n\t\t\t\t\t" . ($bAuthorized ? "OR IBR.GROUP_CODE = 'AU'" : "") . "\n\t\t\t\t\t" . ($iUserID > 0 ? "OR (IBR.GROUP_CODE = 'CR' AND BE.CREATED_BY = " . $iUserID . ")" : "") . "\n\t\t\t\t)" : "") . "\n\t\t\t"; $strResult = "(\n\t\t\t\tB.ID IN ({$stdPermissions})\n\t\t\t\tOR (B.RIGHTS_MODE = 'E' AND EXISTS ({$extPermissions}))\n\t\t\t)"; } elseif ($operation) { $extPermissions = "\n\t\t\t\tSELECT ER.ELEMENT_ID\n\t\t\t\tFROM b_iblock_element_right ER\n\t\t\t\tINNER JOIN b_iblock_right IBR ON IBR.ID = ER.RIGHT_ID\n\t\t\t\tINNER JOIN b_task_operation T ON T.TASK_ID = IBR.TASK_ID\n\t\t\t\tINNER JOIN b_operation O ON O.ID = T.OPERATION_ID\n\t\t\t\t" . ($iUserID > 0 ? "LEFT" : "INNER") . " JOIN b_user_access UA ON UA.ACCESS_CODE = IBR.GROUP_CODE AND UA.USER_ID = " . $iUserID . "\n\t\t\t\tWHERE ER.ELEMENT_ID = BE.ID\n\t\t\t\tAND O.NAME = '" . $operation . "'\n\t\t\t\t" . ($bAuthorized || $iUserID > 0 ? "\n\t\t\t\t\tAND (UA.USER_ID IS NOT NULL\n\t\t\t\t\t" . ($bAuthorized ? "OR IBR.GROUP_CODE = 'AU'" : "") . "\n\t\t\t\t\t" . ($iUserID > 0 ? "OR (IBR.GROUP_CODE = 'CR' AND BE.CREATED_BY = " . $iUserID . ")" : "") . "\n\t\t\t\t)" : "") . "\n\t\t\t"; $strResult = "(\n\t\t\t\tB.ID IN ({$stdPermissions})\n\t\t\t\tOR (B.RIGHTS_MODE = 'E' AND EXISTS ({$extPermissions}))\n\t\t\t)"; } else { $strResult = "(\n\t\t\t\tB.ID IN ({$stdPermissions})\n\t\t\t)"; } return $strResult; }
function GetAccessCodes() { if (!$this->IsAuthorized()) { return array('G2'); } static $arCodes = array(); $USER_ID = intval($this->GetID()); if (!array_key_exists($USER_ID, $arCodes)) { $access = new CAccess(); $access->UpdateCodes(); $arCodes[$USER_ID] = array(); $res = CAccess::GetUserCodes($USER_ID); while ($arRes = $res->Fetch()) { $arCodes[$USER_ID][] = $arRes["ACCESS_CODE"]; } if ($this->IsAuthorized()) { $arCodes[$USER_ID][] = "AU"; } } return $arCodes[$USER_ID]; }
public static function Init($Params) { global $USER; $access = new CAccess(); $access->UpdateCodes(); // Owner params self::$siteId = isset($Params['siteId']) ? $Params['siteId'] : SITE_ID; self::$type = $Params['type']; self::$arTypes = CCalendarType::GetList(); self::$bIntranet = CCalendar::IsIntranetEnabled(); self::$bSocNet = self::IsSocNet(); self::$userId = isset($Params['userId']) ? intVal($Params['userId']) : CCalendar::GetCurUserId(); self::$bOwner = self::$type == 'user' || self::$type == 'group'; self::$settings = self::GetSettings(); self::$userSettings = self::GetUserSettings(); self::$pathesForSite = self::GetPathes(self::$siteId); self::$pathToUser = self::$pathesForSite['path_to_user']; self::$bSuperpose = $Params['allowSuperpose'] != false && self::$bSocNet; self::$bAnonym = !$USER || !$USER->IsAuthorized(); self::$userNameTemplate = self::$settings['user_name_template']; self::$bAMPM = IsAmPmMode(); self::$bWideDate = strpos(FORMAT_DATETIME, 'MMMM') !== false; if (isset($Params['SectionControlsDOMId'])) { self::$SectionsControlsDOMId = $Params['SectionControlsDOMId']; } if (self::$bOwner && isset($Params['ownerId']) && $Params['ownerId'] > 0) { self::$ownerId = intVal($Params['ownerId']); } self::$bTasks = self::$type == 'user' && $Params['showTasks'] !== false && CModule::IncludeModule('tasks'); if (self::$bTasks && self::$ownerId != self::$userId) { self::$bTasks = false; } self::GetPermissions(array('type' => self::$type, 'bOwner' => self::$bOwner, 'userId' => self::$userId, 'ownerId' => self::$ownerId)); // Cache params if (isset($Params['cachePath'])) { self::$cachePath = $Params['cachePath']; } if (isset($Params['cacheTime'])) { self::$cacheTime = $Params['cacheTime']; } self::$bCache = self::$cacheTime > 0; // Urls $page = preg_replace(array("/EVENT_ID=.*?\\&/i", "/CHOOSE_MR=.*?\\&/i", "/action=.*?\\&/i", "/bx_event_calendar_request=.*?\\&/i", "/clear_cache=.*?\\&/i", "/bitrix_include_areas=.*?\\&/i", "/bitrix_show_mode=.*?\\&/i", "/back_url_admin=.*?\\&/i"), "", $Params['pageUrl'] . '&'); $page = preg_replace(array("/^(.*?)\\&\$/i", "/^(.*?)\\?\$/i"), "\$1", $page); self::$actionUrl = $page; if (self::$bOwner && !empty(self::$ownerId)) { self::$path = self::GetPath(self::$type, self::$ownerId, true); } else { self::$path = CCalendar::GetServerPath() . $page; } self::$outerUrl = $GLOBALS['APPLICATION']->GetCurPageParam('', array("action", "bx_event_calendar_request", "clear_cache", "bitrix_include_areas", "bitrix_show_mode", "back_url_admin", "SEF_APPLICATION_CUR_PAGE_URL", "EVENT_ID", "CHOOSE_MR"), false); // Superposing self::$bCanAddToSuperpose = false; if (self::$bSuperpose) { if (self::$type == 'user' || self::$type == 'group') { self::$bCanAddToSuperpose = true; } foreach (self::$arTypes as $t) { if (is_array(self::$settings['denied_superpose_types']) && !in_array($t['XML_ID'], self::$settings['denied_superpose_types'])) { self::$arSPTypes[] = $t['XML_ID']; } } self::$bCanAddToSuperpose = is_array(self::$arSPTypes) && in_array(self::$type, self::$arSPTypes); } // **** Reserve meeting and reserve video meeting // *** Meeting room params *** $RMiblockId = self::$settings['rm_iblock_id']; self::$allowReserveMeeting = $Params["allowResMeeting"] && $RMiblockId > 0; if (self::$allowReserveMeeting && !$USER->IsAdmin() && CIBlock::GetPermission($RMiblockId) < "R") { self::$allowReserveMeeting = false; } // *** Video meeting room params *** $VMiblockId = self::$settings['vr_iblock_id']; self::$allowVideoMeeting = $Params["allowVideoMeeting"] && $VMiblockId > 0; if (self::$allowVideoMeeting && !$USER->IsAdmin() && CIBlock::GetPermission($VMiblockId) < "R" || !CModule::IncludeModule("video")) { self::$allowVideoMeeting = false; } }
function GetList($arOrder = Array("ID" => "DESC"), $arFilter = Array(), $arGroupBy = false, $arNavStartParams = false, $arSelectFields = array(), $arParams = array()) { global $DB, $arSocNetAllowedEntityTypes, $USER, $USER_FIELD_MANAGER; $arSocNetAllowedSubscribeEntityTypesDesc = CSocNetAllowed::GetAllowedEntityTypesDesc(); $obUserFieldsSql = new CUserTypeSQL; $obUserFieldsSql->SetEntity("SONET_COMMENT", "LC.ID"); $obUserFieldsSql->SetSelect($arSelectFields); $obUserFieldsSql->SetFilter($arFilter); $obUserFieldsSql->SetOrder($arOrder); if (count($arSelectFields) <= 0) $arSelectFields = array( "ID", "LOG_ID", "SOURCE_ID", "ENTITY_TYPE", "ENTITY_ID", "USER_ID", "EVENT_ID", "LOG_DATE", "MESSAGE", "TEXT_MESSAGE", "URL", "MODULE_ID", "GROUP_NAME", "GROUP_OWNER_ID", "GROUP_VISIBLE", "GROUP_OPENED", "GROUP_IMAGE_ID", "USER_NAME", "USER_LAST_NAME", "USER_SECOND_NAME", "USER_LOGIN", "USER_PERSONAL_PHOTO", "USER_PERSONAL_GENDER", "CREATED_BY_NAME", "CREATED_BY_LAST_NAME", "CREATED_BY_SECOND_NAME", "CREATED_BY_LOGIN", "CREATED_BY_PERSONAL_PHOTO", "CREATED_BY_PERSONAL_GENDER", "LOG_SITE_ID", "LOG_SOURCE_ID", "LOG_USER_ID", "RATING_TYPE_ID", "RATING_ENTITY_ID", "RATING_TOTAL_VALUE", "RATING_TOTAL_VOTES", "RATING_TOTAL_POSITIVE_VOTES", "RATING_TOTAL_NEGATIVE_VOTES", "RATING_USER_VOTE_VALUE" ); static $arFields1 = array( "ID" => Array("FIELD" => "LC.ID", "TYPE" => "int"), "LOG_ID" => Array("FIELD" => "LC.LOG_ID", "TYPE" => "int"), "SOURCE_ID" => Array("FIELD" => "LC.SOURCE_ID", "TYPE" => "int"), "ENTITY_TYPE" => Array("FIELD" => "LC.ENTITY_TYPE", "TYPE" => "string"), "ENTITY_ID" => Array("FIELD" => "LC.ENTITY_ID", "TYPE" => "int"), "USER_ID" => Array("FIELD" => "LC.USER_ID", "TYPE" => "int"), "EVENT_ID" => Array("FIELD" => "LC.EVENT_ID", "TYPE" => "string"), "LOG_DATE" => Array("FIELD" => "LC.LOG_DATE", "TYPE" => "datetime"), "LOG_DATE_TS" => Array("FIELD" => "UNIX_TIMESTAMP(LC.LOG_DATE)", "TYPE" => "int"), "TITLE" => Array("FIELD" => "LC.TITLE", "TYPE" => "string"), "MESSAGE" => Array("FIELD" => "LC.MESSAGE", "TYPE" => "string"), "TEXT_MESSAGE" => Array("FIELD" => "LC.TEXT_MESSAGE", "TYPE" => "string"), "URL" => Array("FIELD" => "LC.URL", "TYPE" => "string"), "MODULE_ID" => Array("FIELD" => "LC.MODULE_ID", "TYPE" => "string"), "LOG_SOURCE_ID" => Array("FIELD" => "L.SOURCE_ID", "TYPE" => "int", "FROM" => "LEFT JOIN b_sonet_log L ON (LC.LOG_ID = L.ID)"), "LOG_USER_ID" => Array("FIELD" => "L.USER_ID", "TYPE" => "int", "FROM" => "LEFT JOIN b_sonet_log L ON (LC.LOG_ID = L.ID)"), "LOG_TITLE" => Array("FIELD" => "L1.TITLE", "TYPE" => "string", "FROM" => "INNER JOIN b_sonet_log L1 ON (LC.LOG_ID = L1.ID)"), "LOG_URL" => Array("FIELD" => "L1.URL", "TYPE" => "string", "FROM" => "INNER JOIN b_sonet_log L1 ON (LC.LOG_ID = L1.ID)"), "LOG_PARAMS" => Array("FIELD" => "L1.PARAMS", "TYPE" => "string", "FROM" => "INNER JOIN b_sonet_log L1 ON (LC.LOG_ID = L1.ID)"), "GROUP_NAME" => Array("FIELD" => "G.NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_group G ON (LC.ENTITY_TYPE = 'G' AND LC.ENTITY_ID = G.ID)"), "GROUP_OWNER_ID" => Array("FIELD" => "G.OWNER_ID", "TYPE" => "int", "FROM" => "LEFT JOIN b_sonet_group G ON (LC.ENTITY_TYPE = 'G' AND LC.ENTITY_ID = G.ID)"), "GROUP_VISIBLE" => Array("FIELD" => "G.VISIBLE", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_group G ON (LC.ENTITY_TYPE = 'G' AND LC.ENTITY_ID = G.ID)"), "GROUP_OPENED" => Array("FIELD" => "G.OPENED", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_group G ON (LC.ENTITY_TYPE = 'G' AND LC.ENTITY_ID = G.ID)"), "GROUP_IMAGE_ID" => Array("FIELD" => "G.IMAGE_ID", "TYPE" => "int", "FROM" => "LEFT JOIN b_sonet_group G ON (LC.ENTITY_TYPE = 'G' AND LC.ENTITY_ID = G.ID)"), "USER_NAME" => Array("FIELD" => "U.NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (LC.ENTITY_TYPE = 'U' AND LC.ENTITY_ID = U.ID)"), "USER_LAST_NAME" => Array("FIELD" => "U.LAST_NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (LC.ENTITY_TYPE = 'U' AND LC.ENTITY_ID = U.ID)"), "USER_SECOND_NAME" => Array("FIELD" => "U.SECOND_NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (LC.ENTITY_TYPE = 'U' AND LC.ENTITY_ID = U.ID)"), "USER_LOGIN" => Array("FIELD" => "U.LOGIN", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (LC.ENTITY_TYPE = 'U' AND LC.ENTITY_ID = U.ID)"), "USER_PERSONAL_PHOTO" => Array("FIELD" => "U.PERSONAL_PHOTO", "TYPE" => "int", "FROM" => "LEFT JOIN b_user U ON (LC.ENTITY_TYPE = 'U' AND LC.ENTITY_ID = U.ID)"), "USER_PERSONAL_GENDER" => Array("FIELD" => "U.PERSONAL_GENDER", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (LC.ENTITY_TYPE = 'U' AND LC.ENTITY_ID = U.ID)"), "CREATED_BY_NAME" => Array("FIELD" => "U1.NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON LC.USER_ID = U1.ID"), "CREATED_BY_LAST_NAME" => Array("FIELD" => "U1.LAST_NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON LC.USER_ID = U1.ID"), "CREATED_BY_SECOND_NAME" => Array("FIELD" => "U1.SECOND_NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON LC.USER_ID = U1.ID"), "CREATED_BY_LOGIN" => Array("FIELD" => "U1.LOGIN", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON LC.USER_ID = U1.ID"), "CREATED_BY_PERSONAL_PHOTO" => Array("FIELD" => "U1.PERSONAL_PHOTO", "TYPE" => "int", "FROM" => "LEFT JOIN b_user U1 ON LC.USER_ID = U1.ID"), "CREATED_BY_PERSONAL_GENDER" => Array("FIELD" => "U1.PERSONAL_GENDER", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON LC.USER_ID = U1.ID"), ); if (array_key_exists("LOG_SITE_ID", $arFilter)) { $arFields["LOG_SITE_ID"] = Array("FIELD" => "SLS.SITE_ID", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_log_site SLS ON LC.LOG_ID = SLS.LOG_ID"); $strDistinct = " DISTINCT "; foreach ($arSelectFields as $i => $strFieldTmp) if ($strFieldTmp == "LOG_SITE_ID") unset($arSelectFields[$i]); foreach ($arOrder as $by => $order) if (!in_array($by, $arSelectFields)) $arSelectFields[] = $by; } else { $arFields["LOG_SITE_ID"] = Array("FIELD" => "L.SITE_ID", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_log L ON (LC.LOG_ID = L.ID)"); $strDistinct = " "; } $arFields["RATING_TYPE_ID"] = Array("FIELD" => "LC.RATING_TYPE_ID", "TYPE" => "string"); $arFields["RATING_ENTITY_ID"] = Array("FIELD" => "LC.RATING_ENTITY_ID", "TYPE" => "int"); $arFields["RATING_TOTAL_VALUE"] = Array("FIELD" => $DB->IsNull('RG.TOTAL_VALUE', '0'), "TYPE" => "double", "FROM" => "LEFT JOIN b_rating_voting RG ON LC.RATING_TYPE_ID = RG.ENTITY_TYPE_ID AND LC.RATING_ENTITY_ID = RG.ENTITY_ID"); $arFields["RATING_TOTAL_VOTES"] = Array("FIELD" => $DB->IsNull('RG.TOTAL_VOTES', '0'), "TYPE" => "double", "FROM" => "LEFT JOIN b_rating_voting RG ON LC.RATING_TYPE_ID = RG.ENTITY_TYPE_ID AND LC.RATING_ENTITY_ID = RG.ENTITY_ID"); $arFields["RATING_TOTAL_POSITIVE_VOTES"] = Array("FIELD" => $DB->IsNull('RG.TOTAL_POSITIVE_VOTES', '0'), "TYPE" => "int", "FROM" => "LEFT JOIN b_rating_voting RG ON LC.RATING_TYPE_ID = RG.ENTITY_TYPE_ID AND LC.RATING_ENTITY_ID = RG.ENTITY_ID"); $arFields["RATING_TOTAL_NEGATIVE_VOTES"] = Array("FIELD" => $DB->IsNull('RG.TOTAL_NEGATIVE_VOTES', '0'), "TYPE" => "int", "FROM" => "LEFT JOIN b_rating_voting RG ON LC.RATING_TYPE_ID = RG.ENTITY_TYPE_ID AND LC.RATING_ENTITY_ID = RG.ENTITY_ID"); if (isset($USER) && is_object($USER)) $arFields["RATING_USER_VOTE_VALUE"] = Array("FIELD" => $DB->IsNull('RV.VALUE', '0'), "TYPE" => "double", "FROM" => "LEFT JOIN b_rating_vote RV ON LC.RATING_TYPE_ID = RV.ENTITY_TYPE_ID AND LC.RATING_ENTITY_ID = RV.ENTITY_ID AND RV.USER_ID = ".intval($USER->GetId())); if (array_key_exists("LOG_RIGHTS", $arFilter)) { $Rights = array(); if(is_array($arFilter["LOG_RIGHTS"])) { foreach($arFilter["LOG_RIGHTS"] as $str) if(trim($str)) $Rights[] = trim($str); } elseif(trim($arFilter["LOG_RIGHTS"])) $Rights = trim($arFilter["LOG_RIGHTS"]); unset($arFilter["LOG_RIGHTS"]); if((is_array($Rights) && !empty($Rights)) || !is_array($Rights)) { $arFilter["LOG_RIGHTS"] = $Rights; $arFields["LOG_RIGHTS"] = Array("FIELD" => "SLR0.GROUP_CODE", "TYPE" => "string", "FROM" => "INNER JOIN b_sonet_log_right SLR0 ON LC.LOG_ID = SLR0.LOG_ID"); } if(is_array($Rights) && count($Rights) > 1) $strDistinct = " DISTINCT "; } $arFields = array_merge($arFields1, $arFields); $arSqls = CSocNetGroup::PrepareSql($arFields, $arOrder, $arFilter, $arGroupBy, $arSelectFields, $obUserFieldsSql); $r = $obUserFieldsSql->GetFilter(); if(strlen($r)>0) $strSqlUFFilter = " (".$r.") "; $arSqls["RIGHTS"] = ""; $arSqls["CRM_RIGHTS"] = ""; if ( !empty($arParams) && array_key_exists("CHECK_RIGHTS", $arParams) && $arParams["CHECK_RIGHTS"] == "Y" && !array_key_exists("USER_ID", $arParams) && is_object($GLOBALS["USER"]) ) $arParams["USER_ID"] = $GLOBALS["USER"]->GetID(); if ( !empty($arParams) && array_key_exists("USER_ID", $arParams) ) $arParams["CHECK_RIGHTS"] = "Y"; if ( !empty($arParams) && array_key_exists("USE_SUBSCRIBE", $arParams) && $arParams["USE_SUBSCRIBE"] == "Y" ) { if (!array_key_exists("SUBSCRIBE_USER_ID", $arParams)) { if ( array_key_exists("USER_ID", $arParams) && intval($arParams["USER_ID"]) > 0 ) $arParams["SUBSCRIBE_USER_ID"] = $arParams["USER_ID"]; else $arParams["SUBSCRIBE_USER_ID"] = $GLOBALS["USER"]->GetID(); } if (!array_key_exists("MY_ENTITIES", $arParams)) { foreach($arSocNetAllowedSubscribeEntityTypesDesc as $entity_type_tmp => $arEntityTypeTmp) if ( array_key_exists("HAS_MY", $arEntityTypeTmp) && $arEntityTypeTmp["HAS_MY"] == "Y" && array_key_exists("CLASS_MY", $arEntityTypeTmp) && array_key_exists("METHOD_MY", $arEntityTypeTmp) && strlen($arEntityTypeTmp["CLASS_MY"]) > 0 && strlen($arEntityTypeTmp["METHOD_MY"]) > 0 && method_exists($arEntityTypeTmp["CLASS_MY"], $arEntityTypeTmp["METHOD_MY"]) ) $arMyEntities[$entity_type_tmp] = call_user_func(array($arEntityTypeTmp["CLASS_MY"], $arEntityTypeTmp["METHOD_MY"])); $arParams["MY_ENTITIES"] = $arMyEntities; } } if ( !empty($arParams) && array_key_exists("CHECK_RIGHTS", $arParams) && $arParams["CHECK_RIGHTS"] == "Y" && array_key_exists("USER_ID", $arParams) ) { $acc = new CAccess; $acc->UpdateCodes(); $arSqls["RIGHTS"] = "EXISTS ( SELECT SLR.ID FROM b_sonet_log_right SLR LEFT JOIN b_user_access UA ON (UA.ACCESS_CODE = SLR.GROUP_CODE AND UA.USER_ID = ".(is_object($USER)? intval($USER->GetID()): 0).") WHERE LC.LOG_ID = SLR.LOG_ID AND (0=1 ". (is_object($USER) && CSocNetUser::IsCurrentUserModuleAdmin() ? " OR SLR.GROUP_CODE = 'SA'" : ""). (is_object($USER) && $USER->IsAuthorized() ? " OR (SLR.GROUP_CODE = 'AU')" : ""). " OR (SLR.GROUP_CODE = 'G2')". (is_object($USER) && $USER->IsAuthorized() ? " OR (UA.ACCESS_CODE = SLR.GROUP_CODE AND UA.USER_ID = ".$USER->GetID().")" : "")."))"; } if ( !empty($arParams) && array_key_exists("CHECK_CRM_RIGHTS", $arParams) && $arParams["CHECK_CRM_RIGHTS"] == "Y" && array_key_exists("USER_ID", $arParams) ) { $arSqls["CRM_RIGHTS"] = ""; } if ( $arParams["USE_SUBSCRIBE"] == "Y" && intval($arParams["SUBSCRIBE_USER_ID"]) > 0 ) { $arSqls["SUBSCRIBE"] = CSocNetLogEvents::GetSQL( $arParams["SUBSCRIBE_USER_ID"], (is_array($arParams["MY_ENTITIES"]) ? $arParams["MY_ENTITIES"] : array()), $arParams["TRANSPORT"], $arParams["VISIBLE"], "LC" ); } $arSqls["SELECT"] = str_replace("%%_DISTINCT_%%", $strDistinct, $arSqls["SELECT"]); if (is_array($arGroupBy) && count($arGroupBy)==0) { $strSql = "SELECT ".$arSqls["SELECT"]." ". $obUserFieldsSql->GetSelect()." ". "FROM b_sonet_log_comment LC ". " ".$arSqls["FROM"]." ". $obUserFieldsSql->GetJoin("LC.ID")." "; $bWhereStarted = false; if (strlen($arSqls["WHERE"]) > 0) { $strSql .= "WHERE ".$arSqls["WHERE"]." ".(strlen($arSqls["SUBSCRIBE"]) > 0 ? "AND (".$arSqls["SUBSCRIBE"].") " : ""); $bWhereStarted = true; } elseif (strlen($arSqls["SUBSCRIBE"]) > 0) { $strSql .= "WHERE (".$arSqls["SUBSCRIBE"].") "; $bWhereStarted = true; } if (strlen($strSqlUFFilter) > 0) { $strSql .= ($bWhereStarted ? " AND " : " WHERE ").$strSqlUFFilter." "; $bWhereStarted = true; } if (strlen($arSqls["RIGHTS"]) > 0) { $strSql .= ($bWhereStarted ? " AND " : " WHERE ").$arSqls["RIGHTS"]." "; $bWhereStarted = true; } if (strlen($arSqls["CRM_RIGHTS"]) > 0) { $strSql .= ($bWhereStarted ? " AND " : " WHERE ").$arSqls["CRM_RIGHTS"]." "; $bWhereStarted = true; } if (strlen($arSqls["GROUPBY"]) > 0) $strSql .= "GROUP BY ".$arSqls["GROUPBY"]." "; //echo "!1!=".htmlspecialcharsbx($strSql)."<br>"; $dbRes = $DB->Query($strSql, false, "File: ".__FILE__."<br>Line: ".__LINE__); if ($arRes = $dbRes->Fetch()) return $arRes["CNT"]; else return false; } $strSql = "SELECT ".$arSqls["SELECT"]." ". $obUserFieldsSql->GetSelect()." ". "FROM b_sonet_log_comment LC ". " ".$arSqls["FROM"]." ". $obUserFieldsSql->GetJoin("LC.ID")." "; $bWhereStarted = false; if (strlen($arSqls["WHERE"]) > 0) { $strSql .= "WHERE ".$arSqls["WHERE"]." ".(strlen($arSqls["SUBSCRIBE"]) > 0 ? "AND (".$arSqls["SUBSCRIBE"].") " : ""); $bWhereStarted = true; } elseif (strlen($arSqls["SUBSCRIBE"]) > 0) { $strSql .= "WHERE (".$arSqls["SUBSCRIBE"].") "; $bWhereStarted = true; } if (strlen($strSqlUFFilter) > 0) { $strSql .= ($bWhereStarted ? " AND " : " WHERE ").$strSqlUFFilter." "; $bWhereStarted = true; } if (strlen($arSqls["RIGHTS"]) > 0) { $strSql .= ($bWhereStarted ? " AND " : " WHERE ").$arSqls["RIGHTS"]." "; $bWhereStarted = true; } if (strlen($arSqls["CRM_RIGHTS"]) > 0) { $strSql .= ($bWhereStarted ? " AND " : " WHERE ").$arSqls["CRM_RIGHTS"]." "; $bWhereStarted = true; } if (strlen($arSqls["GROUPBY"]) > 0) $strSql .= "GROUP BY ".$arSqls["GROUPBY"]." "; if (strlen($arSqls["ORDERBY"]) > 0) $strSql .= "ORDER BY ".$arSqls["ORDERBY"]." "; if (is_array($arNavStartParams) && IntVal($arNavStartParams["nTopCount"]) <= 0) { $strSql_tmp = "SELECT COUNT('x') as CNT ". $obUserFieldsSql->GetSelect()." ". "FROM b_sonet_log_comment LC ". " ".