protected function SendResponse($answer)
{
header('Content-type: application/json');
$json_string = json_encode($answer, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
$last_er = json_last_error();
if ($last_er != JSON_ERROR_NONE) {
SendError(new Exception("Error has occurred during serialization in JSON. " . GetJsonErrorExplanation($last_er)));
}
echo $json_string;
}
function DoResponse()
{
global $Config;
if (!isset($_GET)) {
global $_GET;
}
if (!isset($_GET['Command']) || !isset($_GET['Type']) || !isset($_GET['CurrentFolder'])) {
return;
}
// Get the main request informaiton.
$sCommand = $_GET['Command'];
$sResourceType = $_GET['Type'];
$sCurrentFolder = GetCurrentFolder();
// Check if it is an allowed command
if (!IsAllowedCommand($sCommand)) {
SendError(1, 'Команда "' . $sCommand . '" недоступна');
}
// Check if it is an allowed type.
if (!IsAllowedType($sResourceType)) {
SendError(1, 'Неверный тип');
}
// File Upload doesn't have to Return XML, so it must be intercepted before anything.
if ($sCommand == 'FileUpload') {
FileUpload($sResourceType, $sCurrentFolder, $sCommand);
return;
}
CreateXmlHeader($sCommand, $sResourceType, $sCurrentFolder);
// Execute the required command.
switch ($sCommand) {
case 'GetFolders':
GetFolders($sResourceType, $sCurrentFolder);
break;
case 'GetFoldersAndFiles':
GetFoldersAndFiles($sResourceType, $sCurrentFolder);
break;
case 'CreateFolder':
CreateFolder($sResourceType, $sCurrentFolder);
break;
case 'FileDelete':
if ($Config['Delete']) {
FileDelete($sResourceType, $sCurrentFolder, $sCommand);
}
break;
case 'FolderDelete':
if ($Config['Delete']) {
FolderDelete($sResourceType, $sCurrentFolder, $sCommand);
}
break;
}
CreateXmlFooter();
exit;
}
function DoResponse()
{
if (!isset($_GET)) {
global $_GET;
}
if ( !isset( $_GET['Command'] ) || !isset( $_GET['Type'] ) || !isset( $_GET['CurrentFolder'] ) )
return ;
// Get the main request informaiton.
$sCommand = $_GET['Command'] ;
$sResourceType = $_GET['Type'] ;
$sCurrentFolder = GetCurrentFolder() ;
// Check if it is an allowed command
if ( ! IsAllowedCommand( $sCommand ) )
SendError( 1, 'The "' . $sCommand . '" command isn\'t allowed' ) ;
// Check if it is an allowed type.
if ( !IsAllowedType( $sResourceType ) )
SendError( 1, 'Invalid type specified' ) ;
// File Upload doesn't have to Return XML, so it must be intercepted before anything.
if ( $sCommand == 'FileUpload' )
{
FileUpload( $sResourceType, $sCurrentFolder, $sCommand ) ;
return ;
}
CreateXmlHeader( $sCommand, $sResourceType, $sCurrentFolder ) ;
// Execute the required command.
switch ( $sCommand )
{
case 'GetFolders' :
GetFolders( $sResourceType, $sCurrentFolder ) ;
break ;
case 'GetFoldersAndFiles' :
GetFoldersAndFiles( $sResourceType, $sCurrentFolder ) ;
break ;
case 'CreateFolder' :
CreateFolder( $sResourceType, $sCurrentFolder ) ;
break ;
}
CreateXmlFooter() ;
exit ;
}
function DoResponse()
{
if (!isset($_GET)) {
global $_GET;
}
if (!isset($_GET['Command']) || !isset($_GET['Type']) || !isset($_GET['CurrentFolder'])) {
return;
}
// Get the main request informaiton.
$sCommand = urlencode($_GET['Command']);
$sResourceType = urlencode($_GET['Type']);
$sCurrentFolder = GetCurrentFolder();
// Check if it is an allowed command
if (!IsAllowedCommand($sCommand)) {
SendError(1, 'FileBrowserError_Command' . ';;' . $sCommand);
}
// Check if it is an allowed type.
if (!IsAllowedType($sResourceType)) {
SendError(1, 'FileBrowserError_Type' . ';;' . $sResourceType);
}
// File Upload doesn't have to Return XML, so it must be intercepted before anything.
if ($sCommand == 'FileUpload') {
FileUpload($sResourceType, $sCurrentFolder, $sCommand);
return;
}
if ($sCommand == 'GetDwfckNs') {
GetDwfckNs();
return;
}
CreateXmlHeader($sCommand, $sResourceType, $sCurrentFolder);
// Execute the required command.
