D6/Cleo
2
0
Fork 0
Code Issues 9 Pull Requests Actions Packages Projects Releases Activity

Initial commit - Application CLEO de gestion de devis

Browse Source 
- Architecture MVC avec framework maison d6
- Modules : devis, clients, marchés, SAP
- Documentation initiale (README et TODO)
- Configuration Composer avec dépendances

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Pierre
2025-09-11 18:26:07 +02:00
commit 046c23f2d2
2378 changed files with 163904 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
pub/res/d6/blocks/footer-script-labs.php Normal file
View File

@@ -0,0 +1,57 @@
<script src="/pub/res/js/jquery-2.2.0.min.js" type="text/javascript"></script>
<script src="/pub/res/jquery-ui-1.11.4/jquery-ui.js" type="text/javascript"></script>
<script src="/pub/res/bs-3.3.7/js/bootstrap.min.js" type="text/javascript"></script>
<?php
global $Route;
if ($Route->_form == 1) { ?>
<script type="text/javascript">
let d6Month = new Array();
d6Month[0] = "Janvier";
d6Month[1] = "Février";
d6Month[2] = "Mars";
d6Month[3] = "Avril";
d6Month[4] = "Mai";
d6Month[5] = "Juin";
d6Month[6] = "Juillet";
d6Month[7] = "Août";
d6Month[8] = "Septembre";
d6Month[9] = "Octobre";
d6Month[10] = "Novembre";
d6Month[11] = "Décembre";
let d6DateDuJour = new Date();
$('.montant').keyup(function () {
this.value = this.value.replace(/[^0-9\.]/g, '');
});
</script>
<?php
}
if ($Route->_chart == 1) {
?>
<script src="/pub/res/js/chart-4.2.5.js" type="text/javascript"></script>
<?php }
if ($Route->_scheduler == 1 or $Route->_agenda == 1) {
?>
<script src="/res/fc-3.4.0/fullcalendar.min.js" type="text/javascript"></script>
<script src="/res/fc-3.4.0/locale/fr.js" type="text/javascript"></script>
<script src="/res/fc-3.4.0/gcal.min.js" type="text/javascript"></script>
<?php
if ($Route->_scheduler == 1) {
?>
<script src="/res/fc-scheduler-1.6.2/scheduler.min.js" type="text/javascript"></script>
<?php
}
}
if ($Route->_autocomplete == 1) { ?>
<script src="/pub/res/js/autocomplete.js" type="text/javascript"></script><?php }
if ($Route->_sidebar == 1) { ?>
<script src="/res/sidebar/sidebar.js" type="text/javascript"></script><?php }
if ($Route->_osm == 1) { ?>
<script src="/res/mini/js/osm-0.7.7.1.min.js" type="text/javascript"></script><?php }
if ($Route->_vuejs != "") {
?>
<script src="/pub/res/vuejs/vue.global.prod_3.1.1.js"></script>
<script src="<?= $Route->_vuejs; ?>"></script>
<?php
}
?>

93
pub/res/d6/blocks/meta-css-labs.php Normal file
View File

@@ -0,0 +1,93 @@
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta charset="UTF-8">
<!--[if IE]>
<meta http-equiv="X-UA-Compatible" content="IE=edge"/>
<![endif]-->
<?php if ($Route->_script == "map") {
?>
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"><?php
} else {
?>
<meta name="viewport" content="width=device-width, initial-scale=1"><?php
}
?>
<title><?= $Conf->_apptitle; ?> | <?= $Route->_titre; ?></title>
<meta name="description" content="<?= $Route->_description; ?>">
<meta name="keywords" content="<?= $Route->_keywords; ?>">
<meta name="author" content="d6soft.fr">
<?php
if ($Conf::intra || $Conf::admin > 0) {
?>
<meta name="robots" content="noindex, nofollow"><?php
} else {
?>
<meta name="robots" content="index, follow"><?php
}
?>
<meta name="HandheldFriendly" content="True">
<meta name="MobileOptimized" content="320">
<meta name="apple-mobile-web-app-capable" content="yes">
<link rel="icon" href="favicon.ico"/>
<link rel="shortcut icon" href="favicon.ico"/>
<link rel="apple-touch-icon" href="favicon.ico"/>
<link rel="icon" type="image/png" href="favicon.png"/>
<!--[if lt IE 9]>
<script src="/res/js/html5shiv.min.js"></script>
