<?php
setlocale(LC_ALL, 'fr', 'fr_FR', 'french', 'fra', 'fra_FRA', 'fr_FR.ISO_8859-1', 'fra_FRA.ISO_8859-1', 'fr_FR.utf8', 'fr_FR.utf-8', 'fra_FRA.utf8', 'fra_FRA.utf-8');

$today = date("Y-m-d H:i:s");

$dateFr = date("d/m/Y");
$dateTimeFr = date("d/m/Y H:i:s");
$timeFr = date("H:i:s");

$jour = array("Dimanche", "Lundi", "Mardi", "Mercredi", "Jeudi", "Vendredi", "Samedi");
$jour_abr = array("Dim", "Lun", "Mar", "Mer", "Jeu", "Ven", "Sam");
$mois = array("", "Janvier", "Février", "Mars", "Avril", "Mai", "Juin", "Juillet", "Août", "Septembre", "Octobre", "Novembre", "Décembre");
$mois_abr = array("", "Jan", "Fév", "Mar", "Avr", "Mai", "Jui", "Jul", "Aoû", "Sep", "Oct", "Nov", "Déc");

function getinfos($cSQL, $dbn = "gen", $format = "normal") {
  $result = array();

  $resql = qSQL($cSQL, $dbn);
  while ($rec = $resql->fetch_assoc()) {
    $result[] = $rec;
  }
  if (strtolower($format) == "json") {
    $jsonresult = json_encode($result);
    $lignes = $jsonresult;
    return $lignes;
  } else {
    return $result;
  }
}

//! qSQL : fonction de requête SQL à la base de données
function qSQL($qsql, $dbn = "gen", $lastid = false) {
  global $Conf;
  $dbh = $Conf->_dbhost;
  //! si en paramètre on spécifie une base de données $dbn, on s'y connecte,
  //! sinon on regarde si la base utilisateur est renseignée, si c'est le cas on s'y connecte, sinon on prend la base par défaut
  if ($dbn == "gen") {
    if ($Conf->_dbuname == "") {
      $dbn = $Conf->_dbname;
      $dbu = $Conf->_dbuser;
      $dbp = $Conf->_dbpass;
    } else {
      $dbn = $Conf->_dbuname;
      $dbu = $Conf->_dbuuser;
      $dbp = $Conf->_dbupass;
    }
  } else {
    if (strtolower($dbn) == "principale" || strtolower($dbn) == "frontal") {
      $dbn = $Conf->_dbname;
      $dbu = $Conf->_dbuser;
      $dbp = $Conf->_dbpass;
    } else {
      if (strtolower($dbn) == "credemo") {
        $dbn = $Conf->_dbcname;
        $dbu = $Conf->_dbcuser;
        $dbp = $Conf->_dbcpass;
      } else {
        //! sinon on prend le groupe
        $dbn = $Conf->_dbgname;
        $dbu = $Conf->_dbguser;
        $dbp = $Conf->_dbgpass;
      }
    }
  }

  $mysqli = new mysqli($dbh, $dbu, $dbp, $dbn);
  $mysqli->set_charset("utf8");
  if ($mysqli->connect_error) {
    // la connexion ne s'est pas faite
    $mysqli->close();
    return false;
  } else {
    // la connexion s'est faite correctement
    if ($qres = $mysqli->query($qsql)) {
      if ($lastid) {
        $qres = $mysqli->insert_id;
      }
      $mysqli->close();
      return $qres;
    } else {
      $mysqli->close();
      return false;
    }
  }
}

function hashPsswd($p) {
  $options = [
    'cost' => 11,  // Cout algorithmique
  ];
  // Génération du MDP
  $psswd = password_hash($p, PASSWORD_BCRYPT, $options);
  return $psswd;
}

function createPsswd($id, $p, $dbgen = "gen") {
  global $Conf;
  global $Route;

  $psswd = hashPsswd($p);

  if ($Conf::admin) {
    if (substr($Conf->_appname, 0, 3) == "ce_") {
      if ($Route->_script == "salaries") {
        $sql = 'UPDATE salaries SET userpswd="' . $psswd . '", userpass="xxx" WHERE rowid=' . $id . ';';
      } else {
        $sql = 'UPDATE users SET userpswd="' . $psswd . '", userpass="xxx" WHERE rowid=' . $id . ';';
      }
    } else {
      $sql = 'UPDATE users SET userpswd="' . $psswd . '", userpass="xxx" WHERE rowid=' . $id . ';';
    }
  } else {
    $sql = 'UPDATE salaries SET userpswd="' . $psswd . '", userpass="xxx" WHERE rowid=' . $id . ';';
  }

  qSQL($sql);

  eLog($sql);

  return true;
}

function checkPsswd($p, $pCr) {
  // Récupération et vérification du MDP saisi par l'utilisateur
  // $p : le pass en clair, $pCr : le pass enregistré et hashé
  if (password_verify($p, $pCr)) {
    return true;
  } else {
    return false;
  }
}

function generateRandomPassword() {
  //Initialize the random password
  $password = '';