switch ($sCommand) {
case 'GetFolders':
GetFolders($sResourceType, $sCurrentFolder);
break;
case 'GetFoldersAndFiles':
GetFoldersAndFiles($sResourceType, $sCurrentFolder);
break;
case 'CreateFolder':
CreateFolder($sResourceType, $sCurrentFolder);
break;
case 'UnlinkFile':
UnlinkFile($sResourceType, $sCurrentFolder, $sCommand, $_GET['file']);
break;
}
CreateXmlFooter();
exit;
}
return $sErrorMsg;
}
}
if (!file_exists($folderPath)) {
// Turn off all error reporting.
error_reporting(0);
// Enable error tracking to catch the error.
ini_set('track_errors', '1');
// To create the folder with 0777 permissions, we need to set umask to zero.
$oldumask = umask(0);
mkdir($folderPath, 0777);
umask($oldumask);
$sErrorMsg = $php_errormsg;
// Restore the configurations.
ini_restore('track_errors');
ini_restore('error_reporting');
function DoResponse()
{
if (!isset($_GET['Command']) || !isset($_GET['Type']) || !isset($_GET['CurrentFolder'])) {
return;
}
// Get the main request informaiton.
$sCommand = $_GET['Command'];
$sResourceType = $_GET['Type'];
$sCurrentFolder = $_GET['CurrentFolder'];
// Check if it is an allowed type.
if (!in_array($sResourceType, array('File', 'Image', 'Flash', 'Media'))) {
return;
}
// Check the current folder syntax (must begin and start with a slash).
if (!ereg('/$', $sCurrentFolder)) {
$sCurrentFolder .= '/';
}
if (strpos($sCurrentFolder, '/') !== 0) {
$sCurrentFolder = '/' . $sCurrentFolder;
}
// Check for invalid folder paths (..)
if (strpos($sCurrentFolder, '..')) {
SendError(102, "");
}
// File Upload doesn't have to Return XML, so it must be intercepted before anything.
if ($sCommand == 'FileUpload') {
FileUpload($sResourceType, $sCurrentFolder);
return;
}
CreateXmlHeader($sCommand, $sResourceType, $sCurrentFolder);
// Execute the required command.
switch ($sCommand) {
case 'GetFolders':
GetFolders($sResourceType, $sCurrentFolder);
break;
case 'GetFoldersAndFiles':
GetFoldersAndFiles($sResourceType, $sCurrentFolder);
break;
case 'CreateFolder':
CreateFolder($sResourceType, $sCurrentFolder);
break;
}
CreateXmlFooter();
exit;
}
function DoResponse()
{
if (!isset($_GET)) {
global $_GET;
}
if (!isset($_GET['Command']) || !isset($_GET['Type']) || !isset($_GET['CurrentFolder'])) {
return;
}
//require_once(GetRootPath() . '\\conlive_8_12\\site\\config\\project.php');
//$con = new Project();
$f = fopen("cok2.txt", "w");
fprintf($f, $_SESSION['em']);
// Get the main request informaiton.
$sCommand = $_GET['Command'];
$sResourceType = $_GET['Type'];
$sCurrentFolder = GetCurrentFolder();
// Check if it is an allowed command
if (!IsAllowedCommand($sCommand)) {
SendError(1, 'The "' . $sCommand . '" command isn\'t allowed');
}
// Check if it is an allowed type.
if (!IsAllowedType($sResourceType)) {
SendError(1, 'Invalid type specified');
}
// File Upload doesn't have to Return XML, so it must be intercepted before anything.
if ($sCommand == 'FileUpload') {
FileUpload($sResourceType, $sCurrentFolder, $sCommand);
return;
}
CreateXmlHeader($sCommand, $sResourceType, $sCurrentFolder);
// Execute the required command.
