/** * @param string|array $message * @param CAdminException|bool $exception */ function CAdminMessage($message, $exception=false) { //array("MESSAGE"=>"", "TYPE"=>("ERROR"|"OK"|"PROGRESS"), "DETAILS"=>"", "HTML"=>true) if(!is_array($message)) $message = array("MESSAGE"=>$message, "TYPE"=>"ERROR"); if(empty($message["DETAILS"]) && $exception !== false) $message["DETAILS"] = $exception->GetString(); $this->message = $message; $this->exception = $exception; }
$arParams["DOCUMENT_ID"] = $arResult["arWorkflowState"]["DOCUMENT_ID"]; $arParams["USER_GROUPS"] = $GLOBALS["USER"]->GetUserGroupArray(); if (method_exists($arParams["DOCUMENT_ID"][1], "GetUserGroups")) { $arParams["USER_GROUPS"] = call_user_func_array(array($arParams["DOCUMENT_ID"][1], "GetUserGroups"), array(null, $arParams["DOCUMENT_ID"], $GLOBALS["USER"]->GetID())); } if (!is_array($arResult["arWorkflowState"]) || count($arResult["arWorkflowState"]) <= 0) { $arError[] = array("id" => "error", "text" => GetMessage("BPABL_INVALID_WF")); } else { $bCanView = CBPDocument::CanUserOperateDocument(CBPCanUserOperateOperation::ViewWorkflow, $GLOBALS["USER"]->GetID(), $arResult["arWorkflowState"]["DOCUMENT_ID"], array("WorkflowId" => $arParams["ID"], "DocumentStates" => array($arParams["ID"] => $arResult["arWorkflowState"]), "UserGroups" => $arParams["USER_GROUPS"])); if (!$bCanView) { $arError[] = array("id" => "access denied", "text" => GetMessage("BPABL_NO_PERMS")); } } if (!empty($arError)) { $e = new CAdminException($arError); ShowError($e->GetString()); return false; } /******************************************************************** Data ********************************************************************/ $arResult["arWorkflowTrack"] = CBPTrackingService::DumpWorkflow($arParams["ID"]); /******************************************************************** /Data ********************************************************************/ $this->IncludeComponentTemplate(); /******************************************************************** Standart operations ********************************************************************/ if ($arParams["SET_TITLE"] == "Y") { $APPLICATION->SetTitle(str_replace("#ID#", $arParams["ID"], GetMessage("BPABL_TITLE")));
********************************************************************/ $dir = dirname(__FILE__); include str_replace(array("\\", "//"), "/", $dir . "/") . "action.php"; /******************************************************************** /Action ********************************************************************/ if (!empty($arError)) { $e = new CAdminException($arError); $arResult["ERROR_MESSAGE"] = $e->GetString(); } if (!empty($arNote)) { if (isset($arNote['title'])) { $arResult['OK_MESSAGE'] = $arNote['title']; } else { $e = new CAdminException($arNote); $arResult["OK_MESSAGE"] = $e->GetString(); } } /******************************************************************** Data ********************************************************************/ /************** Message list ***************************************/ $arResult["TOPIC"]["iLAST_TOPIC_MESSAGE"] = $arResult["TOPIC"]["ABS_LAST_MESSAGE_ID"]; // Number current page $iNumPage = 0; if ($arParams["MID"] > 0) { $iNumPage = CForumMessage::GetMessagePage($arParams["MID"], $arParams["MESSAGES_PER_PAGE"], $USER->GetUserGroupArray(), $arParams["TID"], array("PERMISSION_EXTERNAL" => $arParams["PERMISSION"])); } $arFilter = array("TOPIC_ID" => $arParams["TID"]); if ($arParams["MODE"] != "GROUP") { $arFilter["FORUM_ID"] = $arParams["FID"];
} } if (empty($arError)) { PClearComponentCache(array("search.page", "search.tags.cloud", "photogallery.detail/" . $arParams["IBLOCK_ID"] . "/detail/" . $_REQUEST["TO_SECTION_ID"] . "/", "photogallery.detail/" . $arParams["IBLOCK_ID"] . "/detail/" . $arResult["SECTION"]["ID"] . "/", "photogallery.detail.comment", "photogallery.detail.list/" . $arParams["IBLOCK_ID"] . "/detaillist/0", "photogallery.detail.list/" . $arParams["IBLOCK_ID"] . "/detaillist/" . $_REQUEST["TO_SECTION_ID"], "photogallery.detail.list/" . $arParams["IBLOCK_ID"] . "/detaillist/" . $arResult["SECTION"]["ID"], "photogallery.section/" . $arParams["IBLOCK_ID"] . "/section" . $arResult["SECTION"]["ID"], "photogallery.section/" . $arParams["IBLOCK_ID"] . "/section" . $arResult["SECTION"]["IBLOCK_SECTION_ID"], "photogallery.section.list/" . $arParams["IBLOCK_ID"] . "/section" . $arResult["SECTION"]["ID"], "photogallery.section.list/" . $arParams["IBLOCK_ID"] . "/sections" . $arResult["SECTION"]["IBLOCK_SECTION_ID"])); if ($arParams["AJAX_CALL"] == "Y") { $APPLICATION->RestartBuffer(); $result["DATE"] = PhotoDateFormat($arParams["DATE_TIME_FORMAT"], MakeTimeStamp($result["DATE"], CSite::GetDateFormat())); echo CUtil::PhpToJSObject($result); die; } else { LocalRedirect($arResult["URL"]); } } else { $bVarsFromForm = true; $e = new CAdminException($arError); $arResult["ERROR_MESSAGE"] = $e->GetString(); } } elseif ($_REQUEST["edit"] == "cancel") { LocalRedirect($arResult["~DETAIL_LINK"]); } /******************************************************************** /Action ********************************************************************/ /******************************************************************** Data ********************************************************************/ $arResult["ELEMENT"]["NAME"] = htmlspecialcharsEx($arResult["ELEMENT"]["~NAME"]); $arResult["ELEMENT"]["DETAIL_TEXT"] = htmlspecialcharsEx($arResult["ELEMENT"]["~DETAIL_TEXT"]); $arResult["ELEMENT"]["TAGS"] = htmlspecialcharsEx($arResult["ELEMENT"]["~TAGS"]); if ($bVarsFromForm) { $arResult["ELEMENT"]["NAME"] = htmlspecialcharsEx($_REQUEST["TITLE"]);
