scores/extranet
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
70c174dc5c
extranet/www/index.php
Michael RICOIS 5e2a861076 Export PDF
2009-03-05 08:31:21 +00:00

737 lines
31 KiB
PHP
Raw Blame History

<?
// MODIF
global $fichierPdf;
function logAction($login, $page, $siret, $ip, $host, $resolution, $nbcolors, $user_agent, $referer, $date_login, $date_last_action, $request) {
if (!file_exists(PATH_LOGS.'actions.log')) {
$fp=fopen(PATH_LOGS.'actions.log', 'a');
fwrite($fp, 'Date et Heure;Login;Page;Siret;Ip;Host;Resolution;Nbcolors;User Agent;Referer;Date login;Date last action;Request'."\n");
} else {
$fp=fopen(PATH_LOGS.'actions.log', 'a');
}
fwrite($fp, date('Y/m/d H:i:s').";$login;$page;$siret;$ip;$host;$resolution;$nbcolors;$user_agent;$referer;$date_login;$date_last_action;$request\n");
fclose($fp);
}
function strWsToHtml($str) {
return $str;
}
function afficheErreur($message, $refresh=5) {
include('./pages/erreur.php');
}
function html2pdf($buffer) {
/*$body=getAvisSituation($siret, 'pdf');
header("Pragma: public");
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: must-revalidate");
header("Content-type: application/pdf");
header("Content-Length: ".strlen($body));
header('Content-disposition: inline; filename="avis-'.$siret.'.pdf"');// attachement or inline
header("Accept-Ranges: ".strlen($body));
echo $body;*/
global $fichierPdf;
$fichier='printable_'.$_REQUEST['page'].'_'.$_REQUEST['siret'].$_SERVER['REMOTE_ADDR'].'_'.date('YmdHis');
$fichierHtm = '/tmp/'.$fichier.'.htm';
$fichierPdf = PATH_DATA.'/pdf/'.$fichier.'.pdf';
$buffer=str_replace('<link rel="stylesheet" type="text/css" href="/',
'<link rel="stylesheet" type="text/css" href="'.EXTRANET_URL,$buffer);
$buffer=str_replace(' src="./',
' src="'.EXTRANET_URL,$buffer);
$buffer=str_replace(' src="/',
' src="'.EXTRANET_URL,$buffer);
$fp=fopen($fichierHtm,'w');
fwrite($fp, $buffer);
fclose($fp);
exec('/usr/bin/htmldoc -t pdf14 --size A4 --no-links --webpage --compression=1 --no-toc --pagemode document --left 1.5cm --right 1.5cm -f '.$fichierPdf.' '.$fichierHtm);
header('Content-type: application/pdf');
header('Content-Disposition: inline; filename=doc.pdf');
header('Last-Modified: '.gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: pre-check=0, post-check=0, max-age=0');
header('Pragma: anytextexeptno-cache', true);
header('Cache-control: private');
header('Expires: 0');
/*
header('Pragma: public');
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header('Cache-Control: must-revalidate');
header("Content-Type: application/pdf");
header("Content-Length: ".filesize($fichierPdf));
header('Content-Type: application/force-download');
header('Content-Disposition: attachment; filename="'.$_REQUEST['page'].'-'.$_REQUEST['siret'].'-'.date('Ymd').'.pdf"');
//header("Accept-Ranges: ".filesize($fichierPdf));
header('Accept-Ranges: bytes');
/*
header('HTTP/1.1 200 OK');
header('Status: 200 OK');
header('Accept-Ranges: bytes');
header('Content-Transfer-Encoding: Binary');
header("Content-Lenght: ".strval( $pdf->TailleFichierTemporaire( ) ));
*/
//header('Location: http://extranet"'.$NomFichier.'"');
}
function getLogo($siteWeb, $siren) {
include_once(FWK_PATH.'/common/curl.php');
if (substr($siteWeb,-1)<>'/')
$siteWeb.='/';
$arrUrl=parse_url($siteWeb);
$page=getUrl($siteWeb, '', '', '', false, $arrUrl['host'], '', 3);
$body=$page['body'];