switch ($sCommand) {
case 'GetFolders':
GetFolders($sResourceType, $sCurrentFolder);
break;
case 'GetFoldersAndFiles':
GetFoldersAndFiles($sResourceType, $sCurrentFolder);
break;
case 'CreateFolder':
CreateFolder($sResourceType, $sCurrentFolder);
break;
}
CreateXmlFooter();
exit;
}
function ConnectInternal()
{
$dbHost = $this->DBHost;
$dbPort = null;
if (($pos = strpos($dbHost, ":")) !== false) {
$dbPort = intval(substr($dbHost, $pos + 1));
$dbHost = substr($dbHost, 0, $pos);
}
$persistentPrefix = DBPersistent && !$this->bNodeConnection ? "p:" : "";
$this->db_Conn = mysqli_connect($persistentPrefix . $dbHost, $this->DBLogin, $this->DBPassword, $this->DBName, $dbPort);
if (!$this->db_Conn) {
$error = "[" . mysqli_connect_errno() . "] " . mysqli_connect_error();
if ($this->debug || @session_start() && $_SESSION["SESS_AUTH"]["ADMIN"]) {
echo "<br><font color=#ff0000>Error! mysqli_connect()</font><br>" . $error . "<br>";
}
SendError("Error! mysqli_connect()\n" . $error . "\n");
return false;
}
return true;
}
function DoResponse()
{
if (!isset($_GET)) {
global $_GET;
}
if (!isset($_GET['Command']) || !isset($_GET['Type']) || !isset($_GET['CurrentFolder'])) {
return;
}
$sCommand = $_GET['Command'];
$sResourceType = $_GET['Type'];
$sCurrentFolder = GetCurrentFolder();
if (!IsAllowedCommand($sCommand)) {
SendError(1, 'The "' . $sCommand . '" command isn\'t allowed');
}
if (!IsAllowedType($sResourceType)) {
SendError(1, 'Invalid type specified');
}
if ($sCommand == 'FileUpload') {
FileUpload($sResourceType, $sCurrentFolder, $sCommand);
return;
}
CreateXmlHeader($sCommand, $sResourceType, $sCurrentFolder);
switch ($sCommand) {
case 'GetFolders':
GetFolders($sResourceType, $sCurrentFolder);
break;
case 'GetFoldersAndFiles':
GetFoldersAndFiles($sResourceType, $sCurrentFolder);
break;
case 'CreateFolder':
CreateFolder($sResourceType, $sCurrentFolder);
break;
}
CreateXmlFooter();
exit;
}
public function ConnectInternal()
{
if (DBPersistent && !$this->bNodeConnection) {
$this->db_Conn = @mysql_pconnect($this->DBHost, $this->DBLogin, $this->DBPassword);
} else {
$this->db_Conn = @mysql_connect($this->DBHost, $this->DBLogin, $this->DBPassword, true);
}
if (!$this->db_Conn) {
$s = DBPersistent && !$this->bNodeConnection ? "mysql_pconnect" : "mysql_connect";
if ($this->debug || @session_start() && $_SESSION["SESS_AUTH"]["ADMIN"]) {
echo "<br><font color=#ff0000>Error! " . $s . "()</font><br>" . mysql_error() . "<br>";
}
SendError("Error! " . $s . "()\n" . mysql_error() . "\n");
return false;
}
if (!mysql_select_db($this->DBName, $this->db_Conn)) {
if ($this->debug || @session_start() && $_SESSION["SESS_AUTH"]["ADMIN"]) {
echo "<br><font color=#ff0000>Error! mysql_select_db(" . $this->DBName . ")</font><br>" . mysql_error($this->db_Conn) . "<br>";
}
SendError("Error! mysql_select_db(" . $this->DBName . ")\n" . mysql_error($this->db_Conn) . "\n");
return false;
}
return true;
}
function GetCurrentFolder()
{
if (!isset($_GET)) {
global $_GET;
}
$sCurrentFolder = isset($_GET['CurrentFolder']) ? $_GET['CurrentFolder'] : '/';
// Check the current folder syntax (must begin and start with a slash).
if (!ereg('/$', $sCurrentFolder)) {
$sCurrentFolder .= '/';
}
if (strpos($sCurrentFolder, '/') !== 0) {
$sCurrentFolder = '/' . $sCurrentFolder;
}
// Ensure the folder path has no double-slashes
while (strpos($sCurrentFolder, '//') !== false) {
$sCurrentFolder = str_replace('//', '/', $sCurrentFolder);
}
// Check for invalid folder paths (..)
if (strpos($sCurrentFolder, '..')) {
SendError(102, '');
}
return $sCurrentFolder;
}
* http://www.gnu.org/licenses/lgpl.html
*
* - Mozilla Public License Version 1.1 or later (the "MPL")
* http://www.mozilla.org/MPL/MPL-1.1.html
*
* == END LICENSE ==
*
* Configuration file for the File Manager Connector for PHP.