<script src="/res/js/respond.min.js"></script>
<![endif]-->
<?php
switch ($Conf::admin) {
case 1:
$partCss = "adm";
break;
case 2:
$partCss = "mob";
if ($Route->_script == "map") {
$partCss = "mob-map";
}
break;
default:
$partCss = "user";
break;
}
?>
<link href="/pub/res/bs-3.3.7/css/bootstrap.min.css" rel="stylesheet" type="text/css"/>
<link href="/pub/res/fa-4.7.0/css/font-awesome.min.css" rel="stylesheet" type="text/css"/>
<link href="/pub/res/css/d6-global.css" rel="stylesheet" type="text/css"/>
<link href="/pub/res/css/d6-bs3.css" rel="stylesheet" type="text/css"/>
<?php
if ($Route->_form == 1) {
?>
<!-- <link href="/pub/res/jquery-ui-1.11.4/jquery-ui.min.css" rel="stylesheet" type="text/css"/>
<link href="/pub/res/css/jquery.datetimepicker.min.css" rel="stylesheet" type="text/css"/>
<link href="/res/sn-0.8.3/summernote.css" rel="stylesheet" type="text/css"/> -->
<link href="/pub/res/css/flat-form.css" rel="stylesheet" type="text/css"/>
<?php
}
//! On charge un CSS spécifique au site
$cssFile = $partCss . '.css';
if (file_exists(RESROOT . DS . 'css' . DS . $cssFile)) {
?>
<link href="/pub/res/css/<?= $cssFile; ?>" rel="stylesheet" type="text/css"><?php
}
if ($Route->_agenda || $Route->_scheduler == 1) {
?>
<link href="/res/fc-3.4.0/fullcalendar.min.css" rel="stylesheet" type="text/css"/>
<link href="/res/fc-3.4.0/fullcalendar.print.css" rel="stylesheet" media="print"/>
<?php
if ($Route->_scheduler) {
?>
<link href="/res/fc-scheduler-1.6.2/scheduler.min.css" rel="stylesheet" type="text/css"/>
<?php
}
}
if ($Route->_sidebar == 1) { ?>
<link href="/res/sidebar/sidebar.css" rel="stylesheet" type="text/css"/><?php }
if ($Route->_osm == 1) { ?>
<link href="/res/mini/css/osm-0.7.7.min.css" rel="stylesheet" type="text/css"/><?php }

370
pub/res/d6/d6_tools.php Normal file
View File

@@ -0,0 +1,370 @@
<?php
setlocale(LC_ALL, 'fr', 'fr_FR', 'french', 'fra', 'fra_FRA', 'fr_FR.ISO_8859-1', 'fra_FRA.ISO_8859-1', 'fr_FR.utf8', 'fr_FR.utf-8', 'fra_FRA.utf8', 'fra_FRA.utf-8');
$today = date("Y-m-d H:i:s");
$dateFr = date("d/m/Y");
$dateTimeFr = date("d/m/Y H:i:s");
$timeFr = date("H:i:s");
$jour = array("Dimanche", "Lundi", "Mardi", "Mercredi", "Jeudi", "Vendredi", "Samedi");
$jour_abr = array("Dim", "Lun", "Mar", "Mer", "Jeu", "Ven", "Sam");
$mois = array("", "Janvier", "Février", "Mars", "Avril", "Mai", "Juin", "Juillet", "Août", "Septembre", "Octobre", "Novembre", "Décembre");
$mois_abr = array("", "Jan", "Fév", "Mar", "Avr", "Mai", "Jui", "Jul", "Aoû", "Sep", "Oct", "Nov", "Déc");
function getinfos($cSQL, $dbn = "gen", $format = "normal") {
$result = array();
$resql = qSQL($cSQL, $dbn);
while ($rec = $resql->fetch_assoc()) {
$result[] = $rec;
}
if (strtolower($format) == "json") {
$jsonresult = json_encode($result);
$lignes = $jsonresult;
return $lignes;
} else {
return $result;
}
}
//! qSQL : fonction de requête SQL à la base de données
function qSQL($qsql, $dbn = "gen", $lastid = false) {
global $Conf;
$dbh = $Conf->_dbhost;
//! si en paramètre on spécifie une base de données $dbn, on s'y connecte,
//! sinon on regarde si la base utilisateur est renseignée, si c'est le cas on s'y connecte, sinon on prend la base par défaut
if ($dbn == "gen") {
if ($Conf->_dbuname == "") {
$dbn = $Conf->_dbname;
$dbu = $Conf->_dbuser;
$dbp = $Conf->_dbpass;
} else {
$dbn = $Conf->_dbuname;
$dbu = $Conf->_dbuuser;
$dbp = $Conf->_dbupass;
}
} else {
if (strtolower($dbn) == "principale" || strtolower($dbn) == "frontal") {
$dbn = $Conf->_dbname;
$dbu = $Conf->_dbuser;
$dbp = $Conf->_dbpass;
} else {
if (strtolower($dbn) == "credemo") {
$dbn = $Conf->_dbcname;
$dbu = $Conf->_dbcuser;
$dbp = $Conf->_dbcpass;
} else {
