/**
* Load settings from the database
*
* Query all the settings
* Fetch the result in the $grrSettings associative array
*
* Returns true if all went good, false otherwise
*
*
* @return bool The settings are loaded
*/
function loadSettings()
{
global $grrSettings;
// Pour tenir compte du changement de nom de la table setting à partir de la version 1.8
$test = grr_sql_query1("select NAME from ".TABLE_PREFIX."_setting where NAME='version'");
if ($test != -1)
$sql = "select `NAME`, `VALUE` from ".TABLE_PREFIX."_setting";
else
$sql = "select `NAME`, `VALUE` from setting";
$res = grr_sql_query($sql);
if (! $res) return (false);
if (grr_sql_count($res) == 0) {
return (false);
} else {
for ($i = 0; ($row = grr_sql_row($res, $i)); $i++) {
$grrSettings[$row[0]] = $row[1];
}
return (true);
}
}
static function load()
{
$test = grr_sql_query1("SELECT NAME FROM " . TABLE_PREFIX . "_setting WHERE NAME='version'");
if ($test != -1) {
$sql = "SELECT `NAME`, `VALUE` FROM " . TABLE_PREFIX . "_setting";
} else {
$sql = "SELECT `NAME`, `VALUE` FROM setting";
}
$res = grr_sql_query($sql);
if (!$res) {
return false;
}
if (grr_sql_count($res) == 0) {
return false;
} else {
for ($i = 0; $row = grr_sql_row($res, $i); $i++) {
self::$grrSettings[$row[0]] = $row[1];
}
return true;
}
}
function jQuery_DatePicker($typeDate)
{
if (@file_exists('../include/connect.inc.php')) {
$racine = "../";
} else {
$racine = "./";
}
if ($typeDate == 'rep_end' && isset($_GET['id'])) {
$res = grr_sql_query("SELECT repeat_id FROM " . TABLE_PREFIX . "_entry WHERE id=" . $_GET['id'] . ";");
if (!$res) {
fatal_error(0, grr_sql_error());
}
$repeat_id = implode('', grr_sql_row($res, 0));
$res = grr_sql_query("SELECT rep_type, end_date, rep_opt, rep_num_weeks, start_time, end_time FROM " . TABLE_PREFIX . "_repeat WHERE id={$repeat_id}");
if (!$res) {
fatal_error(0, grr_sql_error());
}
if (grr_sql_count($res) == 1) {
$row6 = grr_sql_row($res, 0);
$date = date_parse(date("Y-m-d H:i:s", $row6[1]));
$day = $date['day'];
$month = $date['month'];
$year = $date['year'];
} else {
if (isset($_GET['day'])) {
$day = $_GET['day'];
} else {
$day = date("d");
}
if (isset($_GET['month'])) {
$month = $_GET['month'];
} else {
$month = date("m");
}
if (isset($_GET['year'])) {
$year = $_GET['year'];
} else {
$year = date("Y");
}
}
} else {
global $start_day, $start_month, $start_year, $end_day, $end_month, $end_year;
if (isset($_GET['day'])) {
$day = $_GET['day'];
} else {
$day = date("d");
}
if (isset($start_day) && $typeDate == 'start') {
$day = $start_day;
} elseif (isset($end_day) && $typeDate == 'end') {
$day = $end_day;
}
if (isset($_GET['month'])) {
$month = $_GET['month'];
} else {
$month = date("m");
}
if (isset($start_month) && $typeDate == 'start') {
$month = $start_month;
} elseif (isset($end_month) && $typeDate == 'end') {
$month = $end_month;
}
if (isset($_GET['year'])) {
$year = $_GET['year'];
} else {
$year = date("Y");
}
if (isset($start_year) && $typeDate == 'start') {
$year = $start_year;
} elseif (isset($end_year) && $typeDate == 'end') {
$year = $end_year;
