_username = $username; $this->_password = $password; if ($iponly){ $this->_password = 'iponly:'.$_SERVER['REMOTE_ADDR']; } $this->_checkIp = $iponly; } public function authenticate() { $adressIp = $_SERVER['REMOTE_ADDR']; require_once 'Scores/WsScores.php'; $ws = new WsScores($this->_username, $this->_password); $InfosLogin = $ws->getInfosLogin($this->_username, $adressIp); $identity = new stdClass(); $identity->username = $this->_username; $identity->password = $this->_password; $identity->email = $InfosLogin->result->email; $identity->profil = $InfosLogin->result->profil; $identity->pref = $InfosLogin->result->pref; $identity->droits = $InfosLogin->result->droits; $identity->droitsClients = $InfosLogin->result->droitsClients; $identity->nom = $InfosLogin->result->nom; $identity->prenom = $InfosLogin->result->prenom; $identity->tel = $InfosLogin->result->tel; $identity->fax = $InfosLogin->result->fax; $identity->mobile = $InfosLogin->result->mobile; $identity->id = $InfosLogin->result->id; $identity->idClient = $InfosLogin->result->idClient; $identity->reference = $InfosLogin->result->reference; $identity->nbReponses = $InfosLogin->result->nbReponses; $identity->typeScore = $InfosLogin->result->typeScore; $identity->dateValidation = $InfosLogin->result->dateValidation; $identity->nombreConnexions = $InfosLogin->result->nombreConnexions; $identity->dateDerniereConnexion = $InfosLogin->result->dateDerniereConnexion; $identity->dateDebutCompte = $InfosLogin->result->dateDebutCompte; $identity->dateFinCompte = $InfosLogin->result->dateFinCompte; $identity->acceptationCGU = $InfosLogin->result->acceptationCGU; $identity->ip = $adressIp; $identity->modeEdition = false; $timeout = (!empty($InfosLogin->result->timeout)) ? $InfosLogin->result->timeout : $this->_timeout; $identity->timeout = $timeout; $identity->time = time() + $timeout; $lang = in_array($InfosLogin->result->lang, array('fr','en')) ? $InfosLogin->result->lang : 'fr'; $identity->lang = $lang; $identity->langtmp = $lang; /* * Adresse Ip interdites */ $ipInterdites = '81.252.88.0-81.252.88.7' // CTE D AGGLOMERATION DE SOPHIA . ';' . '195.200.187.163' // PacWan . ';' . '213.11.81.41' // Verizon France SAS . ';' . '83.206.171.252' // FR-BASE-D-INFORMATIONS-LEGALES-BI . ';' . '81.255.32.139' . ';' . '212.155.191.1*' // Satair A/S . ';' . '217.70.1*.17' // OJSC "Sibirtelecom" . ';' . '212.37.196.156' // GENERALE-MULTIMEDIA-SUD . ';' . '80.245.60.121' // Planete Marseille - Mailclub . ';' . '213.246.57.101' // IKOULA . ';' . '193.104.158.0-193.104.158.255' // Altares.fr . ';' . '195.6.3.0-195.6.3.255' // ORT . ';' . '217.144.112.0-217.144.116.63' // Coface ; if ( $this->checkPlagesIp($ipInterdites, $adressIp) ) { return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_UNCATEGORIZED, $identity); } // Renvoi if ( is_string($InfosLogin) || $InfosLogin->error->errnum!=0){ $message = $InfosLogin; return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID, $identity, array($message)); } elseif ($this->_username == $InfosLogin->result->login) { return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $identity); } else { return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_UNCATEGORIZED, $identity); } } /** * Controle si une adresse IP est dans une liste des IP communiquées sous la forme 192.168.3.5-192.68.3.10;192.168.3.*;192.168.3.10 * @param string $strPlageIP La plage d'adresses IP * @param string $adresseIP L'adresse IP à tester */ protected function checkPlagesIp($strPlageIP, $adresseIP) { $connected = false; $tabIpAllowed = explode(';', trim($strPlageIP)); if (count($tabIpAllowed)==1 && $tabIpAllowed[0]=='') $tabIpAllowed = array(); foreach ($tabIpAllowed as $ip) { $tabPlages = explode('-', $ip); // C'est une plage d'adresse '-' if (isset($tabPlages[1])) $connected = $this->in_plage($tabPlages[0],$tabPlages[1],$adresseIP); else { // C'est une adresse avec ou sans masque '*' if (preg_match('/^'.str_replace('*','.*',str_replace('.','\.',$ip)).'$/', $adresseIP) ) $connected=true; } if ($connected) break; } if (count($tabIpAllowed)==0) return false; elseif (!$connected) { return false; } return true; } /** * Enter description here ... * @param unknown_type $plage_1 * @param unknown_type $plage_2 * @param unknown_type $ip * @return boolean */ protected function in_plage($plage_1,$plage_2,$ip) { $ip2 = $this->getIpNumber($ip); if ($ip2>=$this->getIpNumber($plage_1) && $ip2<=$this->getIpNumber($plage_2)) return true; else return false; } /** * Converti une IP en nombre * @param string $ip Adresse IP * @return integer */ protected function getIpNumber($ip) { $tab=explode('.', $ip); return (($tab[0]*256*256*256) + ($tab[1]*256*256) + ($tab[2]*256) + ($tab[3])); } }