= 0)) { $tr = (SESSION_LAST - $dateDiff) - 30 ; $reste = round($tr/60); if ($reste > 1) { $GLOBALS["finSession"] = $reste . " minutes"; } else if ($reste == 1) { $GLOBALS["finSession"] = $reste . " minute"; } else if ($reste < 1) { $GLOBALS["finSession"] = (SESSION_LAST - $dateDiff) . " secondes"; } $checkToken["token"] = 1; $checkToken["drt"] = $tab[1]; } else { $checkToken["token"] = 0; $req = "update cnx set stt='0' where tkn='".$tkn."' "; $res = mysql_query($req, $GLOBALS["cnx"]); } //$checkToken["token"] = 1; //$checkToken["drt"] = $tab[1]; } else if ($num==0) { $checkToken["token"] = -1; $checkToken["drt"] = 0; } else { $checkToken["token"] = -2; $checkToken["drt"] = 0; } return $checkToken; } //######################################################################################################################################## // getUserInfos : Récupère les informations personnelles de l'utilisateur function getUserInfos($tkn) { $req="select usr.id_usr, usr.firstname, usr.name as usrName, usr.dev, drt.label as drtLabel, ent.id_ent, ent.name as entName from usr,cnx,drt,ent where cnx.tkn='$tkn' and cnx.id_usr=usr.id_usr and drt.drt=usr.drt and ent.id_ent=usr.id_ent"; $res = mysql_query($req, $GLOBALS["cnx"]); $num = mysql_num_rows($res); $tab = mysql_fetch_object($res); if ($num==1) { $getUserInfos["firstName"] = $tab->firstname; $getUserInfos["name"] = $tab->usrName; $getUserInfos["drtLabel"] = $tab->drtLabel; $getUserInfos["idUsr"] = $tab->id_usr; $getUserInfos["idEnt"] = $tab->id_ent; $getUserInfos["ent"] = $tab->entName; $getUserInfos["dev"] = $tab->dev; } else { $getUserInfos["firstName"] = ""; $getUserInfos["name"] = ""; $getUserInfos["drtLabel"] = ""; $getUserInfos["idUsr"] = ""; $getUserInfos["idEnt"] = ""; $getUserInfos["ent"] = ""; $getUserInfos["dev"] = 0; } return $getUserInfos; } //######################################################################################################################################## // checkAuth : Vérifie l'authentification et renvoie un tableau contenant les infos de l'utilisateur function checkAuth() { if (isset($_REQUEST["tkn"])) { $tokenInfos = checkToken($_REQUEST["tkn"]); settype($tokenInfos["drt"], "integer"); switch ($tokenInfos["token"]) { case 0: // Session expiree $infos["validity"] = 0; $infos["token"] = ""; $infos["idUsr"] = ""; $infos["name"] = ""; $infos["firstName"] = ""; $infos["drt"] = 0; $infos["drtLabel"] = ""; $infos["idEnt"] = ""; $infos["ent"] = ""; $infos["dev"] = ""; break; case 1: // le token est valide $userInfos = getUserInfos($_REQUEST["tkn"]); $infos["validity"] = 1; $infos["token"] = $_REQUEST["tkn"]; $infos["idUsr"] = $userInfos["idUsr"]; $infos["name"] = $userInfos["name"]; $infos["firstName"] = $userInfos["firstName"]; $infos["drt"] = $tokenInfos["drt"]; $infos["drtLabel"] = $userInfos["drtLabel"]; $infos["idEnt"] = $userInfos["idEnt"]; $infos["ent"] = $userInfos["ent"]; $infos["dev"] = $userInfos["dev"]; break; default: // le token n'est plus valide $infos["validity"] = $tokenInfos["token"]; $infos["token"] = ""; $infos["idUsr"] = ""; $infos["name"] = ""; $infos["firstName"] = ""; $infos["drt"] = $tokenInfos["drt"]; $infos["drtLabel"] = ""; $infos["idEnt"] = ""; $infos["ent"] = ""; $infos["dev"] = 0; break; } } else if (isset($_POST["login"]) && isset($_POST["pwd"])) { $l = $_POST["login"]; $p = $_POST["pwd"]; $req = "SELECT usr.id_usr, usr.drt, usr.name as usrName, usr.firstname, usr.dev, usr.dateexp, drt.label as drtLabel, ca_agences.id_agence, ca_agences.nom_agence as entName FROM usr, drt, ca_agences WHERE (usr.login='$l' AND usr.pwd='$p' AND usr.del='0' AND drt.drt=usr.drt AND ca_agences.id_agence=usr.id_ent AND usr.dateexp > '".datetime(0)."' )"; //echo "
