<?php
/*
if (maintenanceMode()) {
	require_once 'maintenance.php';
	exit;
}
*/
$cle_cookie = 'sdjglsdkhmsoL68';

// Connection Login/IP
if (isset($_REQUEST['checkIp']) && $_REQUEST['checkIp'] == 'only') {
    if (trim($_REQUEST['login']) == '') {
        $message = "Erreur 10300 : ".
            "Identifiant de connexion et/ou mot de passe incorrect !";
        include('./pages/logout.php');
        die();
    }
    // Affectation login et hach
    $login = $_REQUEST['login'];
    $hach  = 'iponly:'.$_SERVER['REMOTE_ADDR'];
} else if (isset($_SESSION['connected']) && $_SESSION['connected'] == true &&
           (isset($_REQUEST['action']) == false ||
            ($_REQUEST['action'] != 'logout' &&
             $_REQUEST['action'] != 'logon'))) {
    // Vérification SESSION
    // On vérifie la validité de la session
    $tabInfo=$_SESSION['tabInfo'];
    $firephp->log($tabInfo,'tabInfo');

    // Gestion du timeout de session
    if (isset($tabInfo['timeout']) && !empty($tabInfo['timeout'])){
    	$timeout = $tabInfo['timeout'];
    } else {
    	$timeout = 1800;
    }
    if(ENVIRONNEMENT == 'DEV'){ $timeout = 36000; }

    if ($tabInfo['date_last_action'] + $timeout < time()) {
        $message = "Vous avez été déconnecté de l'extranet".
            " suite à un délai d'inactivité trop long (1)";
        include('./pages/logout.php');
    }
    // On met à jour l'heure de la dernière action
    $tabInfo['date_last_action'] = time();
    $_SESSION['tabInfo'] = $tabInfo;

    // Affectation login et hach
    $login = $_SESSION['tabInfo']['login'];
    ((isset($_REQUEST['checkIp']) && $_REQUEST['checkIp'] == 'only') ||
     (isset($_REQUEST['hach'])    && strstr($hach, 'iponly:') != false)) ?
        ($hach = 'iponly:'.$_SERVER['REMOTE_ADDR']) :
        ($hach = $_SESSION['tabInfo']['password']);
} else if ($_REQUEST['action'] == 'logon' &&
           (trim($_REQUEST['login']) != '' && trim($_REQUEST['hach']) != '')) {
    // Demande de connexion
    // Le mot de passe doit être vide
    if ($_REQUEST['pass'] != '') {
        afficheErreur('Erreur 10005 : Connexion impossible !');
    }
    //Erreur javascript
    if( !isset($_REQUEST['hach']) )
    {
		$message = "Le JavaScript semble être désactivé sur votre navigateur ".
			"Internet.<br/>Contacter votre administrateur.";
		include('./pages/logout.php');
		exit;
    }

    // Affectation login et hach
    $login = $_REQUEST['login'];
    $hach  = $_REQUEST['hach'];
} else if ($_REQUEST['action'] == 'logout') {
    // Force la déconnexion
    include('./pages/logout.php');
    die();
} else if ($page != 'main' && $_REQUEST['action'] != 'logon') {
    $message = "Vous avez été déconnecté de l'extranet".
        " suite à un délai d'inactivité trop long (2)";
    include('./pages/logout.php');
}

$firephp->log($login, 'login');
$firephp->log($hach, 'hach');

//Déclation du client Soap auprès du webservice
$client = new SoapClient( null, array(
	'trace'			=> 1,
	'soap_version'	=> SOAP_1_1,
	'location'		=> WEBSERVICE_URL,
	'uri'			=> WEBSERVICE_URI,
	'login'			=> $login,
	'password'		=> $hach
));

if ((isset($_REQUEST['action']) && $_REQUEST['action'] == 'logon') ||
    $_SESSION['connected'] == false) {
    $secureLocal = md5(date('Ymd') .
                       $_SERVER['REMOTE_ADDR'] .
                       $_SERVER['HTTP_USER_AGENT']);
    $secureDist = $_REQUEST['secure'];
    $cookieSecure = $secureLocal.'/'.md5($cle_cookie);
    $tab = unserialize(@file_get_contents('/tmp/sd_'.$secureLocal.'.tmp'));

    $tabIpInterdites = array(
                             '81.252.88.*',
                             '195.200.187.163',
                             '213.11.81.41',
                             '83.206.171.252',
                             '81.255.32.139',
                             '212.155.191.1*',
                             '217.70.1*.17',
                             '212.37.196.156',
                             '80.245.60.121',
                             '213.246.57.101',
                             //'88.178.249.67',
                             );
    foreach ($tabIpInterdites as $ip) {
        if (preg_match('/^'.
                       str_replace('*', '.*', str_replace('.','\.',$ip)).
                       '$/', $_SERVER['REMOTE_ADDR'])) {
            afficheErreur('Erreur 10105 : Connexion impossible !');
        }
    }