$arSqls["FROM"]." ". $obUserFieldsSql->GetJoin("LC.ID")." "; $bWhereStarted = false; if (strlen($arSqls["WHERE"]) > 0) { $strSql_tmp .= "WHERE ".$arSqls["WHERE"]." ".(strlen($arSqls["SUBSCRIBE"]) > 0 ? "AND (".$arSqls["SUBSCRIBE"].") " : ""); $bWhereStarted = true; } elseif (strlen($arSqls["SUBSCRIBE"]) > 0) { $strSql_tmp .= "WHERE (".$arSqls["SUBSCRIBE"].") "; $bWhereStarted = true; } if (strlen($strSqlUFFilter) > 0) { $strSql_tmp .= ($bWhereStarted ? " AND " : " WHERE ").$strSqlUFFilter." "; $bWhereStarted = true; } if (strlen($arSqls["RIGHTS"]) > 0) { $strSql_tmp .= ($bWhereStarted ? " AND " : " WHERE ").$arSqls["RIGHTS"]." "; $bWhereStarted = true; } if (strlen($arSqls["CRM_RIGHTS"]) > 0) { $strSql_tmp .= ($bWhereStarted ? " AND " : " WHERE ").$arSqls["CRM_RIGHTS"]." "; $bWhereStarted = true; } if (strlen($arSqls["GROUPBY"]) > 0) $strSql_tmp .= "GROUP BY ".$arSqls["GROUPBY"]." "; //echo "!2.1!=".htmlspecialcharsbx($strSql_tmp)."<br>"; $dbRes = $DB->Query($strSql_tmp, false, "File: ".__FILE__."<br>Line: ".__LINE__); $cnt = 0; if (strlen($arSqls["GROUPBY"]) <= 0) { if ($arRes = $dbRes->Fetch()) $cnt = $arRes["CNT"]; } else { // рнкэйн дкъ MYSQL!!! дкъ ORACLE дпсцни йнд $cnt = $dbRes->SelectedRowsCount(); } $dbRes = new CDBResult(); //echo "!2.2!=".htmlspecialcharsbx($strSql)."<br>"; $dbRes->SetUserFields($USER_FIELD_MANAGER->GetUserFields("SONET_COMMENT")); $dbRes->NavQuery($strSql, $cnt, $arNavStartParams); } else { if (is_array($arNavStartParams) && IntVal($arNavStartParams["nTopCount"]) > 0) $strSql .= "LIMIT ".intval($arNavStartParams["nTopCount"]); //echo "!3!=".htmlspecialcharsbx($strSql)."<br>"; $dbRes = $DB->Query($strSql, false, "File: ".__FILE__."<br>Line: ".__LINE__); $dbRes->SetUserFields($USER_FIELD_MANAGER->GetUserFields("SONET_COMMENT")); } return $dbRes; }
public static function GetUserCodes($USER_ID, $arFilter = array()) { global $DB; $access = new CAccess(); $access->UpdateCodes(array('USER_ID' => $USER_ID)); $arWhere = array(); foreach ($arFilter as $key => $val) { $key = strtoupper($key); switch ($key) { case "ACCESS_CODE": if (!is_array($val)) { $val = array($val); } $arIn = array(); foreach ($val as $code) { if (trim($code) != '') { $arIn[] = "'" . $DB->ForSQL(trim($code)) . "'"; } } if (!empty($arIn)) { $arWhere[] = "access_code in(" . implode(",", $arIn) . ")"; } break; case "PROVIDER_ID": $arWhere[] = "provider_id='" . $DB->ForSQL($val) . "'"; break; } } $sWhere = ''; if (!empty($arWhere)) { $sWhere = " and " . implode(" and ", $arWhere); } return $DB->Query("select * from b_user_access where user_id=" . intval($USER_ID) . $sWhere); }
function _check_rights_sql($min_permission) { global $DB, $USER; $min_permission = (strlen($min_permission)==1) ? $min_permission : "R"; if(is_object($USER)) { $iUserID = intval($USER->GetID()); $strGroups = $USER->GetGroups(); $bAuthorized = $USER->IsAuthorized(); } else { $iUserID = 0; $strGroups = "2"; $bAuthorized = false; } $stdPermissions = " SELECT IBLOCK_ID FROM b_iblock_group IBG WHERE IBG.GROUP_ID IN (".$strGroups.") AND IBG.PERMISSION >= '".$DB->ForSQL($min_permission)."' "; if(!defined("ADMIN_SECTION")) $stdPermissions .= " AND (IBG.PERMISSION='X' OR B.ACTIVE='Y') "; if($min_permission >= "X") $operation = 'section_rights_edit'; elseif($min_permission >= "W") $operation = 'section_edit'; elseif($min_permission >= "R") $operation = 'section_read'; else $operation = ''; if($operation) { $acc = new CAccess; $acc->UpdateCodes(); } if($operation == "section_read") { $extPermissions = " SELECT SR.SECTION_ID FROM b_iblock_section_right SR INNER JOIN b_iblock_right IBR ON IBR.ID = SR.RIGHT_ID ".($iUserID > 0? "LEFT": "INNER")." JOIN b_user_access UA ON UA.ACCESS_CODE = IBR.GROUP_CODE AND UA.USER_ID = ".$iUserID." WHERE SR.SECTION_ID = BS.ID AND IBR.OP_SREAD = 'Y' ".($bAuthorized || $iUserID > 0? " AND (UA.USER_ID IS NOT NULL ".($bAuthorized? "OR IBR.GROUP_CODE = 'AU'": "")." ".($iUserID > 0? "OR (IBR.GROUP_CODE = 'CR' AND BS.CREATED_BY = ".$iUserID.")": "")." )": "")." "; $strResult = "( B.ID IN ($stdPermissions) OR (B.RIGHTS_MODE = 'E' AND EXISTS ($extPermissions)) )"; } elseif($operation) { $extPermissions = " SELECT SR.SECTION_ID FROM b_iblock_section_right SR INNER JOIN b_iblock_right IBR ON IBR.ID = SR.RIGHT_ID INNER JOIN b_task_operation T ON T.TASK_ID = IBR.TASK_ID INNER JOIN b_operation O ON O.ID = T.OPERATION_ID ".($iUserID > 0? "LEFT": "INNER")." JOIN b_user_access UA ON UA.ACCESS_CODE = IBR.GROUP_CODE AND UA.USER_ID = ".$iUserID." WHERE SR.SECTION_ID = BS.ID AND O.NAME = '".$operation."' ".($bAuthorized || $iUserID > 0? " AND (UA.USER_ID IS NOT NULL ".($bAuthorized? "OR IBR.GROUP_CODE = 'AU'": "")." ".($iUserID > 0? "OR (IBR.GROUP_CODE = 'CR' AND BS.CREATED_BY = ".$iUserID.")": "")." )": "")." "; $strResult = "( B.ID IN ($stdPermissions) OR (B.RIGHTS_MODE = 'E' AND EXISTS ($extPermissions)) )"; } else { $strResult = "( B.ID IN ($stdPermissions) )"; } return $strResult; }
public static function GetList($arOrder = array("SORT" => "ASC"), $arFilter = array(), $bIncCnt = false) { global $DB, $USER; $strSqlSearch = ""; $bAddSites = false; foreach ($arFilter as $key => $val) { $res = CIBlock::MkOperationFilter($key); $key = strtoupper($res["FIELD"]); $cOperationType = $res["OPERATION"]; switch ($key) { case "ACTIVE": $sql = CIBlock::FilterCreate("B.ACTIVE", $val, "string_equal", $cOperationType); break; case "LID": case "SITE_ID": $sql = CIBlock::FilterCreate("BS.SITE_ID", $val, "string_equal", $cOperationType); if (strlen($sql)) { $bAddSites = true; } break; case "NAME": case "CODE": case "XML_ID": case "PROPERTY_INDEX": $sql = CIBlock::FilterCreate("B." . $key, $val, "string", $cOperationType); break; case "EXTERNAL_ID": $sql = CIBlock::FilterCreate("B.XML_ID", $val, "string", $cOperationType); break; case "TYPE": $sql = CIBlock::FilterCreate("B.IBLOCK_TYPE_ID", $val, "string", $cOperationType); break; case "ID": case "VERSION": case "SOCNET_GROUP_ID": $sql = CIBlock::FilterCreate("B." . $key, $val, "number", $cOperationType); break; default: $sql = ""; break; } if (strlen($sql)) { $strSqlSearch .= " AND (" . $sql . ") "; } } $bCheckPermissions = !array_key_exists("CHECK_PERMISSIONS", $arFilter) || $arFilter["CHECK_PERMISSIONS"] !== "N" || array_key_exists("OPERATION", $arFilter); $bIsAdmin = is_object($USER) && $USER->IsAdmin(); if ($bCheckPermissions && !$bIsAdmin) { $min_permission = strlen($arFilter["MIN_PERMISSION"]) == 1 ? $arFilter["MIN_PERMISSION"] : "R"; if (is_object($USER)) { $iUserID = intval($USER->GetID()); $strGroups = $USER->GetGroups(); $bAuthorized = $USER->IsAuthorized(); } else { $iUserID = 0; $strGroups = "2"; $bAuthorized = false; } $stdPermissions = "\n\t\t\t\tSELECT IBLOCK_ID\n\t\t\t\tFROM b_iblock_group IBG\n\t\t\t\tWHERE IBG.GROUP_ID IN (" . $strGroups . ")\n\t\t\t\tAND IBG.PERMISSION >= '" . $min_permission . "'\n\t\t\t"; if (!defined("ADMIN_SECTION")) { $stdPermissions .= "\n\t\t\t\t\tAND (IBG.PERMISSION='X' OR B.ACTIVE='Y')\n\t\t\t\t"; } if (strlen($arFilter["OPERATION"]) > 0) { $operation = "'" . $DB->ForSql($arFilter["OPERATION"]) . "'"; } elseif ($min_permission >= "X") { $operation = "'iblock_edit'"; } elseif ($min_permission >= "U") { $operation = "'element_edit'"; } elseif ($min_permission >= "S") { $operation = "'iblock_admin_display'"; } else { $operation = "'section_read', 'element_read', 'section_element_bind', 'section_section_bind'"; } if ($operation) { $acc = new CAccess(); $acc->UpdateCodes(); $extPermissions = "\n\t\t\t\t\tSELECT IBLOCK_ID\n\t\t\t\t\tFROM b_iblock_right IBR\n\t\t\t\t\tINNER JOIN b_task_operation T ON T.TASK_ID = IBR.TASK_ID\n\t\t\t\t\tINNER JOIN b_operation O ON O.ID = T.OPERATION_ID\n\t\t\t\t\t" . ($iUserID > 0 ? "LEFT" : "INNER") . " JOIN b_user_access UA ON UA.ACCESS_CODE = IBR.GROUP_CODE AND UA.USER_ID = " . $iUserID . "\n\t\t\t\t\tWHERE IBR.ENTITY_TYPE = 'iblock'\n\t\t\t\t\tAND O.NAME in (" . $operation . ")\n\t\t\t\t\t" . ($bAuthorized ? "AND (UA.USER_ID IS NOT NULL OR IBR.GROUP_CODE = 'AU')" : "") . "\n\t\t\t\t"; $sqlPermissions = "AND (\n\t\t\t\t\tB.ID IN ({$stdPermissions})\n\t\t\t\t\tOR (B.RIGHTS_MODE = 'E' AND B.ID IN ({$extPermissions}))\n\t\t\t\t)"; } else { $sqlPermissions = "AND (\n\t\t\t\t\tB.ID IN ({$stdPermissions})\n\t\t\t\t)"; } } else { $sqlPermissions = ""; } if ($bAddSites) { $sqlJoinSites = "LEFT JOIN b_iblock_site BS ON B.ID=BS.IBLOCK_ID\n\t\t\t\t\tLEFT JOIN b_lang L ON L.LID=BS.SITE_ID"; } else { $sqlJoinSites = "INNER JOIN b_lang L ON L.LID=B.LID"; } if (!$bIncCnt) { $strSql = "\n\t\t\t\tSELECT DISTINCT\n\t\t\t\t\tB.*\n\t\t\t\t\t,B.XML_ID as EXTERNAL_ID\n\t\t\t\t\t," . $DB->DateToCharFunction("B.TIMESTAMP_X") . " as TIMESTAMP_X\n\t\t\t\t\t,L.DIR as LANG_DIR\n\t\t\t\t\t,L.SERVER_NAME\n\t\t\t\tFROM\n\t\t\t\t\tb_iblock B\n\t\t\t\t\t" . $sqlJoinSites . "\n\t\t\t\tWHERE 1 = 1\n\t\t\t\t\t" . $sqlPermissions . "\n\t\t\t\t\t" . $strSqlSearch . "\n\t\t\t"; } else { $strSql = "\n\t\t\t\tSELECT\n\t\t\t\t\tB.*\n\t\t\t\t\t,B.XML_ID as EXTERNAL_ID\n\t\t\t\t\t," . $DB->DateToCharFunction("B.TIMESTAMP_X") . " as TIMESTAMP_X\n\t\t\t\t\t,L.DIR as LANG_DIR\n\t\t\t\t\t,L.SERVER_NAME\n\t\t\t\t\t,COUNT(DISTINCT BE.ID) as ELEMENT_CNT\n\t\t\t\tFROM\n\t\t\t\t\tb_iblock B\n\t\t\t\t\t" . $sqlJoinSites . "\n\t\t\t\t\tLEFT JOIN b_iblock_element BE ON (BE.IBLOCK_ID=B.ID\n\t\t\t\t\t\tAND (\n\t\t\t\t\t\t\t(BE.WF_STATUS_ID=1 AND BE.WF_PARENT_ELEMENT_ID IS NULL )\n\t\t\t\t\t\t\t" . ($arFilter["CNT_ALL"] == "Y" ? " OR BE.WF_NEW='Y' " : "") . "\n\t\t\t\t\t\t)\n\t\t\t\t\t\t" . ($arFilter["CNT_ACTIVE"] == "Y" ? "AND BE.ACTIVE='Y'\n\t\t\t\t\t\tAND (BE.ACTIVE_TO >= " . $DB->CurrentDateFunction() . " OR BE.ACTIVE_TO IS NULL)\n\t\t\t\t\t\tAND (BE.ACTIVE_FROM <= " . $DB->CurrentDateFunction() . " OR BE.ACTIVE_FROM IS NULL)\n\t\t\t\t\t\t" : "") . "\n\t\t\t\t\t)\n\t\t\t\tWHERE 1 = 1\n\t\t\t\t\t" . $sqlPermissions . "\n\t\t\t\t\t" . $strSqlSearch . "\n\t\t\t\tGROUP BY B.ID\n\t\t\t"; } $arSqlOrder = array(); if (is_array($arOrder)) { foreach ($arOrder as $by => $order) { $by = strtolower($by); $order = strtolower($order); if ($order != "asc") { $order = "desc"; } if ($by == "id") { $arSqlOrder[$by] = " B.ID " . $order . " "; } elseif ($by == "lid") { $arSqlOrder[$by] = " B.LID " . $order . " "; } elseif ($by == "iblock_type") { $arSqlOrder[$by] = " B.IBLOCK_TYPE_ID " . $order . " "; } elseif ($by == "name") { $arSqlOrder[$by] = " B.NAME " . $order . " "; } elseif ($by == "active") { $arSqlOrder[$by] = " B.ACTIVE " . $order . " "; } elseif ($by == "sort") { $arSqlOrder[$by] = " B.SORT " . $order . " "; } elseif ($by == "code") { $arSqlOrder[$by] = " B.CODE " . $order . " "; } elseif ($bIncCnt && $by == "element_cnt") { $arSqlOrder[$by] = " ELEMENT_CNT " . $order . " "; } else { $by = "timestamp_x"; $arSqlOrder[$by] = " B.TIMESTAMP_X " . $order . " "; } } } if (count($arSqlOrder) > 0) { $strSqlOrder = " ORDER BY " . implode(",", $arSqlOrder); } else { $strSqlOrder = ""; } $res = $DB->Query($strSql . $strSqlOrder, false, "FILE: " . __FILE__ . "<br> LINE: " . __LINE__); return $res; }