  • Q = ".$req; $res = mysql_query($req, $GLOBALS["cnx"]); $num = mysql_num_rows($res); if ($num == 1) { // Authentification réussie $tab = mysql_fetch_object($res); $d = dateTime(0); $token = trace($tab->id_usr, $tab->usrName, $d, $tab->drt); $infos["validity"] = 1; $infos["token"] = $token; settype($tab->drt, "integer"); $infos["idUsr"] = $tab->id_usr; $infos["name"] = $tab->usrName; $infos["firstName"] = $tab->firstname; $infos["drt"] = $tab->drt; $infos["drtLabel"] = $tab->drtLabel; $infos["idEnt"] = $tab->id_agence; $infos["ent"] = $tab->entName; $infos["dev"] = $tab->dev; } else { // Authentification échouée $tab = mysql_fetch_object($res); if ($tab->dateexp < datetime(0) ) { $infos["validity"] = -5; } else { $infos["validity"] = -3; } $infos["token"] = ""; $infos["idUsr"] = ""; $infos["name"] = ""; $infos["firstName"] = ""; $infos["drt"] = 0; $infos["drtLabel"] = ""; $infos["idEnt"] = ""; $infos["ent"] = ""; $infos["dev"] = 0; } } else { // Non authentifié $infos["validity"] = -4; $infos["token"] = ""; $infos["idUsr"] = ""; $infos["name"] = ""; $infos["firstName"] = ""; $infos["drt"] = 0; $infos["drtLabel"] = ""; $infos["idEnt"] = ""; $infos["ent"] = ""; $infos["dev"] = 0; } if (DEBUG == true) { echo "
  • Droit de l'utilisateur " . $infos["firstName"] ." ". $infos["name"] ." (id_usr=".$infos["idUsr"].") = " . $infos["drtLabel"] . "
    • "; echo "
  • Token status = ".$infos["validity"]."
    • "; } // Protection des apostrophes dans les valeurs de variables transmises //echo "
  • Replace !
    • "; /* $m="'"; $r="\'"; foreach ($_POST as $key => $val) { $str = $val; echo "
  • ".$str; $_POST[$key]= ereg_replace($m, $r, $str); } */ return $infos; } //######################################################################################################################################## // dateTime : Renvoie la date complète sous différents formats function dateTime($param) { switch ($param) { case 0: $d = date("Y") . "-" . date("m") . "-" . date("d") . " " . date("H") . ":" . date("i") . ":" . date("s"); break; case 1: $d = date("d")."/".date("m")."/".date("Y")." ".date("H") . ":" . date("i") . ":" . date("s"); break; case 2: $d = date("Y") . date("m") . date("d") . date("H") . date("i") . date("s"); break; case 3: $d = date("Y") . date("m") . date("d"); break; case 4: $d = date("Y", mktime((date("H")+48),date("i"),date("s"),date("m"),date("d"),date("Y")))."-" .date("m", mktime((date("H")+48),date("i"),date("s"),date("m"),date("d"),date("Y"))) ."-" . date("d", mktime((date("H")+48),date("i"),date("s"),date("m"),date("d"),date("Y"))) ." ". date("H", mktime((date("H")+48),date("i"),date("s"),date("m"),date("d"),date("Y"))) .":". date("i", mktime((date("H")+48),date("i"),date("s"),date("m"),date("d"),date("Y"))) .":". date("s", mktime((date("H")+48),date("i"),date("s"),date("m"),date("d"),date("Y"))); break; } return $d; } //######################################################################################################################################## // dateTimePlus function dateTimePlus($param) { $tb = explode("-", $param); $a=$tb[0]; $m=$tb[1]; $tb2 = explode(" ", $tb[2]); $j=$tb2[0]; $tb3 = explode(":", $tb2[1]); $h=$tb3[0]; $min=$tb3[1]; $s=$tb3[2]; //$d = date("Y", mktime($h, $min, $s, $m, ($j+7), $a))."-".date("m", mktime($h, $min, $s, $m, ($j+7), $a))."-".date("d", mktime($h, $min, $s, $m, ($j+7), $a))." ".date("H", mktime($h, $min, $s, $m, ($j+7), $a)).":".date("i", mktime($h, $min, $s, $m, ($j+7), $a)).":".date("s", mktime($h, $min, $s, $m, ($j+7), $a)); $d = date("Y", mktime($h, $min, $s, $m, ($j+7), $a))."-".date("m", mktime($h, $min, $s, $m, ($j+7), $a))."-".date("d", mktime($h, $min, $s, $m, ($j+7), $a)); return $d; } //######################################################################################################################################## // dateTime : Months function monthText($param, $lng) { $monthText=""; if ($lng == "FR") { switch ($param) { case 1: $monthText = "janvier"; break; case 2: $monthText = "février"; break; case 3: $monthText = "mars"; break; case 4: $monthText = "avril"; break; case 5: $monthText = "mai"; break; case 6: $monthText = "juin"; break; case 7: $monthText = "juillet"; break; case 8: $monthText = "août"; break; case 9: $monthText = "septembre"; break; case 10: $monthText = "octobre"; break; case 11: $monthText = "Novembre"; break; case 12: $monthText = "Décembre"; break; } } else { switch ($param) { case 1: $monthText = "january"; break; case 2: $monthText = "february"; break; case 3: $monthText = "march"; break; case 4: $monthText = "april"; break; case 5: $monthText = "may"; break; case 6: $monthText = "june"; break; case 7: $monthText = "july"; break; case 8: $monthText = "august"; break; case 9: $monthText = "september"; break; case 10: $monthText = "october"; break; case 11: $monthText = "November"; break; case 12: $monthText = "Décember"; break; } } return $monthText; } //######################################################################################################################################## // trace : Log la connexion de l'utilisateur function trace($id, $name, $d, $drt) { $req = "select id_cnx from cnx limit 0,1"; $res = mysql_query($req, $GLOBALS["cnx"]); $tab = mysql_fetch_row($res); if ($id < 10) $id = "0".