switch ($_REQUEST['action']) { case "delete": if (CForumSubscribe::CanUserDeleteSubscribe($ID, $USER->GetUserGroupArray(), $USER->GetID())) { CForumSubscribe::Delete($ID); } else { $arMsg[] = array("id" => "NO_PERMS", "text" => GetMessage("FSUBSC_NO_SPERMS")); } break; } } } } //************************************/Actions ******************************************************************** if (!empty($arMsg)) { $err = new CAdminException($arMsg); $lAdmin->AddFilterError($err->GetString()); } $rsData = CForumSubscribe::GetListEx(array($by => $order), $arFilter); $rsData = new CAdminResult($rsData, $sTableID); $rsData->NavStart(); $lAdmin->NavText($rsData->GetNavPrint(GetMessage("FM_TITLE_PAGE"))); //************************************ Headers ******************************************************************** $lAdmin->AddHeaders(array(array("id" => "ID", "content" => GetMessage("FM_HEAD_ID"), "sort" => "ID", "default" => true), array("id" => "FORUM_NAME", "content" => GetMessage("FM_HEAD_FORUM"), "sort" => "FORUM_NAME", "default" => true), array("id" => "TITLE", "content" => GetMessage("FM_HEAD_TOPIC"), "sort" => "TITLE", "default" => true), array("id" => "START_DATE", "content" => GetMessage("FM_HEAD_START_DATE"), "sort" => "START_DATE", "default" => true), array("id" => "LAST_SEND", "content" => GetMessage("FM_HEAD_LAST_SEND"), "sort" => "LAST_SEND", "default" => true))); //************************************ Body *********************************************************************** while ($arRes = $rsData->NavNext(true, "t_")) { $row =& $lAdmin->AddRow($t_ID, $arRes); $LOGIN = $arRes["LOGIN"]; if ($t_TOPIC_ID <= 0) { $t_TITLE = $t_NEW_TOPIC_ONLY == "Y" ? GetMessage("FM_NEW_TOPIC_ONLY") : GetMessage("FM_ALL_MESSAGE"); } $row->AddViewField("TITLE", $t_TITLE);
$taskId = (int) $_REQUEST['TASK_ID']; $task = false; if ($taskId > 0) { $dbTask = CBPTaskService::GetList(array(), array("ID" => $taskId, "USER_ID" => $user->getId(), 'USER_STATUS' => CBPTaskUserStatus::Waiting), false, false, array("ID", "WORKFLOW_ID", "ACTIVITY", "ACTIVITY_NAME", "MODIFIED", "OVERDUE_DATE", "NAME", "DESCRIPTION", "PARAMETERS")); $task = $dbTask->fetch(); } if (!$task) { $result['SUCCESS'] = false; $result['ERROR'] = 'Task not found.'; } else { $task["PARAMETERS"]["DOCUMENT_ID"] = CBPStateService::GetStateDocumentId($task['WORKFLOW_ID']); $task["MODULE_ID"] = $task["PARAMETERS"]["DOCUMENT_ID"][0]; $task["ENTITY"] = $task["PARAMETERS"]["DOCUMENT_ID"][1]; $task["DOCUMENT_ID"] = $task["PARAMETERS"]["DOCUMENT_ID"][2]; $arErrorsTmp = array(); if (SITE_CHARSET != "utf-8" && !empty($_SERVER['HTTP_BX_AJAX'])) { CUtil::decodeURIComponent($_REQUEST); CUtil::decodeURIComponent($_FILES); } $formData = $_REQUEST + $_FILES; if (!CBPDocument::PostTaskForm($task, $user->getId(), $formData, $arErrorsTmp)) { $arError = array(); foreach ($arErrorsTmp as $e) { $arError[] = array("id" => "bad_task", "text" => $e["message"]); } $e = new CAdminException($arError); $result['ERROR'] = HTMLToTxt($e->GetString()); } } } echo CUtil::PhpToJSObject($result);
$strTitle = $name . ": " . $arParams["STR_TITLE"]; if ($arParams["SET_NAV_CHAIN"] == "Y") { $APPLICATION->AddChainItem($name, CComponentEngine::MakePathFromTemplate($arResult["PATH_TO_USER"], array("user_id" => $arResult["VARIABLES"]["user_id"]))); $APPLICATION->AddChainItem($arParams["STR_TITLE"], CComponentEngine::MakePathFromTemplate($arResult["PATH_TO_USER_FILES"], array("user_id" => $arResult["VARIABLES"]["user_id"], "path" => ""))); } } if ($arParams["SET_TITLE"] == "Y") { $APPLICATION->SetTitle($strTitle); if ($componentPage == "user_files" && (empty($arResult["VARIABLES"]["path"]) || $arResult["VARIABLES"]["path"] == "index.php")) { $arParams["SET_TITLE"] = "N"; } } } if (!empty($arError)) { $e = new CAdminException($arError); $arParams["ERROR_MESSAGE"] = $e->GetString(); return -1; } /******************************************************************** /Check Socnet Permission and Main Data ********************************************************************/ /******************************************************************** Default params ********************************************************************/ define("WEBDAV_SETTINGS_LIMIT_INCLUDE", "Y"); $file = trim(preg_replace("'[\\\\/]+'", "/", dirname(__FILE__) . "/webdav_settings.php")); require_once $file; /************** Path ***********************************************/ $sBaseUrl = $APPLICATION->GetCurDir(); $arParsedUrl = parse_url($_SERVER['REQUEST_URI']); $page = $arParsedUrl ? $arParsedUrl['path'] : $_SERVER['REQUEST_URI'];
function ForumAddMessage($MESSAGE_TYPE, $FID, $TID, $MID, $arFieldsG, &$strErrorMessage, &$strOKMessage, $iFileSize = false, $captcha_word = "", $captcha_sid = 0, $captcha_code = "") { global $USER, $DB, $APPLICATION; $APPLICATION->ResetException(); $aMsg = array(); $bUpdateTopic = False; $bAddEditNote = $MESSAGE_TYPE == "EDIT"; $arParams = array("PERMISSION" => false); $arUserGroups = $USER->GetUserGroupArray(); // ************ External Permission ********************************* if (!empty($arFieldsG["PERMISSION_EXTERNAL"])) { $arParams["PERMISSION"] = CForumNew::GetUserPermission($FID, $arUserGroups); $arParams["PERMISSION"] = $arParams["PERMISSION"] < "Q" ? $arFieldsG["PERMISSION_EXTERNAL"] : $arParams["PERMISSION"]; unset($arFieldsG["PERMISSION_EXTERNAL"]); } elseif (!empty($arFieldsG["SONET_PERMS"])) { $arParams["PERMISSION"] = CForumNew::GetUserPermission($FID, $arUserGroups); if ($arParams["PERMISSION"] < "Q") { if ($arFieldsG["SONET_PERMS"]["bCanFull"] === true) { $arParams["PERMISSION"] = "Y"; } elseif ($arFieldsG["SONET_PERMS"]["bCanNew"] === true) { $arParams["PERMISSION"] = "M"; } elseif ($arFieldsG["SONET_PERMS"]["bCanWrite"] === true) { $arParams["PERMISSION"] = "I"; } else { $arParams["PERMISSION"] = "A"; } } unset($arFieldsG["SONET_PERMS"]); } $DB->StartTransaction(); if (!in_array($MESSAGE_TYPE, array("NEW", "EDIT", "REPLY"))) { $aMsg[] = array("id" => "MESSAGE_TYPE", "text" => GetMessage("ADDMES_NO_TYPE") . "."); } $MID = intval($MID); $TID = intval($TID); $FID = intval($FID); $arFieldsG["EDIT_ADD_REASON"] = $arFieldsG["EDIT_ADD_REASON"] == "Y" ? "Y" : "N"; if ($MID > 0) { $arMessage = CForumMessage::GetByID($MID, array("FILTER" => "N")); if ($arMessage) { $TID = IntVal($arMessage["TOPIC_ID"]); $FID = IntVal($arMessage["FORUM_ID"]); } } $arTopic = array(); if ($TID > 0) { $arTopic = CForumTopic::GetByID($TID); if ($arTopic) { $FID = IntVal($arTopic["FORUM_ID"]); } } $arForum = CForumNew::GetByID($FID); //************************* Input params ************************************************************************** if ($MESSAGE_TYPE == "NEW" && !CForumTopic::CanUserAddTopic($FID, $arUserGroups, $USER->GetID(), $arForum, $arParams["PERMISSION"])) { $aMsg[] = array("id" => "PERMISSION", "text" => GetMessage("ADDMESS_NO_PERMS2NEW") . "."); } elseif ($MESSAGE_TYPE == "EDIT" && !CForumMessage::CanUserUpdateMessage($MID, $arUserGroups, $USER->GetID(), $arParams["PERMISSION"])) { $aMsg[] = array("id" => "PERMISSION", "text" => GetMessage("ADDMESS_NO_PERMS2EDIT") . "."); } elseif ($MESSAGE_TYPE == "REPLY" && !CForumMessage::CanUserAddMessage($TID, $arUserGroups, $USER->GetID(), $arParams["PERMISSION"])) { $aMsg[] = array("id" => "PERMISSION", "text" => GetMessage("ADDMESS_NO_PERMS2REPLY") . "."); } if ($MESSAGE_TYPE == "NEW" || $MESSAGE_TYPE == "EDIT" && array_intersect_key($arFieldsG, array("TITLE" => "", "DESCRIPTION" => "", "ICON" => "", "TAGS" => "", "OWNER_ID" => "", "SOCNET_GROUP_ID" => "")) && CForumTopic::CanUserUpdateTopic($TID, $arUserGroups, $USER->GetID(), $arParams["PERMISSION"])) { $bUpdateTopic = True; } if ($MESSAGE_TYPE == "EDIT" && (ForumCurrUserPermissions($FID, $arParams) > "Q" && $arFieldsG["EDIT_ADD_REASON"] == "N")) { $bAddEditNote = false; } //*************************!CAPTCHA******************************************************************************** if (!$USER->IsAuthorized() && $arForum["USE_CAPTCHA"] == "Y") { include_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/classes/general/captcha.php"; $cpt = new CCaptcha(); if (strlen($captcha_code) > 0) { $captchaPass = COption::GetOptionString("main", "captcha_password", ""); if (!$cpt->CheckCodeCrypt($captcha_word, $captcha_code, $captchaPass)) { $aMsg[] = array("id" => "CAPTCHA", "text" => GetMessage("FORUM_POSTM_CAPTCHA") . "."); } } else { if (!$cpt->CheckCode($captcha_word, $captcha_sid)) { $aMsg[] = array("id" => "CAPTCHA", "text" => GetMessage("FORUM_POSTM_CAPTCHA") . "."); } } } //*************************!CAPTCHA******************************************************************************** $arFieldsG["POST_MESSAGE"] = trim($arFieldsG["POST_MESSAGE"]); if (empty($arFieldsG["POST_MESSAGE"])) { $aMsg[] = array("id" => "POST_MESSAGE", "text" => GetMessage("ADDMESS_INPUT_MESSAGE") . "."); } if ($bUpdateTopic && is_set($arFieldsG, "TITLE")) { $arFieldsG["TITLE"] = trim($arFieldsG["TITLE"]); if (empty($arFieldsG["TITLE"])) { $aMsg[] = array("id" => "TITLE", "text" => GetMessage("ADDMESS_INPUT_TITLE") . "."); } } //*************************!QUOTA********************************************************************************** /* if (empty($aMsg)) { $quota = new CDiskQuota(); if ($MESSAGE_TYPE=="EDIT") { if (!$quota->checkDiskQuota(strLen($arFieldsG["POST_MESSAGE"]) - strLen($arMessage["POST_MESSAGE"]))) { if (!$quota->LAST_ERROR) $aMsg[] = array("id" => "QUOTA", "text" => GetMessage("MAIN_QUOTA_BAD")."( ".COption::GetOptionInt("main", "disk_space")." )."); else $aMsg[] = array("id" => "QUOTA", "text" => $quota->LAST_ERROR); } } elseif (!$quota->checkDiskQuota($arFieldsG["POST_MESSAGE"])) { if (!$quota->LAST_ERROR) $aMsg[] = array("id" => "QUOTA", "text" => GetMessage("MAIN_QUOTA_BAD")."( ".COption::GetOptionInt("main", "disk_space")." )."); else $aMsg[] = array("id" => "QUOTA", "text" => $quota->LAST_ERROR); } }*/ //*************************!QUOTA********************************************************************************** if (empty($aMsg)) { // *************************!ATTACH_IMG***************************************************************************** if (is_set($arFieldsG, "ATTACH_IMG") && empty($arFieldsG["ATTACH_IMG"]["name"]) && empty($arFieldsG["ATTACH_IMG"]["del"])) { unset($arFieldsG["ATTACH_IMG"]); } if (is_set($arFieldsG, "ATTACH_IMG")) { $arFieldsG["ATTACH_IMG"]["FILE_ID"] = $arMessage["ATTACH_IMG"]; $arFieldsG["FILES"] = array($arFieldsG["ATTACH_IMG"]); } unset($arFieldsG["ATTACH_IMG"]); if (!empty($arFieldsG["FILES"]) && is_array($arFieldsG["FILES"])) { foreach ($arFieldsG["FILES"] as $key => $val) { if (intVal($val["FILE_ID"]) > 0) { $arFieldsG["FILES"][$key]["del"] = $val["del"] == "Y" ? "Y" : ""; } } $res = array("FORUM_ID" => $arForum["ID"], "TOPIC_ID" => 0, "MESSAGE_ID" => 0, "USER_ID" => $USER->GetID()); if (!in_array($arForum["ALLOW_UPLOAD"], array("Y", "F", "A"))) { unset($arFieldsG["FILES"]); } elseif (!CForumFiles::CheckFields($arFieldsG["FILES"], $res, "NOT_CHECK_DB")) { if ($ex = $APPLICATION->GetException()) { $aMsg[] = array("id" => "FILE", "text" => $ex->GetString()); } else { $aMsg[] = array("id" => "FILE", "text" => "File upload error."); } } } } //*************************/ATTACH_IMG***************************************************************************** if (empty($aMsg) && ($MESSAGE_TYPE == "NEW" || $MESSAGE_TYPE == "REPLY")) { $AUTHOR_ID = IntVal($USER->GetParam("USER_ID")); if ($USER->IsAuthorized()) { $res = CForumUser::GetByUSER_ID($USER->GetID()); $bSHOW_NAME = !empty($res) ? $res["SHOW_NAME"] == "Y" : true; $arFieldsG["AUTHOR_NAME"] = $bSHOW_NAME ? trim($USER->GetFullName()) : ""; $arFieldsG["AUTHOR_NAME"] = !empty($arFieldsG["AUTHOR_NAME"]) ? $arFieldsG["AUTHOR_NAME"] : $USER->GetLogin(); } if (empty($arFieldsG["AUTHOR_NAME"])) { $aMsg[] = array("id" => "AUTHOR_NAME", "text" => GetMessage("ADDMESS_INPUT_AUTHOR") . "."); } } elseif (empty($aMsg) && $MESSAGE_TYPE == "EDIT") { $AUTHOR_ID = IntVal($arMessage["AUTHOR_ID"]); if (is_set($arFieldsG, "AUTHOR_NAME") && empty($arFieldsG["AUTHOR_NAME"])) { if ($AUTHOR_ID <= 0) { $aMsg[] = array("id" => "AUTHOR_NAME", "text" => GetMessage("ADDMESS_INPUT_AUTHOR") . "."); } else { $res = CForumUser::GetByUSER_ID($AUTHOR_ID); $bSHOW_NAME = !empty($res) ? $res["SHOW_NAME"] == "Y" : true; if ($USER->GetID() == $AUTHOR_ID) { $arFieldsG["AUTHOR_NAME"] = $bSHOW_NAME ? trim($USER->GetFullName()) : ""; $arFieldsG["AUTHOR_NAME"] = !empty($arFieldsG["AUTHOR_NAME"]) ? $arFieldsG["AUTHOR_NAME"] : $USER->GetLogin(); } else { $res = CForumUser::GetByUSER_IDEx($AUTHOR_ID); if ($res) { $arFieldsG["AUTHOR_NAME"] = trim($bSHOW_NAME ? $res["NAME"] . " " . $res["LAST_NAME"] : ""); $arFieldsG["AUTHOR_NAME"] = !empty($arFieldsG["AUTHOR_NAME"]) ? $arFieldsG["AUTHOR_NAME"] : $res["LOGIN"]; } else { unset($arFieldsG["AUTHOR_NAME"]); } } } } if ($USER->IsAuthorized()) { $res = CForumUser::GetByUSER_ID($USER->GetID()); $bSHOW_NAME = !empty($res) ? $res["SHOW_NAME"] == "Y" : true; $arFieldsG["EDITOR_NAME"] = $bSHOW_NAME ? trim($USER->GetFullName()) : ""; $arFieldsG["EDITOR_NAME"] = !empty($arFieldsG["EDITOR_NAME"]) ? $arFieldsG["EDITOR_NAME"] : $USER->GetLogin(); } if ($bAddEditNote && empty($arFieldsG["EDITOR_NAME"])) { $aMsg[] = array("id" => "EDITOR_NAME", "text" => GetMessage("ADDMESS_INPUT_EDITOR") . "."); } } //*************************/Input params *************************************************************************** //************************* Actions ******************************************************************************** //************************* Add/edit topic ************************************************************************* if (empty($aMsg)) { // The longest step by time. Actualization of topic, user and forum statistic info (~0.7-0.8 sec) if ($MESSAGE_TYPE == "EDIT" && ($arMessage["APPROVED"] == "Y" || $arMessage["APPROVED"] == "N")) { $arFieldsG["APPROVED"] = $arMessage["APPROVED"]; } elseif (!empty($arTopic) && $arTopic["APPROVED"] != "Y") { $arFieldsG["APPROVED"] = "N"; } else { $arFieldsG["APPROVED"] = $arForum["MODERATION"] == "Y" ? "N" : "Y"; if (ForumCurrUserPermissions($FID, $arParams) >= "Q") { $arFieldsG["APPROVED"] = "Y"; } } if ($bUpdateTopic) { $arFields = array(); foreach (array("TITLE", "TITLE_SEO", "DESCRIPTION", "ICON", "TAGS") as $key) { if (is_set($arFieldsG, $key)) { $arFields[$key] = $arFieldsG[$key]; } } if ($MESSAGE_TYPE == "NEW") { $arFields["FORUM_ID"] = $FID; $arFields["USER_START_ID"] = $AUTHOR_ID; $arFields["USER_START_NAME"] = $arFieldsG["AUTHOR_NAME"]; $arFields["LAST_POSTER_NAME"] = $arFieldsG["AUTHOR_NAME"]; $arFields["APPROVED"] = $arFieldsG["APPROVED"]; $arFields["OWNER_ID"] = $arFieldsG["OWNER_ID"]; $arFields["SOCNET_GROUP_ID"] = $arFieldsG["SOCNET_GROUP_ID"]; if (is_set($arFieldsG, "TOPIC_XML_ID")) { $arFields["XML_ID"] = $arFieldsG["TOPIC_XML_ID"]; } $TID = CForumTopic::Add($arFields); if (IntVal($TID) <= 0) { $aMsg[] = array("id" => "TOPIC_ID", "text" => GetMessage("ADDMESS_ERROR_ADD_TOPIC") . "."); } } else { if (is_set($arFieldsG, "AUTHOR_NAME")) { if ($arTopic["LAST_MESSAGE_ID"] == $MID && $arMessage["LAST_POSTER_NAME"] != $arFieldsG["AUTHOR_NAME"]) { $arFields["LAST_POSTER_NAME"] = $arFieldsG["AUTHOR_NAME"]; } if ($arTopic["ABS_LAST_MESSAGE_ID"] == $MID && $arMessage["ABS_LAST_POSTER_NAME"] != $arFieldsG["AUTHOR_NAME"]) { $arFields["ABS_LAST_POSTER_NAME"] = $arFieldsG["AUTHOR_NAME"]; } if ($arTopic["USER_START_NAME"] == $arMessage["USER_START_NAME"] && $arTopic["USER_START_NAME"] != $arFieldsG["AUTHOR_NAME"]) { $arFields["USER_START_NAME"] = $arFieldsG["AUTHOR_NAME"]; } } if (!empty($arFields)) { $TID1 = CForumTopic::Update($TID, $arFields); if (intval($TID1) <= 0) { $aMsg[] = array("id" => "TOPIC_ID", "text" => GetMessage("ADDMESS_ERROR_EDIT_TOPIC") . "."); } else { foreach ($arFields as $key => $val) { if ($arFields[$key] != $arTopic[$key]) { $res_log[$key] = $arFields[$key]; $res_log["before" . $key] = $arTopic[$key]; } } if (!empty($res_log)) { $arTopic = CForumTopic::GetByID($TID); $res_log['FORUM_ID'] = $arTopic['FORUM_ID']; CForumEventLog::Log("topic", "edit", $TID, serialize($res_log)); } } if (is_set($arFieldsG, "AUTHOR_NAME") && $arForum["LAST_MESSAGE_ID"] == $MID && $arForum["LAST_POSTER_NAME"] != $arFieldsG["AUTHOR_NAME"]) { $arFieldsForum = array("LAST_POSTER_NAME" => $arFieldsG["AUTHOR_NAME"]); if ($arForum["ABS_LAST_MESSAGE_ID"] == $MID) { $arFieldsForum["LAST_POSTER_NAME"] = $arFieldsG["AUTHOR_NAME"]; } CForumNew::Update($arForum["ID"], $arFieldsForum); } } } } } //*************************/Add/edit topic ************************************************************************* //************************* Add/edit message *********************************************************************** if (empty($aMsg)) { $arFields = array("POST_MESSAGE" => $arFieldsG["POST_MESSAGE"], "USE_SMILES" => $arFieldsG["USE_SMILES"] == "Y" ? "Y" : "N", "APPROVED" => $arFieldsG["APPROVED"]); if (is_set($arFieldsG, "ATTACH_IMG")) { $arFields["ATTACH_IMG"] = $arFieldsG["ATTACH_IMG"]; } elseif (is_set($arFieldsG, "FILES")) { $arFields["FILES"] = $arFieldsG["FILES"]; } if (is_set($arFieldsG, "PARAM1")) { $arFields["PARAM1"] = $arFieldsG["PARAM1"]; } if (is_set($arFieldsG, "PARAM2")) { $arFields["PARAM2"] = $arFieldsG["PARAM2"]; } /* elseif ($MESSAGE_TYPE != "NEW") { $db_res = CForumMessage::GetList(array(), array("TOPIC_ID" => $TID, "NEW_TOPIC" => "Y")); if ($db_res && $res = $db_res->Fetch()) $res["PARAM2"] = $res["PARAM2"]; }*/ $GLOBALS["USER_FIELD_MANAGER"]->EditFormAddFields("FORUM_MESSAGE", $arFields); if ($MESSAGE_TYPE == "NEW" || $MESSAGE_TYPE == "REPLY") { $arFields["AUTHOR_NAME"] = $arFieldsG["AUTHOR_NAME"]; $arFields["AUTHOR_EMAIL"] = $arFieldsG["AUTHOR_EMAIL"]; $arFields["AUTHOR_ID"] = $AUTHOR_ID; $arFields["FORUM_ID"] = $FID; $arFields["TOPIC_ID"] = $TID; $AUTHOR_IP = ForumGetRealIP(); $AUTHOR_IP_tmp = $AUTHOR_IP; $AUTHOR_REAL_IP = $_SERVER['REMOTE_ADDR']; if (COption::GetOptionString("forum", "FORUM_GETHOSTBYADDR", "N") == "Y") { $AUTHOR_IP = @gethostbyaddr($AUTHOR_IP); $AUTHOR_REAL_IP = $AUTHOR_IP_tmp == $AUTHOR_REAL_IP ? $AUTHOR_IP : @gethostbyaddr($AUTHOR_REAL_IP); } $arFields["AUTHOR_IP"] = $AUTHOR_IP !