static function UserHasRightTo($IBLOCK_ID, $ID, $permission, $flags = 0) { $acc = new CAccess; $acc->UpdateCodes(); $obRights = new CIBlockElementRights($IBLOCK_ID, 0); return CIBlockRights::_check_if_user_has_right($obRights, $ID, $permission, $flags); }
static function GetUserOperations($arID, $USER_ID = 0) { global $DB, $USER; $USER_ID = intval($USER_ID); if(is_object($USER)) { if($USER_ID <= 0) $USER_ID = intval($USER->GetID()); $bAuthorized = $USER->IsAuthorized(); } else { $bAuthorized = false; } if ($USER_ID > 0) { $acc = new CAccess; $acc->UpdateCodes(); } if(!is_array($arID)) $sqlID = array(intval($arID)); elseif(empty($arID)) return array(); else $sqlID = array_map('intval', $arID); $rs = $DB->Query(" SELECT ER.ELEMENT_ID ID, O.NAME FROM b_iblock_element E INNER JOIN b_iblock_element_right ER ON ER.ELEMENT_ID = E.ID INNER JOIN b_iblock_right IBR ON IBR.ID = ER.RIGHT_ID INNER JOIN b_task_operation T ON T.TASK_ID = IBR.TASK_ID INNER JOIN b_operation O ON O.ID = T.OPERATION_ID ".($USER_ID > 0? "LEFT": "INNER")." JOIN b_user_access UA ON UA.ACCESS_CODE = IBR.GROUP_CODE AND UA.USER_ID = ".$USER_ID." WHERE E.ID in (".implode(", ", $sqlID).") ".($bAuthorized || $USER_ID > 0? " AND (UA.USER_ID IS NOT NULL ".($bAuthorized? "OR IBR.GROUP_CODE = 'AU'": "")." ".($USER_ID > 0? "OR (IBR.GROUP_CODE = 'CR' AND E.CREATED_BY = ".$USER_ID.")": "")." )": "")." "); $arResult = array(); while($ar = $rs->Fetch()) $arResult[$ar["ID"]][$ar["NAME"]] = $ar["NAME"]; if(is_array($arID)) return $arResult; elseif(array_key_exists($arID, $arResult)) return $arResult[$arID]; else return array(); }
public static function GetList($Params = array()) { global $DB; $access = new CAccess(); $access->UpdateCodes(); $arFilter = $Params['arFilter']; $arOrder = isset($Params['arOrder']) ? $Params['arOrder'] : array('XML_ID' => 'asc'); $checkPermissions = $Params['checkPermissions'] !== false; $bCache = CCalendar::CacheTime() > 0; if ($bCache) { $cache = new CPHPCache(); $cacheId = serialize(array('type_list', $arFilter, $arOrder)); $cachePath = CCalendar::CachePath() . 'type_list'; if ($cache->InitCache(CCalendar::CacheTime(), $cacheId, $cachePath)) { $res = $cache->GetVars(); $arResult = $res["arResult"]; $arTypeXmlIds = $res["arTypeXmlIds"]; } } if (!$bCache || !isset($arTypeXmlIds)) { static $arFields = array("XML_ID" => array("FIELD_NAME" => "CT.XML_ID", "FIELD_TYPE" => "string"), "NAME" => array("FIELD_NAME" => "CT.NAME", "FIELD_TYPE" => "string"), "ACTIVE" => array("FIELD_NAME" => "CT.ACTIVE", "FIELD_TYPE" => "string"), "DESCRIPTION" => array("FIELD_NAME" => "CT.DESCRIPTION", "FIELD_TYPE" => "string"), "EXTERNAL_ID" => array("FIELD_NAME" => "CT.EXTERNAL_ID", "FIELD_TYPE" => "string")); $err_mess = "Function: CCalendarType::GetList<br>Line: "; $arSqlSearch = array(); $strSqlSearch = ""; if (is_array($arFilter)) { $filter_keys = array_keys($arFilter); for ($i = 0, $l = count($filter_keys); $i < $l; $i++) { $n = strtoupper($filter_keys[$i]); $val = $arFilter[$filter_keys[$i]]; if (is_string($val) && strlen($val) <= 0) { continue; } if ($n == 'XML_ID') { if (is_array($val)) { $strXml = ""; foreach ($val as $xmlId) { $strXml .= ",'" . CDatabase::ForSql($xmlId) . "'"; } $arSqlSearch[] = "CT.XML_ID in (" . trim($strXml, ", ") . ")"; } else { $arSqlSearch[] = GetFilterQuery("CT.XML_ID", $val, 'N'); } } if ($n == 'EXTERNAL_ID') { $arSqlSearch[] = GetFilterQuery("CT.EXTERNAL_ID", $val, 'N'); } elseif (isset($arFields[$n])) { $arSqlSearch[] = GetFilterQuery($arFields[$n]["FIELD_NAME"], $val); } } } $strOrderBy = ''; foreach ($arOrder as $by => $order) { if (isset($arFields[strtoupper($by)])) { $strOrderBy .= $arFields[strtoupper($by)]["FIELD_NAME"] . ' ' . (strtolower($order) == 'desc' ? 'desc' . (strtoupper($DB->type) == "ORACLE" ? " NULLS LAST" : "") : 'asc' . (strtoupper($DB->type) == "ORACLE" ? " NULLS FIRST" : "")) . ','; } } if (strlen($strOrderBy) > 0) { $strOrderBy = "ORDER BY " . rtrim($strOrderBy, ","); } $strSqlSearch = GetFilterSqlSearch($arSqlSearch); $strSql = "\n\t\t\t\tSELECT\n\t\t\t\t\tCT.*\n\t\t\t\tFROM\n\t\t\t\t\tb_calendar_type CT\n\t\t\t\tWHERE\n\t\t\t\t\t{$strSqlSearch}\n\t\t\t\t{$strOrderBy}"; $res = $DB->Query($strSql, false, $err_mess . __LINE__); $arResult = array(); $arTypeXmlIds = array(); while ($arRes = $res->Fetch()) { $arResult[] = $arRes; $arTypeXmlIds[] = $arRes['XML_ID']; } if ($bCache) { $cache->StartDataCache(CCalendar::CacheTime(), $cacheId, $cachePath); $cache->EndDataCache(array("arResult" => $arResult, "arTypeXmlIds" => $arTypeXmlIds)); } } if ($checkPermissions && count($arTypeXmlIds) > 0) { $arPerm = self::GetArrayPermissions($arTypeXmlIds); $res = array(); $arAccessCodes = array(); foreach ($arResult as $type) { $typeXmlId = $type['XML_ID']; if (self::CanDo('calendar_type_view', $typeXmlId)) { $type['PERM'] = array('view' => self::CanDo('calendar_type_view', $typeXmlId), 'add' => self::CanDo('calendar_type_add', $typeXmlId), 'edit' => self::CanDo('calendar_type_edit', $typeXmlId), 'edit_section' => self::CanDo('calendar_type_edit_section', $typeXmlId), 'access' => self::CanDo('calendar_type_access', $typeXmlId)); if (self::CanDo('calendar_type_access', $typeXmlId)) { $type['ACCESS'] = array(); if (count($arPerm[$typeXmlId]) > 0) { // Add codes to get they full names for interface $arAccessCodes = array_merge($arAccessCodes, array_keys($arPerm[$typeXmlId])); $type['ACCESS'] = $arPerm[$typeXmlId]; } } $res[] = $type; } } CCalendar::PushAccessNames($arAccessCodes); $arResult = $res; } return $arResult; }
public static function GetUserPerms($userID) { global $DB; $userID = intval($userID); if ($userID <= 0) { return array(); } // Prepare user codes if need $CAccess = new CAccess(); $CAccess->UpdateCodes(array('USER_ID' => $userID)); $obRes = $DB->Query("SELECT RP.* FROM b_crm_role_perms RP INNER JOIN b_crm_role_relation RR ON RR.ROLE_ID = RP.ROLE_ID INNER JOIN b_user_access UA ON UA.ACCESS_CODE = RR.RELATION AND UA.USER_ID = {$userID}", false, 'FILE: ' . __FILE__ . '<br /> LINE: ' . __LINE__); $arResult = array(); while ($arRow = $obRes->Fetch()) { $arRow['ATTR'] = trim($arRow['ATTR']); if ($arRow['FIELD'] == '-') { if (!isset($arResult[$arRow['ENTITY']][$arRow['PERM_TYPE']][$arRow['FIELD']]) || $arRow['ATTR'] > $arResult[$arRow['ENTITY']][$arRow['PERM_TYPE']][$arRow['FIELD']]) { $arResult[$arRow['ENTITY']][$arRow['PERM_TYPE']][$arRow['FIELD']] = $arRow['ATTR']; } } else { if (!isset($arResult[$arRow['ENTITY']][$arRow['PERM_TYPE']][$arRow['FIELD']][$arRow['FIELD_VALUE']]) || $arRow['ATTR'] > $arResult[$arRow['ENTITY']][$arRow['PERM_TYPE']][$arRow['FIELD']][$arRow['FIELD_VALUE']]) { $arResult[$arRow['ENTITY']][$arRow['PERM_TYPE']][$arRow['FIELD']][$arRow['FIELD_VALUE']] = $arRow['ATTR']; } } } return $arResult; }
public static function GetUserAttr($iUserID) { static $arResult = array(); if (!empty($arResult[$iUserID])) { return $arResult[$iUserID]; } $iUserID = (int) $iUserID; $arResult[$iUserID] = array(); $CAccess = new CAccess(); $CAccess->UpdateCodes(array('USER_ID' => $iUserID)); $obRes = CAccess::GetUserCodes($iUserID); while ($arCode = $obRes->Fetch()) { if (strpos($arCode['ACCESS_CODE'], 'DR') !== 0) { $arResult[$iUserID][strtoupper($arCode['PROVIDER_ID'])][] = $arCode['ACCESS_CODE']; } } if (!empty($arResult[$iUserID]['INTRANET']) && IsModuleInstalled('intranet')) { foreach ($arResult[$iUserID]['INTRANET'] as $iDepartment) { if (substr($iDepartment, 0, 1) === 'D') { $arTree = CIntranetUtils::GetDeparmentsTree(substr($iDepartment, 1), true); foreach ($arTree as $iSubDepartment) { $arResult[$iUserID]['SUBINTRANET'][] = 'D' . $iSubDepartment; } } } } return $arResult[$iUserID]; }
