29require_once NOALYSS_INCLUDE.
'/constant.php';
30require_once NOALYSS_INCLUDE.
'/lib/user_common.php';
31require_once NOALYSS_INCLUDE.
'/lib/ac_common.php';
81 $this->
db->exec_sql(sprintf(
"select set_config('noalyss.user_login','%s',false)",
87 return "User ".print_r($this,
true);
95 $can_connect=
$cn->get_value(
"select count(*) from ac_users
96 where use_active=1 and
97 use_login=$1 and use_pass=$2",
98 [$this->login,$this->password]);
106 if (!isset($_SESSION[SESSION_KEY.
'g_user']))
108 $http=new \HttpInput();
109 $user_login=$http->request(
"p_user",
"string",
"");
110 $user_password=$http->request(
"p_pass",
"string",
"");
112 if ($user_login!=
""&&$user_password!=
"")
114 $_SESSION[SESSION_KEY.
"g_user"]=$user_login;
115 $_SESSION[SESSION_KEY.
"g_pass"]=md5($user_password);
119 echo
'<h2 class="error">'._(
'Session expirée<br>Utilisateur déconnecté').
'</h2>';
120 redirect(
'index.php', 1);
125 if (strpos($user_login,
'@mobile')!=
false)
127 $this->access_mode=
'MOBILE';
128 $this->login=str_ireplace(
"@mobile",
"", $user_login);
132 $this->access_mode=
'PC';
133 $this->login=strtolower($user_login);
139 $this->login=$_SESSION[SESSION_KEY.
"g_user"];
140 $this->password=$_SESSION[SESSION_KEY.
'g_pass'];
143 $this->lang=(isset($_SESSION[SESSION_KEY.
'g_lang']))?$_SESSION[SESSION_KEY.
'g_lang']:
'fr_FR.utf8';
144 $this->access_mode=$_SESSION[SESSION_KEY.
"access_mode"];
148 $cn->exec_sql(sprintf(
"select set_config('noalyss.user_login','%s',false)",
153 echo
'<h2 class="error">'._(
'Utilisateur ou mot de passe incorrect').
'</h2>';
154 $sql=
"insert into audit_connect (ac_user,ac_ip,ac_module,ac_url,ac_state) values ($1,$2,$3,$4,$5)";
156 array($_SESSION[SESSION_KEY.
'g_user'], $_SERVER[
"REMOTE_ADDR"],
"DISCON",
157 $_SERVER[
'REQUEST_URI'],
'FAIL'));
158 $this->clean_session();
166 $this->valid=(isset($_SESSION[SESSION_KEY.
'isValid']))?1:0;
167 if (isset($_SESSION[SESSION_KEY.
'g_theme']))
169 $this->theme=$_SESSION[SESSION_KEY.
'g_theme'];
171 $_SESSION[SESSION_KEY.
'use_admin']=$this->admin;
172 $_SESSION[SESSION_KEY.
'use_name']=$this->name;
173 $_SESSION[SESSION_KEY.
'use_first_name']=$this->first_name;
181 return $this->access_mode;
262 return $this->first_name;
294 return $this->active;
326 return $this->password;
365 $sql_cond=
" where lower(use_login)=lower($1)";
370 $sql_cond=
" where use_id=$1";
387 $this->
id=
$row[
'use_id'];
388 $this->first_name=
$row[
'use_first_name'];
389 $this->last_name=
$row[
'use_name'];
391 $this->active=
$row[
'use_active'];
392 $this->login=strtolower(
$row[
'use_login']);
393 $this->admin=
$row[
'use_admin'];
394 $this->password=
$row[
'use_pass'];
395 $this->email=
$row[
'use_email'];
402 $Sql=
"update ac_users set use_first_name=$1, use_name=$2
403 ,use_active=$3,use_admin=$4,use_pass=$5 ,use_email = $7 where use_id=$6";
406 array($this->first_name, $this->last_name, $this->active, $this->admin, $this->password,
407 $this->
id, $this->email));
413 $Sql=
"INSERT INTO ac_users(
414 use_first_name, use_name, use_login, use_active,
415 use_admin, use_pass, use_email)
416 VALUES ($1, $2, $3, $4, $5, $6, $7) returning use_id";
419 $this->
id=
$cn->get_value($Sql,
420 array($this->first_name, $this->last_name, $this->login, 1, $this->admin,
421 $this->password, $this->email));
435 $pass5=$this->password;
438 $sql=
"select ac_users.use_login,ac_users.use_active, ac_users.use_pass,
439 use_admin,use_first_name,use_name
441 where ac_users.use_id=$1
442 and ac_users.use_active=1
443 and ac_users.use_pass=$2";
444 $ret=
$cn->exec_sql(
$sql, array($this->
id, $pass5));
449 $_SESSION[SESSION_KEY.