  //Initialize a random desired length
  $desired_length = rand(8, 12);

  for ($length = 0; $length < $desired_length; $length++) {
    //Append a random ASCII character (including symbols)
    $password .= chr(rand(44, 122));
  }
  // On remplace quelques caractères non désirés
  $password = str_replace("/", "&", $password);
  $password = str_replace("<", "!", $password);
  $password = str_replace(">", "!", $password);
  $password = str_replace("=", "#", $password);
  $password = str_replace("\\", "&", $password);
  $password = str_replace("^", "%", $password);
  $password = str_replace(chr(96), "#", $password);

  return $password;
}

function eLog($comment, $notif = false) {
  global $Session;
  global $Route;
  global $Conf;

  if (!empty($_SERVER["HTTP_CLIENT_IP"])) {
    $ip = $_SERVER["HTTP_CLIENT_IP"];
  } elseif (!empty($_SERVER["HTTP_X_FORWARDED_FOR"])) {
    $ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
  } else {
    $ip = $_SERVER["REMOTE_ADDR"];
  }
  $hn = getHostByName($ip);
  $ha = @getHostByAddr($hn);
  $us = $_SERVER["HTTP_USER_AGENT"];
  if (isset($Session->_user["rowid"])) {
    $user = $Session->_user["rowid"];
    if ($user == "") {
      $user = 0;
    }
  } else {
    $user = 0;
  }
  $script = $Route->_script;
  $comment = nettoie_input($comment);
  $dt = date("Y-m-d H:i:s");
  if ($notif) {
    $not = 1;
  } else {
    $not = 2;
  }
  $sql = 'INSERT INTO z_logs (date, ip, host, adrhost, infos, fk_user, page, commentaire, chk_notif) VALUES ("' . $dt . '", "' . $ip . '", "' . $hn . '", "' . $ha . '", "' . $us . '", "' . $user . '", "' . $script . '", "' . $comment . '", ' . $not . ');';
  qSQL($sql, "gen");

  if (strpos(strtolower($comment), 'erreur') !== false) {
    //! S'il y a spécifiquement une erreur on l'enregistre dans un fichier log à la racine du site
    error_log($dt . ";" . $ip . ";" . $script . ";" . $comment . "\r\n", 3, "./" . $Conf->_appname . ".log");
  }
}

function logstats($delay = 0, $fk_user = 0, $appname = "") {
  global $Conf;
  $dt = date("Y-m-d H:i:s");

  $exclude_clients_ip = "aucune";
  if (isset($Conf->_excludeIp)) {
    $exclude_clients_ip = $Conf->_excludeIp;
  }

  if (isset($Conf->_clientIp)) {
    $client_ip = $Conf->_clientIp;
  } else {
    if (!empty($_SERVER["HTTP_CLIENT_IP"])) {
      $client_ip = $_SERVER["HTTP_CLIENT_IP"];
    } elseif (!empty($_SERVER["HTTP_X_FORWARDED_FOR"])) {
      $client_ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
    } else {
      $client_ip = $_SERVER["REMOTE_ADDR"];
    }
  }
  $verif_ip = strpos($exclude_clients_ip, $client_ip);

  if ($verif_ip === false) {

    $home = $_SERVER["HOME"];
    $doc_root = $_SERVER["DOCUMENT_ROOT"];
    $doc_root = substr($doc_root, strlen($home));

    $sql = 'INSERT INTO z_stats SET ';
    $sql .= 'date="' . $dt . '", ';
    $sql .= 'root="' . $doc_root . '", ';
    $sql .= 'server_ip="' . $_SERVER["SERVER_ADDR"] . '", ';
    $sql .= 'server_soft="' . $_SERVER["SERVER_SOFTWARE"] . '", ';
    $sql .= 'server_name="' . $_SERVER["SERVER_NAME"] . '", ';
    $sql .= 'client_ip="' . $client_ip . '", ';
    $sql .= 'client_browser="' . $_SERVER["HTTP_USER_AGENT"] . '", ';
    if (isset($_SERVER["HTTP_REFERER"])) {
      $sql .= 'client_origine="' . $_SERVER["HTTP_REFERER"] . '", ';
    }
    $sql .= 'client_page="' . $_SERVER["REQUEST_URI"] . '", ';
    $sql .= 'client_delay=' . str_replace(',', '.', $delay) . ', ';
    $sql .= 'appname="' . $appname . '", ';
    $sql .= 'fk_user=' . $fk_user . ', ';
    $sql .= 'status="' . $_SERVER["REDIRECT_STATUS"] . '";';

    // server : 51.255.35.214
    $mysqli = new mysqli("localhost", "logs_user", "d66,Logs.User", "logs");
    $mysqli->set_charset("utf8");
    $mysqli->query($sql);
    $mysqli->close();
  }
}

