170 lines
6.6 KiB
PHP
170 lines
6.6 KiB
PHP
<?php
|
|
|
|
$timeout=1800;
|
|
if(ENVIRONNEMENT == 'DEV'){ $timeout=36000; }
|
|
$cle_cookie = 'sdjglsdkhmsoL68';
|
|
|
|
//Vérification en session
|
|
if ($_REQUEST['checkIp']=='only'){
|
|
|
|
if (trim($_REQUEST['login'])=='') {
|
|
$message="Erreur 10300 : Identifiant de connexion et/ou mot de passe incorrect !";
|
|
include('./pages/logout.php');
|
|
die();
|
|
}
|
|
|
|
$login = $_REQUEST['login'];
|
|
$hach = 'iponly:'.$_SERVER['REMOTE_ADDR'];
|
|
|
|
}elseif ($_SESSION['connected']==TRUE && $_REQUEST['action']!='logout' && $_REQUEST['action']!='logon' ) {
|
|
// On vérifie la validité de la session
|
|
$tabInfo=$_SESSION['tabInfo'];
|
|
$firephp->log($tabInfo,'tabInfo');
|
|
|
|
if ($tabInfo['date_last_action']+$timeout<time()) {
|
|
$message="Vous avez été déconnecté de l'extranet suite à un délai d'inactivité trop long (1)";
|
|
include('./pages/logout.php');
|
|
}
|
|
// On met à jour l'heure de la dernière action
|
|
$tabInfo['date_last_action']=time();
|
|
$_SESSION['tabInfo']=$tabInfo;
|
|
|
|
//Affectation Login et pass
|
|
$login = $_SESSION['tabInfo']['login'];
|
|
($_REQUEST['checkIp']=='only' || strstr($hach, 'iponly:')!=FALSE ) ? ($hach = 'iponly:'.$_SERVER['REMOTE_ADDR']) : ($hach = $_SESSION['tabInfo']['password']);
|
|
|
|
}elseif ($_REQUEST['action']=='logon' && ( trim($_REQUEST['login'])!='' && trim($_REQUEST['hach'])!='' ) ) {
|
|
|
|
if (trim($_REQUEST['login'])=='') {
|
|
$message="Erreur 10300 : Identifiant de connexion et/ou mot de passe incorrect !";
|
|
include('./pages/logout.php');
|
|
die();
|
|
}
|
|
|
|
if ($_REQUEST['pass']!='') afficheErreur('Erreur 10005 : Connexion impossible !');
|
|
//if ($_REQUEST['lang']!='fr') afficheErreur('Erreur 10006 : Connexion impossible !');
|
|
|
|
$login = $_REQUEST['login'];
|
|
$hach = $_REQUEST['hach'];
|
|
|
|
}elseif ($_REQUEST['action']=='logout') {
|
|
include('./pages/logout.php');
|
|
die();
|
|
}elseif ($page!='main' && $_REQUEST['action']!='logon') {
|
|
|
|
$message="Vous avez été déconnecté de l'extranet suite à un délai d'inactivité trop long (2)";
|
|
include('./pages/logout.php');
|
|
}
|
|
|
|
$firephp->log($login, 'login');
|
|
$firephp->log($hach, 'hach');
|
|
|
|
/** Déclation du client Soap auprès du webservice **/
|
|
$client = new SoapClient(null, array( 'trace' => 1,
|
|
'soap_version' => SOAP_1_1,
|
|
'location' => WEBSERVICE_URL,
|
|
'uri' => WEBSERVICE_URI,
|
|
'login' => $login,
|
|
'password' => $hach
|
|
));
|
|
|
|
|
|
if($_REQUEST['action']=='logon' || $_SESSION['connected']==FALSE)
|
|
{
|
|
//unset($_SESSION);
|
|
|
|
$secureLocal= md5(date('Ymd').$_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT']);
|
|
$secureDist = $_REQUEST['secure'];
|
|
|
|
$cookieSecure=$secureLocal.'/'.md5($cle_cookie);
|
|
$tab=unserialize(@file_get_contents('/tmp/sd_'.$secureLocal.'.tmp'));
|
|
|
|
$tabIpInterdites=array( '81.252.88.*',
|
|
'195.200.187.163',
|
|
'213.11.81.41',
|
|
'83.206.171.252',
|
|
'81.255.32.139',
|
|
'212.155.191.1*',
|
|
'217.70.1*.17',
|
|
'212.37.196.156',
|
|
'80.245.60.121',
|
|
'213.246.57.101',
|
|
//'88.178.249.67',
|
|
);
|
|
foreach ($tabIpInterdites as $ip) {
|
|
if (preg_match('/^'.str_replace('*','.*',str_replace('.','\.',$ip)).'$/', $_SERVER['REMOTE_ADDR']) ){
|
|
afficheErreur('Erreur 10105 : Connexion impossible !');
|
|
}
|
|
}
|
|
|
|
//Récupération des infos si pas de session
|
|
try {
|
|
$O = $client->getInfosLogin($login, $_SERVER['REMOTE_ADDR']);
|
|