== False ? $AUTHOR_IP : "<no address>"; $arFields["AUTHOR_REAL_IP"] = $AUTHOR_REAL_IP !== False ? $AUTHOR_REAL_IP : "<no address>"; $arFields["NEW_TOPIC"] = $MESSAGE_TYPE == "NEW" ? "Y" : "N"; $arFields["GUEST_ID"] = $_SESSION["SESS_GUEST_ID"]; $MID = CForumMessage::Add($arFields, false); if (intVal($MID) <= 0) { $str = $APPLICATION->GetException(); if ($str && $str->GetString()) { $aMsg[] = array("id" => "MESSAGE_ID", "text" => $str->GetString()); } else { $aMsg[] = array("id" => "MESSAGE_ID", "text" => GetMessage("ADDMESS_ERROR_ADD_MESSAGE") . "."); } if ($MESSAGE_TYPE == "NEW") { CForumTopic::Delete($TID); $TID = 0; } } } else { if (empty($AUTHOR_ID)) { if (is_set($arFieldsG, "AUTHOR_NAME")) { $arFields["AUTHOR_NAME"] = $arFieldsG["AUTHOR_NAME"]; } if (is_set($arFieldsG, "AUTHOR_EMAIL")) { $arFields["AUTHOR_EMAIL"] = $arFieldsG["AUTHOR_EMAIL"]; } } if ($bAddEditNote) { $arFields["EDITOR_NAME"] = $arFieldsG["EDITOR_NAME"]; $arFields["EDITOR_EMAIL"] = $arFieldsG["EDITOR_EMAIL"]; $arFields["EDIT_REASON"] = $arFieldsG["EDIT_REASON"]; $arFields["EDIT_DATE"] = ""; if ($GLOBALS["USER"]->IsAuthorized()) { $arFields["EDITOR_ID"] = $GLOBALS["USER"]->GetID(); } } $MID1 = CForumMessage::Update($MID, $arFields); if (IntVal($MID1) <= 0) { $ex = $GLOBALS['APPLICATION']->GetException(); if ($ex) { $aMsg[] = array("id" => "MESSAGE_ID", "text" => $ex->GetString()); } else { $aMsg[] = array("id" => "MESSAGE_ID", "text" => GetMessage("ADDMESS_ERROR_EDIT_MESSAGE") . "."); } } elseif ($AUTHOR_ID == $GLOBALS["USER"]->GetId() && COption::GetOptionString("forum", "LOGS", "Q") < "U") { } else { $res_log = array(); foreach ($arFields as $key => $val) { if ($arFields[$key] != $arMessage[$key]) { if ($key == "FILES" || $key == "ATTACH_IMG") { $res_log[$key] = GetMessage("F_ATTACH_IS_MODIFIED"); continue; } $res_log["BeforeMessage"] = $arMessage[$key]; $res_log["AfterMessage"] = $arFields[$key]; } } if (!empty($res_log)) { $arMessage = CForumMessage::GetByID($MID); $TID = $arMessage['TOPIC_ID']; $res_log['FORUM_ID'] = $arMessage['FORUM_ID']; $arTopic = CForumTopic::GetByID($TID); $res_log['TITLE'] = $arTopic['TITLE']; $res_log['TOPIC_ID'] = $TID; $res_log = serialize($res_log); CForumEventLog::Log("message", "edit", $MID, $res_log); } } } } //*************************/Add/edit message *********************************************************************** if (empty($aMsg)) { $DB->Commit(); } else { $DB->Rollback(); } if (empty($aMsg) && CModule::IncludeModule("statistic")) { $F_EVENT1 = $arForum["EVENT1"]; $F_EVENT2 = $arForum["EVENT2"]; $F_EVENT3 = $arForum["EVENT3"]; if (empty($F_EVENT3)) { $arForumSite_tmp = CForumNew::GetSites($FID); if (defined("ADMIN_SECTION") && ADMIN_SECTION === true) { $arForumSiteCode_tmp = array_keys($arForumSite_tmp); $F_EVENT3 = CForumNew::PreparePath2Message(empty($arForumSite_tmp[$arForumSiteCode_tmp[0]]) ? '' : $arForumSite_tmp[$arForumSiteCode_tmp[0]], array("FORUM_ID" => $FID, "TOPIC_ID" => $TID, "MESSAGE_ID" => $MID)); } else { $F_EVENT3 = CForumNew::PreparePath2Message(empty($arForumSite_tmp[SITE_ID]) ? '' : $arForumSite_tmp[SITE_ID], array("FORUM_ID" => $FID, "TOPIC_ID" => $TID, "MESSAGE_ID" => $MID)); } } CStatistics::Set_Event($F_EVENT1, $F_EVENT2, $F_EVENT3); } if (empty($aMsg)) { $arNote = array(); if ($MESSAGE_TYPE == "NEW" || $MESSAGE_TYPE == "REPLY") { CForumMessage::SendMailMessage($MID, array(), false, "NEW_FORUM_MESSAGE"); $arNote = array("id" => $MESSAGE_TYPE, "text" => GetMessage("ADDMESS_SUCCESS_ADD") . ". \n"); } else { CForumMessage::SendMailMessage($MID, array(), false, "EDIT_FORUM_MESSAGE"); $arNote = array("id" => "EDIT", "text" => GetMessage("ADDMESS_SUCCESS_EDIT") . ". \n"); } if ($arFieldsG["APPROVED"] != "Y") { $arNote["id"] .= "_NOT_APPROVED"; $arNote["text"] .= GetMessage("ADDMESS_AFTER_MODERATE") . ". \n"; } if (is_array($strOKMessage)) { $strOKMessage[] = $arNote; } else { $strOKMessage .= $arNote["text"]; } return $MID; } $e = new CAdminException($aMsg); $strErrorMessage = $e->GetString(); return false; }
function CheckWebRights($method = "", $arParams = array(), $simple = true) { if ($this->withoutAuthorization) { return true; } $strong = $method !== ""; $path = ''; if (is_array($arParams['arElement'])) { $path = isset($arParams['arElement']['item_id']) ? $arParams['arElement']['item_id'] : ''; } elseif (is_string($arParams['arElement'])) { $path = $arParams['arElement']; } $result = $this->CheckRights($method, $strong, $path); if (!$result || $simple) { return $result; } $arError = array(); $action = strtolower(is_set($arParams, "action") ? $arParams["action"] : $arParams["ACTION"]); $arElement = is_set($arParams, "arElement") ? $arParams["arElement"] : array(); static $arErrors = array(); $static_id = md5(serialize(array($action, $arElement["ID"], $GLOBALS["USER"]->GetID()))); if (array_key_exists($static_id, $arErrors)) { $arError = $arErrors[$static_id]; } else { if ($this->e_rights) { foreach (array('arElement', 'from', 'to') as $elm) { if (is_set($arParams, $elm)) { if ((!isset($arParams[$elm]['not_found']) || $arParams[$elm]['not_found'] === true) && !in_array($action, array('create', 'copy', 'move', 'mkcol'))) { $arError[] = array("id" => "bad_element", "text" => GetMessage("WD_FILE_ERROR105")); } } } if (empty($arError)) { if ($action == 'copy') { //from[] //to[] $arTo = isset($arParams['to']) ? $arParams['to'] : array(); $arFrom = isset($arParams['from']) ? $arParams['from'] : array(); $nCount = min(sizeof($arTo), sizeof($arFrom)); for ($i = 0; $i < $nCount; $i++) { $To = $arTo[$i]; $From = $arFrom[$i]; $type = $To['is_file'] ? 