if (StrLen($arResult["FatalError"]) <= 0) {
$dbUser = CUser::GetByID($arParams["USER_ID"]);
$arResult["User"] = $dbUser->GetNext();
$arTmpUser = array('NAME' => $arResult["User"]["~NAME"], 'LAST_NAME' => $arResult["User"]["~LAST_NAME"], 'SECOND_NAME' => $arResult["User"]["~SECOND_NAME"], 'LOGIN' => $arResult["User"]["~LOGIN"]);
if (!is_array($arResult["User"])) {
$arResult["FatalError"] = GetMessage("SONET_P_USER_NO_USER") . ". ";
}
}
if (StrLen($arResult["FatalError"]) <= 0) {
if ($arParams["SET_TITLE"] == "Y") {
$arParams["TITLE_NAME_TEMPLATE"] = str_replace(array("#NOBR#", "#/NOBR#"), array("", ""), $arParams["NAME_TEMPLATE"]);
$strTitleFormatted = CUser::FormatName($arParams['TITLE_NAME_TEMPLATE'], $arTmpUser, $bUseLogin);
$APPLICATION->SetTitle($strTitleFormatted . ": " . GetMessage("SONET_C50_PAGE_TITLE"));
}
$arResult["User"]["NAME_FORMATTED"] = CUser::FormatName($arParams['NAME_TEMPLATE'], $arTmpUser, $bUseLogin);
$arResult["CurrentUserPerms"] = CSocNetUserPerms::InitUserPerms($GLOBALS["USER"]->GetID(), $arResult["User"]["ID"], CSocNetUser::IsCurrentUserModuleAdmin());
if ($arResult["CurrentUserPerms"]["IsCurrentUser"]) {
$arResult["FatalError"] = GetMessage("SONET_C50_SELF") . ". ";
}
if (!$arResult["CurrentUserPerms"]["Operations"]["message"]) {
$arResult["FatalError"] = GetMessage("SONET_C50_NO_PERMS") . ". ";
}
}
if (StrLen($arResult["FatalError"]) <= 0) {
$arResult["Urls"]["User"] = CComponentEngine::MakePathFromTemplate($arParams["PATH_TO_USER"], array("user_id" => $arResult["User"]["ID"]));
$arResult["Urls"]["UserMessages"] = CComponentEngine::MakePathFromTemplate($arParams["PATH_TO_MESSAGES_USERS_MESSAGES"], array("user_id" => $arResult["User"]["ID"]));
$arResult["Urls"]["VideoCall"] = CComponentEngine::MakePathFromTemplate($arParams["PATH_TO_VIDEO_CALL"], array("user_id" => $arResult["User"]["ID"]));
if (!CModule::IncludeModule("video")) {
$arResult["CurrentUserPerms"]["Operations"]["videocall"] = false;
}
$arResult["IS_ONLINE"] = $arResult["User"]["IS_ONLINE"] == "Y";
} elseif ($arEvents["EVENT_ID"] == "blog_post_micro") {
if (!array_key_exists("microblog", $arSocNetFeaturesSettings) || !CSocNetFeaturesPerms::CanPerformOperation($GLOBALS["USER"]->GetID(), SONET_ENTITY_GROUP, $arEvents["ENTITY_ID"], "blog", "view_post", $bCurrentUserIsAdmin)) {
continue;
}
} elseif ($arEvents["EVENT_ID"] == "blog_comment") {
if (!array_key_exists("blog", $arSocNetFeaturesSettings) || !CSocNetFeaturesPerms::CanPerformOperation($GLOBALS["USER"]->GetID(), SONET_ENTITY_GROUP, $arEvents["ENTITY_ID"], "blog", "view_comment", $bCurrentUserIsAdmin)) {
continue;
}
} else {
if (!array_key_exists($arEvents["EVENT_ID"], $arSocNetFeaturesSettings) || !CSocNetFeaturesPerms::CanPerformOperation($GLOBALS["USER"]->GetID(), SONET_ENTITY_GROUP, $arEvents["ENTITY_ID"], $arEvents["EVENT_ID"], $arSocNetFeaturesSettings[$arEvents["EVENT_ID"]]["minoperation"][0], $bCurrentUserIsAdmin)) {
continue;
}
}
