263 lines
7.0 KiB
PHP
263 lines
7.0 KiB
PHP
<?php
|
|
|
|
$timeout = 1800;
|
|
if(ENVIRONNEMENT == 'DEV'){ $timeout = 36000; }
|
|
$cle_cookie = 'sdjglsdkhmsoL68';
|
|
|
|
//Connection Login/IP
|
|
if ($_REQUEST['checkIp']=='only')
|
|
{
|
|
if (trim($_REQUEST['login'])=='')
|
|
{
|
|
$message = "Erreur 10300 : ".
|
|
"Identifiant de connexion et/ou mot de passe incorrect !";
|
|
include('./pages/logout.php');
|
|
die();
|
|
}
|
|
//Affectation login et hach
|
|
$login = $_REQUEST['login'];
|
|
$hach = 'iponly:'.$_SERVER['REMOTE_ADDR'];
|
|
}
|
|
// Vérification SESSION
|
|
elseif ($_SESSION['connected']==TRUE &&
|
|
$_REQUEST['action']!='logout' &&
|
|
$_REQUEST['action']!='logon' )
|
|
{
|
|
// On vérifie la validité de la session
|
|
$tabInfo=$_SESSION['tabInfo'];
|
|
$firephp->log($tabInfo,'tabInfo');
|
|
|
|
if ($tabInfo['date_last_action']+$timeout<time()) {
|
|
$message = "Vous avez été déconnecté de l'extranet".
|
|
" suite à un délai d'inactivité trop long (1)";
|
|
include('./pages/logout.php');
|
|
}
|
|
// On met à jour l'heure de la dernière action
|
|
$tabInfo['date_last_action']=time();
|
|
$_SESSION['tabInfo']=$tabInfo;
|
|
|
|
//Affectation login et hach
|
|
$login = $_SESSION['tabInfo']['login'];
|
|
($_REQUEST['checkIp']=='only' || strstr($hach, 'iponly:')!=FALSE ) ?
|
|
($hach = 'iponly:'.$_SERVER['REMOTE_ADDR']) :
|
|
($hach = $_SESSION['tabInfo']['password']);
|
|
|
|
}
|
|
//Demande de connexion
|
|
elseif ( $_REQUEST['action']=='logon' &&
|
|
( trim($_REQUEST['login'])!='' && trim($_REQUEST['hach'])!='' )
|
|
)
|
|
{
|
|
//Le mot de passe doit être vide
|
|
if ($_REQUEST['pass']!='')
|
|
afficheErreur('Erreur 10005 : Connexion impossible !');
|
|
|
|
//Affectation login et hach
|
|
$login = $_REQUEST['login'];
|
|
$hach = $_REQUEST['hach'];
|
|
}
|
|
//Force la déconnexion
|
|
elseif ($_REQUEST['action']=='logout')
|
|
{
|
|
include('./pages/logout.php');
|
|
die();
|
|
}
|
|
elseif ($page!='main' && $_REQUEST['action']!='logon')
|
|
{
|
|
|
|
$message = "Vous avez été déconnecté de l'extranet".
|
|
" suite à un délai d'inactivité trop long (2)";
|
|
include('./pages/logout.php');
|
|
}
|
|
|
|
$firephp->log($login, 'login');
|
|
$firephp->log($hach, 'hach');
|
|
|
|
//Erreur javascript
|
|
if( empty($hach) )
|
|
{
|
|
$message = "Le JavaScript semble être désactivé sur votre navigateur ".
|
|
"Internet.<br/>Contacter votre administrateur.";
|
|
include('./pages/logout.php');
|
|
exit;
|
|
}
|
|
|
|
//Déclation du client Soap auprès du webservice
|
|
$client = new SoapClient( null,
|
|
array( 'trace' => 1,
|
|
'soap_version' => SOAP_1_1,
|
|
'location' => WEBSERVICE_URL,
|
|
'uri' => WEBSERVICE_URI,
|
|
'login' => $login,
|
|
'password' => $hach
|
|
));
|
|
|
|
if($_REQUEST['action']=='logon' || $_SESSION['connected']==FALSE)
|
|
{
|
|
|
|
$secureLocal= md5(
|
|
date('Ymd') . $_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT']
|
|
);
|
|
$secureDist = $_REQUEST['secure'];
|
|
$cookieSecure = $secureLocal.'/'.md5($cle_cookie);
|
|
$tab = unserialize(@file_get_contents('/tmp/sd_'.$secureLocal.'.tmp'));
|
|
|
|
$tabIpInterdites = array(
|
|
'81.252.88.*',
|
|
'195.200.187.163',
|
|
'213.11.81.41',
|
|
'83.206.171.252',
|
|
'81.255.32.139',
|
|
'212.155.191.1*',
|
|
'217.70.1*.17',
|
|
'212.37.196.156',
|
|
'80.245.60.121',
|
|
'213.246.57.101',
|
|
//'88.178.249.67',
|
|
);
|
|
foreach ($tabIpInterdites as $ip)
|
|
{
|
|
if ( preg_match( '/^' .