'use_admin']=
$r[
'use_admin'];
450 $_SESSION[SESSION_KEY.
'use_name']=
$r[
'use_name'];
451 $_SESSION[SESSION_KEY.
'use_first_name']=
$r[
'use_first_name'];
452 $_SESSION[SESSION_KEY.
'isValid']=1;
454 $this->admin=$_SESSION[SESSION_KEY.
'use_admin'];
455 $this->
name=$_SESSION[SESSION_KEY.
'use_name'];
456 $this->first_name=$_SESSION[SESSION_KEY.
'use_first_name'];
459 $sql=
"insert into audit_connect (ac_user,ac_ip,ac_module,ac_url,ac_state) values ($1,$2,$3,$4,$5)";
464 array($_SESSION[SESSION_KEY.
'g_user'], $_SERVER[
"REMOTE_ADDR"],
465 $from, $_SERVER[
'REQUEST_URI'],
'FAIL'));
468 echo
'<script> alert(\''._(
'Utilisateur ou mot de passe incorrect').
'\')</script>
';
469 redirect('index.html
');
477 if ($from=='LOGIN
' || $from=='PORTAL
')
480 array($_SESSION[SESSION_KEY.'g_user
'], $_SERVER["REMOTE_ADDR"], $from,
481 $_SERVER['REQUEST_URI
'], 'SUCCESS
'));
498 function get_folder_access($p_dossier=0)
502 $p_dossier=dossier::id();
507 $sql="select 'R
' from jnt_use_dos where use_id=$1 and dos_id=$2";
509 $res=$cn->get_value($sql, array($this->id, $p_dossier));
511 if ($cn->get_affected()==0)
521 function set_folder_access($db_id, $priv)
527 // the access is granted
528 $jnt=$cn->get_value("select jnt_id from jnt_use_dos where dos_id=$1 and use_id=$2", array($db_id, $this->id));
533 $Res=$cn->exec_sql("insert into jnt_use_dos(dos_id,use_id) values($1,$2)", array($db_id, $this->id));
539 $cn->exec_sql('
delete from jnt_use_dos where use_id = $1 and dos_id = $2
', array($this->id, $db_id));
554 function get_ledger_access($p_ledger)
556 if ($this->admin==1||
557 $this->is_local_admin(dossier::id())==1||$this->get_status_security_ledger()==0)
560 $sql="select uj_priv from user_sec_jrn where uj_login=$1 and uj_jrn_id=$2";
561 $res=$this->db->get_value($sql, array($this->login, $p_ledger));
585 function get_ledger($p_type='
ALL', $p_access=3, $disable=TRUE)
587 $p_type=strtoupper($p_type);
588 if (!in_array($p_type, ["FIN", "ALL", "ODS", "VEN", 'ACH
']))
590 record_log(sprintf("UGL1, p_type %s", $p_type));
591 throw new Exception("UGL1"._("Type incorrecte"));
599 $sql_enable="and jrn_enable=1";
601 if ($this->admin!=1&&$this->is_local_admin()!=1&&$this->get_status_security_ledger()==1)
603 $sql_type=($p_type=='ALL')?'':"and jrn_def_type=upper('".sql_string($p_type)."')";
607 $sql_access=" and uj_priv!= 'X
' ";
610 $sql_access=" and uj_priv = 'W
' and jrn_enable=1 ";
614 $sql_access=" and ( uj_priv = 'R
' or uj_priv='W
') ";
618 $sql="select jrn_def_id,jrn_def_type,jrn_def_code,
619 jrn_def_name,jrn_def_class_deb,jrn_def_class_cred,jrn_type_id,jrn_desc,uj_priv,
620 jrn_deb_max_line,jrn_cred_max_line,jrn_def_description,jrn_enable
621 from jrn_def join jrn_type on jrn_def_type=jrn_type_id
622 join user_sec_jrn on uj_jrn_id=jrn_def_id
624 uj_login='".$this->login."'".
625 $sql_type.$sql_access.$sql_enable.