//! sinon on prend le groupe
$dbn = $Conf->_dbgname;
$dbu = $Conf->_dbguser;
$dbp = $Conf->_dbgpass;
}
}
}
$mysqli = new mysqli($dbh, $dbu, $dbp, $dbn);
$mysqli->set_charset("utf8");
if ($mysqli->connect_error) {
// la connexion ne s'est pas faite
$mysqli->close();
return false;
} else {
// la connexion s'est faite correctement
if ($qres = $mysqli->query($qsql)) {
if ($lastid) {
$qres = $mysqli->insert_id;
}
$mysqli->close();
return $qres;
} else {
$mysqli->close();
return false;
}
}
}
function hashPsswd($p) {
$options = [
'cost' => 11, // Cout algorithmique
];
// Génération du MDP
$psswd = password_hash($p, PASSWORD_BCRYPT, $options);
return $psswd;
}
function createPsswd($id, $p, $dbgen = "gen") {
global $Conf;
global $Route;
$psswd = hashPsswd($p);
if ($Conf::admin) {
if (substr($Conf->_appname, 0, 3) == "ce_") {
if ($Route->_script == "salaries") {
$sql = 'UPDATE salaries SET userpswd="' . $psswd . '", userpass="xxx" WHERE rowid=' . $id . ';';
} else {
$sql = 'UPDATE users SET userpswd="' . $psswd . '", userpass="xxx" WHERE rowid=' . $id . ';';
}
} else {
$sql = 'UPDATE users SET userpswd="' . $psswd . '", userpass="xxx" WHERE rowid=' . $id . ';';
}
} else {
$sql = 'UPDATE salaries SET userpswd="' . $psswd . '", userpass="xxx" WHERE rowid=' . $id . ';';
}
qSQL($sql);
eLog($sql);
return true;
}
function checkPsswd($p, $pCr) {
// Récupération et vérification du MDP saisi par l'utilisateur
// $p : le pass en clair, $pCr : le pass enregistré et hashé
if (password_verify($p, $pCr)) {
return true;
} else {
return false;
}
}
function generateRandomPassword() {
//Initialize the random password
$password = '';
//Initialize a random desired length
$desired_length = rand(8, 12);
for ($length = 0; $length < $desired_length; $length++) {
//Append a random ASCII character (including symbols)
$password .= chr(rand(44, 122));
}
// On remplace quelques caractères non désirés
$password = str_replace("/", "&", $password);
$password = str_replace("<", "!", $password);
$password = str_replace(">", "!", $password);
$password = str_replace("=", "#", $password);
$password = str_replace("\\", "&", $password);
$password = str_replace("^", "%", $password);
$password = str_replace(chr(96), "#", $password);
return $password;
}
function eLog($comment, $notif = false) {
global $Session;
global $Route;
global $Conf;
if (!empty($_SERVER["HTTP_CLIENT_IP"])) {
$ip = $_SERVER["HTTP_CLIENT_IP"];
} elseif (!empty($_SERVER["HTTP_X_FORWARDED_FOR"])) {
$ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
} else {
$ip = $_SERVER["REMOTE_ADDR"];
}
$hn = getHostByName($ip);
$ha = @getHostByAddr($hn);
$us = $_SERVER["HTTP_USER_AGENT"];
if (isset($Session->_user["rowid"])) {
$user = $Session->_user["rowid"];
if ($user == "") {
$user = 0;
}
} else {
$user = 0;
}
$script = $Route->_script;
$comment = nettoie_input($comment);
$dt = date("Y-m-d H:i:s");
if ($notif) {
$not = 1;
} else {
$not = 2;
}
$sql = 'INSERT INTO z_logs (date, ip, host, adrhost, infos, fk_user, page, commentaire, chk_notif) VALUES ("' . $dt . '", "' . $ip . '", "' . $hn . '", "' . $ha . '", "' . $us . '", "' . $user . '", "' . $script . '", "' . $comment . '", ' . $not . ');';
qSQL($sql, "gen");
if (strpos(strtolower($comment), 'erreur') !== false) {
//! S'il y a spécifiquement une erreur on l'enregistre dans un fichier log à la racine du site
error_log($dt . ";" . $ip . ";" . $script . ";" . $comment . "\r\n", 3, "./" . $Conf->_appname . ".log");
}
}
function logstats($delay = 0, $fk_user = 0, $appname = "") {
global $Conf;
$dt = date("Y-m-d H:i:s");
$exclude_clients_ip = "aucune";
if (isset($Conf->_excludeIp)) {
$exclude_clients_ip = $Conf->_excludeIp;
}