$path2Entity = CComponentEngine::MakePathFromTemplate($arParams["PATH_TO_GROUP"], array("group_id" => $arEvents["ENTITY_ID"]));
} else {
$arCurrentUserPerms = CSocNetUserPerms::InitUserPerms($GLOBALS["USER"]->GetID(), $arEvents["ENTITY_ID"], $bCurrentUserIsAdmin);
if ($arEvents["EVENT_ID"] == "system") {
if (!$arCurrentUserPerms["Operations"]["viewprofile"]) {
continue;
}
} elseif ($arEvents["EVENT_ID"] == "system_friends") {
if (!$arCurrentUserPerms["Operations"]["viewfriends"] || !$arResult["CurrentUserPerms_UserID"]["Operations"]["viewfriends"]) {
continue;
}
} elseif ($arEvents["EVENT_ID"] == "system_groups") {
if (!$arCurrentUserPerms["Operations"]["viewgroups"]) {
continue;
}
} elseif ($arEvents["EVENT_ID"] == "blog_post") {
if (!array_key_exists("blog", $arSocNetFeaturesSettings) || !CSocNetFeaturesPerms::CanPerformOperation($GLOBALS["USER"]->GetID(), SONET_ENTITY_USER, $arEvents["ENTITY_ID"], "blog", "view_post", $bCurrentUserIsAdmin)) {
continue;
echo CUtil::PhpToJsObject(array('ERROR' => 'USER_ID_NOT_DEFINED'));
die;
} else {
$rsUser = CUser::GetByID($user_id);
$arUser = $rsUser->Fetch();
if (!$arUser) {
echo CUtil::PhpToJsObject(array('ERROR' => 'USER_ID_NOT_DEFINED'));
die;
}
}
if (!is_array($arFriendID) || count($arFriendID) <= 0) {
echo CUtil::PhpToJsObject(array('ERROR' => 'FRIEND_ID_NOT_DEFINED'));
die;
}
if (check_bitrix_sessid()) {
$arCurrentUserPerms = CSocNetUserPerms::InitUserPerms($GLOBALS["USER"]->GetID(), $arUser["ID"], CSocNetUser::IsCurrentUserModuleAdmin());
if (!$arCurrentUserPerms || !$arCurrentUserPerms["IsCurrentUser"]) {
echo CUtil::PhpToJsObject(array('ERROR' => 'USER_NO_PERMS'));
die;
}
if (in_array($_POST['ACTION'], array('BAN', 'UNBAN', 'EX'))) {
if ($_POST['ACTION'] == 'BAN') {
$relation_type = SONET_RELATIONS_FRIEND;
} elseif ($_POST['ACTION'] == 'UNBAN') {
$relation_type = SONET_RELATIONS_BAN;
} elseif ($_POST['ACTION'] == 'EX') {
$relation_type = SONET_RELATIONS_FRIEND;
}
$arRelationID = array();
$arRelationUserID = array();
$rsRelation = CSocNetUserRelations::GetRelatedUsers($user_id, $relation_type);
if ($bSocialNetwork && !array_key_exists("IS_ONLINE", $arParams) && $arParams["AJAX_ONLY"] != "Y" && (!array_key_exists("INLINE", $arParams) || $arParams["INLINE"] != "Y")) {
MULChangeOnlineStatus($arParams["ID"], $arParams["HTML_ID"]);
}
if ($arParams['AJAX_CALL'] == 'INFO') {
$bNeedGetUser = true;
} elseif (intval($arParams["ID"]) > 0) {
if (!array_key_exists("NAME", $arParams) || !array_key_exists("LAST_NAME", $arParams) || !array_key_exists("SECOND_NAME", $arParams) || !array_key_exists("LOGIN", $arParams)) {
$bNeedGetUser = true;
}
if ($arParams['USE_THUMBNAIL_LIST'] == "Y" && !array_key_exists("PERSONAL_PHOTO_IMG", $arParams)) {
$bNeedGetUser = true;
}
}
if ($bSocialNetwork && CModule::IncludeModule('socialnetwork')) {
if ($arParams['AJAX_CALL'] == 'INFO') {
$arResult["CurrentUserPerms"] = CSocNetUserPerms::InitUserPerms($USER->GetID(), $arParams["ID"], CSocNetUser::IsCurrentUserModuleAdmin());