function GetList($arOrder = array("ID" => "DESC"), $arFilter = array(), $arGroupBy = false, $arNavStartParams = false, $arSelectFields = array(), $arParams = array()) { global $DB, $arSocNetAllowedEntityTypes, $USER, $USER_FIELD_MANAGER; $arSocNetAllowedSubscribeEntityTypesDesc = CSocNetAllowed::GetAllowedEntityTypesDesc(); $obUserFieldsSql = new CUserTypeSQL(); $obUserFieldsSql->SetEntity("SONET_LOG", "L.ID"); $obUserFieldsSql->SetSelect($arSelectFields); $obUserFieldsSql->SetFilter($arFilter); $obUserFieldsSql->SetOrder($arOrder); if (count($arSelectFields) <= 0) { $arSelectFields = array("ID", "TMP_ID", "ENTITY_TYPE", "ENTITY_ID", "USER_ID", "EVENT_ID", "LOG_DATE", "LOG_UPDATE", "TITLE_TEMPLATE", "TITLE", "MESSAGE", "TEXT_MESSAGE", "URL", "MODULE_ID", "CALLBACK_FUNC", "EXTERNAL_ID", "SITE_ID", "PARAMS", "COMMENTS_COUNT", "ENABLE_COMMENTS", "SOURCE_ID", "GROUP_NAME", "GROUP_OWNER_ID", "GROUP_INITIATE_PERMS", "GROUP_VISIBLE", "GROUP_OPENED", "GROUP_IMAGE_ID", "USER_NAME", "USER_LAST_NAME", "USER_SECOND_NAME", "USER_LOGIN", "USER_PERSONAL_PHOTO", "USER_PERSONAL_GENDER", "CREATED_BY_NAME", "CREATED_BY_LAST_NAME", "CREATED_BY_SECOND_NAME", "CREATED_BY_LOGIN", "CREATED_BY_PERSONAL_PHOTO", "CREATED_BY_PERSONAL_GENDER", "RATING_TYPE_ID", "RATING_ENTITY_ID", "RATING_TOTAL_VALUE", "RATING_TOTAL_VOTES", "RATING_TOTAL_POSITIVE_VOTES", "RATING_TOTAL_NEGATIVE_VOTES", "RATING_USER_VOTE_VALUE", "SOURCE_TYPE"); if (!isset($arParams["USE_FAVORITES"]) || $arParams["USE_FAVORITES"] != "N") { $arSelectFields[] = "FAVORITES_USER_ID"; } } static $arFields1 = array("ID" => array("FIELD" => "L.ID", "TYPE" => "int"), "TMP_ID" => array("FIELD" => "L.TMP_ID", "TYPE" => "int"), "SOURCE_ID" => array("FIELD" => "L.SOURCE_ID", "TYPE" => "int"), "ENTITY_TYPE" => array("FIELD" => "L.ENTITY_TYPE", "TYPE" => "string"), "ENTITY_ID" => array("FIELD" => "L.ENTITY_ID", "TYPE" => "int"), "USER_ID" => array("FIELD" => "L.USER_ID", "TYPE" => "int"), "EVENT_ID" => array("FIELD" => "L.EVENT_ID", "TYPE" => "string"), "LOG_DATE" => array("FIELD" => "L.LOG_DATE", "TYPE" => "datetime"), "LOG_DATE_TS" => array("FIELD" => "UNIX_TIMESTAMP(L.LOG_DATE)", "TYPE" => "int"), "LOG_UPDATE" => array("FIELD" => "L.LOG_UPDATE", "TYPE" => "datetime"), "TITLE_TEMPLATE" => array("FIELD" => "L.TITLE_TEMPLATE", "TYPE" => "string"), "TITLE" => array("FIELD" => "L.TITLE", "TYPE" => "string"), "MESSAGE" => array("FIELD" => "L.MESSAGE", "TYPE" => "string"), "TEXT_MESSAGE" => array("FIELD" => "L.TEXT_MESSAGE", "TYPE" => "string"), "URL" => array("FIELD" => "L.URL", "TYPE" => "string"), "MODULE_ID" => array("FIELD" => "L.MODULE_ID", "TYPE" => "string"), "CALLBACK_FUNC" => array("FIELD" => "L.CALLBACK_FUNC", "TYPE" => "string"), "EXTERNAL_ID" => array("FIELD" => "L.EXTERNAL_ID", "TYPE" => "string"), "PARAMS" => array("FIELD" => "L.PARAMS", "TYPE" => "string"), "COMMENTS_COUNT" => array("FIELD" => "L.COMMENTS_COUNT", "TYPE" => "int"), "ENABLE_COMMENTS" => array("FIELD" => "L.ENABLE_COMMENTS", "TYPE" => "string"), "SOURCE_TYPE" => array("FIELD" => "L.SOURCE_TYPE", "TYPE" => "string"), "GROUP_NAME" => array("FIELD" => "G.NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_group G ON (L.ENTITY_TYPE = 'G' AND L.ENTITY_ID = G.ID)"), "GROUP_OWNER_ID" => array("FIELD" => "G.OWNER_ID", "TYPE" => "int", "FROM" => "LEFT JOIN b_sonet_group G ON (L.ENTITY_TYPE = 'G' AND L.ENTITY_ID = G.ID)"), "GROUP_INITIATE_PERMS" => array("FIELD" => "G.INITIATE_PERMS", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_group G ON (L.ENTITY_TYPE = 'G' AND L.ENTITY_ID = G.ID)"), "GROUP_VISIBLE" => array("FIELD" => "G.VISIBLE", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_group G ON (L.ENTITY_TYPE = 'G' AND L.ENTITY_ID = G.ID)"), "GROUP_OPENED" => array("FIELD" => "G.OPENED", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_group G ON (L.ENTITY_TYPE = 'G' AND L.ENTITY_ID = G.ID)"), "GROUP_IMAGE_ID" => array("FIELD" => "G.IMAGE_ID", "TYPE" => "int", "FROM" => "LEFT JOIN b_sonet_group G ON (L.ENTITY_TYPE = 'G' AND L.ENTITY_ID = G.ID)"), "USER_NAME" => array("FIELD" => "U.NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (L.ENTITY_TYPE = 'U' AND L.ENTITY_ID = U.ID)"), "USER_LAST_NAME" => array("FIELD" => "U.LAST_NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (L.ENTITY_TYPE = 'U' AND L.ENTITY_ID = U.ID)"), "USER_SECOND_NAME" => array("FIELD" => "U.SECOND_NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (L.ENTITY_TYPE = 'U' AND L.ENTITY_ID = U.ID)"), "USER_LOGIN" => array("FIELD" => "U.LOGIN", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (L.ENTITY_TYPE = 'U' AND L.ENTITY_ID = U.ID)"), "USER_PERSONAL_PHOTO" => array("FIELD" => "U.PERSONAL_PHOTO", "TYPE" => "int", "FROM" => "LEFT JOIN b_user U ON (L.ENTITY_TYPE = 'U' AND L.ENTITY_ID = U.ID)"), "USER_PERSONAL_GENDER" => array("FIELD" => "U.PERSONAL_GENDER", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (L.ENTITY_TYPE = 'U' AND L.ENTITY_ID = U.ID)"), "CREATED_BY_NAME" => array("FIELD" => "U1.NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON L.USER_ID = U1.ID"), "CREATED_BY_LAST_NAME" => array("FIELD" => "U1.LAST_NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON L.USER_ID = U1.ID"), "CREATED_BY_SECOND_NAME" => array("FIELD" => "U1.SECOND_NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON L.USER_ID = U1.ID"), "CREATED_BY_LOGIN" => array("FIELD" => "U1.LOGIN", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON L.USER_ID = U1.ID"), "CREATED_BY_PERSONAL_PHOTO" => array("FIELD" => "U1.PERSONAL_PHOTO", "TYPE" => "int", "FROM" => "LEFT JOIN b_user U1 ON L.USER_ID = U1.ID"), "CREATED_BY_PERSONAL_GENDER" => array("FIELD" => "U1.PERSONAL_GENDER", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON L.USER_ID = U1.ID"), "USER_ID|COMMENT_USER_ID" => array("FIELD" => "L.USER_ID|LC.USER_ID", "WHERE" => array("CSocNetLog", "GetSimpleOrQuery"), "FROM" => "LEFT JOIN b_sonet_log_comment LC ON LC.LOG_ID = L.ID")); $arFields = array("RATING_TYPE_ID" => array("FIELD" => "L.RATING_TYPE_ID", "TYPE" => "string"), "RATING_ENTITY_ID" => array("FIELD" => "L.RATING_ENTITY_ID", "TYPE" => "int"), "RATING_TOTAL_VALUE" => array("FIELD" => $DB->IsNull('RG.TOTAL_VALUE', '0'), "TYPE" => "double", "FROM" => "LEFT JOIN b_rating_voting RG ON L.RATING_TYPE_ID = RG.ENTITY_TYPE_ID AND L.RATING_ENTITY_ID = RG.ENTITY_ID"), "RATING_TOTAL_VOTES" => array("FIELD" => $DB->IsNull('RG.TOTAL_VOTES', '0'), "TYPE" => "double", "FROM" => "LEFT JOIN b_rating_voting RG ON L.RATING_TYPE_ID = RG.ENTITY_TYPE_ID AND L.RATING_ENTITY_ID = RG.ENTITY_ID"), "RATING_TOTAL_POSITIVE_VOTES" => array("FIELD" => $DB->IsNull('RG.TOTAL_POSITIVE_VOTES', '0'), "TYPE" => "int", "FROM" => "LEFT JOIN b_rating_voting RG ON L.RATING_TYPE_ID = RG.ENTITY_TYPE_ID AND L.RATING_ENTITY_ID = RG.ENTITY_ID"), "RATING_TOTAL_NEGATIVE_VOTES" => array("FIELD" => $DB->IsNull('RG.TOTAL_NEGATIVE_VOTES', '0'), "TYPE" => "int", "FROM" => "LEFT JOIN b_rating_voting RG ON L.RATING_TYPE_ID = RG.ENTITY_TYPE_ID AND L.RATING_ENTITY_ID = RG.ENTITY_ID")); if (isset($USER) && is_object($USER)) { $arFields["RATING_USER_VOTE_VALUE"] = array("FIELD" => $DB->IsNull('RV.VALUE', '0'), "TYPE" => "double", "FROM" => "LEFT JOIN b_rating_vote RV ON L.RATING_TYPE_ID = RV.ENTITY_TYPE_ID AND L.RATING_ENTITY_ID = RV.ENTITY_ID AND RV.USER_ID = " . intval($USER->GetID())); if (!isset($arParams["USE_FAVORITES"]) || $arParams["USE_FAVORITES"] != "N") { $join_type = "LEFT"; $field_value = $DB->IsNull("SLF.USER_ID", "0"); foreach ($arFilter as $key => $value) { if (strpos($key, "FAVORITES_USER_ID") !== false) { $join_type = "INNER"; $field_value = "SLF.USER_ID"; break; } } $arFields["FAVORITES_USER_ID"] = array("FIELD" => $field_value, "TYPE" => "double", "FROM" => $join_type . " JOIN b_sonet_log_favorites SLF ON L.ID = SLF.LOG_ID AND SLF.USER_ID = " . intval($USER->GetID())); } } if (isset($USER) && is_object($USER) && $USER->IsAuthorized() && $arParams["USE_FOLLOW"] == "Y") { $default_follow = CSocNetLogFollow::GetDefaultValue($USER->GetID()); $default_field = $default_follow == "Y" ? "LOG_UPDATE" : "LOG_DATE"; $arFields["DATE_FOLLOW"] = array("FIELD" => "CASE\n\t\t\t\t\tWHEN LFW.USER_ID IS NULL\n\t\t\t\t\t\tTHEN L." . $default_field . "\n\t\t\t\t\tWHEN LFW.FOLLOW_DATE IS NOT NULL\n\t\t\t\t\t\tTHEN LFW.FOLLOW_DATE\n\t\t\t\t\tWHEN LFW.TYPE = 'Y'\n\t\t\t\t\t\tTHEN L.LOG_UPDATE\n\t\t\t\t\tELSE L.LOG_DATE\n\t\t\t\tEND", "TYPE" => "datetime", "FROM" => "LEFT JOIN b_sonet_log_follow LFW ON LFW.USER_ID = " . $USER->GetID() . " AND LFW.REF_ID = L.ID AND LFW.CODE = " . $DB->Concat("'L'", "L.ID")); $arFields["FOLLOW"] = array("FIELD" => "CASE\n\t\t\t\t\tWHEN LFW.USER_ID IS NULL\n\t\t\t\t\t\tTHEN '" . $default_follow . "'\n\t\t\t\t\tELSE LFW.TYPE\n\t\t\t\tEND", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_log_follow LFW ON LFW.USER_ID = " . $USER->GetID() . " AND LFW.REF_ID = L.ID AND LFW.CODE = " . $DB->Concat("'L'", "L.ID")); if (!in_array("FOLLOW", $arSelectFields)) { $arSelectFields[] = "FOLLOW"; } } if (array_key_exists("SITE_ID", $arFilter)) { $arFields["SITE_ID"] = array("FIELD" => "SLS.SITE_ID", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_log_site SLS ON L.ID = SLS.LOG_ID"); if (is_array($arFilter["SITE_ID"])) { $site_cnt = 0; foreach ($arFilter["SITE_ID"] as $site_id_tmp) { if ($site_id_tmp) { $site_cnt++; } } $strDistinct = $site_cnt > 1 ? " DISTINCT " : " "; } else { $strDistinct = " "; } foreach ($arSelectFields as $i => $strFieldTmp) { if ($strFieldTmp == "SITE_ID") { unset($arSelectFields[$i]); } } foreach ($arOrder as $by => $order) { if (!in_array($by, $arSelectFields)) { $arSelectFields[] = $by; } } } else { $arFields["SITE_ID"] = array("FIELD" => "L.SITE_ID", "TYPE" => "string"); $strDistinct = " "; } if (array_key_exists("USER_ID", $arFilter) && !array_key_exists("ENTITY_TYPE", $arFilter)) { $arCBFilterEntityType = array(); foreach ($arSocNetAllowedSubscribeEntityTypesDesc as $entity_type_tmp => $arEntityTypeTmp) { if (array_key_exists("USE_CB_FILTER", $arEntityTypeTmp) && $arEntityTypeTmp["USE_CB_FILTER"] == "Y") { $arCBFilterEntityType[] = $entity_type_tmp; } } if (is_array($arCBFilterEntityType) && count($arCBFilterEntityType) > 0) { $arFilter["ENTITY_TYPE"] = $arCBFilterEntityType; } } if (array_key_exists("LOG_RIGHTS", $arFilter)) { $Rights = array(); if (is_array($arFilter["LOG_RIGHTS"])) { foreach ($arFilter["LOG_RIGHTS"] as $str) { if (trim($str)) { $Rights[] = trim($str); } } } elseif (trim($arFilter["LOG_RIGHTS"])) { $Rights = trim($arFilter["LOG_RIGHTS"]); } unset($arFilter["LOG_RIGHTS"]); if (is_array($Rights) && !empty($Rights) || !is_array($Rights)) { $arFilter["LOG_RIGHTS"] = $Rights; $arFields["LOG_RIGHTS"] = array("FIELD" => "SLR0.GROUP_CODE", "TYPE" => "string", "FROM" => "INNER JOIN b_sonet_log_right SLR0 ON L.ID = SLR0.LOG_ID"); } if (is_array($Rights) && count($Rights) > 1) { $strDistinct = " DISTINCT "; } } if (array_key_exists("USER_ID|COMMENT_USER_ID", $arFilter)) { $strDistinct = " DISTINCT "; } if ($arParams["IS_CRM"] == "Y") { $events = GetModuleEvents("socialnetwork", "OnFillSocNetLogFields"); while ($arEvent = $events->Fetch()) { ExecuteModuleEventEx($arEvent, array(&$arFields)); } } $arFields = array_merge($arFields1, $arFields); $arSqls = CSocNetGroup::PrepareSql($arFields, $arOrder, $arFilter, $arGroupBy, $arSelectFields, $obUserFieldsSql); $listEvents = GetModuleEvents("socialnetwork", "OnBuildSocNetLogSql"); while ($arEvent = $listEvents->Fetch()) { ExecuteModuleEventEx($arEvent, array(&$arFields, &$arOrder, &$arFilter, &$arGroupBy, &$arSelectFields, &$arSqls)); } $r = $obUserFieldsSql->GetFilter(); if (strlen($r) > 0) { $strSqlUFFilter = " (" . $r . ") "; } $arSqls["RIGHTS"] = ""; $arSqls["CRM_RIGHTS"] = ""; if (!empty($arParams) && (array_key_exists("CHECK_RIGHTS", $arParams) && $arParams["CHECK_RIGHTS"] == "Y" || array_key_exists("CHECK_CRM_RIGHTS", $arParams) && $arParams["CHECK_CRM_RIGHTS"] == "Y") && !array_key_exists("USER_ID", $arParams) && is_object($USER)) { $arParams["USER_ID"] = $USER->GetID(); } if (!empty($arParams) && array_key_exists("USER_ID", $arParams) && $arParams["CHECK_CRM_RIGHTS"] != "Y") { $arParams["CHECK_RIGHTS"] = "Y"; } if (!empty($arParams) && ($arParams["USE_SUBSCRIBE"] == "Y" || $arParams["USE_FOLLOW"] == "Y")) { if (!array_key_exists("SUBSCRIBE_USER_ID", $arParams)) { if (array_key_exists("USER_ID", $arParams) && intval($arParams["USER_ID"]) > 0) { $arParams["SUBSCRIBE_USER_ID"] = $arParams["USER_ID"]; } elseif (is_object($USER)) { $arParams["SUBSCRIBE_USER_ID"] = $USER->GetID(); } } if ($arParams["USE_SUBSCRIBE"] == "Y" && !array_key_exists("MY_ENTITIES", $arParams)) { foreach ($arSocNetAllowedSubscribeEntityTypesDesc as $entity_type_tmp => $arEntityTypeTmp) { if (array_key_exists("HAS_MY", $arEntityTypeTmp) && $arEntityTypeTmp["HAS_MY"] == "Y" && array_key_exists("CLASS_MY", $arEntityTypeTmp) && array_key_exists("METHOD_MY", $arEntityTypeTmp) && strlen($arEntityTypeTmp["CLASS_MY"]) > 0 && strlen($arEntityTypeTmp["METHOD_MY"]) > 0 && method_exists($arEntityTypeTmp["CLASS_MY"], $arEntityTypeTmp["METHOD_MY"])) { $arMyEntities[$entity_type_tmp] = call_user_func(array($arEntityTypeTmp["CLASS_MY"], $arEntityTypeTmp["METHOD_MY"])); } } $arParams["MY_ENTITIES"] = $arMyEntities; } } if (!empty($arParams) && array_key_exists("CHECK_RIGHTS", $arParams) && $arParams["CHECK_RIGHTS"] == "Y" && array_key_exists("USER_ID", $arParams)) { $acc = new CAccess(); $acc->UpdateCodes(); $arSqls["RIGHTS"] = "EXISTS ( SELECT SLR.ID FROM b_sonet_log_right SLR\n\t\t\t\tLEFT JOIN b_user_access UA ON (UA.ACCESS_CODE = SLR.GROUP_CODE AND UA.USER_ID = " . (is_object($USER) ? intval($USER->GetID()) : 0) . ")\n\t\t\t\tWHERE L.ID = SLR.LOG_ID " . (is_object($USER) && $USER->IsAuthorized() && $arParams["MY_GROUPS_ONLY"] == "Y" ? " AND (\n\t\t\t\t\t\t\t\t(SLR.GROUP_CODE LIKE 'SG%' AND (UA.ACCESS_CODE = SLR.GROUP_CODE AND UA.USER_ID = " . intval($USER->GetID()) . ")) \n\t\t\t\t\t\t\t\tOR SLR.GROUP_CODE = 'U" . intval($USER->GetID()) . "'\n\t\t\t\t\t\t\t)" : " AND (\n\t\t\t\t\t\t\t\t0=1 " . (is_object($USER) && CSocNetUser::IsCurrentUserModuleAdmin() ? " OR SLR.GROUP_CODE = 'SA'" : "") . (is_object($USER) && $USER->IsAuthorized() ? " OR (SLR.GROUP_CODE = 'AU')" : "") . " OR (SLR.GROUP_CODE = 'G2')" . (is_object($USER) && $USER->IsAuthorized() ? " OR (UA.ACCESS_CODE = SLR.GROUP_CODE AND UA.USER_ID = " . intval($USER->GetID()) . ")" : "") . "\n\t\t\t\t\t\t\t)") . ")"; } if (!empty($arParams) && array_key_exists("CHECK_CRM_RIGHTS", $arParams) && $arParams["CHECK_CRM_RIGHTS"] == "Y" && array_key_exists("USER_ID", $arParams)) { $permParams = array('ALIAS_PREFIX' => 'L', 'PERM_TYPE' => 'READ', 'FILTER_PARAMS' => isset($arParams['CUSTOM_FILTER_PARAMS']) ? $arParams['CUSTOM_FILTER_PARAMS'] : array(), 'OPTIONS' => array('ENTITY_TYPE_COLUMN' => 'ENTITY_TYPE', 'IDENTITY_COLUMN' => 'ENTITY_ID')); $altPerms = array(); $events = GetModuleEvents("socialnetwork", "OnBuildSocNetLogPerms"); while ($arEvent = $events->Fetch()) { ExecuteModuleEventEx($arEvent, array(&$altPerms, $permParams)); } if (!empty($altPerms)) { foreach ($altPerms as $permSql) { if ($permSql === false) { //Access denied $dbRes = new CDBResult(); $dbRes->InitFromArray(array()); return $dbRes; } if (is_string($permSql) && $permSql !== '') { if ($arSqls['CRM_RIGHTS'] !== '') { $arSqls['CRM_RIGHTS'] .= ' AND '; } $arSqls['CRM_RIGHTS'] = $permSql; } } } } if ($arParams["USE_SUBSCRIBE"] == "Y" && intval($arParams["SUBSCRIBE_USER_ID"]) > 0) { $arSqls["SUBSCRIBE"] = CSocNetLogEvents::GetSQL($arParams["SUBSCRIBE_USER_ID"], is_array($arParams["MY_ENTITIES"]) ? $arParams["MY_ENTITIES"] : array(), $arParams["TRANSPORT"], $arParams["VISIBLE"]); $arParams["MIN_ID_JOIN"] = true; } $arSqls["SELECT"] = str_replace("%%_DISTINCT_%%", $strDistinct, $arSqls["SELECT"]); $strMinIDJoin = ""; if (is_array($arGroupBy) && count($arGroupBy) == 0) { $strSql = "SELECT " . $arSqls["SELECT"] . " " . $obUserFieldsSql->GetSelect() . " " . "FROM b_sonet_log L " . $strMinIDJoin . "\t" . $arSqls["FROM"] . " " . $obUserFieldsSql->GetJoin("L.ID") . " "; $bWhereStarted = false; if (strlen($arSqls["WHERE"]) > 0) { $strSql .= "WHERE " . $arSqls["WHERE"] . " "; $bWhereStarted = true; } if (strlen($strSqlUFFilter) > 0) { $strSql .= ($bWhereStarted ? " AND " : " WHERE ") . $strSqlUFFilter . " "; $bWhereStarted = true; } if (strlen($arSqls["RIGHTS"]) > 0) { $strSql .= ($bWhereStarted ? " AND " : " WHERE ") . $arSqls["RIGHTS"] . " "; $bWhereStarted = true; } if (strlen($arSqls["CRM_RIGHTS"]) > 0) { $strSql .= ($bWhereStarted ? " AND " : " WHERE ") . $arSqls["CRM_RIGHTS"] . " "; $bWhereStarted = true; } if (strlen($arSqls["SUBSCRIBE"]) > 0) { $strSql .= ($bWhereStarted ? " AND " : " WHERE ") . "(" . $arSqls["SUBSCRIBE"] . ") "; $bWhereStarted = true; } if (strlen($arSqls["GROUPBY"]) > 0) { $strSql .= "GROUP BY " . $arSqls["GROUPBY"] . " "; } //echo "!1!=".htmlspecialcharsbx($strSql)."<br>"; $dbRes = $DB->Query($strSql, false, "File: " . __FILE__ . "<br>Line: " . __LINE__); if ($arRes = $dbRes->Fetch()) { return $arRes["CNT"]; } else { return False; } } $strSql = "SELECT " . $arSqls["SELECT"] . " " . $obUserFieldsSql->GetSelect() . " " . "FROM b_sonet_log L " . $strMinIDJoin . "\t" . $arSqls["FROM"] . " " . $obUserFieldsSql->GetJoin("L.ID") . " "; $bWhereStarted = false; if (strlen($arSqls["WHERE"]) > 0) { $strSql .= "WHERE " . $arSqls["WHERE"] . " "; $bWhereStarted = true; } if (strlen($strSqlUFFilter) > 0) { $strSql .= ($bWhereStarted ? " AND " : " WHERE ") . $strSqlUFFilter . " "; $bWhereStarted = true; } if (strlen($arSqls["RIGHTS"]) > 0) { $strSql .= ($bWhereStarted ? " AND " : " WHERE ") . $arSqls["RIGHTS"] . " "; $bWhereStarted = true; } if (strlen($arSqls["CRM_RIGHTS"]) > 0) { $strSql .= ($bWhereStarted ? " AND " : " WHERE ") . $arSqls["CRM_RIGHTS"] . " "; $bWhereStarted = true; } if (strlen($arSqls["SUBSCRIBE"]) > 0) { $strSql .= ($bWhereStarted ? " AND " : " WHERE ") . "(" . $arSqls["SUBSCRIBE"] . ") "; $bWhereStarted = true; } if (strlen($arSqls["GROUPBY"]) > 0) { $strSql .= "GROUP BY " . $arSqls["GROUPBY"] . " "; } if (strlen($arSqls["ORDERBY"]) > 0) { $strSql .= "ORDER BY " . $arSqls["ORDERBY"] . " "; } if (is_array($arNavStartParams) && IntVal($arNavStartParams["nTopCount"]) <= 0) { if (isset($arNavStartParams["nRecordCount"]) && intval($arNavStartParams["nRecordCount"]) > 0) { $cnt = intval($arNavStartParams["nRecordCount"]); } else { $strSql_tmp = "SELECT COUNT('x') as CNT " . $obUserFieldsSql->GetSelect() . " " . "FROM b_sonet_log L " . $strMinIDJoin . "\t" . $arSqls["FROM"] . " " . $obUserFieldsSql->GetJoin("L.ID") . " "; $bWhereStarted = false; if (strlen($arSqls["WHERE"]) > 0) { $strSql_tmp .= "WHERE " . $arSqls["WHERE"] . " "; $bWhereStarted = true; } if (strlen($strSqlUFFilter) > 0) { $strSql_tmp .= ($bWhereStarted ? " AND " : " WHERE ") . $strSqlUFFilter . " "; $bWhereStarted = true; } if (strlen($arSqls["RIGHTS"]) > 0) { $strSql_tmp .= ($bWhereStarted ? " AND " : " WHERE ") . $arSqls["RIGHTS"] . " "; $bWhereStarted = true; } if (strlen($arSqls["CRM_RIGHTS"]) > 0) { $strSql_tmp .= ($bWhereStarted ? " AND " : " WHERE ") . $arSqls["CRM_RIGHTS"] . " "; $bWhereStarted = true; } if (strlen($arSqls["SUBSCRIBE"]) > 0) { $strSql_tmp .= ($bWhereStarted ? " AND " : " WHERE ") . "(" . $arSqls["SUBSCRIBE"] . ") "; $bWhereStarted = true; } if (strlen($arSqls["GROUPBY"]) > 0) { $strSql_tmp .= "GROUP BY " . $arSqls["GROUPBY"] . " "; } //echo "!2.1!=".htmlspecialcharsbx($strSql_tmp)."<br>"; $dbRes = $DB->Query($strSql_tmp, false, "File: " . __FILE__ . "<br>Line: " . __LINE__); $cnt = 0; if (strlen($arSqls["GROUPBY"]) <= 0) { if ($arRes = $dbRes->Fetch()) { $cnt = $arRes["CNT"]; } } else { // рнкэйн дкъ MYSQL!!! дкъ ORACLE дпсцни йнд $cnt = $dbRes->SelectedRowsCount(); } // for empty 2nd page show if ($arNavStartParams["bSkipPageReset"] && $arNavStartParams["nPageSize"] >= $cnt) { $cnt = $arNavStartParams["nPageSize"] + $cnt; } } $dbRes = new CDBResult(); //echo "!2.2!=".htmlspecialcharsbx($strSql)."<br>"; $dbRes->SetUserFields($USER_FIELD_MANAGER->GetUserFields("SONET_LOG")); $dbRes->NavQuery($strSql, $cnt, $arNavStartParams); } else { if (is_array($arNavStartParams) && IntVal($arNavStartParams["nTopCount"]) > 0) { $strSql .= "LIMIT " . intval($arNavStartParams["nTopCount"]); } //echo "!3!=".htmlspecialcharsbx($strSql)."<br>"; $dbRes = $DB->Query($strSql, false, "File: " . __FILE__ . "<br>Line: " . __LINE__); $dbRes->SetUserFields($USER_FIELD_MANAGER->GetUserFields("SONET_LOG")); } return $dbRes; }