626 " order by jrn_Def_name";
630 $sql_type=($p_type=='ALL')?' '.$sql_enable:"where jrn_def_type=upper('".sql_string($p_type)."') ".$sql_enable;
631 $sql="select jrn_def_id,jrn_def_type,jrn_def_code,jrn_def_name,jrn_def_class_deb,jrn_def_class_cred,jrn_deb_max_line,jrn_cred_max_line,
632 jrn_type_id,jrn_desc,'W
' as uj_priv,jrn_def_description,jrn_enable
633 from jrn_def join jrn_type on jrn_def_type=jrn_type_id
635 order by jrn_Def_name";
637 $res=$this->db->exec_sql($sql);
638 if (Database::num_row($res)==0)
640 $array=Database::fetch_all($res);
651 function get_ledger_sql($p_type='
ALL', $p_access=3)
653 $aLedger=$this->get_ledger($p_type, $p_access);
656 $sql=" jrn_def_id in (";
657 foreach ($aLedger as $row)
671 return $this->isAdmin();
679 function isAdmin():int
682 $pass5=$this->password;
683 $sql="select count(*) from ac_users where use_login=$1
684 and use_active=1 and use_admin=1 and use_pass=$2 ";
687 $this->admin=$cn->get_value($sql, array($this->login,$pass5));
698 function set_periode($p_periode)
700 $sql="update user_local_pref set parameter_value=$1 where user_id=$2 and parameter_type='PERIODE
'";
701 $Res=$this->db->exec_sql($sql, [$p_periode, $this->id]);
704 private function set_default_periode()
707 /* get the first periode */
708 $sql='select min(
p_id) as pid
'
709 .' from parm_periode
'
710 .' where p_closed =
false and p_start = (select min(p_start)
from parm_periode)
';
711 $Res=$this->db->exec_sql($sql);
713 $pid=Database::fetch_result($Res, 0, 0);
714 /* if all the periode are closed, then we use the last closed period */
717 $sql='select min(
p_id) as pid
'
718 .'from parm_periode
'
719 .'where p_start = (select max(p_start)
from parm_periode)
';
720 $Res2=$this->db->exec_sql($sql);
721 $pid=Database::fetch_result($Res2, 0, 0);
724 throw new Exception(_("Aucune période trouvéee !!!"));
727 $pid=Database::fetch_result($Res2, 0, 0);
730 $sql=sprintf("insert into user_local_pref (user_id,parameter_value,parameter_type)
731 values ('%s
','%d
','PERIODE
')", $this->id, $pid);
732 $Res=$this->db->exec_sql($sql);
742 function get_periode()
745 $array=$this->get_preference();
746 if (!isset($array['PERIODE
']))
748 $this->set_default_periode();
749 $array=$this->get_preference();
751 return $array['PERIODE
'];
761 function save_global_preference($key, $value)
763 $repo=new Database();
764 $count=$repo->get_value("select count(*)
768 parameter_type=$1 and user_id=$2", array($key, $this->login));
771 $repo->exec_sql("update user_global_pref set parameter_value=$1
772 where parameter_type=$2 and user_id=$3", array($value, $key, $this->login));
776 $repo->exec_sql("insert into user_global_pref(user_id,parameter_type,parameter_value)
777 values($1,$2,$3)", array($this->login, $key, $value));
785 function get_preference()
787 $sql="select parameter_type,parameter_value from user_local_pref where user_id=$1";
788 $Res=$this->db->exec_sql($sql, array($this->id));
790 for ($i=0; $i<Database::num_row($Res); $i++)
792 $row=Database::fetch_array($Res, $i);
793 $type=$row['parameter_type
'];
794 $l_array[$type]=$row['parameter_value
'];
796 $repo=new Database();
797 $a_global_pref=$repo->get_array("select parameter_type,parameter_value from user_global_pref
799 upper(user_id) = upper($1)", [$this->login]);
800 $nb_global=count($a_global_pref);
801 for ($i=0; $i<$nb_global; $i++)
803 $idx=$a_global_pref[$i]['parameter_type
'];
804 $value=$a_global_pref[$i]['parameter_value
'];
805 $l_array[$idx]=$value;
817 function check_module($p_module)
819 if ( $this->access_mode == "PC") {
821 $acc=$this->db->get_value("select count(*) from v_all_menu where p_id = $1
822 and me_code=$2", array($this->get_profile(), $p_module));
823 } elseif ($this->access_mode=="MOBILE") {
824 $acc=$this->db->get_value("select count(*) from profile_mobile where p_id=$1 and me_code=$2",