if (isset($Conf->_clientIp)) {
$client_ip = $Conf->_clientIp;
} else {
if (!empty($_SERVER["HTTP_CLIENT_IP"])) {
$client_ip = $_SERVER["HTTP_CLIENT_IP"];
} elseif (!empty($_SERVER["HTTP_X_FORWARDED_FOR"])) {
$client_ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
} else {
$client_ip = $_SERVER["REMOTE_ADDR"];
}
}
$verif_ip = strpos($exclude_clients_ip, $client_ip);
if ($verif_ip === false) {
$home = $_SERVER["HOME"];
$doc_root = $_SERVER["DOCUMENT_ROOT"];
$doc_root = substr($doc_root, strlen($home));
$sql = 'INSERT INTO z_stats SET ';
$sql .= 'date="' . $dt . '", ';
$sql .= 'root="' . $doc_root . '", ';
$sql .= 'server_ip="' . $_SERVER["SERVER_ADDR"] . '", ';
$sql .= 'server_soft="' . $_SERVER["SERVER_SOFTWARE"] . '", ';
$sql .= 'server_name="' . $_SERVER["SERVER_NAME"] . '", ';
$sql .= 'client_ip="' . $client_ip . '", ';
$sql .= 'client_browser="' . $_SERVER["HTTP_USER_AGENT"] . '", ';
if (isset($_SERVER["HTTP_REFERER"])) {
$sql .= 'client_origine="' . $_SERVER["HTTP_REFERER"] . '", ';
}
$sql .= 'client_page="' . $_SERVER["REQUEST_URI"] . '", ';
$sql .= 'client_delay=' . str_replace(',', '.', $delay) . ', ';
$sql .= 'appname="' . $appname . '", ';
$sql .= 'fk_user=' . $fk_user . ', ';
$sql .= 'status="' . $_SERVER["REDIRECT_STATUS"] . '";';
// server : 51.255.35.214
$mysqli = new mysqli("localhost", "logs_user", "d66,Logs.User", "logs");
$mysqli->set_charset("utf8");
$mysqli->query($sql);
$mysqli->close();
}
}
//! *****************************************************************************************//
//! nettoie_input : prépare une zone d'un formulaire avant son enregistrement dans la base //
//! En paramètre, on passe la valeur à nettoyer //
//! *****************************************************************************************//
function nettoie_input($data) {
if (ctype_digit($data)) {
$data = intval($data);
} else {
global $Conf;
$dbn = $Conf->_dbname;
$mysqli = new mysqli($Conf->_dbhost, $Conf->_dbuser, $Conf->_dbpass, $dbn);
$mysqli->set_charset("utf8");
$data = mysqli_real_escape_string($mysqli, $data);
// $data = addcslashes($data, '%_');
$mysqli->close();
}
return $data;
}
function str_normalize($string, $minuscules = true) {
//! Normalise une chaîne de caractères en remplaçant tous les caractères accentués, les espaces et caractères spéciaux
$result = "";
$string = trim($string); // on efface tous les espaces à gauche et à droite
if (strlen($string) > 0) {
if ($minuscules) {
$result = strtolower($string);
} else {
$result = $string;
}
$result = str_replace(" ", "_", $result);
//$result = str_replace("-", "_", $result);
//$result = str_replace(".", "_", $result);
$result = str_replace("é", "e", $result);
$result = str_replace("è", "e", $result);
$result = str_replace("ê", "e", $result);
$result = str_replace("ë", "e", $result);
$result = str_replace("à", "a", $result);
$result = str_replace("â", "a", $result);
$result = str_replace("ä", "a", $result);
$result = str_replace("ô", "o", $result);
$result = str_replace("ö", "o", $result);
$result = str_replace("ù", "u", $result);
$result = str_replace("û", "u", $result);
$result = str_replace("ü", "u", $result);
$result = str_replace("ç", "c", $result);
$result = str_replace("'", "", $result);
$result = str_replace("\"", "", $result);
$result = str_replace("/", "", $result);
$result = str_replace("(", "_", $result);
$result = str_replace(")", "_", $result);
$result = str_replace("!", "_", $result);
//! Ajout du 08/12/2015
$result = str_replace("?", "_", $result);
$result = trim($result);
}
return $result;
}
function affiche_date($ladate) {
/**
* This is a sample function to illustrate additional PHP formatter
* options.