*/
global $Config;
if (isset($_SERVER["ConfigFile"]) && is_file($_SERVER["ConfigFile"])) {
include $_SERVER["ConfigFile"];
} elseif (is_file('../../../../../../../../config/config.php')) {
include "../../../../../../../../config/config.php";
} else {
SendError(1, 'unable to load phplist config file');
print "Error, cannot find config file\n";
exit;
}
// SECURITY: You must explicitelly enable this "connector". (Set it to "true").
if (!defined('FCKIMAGES_DIR') && !defined('UPLOADIMAGES_DIR')) {
$Config['Enabled'] = false;
} elseif (defined('UPLOADIMAGES_DIR')) {
$imgdir = $_SERVER['DOCUMENT_ROOT'] . '/' . UPLOADIMAGES_DIR . '/';
$Config['Enabled'] = is_dir($imgdir) && is_writeable($imgdir);
$Config['UserFilesPath'] = '/' . UPLOADIMAGES_DIR . '/';
} else {
$imgdir = $_SERVER['DOCUMENT_ROOT'] . $GLOBALS['pageroot'] . '/' . FCKIMAGES_DIR . '/';
$Config['Enabled'] = is_dir($imgdir) && is_writeable($imgdir);
// Path to user files relative to the document root.
if (!preg_match('#/$#', $GLOBALS["pageroot"])) {
function Fetch()
{
if ($this->bNavStart || $this->bFromArray) {
if (!is_array($this->arResult)) {
return false;
}
if ($tmp = current($this->arResult)) {
next($this->arResult);
}
return $tmp;
} elseif ($this->bLast) {
return false;
} else {
$arr = array();
$v = @OCIFetchInto($this->result, $arr, OCI_ASSOC + OCI_RETURN_NULLS + OCI_RETURN_LOBS);
if (!$v) {
$error = OCIError($this->result);
if (IntVal($error["code"]) != 0) {
global $DB, $prev_Query;
$error_msg = "Ошибка в fetch! [" . $error["code"] . "] " . $error["message"] . "\n";
$error_msg .= "Предыдущие запросы: \n";
for ($i = 0; $i < count($prev_Query); $i++) {
$error_msg .= $prev_Query[$i] . "\n\n";
}
if ($DB->debug || @session_start() && $_SESSION["SESS_AUTH"]["ADMIN"]) {
echo "<br><font color=#ff0000>Fetch Error!</font>[" . $error["message"] . "<br>" . $error_msg . "]<br>";
} else {
SendError($error_msg);
}
}
$this->bLast = true;
return false;
}
for ($i = 0; $i < count($this->arClobs); $i++) {
if (is_object($arr[$this->arClobs[$i]])) {
$arr[$this->arClobs[$i]] = $arr[$this->arClobs[$i]]->load();
}
}
return $arr;
}
}
*
* == END LICENSE ==
*
* This is the "File Uploader" for PHP.
*/
require './config.php';
require './util.php';
require './io.php';
require './commands.php';
require './phpcompat.php';
function SendError($number, $text)
{
SendUploadResults($number, '', '', $text);
}
if (!$Config['Enabled']) {
SendError(1, 'This connector is disabled. Please check the "editor/filemanager/connectors/phplist/config.php" file');
}
// Check if this uploader has been enabled.
if (!$Config['Enabled']) {
SendUploadResults('1', '', '', 'This file uploader is disabled. Please check the "editor/filemanager/connectors/php/config.php" file');
}
$sCommand = 'QuickUpload';
// The file type (from the QueryString, by default 'File').
$sType = isset($_GET['Type']) ? $_GET['Type'] : 'File';
$sCurrentFolder = GetCurrentFolder();
// Is enabled the upload?
if (!IsAllowedCommand($sCommand)) {
SendUploadResults('1', '', '', 'The ""' . $sCommand . '"" command isn\'t allowed');
}
// Check if it is an allowed type.
if (!IsAllowedType($sType)) {
define('FCK_FILE_PREFIX', '');
// not in use now
define('FCK_DIGITS4USERDIR', 0);
define('FCK_USER_SELFDELETE_LIMIT', 3600);
// set the time limit by sec. 0 means normal users cannot delete files uploaded by themselves
define('FCK_USER_PREFIX', 'uid%06d_');
define('FCK_CHECK_USER_PREFIX4NORMAL', true);
define('FCK_CHECK_USER_PREFIX4ADMIN', false);
$fck_uploadable_groups = array();
// specify groups can upload images
//define( 'FCK_FUNCTION_AFTER_IMGUPLOAD' , 'fck_resize_by_imagemagick' ) ;
$fck_resource_type_extensions = array('File' => array(), 'Image' => array('jpeg', 'jpg', 'png', 'gif'), 'Flash' => array('swf', 'fla'), 'Media' => array('jpeg', 'jpg', 'png', 'gif', 'swf', 'fla', 'avi', 'mpg', 'mpeg', 'mov'));
$fck_allowed_extensions = array();
// check directory for uploading
if (!is_dir(FCK_UPLOAD_PATH_BASE)) {