if (preg_match('/<img(?:.*)src=(?:"|\')((?:.*)logo(?:.*)(?:gif|png|jpg|jpeg))/Ui', $body, $matches)) {
$logo=trim(strtr($matches[1],'"\'',' '));
$urlLogo=$siteWeb.$logo;
$tmp=explode('.', basename($logo));
$ext=end($tmp);
$page=getUrl($urlLogo, '', '', $siteWeb, false, $arrUrl['host']);
$body=$page['body'];
$fp=fopen(PATH_LOGOS.$siren.'.'.$ext, 'a');
fwrite($fp, $body);
fclose($fp);
return '/img/logos/'.$siren.'.'.$ext;
}/*
elseif (preg_match_all('/<frame (?:.*)src=(?:"|\')(.*)(?:"|\')(?:.*)>/Ui', $body, $matches)) {
foreach ($matches[1] as $url) {
if (substr($url,0,1)=='/' || substr($url,0,1)=='./' || substr($url,0,7)<>'http://')
$url=$siteWeb.$url;
//echo "Chercher dans : $url.<br/>";
$logo2=getLogo($url, $siren);
if ($logo2<>'') return $logo2;
}
}*/
return '';
}
function redimage($img_src,$dst_w,$dst_h) {
// Lit les dimensions de l'image
$size = GetImageSize($img_src);
$src_w = $size[0]; $src_h = $size[1];
// Teste les dimensions tenant dans la zone
$test_h = round(($dst_w / $src_w) * $src_h);
$test_w = round(($dst_h / $src_h) * $src_w);
// Si Height final non pr<70>cis<69> (0)
if(!$dst_h) $dst_h = $test_h;
// Sinon si Width final non pr<70>cis<69> (0)
elseif(!$dst_w) $dst_w = $test_w;
// Sinon teste quel redimensionnement tient dans la zone
elseif($test_h>$dst_h) $dst_w = $test_w;
else $dst_h = $test_h;
// Affiche les dimensions optimales
return "width=".$dst_w." height=".$dst_h;
}
include realpath(dirname(__FILE__) . '/../framework/fwk.php');
define ('INCLUDE_PATH', realpath(dirname(__FILE__) . '/../includes/'));
include( realpath(dirname(__FILE__) . '/../batch/mysql.php'));
/*
function getPassword($login) {
switch ($login) {
case 'jmartory': return 'jma456'; break;
case 'bpanaccione': return 'ben789'; break;
case 'ylenaour': return 'bzh4231*'; break;
case 'mheitz': return 'marc123'; break;
case 'vitelli': return 'buchert'; break;
case 'michelraby': return 'lersi'; break;
default: return false; break;
}
}*/
session_start();
$cle_cookie='sdjglsdkhmsoL68';
$timeout=900;
$refresh=5;
if (ENV<>'PRD') {
// Pas de mise en cache WSDL pour SOAP
ini_set('soap.wsdl_cache_enabled', 0);
}
if (!isset($_REQUEST['page'])) $page='main';
else $page=$_REQUEST['page'];
if (!isset($_REQUEST['sortie'])) $sortie='';
else $sortie=$_REQUEST['sortie'];
if ($_SESSION['connected']==true) {
// On v<>rifi<66> la validit<69> de la session
$tabInfo=$_SESSION['tabInfo'];
if ($tabInfo['date_last_action']+$timeout<time()) {
$message="Vous avez <20>t<EFBFBD> d<>connect<63> de l'extranet suite <20> un d<>lai d'inactivit<69> trop long (1)";
include('./pages/logout.php');
}
// On met <20> jour l'heure de la derni<6E>re action
$tabInfo['date_last_action']=time();
$_SESSION['tabInfo']=$tabInfo;
}
elseif ($page<>'main' && $_REQUEST['action']<>'logon') {
$message="Vous avez <20>t<EFBFBD> d<>connect<63> de l'extranet suite <20> un d<>lai d'inactivit<69> trop long (2)";
include('./pages/logout.php');
} // Sinon ok, on peut continuer
switch ($page) {
case 'referer':
$client2 = new SoapClient(null, array( 'trace' => 1,
'soap_version' => SOAP_1_1,
'location' => WEBSERVICE_URL,
'uri' => WEBSERVICE_URI,
'login' => $_SESSION['tabInfo']['login'],
'password' => $_SESSION['tabInfo']['password']));
$O2 = $client2->setLog('redirection_'.$_REQUEST['part'], $_REQUEST['siret']);
header('Location: '.$_REQUEST['url']);
die();
break;
case 'main':
//echo "<!--_page=main-->\n";
