noalyss Version-9
do.php
Go to the documentation of this file.
1<?php
2/*
3 * This file is part of NOALYSS.
4 *
5 * NOALYSS is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * NOALYSS is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with NOALYSS; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 */
19
20// Copyright Author Dany De Bontridder danydb@aevalys.eu
21define('ALLOWED',1);
22/**\file
23 * \brief Main file
24 */
25require_once '../include/constant.php';
26require_once NOALYSS_INCLUDE.'/constant.security.php';
27require_once NOALYSS_INCLUDE.'/lib/ac_common.php';
28
29MaintenanceMode("block.html");
30
31require_once NOALYSS_INCLUDE.'/class/database.class.php';
32require_once NOALYSS_INCLUDE.'/class/dossier.class.php';
33require_once NOALYSS_INCLUDE.'/lib/user_common.php';
34require_once NOALYSS_INCLUDE.'/lib/function_javascript.php';
35require_once NOALYSS_INCLUDE.'/lib/html_input.class.php';
36require_once NOALYSS_INCLUDE.'/lib/http_input.class.php';
37require_once NOALYSS_INCLUDE.'/lib/icon_action.class.php';
39
40mb_internal_encoding("UTF-8");
41// if gDossier is not set redirect to form to choose a folder
42if ( ! isset($_REQUEST['gDossier']))
43{
44 redirect('user_login.php');
45 exit();
46}
47if ( ! isset ($_SESSION[SESSION_KEY.'g_user']))
48 {
49 echo "<h2>"._('Vous êtes déconnecté')."</h2>";
50 $backurl=$_SERVER['REQUEST_URI'];
51 $url="index.php?".http_build_query(array('reconnect'=>1,'backurl'=>urlencode($backurl)));
53 exit();
54
55 }
57
59$g_user = new Noalyss_user($cn);
60$http=new HttpInput();
61IDate::set_firstDate($g_user->get_first_week_day());
62
63// check that the current user is saved into PostgreSQL setting in order to use it in PLPGSQL
64\Noalyss\Dbg::echo_var(1,sprintf("current user is [%s]",$cn->get_value("select current_setting('noalyss.user_login')")));
65
66/*
67 * check that the database is not empty
68 */
69if ( ! $cn->exist_table('version')) {
70 echo '<h2 class="notice">'._('Désolé').'</h2>';
71 echo _('Ce dossier est vide');
72 echo '<p>';
73 echo '<a class="button" href="do.php">'._("Retour à l'accueil").'</a>';
74 echo '</p>';
75 return;
76}
77
78/**
79 * if access_mode is MOBILE than force it to mobile.php
80 */
81if ($g_user->get_access_mode()=='MOBILE') { require NOALYSS_HOME."/mobile.php"; return;}
82
83$style_user=$http->post("style_user","string",$_SESSION[SESSION_KEY.'g_theme']);
84
86if ( DEBUGNOALYSS > 1 ) {
87 /**
88 * Debug Design
89 */
93} //<--- if DEBUG
95
96$g_user->Check();
97$g_user->check_dossier(Dossier::id());
99/* Check Browser version if < IE6 then unsupported */
100$browser = $_SERVER['HTTP_USER_AGENT'];
101if (strpos($browser, 'MSIE 6') != false ||
102 strpos($browser, 'MSIE 5') != false)
103{
104
105
106 echo <<<EOF
107 <!--[if lt IE 7]>
108 <div style='border: 1px solid #F7941D; background: #FEEFDA; text-align: center; clear: both; height: 75px; position: relative;'>
109 <div style='position: absolute; right: 3px; top: 3px; font-family: courier new; font-weight: bold;'><a href='#' onclick='javascript:this.parentNode.parentNode.style.display="none"; return false;'><img src='http://www.ie6nomore.com/files/theme/ie6nomore-cornerx.jpg' style='border: none;' alt='Close this notice'/></a></div>
110 <div style='width: 640px; margin: 0 auto; text-align: left; padding: 0; overflow: hidden; color: black;'>
111 <div style='width: 75px; float: left;'><img src='http://www.ie6nomore.com/files/theme/ie6nomore-warning.jpg' alt='Warning!'/></div>
112 <div style='width: 275px; float: left; font-family: Arial, sans-serif;'>