825 array($this->get_profile(), $p_module));
827 throw new Exception("USER:823:ACCESS_MODE INCONNU");
831 $this->audit("FAIL", $p_module);
834 $this->audit("SUCCESS", $p_module);
846 function check_action($p_action_id)
848 /* save it into the log */
850 if ($this->Admin()==1)
852 if ($this->is_local_admin(dossier::id())==1)
854 if ($this->get_status_security_action()==0)
856 $Res=$this->db->exec_sql(
857 "select * from user_sec_act where ua_login=$1 and ua_act_id=$2", array($this->login, $p_action_id));
858 $Count=Database::num_row($Res);
861 if (isset($audit)&&$audit==true)
864 $sql="insert into audit_connect (ac_user,ac_ip,ac_module,ac_url,ac_state) values ($1,$2,$3,$4,$5)";
866 array($_SESSION[SESSION_KEY.'g_user
'], $_SERVER["REMOTE_ADDR"], $p_action_id, $_SERVER['REQUEST_URI
'],
873 echo_error(_("Action invalide"));
874 record_log("User:check_action".sprintf("login %s ua_act_id %s", $this->login, $p_action_id));
884 function load_global_pref()
887 // Load everything in an array
888 $Res=$cn->exec_sql("select parameter_type,parameter_value from
890 where user_id=$1", [$this->login]);
891 $Max=Database::num_row($Res);
894 $this->insert_default_global_pref();
895 $this->load_global_pref();
898 // Load value into array
900 for ($i=0; $i<$Max; $i++)
902 $row=Database::fetch_array($Res, $i);
903 $type=$row['parameter_type
'];
904 $line[$type]=$row['parameter_value
'];
906 // save array into g_ variable
907 $array_pref=array('g_theme
'=>'THEME
',
908 'g_pagesize
'=>'PAGESIZE
',
909 'g_topmenu
'=>'TOPMENU
',
911 'csv_fieldsep
'=>'csv_fieldsep
',
912 'csv_decimal
'=>'csv_decimal
',
913 'csv_encoding
'=>'csv_encoding
',
914 'first_week_day
'=>'first_week_day
');
916 foreach ($array_pref as $name=> $parameter)
918 if (!isset($line[$parameter]))
920 $this->insert_default_global_pref($parameter);
921 $this->load_global_pref();
924 $_SESSION[SESSION_KEY.$name]=$line[$parameter];
936 function insert_default_global_pref($p_type="", $p_value="")
939 $default_parameter=array("THEME"=>"classic",
942 'LANG
'=>'fr_FR.utf8
',
945 'csv_encoding
'=>'utf8
',
949 $sql="insert into user_global_pref(user_id,parameter_type,parameter_value)
953 foreach ($default_parameter as $name=> $value)
955 $cn->exec_sql($sql, array($this->login, $name, $value));
960 $value=($p_value=="")?$default_parameter[$p_type]:$p_value;
961 if ( $cn->get_value("select count(*) from user_global_pref where user_id=$1 and parameter_type=$2",
962 array($this->login,$p_type)) == 1)
964 $cn->exec_sql("update user_global_pref set parameter_value=$1 where user_id=$2 and parameter_type=$3",
965 array($value,$this->login,$p_type));
967 $cn->exec_sql($sql, array($this->login, $p_type, $value));
979 function update_global_pref($p_type, $p_value="")
981 $default_parameter=array("THEME"=>"classic",
983 "LANG"=>'fr_FR.utf8
',
987 'csv_encoding
'=>'utf8
',
991 $Sql="update user_global_pref set parameter_value=$1
992 where parameter_type=$2 and
994 $value=($p_value=="")?$default_parameter[$p_type]:$p_value;
995 $cn->exec_sql($Sql, array($value, $p_type, $this->login));
1005 function get_exercice()
1007 $sql="select p_exercice from parm_periode where p_id=$1";
1008 $Ret=$this->db->exec_sql($sql,[$this->get_periode()]);
1009 if (Database::num_row($Ret)==1)
1011 $r=Database::fetch_array($Ret, 0);
1012 return $r['p_exercice
'];
1026 function can_request($p_action, $p_js=0)
1028 if ($this->check_action($p_action)==0)
1030 $this->audit('FAIL
');
1033 echo create_script("alert_box(content[59])");
1037 record_log(_("Access invalid").$p_action);
1041 echo '<
h2 class=
"error">
',
1042 htmlspecialchars(_("Cette action ne vous est pas autorisée Contactez votre responsable")),
1056 function check_print($p_action)
1059 $this->audit('AUDIT
', $p_action);
1060 if ($this->Admin()==1)
1063 $res=$cn->get_value("select count(*) from profile_menu
1064 join profile_user using (p_id)
