2010-11-25 10:15:45 +00:00
|
|
|
<?php
|
|
|
|
|
require_once 'Metier/insee/classMInsee.php';
|
|
|
|
|
require_once 'Metier/insee/classMSirene.php';
|
|
|
|
|
require_once 'Metier/partenaires/classMBilans.php';
|
|
|
|
|
require_once 'Metier/partenaires/classMBourse.php';
|
|
|
|
|
require_once 'Metier/partenaires/classMLiens.php';
|
|
|
|
|
require_once 'Metier/partenaires/classMTva.php';
|
|
|
|
|
require_once 'Metier/partenaires/classMMap.php';
|
|
|
|
|
require_once 'Metier/partenaires/classMGreffes.php';
|
|
|
|
|
require_once 'Metier/partenaires/classMPrivileges.php';
|
|
|
|
|
require_once 'Metier/scores/classMFinancier.php';
|
|
|
|
|
require_once 'Metier/scores/classMSolvabilite.php';
|
|
|
|
|
|
|
|
|
|
require_once 'framework/mail/sendMail.php';
|
|
|
|
|
|
|
|
|
|
class WsScore
|
|
|
|
|
{
|
|
|
|
|
protected $dbConfig; //Configuration BDD Zend
|
|
|
|
|
protected $tabInfoUser; //Stockage des informations utilisateurs
|
|
|
|
|
|
2010-12-02 16:34:55 +00:00
|
|
|
protected $listeDroits = array(
|
|
|
|
|
'KBIS' => 'Extrait RCS',
|
|
|
|
|
'ACTES' => 'Pièces officielles',
|
|
|
|
|
'IDPROCOL' => 'Fiche procédure collective',
|
|
|
|
|
'PRIVILEGES' => 'Privilèges',
|
|
|
|
|
'IPARI' => 'Investigation par l\'image IparI©',
|
|
|
|
|
'MARQUES' => 'Marques déposées',
|
|
|
|
|
'INDISCORE' => 'indiScore©',
|
|
|
|
|
'INDISCORE2' => 'Rapport synthetique',
|
|
|
|
|
'INDISCORE3' => 'Rapport complet',
|
2011-01-04 08:32:31 +00:00
|
|
|
'INDISCOREP' => 'indiScore+',
|
|
|
|
|
'INDISCORE2P' => 'Rapport synthetique+',
|
|
|
|
|
'INDISCORE3P' => 'Rapport complet+',
|
2010-12-02 16:34:55 +00:00
|
|
|
'SCORECSF' => 'Score CSF',
|
|
|
|
|
'EVENINSEE' => 'Évènements INSEE',
|
|
|
|
|
'AVISINSEE' => 'Avis de situation INSEE',
|
|
|
|
|
'SURVANNONCE' => 'Surveillance des annonces légales',
|
|
|
|
|
'SURVINSEE' => 'Surveillance des événements INSEE',
|
|
|
|
|
'SURVBILAN' => 'Surveillance des bilans',
|
|
|
|
|
'SURVSCORE' => 'Surveillance des événements sur le score',
|
|
|
|
|
'SURVACTES' => 'Surveillance des actes',
|
|
|
|
|
'SURVDIRIGEANTS'=> 'Surveillance des dirigeants',
|
|
|
|
|
'SURVPRIV' => 'Surveillance des privilèges',
|
|
|
|
|
'SURVLISTE' => 'Liste des surveillances',
|
|
|
|
|
'PORTEFEUILLE' => 'Portefeuille',
|
|
|
|
|
'INVESTIG' => 'Investigation',
|
|
|
|
|
'ENQUETEC' => 'Enquête commerciale',
|
|
|
|
|
'INTERNATIONAL' => 'Recherche Internationale',
|
|
|
|
|
'BDF' => 'Banque de France',
|
|
|
|
|
'MONPROFIL' => 'Mon profil',
|
|
|
|
|
'EDITION' => 'Mode Edition',
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
protected $listePrefs = array(
|
|
|
|
|
'NAF4' => 'Afficher les anciens NAF',
|
|
|
|
|
'NACE' => 'Afficher les codes NACES',
|
|
|
|
|
'NEWS' => 'Afficher les news Google©',
|
|
|
|
|
'MAPPY' => 'Afficher les façades d\'immeubles',
|
|
|
|
|
'CARTES' => 'Afficher les cartes et les plans',
|
|
|
|
|
'VOIRSURV' => 'Afficher les entités sous surveillances',
|
|
|
|
|
);
|
|
|
|
|
|
2011-02-02 17:14:47 +00:00
|
|
|
public $listError = array(
|
2011-02-02 14:53:25 +00:00
|
|
|