//! *****************************************************************************************//
//! nettoie_input : prépare une zone d'un formulaire avant son enregistrement dans la base   //
//! En paramètre, on passe la valeur à nettoyer                                              //
//! *****************************************************************************************//
function nettoie_input($data) {
  if (ctype_digit($data)) {
    $data = intval($data);
  } else {
    global $Conf;
    $dbn = $Conf->_dbname;
    $mysqli = new mysqli($Conf->_dbhost, $Conf->_dbuser, $Conf->_dbpass, $dbn);
    $mysqli->set_charset("utf8");
    $data = mysqli_real_escape_string($mysqli, $data);
    // $data = addcslashes($data, '%_');
    $mysqli->close();
  }
  return $data;
}

function str_normalize($string, $minuscules = true) {
  //! Normalise une chaîne de caractères en remplaçant tous les caractères accentués, les espaces et caractères spéciaux
  $result = "";
  $string = trim($string);    // on efface tous les espaces à gauche et à droite
  if (strlen($string) > 0) {
    if ($minuscules) {
      $result = strtolower($string);
    } else {
      $result = $string;
    }
    $result = str_replace(" ", "_", $result);
    //$result = str_replace("-", "_", $result);
    //$result = str_replace(".", "_", $result);
    $result = str_replace("é", "e", $result);
    $result = str_replace("è", "e", $result);
    $result = str_replace("ê", "e", $result);
    $result = str_replace("ë", "e", $result);
    $result = str_replace("à", "a", $result);
    $result = str_replace("â", "a", $result);
    $result = str_replace("ä", "a", $result);
    $result = str_replace("ô", "o", $result);
    $result = str_replace("ö", "o", $result);
    $result = str_replace("ù", "u", $result);
    $result = str_replace("û", "u", $result);
    $result = str_replace("ü", "u", $result);
    $result = str_replace("ç", "c", $result);
    $result = str_replace("'", "", $result);
    $result = str_replace("\"", "", $result);
    $result = str_replace("/", "", $result);
    $result = str_replace("(", "_", $result);
    $result = str_replace(")", "_", $result);
    $result = str_replace("!", "_", $result);
    //! Ajout du 08/12/2015
    $result = str_replace("?", "_", $result);

    $result = trim($result);
  }
  return $result;
}

function affiche_date($ladate) {
  /**
   * This is a sample function to illustrate additional PHP formatter
   * options.
   * @param $ladate date au format MySQL
   *
   * @return String date au format Fr dd/mm/yyyy
   * @author D6SOFT
   *
   */
  //! Retourne une date MySQL yyyy-mm-dd HH:ii:ss au format dd/mm/yyyy
  $ladate = trim($ladate);
  if ($ladate == "" || substr($ladate, 0, 2) == "00") {
    return "";
  } else {
    if (strlen($ladate) < 10) {
      return "";
    } else {
      $theday = substr($ladate, 8, 2) . "/" . substr($ladate, 5, 2) . "/" . substr($ladate, 0, 4);
      return $theday;
    }
  }
}

function d6GetDate($laDate, $transform = "MF", $hours = false, $seconds = false) {
  //! Retourne une date
  //! $format="MF"  du format MySQL yyyy-mm-dd    au format Fr dd/mm/yyyy
  //! $format="FM"  du format Fr dd/mm/yyyy       au format MySQL yyyy-mm-dd

  $ret = "";
  if (strlen($laDate) >= 10) {
    if ($transform == "FM") {
      $ret = substr($laDate, -4) . "-" . substr($laDate, 3, 2) . "-" . substr($laDate, 0, 2);
    } else {
      $ret = substr($laDate, -2) . "/" . substr($laDate, 5, 2) . "/" . substr($laDate, 0, 4);
    }
  }
  return $ret;
}

function loadtel($numero, $prefix = "+33") {
  //! retourne un numéro de téléphone sans espace et . et avec le préfixe devant : +33 par défaut
  $lenumero = trim($numero);
  $lenumero = preg_replace('/[^0-9]/', '', $lenumero);
  if (strlen($lenumero) == 10) {
    $lenumero = substr($lenumero, 1);
  }
  if (strlen($lenumero) == 9) {
    $lenumero = $prefix . $lenumero;
  }
  return $lenumero;
}

function formattel($numero, $separateur = " ") {
  //! formate le n° de téléphone de 651234567 ou 0651234567 en 06 51 23 45 67
  if (strlen($numero) == 9) {
    $numero = "0" . $numero;
  }
  if (strlen($numero) == 10) {
    $numero = substr($numero, 0, 2) . $separateur . substr($numero, 2, 2) . $separateur . substr($numero, 4, 2) . $separateur . substr($numero, 6, 2) . $separateur . substr($numero, 8, 2);
  }
  return $numero;
}