1065 where user_name=$1 and me_code=$2 ", array($this->login, $p_action));
1076 function can_print($p_action, $p_js=0)
1078 if ($this->check_print($p_action)==0)
1080 $this->audit('FAIL
');
1083 echo create_script("alert_box(content[59])");
1087 echo '<div
class=
"redcontent">
';
1088 echo '<
h2 class=
"error">
',
1089 htmlspecialchars(_("Cette action ne vous est pas autorisée Contactez votre responsable")),
1109 function is_local_admin($p_dossier=-1)
1120 function get_available_repository($p_access='R
')
1122 $profile=$this->get_profile();
1126 $r=$this->db->get_array("select distinct u.r_id,r_name
1128 profile_sec_repository as u
1129 join stock_repository as s on(u.r_id=s.r_id)
1134 ", array($profile));
1138 $r=$this->db->get_array("select distinct u.r_id,r_name
1140 profile_sec_repository as u
1141 join stock_repository as s on(u.r_id=s.r_id)
1144 ", array($profile));
1164 static function get_list($p_dossier)
1166 $sql="select distinct use_id,use_login,use_first_name,use_name from ac_users
1167 left outer join jnt_use_dos using (use_id)
1169 (dos_id=$1 and use_active=1) or (use_active=1 and use_admin=1)
1170 order by use_login,use_name";
1172 $repo=new Database();
1173 $array=$repo->get_array($sql, array($p_dossier));
1174 if ($repo->size()==0)
1175 throw new Exception('Error inaccessible folder
');
1190 function check_jrn($p_jrn)
1192 return $this->get_ledger_access($p_jrn);
1206 function check_dossier($p_dossier_id, $silent=false)
1209 if ($this->admin==1||$this->is_local_admin($p_dossier_id)==1)
1213 $dossier=$cn->get_value("select 'R
' from jnt_use_dos where dos_id=$1 and use_id=$2",
1214 array($p_dossier_id, $this->id));
1215 $dossier=($dossier=='')?'X
':$dossier;
1218 $this->audit('FAIL
', "Access folder ");
1221 alert(_('Dossier non accessible
'));
1232 function get_limit_current_exercice()
1234 $current_exercice=$this->get_exercice();
1235 $periode=new Periode($this->db);
1236 list($per_start, $per_end)=$periode->get_limit($current_exercice);
1237 $start=$per_start->first_day();
1238 $end=$per_end->last_day();
1239 return array($start, $end);
1251 function show_dossier($p_filtre="")
1253 $p_array=$this->get_available_folder($p_filtre);
1257 $result.="<TABLE id=\"folder\" class=\"result\">";
1266 $result.=_("Description");
1272 $result.='<
td style=
"width:auto" colspan=3>
';
1273 $result.=_("Aucun dossier disponible");
1279 for ($i=0; $i<sizeof($p_array); $i++)
1282 $id=$p_array[$i]['dos_id
'];
1283 $name=$p_array[$i]['dos_name
'];
1284 $desc=$p_array[$i]['dos_description
'];
1289 $target="do.php?gDossier=$id";
1291 $result.="<TR class=\"$tr\">";
1293 $result.=td($id, ' class=
"num" ');
1294 $result.="<TD class=\"$tr\">";
1295 $result.="<A class=\"dossier\" HREF=\"$target\">";
1296 $result.=" <B>".h($name)."</B>";
1299 $desc=($desc=="")?"<i>Aucune description</i>":h($desc);
1300 $desc="<A class=\"dossier\" HREF=\"$target\">$desc</A>";
1301 $result.="<TD class=\"$tr\" >".$desc;
1305 $result.="</TABLE>";
1320 function get_available_folder($p_filter="")
1324 if ($this->admin==0)
1326 // show only available folders
1327 // if user is not an admin
1328 $Res=$cn->exec_sql("select
1329 distinct dos_id,dos_name,dos_description
1331 natural join jnt_use_dos
1332 natural join ac_dossier
1336 and ( dos_name ilike '%
' || $2 || '%
' or dos_description ilike '%
' || $2 || '%
' )
1337 order by dos_name", array($this->login, $p_filter));
1341 $Res=$cn->exec_sql("select
1342 distinct dos_id,dos_name,dos_description from ac_dossier
1344 dos_name ilike '%
' || $1|| '%
' or dos_description ilike '%
' || $1 || '%
'
1345 order by dos_name", array($p_filter));
1348 $max=Database::num_row($Res);
1352 for ($i=0; $i<$max; $i++)
1354 $array[]=Database::fetch_array($Res, $i);
1363 static function audit_admin($p_module)
1366 $sql="insert into audit_connect (ac_user,ac_ip,ac_module,ac_url,ac_state) values ($1,$2,$3,$4,$5)";