'ELEMENT' : 'SECTION'; $id = $To['not_found'] ? $To['parent_id'] : $To['item_id']; $op = $From['is_file'] ? 'section_element_bind' : 'section_section_bind'; if (!$this->GetPermission($type, $id, $op)) { $arError[] = array("id" => "", "text" => GetMessage("WD_ACCESS_DENIED")); } } } elseif ($action == 'create' || $action == 'mkcol') { //arElement //null if (empty($arElement)) { $arParent = $this->GetObject(); $bAllowEdit = false; if ($arParent['not_found'] === false) { $bAllowEdit = $this->GetPermission($arParent['is_file'] ? 'ELEMENT' : 'SECTION', $arParent['item_id'], 'element_edit'); } return $bAllowEdit; } else { $type = 'SECTION'; if (isset($arElement['parent_id']) && $arElement['parent_id'] > 0) { $id = $arElement['parent_id']; } else { $id = $this->IBLOCK_ID; $type = 'IBLOCK'; } if ($action == 'mkcol') { return $this->GetPermission($type, $id, 'section_section_bind'); } if ($arElement['is_dir']) { if (!$this->GetPermission($type, $id, 'section_section_bind')) { $arError[] = array("id" => "", "text" => GetMessage("WD_ACCESS_DENIED")); } } else { if (!empty($arParams['create_element_in_section']) || $this->workflow != "workflow" && $this->workflow != "bizproc") { if (!$this->GetPermission($type, $id, 'section_element_bind')) { $arError[] = array("id" => "cannot_create", "text" => GetMessage("WD_ACCESS_DENIED")); } } elseif ($this->workflow == "workflow") { $db_res = CWorkflowStatus::GetDropDownList("N", "desc"); if (!($db_res && ($res = $db_res->Fetch()))) { $arError[] = array("id" => "bad_wf_statuses", "text" => GetMessage("WD_ACCESS_DENIED")); } } elseif ($this->workflow == 'bizproc') { $arDocumentStates = CBPDocument::GetDocumentStates($this->wfParams['DOCUMENT_TYPE'], null); $arUserGroups = $this->USER["GROUPS"]; $arUserGroups[] = "Author"; $canWrite = false; if (!CBPDocument::CanUserOperateDocumentType(CBPCanUserOperateOperation::WriteDocument, $GLOBALS["USER"]->GetID(), $this->wfParams['DOCUMENT_TYPE'], array("IBlockPermission" => $this->permission, "AllUserGroups" => $arUserGroups, "DocumentStates" => $arDocumentStates))) { $arError[] = array("id" => "bad_bizproc_permision", "text" => GetMessage("WD_ACCESS_DENIED")); } } } } } elseif ($action == 'delete' || $action == 'undelete') { //arElement $type = $arElement['is_dir'] ? 'SECTION' : 'ELEMENT'; if ($type == 'ELEMENT') { $res = $this->GetPermission($type, $arElement['item_id'], 'element_delete'); if (!$res) { $arError[] = array("id" => "", "text" => GetMessage("WD_ACCESS_DENIED")); } } else { $res = $this->GetPermission($type, $arElement['item_id'], 'section_delete', false); if (!$res) { $arError[] = array("id" => "", "text" => GetMessage("WD_ACCESS_DENIED")); } } } elseif ($action == 'destroy') { //arElement $id = $arElement['item_id']; $type = $arElement['is_dir'] ? 'SECTION' : 'ELEMENT'; $op = $arElement['is_dir'] ? 'section_delete' : 'element_delete'; if (!$this->GetPermission($type, $id, $op, false)) { $arError[] = array("id" => "", "text" => GetMessage("WD_ACCESS_DENIED")); } } elseif ($action == 'edit' || $action == 'lock' || $action == 'proppatch' || $action == 'delete_dropped') { //arElement $id = $arElement['item_id']; $type = $arElement['is_dir'] ? 'SECTION' : 'ELEMENT'; if ($arElement['is_dir']) { if (!$this->GetPermission($type, $id, 'section_edit')) { $arError[] = array("id" => "", "text" => GetMessage("WD_ACCESS_DENIED")); } } else { if ($arElement["LOCK_STATUS_BP"] == "red") { $arError[] = array("id" => "locked", "text" => GetMessage("WD_FILE_ERROR107")); } elseif ($this->check_creator && $arElement["CREATED_BY"] != $GLOBALS["USER"]->GetID()) { $arError[] = array("id" => "bad_author", "text" => GetMessage("WD_FILE_ERROR108")); } elseif ($this->GetPermission($type, $id, 'element_edit_any_wf_status')) { true; } elseif ($this->workflow == "workflow" && $this->GetPermission($type, $id, 'element_edit')) { $arWorkFlow = array("LAST_ID" => CIBlockElement::WF_GetLast($arElement["item_id"])); $arWorkFlow["STATUS_ID"] = CIBlockElement::WF_GetCurrentStatus($arWorkFlow["LAST_ID"], $arWorkFlow["STATUS_TITLE"]); $arWorkFlow["STATUS_PERMISSION"] = CIBlockElement::WF_GetStatusPermission($arWorkFlow["STATUS_ID"]); if ($arWorkFlow["STATUS_ID"] > 1 && $arWorkFlow["STATUS_PERMISSION"] < 2) { $arError[] = array("id" => "bad_wf_status_permission", "text" => GetMessage("WD_FILE_ERROR109")); } } elseif ($this->workflow == 'bizproc' && $this->GetPermission($type, $id, 'element_edit')) { $documentId = $this->wfParams['DOCUMENT_TYPE']; $documentId[2] = $arElement["item_id"]; $arDocumentStates = CBPDocument::GetDocumentStates($this->wfParams['DOCUMENT_TYPE'], $documentId); $arUserGroups = $this->USER["GROUPS"]; if ($arElement["CREATED_BY"] == $GLOBALS["USER"]->GetID()) { $arUserGroups[] = "Author"; } if (!CBPDocument::CanUserOperateDocument(CBPCanUserOperateOperation::WriteDocument, $GLOBALS["USER"]->GetID(), $documentId, array("IBlockPermission" => $this->permission, "AllUserGroups" => $arUserGroups, "DocumentStates" => $arDocumentStates))) { $arError[] = array("id" => "bad_bizproc_permision", "text" => GetMessage("WD_ACCESS_DENIED")); } } else { $arError[] = array("id" => "bad_permision", "text" => GetMessage("WD_ACCESS_DENIED")); } } } elseif ($action == 'read' || $action == 'propfind') { //arElement, null if ($arElement) { $id = $arElement['item_id']; $type = $arElement['is_dir'] ? 