if ($_REQUEST['action']=='logon') {
//echo "<!--_action=logon-->\n";
if (trim($_REQUEST['login'])=='') {
$message="Erreur 10300 : Identifiant de connexion et/ou mot de passe incorrect !";
include('./pages/logout.php');
die();
}
if ($_REQUEST['checkIp']=='only') {
if ($_SERVER['REMOTE_ADDR']=='217.109.14.164' ||
$_SERVER['REMOTE_ADDR']=='217.109.14.180' ||
// REUNICA
$_SERVER['REMOTE_ADDR']=='80.13.67.184' ||
$_SERVER['REMOTE_ADDR']=='80.13.97.240' ||
$_SERVER['REMOTE_ADDR']=='80.13.67.192' ||
$_SERVER['REMOTE_ADDR']=='80.13.97.251' ||
// REUNICA Arp<72>ge - Plage 1 de 217.109.14.160 <20> 217.109.14.191
preg_match('/217\.109\.14\.16./', $_SERVER['REMOTE_ADDR']) ||
preg_match('/217\.109\.14\.17./', $_SERVER['REMOTE_ADDR']) ||
preg_match('/217\.109\.14\.18./', $_SERVER['REMOTE_ADDR']) ||
$_SERVER['REMOTE_ADDR']=='217.109.14.190' ||
$_SERVER['REMOTE_ADDR']=='217.109.14.191' ||
// REUNICA Arp<72>ge - Plage 2 de 90.80.8.32 <20> 90.80.8.63
preg_match('/90\.80\.8\.3./', $_SERVER['REMOTE_ADDR']) ||
preg_match('/90\.80\.8\.4./', $_SERVER['REMOTE_ADDR']) ||
preg_match('/90\.80\.8\.5./', $_SERVER['REMOTE_ADDR']) ||
$_SERVER['REMOTE_ADDR']=='90.80.8.60' ||
$_SERVER['REMOTE_ADDR']=='90.80.8.61' ||
$_SERVER['REMOTE_ADDR']=='90.80.8.62' ||
$_SERVER['REMOTE_ADDR']=='90.80.8.63' ||
// REUNICA Arp<72>ge - Plage 3 de 83.206.181.192 <20> 83.206.181.223
preg_match('/83\.206\.181\.19./', $_SERVER['REMOTE_ADDR']) ||
preg_match('/83\.206\.181\.20./', $_SERVER['REMOTE_ADDR']) ||
preg_match('/83\.206\.181\.21./', $_SERVER['REMOTE_ADDR']) ||
$_SERVER['REMOTE_ADDR']=='83.206.181.220' ||
$_SERVER['REMOTE_ADDR']=='83.206.181.221' ||
$_SERVER['REMOTE_ADDR']=='83.206.181.222' ||
$_SERVER['REMOTE_ADDR']=='83.206.181.223' ||
// REUNICA Backup
$_SERVER['REMOTE_ADDR']=='88.178.249.67' ||
$_SERVER['REMOTE_ADDR']=='88.185.121.243' ) // S&D 88.185.121.243
{
if ($_REQUEST['login']=='testreunica') $_REQUEST['hach']='fboulu';
elseif ($_REQUEST['login']=='reunicacsf') $_REQUEST['hach']='fboulu';
}
else {
mail( 'ylenaour@scores-decisions.com',"IP ".$_SERVER['REMOTE_ADDR']." non d<>clar<61>e pour ".$_REQUEST['login'] ,
'REQUEST='.EOL.print_r($_REQUEST,true).'EOL'.
'SERVER='.EOL.print_r($_SERVER,true).'EOL'.
'SESSION='.EOL.print_r($_SESSION,true).'EOL'.
'ENV='.EOL.print_r($_ENV,true).'EOL');
afficheErreur('Erreur 10816 : Connexion impossible !');
}
} else {
// Demande de connexion
//if (!preg_match('/(\d)/', $_REQUEST['x'])) afficheErreur('Erreur 10001 : Connexion impossible !');
//if ($_REQUEST['x']<0 || $_REQUEST['x']>24) afficheErreur('Erreur 10002 : Connexion impossible !');
//if (!preg_match('/(\d)/', $_REQUEST['y'])) afficheErreur('Erreur 10003 : Connexion impossible !');
//if ($_REQUEST['y']<0 || $_REQUEST['y']>24) afficheErreur('Erreur 10004 : Connexion impossible !');
if ($_REQUEST['pass']<>'') afficheErreur('Erreur 10005 : Connexion impossible !');
if ($_REQUEST['lang']<>'fr') afficheErreur('Erreur 10006 : Connexion impossible !');
$secureLocal=md5(date('Ymd').$_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT']);
$secureDist =$_REQUEST['secure'];
//if ($secureLocal<>$secureDist) afficheErreur("Erreur 10100 : Connexion impossible $secureLocal / $secureDist !");
$cookieSecure=$secureLocal.'/'.md5($cle_cookie);
$tab=unserialize(@file_get_contents('/tmp/sd_'.$secureLocal.'.tmp'));