* @param $ladate date au format MySQL
*
* @return String date au format Fr dd/mm/yyyy
* @author D6SOFT
*
*/
//! Retourne une date MySQL yyyy-mm-dd HH:ii:ss au format dd/mm/yyyy
$ladate = trim($ladate);
if ($ladate == "" || substr($ladate, 0, 2) == "00") {
return "";
} else {
if (strlen($ladate) < 10) {
return "";
} else {
$theday = substr($ladate, 8, 2) . "/" . substr($ladate, 5, 2) . "/" . substr($ladate, 0, 4);
return $theday;
}
}
}
function d6GetDate($laDate, $transform = "MF", $hours = false, $seconds = false) {
//! Retourne une date
//! $format="MF" du format MySQL yyyy-mm-dd au format Fr dd/mm/yyyy
//! $format="FM" du format Fr dd/mm/yyyy au format MySQL yyyy-mm-dd
$ret = "";
if (strlen($laDate) >= 10) {
if ($transform == "FM") {
$ret = substr($laDate, -4) . "-" . substr($laDate, 3, 2) . "-" . substr($laDate, 0, 2);
} else {
$ret = substr($laDate, -2) . "/" . substr($laDate, 5, 2) . "/" . substr($laDate, 0, 4);
}
}
return $ret;
}
function loadtel($numero, $prefix = "+33") {
//! retourne un numéro de téléphone sans espace et . et avec le préfixe devant : +33 par défaut
$lenumero = trim($numero);
$lenumero = preg_replace('/[^0-9]/', '', $lenumero);
if (strlen($lenumero) == 10) {
$lenumero = substr($lenumero, 1);
}
if (strlen($lenumero) == 9) {
$lenumero = $prefix . $lenumero;
}
return $lenumero;
}
function formattel($numero, $separateur = " ") {
//! formate le n° de téléphone de 651234567 ou 0651234567 en 06 51 23 45 67
if (strlen($numero) == 9) {
$numero = "0" . $numero;
}
if (strlen($numero) == 10) {
$numero = substr($numero, 0, 2) . $separateur . substr($numero, 2, 2) . $separateur . substr($numero, 4, 2) . $separateur . substr($numero, 6, 2) . $separateur . substr($numero, 8, 2);
}
return $numero;
}

110
pub/res/d6/lib_cleo.php Normal file
View File

@@ -0,0 +1,110 @@
<?php
/** FONCTIONS PROPRES A UNIKOFFICE LINET **/
use PHPMailer\PHPMailer\PHPMailer;
function envoieMail($dest, $sujet, $message, $copieFrom = "")
{
$smtp_host = 'barbotte.o2switch.net';
$smtp_username = 'cleo@unikoffice.com';
$smtp_userpass = "sGZN#C9E4U";
$smtpOrga = "CLEO - Gestion Devis";
$from = $smtp_username;
$smtp_auth = true;
$smtp_secure = 'ssl';
$smtp_port = 465;
$mail = new PHPMailer;
$mail->CharSet = 'UTF-8';
// $mail->Encoding = "base64";
$mail->SMTPDebug = 0; // 0 no debug 3 Enable verbose debug output
// $mail->setLanguage('fr', '/optional/path/to/language/directory/');
$mail->isSMTP(); // Set mailer to use SMTP
$mail->Host = $smtp_host;
$mail->SMTPAuth = $smtp_auth; // Enable SMTP authentication
$mail->Username = $smtp_username; // SMTP username
$mail->Password = $smtp_userpass; // SMTP password
$mail->SMTPSecure = $smtp_secure; // Enable TLS encryption, `ssl` also accepted
$mail->Port = $smtp_port; // TCP port to connect to
$mail->SMTPOptions = array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
'allow_self_signed' => true
)
);
$mail->addCustomHeader('Content-type', 'text/html; charset=UTF-8');
$mail->From = $from;
$mail->FromName = $smtpOrga;
$mail->addAddress(trim($dest));
if ($copieFrom != "") {
$mail->addReplyTo($copieFrom);
$mail->addCC($copieFrom);
}
// $mail->addBCC('contact@d6soft.fr'); // Ajouter une copie cachée pour l'émetteur
$mail->isHTML(true); // Set email format to HTML
$mail->Subject = $sujet;
$mail->Body = $message;
if ($mail->send()) {
eLog("Envoiemail : " . $sujet . " à " . $dest);
$mail->smtpClose();
return 1;
} else {
eLog("Envoiemail Erreur : " . $mail->ErrorInfo);
$mail->smtpClose();
return 0;
}
}
function creat_xml_resa($bien)
{
//! Crée le fichier xml des evenements d'un prêt de matériel ou de médiathèque
global $Conf;
$xml = '<?xml version="1.0"?>';
$xml .= '<monthly>';
$sql = 'SELECT d.rowid, d.valide, d.fk_salarie, dd.date_debut, dd.date_fin FROM demandes_details dd LEFT JOIN demandes d ON d.rowid=dd.fk_demande WHERE dd.fk_oeuvre=' . $bien . ' ORDER BY dd.date_debut;';
