<?php
require_once 'Metier/insee/classMInsee.php';
require_once 'Metier/insee/classMSirene.php';
require_once 'Metier/partenaires/classMBilans.php';
require_once 'Metier/partenaires/classMBourse.php';
require_once 'Metier/partenaires/classMLiens.php';
require_once 'Metier/partenaires/classMTva.php';
require_once 'Metier/partenaires/classMMap.php';
require_once 'Metier/partenaires/classMGreffes.php';
require_once 'Metier/partenaires/classMPrivileges.php';
require_once 'Metier/scores/classMFinancier.php';
require_once 'Metier/scores/classMSolvabilite.php';

require_once 'framework/mail/sendMail.php';

class WsScore
{
	/**
	 * Database configuration
	 * @var unknown
	 */
    protected $dbConfig;

    /**
     * User information
     * @var array
     */
    protected $tabInfoUser;

    /**
     * Name of Service
     * @var string
     */
	public $serviceName = null;

	/**
	 * Is a customize service
	 * @var boolean
	 */
	public $serviceClient = false;

	/**
	 * Name of Client
	 * @var string
	 */
	public $serviceClientName = null;

	/**
	 * Version of service
	 * @var string
	 */
	public $serviceVersion = null;

	/**
	 * List all application IPs
	 * @var array
	 */
	protected $listApplicationIp = array (
		'88.191.79.121', 	//Extranet
		'78.31.45.206', 	//SDSL RAMBOUILLET
	);

	/**
	 * List all permission
	 * @var array
	 */
	protected $listeDroits = array (

	    //RECHERCHE
	    'RECHCSV'       => "Export des résultats de la recherche",
	    'IPARI'         => "Investigation par l'image IparI&copy;",
	    'HISTOBODACC'	=> "Historique des annonces bodacc",
	    'INVESTIG'		=> "Investigation",
	    'SEARCHENT'     => "Recherche Entreprise",
	    'SEARCHDIR'     => "Recherche Dirigeant",
	    'SEARCHACT'     => "Recherche Actionnaire",

	    //IDENTITE
	    'IDENTITE'       => "Fiche d'identité",
	    'IDPROCOL'		 => 'Fiche procédure collective',
	    'LIENS'          => "Liens inter-entreprise",
	    'ETABLISSEMENTS' => "Liste des établissements",
	    'GROUPE'		 => "Informations et organigramme du groupe",
	    'EVENINSEE'		 => '&Eacute;vènements INSEE',
	    'AVISINSEE'		 => 'Avis de situation INSEE',

	    //DIRIGEANT
	    'DIRIGEANTS'    => "Liste des dirigeants",
	    'DIRIGEANTSOP' 	=> "Liste des dirigeants opérationnels",

	    //FINANCE
	    'SYNTHESE'      => "Synthèse",
	    'RATIOS'        => "Ratios",
	    'FLUX'          => "Flux de trésorerie",
	    'LIASSE'        => "Liasse fiscale",
	    'LIASSEXLS'     => "Export des Liasses au format XLS",
	    'UPLOADBILAN'	=> "Saisie de bilan",
	    'BOURSE'        => "Bourse & cotations",
	    'BANQUE'        => "Relations bancaires",

	    //JURIDIQUE
	    'ANNONCES'      => "Annonces légales",
	    'INFOSREG'      => "Informations réglementée",
	    'COMPETENCES'   => "Compétences territoriales",
	    'CONVENTIONS'   => "Conventions collectives",
	    'MARQUES'		=> "Marques déposées",

	    //EVALUATION
    	'INDISCORE'		=> 'indiScore&copy;',
    	'INDISCORE2'	=> 'Rapport synthetique',
    	'INDISCORE3'	=> 'Rapport complet',
    	'INDISCOREP'	=> 'indiScore+',
    	'INDISCORE2P'	=> 'Rapport synthetique+',
    	'INDISCORE3P'	=> 'Rapport complet+',
    	'SCORECSF'		=> 'Score CSF',
    	'ENQUETEC'		=> 'Enquête commerciale',
    	'AVISCREDIT'	=> 'Avis de crédit personnalisé',

	    //PIECES
    	'KBIS'			=> 'Extrait RCS',
    	'ACTES'			=> 'Pièces officielles',
    	'PRIVILEGES'	=> 'Privilèges',