//if ($tab['client_ip']<>$_SERVER['REMOTE_ADDR']) afficheErreur('Erreur 10101 : Connexion impossible !');
$tabIpInterdites=array( '81.252.88.*',
'195.200.187.163',
'213.11.81.41',
'83.206.171.252',
'81.255.32.139',
'212.155.191.1*',
'217.70.1*.17',
'212.37.196.156',
'80.245.60.121',
'213.246.57.101',
//'88.178.249.67',
);
foreach ($tabIpInterdites as $ip) {
if (preg_match('/^'.str_replace('*','.*',str_replace('.','\.',$ip)).'$/', $_SERVER['REMOTE_ADDR']) )
afficheErreur('Erreur 10105 : Connexion impossible !');
}
//if ($tab['client_ua']<>$_SERVER['HTTP_USER_AGENT']) afficheErreur('Erreur 10102 : Connexion impossible !');
//if ($tab['client_cookie_client']<>$cookieSecure) afficheErreur('Erreur 10103 : Connexion impossible !');
}
/** Utilisation du WS **/
$client = new SoapClient(null, array( 'trace' => 1,
'soap_version' => SOAP_1_1,
'location' => WEBSERVICE_URL,
'uri' => WEBSERVICE_URI,
'login' => $_REQUEST['login'],
'password' => $_REQUEST['hach']));
try {
$O = $client->getInfosLogin($_REQUEST['login'], $_SERVER['REMOTE_ADDR']);
$user=$O['result'];
if ($user['connected']==true) {
$tabInfo['login']=$_REQUEST['login'];
$tabInfo['password']=$_REQUEST['hach'];
$tabInfo['email']=$user['email'];
$tabInfo['ip']=$_SERVER['REMOTE_ADDR'];
$tabInfo['host']=gethostbyaddr($tabInfo['ip']);
$tabInfo['resolution']=$_REQUEST['resolution'];
$tabInfo['nbcolors']=$_REQUEST['nbcolors'];
$tabInfo['user_agent']=$tab['client_ua'];
$tabInfo['referer1']=$tab['client_referer'];
$tabInfo['referer2']=$_SERVER['HTTP_REFERER'];
$tabInfo['referer_login']=$_SERVER['HTTP_REFERER'];
$tabInfo['date_page_www']=$tab['client_connexion'];
$tabInfo['date_login']=time();
$tabInfo['date_last_action']=time();
$tabInfo['nbReponses']=$user['nbReponses'];
$tabInfo['cookie_client']=md5('login'.$cookieSecure);
$tabInfo['mode_edition']=0;
$tabInfo['profil']=$user['profil'];
$tabInfo['pref']=$user['pref'];
$tabInfo['droits']=$user['droits'];
$tabInfo['nom']=$user['nom'];
$tabInfo['prenom']=$user['prenom'];
$tabInfo['id']=$user['id'];
$tabInfo['idClient']=$user['idClient'];
$tabInfo['reference']=$user['reference'];
$_SESSION['connected']=true;
$_SESSION['tabInfo']=$tabInfo;
include('./pages/main.php');
logAction($tabInfo['login'], $page, $_REQUEST['siret'], $tabInfo['ip'], $tabInfo['host'], $tabInfo['resolution'], $tabInfo['nbcolors'], $tabInfo['user_agent'],$tabInfo['referer1'], gmdate('Y/m/d H:i:s',$tabInfo['date_login']+3600), gmdate('Y/m/d H:i:s',$tabInfo['date_last_action']+3600), implode(', ',$_REQUEST));
} elseif ($O['error']['errnum']<>0) {
$message='Erreur '. $O['error']['errnum'] .' : '. $O['error']['errmsg'];
include('./pages/logout.php');
logAction($tabInfo['login'], $page, $_REQUEST['siret'], $tabInfo['ip'], $tabInfo['host'], $tabInfo['resolution'], $tabInfo['nbcolors'], $tabInfo['user_agent'],$tabInfo['referer1'], gmdate('Y/m/d H:i:s',$tabInfo['date_login']+3600), gmdate('Y/m/d H:i:s',$tabInfo['date_last_action']+3600), implode(', ',$_REQUEST));
print_r($tabInfoUser);
die();
}
else {
$message="Erreur 10302 : Identifiant de connexion et/ou mot de passe incorrect !";
include('./pages/logout.php');
logAction($tabInfo['login'], $page, $_REQUEST['siret'], $tabInfo['ip'], $tabInfo['host'], $tabInfo['resolution'], $tabInfo['nbcolors'], $tabInfo['user_agent'],$tabInfo['referer1'], gmdate('Y/m/d H:i:s',$tabInfo['date_login']+3600), gmdate('Y/m/d H:i:s',$tabInfo['date_last_action']+3600), implode(', ',$_REQUEST));