}
}
genDateSelector("" . $typeDate . "_", "{$day}", "{$month}", "{$year}", "");
echo '<input type="hidden" disabled="disabled" id="mydate_' . $typeDate . '">' . PHP_EOL;
echo '<script>' . PHP_EOL;
echo ' $(function() {' . PHP_EOL;
echo '$.datepicker.setDefaults( $.datepicker.regional[\'fr\'] );' . PHP_EOL;
echo ' $(\'#mydate_' . $typeDate . '\').datepicker({' . PHP_EOL;
echo ' beforeShow: readSelected, onSelect: updateSelected,' . PHP_EOL;
echo ' showOn: \'both\', buttonImageOnly: true, buttonImage: \'images/calendar.png\',buttonText: "Choisir la date"});' . PHP_EOL;
echo ' function readSelected()' . PHP_EOL;
echo ' {' . PHP_EOL;
echo ' $(\'#mydate_' . $typeDate . '\').val($(\'#' . $typeDate . '_day\').val() + \'/\' +' . PHP_EOL;
echo ' $(\'#' . $typeDate . '_month\').val() + \'/\' + $(\'#' . $typeDate . '_year\').val());' . PHP_EOL;
echo ' return {};' . PHP_EOL;
echo ' }' . PHP_EOL;
echo ' function updateSelected(date)' . PHP_EOL;
echo ' {' . PHP_EOL;
echo ' $(\'#' . $typeDate . '_day\').val(date.substring(0, 2));' . PHP_EOL;
echo ' $(\'#' . $typeDate . '_month\').val(date.substring(3, 5));' . PHP_EOL;
echo ' $(\'#' . $typeDate . '_year\').val(date.substring(6, 10));' . PHP_EOL;
echo ' }' . PHP_EOL;
echo ' });' . PHP_EOL;
echo '</script>' . PHP_EOL;
}
echo "</table>\n";
echo "</td><td>\n";
//This one has the rooms
if (isset($id_area)) {
$sql = "SELECT id, room_name, description, capacity, max_booking, statut_room from " . TABLE_PREFIX . "_room where area_id={$id_area} ";
// on ne cherche pas parmi les ressources invisibles pour l'utilisateur
$tab_rooms_noaccess = verif_acces_ressource(getUserName(), 'all');
foreach ($tab_rooms_noaccess as $key) {
$sql .= " and id != {$key} ";
}
$sql .= "order by order_display, room_name";
$res = grr_sql_query($sql);
if (!$res) {
fatal_error(0, grr_sql_error());
}
if (grr_sql_count($res) != 0) {
echo "<table class=\"table\">";
for ($i = 0; $row = grr_sql_row($res, $i); $i++) {
$color = '';
if ($row[5] == "0") {
$color = " class=\"texte_ress_tempo_indispo\"";
}
echo "<tr><td " . $color . ">" . htmlspecialchars($row[1]) . "<i> - " . htmlspecialchars($row[2]);
if ($row[3] > 0) {
echo " ({$row['3']} max.)";
}
echo "</i></td>\n<td><a href=\"admin_edit_room.php?room={$row['0']}\"><img src=\"img_grr/edit_s.png\" alt=\"" . get_vocab('edit') . "\" title=\"" . get_vocab('edit') . "\" class=\"image\" /></a></td>\n";
echo "<td><a href=\"admin_edit_room.php?room={$row['0']}&action=duplique_room\"><img src=\"img_grr/duplique.png\" alt=\"" . get_vocab('duplique_ressource') . "\" title=\"" . get_vocab('duplique_ressource') . "\" class=\"image\" /></a></td>";
echo "<td><a href=\"admin_room_del.php?type=room&room={$row['0']}&id_area={$id_area}\"><img src=\"img_grr/delete_s.png\" alt=\"" . get_vocab('delete') . "\" title=\"" . get_vocab('delete') . "\" class=\"image\" /></a></td>";
echo "<td><a href='javascript:centrerpopup(\"view_rights_room.php?id_room={$row['0']}\",600,480,\"scrollbars=yes,statusbar=no,resizable=yes\")' title=\"" . get_vocab("privileges") . "\">\n\t\t\t\t\t\t<img src=\"img_grr/rights.png\" alt=\"" . get_vocab("privileges") . "\" class=\"image\" /></a></td>";