113 <div style='font-size: 14px; font-weight: bold; margin-top: 12px;'>Vous utilisez un navigateur dépassé depuis près de 8 ans!</div>
114 <div style='font-size: 12px; margin-top: 6px; line-height: 12px;'>Pour une meilleure expérience web, prenez le temps de mettre votre navigateur à jour.</div>
115 </div>
116 <div style='width: 75px; float: left;'><a href='http://fr.www.mozilla.com/fr/' target='_blank'><img src='http://www.ie6nomore.com/files/theme/ie6nomore-firefox.jpg' style='border: none;' alt='Get Firefox 3.5'/></a></div>
117 <div style='width: 73px; float: left;'><a href='http://www.apple.com/fr/safari/download/' target='_blank'><img src='http://www.ie6nomore.com/files/theme/ie6nomore-safari.jpg' style='border: none;' alt='Get Safari 4'/></a></div>
118 <div style='float: left;'><a href='http://www.google.com/chrome?hl=fr' target='_blank'><img src='http://www.ie6nomore.com/files/theme/ie6nomore-chrome.jpg' style='border: none;' alt='Get Google Chrome'/></a></div>
119 </div>
120 </div>
121 <![endif]-->
122EOF;
123 exit();
124}
125if ($cn->exist_table('version') == false)
126{
127 echo '<h2 class="error" style="font-size:12px">' . _("Base de donnée invalide") . '</h2>';
128 $base = dirname($_SERVER['REQUEST_URI']);
129 echo HtmlInput::button_anchor('Retour', $base . '/user_login.php');
130 exit();
131}
132if (DBVERSION < dossier::get_version($cn))
133{
134 $a = _("cliquez ici pour mettre à jour ");
135 $base =NOALYSS_URL."/admin-noalyss.php?action=upgrade&sb=application";
136
137 echo '<h2 class="error" style="font-size:12px">' .
138 _("Attention: la version de base de donnée est supérieure à la version du programme, vous devriez mettre à jour") ,
139 '<a class="text-warning line" hreF="' . $base . '">' . $a . '</a></h2>',
140 '</h2>';
141}
142if (DBVERSION > dossier::get_version($cn))
143{
144 echo '<h2 class="error" style="font-size:12px">' . _("Votre base de données n'est pas à jour") . ' ';
145 $a = _("cliquez ici pour appliquer le patch");
146 $base =NOALYSS_URL.'/admin-noalyss.php?action=upgrade&sb=database';
147 echo '<a class="text-warning line" href="' . $base . '">' . $a . '</a></h2>';
148}
149
150/*
151 * Set a correct periode for the user
152 */
153$periode = $g_user->get_periode();
155
156if ($oPeriode->load() == -1)
157{
158 $periode = $cn->get_value('select p_id from parm_periode order by p_start asc limit 1');
159 $g_user->set_periode($periode);
160}
161
163
164?>
165<script>
166/**
167 * All the onload must be here otherwise the other will overwritten
168 * @returns {undefined}
169 */
170window.onload=function ()
171{
172 create_anchor_up();
173 init_scroll();
174 sorttable.init
175}
176</script>
177<?php
178
179/*
180 * if an action is requested
181 */
182if (isset($_REQUEST['ac']))
183{
184 // When debugging save all the input in a file
185 if ( LOGINPUT)
186 {
187 $file_loginput=fopen($_ENV['TMP'].'/scenario-'.$_SERVER['REQUEST_TIME'].'.php','a+');
188 $tmp_ac=explode('/',trim(strtoupper($_REQUEST['ac'])));
189 $last=count($tmp_ac);
190 if ($last > 0) $last--;
191 fwrite ($file_loginput,"<?php \n");
192 fwrite ($file_loginput,'//@description:'.$tmp_ac[$last]."\n");
193 fwrite($file_loginput, '$_GET='.var_export($_GET,true));
194 fwrite($file_loginput,";\n");
195 fwrite($file_loginput, '$_POST='.var_export($_POST,true));
196 fwrite($file_loginput,";\n");
197 fwrite($file_loginput, '$_POST[\'gDossier\']=$gDossierLogInput;');
198 fwrite($file_loginput,"\n");
199 fwrite($file_loginput, '$_GET[\'gDossier\']=$gDossierLogInput;');
200 fwrite($file_loginput,"\n");