$user=$O['result'];
|
|
$firephp->log($user,'result');
|
|
|
|
if ($user['connected']==true)
|
|
{
|
|
$tabInfo['login'] = $login;
|
|
$tabInfo['password'] = $hach;
|
|
$tabInfo['email'] = $user['email'];
|
|
$tabInfo['ip'] = $_SERVER['REMOTE_ADDR'];
|
|
$tabInfo['host'] = gethostbyaddr($tabInfo['ip']);
|
|
$tabInfo['resolution'] = $_REQUEST['resolution'];
|
|
$tabInfo['nbcolors'] = $_REQUEST['nbcolors'];
|
|
$tabInfo['user_agent'] = $tab['client_ua'];
|
|
$tabInfo['referer1'] = $tab['client_referer'];
|
|
$tabInfo['referer2'] = $_SERVER['HTTP_REFERER'];
|
|
$tabInfo['referer_login'] = $_SERVER['HTTP_REFERER'];
|
|
$tabInfo['date_page_www'] = $tab['client_connexion'];
|
|
$tabInfo['date_login'] = time();
|
|
$tabInfo['date_last_action']= time();
|
|
$tabInfo['nbReponses'] = $user['nbReponses'];
|
|
$tabInfo['cookie_client'] = md5('login'.$cookieSecure);
|
|
$tabInfo['mode_edition'] = 0;
|
|
$tabInfo['profil'] = $user['profil'];
|
|
$tabInfo['pref'] = $user['pref'];
|
|
$tabInfo['droits'] = $user['droits'];
|
|
$tabInfo['nom'] = $user['nom'];
|
|
$tabInfo['prenom'] = $user['prenom'];
|
|
$tabInfo['id'] = $user['id'];
|
|
$tabInfo['idClient'] = $user['idClient'];
|
|
$tabInfo['reference'] = $user['reference'];
|
|
|
|
$_SESSION['connected']=true;
|
|
$_SESSION['tabInfo']=$tabInfo;
|
|
|
|
//include('./pages/main.php');
|
|
logAction($tabInfo['login'], $page, $_REQUEST['siret'], $tabInfo['ip'], $tabInfo['host'], $tabInfo['resolution'], $tabInfo['nbcolors'], $tabInfo['user_agent'],$tabInfo['referer1'], gmdate('Y/m/d H:i:s',$tabInfo['date_login']+3600), gmdate('Y/m/d H:i:s',$tabInfo['date_last_action']+3600), implode(', ',$_REQUEST));
|
|
|
|
} elseif ($O['error']['errnum']<>0) {
|
|
$message='Erreur '. $O['error']['errnum'] .' : '. $O['error']['errmsg'];
|
|
if($O['error']['errnum']=='10301' && $login=='rsipdll'){
|
|
$message.= '<br/>Pour tout problème technique, contactez le service support par téléphone au 01.48.00.04.52 ou par mail à <a href="mailto:support@scores-decisions.com">support@scores-decisions.com</a>';
|
|
}
|
|
include('./pages/logout.php');
|
|
logAction($tabInfo['login'], $page, $_REQUEST['siret'], $tabInfo['ip'], $tabInfo['host'], $tabInfo['resolution'], $tabInfo['nbcolors'], $tabInfo['user_agent'],$tabInfo['referer1'], gmdate('Y/m/d H:i:s',$tabInfo['date_login']+3600), gmdate('Y/m/d H:i:s',$tabInfo['date_last_action']+3600), implode(', ',$_REQUEST));
|
|
print_r($tabInfoUser);
|
|
die();
|
|
}else {
|
|
$message="Erreur 10302 : Identifiant de connexion et/ou mot de passe incorrect !";
|
|
include('./pages/logout.php');
|
|
logAction($tabInfo['login'], $page, $_REQUEST['siret'], $tabInfo['ip'], $tabInfo['host'], $tabInfo['resolution'], $tabInfo['nbcolors'], $tabInfo['user_agent'],$tabInfo['referer1'], gmdate('Y/m/d H:i:s',$tabInfo['date_login']+3600), gmdate('Y/m/d H:i:s',$tabInfo['date_last_action']+3600), implode(', ',$_REQUEST));
|
|
print_r($tabInfoUser);
|
|
die();
|
|
}
|
|
} catch (SoapFault $fault) {
|
|
if($fault->faultcode!='900'){
|
|
require_once 'soaperror.php';
|
|
processSoapFault($client,$fault,$tabInfo);
|
|
}
|
|
$message="Erreur 10301 : Identifiant de connexion et/ou mot de passe incorrect !";
|
|
if($login=='rsipdll'){
|
|
$message.= '<br/>Pour tout problème technique, contactez le service support par téléphone au 01.48.00.04.52 ou par mail à <a href="mailto:support@scores-decisions.com">support@scores-decisions.com</a>';
|
|
}
|
|
include('./pages/logout.php');
|
|
die();
|
|
}
|
|
}
|
|
|
|
?>
|