echo "<td><a href='javascript:centrerpopup(\"view_room.php?id_room={$row['0']}\",600,480,\"scrollbars=yes,statusbar=no,resizable=yes\")' title=\"" . get_vocab("fiche_ressource") . "\">\n\t\t\t\t\t\t<img src=\"img_grr/details_s.png\" alt=\"détails\" class=\"image\" /></a></td>";
//print '<option '.$selected.' value="'.$row[0].'">'.$row[1].'</option>'.PHP_EOL;
$incrementForValidArea++;
}
}
}
//echo '</select>',PHP_EOL,'</div>',PHP_EOL,'</td>',PHP_EOL,'</tr>',PHP_EOL;
/*echo '<!-- ************* Ressources edition ***************** -->',PHP_EOL;
echo '<tr><td class="E"><b>'.get_vocab('rooms').get_vocab('deux_points')."</b></td></tr>\n";*/
$sql = 'SELECT id, room_name, description, capacity FROM ' . TABLE_PREFIX . "_room WHERE area_id={$area_id} ";
$tab_rooms_noaccess = verif_acces_ressource(getUserName(), 'all');
foreach ($tab_rooms_noaccess as $key) {
$sql .= " and id != {$key} ";
}
$sql .= ' ORDER BY order_display,room_name';
$res = grr_sql_query($sql);
$len = grr_sql_count($res);
$tplArrayEditEntry['longeurListeRessourcesMax'] = min($longueur_liste_ressources_max, $len);
/*echo '<tr><td class="CL" style="vertical-align:top;"><table border="0"><tr><td><select name="rooms[]" size="'.min($longueur_liste_ressources_max, $len).'" multiple="multiple">';*/
//Sélection de la "room" dans l'"area"
if ($res) {
for ($i = 0; $row = grr_sql_row($res, $i); ++$i) {
/*var_dump($row);echo "<br>";*/
$tplArrayEditEntry['rooms'][$i]['0'] = $row[0];
$tplArrayEditEntry['rooms'][$i]['1'] = $row[1];
$tplArrayEditEntry['rooms'][$i]['capacity'] = $row[3];
$tplArrayEditEntry['rooms'][$i]['desc'] = $row[2];
$selected = '';
if ($row[0] == $room_id) {
//$selected = 'selected="selected"';
$tplArrayEditEntry['rooms'][$i]['selected'] = true;
} else {
function mrbsGetEntryInfo($id)
{
$sql = "SELECT start_time, end_time, entry_type, repeat_id, room_id,
timestamp, beneficiaire, name, type, description
FROM ".TABLE_PREFIX."_entry
WHERE id = '".$id."'";
$res = grr_sql_query($sql);
if (! $res)
return;
$ret = '';
if(grr_sql_count($res) > 0)
{
$row = grr_sql_row($res, 0);
$ret["start_time"] = $row[0];
$ret["end_time"] = $row[1];
$ret["entry_type"] = $row[2];
$ret["repeat_id"] = $row[3];
$ret["room_id"] = $row[4];
$ret["timestamp"] = $row[5];
$ret["beneficiaire"] = $row[6];
$ret["name"] = $row[7];
$ret["type"] = $row[8];
$ret["description"] = $row[9];
}
grr_sql_free($res);
return $ret;
}
$grrSettings['ldap_champ_email'] = $_POST['ldap_champ_email'];
if (!Settings::set("se3_liste_groupes_autorises", $_POST['se3_liste_groupes_autorises'])) {
echo "Erreur lors de l'enregistrement de se3_liste_groupes_autorises !<br />";
}
$grrSettings['se3_liste_groupes_autorises'] = $_POST['se3_liste_groupes_autorises'];
}
}
//Chargement des valeurs de la table settingS
if (!Settings::load()) {
die("Erreur chargement settings");
}
if (isset($_POST['submit'])) {
if (isset($_POST['login']) && isset($_POST['password'])) {