1370 $_SESSION[SESSION_KEY.'g_user
'],
1371 $_SERVER["REMOTE_ADDR"],
1373 $_SERVER['REQUEST_URI
'],
1377 function audit($action='AUDIT
', $p_module="")
1382 if ($p_module==""&&isset($_REQUEST['ac
']))
1384 $p_module=$_REQUEST['ac
'];
1387 if (isset($_REQUEST['gDossier
']))
1388 $p_module.=" dossier : ".$_REQUEST['gDossier
'];
1389 $sql="insert into audit_connect (ac_user,ac_ip,ac_module,ac_url,ac_state) values ($1,$2,$3,$4,$5)";
1393 $_SESSION[SESSION_KEY.'g_user
'],
1394 $_SERVER["REMOTE_ADDR"],
1396 $_SERVER['REQUEST_URI
'],
1401 function save_profile($p_id)
1403 $count=$this->db->get_value("select count(*) from profile_user where user_name=$1", array($this->login));
1406 $this->db->exec_sql("insert into profile_user(p_id,user_name)
1407 values ($1,$2)", array($p_id, $this->login));
1411 $this->db->exec_sql("update profile_user set p_id=$1 where user_name=$2", array($p_id, $this->login));
1419 function get_profile()
1421 $profile=$this->db->get_value("select p_id from profile_user where
1422 lower(user_name)=lower($1) ", array($this->login));
1434 function sql_writable_profile()
1436 if ($this->admin!=1)
1438 $sql=" (select p_granted "
1439 ." from user_sec_action_profile "
1440 ." where ua_right in ('W
','O
') and p_id=".$this->get_profile().") ";
1444 $sql="(select p_id p_granted from profile)";
1452 function get_writable_profile()
1454 $value=$this->db->get_array("select p_granted from ".$this->sql_writable_profile()." as m") ;
1455 $aGranted=array_column($value,"p_granted");
1462 function get_readable_profile()
1464 $value=$this->db->get_array("select p_granted from ".$this->sql_readable_profile()." as m") ;
1465 $aGranted=array_column($value,"p_granted");
1475 function sql_readable_profile()
1477 if ($this->admin!=1)
1479 $sql=" (select p_granted "
1480 ." from user_sec_action_profile "
1481 ." where ua_right in ('W
','R
','O
') and p_id=".$this->get_profile().") ";
1485 $sql="(select p_id p_granted from profile)";
1496 function can_add_action($p_profile)
1499 $r=$this->db->get_value(' select count(*)
1500 from user_sec_action_profile
1502 and
p_id=$1
', array($this->get_profile(), $p_profile));
1515 function can_write_action($dtoc)
1517 if ($this->Admin()==1)
1519 if ($this->get_status_security_action()==0)
1521 $profile=$this->get_profile();
1522 $r=$this->db->get_value(" select count(*) from action_gestion where ag_id=$1 and ag_dest in
1523 (select p_granted from user_sec_action_profile where ua_right in ('W
','O
') and p_id=$2) ", array($dtoc, $profile));
1534 function can_delete_action($dtoc)
1536 if ($this->Admin()==1)
1538 if ($this->get_status_security_action()==0)
1540 $profile=$this->get_profile();
1541 $r=$this->db->get_value(" select count(*) from action_gestion where ag_id=$1 and ag_dest in
1542 (select p_granted from user_sec_action_profile where ua_right='W
' and p_id=$2) ", array($dtoc, $profile));
1553 function can_read_action($dtoc)
1555 if ($this->Admin()==1)
1557 $profile=$this->get_profile();
1558 $r=$this->db->get_value(" select count(*) from action_gestion where ag_id=$1 and (ag_dest in
1559 (select p_granted from user_sec_action_profile where p_id=$2) or ag_owner=$3)",
1560 array($dtoc, $profile, $this->login));
1571 function can_write_repo($p_repo)
1573 if ($this->Admin()==1)
1575 $profile=$this->get_profile();
1576 $r=$this->db->get_value("select count(*)
1577 from profile_sec_repository
1581 and ur_right='W
'", array($p_repo, $profile));
1592 function can_read_repo($p_repo)
1594 if ($this->Admin()==1)
1596 $profile=$this->get_profile();
1597 $r=$this->db->get_value("select count(*)
1598 from profile_sec_repository
1602 ", array($p_repo, $profile));
1610 function password_to_session()
1612 $_SESSION[SESSION_KEY.'g_pass
']=$this->getPassword();
1621 function save_password($p_pass1, $p_pass2)