$events = getinfos($sql);
foreach ($events as $event) {
$xml .= '<event>';
$xml .= '<id>' . $event["rowid"] . '</id>';
if ($event["valide"] == 1) {
$xml .= '<name>Réservé</name>';
$xml .= '<color>#ff2222</color>';
} else {
$xml .= '<name>A valider</name>';
$xml .= '<color>#4B77BE</color>';
}
$xml .= '<fk_salarie>' . $event["fk_salarie"] . '</fk_salarie>';
$xml .= '<startdate>' . $event["date_debut"] . '</startdate>';
$xml .= '<enddate>' . $event["date_fin"] . '</enddate>';
// <starttime>8:00</starttime>
// <endtime>20:00</endtime>
// <url></url>
$xml .= '</event>';
}
$xml .= '</monthly>';
$filename = ROOT . $Conf->_pathupload . "events" . DS . "events_" . $bien . ".xml";
$hfile = fopen($filename, "w") or die("unable " . $filename);
fwrite($hfile, $xml);
fclose($hfile);
}
function commercial_create($fkUser)
{
//! Fonction TRIGGER qui est paramétrée dans le fichier de config tb_commerciaux.php et qui se lance à la fin de la création d'un utilisateur
$sql = 'INSERT INTO notifications SET dateheure="' . date("Y-m-d H:i:s") . '", fk_user=' . $fkUser . ', action="Création", theme="Commercial", message="Ce nouveau commercial a été créé";';
qSQL($sql, "gen");
}
function user_create($fkUser)
{
//! Fonction TRIGGER qui est paramétrée dans le fichier de config tb_commerciaux.php et qui se lance à la fin de la création d'un utilisateur
$sql = 'INSERT INTO notifications SET dateheure="' . date("Y-m-d H:i:s") . '", fk_user=' . $fkUser . ', action="Création", theme="Utilisateur", message="Ce nouvel utilisateur a été créé";';
qSQL($sql, "gen");
}

155
pub/res/d6/router.php Normal file
View File

@@ -0,0 +1,155 @@
<?php
class Router {
public $_script;
public $_action;
public $_param1;
public $_controller;
public $_model;
public $_view;
public $_js;
public $_page; //! Configuration url /page unique
public $_titre;
public $_description;
public $_keywords;
public $_admtools;
public $_enmaintenance;
public $_mail;
public $_form;
public $_sidebar;
public $_chart;
public $_agenda;
public $_autocomplete;
public $_scheduler;
public $_osm;
public $_vuejs;
public $_files;
public $_layout;
public function __construct($GET, $Conf) {
if (isset($GET["sc"])) {
$this->_script = strtolower(trim(htmlspecialchars($GET["sc"])));
if ($this->_script == "") {
$this->_script = $Conf->_appscript;
}
} else {
$this->_script = $Conf->_appscript;
}
//! pour ne lancer qu'un seul script pour tout un site
if (isset($Conf->_page)) {
$this->_page = $Conf->_page;
} else {
$this->_page = 0;
}
if ($this->_page == 1) {
$this->_controller = "controllers/cpage.php";
$this->_model = "models/mpage.php";
$this->_view = "views/vpage.php";
$this->_js = "views/js/jpage.js";
} else {
$this->_controller = "controllers/c" . $this->_script . ".php";
$this->_model = "models/m" . $this->_script . ".php";
$this->_view = "views/v" . $this->_script . ".php";
$this->_js = "views/js/j" . $this->_script . ".js";
}
//! on va chercher les infos de la page
$this->getPage($Conf);
if (isset($GET["ac"])) {
$this->_action = strtolower(htmlspecialchars($GET["ac"]));
if ($this->_action == "") {
$this->_action = "index";
}
} else {
$this->_action = "index";
}
if (isset($GET["param1"])) {
$this->_param1 = $GET["param1"];
} else {
$this->_param1 = "";
}
}
function getPage($Conf) {
if ($this->_page == 1) {
$sql = 'SELECT * FROM y_pages WHERE script = "page" AND admin = ' . $Conf::admin . ' AND active=1;';
} else {
$sql = 'SELECT * FROM y_pages WHERE script = "' . $this->_script . '" AND admin = ' . $Conf::admin . ' AND active=1;';
}
$LaPage = getinfos($sql, "frontal");
if (count($LaPage) == 0) {
eLog("ROUTER : ERREUR pas de page trouvée pour " . $this->_script);
} else {
$LaPage = $LaPage[0];