|
|
|
|
|
'0900' => 'Identifiant ou mot de passe incorrect !',
|
|
|
|
|
'0901' => 'Accès WS non authorisé pour cette utilisateur !',
|
|
|
|
|
'0902' => 'Méthode non authorisée dans votre profil !',
|
|
|
|
|
|
2011-02-02 16:56:44 +00:00
|
|
|
'1010' => 'Siren invalide',
|
|
|
|
|
'1020' => 'Siren inexistant',
|
|
|
|
|
|
2011-02-02 14:53:25 +00:00
|
|
|
'3000' => 'Service disponible',
|
|
|
|
|
|
|
|
|
|
'9000' => 'Service S&D indisponible',
|
|
|
|
|
'9001' => 'Service partenaire indisponible',
|
|
|
|
|
'9002' => 'Méthode provisoirement indisponible',
|
2011-02-03 14:04:40 +00:00
|
|
|
'9003' => 'Version du service désactivé',
|
|
|
|
|
'9004' => 'Version du service inexistant',
|
2011-02-02 14:53:25 +00:00
|
|
|
'9010' => 'Fichier indisponible',
|
|
|
|
|
'9020' => 'Requête incorrecte',
|
|
|
|
|
|
|
|
|
|
);
|
|
|
|
|
|
2010-12-02 16:34:55 +00:00
|
|
|
public function __construct()
|
2010-11-25 10:15:45 +00:00
|
|
|
{
|
2010-11-25 16:51:05 +00:00
|
|
|
define ('DATETIME', date('YmdHis'));
|
|
|
|
|
define ('DATE', substr(DATETIME,0,8));
|
|
|
|
|
define ('TIME', substr(DATETIME,8,6));
|
|
|
|
|
define ('DATE_LISIBLE', substr(DATETIME,6,2).'/'.substr(DATETIME,4,2).'/'.substr(DATETIME,0,4));
|
|
|
|
|
define ('TIME_LISIBLE', substr(DATETIME,8,2).':'.substr(DATETIME,10,2).':'.substr(DATETIME,12,2));
|
|
|
|
|
|
2010-11-25 10:15:45 +00:00
|
|
|
$dbConfig = new Zend_Config_Ini(APPLICATION_PATH .
|
|
|
|
|
'/configs/databases.ini', APPLICATION_ENV);
|
|
|
|
|
$this->dbConfig = $dbConfig->db;
|
|
|
|
|
}
|
2011-01-13 16:52:27 +00:00
|
|
|
|
2011-02-02 14:53:25 +00:00
|
|
|
protected function sendError($code)
|
|
|
|
|
{
|
|
|
|
|
$message = 'Erreur inconnue';
|
2011-02-02 15:30:33 +00:00
|
|
|
if (array_key_exists($code, $this->listError)){
|
|
|
|
|
$message = $this->listError[$code];
|
2011-02-02 14:53:25 +00:00
|
|
|
}
|
|
|
|
|
throw new SoapFault($code,$message);
|
|
|
|
|
exit;
|
|
|
|
|
}
|
|
|
|
|
|
2011-01-13 16:52:27 +00:00
|
|
|
/**
|
|
|
|
|
* Enregistre l'appel utilisateur à une méthode
|
|
|
|
|
* @param $service
|
|
|
|
|
* @param $siret
|
|
|
|
|
* @param $ref
|
|
|
|
|
* @return void
|
|
|
|
|
*/
|
|
|
|
|
protected function wsLog($service, $siret='', $ref='')
|
|
|
|
|
{
|
|
|
|
|
$iDbCrm = new WDB('sdv1');
|
|
|
|
|
|
|
|
|
|
if (strlen($siret)==14) {
|
|
|
|
|
$siren=substr($siret,0,9);
|
|
|
|
|
$nic=substr($siret,9,5);
|
|
|
|
|
} elseif (strlen($siret)==9) {
|
|
|
|
|
$siren=$siret;
|
|
|
|
|
$nic='';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$tabInsert = array (
|
|
|
|
|
'login' => $this->tabInfoUser['login'],
|
|
|
|
|
'page' => $service,
|
|
|
|
|
'siren' => $siren,
|
|
|
|
|
'nic' => $nic,
|
|
|
|
|
'params' => $ref
|
|
|
|
|
);
|
|
|
|
|
$rep = $iDbCrm->insert('logs', $tabInsert);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2010-11-25 10:15:45 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Retourne une erreur soap lors d'une mauvaise authentification
|
|
|
|
|
* @throws SoapFault
|
|
|
|
|
*/
|
|
|
|
|
protected function authenticate()
|
|
|
|
|
{