1623 if ($p_pass1==$p_pass2 && count(check_password_strength($p_pass1)['msg
'])==0)
1625 $repo=new Database();
1626 $l_pass=md5($p_pass1);
1627 $this->setPassword($l_pass);
1628 $repo->exec_sql("update ac_users set use_pass=$1 where use_login=$2",
1629 array($l_pass, $this->login));
1643 function save_email($p_email)
1645 $repo=new Database();
1646 $repo->exec_sql("update ac_users set use_email=$1 where use_login=$2",
1647 array($p_email, $_SESSION[SESSION_KEY.'g_user
']));
1656 static function revoke_access($p_login, $p_dossier)
1658 // connect to the repository
1659 $repo_cnx=new Database();
1661 // Retrieve the user
1662 $user=$repo_cnx->get_array('select use_id,use_login
from ac_users where use_login=$1
', array($p_login));
1666 // remove him from jnt_use_dos
1667 $repo_cnx->exec_sql("delete from jnt_use_dos WHERE use_id=$1 and dos_id=$2",
1668 array($user[0]['use_id
'], $p_dossier));
1670 // Remove user from user's dossier
1671 $cn_dossier=
new Database($p_dossier);
1672 $cn_dossier->exec_sql(
"delete from profile_user where user_name=$1", array($p_login));
1673 $cn_dossier->exec_sql(
"delete from user_sec_act where ua_login=$1", array($p_login));
1683 $user=$repo_cnx->get_array(
"select use_id,use_login
1685 where use_login=$1", array($p_login));
1689 $cn_dossier=
new Database($p_dossier);
1692 $repo_cnx->get_value(
"select count(*) from jnt_use_dos where use_id=$1 and dos_id=$2",
1693 array($user[0][
'use_id'], $p_dossier))==0
1696 $repo_cnx->exec_sql(
"insert into jnt_use_dos(use_id,dos_id) values ($1,$2)",
1697 array($user[0][
'use_id'], $p_dossier));
1700 if ($cn_dossier->get_value(
"select count(*) from profile_user where user_name=$1", array($user[0][
'use_login']))==0)
1702 $cn_dossier->exec_sql(
'insert into profile_user(user_name,p_id) values($1,1)', array($user[0][
'use_login']));
1705 $cn_dossier->exec_sql(
"delete from user_sec_act where ua_login=$1", array($p_login));
1707 $cn_dossier->exec_sql(
"insert into user_sec_act (ua_login,ua_act_id)"
1708 .
" select $1 ,ac_id from action ", array($p_login));
1710 $cn_dossier->exec_sql(
"delete from user_sec_jrn where uj_login=$1", array($p_login));
1711 $cn_dossier->exec_sql(
"insert into user_sec_jrn(uj_login,uj_jrn_id,uj_priv)"
1712 .
" select $1,jrn_def_id,'W' from jrn_def", array($p_login));
1718 $name=$cnx_repo->format_name($p_dossier,
'dos');
1719 if ($cnx_repo->exist_database(
$name)==0)
1721 $cnx_dossier=
new Database($p_dossier);
1722 if ($cnx_dossier->exist_table(
'profile_user'))
1723 $a_user=$cnx_dossier->get_array(
'select user_name from profile_user');
1732 if ($cnx_repo->get_value(
'select count(*) from ac_users where use_login=$1', array($a_user[
$i][
'user_name']))==0)
1734 if ($cnx_dossier->exist_table(
'user_sec_jrn'))
1735 $cnx_dossier->exec_sql(
"delete from user_sec_jrn where uj_login=$1", array($a_user[
$i][
'user_name']));
1736 $cnx_dossier->exec_sql(
"delete from profile_user where user_name=$1", array($a_user[
$i][
'user_name']));
1737 if ($cnx_dossier->exist_table(
'user_sec_act'))
1738 $cnx_dossier->exec_sql(
"delete from user_sec_act where ua_login=$1", array($a_user[
$i][
'user_name']));
1739 if ($cnx_dossier->exist_table(
'user_sec_jrn'))
1740 $cnx_dossier->exec_sql(
"delete from user_sec_jrn where uj_login=$1", array($a_user[
$i][
'user_name']));
1741 if ($cnx_dossier->exist_table(
'user_active_security'))
1742 $cnx_dossier->exec_sql(
"delete from user_active_security where us_login=$1",
1743 array($a_user[
$i][
'user_name']));
1754 $security=$this->
db->get_value(
"select us_ledger from user_active_security
1756 us_login=$1", [$this->login]);
1757 $n_security=($security==
"Y")?1:0;
1768 if ($p_value!=0&&$p_value!=1)
1769 throw new Exception(
_(
"Valeur invalide"));
1770 $exist=$this->
db->get_value(
"select count(*) from user_active_security where us_login=$1", [$this->login]);
1771 $flag=($p_value==1)?