	    //SURVEILLANCES
    	'SURVANNONCE'	=> 'Surveillance des annonces légales',
    	'SURVINSEE'		=> 'Surveillance des événements INSEE',
    	'SURVBILAN'		=> 'Surveillance des bilans',
    	'SURVSCORE'		=> 'Surveillance des événements sur le score',
    	'SURVACTES'		=> 'Surveillance des actes',
    	'SURVDIRIGEANTS'=> 'Surveillance des dirigeants',
    	'SURVPAIEMENTS'	=> 'Surveillance des paiements',
    	'SURVLIENS'		=> 'Surveillance des liens financiers',
    	'SURVPRIV'		=> 'Surveillance des privilèges',

	    //OPTIONS
	    'MONPROFIL'		=> 'Mon profil',
	    'EDITION'		=> 'Mode Edition',
	    'PORTEFEUILLE' 	=> 'Portefeuille',
	    'SURVLISTE'		=> 'Liste des surveillances',

	    //DIVERS
	    'INTERNATIONAL'	=> 'Recherche Internationale',
	    'BDF'			=> 'Banque de France',
	);

	protected $listeCategory = array(
	    'RECHERCHE' => array(
	        'label' => "Recherche",
	        'droits' => array('RECHCSV', 'IPARI', 'HISTOBODACC', 'INVESTIG', 'SEARCHENT',
	            'SEARCHDIR', 'SEARCHACT'),
	     ),
	    'IDENTITE' => array(
	        'label' => "Identité",
	        'droits' => array('IDENTITE','IDPROCOL', 'LIENS', 'ETABLISSEMENTS', 'GROUPE',
	            'EVENINSEE', 'AVISINSEE'),
	    ),
	    'DIRIGEANT' => array(
	        'label' => "Dirigeant",
	        'droits' => array('DIRIGEANTS','DIRIGEANTSOP'),
	    ),
	    'FINANCE' => array(
	        'label' => 'Elements Financiers',
	        'droits' => array('SYNTHESE','RATIOS','FLUX','LIASSE','LIASSEXLS', 'UPLOADBILAN',
	            'BOURSE','BANQUE'),
	    ),
	    'JURIDIQUE' => array(
	        'label' => 'Elements Juridiques',
	        'droits' => array('ANNONCES','INFOSREG','COMPETENCES','CONVENTIONS','MARQUES'),
	    ),
	    'EVALUATION' => array(
	        'label' => 'Evaluation',
	        'droits' => array('INDISCORE', 'INDISCORE2', 'INDISCORE3', 'INDISCOREP', 'INDISCORE2P',
	            'INDISCORE3P','ENQUETEC','AVISCREDIT'),
	    ),
	    'PIECES' => array(
	        'label' => 'Pièces officielles',
	        'droits' => array('KBIS', 'ACTES', 'PRIVILEGES'),
	    ),
	    'SURVEILLANCES' => array(
	        'label' => 'Surveillances',
	        'droits' => array('SURVANNONCE', 'SURVINSEE', 'SURVBILAN', 'SURVSCORE', 'SURVACTES',
	            'SURVDIRIGEANTS', 'SURVPAIEMENTS', 'SURVLIENS', 'SURVPRIV',
	        ),
	    ),
	    'OPTIONS' => array(
	        'label' => 'Options',
	        'droits' => array('MONPROFIL','SURVLISTE','PORTEFEUILLE','EDITION'),
	    ),
	    'DIVERS' => array(
	        'label' => 'Divers',
	        'droits' => array('INTERNATIONAL', 'BDF'),
	    ),
	);

	/**
	 * List preferences
	 * @var array
	 */
	protected $listePrefs = array(
		'NAF4'			=> "Afficher les anciens NAF",
		'NACE'			=> "Afficher les codes NACES",
		'NEWS'			=> "Afficher les news Google&copy;",
		'MAPPY'			=> "Afficher les fa&ccedil;ades d'immeubles",
		'CARTES'		=> "Afficher les cartes et les plans",
		'VOIRSURV'		=> "Afficher les entités sous surveillances",
		'DEMANDEREF' 	=> "Demande de référence par defaut",
		'RECHREF'		=> "Afficher le formulaire de recherche par référence",
	);