print_r($tabInfoUser);
die();
}
die();
} catch (SoapFault $fault) {
$message="Erreur 10301 : Identifiant de connexion et/ou mot de passe incorrect !";
//.$_REQUEST['login'].'/'.$_REQUEST['hach'];
include('./pages/logout.php');
die();
}
/*if (getPassword($_REQUEST['login'])) {
$hash=md5($_REQUEST['login'].'|'.getPassword($_REQUEST['login']));
/* if ( ( $_REQUEST['login']=='ylenaour' ||
$_REQUEST['login']=='jmartory' ||
$_REQUEST['login']=='bpanaccione' ||
$_REQUEST['login']=='mheitz' ) && *
if ($_REQUEST['hach']==$hash) {
//echo '<pre>';print_r($tabInfo);echo '</pre>';
$_SESSION['connected']=true;
$_SESSION['tabInfo']=$tabInfo;
include('./pages/main.php');
die();
} else {
$message="Erreur 10301 : Identifiant de connexion et/ou mot de passe incorrect !";
include('./pages/logout.php');
die();
}
}*/
}
elseif ($_REQUEST['action']=='logout') {
// Demande de LOGOUT
//echo "<!--_action=logout-->\n";
include('./pages/logout.php');
die();
} else {
// Main sans action particuli<6C>re
//echo "<!--_action='default'-->\n";
include('./pages/main.php');
die();
}
break;
case 'recherche':
//$strRecherche=serialize($tabRecherche);
//$gzRecherche=urlencode();
if ($_REQUEST['vue']=='list') $_SESSION['list_pre']=gzcompress(serialize($_POST['formR']),9);
$title='Recherche';
//echo "<!--_page=recherche-->\n";
// Pages de recherche ou liste
$page2='recherche.php';
include('./pages/main.php');
break;
case 'moncompte':
if (isset($_REQUEST['frmOptions'])) $tabOptions=$_REQUEST['frmOptions'];
if (isset($tabOptions['rech_nbrep'])) $_SESSION['tabInfo']['nbReponses'] =$tabOptions['rech_nbrep'];
if (isset($tabOptions['mode_edition'])) $_SESSION['tabInfo']['mode_edition']=1;
if (isset($tabOptions['pref'])) $_SESSION['tabInfo']['pref'] =implode(' ', $tabOptions['pref']);
if (isset($tabOptions['droits'])) $_SESSION['tabInfo']['droits'] =implode(' ', $tabOptions['droits']);
if (isset($tabOptions['formatMail'])) $_SESSION['tabInfo']['formatMail'] =$tabOptions['formatMail'];
$title='Profil utilisateur';
//echo "<!--_page=moncompte-->\n";
$page2='moncompte.php';
include('./pages/main.php');
break;
case 'administration':
/*if (isset($_REQUEST['frmOptions'])) $tabOptions=$_REQUEST['frmOptions'];
if (isset($tabOptions['rech_nbrep'])) $_SESSION['tabInfo']['nbReponses'] =$tabOptions['rech_nbrep'];
if (isset($tabOptions['mode_edition'])) $_SESSION['tabInfo']['mode_edition']=1;
if (isset($tabOptions['pref'])) $_SESSION['tabInfo']['pref'] =implode(' ', $tabOptions['pref']);
if (isset($tabOptions['droits'])) $_SESSION['tabInfo']['droits'] =implode(' ', $tabOptions['droits']);
*/
$title='Administration des utilisateurs';
$page2='administration.php';
include('./pages/main.php');
break;
case 'stats':
/*if (isset($_REQUEST['frmOptions'])) $tabOptions=$_REQUEST['frmOptions'];
if (isset($tabOptions['rech_nbrep'])) $_SESSION['tabInfo']['nbReponses'] =$tabOptions['rech_nbrep'];
if (isset($tabOptions['mode_edition'])) $_SESSION['tabInfo']['mode_edition']=1;
if (isset($tabOptions['pref'])) $_SESSION['tabInfo']['pref'] =implode(' ', $tabOptions['pref']);
if (isset($tabOptions['droits'])) $_SESSION['tabInfo']['droits'] =implode(' ', $tabOptions['droits']);
*/
$title='Statistiques';
$page2='stats.php';
include('./pages/main.php');
break;
case 'identite':
$title='Identit&eacute - Siren '.substr($_REQUEST['siret'],0,3).' '.substr($_REQUEST['siret'],3,3).' '.