$sql = "select upper(login) login, password, prenom, nom, statut from " . TABLE_PREFIX . "_utilisateurs where login = '******'login'] . "' and password = md5('" . $_POST['password'] . "') and etat != 'inactif' and statut='administrateur' ";
$res_user = grr_sql_query($sql);
$num_row = grr_sql_count($res_user);
if ($num_row == 1) {
$valid = 'yes';
} else {
$message = get_vocab("wrong_pwd");
}
}
}
if (!grr_resumeSession() && $valid != 'yes') {
?>
<!doctype html>
<html>
<head>
<link rel="stylesheet" href="style.css" type="text/css">
<title> grr </title>
<link rel="shortcut icon" href="./favicon.ico">
echo '</div>' . PHP_EOL;
if (isset($_GET['precedent'])) {
if ($_GET['pview'] == 1 && $_GET['precedent'] == 1) {
echo '<span id="lienPrecedent"><button class="btn btn-default btn-xs" onclick="charger();javascript:history.back();">Précedent</button></span>' . PHP_EOL;
}
}
echo '<div class="contenu_planning">' . PHP_EOL;
echo '<table class="table-bordered table-striped">' . PHP_EOL;
echo '<tr>' . PHP_EOL . '<th style="width:5%;">' . PHP_EOL;
if ($enable_periods == 'y') {
echo get_vocab("period");
} else {
echo get_vocab("time");
}
echo '</th>' . PHP_EOL;
$room_column_width = (int) (90 / grr_sql_count($res));
$nbcol = 0;
$rooms = array();
$a = 0;
for ($i = 0; $row = grr_sql_row($res, $i); $i++) {
$id_room[$i] = $row['2'];
$nbcol++;
if (verif_acces_ressource(getUserName(), $id_room[$i])) {
$room_name[$i] = $row['0'];
$statut_room[$id_room[$i]] = $row['4'];
$statut_moderate[$id_room[$i]] = $row['7'];
$acces_fiche_reservation = verif_acces_fiche_reservation(getUserName(), $id_room[$i]);
if ($row['1'] && $_GET['pview'] != 1) {
$temp = '<br /><span class="small">(' . $row['1'] . ' ' . ($row['1'] > 1 ? get_vocab("number_max2") : get_vocab("number_max")) . ')</span>' . PHP_EOL;
} else {
$temp = '';
$sql = 'SELECT room_name, capacity, id, description, statut_room FROM ' . TABLE_PREFIX . "_room WHERE area_id='" . $area . "' ORDER BY order_display, room_name";
$res = grr_sql_query($sql);
if (isset($_GET['precedent'])) {
if ($_GET['pview'] == 1 && $_GET['precedent'] == 1) {
$tplArray['precedant'] = true;
/*echo '<span id="lienPrecedent">'.PHP_EOL;
echo '<button class="btn btn-default btn-xs" onclick="charger();javascript:history.back();">Précedent</button>'.PHP_EOL;
echo '</span>'.PHP_EOL;*/
} else {
$tplArray['precedant'] = false;
}
}
if (!$res) {
fatal_error(0, grr_sql_error());
}
if (grr_sql_count($res) == 0) {
$tplArray['roomForArea'] = false;
$tplArray['vocab']['no_rooms_for_area'] = get_vocab('no_rooms_for_area');
/*echo '<h1>',get_vocab('no_rooms_for_area'),'</h1>';*/
grr_sql_free($res);
} else {
$tplArray['vocab']['all_rooms'] = get_vocab('all_rooms');
$tplArray['vocab']['weekbefore'] = get_vocab('weekbefore');
$tplArray['vocab']['weekafter'] = get_vocab('weekafter');
$tplArray['roomForArea'] = true;
//DEBUT HTML
/*echo '<div class="row">'.PHP_EOL;*/
include 'menu_gauche.php';
/**
* todo voir pour transformer ces includes en fonction ? Vérifier portée des var par rapport à l'include
* menu gauche crée la var tplArrayMenuGauche
$req_area = "SELECT id, area_name, access FROM " . TABLE_PREFIX . "_area ORDER BY order_display";