	/**
	 * List logs for facturation
	 * @var unknown_type
	 */
	protected $logs = array(
	    'identite' => array(
	        'label' => "Identité"
	    ),
	    'liens' => array(
	        'label' => "Liens Inter-Entreprise"
	    ),
	    'etablissements' => array(
	        'label' => "Etablissements"
	     ),
	    'dirigeants' => array(
	        'label' => "Dirigeants"
	    ),
	    'annonces' => array(
	        'label' => "Annonces légales",
	    ),
	    'indiscore' => array(
	        'label' => "Indiscore",
	    ),
	    'indiscorep' => array(
	        'label' => "Indiscore+",
	     ),
	    'indiscore2' => array(
	        'label' => "Rapport",
	    ),
	    'indiscore2p' => array(
	        'label' => "Rapport avec suivi",
	    ),
	    'indiscore3' => array(
	        'label' => "Rapport complet",
	    ),
	    'indiscore3p' => array(
	        'label' => "Rapport complet avec suivi",
	    ),
	    'evenements' => array(),
	    'tva' => array(),
	    'infosreg' => array(
	        'label' => "Informations réglementées",
	    ),
	    'bourse' => array(
	        'label' => "Information boursière"
	    ),
	    'bilan' => array(
	        'label' => "Liasse fiscale",
	    ),
	    'sirenExiste' => array(),
	    'ratios' => array(
	        'label' => "Ratios",
	    ),
	    'rapport1' => array(
	        'label' => "Rapport complet 1",
	    ),
	    'rapport2' => array(
	        'label' => "Rapport complet 2",
	    ),
	    'rapport3' => array(
	        'label' => "Rapport complet 3",
	    ),
	    'banque' => array(
	        'label' => "Relations banquaires",
	     ),
	    'competences' => array(),
	    'privdetail' => array(
	        'label' => "Détails des privilèges",
	    ),
	    'privcumul' => array(
	        'label' => "Privilèges cumulés",
	    ),
	    'conventions' => array(
	        'label' => "Conventions collectives",
	    ),
	    'marques' => array(
	        'label' => "Marques déposés",
	    ),
	    'kbis' => array(
	        'label' => "Extrait RCS",
	    ),
	    'dirigeantsop' => array(
	        'label' => "Dirigeants opérationels",
	    ),
	    'groupesarbo' => array(
	        'label' => "Arborescence de groupes",
	    ),
	    'groupeinfos' => array(
	        'label' => "Informations groupe",
	    ),
	);

	/**
	 * List of error code send as SoapFault
	 * @var unknown_type
	 */
	public $listError = array(
		'0900' => "Identifiant ou mot de passe incorrect",
		'0901' => "Accès WS non authorisé pour cet utilisateur",
		'0902' => "Méthode non authorisée dans votre profil",
		'0903' => "Période d'accès au service invalide",
		'0904' => "Adresse IP Invalide",
		'1010' => 'Siren invalide',
		'1011' => 'Identifiant invalide',
		'1020' => 'Siren inexistant',
		'1021' => 'Type d\'identifiant inexistant',
		'1030' => 'Aucun résultat pour ce siren en base',
		'3000' => 'Service disponible',
		'9000' => 'Service S&D indisponible',
		'9001' => 'Service partenaire indisponible',
		'9002' => 'Méthode provisoirement indisponible',
		'9003' => 'Version du service désactivé',
		'9004' => 'Version du service inexistant',
		'9010' => 'Fichier indisponible',
		'9020' => 'Requête incorrecte',
	);

	public function __construct()
	{
		define ('DATETIME',		date('YmdHis'));
		define ('DATE',			substr(DATETIME,0,8));
		define ('TIME',			substr(DATETIME,8,6));
		define ('DATE_LISIBLE',	substr(DATETIME,6,2).'/'.substr(DATETIME,4,2).'/'.substr(DATETIME,0,4));
		define ('TIME_LISIBLE',	substr(DATETIME,8,2).':'.substr(DATETIME,10,2).':'.substr(DATETIME,12,2));

		//Load database configuration
		$c = Zend_Registry::get('config');
		$this->dbConfig = $c->profil;
	}