201 fwrite($file_loginput,' $_REQUEST=array_merge($_GET,$_POST);');
202 fwrite($file_loginput,"\n");
203 fclose($file_loginput);
204 }
205
206 // Priority to POST , otherwise "duplicate operation" doesn't work
207 $ac_post = trim(strtoupper($http->post("ac","string","")));
208 $ac_get = trim(strtoupper($http->get("ac","string","")));
209
210 $AC=($ac_post == "")?$ac_get:$ac_post;
211 $user_profile=$g_user->get_profile();
212
213
214 $amenu_id=$cn->get_array('select
215 pm_id_v3,pm_id_v2,pm_id_v1
216 from v_menu_profile where code= upper($1) and p_id=$2',
217 array($AC,$user_profile));
218
219 try {
220 if (count($amenu_id) == 0 ) {
221 // if only an Access Direct is asked without the full path
222
223 $aAccess=[];
224 // Find the possible path pm_id_v3 / pm_id_v2 / pm_id_v1
225 $direct_ac=$cn->get_array("select me_file,me_parameter,me_javascript from profile_menu
226 join menu_ref using (me_code)
227 where
228 p_id=$2
229 and me_code=$1", [strtoupper($AC),$user_profile]);
230
231 // if the me_code is available for user, find all the possible path
232 if (!empty($direct_ac)) {
233 $aAccess=$cn->get_array("select code, me_code from v_menu_description where me_code=$1 and p_id=$2",
234 [strtoupper($AC),$user_profile]);
235 }
236
237 if (empty($aAccess)) {
238 throw new Exception(_('Erreur menu'),10);
239 }
240
241 // retrieve the element path
242 $amenu_id=$cn->get_array('select
243 pm_id_v3,pm_id_v2,pm_id_v1
244 from v_menu_profile
245 where code= upper($1) and p_id=$2',
246 array($aAccess[0]['code'],$user_profile));
247
248 }
249 if ( count($amenu_id)> 1) {
250 $tmp=$amenu_id[0];
251 $amenu_id=[];
252 $amenu_id[0]=$tmp;
253 }
254 $amenu_id=complete_default_menu($amenu_id,$user_profile);
255
256 $AC=rebuild_access_code($amenu_id);
257
258 put_global(array(array("key"=>"ac","value"=>$AC)));
259 $module_id=$cn->get_value('select distinct
260 case when pm_id_v3 = 0 then (case when pm_id_v2 = 0 then pm_id_v1 else pm_id_v2 end) else pm_id_v3 end
261 from
262 v_menu_profile
263 where p_id =$1
264 and upper(code)=upper($2)',
265 array($user_profile,$AC));
266 $g_user->audit();
267 // Show module and highligt selected one
268 show_module($module_id);
269
270
271 show_menu( $amenu_id[0]['pm_id_v3']);
272
273 show_menu( $amenu_id[0]['pm_id_v2']);
274
275 show_menu($amenu_id[0]['pm_id_v1']);
276
277
278 } catch (Exception $e) {
279 if ( $e->getCode() == 10 ) {
280 alert(_('Accès menu impossible'));
281 echo '<a class="button" href="do.php?'.Dossier::get().'">';
282 echo _('Retour');
283 echo '</a>';
284 return;
285 }
286 else {
287 alert($e->getMessage());
288 record_log($e->getTraceAsString());
289 throw $e;
290 }
291 }
292}
293else
294{
295 $default = find_default_module();
296 $user_profile=$g_user->get_profile();
297
298 try
299 {
300 if ( $user_profile == "" )
301 throw new Exception (_('Aucun profil utilisateur'));
302
303 $menu_id=$cn->get_value('select
304 case when pm_id_v3 = 0 then
305 (case when pm_id_v2 = 0 then pm_id_v1 else pm_id_v2 end)
306 else pm_id_v3 end
307 from v_menu_profile where code= upper($1) and p_id=$2',
308 array($default,$user_profile));
309 $_GET['ac']=$default;
310 $_POST['ac']=$default;
311 $_REQUEST['ac']=$default;
313 $all[0] = $default;
315 }
316 catch (Exception $exc)
317 {
318 echo $exc->getMessage();
319 record_log("No user profile ");
320 record_log($exc->getMessage());
321 record_log($exc->getTraceAsString());
322 throw $exc;
323 }
324
325}
326
327
complete_default_menu($pa_menu)
Check if there is a default menu for this user and add it.
