noalyss Version-9
do_LOCAL_342368.php
Go to the documentation of this file.
1<?php
2/*
3 * This file is part of NOALYSS.
4 *
5 * NOALYSS is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * NOALYSS is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with NOALYSS; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 */
19
20// Copyright Author Dany De Bontridder danydb@aevalys.eu
21define('ALLOWED',1);
22/**\file
23 * \brief Main file
24 */
25require_once '../include/constant.php';
26
27require_once NOALYSS_INCLUDE.'/class/database.class.php';
28require_once NOALYSS_INCLUDE.'/class/dossier.class.php';
29require_once NOALYSS_INCLUDE.'/lib/user_common.php';
30require_once NOALYSS_INCLUDE.'/lib/ac_common.php';
31require_once NOALYSS_INCLUDE.'/lib/function_javascript.php';
32require_once NOALYSS_INCLUDE.'/constant.security.php';
33require_once NOALYSS_INCLUDE.'/lib/html_input.class.php';
34require_once NOALYSS_INCLUDE.'/lib/http_input.class.php';
35require_once NOALYSS_INCLUDE.'/lib/icon_action.class.php';
37
38mb_internal_encoding("UTF-8");
39// if gDossier is not set redirect to form to choose a folder
40if ( ! isset($_REQUEST['gDossier']))
41{
42 redirect('user_login.php');
43 exit();
44}
45if ( ! isset ($_SESSION[SESSION_KEY.'g_user']))
46 {
47 echo "<h2>"._('Vous êtes déconnecté')."</h2>";
48 $backurl=$_SERVER['REQUEST_URI'];
49 $url="index.php?".http_build_query(array('reconnect'=>1,'backurl'=>urlencode($backurl)));
51 exit();
52
53 }
55
57$g_user = new Noalyss_user($cn);
58$http=new HttpInput();
59IDate::set_firstDate($g_user->get_first_week_day());
60
61/*
62 * check that the database is not empty
63 */
64if ( ! $cn->exist_table('version')) {
65 echo '<h2 class="notice">'._('Désolé').'</h2>';
66 echo _('Ce dossier est vide');
67 echo '<p>';
68 echo '<a class="button" href="do.php">'._("Retour à l'accueil").'</a>';
69 echo '</p>';
70 return;
71}
72/**
73 * if access_mode is MOBILE than force it to mobile.php
74 */
75if ($g_user->get_access_mode()=='MOBILE') { require NOALYSS_HOME."/mobile.php"; return;}
76
77$style_user=$http->post("style_user","string",$_SESSION[SESSION_KEY.'g_theme']);
78
80if ( DEBUGNOALYSS > 1 ) {
81 /**
82 * Debug Design
83 */
87} //<--- if DEBUG
89
90$g_user->Check();
91$g_user->check_dossier(Dossier::id());
93/* Check Browser version if < IE6 then unsupported */
94$browser = $_SERVER['HTTP_USER_AGENT'];
95if (strpos($browser, 'MSIE 6') != false ||
96 strpos($browser, 'MSIE 5') != false)
97{
98
99
100 echo <<<EOF
101 <!--[if lt IE 7]>
102 <div style='border: 1px solid #F7941D; background: #FEEFDA; text-align: center; clear: both; height: 75px; position: relative;'>
103 <div style='position: absolute; right: 3px; top: 3px; font-family: courier new; font-weight: bold;'><a href='#' onclick='javascript:this.parentNode.parentNode.style.display="none"; return false;'><img src='http://www.ie6nomore.com/files/theme/ie6nomore-cornerx.jpg' style='border: none;' alt='Close this notice'/></a></div>
104 <div style='width: 640px; margin: 0 auto; text-align: left; padding: 0; overflow: hidden; color: black;'>
105 <div style='width: 75px; float: left;'><img src='http://www.ie6nomore.com/files/theme/ie6nomore-warning.jpg' alt='Warning!'/></div>
106 <div style='width: 275px; float: left; font-family: Arial, sans-serif;'>
107 <div style='font-size: 14px; font-weight: bold; margin-top: 12px;'>Vous utilisez un navigateur dépassé depuis près de 8 ans!</div>
108 <div style='font-size: 12px; margin-top: 6px; line-height: 12px;'>Pour une meilleure expérience web, prenez le temps de mettre votre navigateur à jour.</div>
109 </div>
110 <div style='width: 75px; float: left;'><a href='http://fr.www.mozilla.com/fr/' target='_blank'><img src='http://www.ie6nomore.com/files/theme/ie6nomore-firefox.jpg' style='border: none;' alt='Get Firefox 3.5'/></a></div>
111 <div style='width: 73px; float: left;'><a href='http://www.apple.com/fr/safari/download/' target='_blank'><img src='http://www.ie6nomore.com/files/theme/ie6nomore-safari.jpg' style='border: none;' alt='Get Safari 4'/></a></div>
112 <div style='float: left;'><a href='http://www.google.com/chrome?hl=fr' target='_blank'><img src='http://www.ie6nomore.com/files/theme/ie6nomore-chrome.jpg' style='border: none;' alt='Get Google Chrome'/></a></div>
113 </div>
114 </div>
115 <![endif]-->
116EOF;
117 exit();
118}
119if ($cn->exist_table('version') == false)
120{
121 echo '<h2 class="error" style="font-size:12px">' . _("Base de donnée invalide") . '</h2>';
122 $base = dirname($_SERVER['REQUEST_URI']);
123 echo HtmlInput::button_anchor('Retour', $base . '/user_login.php');
124 exit();
125}
126if (DBVERSION < dossier::get_version($cn))
127{
128 $a = _("cliquez ici pour mettre à jour ");
129 $base =NOALYSS_URL."/admin-noalyss.php?action=upgrade&sb=application";
130
131 echo '<h2 class="error" style="font-size:12px">' .