	/**
	 * Send SoapFault with code and messade define
	 * @param string $code
	 * @throws SoapFault
	 */
	protected function sendError($code)
	{
		$message = 'Erreur inconnue';
		if (array_key_exists($code, $this->listError)){
			$message = $this->listError[$code];
		}
		throw new SoapFault($code,$message);
		exit;
	}

	/**
	 * Enregistre l'appel utilisateur à une méthode
	 * @param $service
	 * @param $siret
	 * @param $ref
	 * @return void
	 */
	protected function wsLog($service, $siret='', $ref='')
	{
		$iDbCrm = new WDB('sdv1');

		//Is it a test
		if ($this->tabInfoUser['clientTest']=='Oui' || $this->tabInfoUser['typeCompte']=='TEST') {
			$test=1;
		} else {
			$test=0;
		}

		//Get login service
		$sql = "SELECT * FROM utilisateurs_service WHERE login='".$this->tabInfoUser['login']."'";
		$result = $iDbCrm->query($sql);
		if ( mysql_num_rows($result) == 0 ) {
		    $loginService = 'default';
		} else {
		    $row = mysql_fetch_assoc($result);
		    $loginService = $row['serviceCode'];
		}

		//Update count access to a service
		$sql = "UPDATE logsCount SET conso=conso+1 WHERE jour=CURDATE() AND idClient=".$this->tabInfoUser['idClient'].
		    " AND service='".$loginService."' AND log='".$service."'";
		$iDbCrm->query($sql);
		$updateOk = $iDbCrm->getAffectedRows();
		//If not insert
		if ($updateOk==0) {
		    $sql = "INSERT INTO logsCount (jour, idClient, service, log, conso) ".
		            "VALUES (NOW(), ".$this->tabInfoUser['idClient'].", '".$loginService."', '".$service."', 1) ";
		    $iDbCrm->query($sql);
		}

		if (strlen($siret)==14) {
		    $siren = substr($siret,0,9);
		    $nic = substr($siret,9,5);
		} elseif (strlen($siret)==9) {
		    $siren=$siret;
		    $nic='';
		}

		$rs = '';
		$cp = '';
		$vil = '';

		$tabRdvInsee = array();
		if (in_array($service, array(
				'identite',
				'greffe_bilans',
				'greffe_actes',
				'liens',
				'dirigeants',
				'etablissements',
				'dirigeantsOp',
				'kbis',
				'indiscore', 'indiscore2', 'indiscore3', 'rapport2', 'rapport3'))
		) {
			if 		(intval($siren)>1000 && intval($nic)>9)	$strNic=" AND nic=$nic ";
			elseif 	(intval($siren)==0 && $ref>0)	$strNic=" AND id=$ref ";
			elseif 	(intval($siren)>1000)			$strNic=" AND siege=1 ORDER BY actif DESC, nic DESC ";
			else	return;
			$rep = $iDbCrm->select('jo.etablissements',
				'siren, nic, actif, siege, raisonSociale, adr_cp, adr_ville, source',
				"siren=$siren $strNic", false, MYSQL_ASSOC);
			$tabRep = $rep[0];
			$rs = $tabRep['raisonSociale'];
			$cp = $tabRep['adr_cp'];
			$vil = $tabRep['adr_ville'];
			$tabRdvInsee['source']=$tabRep['source'];
			if ($tabRep['actif']==0)
				$tabRdvInsee['actifInsee']=0;
			elseif (intval($siren)>1000) {
				$tabRdvInsee['actifInsee']=1;
				$rep=$iDbCrm->select('jo.rncs_entrep', 'count(*) AS nb', "siren=$siren", false, MYSQL_ASSOC);
				$tabRep=$rep[0];
				if ($tabRep['nb']>0)	$tabRdvInsee['source']=5;
			}
		}
		$tabInsert = array(
			'login'			=> $this->tabInfoUser['login'],
			'idClient'		=> $this->tabInfoUser['idClient'],
			'page'			=> $service,
			'siren'			=> $siren,
			'nic'			=> $nic,
			'params'		=> $ref,
			'test'			=> $test,
			'raisonSociale'	=> $rs,
			'cp'			=> $cp,
			'ville'			=> $vil,
			'ipClient'		=> $this->tabInfoUser['ipConnexion'],
		);
		$rep = $iDbCrm->insert('logs', array_merge($tabInsert,$tabRdvInsee), false, true);
	}