"Y":
"N";
1774 $this->
db->exec_sql(
"insert into user_active_security (us_login,us_ledger,us_action) values ($1,$2,$3)",
1775 [$this->login,
$flag,
'Y']);
1779 $this->
db->exec_sql(
"update user_active_security set us_ledger=$1 where us_login = $2",
1780 [
$flag, $this->login]);
1790 $security=$this->
db->get_value(
"select us_action from user_active_security
1792 us_login=$1", [$this->login]);
1793 $n_security=($security==
"Y")?1:0;
1804 if ($p_value!=0&&$p_value!=1)
1805 throw new Exception(
_(
"Valeur invalide"));
1806 $exist=$this->
db->get_value(
"select count(*) from user_active_security where us_login=$1", [$this->login]);
1807 $flag=($p_value==1)?
"Y":
"N";
1810 $this->
db->exec_sql(
"insert into user_active_security (us_login,us_action,us_ledger) values ($1,$2,$3)",
1811 [$this->login,
$flag,
'Y']);
1815 $this->
db->exec_sql(
"update user_active_security set us_action=$1 where us_login = $2",
1816 [
$flag, $this->login]);
1827 $result=$repocn->get_value(
"select parameter_value from user_global_pref where parameter_type=$1 and user_id=$2 ",
1828 array(
"first_week_day", $this->login));
1829 if ($repocn->count()==0)
1842 $aSession=$_SESSION;
1843 foreach($aSession as $key =>
$value) {
1844 if(DEBUGNOALYSS>1) { echo
"[$key]=>[$value]";}
1846 if ( strpos($key,SESSION_KEY) === 0) {
1847 unset($_SESSION[$key]);
1848 if(DEBUGNOALYSS>1) { echo
"=> [$key] cleaned";}
1861 $result=$repocn->get_value(
"select parameter_value from user_global_pref where parameter_type=$1 and user_id=$2 ",
1862 array(
"vat_code", $this->login));
1863 if ($repocn->count()==0)
h2($p_string, $p_class="", $raw="")
td($p_string='', $p_extra='')
surround the string with td
catch(Exception $exc) if(! $g_user->can_write_action($ag_id)) $r
if(!headers_sent())
– pour utiliser unoconv démarrer un server libreoffice commande libreoffice –headless –accept="socket...
_("actif, passif,charge,...")
static escape_string($p_string)
wrapper for the function pg_escape_string
static fetch_array($ret, $p_indice=0, $p_mode=PGSQL_ASSOC)
wrapper for the function pg_fetch_array
static num_row($ret)
wrapper for the function pg_num_rows
contains the class for connecting to Noalyss
Data & function about connected users.
get_vat_code_preference()
Get preference , either the user see the numeric id for VAT or its code, if the preference doesn't ex...
set_status_security_ledger($p_value)
Set the flag in the table user_active_security.
get_access_mode()
access_mode tells what mode must be used : pc or mobile
get_status_security_action()
Check the security on ledger for the user , it returns 1 if the security on ledgers is enabled,...
$id
in account_repository , ac_users.use_id
set_status_security_action($p_value)
Set the flag in the table user_active_security.
get_status_security_ledger()
Check the security on ledger for the user , it returns 1 if the security on ledgers is enabled,...
set_session_var()
put user_login into Postgres config (session), it can be used for tracking users activities
$active
1 active , 0 disables
get_first_week_day()
first day in calendar
$last_name
user's last_name
$password
md5 of the password
$access_mode
MOBILE or PC depending if when connecting $login contains @mobile.
Check($silent=false, $from='')
Check if user is active and exists in therepository Automatically redirect, it doesn't check if a use...
$db
database connx to the folder NOT repository
load_global_pref()
Get the global preferences from user_global_pref in the account_repository db.
static grant_admin_access($p_login, $p_dossier)
Grant access to folder, grant administrator profile , all the ledgers and all the action.
save_global_preference($key, $value)
Save the preference , the scope is global, the settings are saved into account_repository.
static clean_session()
clean the sessions
set_access_mode($access_mode)
access_mode tells what mode must be used : pc or mobile
static remove_inexistant_user($p_dossier)
can_connect()
check the password and user
connect_user()
connect the user and set the $_SESSION variables if not set thanks the $_REQUEST
setFirstName($first_name)
__construct($p_cn, $p_id=-1)
Create an user , load an existing one or if p_id == -1 search for the connected user.
for($e=0; $e< count($afiche); $e++) exit
redirect($p_string, $p_time=0)