substr($_REQUEST['siret'],6,3);
//echo "<!--_page=identite-->\n";
// Identit<69>
$page2='identite.php';
include('./pages/main.php');
break;
case 'evenements':
$title='Ev&egrave;nements - Siren '.substr($_REQUEST['siret'],0,3).' '.substr($_REQUEST['siret'],3,3).' '.
substr($_REQUEST['siret'],6,3);
//echo "<!--_page=identite-->\n";
// Identit<69>
$page2='evenements.php';
include('./pages/main.php');
break;
case 'saisie':
$title='Saisie/Edition - Siren '.substr($_REQUEST['siret'],0,3).' '.substr($_REQUEST['siret'],3,3).' '.
substr($_REQUEST['siret'],6,3);
$page2='saisie.php';
include('./pages/main.php');
break;
case 'etablissements':
$title='Etablissements - Siren '.substr($_REQUEST['siret'],0,3).' '.substr($_REQUEST['siret'],3,3).' '.
substr($_REQUEST['siret'],6,3);
//echo "<!--_page=etablissements-->\n";
//
$page2='etablissements.php';
include('./pages/main.php');
break;
case 'carte':
include('./pages/carte.php');
break;
/*$title='G&eacute;olocalisation - Siren '.substr($_REQUEST['siret'],0,3).' '.substr($_REQUEST['siret'],3,3).' '.
substr($_REQUEST['siret'],6,3);
//echo "<!--_page=etablissements-->\n";
//
$page2='carte.php';
require('./pages/main.php');
break;*/
case 'liens':
$title='Liens - Siren '.substr($_REQUEST['siret'],0,3).' '.substr($_REQUEST['siret'],3,3).' '.
substr($_REQUEST['siret'],6,3);
//echo "<!--_page=liens-->\n";
// Identit<69>
$page2='liens.php';
include('./pages/main.php');
break;
case 'dirigeants':
$title='Dirigeants - Siren '.substr($_REQUEST['siret'],0,3).' '.substr($_REQUEST['siret'],3,3).' '.
substr($_REQUEST['siret'],6,3);
//echo "<!--_page=dirigeants-->\n";
// Identit<69>
$page2='dirigeants.php';
include('./pages/main.php');
break;
case 'annonces':
if ($_REQUEST['action']=='logon') {
//echo "<!--_action=logon-->\n";
if (trim($_REQUEST['login'])=='') {
$message="Erreur 10300 : Identifiant de connexion et/ou mot de passe incorrect !";
include('./pages/logout.php');
die();
}
if ($_REQUEST['checkIp']=='only') {
if ($_SERVER['REMOTE_ADDR']=='80.12.106.161' || // mederic
$_SERVER['REMOTE_ADDR']=='80.12.106.129' || // mederic
$_SERVER['REMOTE_ADDR']=='83.206.102.217' || // S&D Rambouillet
$_SERVER['REMOTE_ADDR']=='88.185.121.243' // S&D Saulnier
)
{
if ($_REQUEST['login']=='mederic')
$_REQUEST['hach']='braye';
elseif ($_REQUEST['login']=='crr')
$_REQUEST['hach']='test1';
}
else afficheErreur('Erreur 10816 : Connexion impossible !');
} elseif ($_REQUEST['checkIp']=='none') {
if ($_REQUEST['login']<>'dgfip')
afficheErreur('Erreur 10816 : Connexion impossible !');
}
/** Utilisation du WS **/
$client = new SoapClient(null, array( 'trace' => 1,
'soap_version' => SOAP_1_1,
'location' => WEBSERVICE_URL,
'uri' => WEBSERVICE_URI,
'login' => $_REQUEST['login'],
'password' => $_REQUEST['hach']));
try {
$O = $client->getInfosLogin($_REQUEST['login']);
$user=$O['result'];
if ($user['connected']==true) {
$tabInfo['login']=$_REQUEST['login'];
$tabInfo['password']=$_REQUEST['hach'];
$tabInfo['email']=$user['email'];
$tabInfo['ip']=$_SERVER['REMOTE_ADDR'];
$tabInfo['host']=gethostbyaddr($tabInfo['ip']);
$tabInfo['resolution']=$_REQUEST['resolution'];
$tabInfo['nbcolors']=$_REQUEST['nbcolors'];
$tabInfo['user_agent']=$tab['client_ua'];
$tabInfo['referer1']=$tab['client_referer'];
$tabInfo['referer2']=$_SERVER['HTTP_REFERER'];
$tabInfo['date_page_www']=$tab['client_connexion'];
$tabInfo['date_login']=time();
$tabInfo['date_last_action']=time();
$tabInfo['nbReponses']=$user['nbReponses'];
$tabInfo['cookie_client']=md5('login'.$cookieSecure);
$tabInfo['mode_edition']=0;