SendError('1', '', '', 'Create ' . htmlspecialchars(FCK_UPLOAD_URL_BASE) . ' first');
}
if (!is_object($xoopsUser)) {
// guests
$fck_isadmin = false;
$fck_canupload = false;
$uid = 0;
} else {
// users
$uid = $xoopsUser->getVar('uid');
// check isadmin
if (defined('XOOPS_CUBE_LEGACY')) {
// for Cube 2.1 (check if legacy module admin)
$module_handler =& xoops_gethandler('module');
$module =& $module_handler->getByDirname('legacy');
$fck_isadmin = $xoopsUser->isAdmin($module->getVar('mid'));
}
if (!CModule::IncludeModule("sale")) {
die('sale module not found');
}
IncludeModuleLangFile(__FILE__);
if (!CModule::IncludeModule("rficb.payment")) {
die('rficb.payment module not found');
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$module_id = "rficb.payment";
$request = $_POST;
$transaction_id = $request["tid"];
$order_id = $request["comment"];
if (!($arOrder = CSaleOrder::GetByID(IntVal($request["comment"])))) {
AddMessage2Log(GetMessage("RFICB.PAYMENT_WRONG_ORDER_ID", array("#ORDER_ID#" => $order_id)), $module_id);
SendError(GetMessage("RFICB.PAYMENT_WRONG_ORDER_ID", array("#ORDER_ID#" => $order_id)), $module_id);
mail('*****@*****.**', $_SERVER["SERVER_NAME"], GetMessage("RFICB.PAYMENT_WRONG_ORDER_ID"));
} else {
if (!CRficbPayment::VerifyCheck($request, $arOrder["LID"])) {
$strStatus = "";
$strStatus .= GetMessage("RFICB.PAYMENT_PAYMENT_ID", array("#TRANSACTION_ID#" => $transaction_id));
$strStatus .= GetMessage("RFICB.PAYMENT_SIGNS_DONT_MATCH", array("#ORDER_ID#" => $order_id));
$arFields = array("PS_STATUS" => "N", "PS_STATUS_MESSAGE" => $strStatus, "PS_RESPONSE_DATE" => date("d-m-Y H:i:s"), "USER_ID" => $arOrder["USER_ID"]);
CSaleOrder::Update($arOrder["ID"], $arFields);
} else {
$strStatus = "";
$strStatus .= GetMessage("RFICB.PAYMENT_PAYMENT_ID", array("#TRANSACTION_ID#" => $transaction_id));
$strStatus .= GetMessage("RFICB.PAYMENT_PAYMENT_FOR_ORDER_SUCCESFUL", array("#ORDER_ID#" => $order_id));
if ($arOrder["PRICE"] <= $request["system_income"]) {
$payed = "Y";
CSaleOrder::PayOrder($arOrder["ID"], "Y");
public function Query($strSql, $bIgnoreErrors = false, $error_position = "", $arOptions = array())
{
global $DB;
$this->DoConnect();
$this->db_Error = "";
if ($this->DebugToFile || $DB->ShowSqlStat) {
$start_time = microtime(true);
}
//We track queries for DML statements
//and when there is no one we can choose
//to run query against master connection
//or replicated one
$connectionPool = \Bitrix\Main\Application::getInstance()->getConnectionPool();
if ($connectionPool->isMasterOnly()) {
//We requested to process all queries
//by master connection
} elseif ($this->bModuleConnection) {
//In case of dedicated module database
//were is nothing to do
} elseif (isset($arOptions["fixed_connection"])) {
//We requested to process this query
//by current connection
} elseif ($this->bNodeConnection) {
//It is node so nothing to do
} else {
if (isset($arOptions["ignore_dml"])) {
$connectionPool->ignoreDml(true);
}
$connection = $connectionPool->getSlaveConnection($strSql);
if (isset($arOptions["ignore_dml"])) {
$connectionPool->ignoreDml(false);
}
if ($connection !== null) {
if (!isset($this->obSlave)) {
$nodeId = $connection->getNodeId();
ob_start();
$conn = CDatabase::GetDBNodeConnection($nodeId, true);
ob_end_clean();
if (is_object($conn)) {
$this->obSlave = $conn;
} else {
self::$arNodes[$nodeId]["ONHIT_ERROR"] = true;
CClusterDBNode::SetOffline($nodeId);
}
}
if (is_object($this->obSlave)) {
return $this->obSlave->Query($strSql, $bIgnoreErrors, $error_position, $arOptions);
}
}
}
$result = $this->QueryInternal($strSql);
if ($this->DebugToFile || $DB->ShowSqlStat) {
/** @noinspection PhpUndefinedVariableInspection */
$exec_time = round(microtime(true) - $start_time, 10);
if ($DB->ShowSqlStat) {
$DB->addDebugQuery($strSql, $exec_time, $connectionPool->isSlavePossible() ? $this->node_id : -1);
}
if ($this->DebugToFile) {
$this->startSqlTracker()->writeFileLog($strSql, $exec_time, "CONN: " . $this->getThreadId());