	/**
	 * Retourne une erreur soap lors d'une mauvaise authentification
	 * @throws SoapFault
	 */
	protected function authenticate()
	{
		$auth = $this->checkAuth($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'], $_SERVER['REMOTE_ADDR']);
		if ( $auth === false ) {
			$this->sendError('0900');
		} elseif ( $auth !== true ) {
			$this->sendError($auth);
		}
	}

	protected function permission($perm)
	{
		if ( !$this->checkPerm($perm) ){
			$this->sendError('0902');
		}
	}


	protected function checkLimit($log)
	{
	    //Get login service
	    $sql = "SELECT * FROM utilisateurs_service WHERE login='".$this->tabInfoUser['login']."'";
	    $result = $iDbCrm->query($sql);
	    if ( mysql_num_rows($result) == 0 ) {
	        $loginService = 'default';
	    } else {
	        $row = mysql_fetch_assoc($result);
	        $loginService = $row['serviceCode'];
	    }

	    //Read if client has pricing for this service
	    $pricing = $iDbCrm->select('clients_tarifs', 'login, service',
	            "log='".$log."' AND idClient=" . $this->tabInfoUser['idClient'] .
	            " AND service='".$loginService."'" .
	            " ORDER BY dateDebut DESC LIMIT 1");

	    if ( count($pricing)>0 ) {
	        //Limit
	    }
	}

	/**
	 * checkAccesWS
	 * @throws SoapFault
	 */
	protected function checkAccesWS()
	{
		//Vérifier que l'utilisateur à le droit accesWS (clients/utilisateurs)
		$accesWs = $this->tabInfoUser['accesWS'];
		if ($accesWs){
			$this->sendError('0901');
		}
	}

	/**
	 * checPerm
	 * @param string $perm
	 * @throws SoapFault
	 */
	protected function checkPerm($perm)
	{
		$droits = $this->tabInfoUser['droits'];
		$output = false;
		if ( preg_match('/\b'.$perm.'\b/i', $droits) ){
			$output = true;
		}
		return $output;
	}

	/**
	 * Check if the user could edit data
	 */
	protected function checkEdition()
	{
	    if ($this->tabInfoUser['idClient']==1)
	        return true;

	    if ($this->checkPerm('edition'))
	        return true;

	    return false;
	}


	/**
	 * checkAuth
	 * @param string $login
	 * @param string $password
	 * @param string $ipConnexion
	 * @return mixed
	 */
	protected function checkAuth($login, $password, $ipConnexion)
	{
		$iDbCrm = new WDB('sdv1');
		$rep = $iDbCrm->select(
			'utilisateurs u, clients c',
			'u.login, u.id, u.email, u.password, u.idClient, u.typeCompte, u.actif, u.filtre_ip, u.profil, '.
			'u.civilite, u.nom, u.prenom, u.tel, u.fax, u.mobile, '.
			'u.pref, u.rechRefType, u.profil, u.nombreConnexions, u.dateDerniereConnexion, u.droits, '.
			'u.referenceParDefaut, u.nbReponses, u.formatMail, u.dateDebutCompte, u.dateFinCompte, u.accesWS, '.
			'u.acceptationCGU, '.
			'c.droits AS droitsClients, c.test AS clientTest, c.typeScore, c.timeout',
			"u.login='$login' AND u.idClient=c.id AND u.actif=1 AND u.deleted=0 AND c.actif='Oui'",
			false, MYSQL_ASSOC
		);
		if (count($rep)>0)
		{
			// Récupération des informations de connexion
			$tabRep = $rep[0];
			if ( $tabRep['password']==$password
				|| $tabRep['password']==md5($password)
				|| $password==md5($login.'|'.$tabRep['password'])
				|| ( substr($password,0,7)=='iponly:' && checkPlagesIp($tabRep['filtre_ip'], substr($password,7))) )
			{
				$timeOutSec = $tabRep['timeout'];
				if ($timeOutSec==0)	$timeOutSec=1800;
				$this->tabInfoUser = array(
					'login'					=> $login,
					'id'					=> $tabRep['id'],
					'civilite'				=> $tabRep['civilite'],
					'nom'					=> $tabRep['nom'],
					'prenom'				=> $tabRep['prenom'],
					'tel'					=> $tabRep['tel'],
					'fax'					=> $tabRep['fax'],
					'mobile'				=> $tabRep['mobile'],
					'email'					=> $tabRep['email'],
					'typeCompte'			=> $tabRep['typeCompte'],
					'idClient'				=> $tabRep['idClient'],
					'filtre_ip'				=> $tabRep['filtre_ip'],
					'ipConnexion'			=> $ipConnexion,
					'pref'					=> $tabRep['pref'],
					'rechRefType'			=> $tabRep['rechRefType'],
					'profil'				=> $tabRep['profil'],
					'nombreConnexions'		=> $tabRep['nombreConnexions'],
					'dateDerniereConnexion'	=> $tabRep['dateDerniereConnexion'],
					'droits'				=> $tabRep['droits'],
					'droitsClients'			=> $tabRep['droitsClients'],
					'timeout'				=> $timeOutSec,
					'clientTest'			=> $tabRep['clientTest'],
					'typeScore'				=> $tabRep['typeScore'],
					'nbReponses'			=> $tabRep['nbReponses'],
					'formatMail'			=> $tabRep['formatMail'],
					'referenceParDefaut'	=> $tabRep['referenceParDefaut'],
					'dateDebutCompte'		=> $tabRep['dateDebutCompte'],
					'dateFinCompte'			=> $tabRep['dateFinCompte'],
					'acceptationCGU'		=> $tabRep['acceptationCGU']
				);
				debugLog('W',"CheckAuth $login/$password OK", __LINE__,__FILE__, __FUNCTION__, __CLASS__);