function GetAccessCodes() { if (!$this->IsAuthorized()) { return array('G2'); } static $arCodes = array(); $USER_ID = intval($this->GetID()); if (!array_key_exists($USER_ID, $arCodes)) { $access = new CAccess(); $access->UpdateCodes(); $arCodes[$USER_ID] = CAccess::GetUserCodesArray($USER_ID); if ($this->IsAuthorized()) { $arCodes[$USER_ID][] = "AU"; } } return $arCodes[$USER_ID]; }
} $cacheDir = '/blog/socnet_post/gen/' . intval($arParams["ID"] / 100) . '/' . $arParams["ID"]; $obCache = new CPHPCache(); if ($obCache->InitCache($cacheTtl, $cacheId, $cacheDir)) { $arPost = $obCache->GetVars(); } else { $obCache->StartDataCache(); $dbPost = CBlogPost::GetList(array(), array("ID" => $arParams["ID"]), false, false, array("ID", "BLOG_ID", "PUBLISH_STATUS", "TITLE", "AUTHOR_ID", "ENABLE_COMMENTS", "NUM_COMMENTS", "VIEWS", "CODE", "MICRO", "DETAIL_TEXT", "DATE_PUBLISH", "CATEGORY_ID", "HAS_SOCNET_ALL", "HAS_TAGS", "HAS_IMAGES", "HAS_PROPS", "HAS_COMMENT_IMAGES")); $arPost = $dbPost->Fetch(); $obCache->EndDataCache($arPost); } if (!empty($arPost) && ($arPost["PUBLISH_STATUS"] != BLOG_PUBLISH_STATUS_PUBLISH && !in_array($arParams["TYPE"], array("DRAFT", "MODERATION")))) { unset($arPost); } $a = new CAccess(); $a->UpdateCodes(); if (!empty($arBlog) && $arBlog["ACTIVE"] == "Y" || $arResult["bFromList"]) { if (!empty($arPost)) { if (($arParams["GET_FOLLOW"] == "Y" && (!array_key_exists("FOLLOW", $arParams) || strlen($arParams["FOLLOW"]) <= 0) || intval($arParams["LOG_ID"]) <= 0) && CModule::IncludeModule("socialnetwork")) { $rsLogSrc = CSocNetLog::GetList(array(), array("EVENT_ID" => array("blog_post", "blog_post_micro", "blog_post_important"), "SOURCE_ID" => $arParams["ID"], "SITE_ID" => CModule::IncludeModule('extranet') && CExtranet::IsExtranetSite() ? SITE_ID : array(SITE_ID, false)), false, false, $arParams["GET_FOLLOW"] == "Y" ? array("ID", "FOLLOW", "FAVORITES_USER_ID") : array("ID", "FAVORITES_USER_ID"), $arParams["GET_FOLLOW"] == "Y" ? array("USE_FOLLOW" => "Y") : array()); if ($arLogSrc = $rsLogSrc->Fetch()) { $arParams["LOG_ID"] = $arLogSrc["ID"]; $arParams["FAVORITES_USER_ID"] = $arLogSrc["FAVORITES_USER_ID"]; if ($arParams["GET_FOLLOW"] == "Y") { $arParams["FOLLOW"] = $arLogSrc["FOLLOW"]; } } elseif (!$arResult["bFromList"]) { $bNoLogEntry = true; } } if (!$arResult["bFromList"]) {
function GetList($arOrder = Array("ID" => "DESC"), $arFilter = Array(), $arGroupBy = false, $arNavStartParams = false, $arSelectFields = array(), $arParams = array()) { global $DB, $arSocNetAllowedEntityTypes, $USER; if (count($arSelectFields) <= 0) $arSelectFields = array( "ID", "TMP_ID", "ENTITY_TYPE", "ENTITY_ID", "USER_ID", "EVENT_ID", "LOG_DATE", "LOG_UPDATE", "TITLE_TEMPLATE", "TITLE", "MESSAGE", "TEXT_MESSAGE", "URL", "MODULE_ID", "CALLBACK_FUNC", "EXTERNAL_ID", "SITE_ID", "PARAMS", "COMMENTS_COUNT", "ENABLE_COMMENTS", "SOURCE_ID", "GROUP_NAME", "GROUP_OWNER_ID", "GROUP_INITIATE_PERMS", "GROUP_VISIBLE", "GROUP_OPENED", "GROUP_IMAGE_ID", "USER_NAME", "USER_LAST_NAME", "USER_SECOND_NAME", "USER_LOGIN", "USER_PERSONAL_PHOTO", "USER_PERSONAL_GENDER", "CREATED_BY_NAME", "CREATED_BY_LAST_NAME", "CREATED_BY_SECOND_NAME", "CREATED_BY_LOGIN", "CREATED_BY_PERSONAL_PHOTO", "CREATED_BY_PERSONAL_GENDER", "RATING_TYPE_ID", "RATING_ENTITY_ID", "RATING_TOTAL_VALUE", "RATING_TOTAL_VOTES", "RATING_TOTAL_POSITIVE_VOTES", "RATING_TOTAL_NEGATIVE_VOTES", "RATING_USER_VOTE_VALUE", "FAVORITES_USER_ID", "SOURCE_TYPE" ); static $arFields1 = array( "ID" => Array("FIELD" => "L.ID", "TYPE" => "int"), "TMP_ID" => Array("FIELD" => "L.TMP_ID", "TYPE" => "int"), "SOURCE_ID" => Array("FIELD" => "L.SOURCE_ID", "TYPE" => "int"), "ENTITY_TYPE" => Array("FIELD" => "L.ENTITY_TYPE", "TYPE" => "string"), "ENTITY_ID" => Array("FIELD" => "L.ENTITY_ID", "TYPE" => "int"), "USER_ID" => Array("FIELD" => "L.USER_ID", "TYPE" => "int"), "EVENT_ID" => Array("FIELD" => "L.EVENT_ID", "TYPE" => "string"), "LOG_DATE" => Array("FIELD" => "L.LOG_DATE", "TYPE" => "datetime"), "LOG_DATE_TS" => Array("FIELD" => "UNIX_TIMESTAMP(L.LOG_DATE)", "TYPE" => "int"), "LOG_UPDATE" => Array("FIELD" => "L.LOG_UPDATE", "TYPE" => "datetime"), "TITLE_TEMPLATE" => Array("FIELD" => "L.TITLE_TEMPLATE", "TYPE" => "string"), "TITLE" => Array("FIELD" => "L.TITLE", "TYPE" => "string"), "MESSAGE" => Array("FIELD" => "L.MESSAGE", "TYPE" => "string"), "TEXT_MESSAGE" => Array("FIELD" => "L.TEXT_MESSAGE", "TYPE" => "string"), "URL" => Array("FIELD" => "L.URL", "TYPE" => "string"), "MODULE_ID" => Array("FIELD" => "L.MODULE_ID", "TYPE" => "string"), "CALLBACK_FUNC" => Array("FIELD" => "L.CALLBACK_FUNC", "TYPE" => "string"), "EXTERNAL_ID" => Array("FIELD" => "L.EXTERNAL_ID", "TYPE" => "string"), "PARAMS" => Array("FIELD" => "L.PARAMS", "TYPE" => "string"), "COMMENTS_COUNT" => Array("FIELD" => "L.COMMENTS_COUNT", "TYPE" => "int"), "ENABLE_COMMENTS" => Array("FIELD" => "L.ENABLE_COMMENTS", "TYPE" => "string"), "SOURCE_TYPE" => Array("FIELD" => "L.SOURCE_TYPE", "TYPE" => "string"), "GROUP_NAME" => Array("FIELD" => "G.NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_group G ON (L.ENTITY_TYPE = 'G' AND L.ENTITY_ID = G.ID)"), "GROUP_OWNER_ID" => Array("FIELD" => "G.OWNER_ID", "TYPE" => "int", "FROM" => "LEFT JOIN b_sonet_group G ON (L.ENTITY_TYPE = 'G' AND L.ENTITY_ID = G.ID)"), "GROUP_INITIATE_PERMS" => Array("FIELD" => "G.INITIATE_PERMS", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_group G ON (L.ENTITY_TYPE = 'G' AND L.ENTITY_ID = G.ID)"), "GROUP_VISIBLE" => Array("FIELD" => "G.VISIBLE", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_group G ON (L.ENTITY_TYPE = 'G' AND L.ENTITY_ID = G.ID)"), "GROUP_OPENED" => Array("FIELD" => "G.OPENED", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_group G ON (L.ENTITY_TYPE = 'G' AND L.ENTITY_ID = G.ID)"), "GROUP_IMAGE_ID" => Array("FIELD" => "G.IMAGE_ID", "TYPE" => "int", "FROM" => "LEFT JOIN b_sonet_group G ON (L.ENTITY_TYPE = 'G' AND L.ENTITY_ID = G.ID)"), "USER_NAME" => Array("FIELD" => "U.NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (L.ENTITY_TYPE = 'U' AND L.ENTITY_ID = U.ID)"), "USER_LAST_NAME" => Array("FIELD" => "U.LAST_NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (L.ENTITY_TYPE = 'U' AND L.ENTITY_ID = U.ID)"), "USER_SECOND_NAME" => Array("FIELD" => "U.SECOND_NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (L.ENTITY_TYPE = 'U' AND L.ENTITY_ID = U.ID)"), "USER_LOGIN" => Array("FIELD" => "U.LOGIN", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (L.ENTITY_TYPE = 'U' AND L.ENTITY_ID = U.ID)"), "USER_PERSONAL_PHOTO" => Array("FIELD" => "U.PERSONAL_PHOTO", "TYPE" => "int", "FROM" => "LEFT JOIN b_user U ON (L.ENTITY_TYPE = 'U' AND L.ENTITY_ID = U.ID)"), "USER_PERSONAL_GENDER" => Array("FIELD" => "U.PERSONAL_GENDER", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (L.ENTITY_TYPE = 'U' AND L.ENTITY_ID = U.ID)"), "CREATED_BY_NAME" => Array("FIELD" => "U1.NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON L.USER_ID = U1.ID"), "CREATED_BY_LAST_NAME" => Array("FIELD" => "U1.LAST_NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON L.USER_ID = U1.ID"), "CREATED_BY_SECOND_NAME" => Array("FIELD" => "U1.SECOND_NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON L.USER_ID = U1.ID"), "CREATED_BY_LOGIN" => Array("FIELD" => "U1.LOGIN", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON L.USER_ID = U1.ID"), "CREATED_BY_PERSONAL_PHOTO" => Array("FIELD" => "U1.PERSONAL_PHOTO", "TYPE" => "int", "FROM" => "LEFT JOIN b_user U1 ON L.USER_ID = U1.ID"), "CREATED_BY_PERSONAL_GENDER" => Array("FIELD" => "U1.PERSONAL_GENDER", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON L.USER_ID = U1.ID"), "USER_ID|COMMENT_USER_ID" => Array("FIELD" => "L.USER_ID|LC.USER_ID", "WHERE" => array("CSocNetLog", "GetSimpleOrQuery"), "FROM" => "LEFT JOIN b_sonet_log_comment LC ON LC.LOG_ID = L.ID"), ); $arFields = array( "RATING_TYPE_ID" => Array("FIELD" => "L.RATING_TYPE_ID", "TYPE" => "string"), "RATING_ENTITY_ID" => Array("FIELD" => "L.RATING_ENTITY_ID", "TYPE" => "int"), "RATING_TOTAL_VALUE" => Array("FIELD" => $DB->IsNull('RG.TOTAL_VALUE', '0'), "TYPE" => "double", "FROM" => "LEFT JOIN b_rating_voting RG ON L.RATING_TYPE_ID = RG.ENTITY_TYPE_ID AND L.RATING_ENTITY_ID = RG.ENTITY_ID"), "RATING_TOTAL_VOTES" => Array("FIELD" => $DB->IsNull('RG.TOTAL_VOTES', '0'), "TYPE" => "double", "FROM" => "LEFT JOIN b_rating_voting RG ON L.RATING_TYPE_ID = RG.ENTITY_TYPE_ID AND L.RATING_ENTITY_ID = RG.ENTITY_ID"), "RATING_TOTAL_POSITIVE_VOTES" => Array("FIELD" => $DB->IsNull('RG.TOTAL_POSITIVE_VOTES', '0'), "TYPE" => "int", "FROM" => "LEFT JOIN b_rating_voting RG ON L.RATING_TYPE_ID = RG.ENTITY_TYPE_ID AND L.RATING_ENTITY_ID = RG.ENTITY_ID"), "RATING_TOTAL_NEGATIVE_VOTES" => Array("FIELD" => $DB->IsNull('RG.TOTAL_NEGATIVE_VOTES', '0'), "TYPE" => "int", "FROM" => "LEFT JOIN b_rating_voting RG ON L.RATING_TYPE_ID = RG.ENTITY_TYPE_ID AND L.RATING_ENTITY_ID = RG.ENTITY_ID"), ); if (isset($USER) && is_object($USER)) { $arFields["RATING_USER_VOTE_VALUE"] = Array("FIELD" => $DB->IsNull('RV.VALUE', '0'), "TYPE" => "double", "FROM" => "LEFT JOIN b_rating_vote RV ON L.RATING_TYPE_ID = RV.ENTITY_TYPE_ID AND L.RATING_ENTITY_ID = RV.ENTITY_ID AND RV.USER_ID = ".intval($USER->GetID())); $arFields["FAVORITES_USER_ID"] = Array("FIELD" => $DB->IsNull('SLF.USER_ID', '0'), "TYPE" => "double", "FROM" => "LEFT JOIN b_sonet_log_favorites SLF ON L.ID = SLF.LOG_ID AND SLF.USER_ID = ".intval($USER->GetID())); } if ( isset($USER) && is_object($USER) && $USER->IsAuthorized() && $arParams["USE_FOLLOW"] == "Y" ) { $default_follow = CSocNetLogFollow::GetDefaultValue($USER->GetID()); $default_field = ($default_follow == "Y" ? "LOG_UPDATE" : "LOG_DATE"); $arFields["DATE_FOLLOW"] = Array("FIELD" => "CASE WHEN LFW.USER_ID IS NULL THEN L.".