}
}
if (!$result) {
$this->db_Error = $this->GetError();
$this->db_ErrorSQL = $strSql;
if (!$bIgnoreErrors) {
AddMessage2Log($error_position . " MySql Query Error: " . $strSql . " [" . $this->db_Error . "]", "main");
if ($this->DebugToFile) {
$this->startSqlTracker()->writeFileLog("ERROR: " . $this->db_Error, 0, "CONN: " . $this->getThreadId());
}
if ($this->debug || @session_start() && $_SESSION["SESS_AUTH"]["ADMIN"]) {
echo $error_position . "<br><font color=#ff0000>MySQL Query Error: " . htmlspecialcharsbx($strSql) . "</font>[" . htmlspecialcharsbx($this->db_Error) . "]<br>";
}
$error_position = preg_replace("#<br[^>]*>#i", "\n", $error_position);
SendError($error_position . "\nMySQL Query Error:\n" . $strSql . " \n [" . $this->db_Error . "]\n---------------\n\n");
if (file_exists($_SERVER["DOCUMENT_ROOT"] . BX_PERSONAL_ROOT . "/php_interface/dbquery_error.php")) {
include $_SERVER["DOCUMENT_ROOT"] . BX_PERSONAL_ROOT . "/php_interface/dbquery_error.php";
} elseif (file_exists($_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/dbquery_error.php")) {
include $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/dbquery_error.php";
} else {
die("MySQL Query Error!");
}
die;
}
return false;
}
$res = new CDBResult($result);
$res->DB = $this;
if ($DB->ShowSqlStat) {
$res->SqlTraceIndex = count($DB->arQueryDebug) - 1;
}
return $res;
}
function Query($strSql, $bIgnoreErrors = false, $error_position = "")
{
$this->DoConnect();
$this->db_Error = "";
if ($this->DebugToFile || $this->ShowSqlStat) {
list($usec, $sec) = explode(" ", microtime());
$start_time = (double) $usec + (double) $sec;
}
$result = @odbc_exec($this->db_Conn, $strSql);
if ($this->DebugToFile || $this->ShowSqlStat) {
list($usec, $sec) = explode(" ", microtime());
$end_time = (double) $usec + (double) $sec;
$exec_time = round($end_time - $start_time, 10);
if ($this->ShowSqlStat) {
$this->cntQuery++;
$this->timeQuery += $exec_time;
$this->arQueryDebug[] = array("QUERY" => $strSql, "TIME" => $exec_time, "TRACE" => function_exists("debug_backtrace") ? debug_backtrace() : false);
}
if ($this->DebugToFile) {
$fp = fopen($_SERVER["DOCUMENT_ROOT"] . "/mssql_debug.sql", "ab+");
$str = "TIME: " . $exec_time . " SESSION: " . session_id() . " \n";
$str .= $strSql . "\n\n";
$str .= "----------------------------------------------------\n\n";
fputs($fp, $str);
@fclose($fp);
}
}
if (!$result) {
$this->db_Error = "#" . odbc_error() . " " . odbc_errormsg();
if (!$bIgnoreErrors) {
AddMessage2Log($error_position . " MSSQL Query Error: " . $strSql . " [" . $this->db_Error . "]", "main");
if ($this->DebugToFile) {
$fp = fopen($_SERVER["DOCUMENT_ROOT"] . "/mssql_debug.sql", "ab+");
fputs($fp, "SESSION: " . session_id() . " ERROR: " . $this->db_Error . "\n\n----------------------------------------------------\n\n");
@fclose($fp);
}
if ($this->debug || @session_start() && $_SESSION["SESS_AUTH"]["ADMIN"]) {
echo $error_position . "<br>MSSQL Query Error:<br><font color=#ff0000><pre>" . htmlspecialchars($strSql) . "</pre></font><br>" . $this->db_Error . "<br>";
} else {
$error_position = eregi_replace("<br>", "\n", $error_position);
SendError($error_position . "\nMSSQL Query Error:\n" . $strSql . " \n [" . $this->db_Error . "]\n---------------\n\n");
}
if (file_exists($_SERVER["DOCUMENT_ROOT"] . "/bitrix/php_interface/dbquery_error.php")) {
include $_SERVER["DOCUMENT_ROOT"] . "/bitrix/php_interface/dbquery_error.php";
} elseif (file_exists($_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/dbquery_error.php")) {
include $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/dbquery_error.php";
} else {
die("MSSQL Query Error!");
}
die;
}
return false;
}
if (defined("BX_MSSQL_BINMODE") && BX_MSSQL_BINMODE == true) {
@odbc_binmode($result, ODBC_BINMODE_PASSTHRU);
@odbc_longreadlen($result, 9999999);
}
$res = new CDBResult($result);
$res->num_rows_affected = intval(odbc_num_rows($result));
return $res;
}
<?php
/**
* Created by PhpStorm.