$id; $token = $id . date("H") . date("Y") . date("i") . date("m") . date("s") . date("d") ; $req = "insert into cnx values('', '$id', '$name', '$d', '$token', '$drt', '1')"; $res = mysql_query($req, $GLOBALS["cnx"]); return $token; } //######################################################################################################################################## // Vérification du format du nom des éléments uploadés (photos, documents) function checkElement($e) { $val = trim($e); $val = ereg_replace("'", "_", $val); $val = ereg_replace("°", "_", $val); $val = ereg_replace("é", "e", $val); $val = ereg_replace("è", "e", $val); $val = ereg_replace("à", "a", $val); $val = ereg_replace("ù", "u", $val); $val = ereg_replace(" ", "", $val); return $val; } //######################################################################################################################################## // Vérification du format du nom des éléments uploadés (photos, documents) function checkJSName($e) { $val = trim($e); $val = ereg_replace("'", "\'", $val); return $val; } //######################################################################################################################################## // Enleve les CDATA function cutCDATA($e) { $val = substr($e, 9, (strlen($e)-12) ); return $val; } //######################################################################################################################################## // DisplayUsrInfos function displayUsrInfos($n, $f, $co, $ca, $m) { echo "
  • Name
    		•  : ".$f." ".$n."
  • Company
    		•  : ".$co."
  • Category
    		•  : ".$ca."

    "; } //######################################################################################################################################## function makePwd() { // Ensemble des caractères utilisés pour le créer $cars="az0erty2ui3op4qs5df6gh7jk8lm9wxcvbn"; // Combien on en a mis au fait ? $wlong=strlen($cars); // Au départ, il est vide ce mot de passe ;) $wpas=""; // Combien on veut de caractères pour ce mot de passe ? $taille=6; // On initialise la fonction aléatoire srand((double)microtime()*1000000); // On boucle sur le nombre de caractères voulus for($i=0;$i<$taille;$i++){ // Tirage aléatoire d'une valeur entre 1 et wlong $wpos=rand(0,$wlong-1); // On cumule le caractère dans le mot de passe $wpas=$wpas.substr($cars,$wpos,1); // On continue avec le caractère suivant à générer } // On affiche le mot de passe (on peut le stocker quelque part...) return $wpas; } //######################################################################################################################################## function newDate($d, $j, $m, $a, $f) { $elts = explode("-", $d ); $jour = $elts[0]; $mois = $elts[1]; $an = $elts[2]; $newDate = mktime(0, 0, 0, ($mois+$m), ($jour+$j), ($an+$a) ); return date($f, $newDate); } //######################################################################################################################################## function checkIP() { $IPTABLE[0] = "80.118.33.228"; $IPTABLE[1] = "83.145.100.34"; $IPTABLE[2] = "195.101.36.35"; $IPTABLE[3] = "193.253.194.213"; $IPTABLE[4] = "217.128.36.44"; $IPTABLE[5] = "77.202.229.62"; $IPTABLE[6] = "82.232.62.191"; $IPTABLE[7] = "82.230.34.183"; $MYIP = $_SERVER['REMOTE_ADDR']; $IPCHECK = 0; for ($i=0; $i < count($IPTABLE); $i++) { if ($MYIP == $IPTABLE[$i]) $IPCHECK = 1; } return $IPCHECK; } // Variables Globale /* foreach ($GLOBALS as $key => $val) { echo "
  • ".$key." = ".$val."
    • "; } // Variables de la QueryString foreach ($_REQUEST as $key => $val) { echo "
  • ".$key." = ".$val."
    • "; } */ ?>