$res_area = grr_sql_query($req_area);
if ($res_area) {
for ($i = 0; $row_area = grr_sql_row($res_area, $i); $i++) {
$test_admin = grr_sql_query1("SELECT count(id_area) FROM " . TABLE_PREFIX . "_j_useradmin_area j where j.login = '******' and j.id_area='" . $row_area[0] . "'");
if ($test_admin >= 1) {
$is_admin = 'y';
} else {
$is_admin = 'n';
}
$nb_room = grr_sql_query1("SELECT count(r.room_name) FROM " . TABLE_PREFIX . "_room r\n\t\t\t\t\tleft join " . TABLE_PREFIX . "_area a on r.area_id=a.id\n\t\t\t\t\twhere a.id='" . $row_area[0] . "'");
$req_room = "SELECT r.room_name FROM " . TABLE_PREFIX . "_room r\n\t\t\t\tleft join " . TABLE_PREFIX . "_j_user_room j on r.id=j.id_room\n\t\t\t\tleft join " . TABLE_PREFIX . "_area a on r.area_id=a.id\n\t\t\t\twhere j.login = '******' and a.id='" . $row_area[0] . "'";
$res_room = grr_sql_query($req_room);
$is_gestionnaire = '';
if ($res_room) {
if (grr_sql_count($res_room) == $nb_room && $nb_room != 0) {
$is_gestionnaire = $vocab["all_rooms"];
} else {
for ($j = 0; $row_room = grr_sql_row($res_room, $j); $j++) {
$is_gestionnaire .= $row_room[0] . "<br />";
}
}
}
$req_mail = "SELECT r.room_name from " . TABLE_PREFIX . "_room r\n\t\t\t\tleft join " . TABLE_PREFIX . "_j_mailuser_room j on r.id=j.id_room\n\t\t\t\tleft join " . TABLE_PREFIX . "_area a on r.area_id=a.id\n\t\t\t\twhere j.login = '******' and a.id='" . $row_area[0] . "'";
$res_mail = grr_sql_query($req_mail);
$is_mail = '';
if ($res_mail) {
for ($j = 0; $row_mail = grr_sql_row($res_mail, $j); $j++) {
$is_mail .= $row_mail[0] . "<br />";
}
}
header('Location: ' . Settings::get("grr_url"));
}
$sql = "SELECT * FROM " . TABLE_PREFIX . "_entry WHERE id='" . $id . "'";
$res = grr_sql_query($sql);
if (!$res) {
fatal_error(0, grr_sql_error());
}
$row = grr_sql_row($res, 0);
$sql = "SELECT room_name FROM " . TABLE_PREFIX . "_room WHERE id='" . $row[5] . "'";
$res = grr_sql_query($sql);
$row2 = grr_sql_row($res, 0);
$res2 = grr_sql_query("SELECT rep_type, end_date, rep_opt, rep_num_weeks, start_time, end_time FROM " . TABLE_PREFIX . "_repeat WHERE id={$row['4']}");
if (!$res2) {
fatal_error(0, grr_sql_error());
}
if (grr_sql_count($res2) == 1) {
$row6 = grr_sql_row($res2, 0);
$rep_type = $row6[0];
$rep_end_date = utf8_strftime($dformat, $row6[1]);
$rep_opt = $row6[2];
$rep_num_weeks = $row6[3];
$start_time = $row6[4];
$end_time = $row6[5];
$duration = $row6[5] - $row6[4];
}
if ($row[4] != 0) {
$period = 1;
} else {
$period = 0;
}
include 'pdf/form_infoPDF.html';
/**
* Open a new session
*
* Check the provided login and password
* Register data from the database to the session cookie
* Log the session
*
* Returns 1 if login succeeded, >= 1 otherwise
*
* @param string _login
* @param string _password
* @return string
*/
function grr_opensession($_login, $_password, $_user_ext_authentifie = '', $tab_login = array(), $tab_groups = array())
{
// Initialisation de $auth_ldap
$auth_ldap = 'no';
// Initialisation de $auth_imap
$auth_imap = 'no';
// Initialisation de $est_authentifie_sso