132 _("Attention: la version de base de donnée est supérieure à la version du programme, vous devriez mettre à jour") ,
133 '<a class="text-warning line" hreF="' . $base . '">' . $a . '</a></h2>',
134 '</h2>';
135}
136if (DBVERSION > dossier::get_version($cn))
137{
138 echo '<h2 class="error" style="font-size:12px">' . _("Votre base de données n'est pas à jour") . ' ';
139 $a = _("cliquez ici pour appliquer le patch");
140 $base =NOALYSS_URL.'/admin-noalyss.php?action=upgrade&sb=database';
141 echo '<a class="text-warning line" href="' . $base . '">' . $a . '</a></h2>';
142}
143
144/*
145 * Set a correct periode for the user
146 */
147$periode = $g_user->get_periode();
149
150if ($oPeriode->load() == -1)
151{
152 $periode = $cn->get_value('select p_id from parm_periode order by p_start asc limit 1');
153 $g_user->set_periode($periode);
154}
155
157
158?>
159<script>
160/**
161 * All the onload must be here otherwise the other will overwritten
162 * @returns {undefined}
163 */
164window.onload=function ()
165{
166 create_anchor_up();
167 init_scroll();
168 sorttable.init
169}
170</script>
171<?php
172
173/*
174 * if an action is requested
175 */
176if (isset($_REQUEST['ac']))
177{
178 // When debugging save all the input in a file
179 if ( LOGINPUT)
180 {
181 $file_loginput=fopen($_ENV['TMP'].'/scenario-'.$_SERVER['REQUEST_TIME'].'.php','a+');
182 $tmp_ac=explode('/',trim(strtoupper($_REQUEST['ac'])));
183 $last=count($tmp_ac);
184 if ($last > 0) $last--;
185 fwrite ($file_loginput,"<?php \n");
186 fwrite ($file_loginput,'//@description:'.$tmp_ac[$last]."\n");
187 fwrite($file_loginput, '$_GET='.var_export($_GET,true));
188 fwrite($file_loginput,";\n");
189 fwrite($file_loginput, '$_POST='.var_export($_POST,true));
190 fwrite($file_loginput,";\n");
191 fwrite($file_loginput, '$_POST[\'gDossier\']=$gDossierLogInput;');
192 fwrite($file_loginput,"\n");
193 fwrite($file_loginput, '$_GET[\'gDossier\']=$gDossierLogInput;');
194 fwrite($file_loginput,"\n");
195 fwrite($file_loginput,' $_REQUEST=array_merge($_GET,$_POST);');
196 fwrite($file_loginput,"\n");
197 fclose($file_loginput);
198 }
199
200 // Priority to POST , otherwise "duplicate operation" doesn't work
201 $ac_post = trim(strtoupper($http->post("ac","string","")));
202 $ac_get = trim(strtoupper($http->get("ac","string","")));
203
204 $AC=($ac_post == "")?$ac_get:$ac_post;
205 $user_profile=$g_user->get_profile();
206
207
208 $amenu_id=$cn->get_array('select
209 pm_id_v3,pm_id_v2,pm_id_v1
210 from v_menu_profile where code= upper($1) and p_id=$2',
211 array($AC,$user_profile));
212
213 try {
214 if (count($amenu_id) == 0 ) {
215 // if only an Access Direct is asked without the full path
216
217 $aAccess=[];
218 // Find the possible path pm_id_v3 / pm_id_v2 / pm_id_v1
219 $direct_ac=$cn->get_array("select me_file,me_parameter,me_javascript from profile_menu
220 join menu_ref using (me_code)
221 where
222 p_id=$2
223 and me_code=$1", [strtoupper($AC),$user_profile]);
224
225 // if the me_code is available for user, find all the possible path
226 if (!empty($direct_ac)) {
227 $aAccess=$cn->get_array("select code, me_code from v_menu_description where me_code=$1 and p_id=$2",
228 [strtoupper($AC),$user_profile]);
229 }
230
231 if (empty($aAccess)) {
232 throw new Exception(_('Erreur menu'),10);
233 }
234
235 // retrieve the element path
236 $amenu_id=$cn->get_array('select
237 pm_id_v3,pm_id_v2,pm_id_v1
238 from v_menu_profile
239 where code= upper($1) and p_id=$2',
240 array($aAccess[0]['code'],$user_profile));
241
242 }
243 if ( count($amenu_id)> 1) {
244 $tmp=$amenu_id[0];
245 $amenu_id=[];
246 $amenu_id[0]=$tmp;
247 }
248 $amenu_id=complete_default_menu($amenu_id,$user_profile);
249
250 $AC=rebuild_access_code($amenu_id);
251
252 put_global(array(array("key"=>"ac","value"=>$AC)));
253 $module_id=$cn->get_value('select distinct
254 case when pm_id_v3 = 0 then (case when pm_id_v2 = 0 then pm_id_v1 else pm_id_v2 end) else pm_id_v3 end