Definition: ac_common.php:1482
MaintenanceMode($p_file)
When you want to prevent users to connect, create a file in noalyss/ (NOALYSS_BASE) with the message ...
Definition: ac_common.php:1663
put_global($array)
Put in superglobal (get,post,request) the value contained in the parameter field (me_parameter)
Definition: ac_common.php:1233
html_page_start($p_theme="", $p_script="", $p_script2="")
Default page header for each page.
Definition: ac_common.php:275
rebuild_access_code($pan_code)
rebuild the access code
Definition: ac_common.php:1508
find_default_module()
Definition: ac_common.php:991
show_module($selected)
Show the modules.
Definition: ac_common.php:932
record_log($p_message)
Record an error message into the log file of the server.
Definition: ac_common.php:1342
show_menu($module)
Definition: ac_common.php:1071
alert($p_msg, $buffer=false)
alert in javascript
Definition: ac_common.php:738
$base
Definition: action.inc.php:56
$url
$opd_description style
if(! empty( $error)) for($i=0;$i< count($error);$i++)( $last !=$error[$i]) $last
static id()
return the 'gDossier' value after a check
static connect()
static button_anchor($p_label, $p_value, $p_name="", $p_javascript="", $p_class="smallbutton")
create a button with a ref
manage the http input (get , post, request) and extract from an array
static set_firstDate($firstDate)
static echo_var($n_level, $msg, $print=true)
Display the value of a var if DEBUGNOALYSS is greater than $n_level, the debugging info has a certain...
Definition: dbg.php:45
static display_global()
for development , show GLOBAL and SESSION
Definition: dbg.php:148
static display_request()
for development , show request (POST, GET)
Definition: dbg.php:119
static display_size()
display a bar depending of the size of the screen , it helps for CSS to see the media-size
Definition: dbg.php:104
Class to manage the company parameter (address, name...)
For the periode tables parm_periode and jrn_periode.
const DBVERSION
Definition: constant.php:31
$menu_id
Definition: do.php:303
if(strpos( $browser, 'MSIE 6') !=false||strpos( $browser, 'MSIE 5') !=false) if($cn->exist_table('version')==false) if(DBVERSION< dossier::get_version( $cn)) if(DBVERSION > dossier::get_version($cn)) $periode
Definition: do.php:153
$_POST['ac']
Definition: do.php:310
if(! $cn->exist_table( 'version')) if($g_user->get_access_mode()=='MOBILE') $style_user
if access_mode is MOBILE than force it to mobile.php
Definition: do.php:83
$user_profile
Definition: do.php:296
if(! isset( $_REQUEST[ 'gDossier'])) if(! isset($_SESSION[SESSION_KEY. 'g_user'])) $cn
Definition: do.php:56
$oPeriode
Definition: do.php:154
if($oPeriode->load()==-1) $module_selected
Definition: do.php:162
$http
Definition: do.php:38
global $g_user
Definition: do.php:58
$_REQUEST['ac']
Definition: do.php:311
$_GET['ac']
Definition: do.php:309
global $g_parameter
Definition: do.php:58
$browser
Definition: do.php:100
$all[0]
Definition: do.php:313
for($e=0; $e< count($afiche); $e++) exit
load_all_script()
load all the javascript only one time
redirect($p_string, $p_time=0)