|
2010-12-07 09:37:06 +00:00
|
|
|
if (!$this->checkAuth(
|
|
|
|
|
$_SERVER['PHP_AUTH_USER'],
|
|
|
|
|
$_SERVER['PHP_AUTH_PW'],
|
|
|
|
|
$_SERVER['REMOTE_ADDR']))
|
2010-11-25 10:15:45 +00:00
|
|
|
{
|
2011-02-02 14:53:25 +00:00
|
|
|
$this->sendError('0900');
|
2010-11-25 10:15:45 +00:00
|
|
|
}
|
|
|
|
|
}
|
2011-01-06 16:26:46 +00:00
|
|
|
|
|
|
|
|
protected function permission($perm)
|
|
|
|
|
{
|
2011-01-25 09:28:28 +00:00
|
|
|
if ( !$this->checkPerm($perm) ){
|
2011-02-02 14:53:25 +00:00
|
|
|
$this->sendError('0902');
|
2011-01-06 16:26:46 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2010-11-25 10:15:45 +00:00
|
|
|
|
2010-12-07 09:37:06 +00:00
|
|
|
/**
|
|
|
|
|
* checkAccesWS
|
|
|
|
|
* @throws SoapFault
|
|
|
|
|
*/
|
|
|
|
|
protected function checkAccesWS()
|
|
|
|
|
{
|
|
|
|
|
//Vérifier que l'utilisateur à le droit accesWS (clients/utilisateurs)
|
|
|
|
|
$accesWs = $this->tabInfoUser['accesWS'];
|
|
|
|
|
if ($accesWs){
|
2011-02-02 14:53:25 +00:00
|
|
|
$this->sendError('0901');
|
2010-12-07 09:37:06 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* checPerm
|
|
|
|
|
* @param string $perm
|
|
|
|
|
* @throws SoapFault
|
|
|
|
|
*/
|
|
|
|
|
protected function checkPerm($perm)
|
|
|
|
|
{
|
|
|
|
|
$droits = $this->tabInfoUser['droits'];
|
2011-01-06 16:26:46 +00:00
|
|
|
$output = false;
|
|
|
|
|
if ( preg_match('/\b'.$perm.'\b/i', $droits) ){
|
|
|
|
|
$output = true;
|
2010-12-07 09:37:06 +00:00
|
|
|
}
|
2011-01-06 16:26:46 +00:00
|
|
|
return $output;
|
2010-12-07 09:37:06 +00:00
|
|
|
}
|
2011-02-02 15:30:33 +00:00
|
|
|
|
2010-11-25 10:15:45 +00:00
|
|
|
/**
|
|
|
|
|
* checkAuth
|
|
|
|
|
* @param string $login
|
|
|
|
|
* @param string $password
|
|
|
|
|
* @param string $ipConnexion
|
|
|
|
|
* @return boolean
|
|
|
|
|
*/
|
|
|
|
|
protected function checkAuth($login, $password, $ipConnexion)
|
|
|
|
|
{
|
|
|
|
|
$iDbCrm = new WDB('sdv1');
|
|
|
|
|
$rep = $iDbCrm->select(//'utilisateurs', 'login, id, email, password, idClient, typeCompte, filtre_ip, civilite, nom, prenom, tel, fax, mobile, profil, raisonSociale, siret, adrNum, adrIndRep, adrTypeVoie, adrLibVoie, adrCp, adrVille, adrComp, tel, fax, mobile, pref, profil, dateInscription, dateValidation, nombreConnexions, dateDerniereConnexion, droits, referenceParDefaut, nbReponses, formatMail, dateDebutCompte, dateFinCompte, maxFicheId', "login='$login' AND actif=1", true, MYSQL_ASSOC);
|
|
|
|
|
'utilisateurs u, clients c',
|
|
|
|
|
'u.login, u.id, u.email, u.password, u.idClient, u.typeCompte, u.actif, u.filtre_ip, u.civilite, u.nom, u.prenom, u.tel, u.fax, u.mobile, u.profil, u.raisonSociale, u.siret, u.adrNum, u.adrIndRep, u.adrTypeVoie, u.adrLibVoie, u.adrCp, u.adrVille, u.adrComp, u.tel, u.fax, u.mobile, u.pref, u.profil, u.dateInscription, u.dateValidation, u.nombreConnexions, u.dateDerniereConnexion, u.droits, u.referenceParDefaut, u.nbReponses, u.formatMail, u.dateDebutCompte, u.dateFinCompte, u.maxFicheId, c.droits AS droitsClients, c.timeout',
|
|
|
|
|