    // Récupération des infos si pas de session
    try	{
    	$adressIp = $_SERVER['REMOTE_ADDR'];
    	$O = $client->getInfosLogin($login, $adressIp);
        $user = $O['result'];
        $firephp->log($user,'result');
        if ($user['connected'] == true) {
            $tabInfo['login']            = $login;
            $tabInfo['password']         = $hach;
            $tabInfo['email']            = $user['email'];
            $tabInfo['ip']               = $adressIp;
            $tabInfo['host']             = gethostbyaddr($tabInfo['ip']);
            if (isset($_REQUEST['resolution'])) {
                $tabInfo['resolution']   = $_REQUEST['resolution'];
            } else {
                $tabInfo['resolution']   = '1280*800';  // Duplique' de index.php
            }
            if (isset($_REQUEST['nbcolors'])) {
                $tabInfo['nbcolors']     = $_REQUEST['nbcolors'];
            } else {
                $tabInfo['nbcolors']     = 16;          // Duplique' de index.php
            }
            $tabInfo['user_agent']       = $tab['client_ua'];
            $tabInfo['referer1']         = $tab['client_referer'];
            $tabInfo['referer2']         = $_SERVER['HTTP_REFERER'];
            $tabInfo['referer_login']    = $_SERVER['HTTP_REFERER'];
            $tabInfo['date_page_www']    = $tab['client_connexion'];
            $tabInfo['date_login']       = time();
            $tabInfo['date_last_action'] = time();
            $tabInfo['nbReponses']       = $user['nbReponses'];
            $tabInfo['cookie_client']    = md5('login'.$cookieSecure);
            $tabInfo['mode_edition']     = 0;
            $tabInfo['profil']           = $user['profil'];
            $tabInfo['pref']             = $user['pref'];
            $tabInfo['droits']           = $user['droits'];
            $tabInfo['nom']              = $user['nom'];
            $tabInfo['prenom']           = $user['prenom'];
            $tabInfo['id']               = $user['id'];
            $tabInfo['idClient']         = $user['idClient'];
            $tabInfo['reference']        = $user['reference'];
            $tabInfo['typeScore']        = $user['typeScore'];
            $tabInfo['timeout']			 = $user['timeout'];

            $_SESSION['connected'] = true;
            $_SESSION['tabInfo']   = $tabInfo;

            logAction($tabInfo['login'],
                      isset($page) ? $page : '',
                      isset($_REQUEST['siret']) ?  $_REQUEST['siret'] : '',
                      $tabInfo['ip'],
                      $tabInfo['host'],
                      $tabInfo['resolution'],
                      $tabInfo['nbcolors'],
                      $tabInfo['user_agent'],
                      $tabInfo['referer1'],
                      gmdate('Y/m/d H:i:s',
                             $tabInfo['date_login']+3600),
                      gmdate('Y/m/d H:i:s',
                             $tabInfo['date_last_action']+3600),
                      implode(', ',$_REQUEST)
                      );
        }
		//Erreur renvoyé par le webservice
		elseif ($O['error']['errnum']!=0)
		{
			$message = 'Erreur '.
				$O['error']['errnum'] .' : '.
				$O['error']['errmsg'];

			if($O['error']['errnum']=='10301' && $login=='rsipdll')
			{
				$message.= '<br/>Pour tout problème technique, '.
				'contactez le service support par téléphone au 01.48.00.04.52 '.
				'ou par mail à <a href="mailto:support@scores-decisions.com">'.
				'support@scores-decisions.com</a>';
			}
			include('./pages/logout.php');
			logAction(
				$tabInfo['login'],
				$page,
				$_REQUEST['siret'],
				$tabInfo['ip'],
				$tabInfo['host'],
				$tabInfo['resolution'],
				$tabInfo['nbcolors'],
				$tabInfo['user_agent'],
				$tabInfo['referer1'],
				gmdate('Y/m/d H:i:s',$tabInfo['date_login']+3600),
				gmdate('Y/m/d H:i:s',$tabInfo['date_last_action']+3600),
				implode(', ',$_REQUEST)
			);
			die();
		}
		else
		{
			$message="Erreur 10302 : ".
				"Identifiant de connexion et/ou mot de passe incorrect !";
			include('./pages/logout.php');
			logAction(
				$tabInfo['login'],
				$page,
				$_REQUEST['siret'],
				$tabInfo['ip'],
				$tabInfo['host'],
				$tabInfo['resolution'],
				$tabInfo['nbcolors'],
				$tabInfo['user_agent'],
				$tabInfo['referer1'],
				gmdate('Y/m/d H:i:s',$tabInfo['date_login']+3600),
				gmdate('Y/m/d H:i:s',$tabInfo['date_last_action']+3600),
				implode(', ',$_REQUEST)
			);
			die();
		}
	}
	//Erreur SOAP
	catch (SoapFault $fault)
	{
		//maintenanceMode(true);
		
		if($fault->faultcode!='900')
		{
			require_once 'soaperror.php';
			processSoapFault($client,$fault,$tabInfo);
		}

		$message = "Erreur 10301 : ".
			"Identifiant de connexion et/ou mot de passe incorrect !";

		if($login=='rsipdll')
		{
			$message.= '<br/>Pour tout problème technique, '.
				'contactez le service support par téléphone au 01.48.00.04.52 '.
				'ou par mail à <a href="mailto:support@scores-decisions.com">'.
				'support@scores-decisions.com</a>';
		}

		include('./pages/logout.php');
	    die();
	}
}

?>