} else {
$arResult["CurrentUserPerms"] = array("Operations" => array("viewprofile" => true, "videocall" => true, "message" => true));
}
if (!$bUseTooltip) {
$arResult["USE_TOOLTIP"] = false;
}
if (!CModule::IncludeModule("video")) {
$arResult["CurrentUserPerms"]["Operations"]["videocall"] = false;
} elseif (!CVideo::CanUserMakeCall()) {
$arResult["CurrentUserPerms"]["Operations"]["videocall"] = false;
}
if ($arParams['AJAX_CALL'] != 'INFO' && strlen($arParams["PROFILE_URL_LIST"]) > 0) {
// don't use PROFILE_URL in ajax call because it could be another component inclusion
$arResult["Urls"]["SonetProfile"] = $arParams["~PROFILE_URL_LIST"];
} elseif ($arParams['AJAX_CALL'] != 'INFO' && strlen($arParams["PROFILE_URL"]) > 0) {
$dbUser = CUser::GetList($by = "id", $order = "asc", $arFilter, $arListParams);
$arResult["User"] = $dbUser->GetNext();
} else {
$dbUser = CUser::GetByID($arParams["ID"]);
$arResult["User"] = $dbUser->GetNext();
if (!IsModuleInstalled("intranet") && $arResult["User"]["ACTIVE"] != "Y") {
$arResult["User"] = false;
}
}
if (!is_array($arResult["User"])) {
$arResult["FatalError"] = GetMessage("SONET_P_USER_NO_USER") . ". ";
} else {
if (CModule::IncludeModule('extranet') && !CExtranet::IsProfileViewable($arResult["User"]) && $arResult["User"]["ID"] != $USER->GetID()) {
return false;
}
$arResult["CurrentUserPerms"] = CSocNetUserPerms::InitUserPerms($USER->GetID(), $arResult["User"]["ID"], CSocNetUser::IsCurrentUserModuleAdmin(SITE_ID, !IsModuleInstalled("bitrix24")));
if (CModule::IncludeModule('extranet') && CExtranet::IsExtranetSite()) {
$arResult["CurrentUserPerms"]["Operations"]["viewfriends"] = false;
}
if (IsModuleInstalled("im")) {
$arResult["CurrentUserPerms"]["Operations"]["message"] = true;
}
$arResult["Urls"]["User"] = CComponentEngine::MakePathFromTemplate($arParams["PATH_TO_USER"], array("user_id" => $arResult["User"]["ID"]));
$arResult["Urls"]["Edit"] = CComponentEngine::MakePathFromTemplate($arParams["PATH_TO_USER_EDIT"], array("user_id" => $arResult["User"]["ID"]));
$arResult["Urls"]["Friends"] = CComponentEngine::MakePathFromTemplate($arParams["PATH_TO_USER_FRIENDS"], array("user_id" => $arResult["User"]["ID"]));
$arResult["Urls"]["FriendsAdd"] = CComponentEngine::MakePathFromTemplate($arParams["PATH_TO_USER_FRIENDS_ADD"], array("user_id" => $arResult["User"]["ID"]));
$arResult["Urls"]["FriendsDelete"] = CComponentEngine::MakePathFromTemplate($arParams["PATH_TO_USER_FRIENDS_DELETE"], array("user_id" => $arResult["User"]["ID"]));
$arResult["Urls"]["Groups"] = CComponentEngine::MakePathFromTemplate($arParams["PATH_TO_USER_GROUPS"], array("user_id" => $arResult["User"]["ID"]));
$arResult["Urls"]["Search"] = CComponentEngine::MakePathFromTemplate($arParams["PATH_TO_SEARCH"], array());
$arResult["Urls"]["GroupsAdd"] = CComponentEngine::MakePathFromTemplate($arParams["PATH_TO_GROUP_CREATE"], array("user_id" => $arResult["User"]["ID"]));