|
|
str_replace('*', '.*',
|
|
str_replace('.','\.',$ip) ) . '$/', $_SERVER['REMOTE_ADDR'])
|
|
)
|
|
{
|
|
afficheErreur('Erreur 10105 : Connexion impossible !');
|
|
}
|
|
}
|
|
|
|
//Récupération des infos si pas de session
|
|
try
|
|
{
|
|
$O = $client->getInfosLogin($login, $_SERVER['REMOTE_ADDR']);
|
|
$user = $O['result'];
|
|
$firephp->log($user,'result');
|
|
if ($user['connected']==true)
|
|
{
|
|
$tabInfo['login'] = $login;
|
|
$tabInfo['password'] = $hach;
|
|
$tabInfo['email'] = $user['email'];
|
|
$tabInfo['ip'] = $_SERVER['REMOTE_ADDR'];
|
|
$tabInfo['host'] = gethostbyaddr($tabInfo['ip']);
|
|
$tabInfo['resolution'] = $_REQUEST['resolution'];
|
|
$tabInfo['nbcolors'] = $_REQUEST['nbcolors'];
|
|
$tabInfo['user_agent'] = $tab['client_ua'];
|
|
$tabInfo['referer1'] = $tab['client_referer'];
|
|
$tabInfo['referer2'] = $_SERVER['HTTP_REFERER'];
|
|
$tabInfo['referer_login'] = $_SERVER['HTTP_REFERER'];
|
|
$tabInfo['date_page_www'] = $tab['client_connexion'];
|
|
$tabInfo['date_login'] = time();
|
|
$tabInfo['date_last_action']= time();
|
|
$tabInfo['nbReponses'] = $user['nbReponses'];
|
|
$tabInfo['cookie_client'] = md5('login'.$cookieSecure);
|
|
$tabInfo['mode_edition'] = 0;
|
|
$tabInfo['profil'] = $user['profil'];
|
|
$tabInfo['pref'] = $user['pref'];
|
|
$tabInfo['droits'] = $user['droits'];
|
|
$tabInfo['nom'] = $user['nom'];
|
|
$tabInfo['prenom'] = $user['prenom'];
|
|
$tabInfo['id'] = $user['id'];
|
|
$tabInfo['idClient'] = $user['idClient'];
|
|
$tabInfo['reference'] = $user['reference'];
|
|
$tabInfo['typeScore'] = $user['typeScore'];
|
|
|
|
$_SESSION['connected']=true;
|
|
$_SESSION['tabInfo']=$tabInfo;
|
|
|
|
logAction(
|
|
$tabInfo['login'],
|
|
$page,
|
|
$_REQUEST['siret'],
|
|
$tabInfo['ip'],
|
|
$tabInfo['host'],
|
|
$tabInfo['resolution'],
|
|
$tabInfo['nbcolors'],
|
|
$tabInfo['user_agent'],
|
|
$tabInfo['referer1'],
|
|
gmdate('Y/m/d H:i:s',
|
|
$tabInfo['date_login']+3600),
|
|
gmdate('Y/m/d H:i:s',
|
|
$tabInfo['date_last_action']+3600),
|
|
implode(', ',$_REQUEST)
|
|
);
|
|
|
|
}
|
|
//Erreur renvoyé par le webservice
|
|
elseif ($O['error']['errnum']!=0)
|
|
{
|
|
$message = 'Erreur '.
|
|
$O['error']['errnum'] .' : '.
|
|
$O['error']['errmsg'];
|
|
|
|
if($O['error']['errnum']=='10301' && $login=='rsipdll')
|
|
{
|
|
$message.= '<br/>Pour tout problème technique, '.
|
|
'contactez le service support par téléphone au 01.48.00.04.52 '.
|
|
'ou par mail à <a href="mailto:support@scores-decisions.com">'.
|
|
'support@scores-decisions.com</a>';
|
|
}
|
|
include('./pages/logout.php');
|
|
logAction(
|
|
$tabInfo['login'],
|
|
$page,
|
|
$_REQUEST['siret'],
|
|
$tabInfo['ip'],
|
|
$tabInfo['host'],
|
|
$tabInfo['resolution'],
|
|
$tabInfo['nbcolors'],
|
|
$tabInfo['user_agent'],
|
|
$tabInfo['referer1'],
|
|
gmdate('Y/m/d H:i:s',$tabInfo['date_login']+3600),
|
|
gmdate('Y/m/d H:i:s',$tabInfo['date_last_action']+3600),
|
|
implode(', ',$_REQUEST)
|
|
);
|
|
die();
|
|
}
|
|
else
|
|
{
|
|
$message="Erreur 10302 : ".
|
|
"Identifiant de connexion et/ou mot de passe incorrect !";
|
|
include('./pages/logout.php');
|
|
logAction(
|
|
$tabInfo['login'],
|
|
$page,
|
|
$_REQUEST['siret'],
|
|
$tabInfo['ip'],
|
|
$tabInfo['host'],
|
|
$tabInfo['resolution'],
|
|
$tabInfo['nbcolors'],
|
|
$tabInfo['user_agent'],
|
|
$tabInfo['referer1'],
|
|
gmdate('Y/m/d H:i:s',$tabInfo['date_login']+3600),
|
|
gmdate('Y/m/d H:i:s',$tabInfo['date_last_action']+3600),
|
|
implode(', ',$_REQUEST)
|
|
);
|
|
die();
|
|
}
|
|
}
|
|
//Erreur SOAP
|
|
catch (SoapFault $fault)
|
|
{
|
|
if($fault->faultcode!='900')
|
|
{
|
|
require_once 'soaperror.php';
|
|
processSoapFault($client,$fault,$tabInfo);
|
|
}
|
|
|
|
$message = "Erreur 10301 : ".
|
|
"Identifiant de connexion et/ou mot de passe incorrect !";
|
|
|
|
if($login=='rsipdll')
|
|
{
|
|
$message.= '<br/>Pour tout problème technique, '.
|
|
'contactez le service support par téléphone au 01.48.00.04.52 '.
|
|
'ou par mail à <a href="mailto:support@scores-decisions.com">'.
|
|
'support@scores-decisions.com</a>';
|
|
}
|
|
|
|
include('./pages/logout.php');
|
|
die();
|
|
}
|
|
}
|
|
|
|
?>
|