$default_field." WHEN LFW.FOLLOW_DATE IS NOT NULL THEN LFW.FOLLOW_DATE WHEN LFW.TYPE = 'Y' THEN L.LOG_UPDATE ELSE L.LOG_DATE END", "TYPE" => "datetime", "FROM" => "LEFT JOIN b_sonet_log_follow LFW ON LFW.USER_ID = ".$USER->GetID()." AND LFW.CODE = ".$DB->Concat("'L'", "L.ID")); $arFields["FOLLOW"] = Array("FIELD" => "case when LFW.USER_ID IS NULL then '".$default_follow."' else LFW.TYPE end", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_log_follow LFW ON LFW.USER_ID = ".$USER->GetID()." AND LFW.CODE = ".$DB->Concat("'L'", "L.ID")); if (!in_array("FOLLOW", $arSelectFields)) $arSelectFields[] = "FOLLOW"; } if (array_key_exists("SITE_ID", $arFilter)) { $arFields["SITE_ID"] = Array("FIELD" => "SLS.SITE_ID", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_log_site SLS ON L.ID = SLS.LOG_ID"); if (is_array($arFilter["SITE_ID"])) { $site_cnt = 0; foreach ($arFilter["SITE_ID"] as $site_id_tmp) if ($site_id_tmp) $site_cnt++; $strDistinct = ($site_cnt > 1 ? " DISTINCT " : " "); } else $strDistinct = " "; foreach ($arSelectFields as $i => $strFieldTmp) if ($strFieldTmp == "SITE_ID") unset($arSelectFields[$i]); foreach ($arOrder as $by => $order) if (!in_array($by, $arSelectFields)) $arSelectFields[] = $by; } else { $arFields["SITE_ID"] = Array("FIELD" => "L.SITE_ID", "TYPE" => "string"); $strDistinct = " "; } if ( array_key_exists("USER_ID", $arFilter) && !array_key_exists("ENTITY_TYPE", $arFilter) ) { $arCBFilterEntityType = array(); foreach($GLOBALS["arSocNetAllowedSubscribeEntityTypesDesc"] as $entity_type_tmp => $arEntityTypeTmp) if ( array_key_exists("USE_CB_FILTER", $arEntityTypeTmp) && $arEntityTypeTmp["USE_CB_FILTER"] == "Y" ) $arCBFilterEntityType[] = $entity_type_tmp; if (is_array($arCBFilterEntityType) && count($arCBFilterEntityType) > 0) $arFilter["ENTITY_TYPE"] = $arCBFilterEntityType; } if (array_key_exists("LOG_RIGHTS", $arFilter)) { $Rights = array(); if(is_array($arFilter["LOG_RIGHTS"])) { foreach($arFilter["LOG_RIGHTS"] as $str) if(trim($str)) $Rights[] = trim($str); } elseif(trim($arFilter["LOG_RIGHTS"])) $Rights = trim($arFilter["LOG_RIGHTS"]); unset($arFilter["LOG_RIGHTS"]); if((is_array($Rights) && !empty($Rights)) || !is_array($Rights)) { $arFilter["LOG_RIGHTS"] = $Rights; $arFields["LOG_RIGHTS"] = Array("FIELD" => "SLR0.GROUP_CODE", "TYPE" => "string", "FROM" => "INNER JOIN b_sonet_log_right SLR0 ON L.ID = SLR0.LOG_ID"); } if(is_array($Rights) && count($Rights) > 1) $strDistinct = " DISTINCT "; } if (array_key_exists("USER_ID|COMMENT_USER_ID", $arFilter)) $strDistinct = " DISTINCT "; $arFields = array_merge($arFields1, $arFields); $arSqls = CSocNetGroup::PrepareSql($arFields, $arOrder, $arFilter, $arGroupBy, $arSelectFields); $arSqls["RIGHTS"] = ""; if ( !empty($arParams) && array_key_exists("CHECK_RIGHTS", $arParams) && $arParams["CHECK_RIGHTS"] == "Y" && !array_key_exists("USER_ID", $arParams) && is_object($USER) ) $arParams["USER_ID"] = $USER->GetID(); if ( !empty($arParams) && array_key_exists("USER_ID", $arParams) ) $arParams["CHECK_RIGHTS"] = "Y"; if ( !empty($arParams) && ( $arParams["USE_SUBSCRIBE"] == "Y" || $arParams["USE_FOLLOW"] == "Y" ) ) { if (!array_key_exists("SUBSCRIBE_USER_ID", $arParams)) { if ( array_key_exists("USER_ID", $arParams) && intval($arParams["USER_ID"]) > 0 ) $arParams["SUBSCRIBE_USER_ID"] = $arParams["USER_ID"]; elseif (is_object($USER)) $arParams["SUBSCRIBE_USER_ID"] = $USER->GetID(); } if ( $arParams["USE_SUBSCRIBE"] == "Y" && !array_key_exists("MY_ENTITIES", $arParams) ) { foreach($GLOBALS["arSocNetAllowedSubscribeEntityTypesDesc"] as $entity_type_tmp => $arEntityTypeTmp) if ( array_key_exists("HAS_MY", $arEntityTypeTmp) && $arEntityTypeTmp["HAS_MY"] == "Y" && array_key_exists("CLASS_MY", $arEntityTypeTmp) && array_key_exists("METHOD_MY", $arEntityTypeTmp) && strlen($arEntityTypeTmp["CLASS_MY"]) > 0 && strlen($arEntityTypeTmp["METHOD_MY"]) > 0 && method_exists($arEntityTypeTmp["CLASS_MY"], $arEntityTypeTmp["METHOD_MY"]) ) $arMyEntities[$entity_type_tmp] = call_user_func(array($arEntityTypeTmp["CLASS_MY"], $arEntityTypeTmp["METHOD_MY"])); $arParams["MY_ENTITIES"] = $arMyEntities; } } if ( !empty($arParams) && array_key_exists("CHECK_RIGHTS", $arParams) && $arParams["CHECK_RIGHTS"] == "Y" && array_key_exists("USER_ID", $arParams) ) { $acc = new CAccess; $acc->UpdateCodes(); $arSqls["RIGHTS"] = "EXISTS ( SELECT SLR.ID FROM b_sonet_log_right SLR LEFT JOIN b_user_access UA ON (UA.ACCESS_CODE = SLR.GROUP_CODE AND UA.USER_ID = ".(is_object($USER) ? intval($USER->GetID()) : 0).") WHERE L.ID = SLR.LOG_ID ". ( is_object($USER) && $USER->IsAuthorized() && $arParams["MY_GROUPS_ONLY"] == "Y" ? " AND ( (SLR.GROUP_CODE LIKE 'SG%' AND (UA.ACCESS_CODE = SLR.GROUP_CODE AND UA.USER_ID = ".intval($USER->GetID()).")) OR SLR.GROUP_CODE = 'U".intval($USER->GetID())."' )" : " AND ( 0=1 ". (is_object($USER) && CSocNetUser::IsCurrentUserModuleAdmin() ? " OR SLR.GROUP_CODE = 'SA'" : ""). (is_object($USER) && $USER->IsAuthorized() ? " OR (SLR.GROUP_CODE = 'AU')" : ""). " OR (SLR.GROUP_CODE = 'G2')". (is_object($USER) && $USER->IsAuthorized() ? " OR (UA.ACCESS_CODE = SLR.GROUP_CODE AND UA.USER_ID = ".intval($USER->GetID()).")" : "")." )" ).")"; } if ( $arParams["USE_SUBSCRIBE"] == "Y" && intval($arParams["SUBSCRIBE_USER_ID"]) > 0 ) { $arSqls["SUBSCRIBE"] = CSocNetLogEvents::GetSQL( $arParams["SUBSCRIBE_USER_ID"], (is_array($arParams["MY_ENTITIES"]) ? $arParams["MY_ENTITIES"] : array()), $arParams["TRANSPORT"], $arParams["VISIBLE"] ); $arParams["MIN_ID_JOIN"] = true; } $arSqls["SELECT"] = str_replace("%%_DISTINCT_%%", $strDistinct, $arSqls["SELECT"]); $strMinIDJoin = ""; if (is_array($arGroupBy) && count($arGroupBy)==0) { $strSql = "SELECT ".$arSqls["SELECT"]." ". "FROM b_sonet_log L ". $strMinIDJoin. " ".$arSqls["FROM"]." "; if (strlen($arSqls["WHERE"]) > 0) $strSql .= "WHERE ".$arSqls["WHERE"]." "; if (strlen($arSqls["RIGHTS"]) > 0) { if (strlen($arSqls["WHERE"]) > 0) $strSql .= " AND "; else $strSql .= " WHERE "; $strSql .= $arSqls["RIGHTS"]." "; } if (strlen($arSqls["SUBSCRIBE"]) > 0) { if ( strlen($arSqls["WHERE"]) > 0 || strlen($arSqls["RIGHTS"]) > 0 ) $strSql .= " AND "; else $strSql .= " WHERE "; $strSql .= "(".$arSqls["SUBSCRIBE"].") "; } if (strlen($arSqls["GROUPBY"]) > 0) $strSql .= "GROUP BY ".$arSqls["GROUPBY"]." "; //echo "!1!=".htmlspecialcharsbx($strSql)."<br>"; $dbRes = $DB->Query($strSql, false, "File: ".__FILE__."<br>Line: ".__LINE__); if ($arRes = $dbRes->Fetch()) return $arRes["CNT"]; else return False; } $strSql = "SELECT ".$arSqls["SELECT"]." ". "FROM b_sonet_log L ". $strMinIDJoin. " ".$arSqls["FROM"]." "; if (strlen($arSqls["WHERE"]) > 0) $strSql .= "WHERE ".$arSqls["WHERE"]." "; if (strlen($arSqls["RIGHTS"]) > 0) { if (strlen($arSqls["WHERE"]) > 0) $strSql .= " AND "; else $strSql .= " WHERE "; $strSql .= $arSqls["RIGHTS"]." "; } if (strlen($arSqls["SUBSCRIBE"]) > 0) { if ( strlen($arSqls["WHERE"]) > 0 || strlen($arSqls["RIGHTS"]) > 0 ) $strSql .= " AND "; else $strSql .= " WHERE "; $strSql .= "(".$arSqls["SUBSCRIBE"].") "; } if (strlen($arSqls["GROUPBY"]) > 0) $strSql .= "GROUP BY ".$arSqls["GROUPBY"]." "; if (strlen($arSqls["ORDERBY"]) > 0) $strSql .= "ORDER BY ".$arSqls["ORDERBY"]." "; if (is_array($arNavStartParams) && IntVal($arNavStartParams["nTopCount"]) <= 0) { $strSql_tmp = "SELECT COUNT('x') as CNT ". "FROM b_sonet_log L ". $strMinIDJoin. " ".$arSqls["FROM"]." "; if (strlen($arSqls["WHERE"]) > 0) $strSql_tmp .= "WHERE ".$arSqls["WHERE"]." "; if (strlen($arSqls["RIGHTS"]) > 0) { if (strlen($arSqls["WHERE"]) > 0) $strSql_tmp .= " AND "; else $strSql_tmp .= " WHERE "; $strSql_tmp .= $arSqls["RIGHTS"]." "; } if (strlen($arSqls["SUBSCRIBE"]) > 0) { if ( strlen($arSqls["WHERE"]) > 0 || strlen($arSqls["RIGHTS"]) > 0 ) $strSql_tmp .= " AND "; else $strSql_tmp .= " WHERE "; $strSql_tmp .= "(".$arSqls["SUBSCRIBE"].") "; } if (strlen($arSqls["GROUPBY"]) > 0) $strSql_tmp .= "GROUP BY ".$arSqls["GROUPBY"]." "; //echo "!2.1!=".htmlspecialcharsbx($strSql_tmp)."<br>"; $dbRes = $DB->Query($strSql_tmp, false, "File: ".__FILE__."<br>Line: ".__LINE__); $cnt = 0; if (strlen($arSqls["GROUPBY"]) <= 0) { if ($arRes = $dbRes->Fetch()) $cnt = $arRes["CNT"]; } else { // рнкэйн дкъ MYSQL!!! дкъ ORACLE дпсцни йнд $cnt = $dbRes->SelectedRowsCount(); } // for empty 2nd page show if ($arNavStartParams["bSkipPageReset"] && $arNavStartParams["nPageSize"] >= $cnt) $cnt = $arNavStartParams["nPageSize"] + $cnt; $dbRes = new CDBResult(); //echo "!2.2!=".htmlspecialcharsbx($strSql)."<br>"; $dbRes->NavQuery($strSql, $cnt, $arNavStartParams); } else { if (is_array($arNavStartParams) && IntVal($arNavStartParams["nTopCount"]) > 0) $strSql .= "LIMIT ".intval($arNavStartParams["nTopCount"]); //echo "!3!=".htmlspecialcharsbx($strSql)."<br>"; $dbRes = $DB->Query($strSql, false, "File: ".__FILE__."<br>Line: ".__LINE__); } return $dbRes; }