$arResult["Urls"]["MessageForm"] = CComponentEngine::MakePathFromTemplate($arParams["PATH_TO_MESSAGE_FORM"], array("user_id" => $arResult["User"]["ID"]));
$arParams['EDITABLE_FIELDS'] = array_merge($arParams['EDITABLE_FIELDS'], array('BLOG_ALIAS', 'BLOG_DESCRIPTION', 'BLOG_INTERESTS', 'BLOG_AVATAR', 'BLOG_SIGNATURE'));
}
}
$arResult["arSocServ"] = array();
if (CModule::IncludeModule("socialservices")) {
$oAuthManager = new CSocServAuthManager();
$arResult["arSocServ"] = $oAuthManager->GetActiveAuthServices(array());
if (!empty($arResult["arSocServ"])) {
$arParams['EDITABLE_FIELDS'][] = 'SOCSERVICES';
}
}
if (in_array('TIME_ZONE', $arParams['EDITABLE_FIELDS'])) {
$arParams['EDITABLE_FIELDS'][] = 'AUTO_TIME_ZONE';
}
$arResult["urlToCancel"] = CComponentEngine::MakePathFromTemplate($arParams["PATH_TO_USER"], array("user_id" => $arParams["ID"]));
$CurrentUserPerms = CSocNetUserPerms::InitUserPerms($USER->GetID(), $arParams["ID"], CSocNetUser::IsCurrentUserModuleAdmin(SITE_ID, CModule::IncludeModule("bitrix24") && CBitrix24::IsPortalAdmin($USER->GetID()) ? false : true));
if (!$CurrentUserPerms["Operations"]["modifyuser"] || !$CurrentUserPerms["Operations"]["modifyuser_main"]) {
$arParams['ID'] = $USER->GetID();
}
$arResult["bEdit"] = $USER->CanDoOperation('edit_own_profile') || $USER->IsAdmin() ? "Y" : "N";
if ($arResult['bEdit'] != 'Y') {
$APPLICATION->AuthForm(GetMessage('SONET_P_PU_NO_RIGHTS'));
}
$dbUser = CUser::GetByID($arParams["ID"]);
$arResult["User"] = $dbUser->GetNext();
if ($arResult['User']['EXTERNAL_AUTH_ID']) {
foreach ($arParams['EDITABLE_FIELDS'] as $key => $value) {
if ($value == 'LOGIN' || $value == 'PASSWORD') {
unset($arParams['EDITABLE_FIELDS'][$key]);
}
}
<?php
define("NOT_CHECK_PERMISSIONS", true);
require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_before.php";
IncludeModuleLangFile(__FILE__);
if (!CModule::IncludeModule("socialnetwork")) {
return;
}
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["active"]) && in_array($_POST["active"], array("D", "Y", "N")) && check_bitrix_sessid()) {
$userId = intval($_POST["user_id"]);
$res = false;
$canEdit = $USER->CanDoOperation('edit_own_profile') || $USER->IsAdmin() ? "Y" : "N";
$CurrentUserPerms = CSocNetUserPerms::InitUserPerms($USER->GetID(), $userId, CSocNetUser::IsCurrentUserModuleAdmin($_POST["site_id"], CModule::IncludeModule("bitrix24") && CBitrix24::IsPortalAdmin($USER->GetID()) ? false : true));
if ($CurrentUserPerms["Operations"]["modifyuser_main"] && $canEdit == 'Y' && $userId != $USER->GetID()) {
switch ($_POST["active"]) {
case "D":
$res = $USER->Delete($userId);
break;
case "Y":
case "N":
$res = $USER->Update($userId, array("ACTIVE" => $_POST["active"]));
break;
}
}
$arJsonData = array();
if ($res) {
$arJsonData["success"] = "Y";
} else {
$arJsonData["error"] = GetMessage("INTR_ISP_DELETE_ERROR_" . $_POST["active"]);
if ($USER->LAST_ERROR) {
$arJsonData["error"] .= "<br/>" . $USER->LAST_ERROR;