$this->_titre = $LaPage["titre"];
$this->_description = $LaPage["description"];
$this->_keywords = $LaPage["keywords"];
if (isset($LaPage["mail"])) {
$this->_mail = $LaPage["mail"];
} else {
$this->_mail = 0;
}
if (isset($LaPage["admtools"])) {
$this->_admtools = $LaPage["admtools"];
} else {
$this->_admtools = 0;
}
if (isset($LaPage["enmaintenance"])) {
$this->_enmaintenance = $LaPage["enmaintenance"];
} else {
$this->_enmaintenance = 0;
}
if (isset($LaPage["sidebar"])) {
$this->_sidebar = $LaPage["sidebar"];
} else {
$this->_sidebar = 0;
}
if (isset($LaPage["chart"])) {
$this->_chart = $LaPage["chart"];
} else {
$this->_chart = 0;
}
if (isset($LaPage["autocomplete"])) {
$this->_autocomplete = $LaPage["autocomplete"];
} else {
$this->_autocomplete = 0;
}
if (isset($LaPage["agenda"])) {
$this->_agenda = $LaPage["agenda"];
} else {
$this->_agenda = 0;
}
if (isset($LaPage["scheduler"])) {
$this->_scheduler = $LaPage["scheduler"];
} else {
$this->_scheduler = 0;
}
if (isset($LaPage["osm"])) {
$this->_osm = $LaPage["osm"];
} else {
$this->_osm = 0;
}
if (isset($LaPage["files"])) {
$this->_files = $LaPage["files"];
} else {
$this->_files = 0;
}
if (isset($LaPage["form"])) {
$this->_form = $LaPage["form"];
} else {
$this->_form = 0;
}
$this->_layout = LAYROOT . DS . $LaPage["layout"];
}
}
}

173
pub/res/d6/session.php Normal file
View File

@@ -0,0 +1,173 @@
<?php
class Session {
public $_user;
function __construct($Route, $Conf) {
if ($Route->_script != "login") {
if ($Conf::intra) {
//! on vérifie que le user a bien une session ouverte
$this->getUserInfos($Route->_script, $Conf);
if (!$this->_user) {
header('Location: /login');
exit;
} else {
$sql = 'UPDATE z_sessions s SET s.date_modified="' . date("Y-m-d H:i:s") . '" WHERE s.sid="' . session_id() . '";';
qSQL($sql, "gen");
}
} else {
//! ce n'est pas un intranet, donc un site vitrine public, on doit laisser passer mais mémoriser
$sql = "SELECT s.* FROM z_sessions s WHERE s.sid='" . session_id() . "';";
$res = qSQL($sql, "gen");
$this->_user = $res->fetch_assoc();
if (empty($this->_user)) {
//! pas de session pour lui, on en crée une
if (!empty($_SERVER["HTTP_CLIENT_IP"])) {
//check for ip from share internet
$uip = $_SERVER["HTTP_CLIENT_IP"];
} elseif (!empty($_SERVER["HTTP_X_FORWARDED_FOR"])) {
// Check for the Proxy User
$uip = $_SERVER["HTTP_X_FORWARDED_FOR"];
} else {
$uip = $_SERVER["REMOTE_ADDR"];
}
$utime = time();
$uid = 0;
$urole = 0;
//! en session on récupère son prénom et nom, son id, son ip et son rôle
$_SESSION['uname'] = 'anonyme';
$_SESSION['uid'] = $uid;
$_SESSION['urole'] = $urole;
$_SESSION['umodified'] = $utime;
$_SESSION['uip'] = $uip;
session_write_close();
// On insère le nouvel id de session dans la db
$sql = "INSERT INTO z_sessions (sid, fk_user, role, date_modified, ip, browser) VALUES ('" . session_id() . "', " . $uid . ", '" . $urole . "', '" . date("Y-m-d H:i:s") . "', '" . $uip . "', '" . $_SERVER['HTTP_USER_AGENT'] . "');";
qSQL($sql, "gen");
// et on en profite pour purger les logs
$sql = "DELETE FROM z_logs WHERE DATEDIFF(curdate(), z_logs.date)>31;";
qSQL($sql, "gen");
// ainsi que les sessions qui ont une date antérieure à 1 jour
$sql = "DELETE FROM z_sessions WHERE DATEDIFF(curdate(), z_sessions.date_modified)>1;";
qSQL($sql, "gen");
}
}
} else {
//! c'est la page de Login
}
}
function getUserInfos($leScript, $Conf) {
$sql = "SELECT s.data, s.ip, s.browser, u.* FROM z_sessions s INNER JOIN users u ON s.sid='" . session_id() . "' AND s.fk_user=u.rowid;";
$res = qSQL($sql, "gen");
$this->_user = $res->fetch_assoc();
if (empty($this->_user)) {
eLog('Erreur Session.getUserInfos User inconnu dans Session ' . session_id());
$this->_user = FALSE;
} else {
//! Il faut tester l'adresse IP et le browser : si différence, laisser passer mais alerte.