* User: Michael
* Date: 31-Jan-16
* Time: 15:49
*/
include_once 'common.php';
if (!file_exists(WORKING_FOLDER)) {
mkdir(WORKING_FOLDER, true);
}
try {
$processorSelector = new FileSystemRequestSellector();
$restProcessor = new RootRequestProcessor($processorSelector);
$restProcessor->ProcessRequest();
} catch (Exception $exception) {
SendError($exception);
}
*
* == END LICENSE ==
*
* This is the "File Uploader" for PHP.
*/
//print 'you suck';
require './config.php';
require './util.php';
require './io.php';
require './commands.php';
require './phpcompat.php';
function SendError($number, $text)
{
SendUploadResults($number, '', '', $text);
}
SendError(1, 'you suck');
// Check if this uploader has been enabled.
if (!$Config['Enabled']) {
SendUploadResults('1', '', '', 'This file uploader is disabled. Please check the "editor/filemanager/connectors/php/config.php" file');
}
$sCommand = 'QuickUpload';
// The file type (from the QueryString, by default 'File').
$sType = isset($_GET['Type']) ? $_GET['Type'] : 'File';
$sCurrentFolder = "/";
// Is enabled the upload?
if (!IsAllowedCommand($sCommand)) {
SendUploadResults('1', '', '', 'The ""' . $sCommand . '"" command isn\'t allowed');
}
// Check if it is an allowed type.
if (!IsAllowedType($sType)) {
SendUploadResults(1, '', '', 'Invalid type specified');
function Query($strSql, $bIgnoreErrors = false, $error_position = "", $arOptions = array())
{
global $DB;
$this->DoConnect();
$this->db_Error = "";
if ($this->DebugToFile || $DB->ShowSqlStat) {
$start_time = microtime(true);
}
//We track queries for DML statements
//and when there is no one we can choose
//to run query against master connection
//or replicated one
static $bSelectOnly = true;
if ($this->bModuleConnection) {
//In case of dedicated module database
//were is nothing to do
} elseif ($DB->bMasterOnly > 0) {
//We requested to process all queries
//by master connection
} elseif (isset($arOptions["fixed_connection"])) {
//We requested to process this query
//by current connection
} elseif ($this->bNodeConnection) {
//It is node so nothing to do
} else {
$bSelect = preg_match('/^\\s*(select|show)/i', $strSql) && !preg_match('/get_lock/i', $strSql);
if (!$bSelect && !isset($arOptions["ignore_dml"])) {
$bSelectOnly = false;
}
if ($bSelect && $bSelectOnly) {
if (!isset($this->obSlave)) {
$this->StartUsingMasterOnly();
//This is bootstrap code
$this->obSlave = CDatabase::SlaveConnection();
$this->StopUsingMasterOnly();
}
if (is_object($this->obSlave)) {
return $this->obSlave->Query($strSql, $bIgnoreErrors, $error_position, $arOptions);
}
}
}
$result = @mysql_query($strSql, $this->db_Conn);
if ($this->DebugToFile || $DB->ShowSqlStat) {
$exec_time = round(microtime(true) - $start_time, 10);
if ($DB->ShowSqlStat) {
$DB->cntQuery++;
$DB->timeQuery += $exec_time;
$DB->arQueryDebug[] = array("QUERY" => $strSql, "TIME" => $exec_time, "TRACE" => function_exists("debug_backtrace") ? debug_backtrace() : false, "BX_STATE" => $GLOBALS["BX_STATE"]);
}
if ($this->DebugToFile) {
$fp = fopen($_SERVER["DOCUMENT_ROOT"] . "/mysql_debug.sql", "ab+");
$str = "TIME: " . $exec_time . " SESSION: " . session_id() . " CONN: " . $this->db_Conn . "\n";
$str .= $strSql . "\n\n";
$str .= "----------------------------------------------------\n\n";
fputs($fp, $str);
@fclose($fp);
}
}
if (!$result) {
$this->db_Error = mysql_error($this->db_Conn);
$this->db_ErrorSQL = $strSql;
if (!$bIgnoreErrors) {
AddMessage2Log($error_position . " MySql Query Error: " . $strSql . " [" . $this->db_Error . "]", "main");
if ($this->DebugToFile) {
$fp = fopen($_SERVER["DOCUMENT_ROOT"] . "/mysql_debug.sql", "ab+");