'SECTION' : 'ELEMENT'; $op = $arElement['is_dir'] ? 'section_read' : 'element_read'; if (!$this->GetPermission($type, $id, $op)) { $arError[] = array("id" => "bad_permision", "text" => GetMessage("WD_ACCESS_DENIED")); } if ($type == 'SECTION' && $id == $this->GetMetaID('TRASH')) { if (!$this->GetPermission($type, $id, 'section_delete')) { $arError[] = array("id" => "bad_permision", "text" => GetMessage("WD_ACCESS_DENIED")); } } } else { if (!$this->GetPermission('IBLOCK', $this->IBLOCK_ID, 'section_read')) { $arError[] = array("id" => "bad_permision", "text" => GetMessage("WD_ACCESS_DENIED")); } } } elseif ($action == 'move') { //from // auto recusive //to // auto recusive $arTo = isset($arParams['to']) ? $arParams['to'] : array(); $arFrom = isset($arParams['from']) ? $arParams['from'] : array(); $nCount = min(sizeof($arTo), sizeof($arFrom)); for ($i = 0; $i < $nCount; $i++) { $To = $arTo[$i]; $From = $arFrom[$i]; $type = $From['is_dir'] ? 'SECTION' : 'ELEMENT'; $id = $From['item_id']; $op = $From['is_dir'] ? 'section_edit' : 'element_edit'; if (!$this->GetPermission($type, $id, $op)) { $arError[] = array("id" => "bad_permision", "text" => GetMessage("WD_ACCESS_DENIED")); } if ($To['not_found']) { $type = 'SECTION'; $id = $To['parent_id']; $op = $arFrom['is_dir'] ? 'section_section_bind' : 'section_element_bind'; // TODO: bizproc ? if (!$this->GetPermission($type, $id, $op)) { $arError[] = array("id" => "bad_permision", "text" => GetMessage("WD_ACCESS_DENIED")); } } else { $type = $To['is_dir'] ? 'SECTION' : 'ELEMENT'; $id = $To['item_id']; $op = $To['is_dir'] ? $arFrom['is_dir'] ? 'section_section_bind' : 'section_element_bind' : 'element_edit'; // TODO: bizproc ? if (!$this->GetPermission($type, $id, $op)) { $arError[] = array("id" => "bad_permision", "text" => GetMessage("WD_ACCESS_DENIED")); } } } } } } else { // check iblock rights if ($this->permission < "R") { $arError[] = array("id" => "cannot_read", "text" => GetMessage("WD_ACCESS_DENIED")); } elseif ($this->permission > "U") { true; } elseif ($action == "read" || $action == "propfind") { true; } elseif ($this->permission < "U") { $arError[] = array("id" => "cannot_workflow", "text" => GetMessage("WD_ACCESS_DENIED")); } elseif ($action == "create") { if ($this->workflow != "workflow" && $this->workflow != "bizproc") { $arError[] = array("id" => "cannot_write", "text" => GetMessage("WD_ACCESS_DENIED")); } elseif ($this->workflow == "workflow") { $db_res = CWorkflowStatus::GetDropDownList("N", "desc"); if (!($db_res && ($res = $db_res->Fetch()))) { $arError[] = array("id" => "bad_wf_statuses", "text" => GetMessage("WD_ACCESS_DENIED")); } } elseif ($this->workflow == 'bizproc') { $arDocumentStates = CBPDocument::GetDocumentStates($this->wfParams['DOCUMENT_TYPE'], null); $arUserGroups = $this->USER["GROUPS"]; $arUserGroups[] = "Author"; $canWrite = false; if (!CBPDocument::CanUserOperateDocumentType(CBPCanUserOperateOperation::WriteDocument, $GLOBALS["USER"]->GetID(), $this->wfParams['DOCUMENT_TYPE'], array("IBlockPermission" => $this->permission, "AllUserGroups" => $arUserGroups, "DocumentStates" => $arDocumentStates))) { $arError[] = array("id" => "bad_bizproc_permision", "text" => GetMessage("WD_ACCESS_DENIED")); } } } elseif (!is_array($arElement) || empty($arElement)) { $arError[] = array("id" => "bad_element", "text" => GetMessage("WD_FILE_ERROR105")); } elseif ($action == "clone") { if ($this->workflow != "bizproc") { $arError[] = array("id" => "bad_workflow", "text" => GetMessage("WD_FILE_ERROR106")); } else { // User has to have permissions to read parent document && to create new document $arDocumentStates = CBPDocument::GetDocumentStates($this->wfParams['DOCUMENT_TYPE'], null); if (!($arElement["PERMISSION"] >= "R" && CBPDocument::CanUserOperateDocumentType(CBPCanUserOperateOperation::WriteDocument, $GLOBALS["USER"]->GetID(), $this->wfParams['DOCUMENT_TYPE'], array("IBlockPermission" => $this->permission, "AllUserGroups" => array_merge($this->USER["GROUPS"], array("author")), "DocumentStates" => $arDocumentStates)))) { $arError[] = array("id" => "bad_permission", "text" => GetMessage("WD_ACCESS_DENIED")); } } } elseif (!in_array($action, array("delete", "move", "edit", "unlock", "lock"))) { $arError[] = array("id" => "bad_action", "text" => GetMessage("WD_ERROR_BAD_ACTION")); } else { if ($arElement["LOCK_STATUS_BP"] == "red") { $arError[] = array("id" => "locked", "text" => GetMessage("WD_FILE_ERROR107")); } elseif ($arElement["LOCK_STATUS"] == "red" && ($action != "unlock" || $arElement["SHOW"]["UNLOCK"] != "Y")) { $arError[] = array("id" => "locked", "text" => str_replace(array("#ID#", "#DATE#"), array($arElement["locked_by"], $arElement["date_lock"]), GetMessage("WD_ERROR_ELEMENT_LOCKED"))); } elseif ($this->check_creator && $arElement["CREATED_BY"] != $GLOBALS["USER"]->GetID()) { $arError[] = array("id" => "bad_author", "text" => GetMessage("WD_FILE_ERROR108")); } elseif ($this->workflow == "workflow") { $arWorkFlow = array("LAST_ID" => CIBlockElement::WF_GetLast($arElement["item_id"])); $arWorkFlow["STATUS_ID"] = CIBlockElement::WF_GetCurrentStatus($arWorkFlow["LAST_ID"], $arWorkFlow["STATUS_TITLE"]); $arWorkFlow["STATUS_PERMISSION"] = CIBlockElement::WF_GetStatusPermission($arWorkFlow["STATUS_ID"]); if ($arWorkFlow["STATUS_ID"] > 1 && $arWorkFlow["STATUS_PERMISSION"] < 2) { $arError[] = array("id" => "bad_wf_status_permission", "text" => GetMessage("WD_FILE_ERROR109")); } } elseif ($this->workflow == 'bizproc') { $documentId = $this->wfParams['DOCUMENT_TYPE']; $documentId[2] = $arElement["item_id"]; $arDocumentStates = CBPDocument::GetDocumentStates($this->wfParams['DOCUMENT_TYPE'], $documentId); $arUserGroups = $this->USER["GROUPS"]; if ($arElement["CREATED_BY"] == $GLOBALS["USER"]->GetID()) { $arUserGroups[] = "Author"; } if (!CBPDocument::CanUserOperateDocument(CBPCanUserOperateOperation::WriteDocument, $GLOBALS["USER"]->GetID(), $documentId, array("IBlockPermission" => $this->permission, "AllUserGroups" => $arUserGroups, "DocumentStates" => $arDocumentStates))) { $arError[] = array("id" => "bad_bizproc_permision", "text" => GetMessage("WD_ACCESS_DENIED")); } } } } $arErrors[$static_id] = $arError; } if (empty($arError)) { $e = new CAdminException($arError); $this->LAST_ERROR = $e->GetString(); if ($this->LAST_ERROR == '<br>') { $this->LAST_ERROR = ''; } return true; } else { $e = new CAdminException($arError); $this->LAST_ERROR = $e->GetString(); if ($this->LAST_ERROR == '<br>') { $this->LAST_ERROR = ''; } return false; } }
public static function checkFormValues($arItem) { self::$arErrors = array(); $boolFeatureSet = CBXFeatures::IsFeatureEnabled('CatCompleteSet'); if (!$boolFeatureSet) { return true; } self::$arSrcValues[self::$strMainPrefix] = array(); self::$arCheckValues[self::$strMainPrefix] = array(); if (isset($_POST[self::$strMainPrefix]) && is_array($_POST[self::$strMainPrefix])) { CCatalogProductSet::disableShowErrors(); self::$arSrcValues[self::$strMainPrefix] = $_POST[self::$strMainPrefix]; foreach (self::$arSrcValues[self::$strMainPrefix] as $key => $arOneSet) { $boolNew = 0 >= (int) $key; $arSaveSet = array('TYPE' => self::$intTypeID, 'ITEM_ID' => $arItem['PRODUCT_ID'], 'ACTIVE' => 'Y', 'ITEMS' => array()); if (CCatalogProductSet::TYPE_SET == self::$intTypeID) { foreach ($arOneSet['ITEMS'] as $keyItem => $arOneItem) { if ('Y' == $arOneItem['DEL']) { continue; } $arOneItem['DISCOUNT_PERCENT'] = trim($arOneItem['DISCOUNT_PERCENT']); $arSaveItem = array('ITEM_ID' => $arOneItem['ITEM_ID'], 'QUANTITY' => $arOneItem['QUANTITY'], 'DISCOUNT_PERCENT' => '' == $arOneItem['DISCOUNT_PERCENT'] ? false : $arOneItem['DISCOUNT_PERCENT'], 'SORT' => $arOneItem['SORT']); $arSaveSet['ITEMS'][] = $arSaveItem; } } else { foreach ($arOneSet['ITEMS'] as $keyItem => $arOneItem) { if ('Y' == $arOneItem['DEL']) { continue; } $arSaveItem = array('ITEM_ID' => $arOneItem['ITEM_ID'], 'QUANTITY' => $arOneItem['QUANTITY'], 'SORT' => $arOneItem['SORT']); if ($arSaveItem['QUANTITY'] == '') { $arSaveItem['QUANTITY'] = 1; } $arSaveSet['ITEMS'][] = $arSaveItem; } } $arTestSet = $arSaveSet; $boolCheck = $boolNew ? CCatalogProductSet::checkFields('TEST', $arTestSet, 0) : CCatalogProductSet::checkFields('UPDATE', $arTestSet, $key); if (!$boolCheck) { $ex = new CAdminException(CCatalogProductSet::getErrors()); self::$arErrors[$key] = $ex->GetString(); } else { self::$arCheckValues[self::$strMainPrefix][$key] = $arSaveSet; } break; } CCatalogProductSet::enableShowErrors(); return empty(self::$arErrors); } return true; }
$result["FILE"][$File["REAL_PICTURE"]["name"]]["number"] = $number; // Additional info about file $res_file["number"] = $i; $res_file["description"] = $arFields["PREVIEW_TEXT"]; $result["FILE_INFO"][$File["REAL_PICTURE"]["name"]] = $res_file; foreach ($File as $key => $val) { @unlink($val["tmp_name"]); } } } $bVarsFromForm = $bVarsFromForm ? $bVarsFromForm : !empty($arError); /************** Answer *********************************************/ if (!empty($arError)) { $arSavedData["status"] = "error"; $e = new CAdminException($arError); $arSavedData["error"] = $e->GetString(); } if (is_array($result["FILE"])) { foreach ($result["FILE"] as $key => $val) { $arSavedData["files"][$key] = $val; } } if ($_REQUEST["CACHE_RESULT"] == "Y" && ($handle = fopen($sTmpPath, "wb+"))) { $written = fwrite($handle, serialize($arSavedData)); fclose($handle); } $uploader = $arSavedData; $uploader["status"] = !empty($uploader["status"]) ? $uploader["status"] : "success"; $uploader["error"] = trim($uploader["error"]); $uploader["files"] = is_array($uploader["files"]) ? $uploader["files"] : array(); $uploader["section_id"] = $arParams["SECTION_ID"];
$arResult["TOPIC"] = $res; } } /************** Permission *****************************************/ if (empty($arError)) { if ($arParams["MESSAGE_TYPE"] == "NEW" && !CForumTopic::CanUserAddTopic($arParams["FID"], $USER->GetUserGroupArray(), $USER->GetID(), $arResult["FORUM"], $arParams["PERMISSION"])) { $arError[] = array("id" => "user cannot add topic", "text" => GetMessage("F_NO_NPERMS")); } elseif ($arParams["MESSAGE_TYPE"] == "EDIT" && !CForumMessage::CanUserUpdateMessage($arParams["MID"], $USER->GetUserGroupArray(), $USER->GetID(), $arParams["PERMISSION"])) { $arError[] = array("id" => "user cannot edit message", "text" => GetMessage("F_NO_EPERMS")); } elseif ($arParams["MESSAGE_TYPE"] == "REPLY" && !CForumMessage::CanUserAddMessage($arParams["TID"], $USER->GetUserGroupArray(), $USER->GetID(), $arParams["PERMISSION"])) { return false; } } if (!empty($arError)) { $e = new CAdminException($arError); $res = $e->GetString(); ShowError($res); return false; } /******************************************************************** /Main Data & Permissions ********************************************************************/ /******************************************************************** Data ********************************************************************/ $_REQUEST["FILES"] = is_array($_REQUEST["FILES"]) ? $_REQUEST["FILES"] : array(); $_REQUEST["FILES_TO_UPLOAD"] = is_array($_REQUEST["FILES_TO_UPLOAD"]) ? $_REQUEST["FILES_TO_UPLOAD"] : array(); $arParams["USER_FIELDS"] = is_array($arParams["USER_FIELDS"]) ? $arParams["USER_FIELDS"] : ($arParams["USER_FIELDS"] ? array($arParams["USER_FIELDS"]) : array()); if (IsModuleInstalled("webdav") || IsModuleInstalled("disk")) { $arParams["USER_FIELDS"][] = "UF_FORUM_MESSAGE_DOC"; }