$tabInfo['profil']=$user['profil'];
$tabInfo['pref']=$user['pref'];
$tabInfo['droits']=$user['droits'];
$tabInfo['nom']=$user['nom'];
$tabInfo['prenom']=$user['prenom'];
$tabInfo['id']=$user['id'];
$tabInfo['idClient']=$user['idClient'];
$tabInfo['reference']=$user['reference'];
$_SESSION['connected']=true;
$_SESSION['tabInfo']=$tabInfo;
logAction($tabInfo['login'], $page, $_REQUEST['siret'], $tabInfo['ip'], $tabInfo['host'], $tabInfo['resolution'], $tabInfo['nbcolors'], $tabInfo['user_agent'],$tabInfo['referer1'], gmdate('Y/m/d H:i:s',$tabInfo['date_login']+3600), gmdate('Y/m/d H:i:s',$tabInfo['date_last_action']+3600), implode(', ',$_REQUEST));
} else {
$message="Erreur 10302 : Identifiant de connexion et/ou mot de passe incorrect !";
include('./pages/logout.php');
logAction($tabInfo['login'], $page, $_REQUEST['siret'], $tabInfo['ip'], $tabInfo['host'], $tabInfo['resolution'], $tabInfo['nbcolors'], $tabInfo['user_agent'],$tabInfo['referer1'], gmdate('Y/m/d H:i:s',$tabInfo['date_login']+3600), gmdate('Y/m/d H:i:s',$tabInfo['date_last_action']+3600), implode(', ',$_REQUEST));
}
} catch (SoapFault $fault) {
$message="Erreur 10301 : Identifiant de connexion et/ou mot de passe incorrect !";
include('./pages/logout.php');
die();
}
}
if (isset($_REQUEST['idan']) && $_REQUEST['idan']*1<>0 && $_REQUEST['vue']=='balo' && isset($_GET['mode']) && $_GET['mode']=='pdf' ) {
$tmp=explode('.', $_REQUEST['idan']);
$rcs=substr($_REQUEST['siret'],0,9);
if (is_numeric($tmp[0])) $num=$tmp[0];
if (is_numeric($tmp[1])) $par=$tmp[1];
$conid = mysql_pconnect(MYSQL_HOST, MYSQL_USER, MYSQL_PASS);
if (!($conid === false)) {
if (mysql_select_db(MYSQL_DB, $conid) === false)
die('Base de donn<6E>es indisponible');
}
$tabTmp=mysql_select('balo', 'Url_Annonce_Pdf, YEAR(Date_Parution) as Annee',
"Societe_Rcs='$rcs' AND Num_Affaire='$num' AND Num_Parution='$par'");
$ann=$tabTmp[0];
$file = PATH_DATA.'/jo/balo/'.$ann['Annee'].'/'.basename($ann['Url_Annonce_Pdf']);
if (file_exists($file)) {
header("Pragma: public");
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: must-revalidate");
header("Content-type: application/pdf");
header("Content-Length: ".filesize($file));
header("Content-disposition: inline; filename=$file");
header("Accept-Ranges: ".filesize($file));
readfile($file);
} else
afficheErreur('Erreur 11000 : Document inexistant !');
die();
}
$title='Annonces l&eacute;gales - Siren '.substr($_REQUEST['siret'],0,3).' '.substr($_REQUEST['siret'],3,3).' '.
substr($_REQUEST['siret'],6,3);
//echo "<!--_page=annonces-->\n";
$page2='annonces.php';
include('./pages/main.php');
break;
case 'infosreg':
$title='Informations r&eacute;glement&eacute;es - Siren '. substr($_REQUEST['siret'],0,3).' '.substr($_REQUEST['siret'],3,3).' '.
substr($_REQUEST['siret'],6,3);
//echo "<!--_page=infosreg-->\n";
$page2='infosreg.php';
include('./pages/main.php');
break;
case 'bourse':
$title='Informations boursi&egrave;res - Siren '. substr($_REQUEST['siret'],0,3).' '.substr($_REQUEST['siret'],3,3).' '.
substr($_REQUEST['siret'],6,3);
//echo "<!--_page=bourse-->\n";
$page2='bourse.php';
include('./pages/main.php');
break;
case 'liasse':
$title='Liasse fiscale - Siren '.substr($_REQUEST['siret'],0,3).' '.substr($_REQUEST['siret'],3,3).' '.
substr($_REQUEST['siret'],6,3);
//echo "<!--_page=liasse-->\n";
$page2='liasse.php';
include('./pages/main.php');
break;
case 'competences':
$title='Comp&eacute;tences Territoriales - Siren '.substr($_REQUEST['siret'],0,3).' '.substr($_REQUEST['siret'],3,3).' '.