				/**
				 * Date de debut de compte
				 */
				if ( !empty($tabRep['dateDebutCompte']) && $tabRep['dateDebutCompte']!='0000-00-00' ) {
					$today = mktime(0, 0, 0, date('m'), date('d'), date('Y'));
					$dateDebutCompte = mktime(0, 0, 0, substr($tabRep['dateDebutCompte'],5,2), substr($tabRep['dateDebutCompte'],8,2), substr($tabRep['dateDebutCompte'],0,4));
					if ( $today < $dateDebutCompte ) {
						return '0903';
					}
				}

				/**
				 * Date de fin de compte
				 */
				if ( !empty($tabRep['dateFinCompte']) && $tabRep['dateFinCompte']!='0000-00-00' ) {
					$today = mktime(0, 0, 0, date('m'), date('d'), date('Y'));
					$dateFinCompte = mktime(0, 0, 0, substr($tabRep['dateFinCompte'],5,2), substr($tabRep['dateFinCompte'],8,2), substr($tabRep['dateFinCompte'],0,4));
					if ( $today > $dateFinCompte) {
						return '0903';
					}
				}

				/**
				 * Acces WS, block access to other apps
				 */
				if ($tabRep['accesWS']==1) {

				    // Webservice user don't need access to others apps
				    if ( in_array($ipConnexion, $this->listApplicationIp) && $tabRep['idClient']!=1 ) {

				        return '0901';

				    } elseif ($ipConnexion!='127.0.0.1') {

    					// For customized version, check user is in the good service
    					$clients = include APPLICATION_PATH . '/../library/WsScore/Clients/ClientsConfig.php';
    					foreach( $clients as $section => $params ){
    					    if ($params['actif']) {
    					        $wsClients[$params['idClient']] = $section;
    					    }
    					}
    					if ( array_key_exists($this->tabInfoUser['idClient'], $wsClients) && ( $this->serviceClient == false
    					        || strtolower($this->serviceClientName)!=$wsClients[$this->tabInfoUser['idClient']] ) ){
    					    return '0901';
    					}

					}
				}

				return true;
			}
			debugLog('W',"CheckAuth $login/$password incorrect (IP=$ipConnexion)", __LINE__,__FILE__, __FUNCTION__, __CLASS__);
			return false;
		}
		debugLog('W',"CheckAuth $login/$password inexistant ou inactif (IP=$ipConnexion)", __LINE__,__FILE__, __FUNCTION__, __CLASS__);
		return false;
	}

}