fputs($fp, "SESSION: " . session_id() . " ERROR: " . $this->db_Error . "\n\n----------------------------------------------------\n\n");
@fclose($fp);
}
if ($this->debug || @session_start() && $_SESSION["SESS_AUTH"]["ADMIN"]) {
echo $error_position . "<br><font color=#ff0000>MySQL Query Error: " . htmlspecialcharsbx($strSql) . "</font>[" . htmlspecialcharsbx($this->db_Error) . "]<br>";
}
$error_position = preg_replace("#<br[^>]*>#i", "\n", $error_position);
SendError($error_position . "\nMySQL Query Error:\n" . $strSql . " \n [" . $this->db_Error . "]\n---------------\n\n");
if (file_exists($_SERVER["DOCUMENT_ROOT"] . BX_PERSONAL_ROOT . "/php_interface/dbquery_error.php")) {
include $_SERVER["DOCUMENT_ROOT"] . BX_PERSONAL_ROOT . "/php_interface/dbquery_error.php";
} elseif (file_exists($_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/dbquery_error.php")) {
include $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/dbquery_error.php";
} else {
die("MySQL Query Error!");
}
die;
}
return false;
}
$res = new CDBResult($result);
$res->DB = $this;
if ($DB->ShowSqlStat) {
$res->SqlTraceIndex = count($DB->arQueryDebug);
}
return $res;
}
function GetCurrentFolder()
{
$sCurrentFolder = input_strval('CurrentFolder');
if (!$sCurrentFolder) {
$sCurrentFolder = '/';
}
// Check the current folder syntax (must begin and start with a slash).
if (!preg_match('|/$|', $sCurrentFolder)) {
$sCurrentFolder .= '/';
}
if (strpos($sCurrentFolder, '/') !== 0) {
$sCurrentFolder = '/' . $sCurrentFolder;
}
// Ensure the folder path has no double-slashes
while (strpos($sCurrentFolder, '//') !== false) {
$sCurrentFolder = str_replace('//', '/', $sCurrentFolder);
}
// Check for invalid folder paths (..)
// if ( $sCurrentFolder == '..' ) SendError( 102, '' ) ;
if (preg_match(",(/\\.)|(//)|(\\\\)|([\\:\\*\\?\"\\<\\>\\|]),", $sCurrentFolder)) {
SendError(102, '');
}
return $sCurrentFolder;
}
function GetRootPath()
{
if (!isset($_SERVER)) {
global $_SERVER;
}
$sRealPath = realpath('./');
// #2124 ensure that no slash is at the end
$sRealPath = rtrim($sRealPath, "\\/");
$sSelfPath = $_SERVER['PHP_SELF'];
$sSelfPath = substr($sSelfPath, 0, strrpos($sSelfPath, '/'));
$sSelfPath = str_replace('/', DIRECTORY_SEPARATOR, $sSelfPath);
$position = strpos($sRealPath, $sSelfPath);
// This can check only that this script isn't run from a virtual dir
// But it avoids the problems that arise if it isn't checked
if ($position === false || $position != strlen($sRealPath) - strlen($sSelfPath)) {
SendError(1, 'Sorry, can\'t map "UserFilesPath" to a physical path. You must set the "UserFilesAbsolutePath" value in "editor/filemanager/connectors/php/config.php".');
}
return substr($sRealPath, 0, $position);
}
function GetCurrentFolder()
{
if (!isset($_GET)) {
global $_GET;
}
$sCurrentFolder = isset($_GET['CurrentFolder']) ? $_GET['CurrentFolder'] : '/';
// Check the current folder syntax (must begin and start with a slash).
if (!preg_match('|/$|', $sCurrentFolder)) {
$sCurrentFolder .= '/';
}
if (strpos($sCurrentFolder, '/') !== 0) {
$sCurrentFolder = '/' . $sCurrentFolder;
}
// Ensure the folder path has no double-slashes
while (strpos($sCurrentFolder, '//') !== false) {
$sCurrentFolder = str_replace('//', '/', $sCurrentFolder);
}
// Check for invalid folder paths (..)
if (strpos($sCurrentFolder, '..') || strpos($sCurrentFolder, "\\")) {
SendError(102, '');
}
if (preg_match(",(/\\.)|[[:cntrl:]]|(//)|(\\\\)|([\\:\\*\\?\"\\<\\>\\|]),", $sCurrentFolder)) {
SendError(102, '');
}
return $sCurrentFolder;
}
function DelFile($filename)
{
global $Config;
$file = $Config['UserFilesAbsolutePath'] . ltrim($filename, $Config['UserFilesPath']);
if (!unlink($file)) {
SendError(1, "Delete faild.");
}
// Create the "Error" node.
}