if (!empty($_SERVER["HTTP_CLIENT_IP"])) {
//check for ip from share internet
$uip = $_SERVER["HTTP_CLIENT_IP"];
} elseif (!empty($_SERVER["HTTP_X_FORWARDED_FOR"])) {
// Check for the Proxy User
$uip = $_SERVER["HTTP_X_FORWARDED_FOR"];
} else {
$uip = $_SERVER["REMOTE_ADDR"];
}
if ($uip != $this->_user["ip"]) {
eLog("Erreur cet utilisateur " . $this->_user["username"] . " a changé d'IP : " . $uip . " au lieu de " . $this->_user["ip"]);
}
if ($this->_user["browser"] != $_SERVER['HTTP_USER_AGENT']) {
eLog("Erreur cet utilisateur " . $this->_user["username"] . " a changé de navigateur");
}
}
$res->free();
}
public function set_data($cle, $valeur) {
//! Ajoute ou met à jour la valeur d'une clé contenue dans z_sessions.data
//! ======================================================================
//! 1. on récupère le tableau contenu dans z_sessions.data
global $Conf;
$tabdata = $this->get_data();
//! 2. on ajoute ou met à jour ce tableau avec la clé et la valeur passés en paramètre
$tabdata[$cle] = $valeur;
//! 3. on transforme ce tableau mis à jour en string
//! base64_encode pour pouvoir embarquer des valeurs avec des " ou ' sans gérer des anti-slashes
$data = base64_encode(serialize($tabdata));
//! 4. on enregistre ce tableau
$sql = "UPDATE z_sessions s SET s.data='" . $data . "' WHERE s.sid='" . session_id() . "';";
qSQL($sql, "gen");
}
public function get_data($cle = "") {
//! Récupère le contenu de z_sessions.data et le retourne en tableau
//! ================================================================
global $Conf;
$sql = "SELECT s.data FROM z_sessions s WHERE s.sid='" . session_id() . "';";
$res = qSQL($sql, "gen");
$rec = $res->fetch_assoc();
$res->free();
if ($rec["data"] == "") {
$tabdata = array();
} else {
//! base64_decode pour pouvoir embarquer des valeurs avec des " ou ' sans gérer des anti-slashes
$tabdata = unserialize(base64_decode($rec["data"]));
}
if ($cle == "") {
//! si la clé est vide, on récupère tout le contenu de data
return $tabdata;
} else {
//! si une clé est spécifiée, on la teste et on récupère son contenu
if (isset($tabdata[$cle])) {
// debug("session->get_data récupère la valeur de la clé ".$cle." : ".$tabdata[$cle]);
$valeur = $tabdata[$cle];
return $valeur;
} else {
return 0;
}
}
}
public function set_a($niveau, $valeur) {
//! Met à jour la valeur du champ z_sessions.ax
if ($niveau >= 0 && $niveau < 10) {
$sql = "UPDATE z_sessions s SET s.a" . $niveau . "='" . $valeur . "' WHERE s.sid='" . session_id() . "';";
qSQL($sql, "gen");
}
}
public function get_a($niveau) {
//! Récupère la valeur du champ z_sessions.ax
if ($niveau >= 0 && $niveau < 10) {
$sql = "SELECT s.a" . $niveau . " as data FROM z_sessions s WHERE s.sid='" . session_id() . "';";
$res = qSQL($sql, "gen");
$rec = $res->fetch_assoc();
$res->free();
return $rec["data"];
}
}
public function del_data($cle) {
//! Supprime une clé contenue dans z_sessions.data
//! ======================================================================
//! 1. on récupère le tableau contenu dans z_sessions.data
global $Conf;
$tabdata = $this->get_data();
//! 2. on supprime la clé passée en paramètre de ce tableau
unset($tabdata[$cle]);
//! 3. on transforme ce tableau mis à jour en string
$data = serialize($tabdata);
//! 4. on enregistre ce tableau
$sql = "UPDATE z_sessions s SET s.data='" . $data . "' WHERE s.sid='" . session_id() . "';";
qSQL($sql, "gen");
}
}