"u.login='$login' AND u.idClient=c.id AND u.actif=1 AND u.deleted=0 AND c.actif='Oui'",
|
2011-01-20 14:57:03 +00:00
|
|
|
false, MYSQL_ASSOC);
|
2010-11-25 10:15:45 +00:00
|
|
|
$tabRep = $rep[0];
|
|
|
|
|
if (count($rep)>0)
|
|
|
|
|
{
|
|
|
|
|
if ($tabRep['password']==$password ||
|
|
|
|
|
$tabRep['password']==md5($password) ||
|
|
|
|
|
$password==md5($login.'|'.$tabRep['password']) ||
|
|
|
|
|
(substr($password,0,7)=='iponly:' && checkPlagesIp($tabRep['filtre_ip'], substr($password,7)))) // Controle par IP
|
|
|
|
|
{
|
|
|
|
|
$timeOutSec=$tabRep['timeout']*60;
|
|
|
|
|
if ($timeOutSec==0) $timeOutSec=1800;
|
|
|
|
|
$this->tabInfoUser=array(
|
|
|
|
|
'login'=> $login,
|
|
|
|
|
'id'=> $tabRep['id'],
|
|
|
|
|
'email'=> $tabRep['email'],
|
|
|
|
|
'typeCompte'=> $tabRep['typeCompte'],
|
|
|
|
|
'idClient'=> $tabRep['idClient'],
|
|
|
|
|
'filtre_ip'=> $tabRep['filtre_ip'],
|
|
|
|
|
'ipPasserelle'=> '',
|
|
|
|
|
'ipConnexion'=> $ipConnexion,
|
|
|
|
|
'civilite'=> $tabRep['civilite'],
|
|
|
|
|
'nom'=> $tabRep['nom'],
|
|
|
|
|
'prenom'=> $tabRep['prenom'],
|
|
|
|
|
'raisonSociale'=> $tabRep['raisonSociale'],
|
|
|
|
|
'siret'=> $tabRep['siret'],
|
|
|
|
|
'adrNum'=> $tabRep['adrNum'],
|
|
|
|
|
'adrIndRep'=> $tabRep['adrIndRep'],
|
|
|
|
|
'adrTypeVoie'=> $tabRep['adrTypeVoie'],
|
|
|
|
|
'adrLibVoie'=> $tabRep['adrLibVoie'],
|
|
|
|
|
'adrCp'=> $tabRep['adrCp'],
|
|
|
|
|
'adrVille'=> $tabRep['adrVille'],
|
|
|
|
|
'adrComp'=> $tabRep['adrComp'],
|
|
|
|
|
'tel'=> $tabRep['tel'],
|
|
|
|
|
'fax'=> $tabRep['fax'],
|
|
|
|
|
'mobile'=> $tabRep['mobile'],
|
|
|
|
|
'pref'=> $tabRep['pref'],
|
|
|
|
|
'profil'=> $tabRep['profil'],
|
|
|
|
|
'dateInscription'=> $tabRep['dateInscription'],
|
|
|
|
|
'dateValidation'=> $tabRep['dateValidation'],
|
|
|
|
|
'nombreConnexions'=> $tabRep['nombreConnexions'],
|
|
|
|
|
'dateDerniereConnexion'=> $tabRep['dateDerniereConnexion'],
|
|
|
|
|
'droits'=> $tabRep['droits'],
|
|
|
|
|
'droitsClients'=> $tabRep['droitsClients'],
|
|
|
|
|
'timeout'=> $timeOutSec,
|
|
|
|
|
'nbReponses'=> $tabRep['nbReponses'],
|
|
|
|
|
'formatMail'=> $tabRep['formatMail'],
|
|
|
|
|
'referenceParDefaut'=> $tabRep['referenceParDefaut'],
|
|
|
|
|
'dateDebutCompte'=> $tabRep['dateDebutCompte'],
|
|
|
|
|
'dateFinCompte'=> $tabRep['dateFinCompte'],
|
|
|
|
|
'maxFicheId'=> $tabRep['maxFicheId'],
|
|
|
|
|
);
|
|
|
|
|
$tabTmp = $iDbCrm->select('clients', 'typeScore', 'id='.$tabRep['idClient'], true, MYSQL_ASSOC);
|
|
|
|
|
$tabRep = $tabTmp[0];
|
|
|
|
|
$this->tabInfoUser['typeScore'] = $tabRep['typeScore'];
|
|
|
|
|
debugLog('W',"CheckAuth $login/$password OK", __LINE__,__FILE__, __FUNCTION__, __CLASS__);
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
debugLog('W',"CheckAuth $login/$password incorrect (IP=$ipConnexion)", __LINE__,__FILE__, __FUNCTION__, __CLASS__);
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
debugLog('W',"CheckAuth $login/$password inexistant ou inactif (IP=$ipConnexion)", __LINE__,__FILE__, __FUNCTION__, __CLASS__);
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