substr($_REQUEST['siret'],6,3);
//echo "<!--_page=competences-->\n";
$page2='competences.php';
include('./pages/main.php');
break;
case 'conventions':
$title='Conventions Collectives - Siren '.substr($_REQUEST['siret'],0,3).' '.substr($_REQUEST['siret'],3,3).' '.
substr($_REQUEST['siret'],6,3);
//echo "<!--_page=competences-->\n";
$page2='conventions.php';
include('./pages/main.php');
break;
case 'marques':
$title='Marques d&eacute;pos&eacute;es - Siren '.substr($_REQUEST['siret'],0,3).' '.substr($_REQUEST['siret'],3,3).' '.
substr($_REQUEST['siret'],6,3);
//echo "<!--_page=competences-->\n";
$page2='marques.php';
include('./pages/main.php');
break;
case 'pieces':
$title='Commande de pi&egarv;ces officielles - Siren '.substr($_REQUEST['siret'],0,3).' '.substr($_REQUEST['siret'],3,3).' '.
substr($_REQUEST['siret'],6,3);
$page2='pieces.php';
include('./pages/main.php');
break;
case 'kbis':
$title='KBis - Siren '.substr($_REQUEST['siret'],0,3).' '.substr($_REQUEST['siret'],3,3).' '.
substr($_REQUEST['siret'],6,3);
$page2='kbis.php';
include('./pages/main.php');
break;
case 'bilans':
$title='Bilans - Siren '.substr($_REQUEST['siret'],0,3).' '.substr($_REQUEST['siret'],3,3).' '.
substr($_REQUEST['siret'],6,3);
//echo "<!--_page=bilans-->\n";
$page2='bilans.php';
include('./pages/main.php');
break;
case 'indiscore':
$title='indiScore - Siren '.substr($_REQUEST['siret'],0,3).' '.substr($_REQUEST['siret'],3,3).' '.
substr($_REQUEST['siret'],6,3);
//echo "<!--_page=indiscore-->\n";
$page2='indiscore.php';
include('./pages/main.php');
break;
case 'scorescf':
$title='score Credit Safe &copy; - Siren '.substr($_REQUEST['siret'],0,3).' '.substr($_REQUEST['siret'],3,3).' '.
substr($_REQUEST['siret'],6,3);
//echo "<!--_page=indiscore-->\n";
$page2='scorescf.php';
include('./pages/main.php');
break;
case 'survliste':
$title='Surveillance';
//echo "<!--_page=recherche-->\n";
// Pages de recherche ou liste
$page2='survliste.php';
include('./pages/main.php');
break;
case 'survlisteann':
$title='Surveillance';
//echo "<!--_page=recherche-->\n";
// Pages de recherche ou liste
$page2='survlisteann.php';
include('./pages/main.php');
break;
case 'avis':
include('./pages/avis.php');
break;
case 'actes':
include('./pages/actes.php');
break;
case 'attente':
include('./pages/attente.php');
break;
case 'original':
include('./pages/original.php');
break;
case 'fichier':
include('./pages/fichier.php');
break;
case 'greffes':
$title='Pi&egrave;ces Officielles - Siren '.substr($_REQUEST['siret'],0,3).' '.substr($_REQUEST['siret'],3,3).' '.
substr($_REQUEST['siret'],6,3);
//include('./pages/.php');
$page2='greffes.php';
include('./pages/main.php');
break;
default:
$title='Erreur';
//echo "<!--_page='default'-->\n";
// Page inexistante
afficheErreur("Erreur 10400 : La page demand<6E>e est inexistante !");
break;
}
logAction($tabInfo['login'], $page, $_REQUEST['siret'], $tabInfo['ip'], $tabInfo['host'], $tabInfo['resolution'], $tabInfo['nbcolors'], $tabInfo['user_agent'],$tabInfo['referer1'], gmdate('Y/m/d H:i:s',$tabInfo['date_login']+3600), gmdate('Y/m/d H:i:s',$tabInfo['date_last_action']+3600), implode(', ',$_REQUEST));
/* $message='Erreur 10200 : Connexion impossible !';
echo "<!--\n";
echo "REQUEST=\n".print_r($_REQUEST)."\n";
echo "SESSION=\n".print_r($_SESSION)."\n";
echo "tabInfos=\n".print_r($tabInfo)."\n-->";
include('./pages/logout.php');
die();*/
if ($sortie=='pdf') {
ob_end_flush();
readfile($fichierPdf);
}
?>
Reference in New Issue View Git Blame Copy Permalink