255 from
256 v_menu_profile
257 where p_id =$1
258 and upper(code)=upper($2)',
259 array($user_profile,$AC));
260 $g_user->audit();
261 // Show module and highligt selected one
262 show_module($module_id);
263
264
265 show_menu( $amenu_id[0]['pm_id_v3']);
266
267 show_menu( $amenu_id[0]['pm_id_v2']);
268
269 show_menu($amenu_id[0]['pm_id_v1']);
270
271
272 } catch (Exception $e) {
273 if ( $e->getCode() == 10 ) {
274 alert(_('Accès menu impossible'));
275 echo '<a class="button" href="do.php?'.Dossier::get().'">';
276 echo _('Retour');
277 echo '</a>';
278 return;
279 }
280 else {
281 alert($e->getMessage());
282 record_log($e->getTraceAsString());
283 throw $e;
284 }
285 }
286}
287else
288{
289 $default = find_default_module();
290 $user_profile=$g_user->get_profile();
291
292 try
293 {
294 if ( $user_profile == "" )
295 throw new Exception (_('Aucun profil utilisateur'));
296
297 $menu_id=$cn->get_value('select
298 case when pm_id_v3 = 0 then
299 (case when pm_id_v2 = 0 then pm_id_v1 else pm_id_v2 end)
300 else pm_id_v3 end
301 from v_menu_profile where code= upper($1) and p_id=$2',
302 array($default,$user_profile));
303 $_GET['ac']=$default;
304 $_POST['ac']=$default;
305 $_REQUEST['ac']=$default;
307 $all[0] = $default;
309 }
310 catch (Exception $exc)
311 {
312 echo $exc->getMessage();
313 record_log("No user profile ");
314 record_log($exc->getMessage());
315 record_log($exc->getTraceAsString());
316 throw $exc;
317 }
318
319}
320
321
complete_default_menu($pa_menu)
Check if there is a default menu for this user and add it.
Definition: ac_common.php:1482
put_global($array)
Put in superglobal (get,post,request) the value contained in the parameter field (me_parameter)
Definition: ac_common.php:1233
html_page_start($p_theme="", $p_script="", $p_script2="")
Default page header for each page.
Definition: ac_common.php:275
rebuild_access_code($pan_code)
rebuild the access code
Definition: ac_common.php:1508
find_default_module()
Definition: ac_common.php:991
show_module($selected)
Show the modules.
Definition: ac_common.php:932
record_log($p_message)
Record an error message into the log file of the server.
Definition: ac_common.php:1342
show_menu($module)
Definition: ac_common.php:1071
alert($p_msg, $buffer=false)
alert in javascript
Definition: ac_common.php:738
$base
Definition: action.inc.php:56
$url
$opd_description style
if(! empty( $error)) for($i=0;$i< count($error);$i++)( $last !=$error[$i]) $last
static id()
return the 'gDossier' value after a check
static connect()
static button_anchor($p_label, $p_value, $p_name="", $p_javascript="", $p_class="smallbutton")
create a button with a ref
manage the http input (get , post, request) and extract from an array
static set_firstDate($firstDate)
static display_global()
for development , show GLOBAL and SESSION
Definition: dbg.php:148
static display_request()
for development , show request (POST, GET)
Definition: dbg.php:119
static display_size()
display a bar depending of the size of the screen , it helps for CSS to see the media-size
Definition: dbg.php:104
Class to manage the company parameter (address, name...)
For the periode tables parm_periode and jrn_periode.
const DBVERSION
Definition: constant.php:31
if(strpos( $browser, 'MSIE 6') !=false||strpos( $browser, 'MSIE 5') !=false) if($cn->exist_table('version')==false) if(DBVERSION< dossier::get_version( $cn)) if(DBVERSION > dossier::get_version($cn)) $periode
$_POST['ac']
if(! $cn->exist_table( 'version')) if($g_user->get_access_mode()=='MOBILE') $style_user
if access_mode is MOBILE than force it to mobile.php
$user_profile
if(! isset( $_REQUEST[ 'gDossier'])) if(! isset($_SESSION[SESSION_KEY. 'g_user'])) $cn
if($oPeriode->load()==-1) $module_selected
global $g_user
$_REQUEST['ac']
$_GET['ac']
global $g_parameter
$browser
$all[0]
for($e=0; $e< count($afiche); $e++) exit
load_all_script()
load all the javascript only one time
redirect($p_string, $p_time=0)