$est_authentifie_sso = FALSE;
if ($_user_ext_authentifie != '') {
$est_authentifie_sso = TRUE;
// Statut par défaut
$_statut = "";
$sso = Settings::get("sso_statut");
if ($sso == "cas_visiteur") {
$_statut = "visiteur";
} else {
if ($sso == "cas_utilisateur") {
$_statut = "utilisateur";
} else {
if ($sso == "lemon_visiteur") {
$_statut = "visiteur";
} else {
if ($sso == "lemon_utilisateur") {
$_statut = "utilisateur";
} else {
if ($sso == "http_visiteur") {
$_statut = "visiteur";
} else {
if ($sso == "http_utilisateur") {
$_statut = "utilisateur";
} else {
if ($sso == "lasso_visiteur") {
$_statut = "visiteur";
} else {
if ($sso == "lasso_utilisateur") {
$_statut = "utilisateur";
} else {
if ($sso == "lcs") {
if ($_user_ext_authentifie == "lcs_eleve") {
$_statut = Settings::get("lcs_statut_eleve");
}
if ($_user_ext_authentifie == "lcs_non_eleve") {
$_statut = Settings::get("lcs_statut_prof");
}
$temoin_grp_ok = "non";
if (trim(Settings::get("lcs_liste_groupes_autorises")) == "") {
$temoin_grp_ok = "oui";
} else {
$tab_grp_autorise = explode(";", Settings::get("lcs_liste_groupes_autorises"));
$tot = count($tab_grp_autorise);
for ($i = 0; $i < $tot; $i++) {
if (in_array($tab_grp_autorise[$i], $tab_groups)) {
$temoin_grp_ok = "oui";
}
}
}
// Si l'utilisateur n'appartient pas aux groupes LCS autorisés
if ($temoin_grp_ok != 'oui') {
return "5";
}
}
}
}
}
}
}
}
}
}
$sql = "SELECT upper(login) login, password, prenom, nom, statut, now() start, default_area, default_room, default_style, default_list_type, default_language, source, etat, default_site\n\t\tfrom " . TABLE_PREFIX . "_utilisateurs\n\t\twhere login = '******' and ";
if ($_user_ext_authentifie != 'lasso') {
$sql .= " password = '' and ";
}
$sql .= " etat != 'inactif'";
$res_user = grr_sql_query($sql);
$num_row = grr_sql_count($res_user);
if ($num_row == 1) {
// L'utilisateur est présent dans la base locale
if ($sso == "lcs") {
// Mise à jour des données
$nom_user = $tab_login["nom"];
$email_user = $tab_login["email"];
$prenom_user = $tab_login["fullname"];
// On met à jour
$sql = "UPDATE " . TABLE_PREFIX . "_utilisateurs SET\n\t\t\t\tnom='" . protect_data_sql($nom_user) . "',\n\t\t\t\tprenom='" . protect_data_sql($prenom_user) . "',\n\t\t\t\temail='" . protect_data_sql($email_user) . "'\n\t\t\t\twhere login='******'";
} else {
if ($_user_ext_authentifie == "cas") {
if (Settings::get("ldap_statut") != '' && @function_exists("ldap_connect") && @file_exists("include/config_ldap.inc.php")) {
$auth_ldap = 'yes';
}
$nom_user = $tab_login["user_nom"];
$email_user = $tab_login["user_email"];
$prenom_user = $tab_login["user_prenom"];
if ($nom_user != '') {
// On détecte si Nom, Prénom ou Email ont changé,
// Si c'est le cas, on met à jour les champs
$req = grr_sql_query("SELECT nom, prenom, email from " . TABLE_PREFIX . "_utilisateurs where login ='******'");
$res = mysqli_fetch_array($req);
$nom_en_base = $res[0];
$prenom_en_base = $res[1];
$email_en_base = $res[2];
if (strcmp($nom_en_base, $nom_user) != 0 || strcmp($prenom_en_base, $prenom_user) != 0 || strcmp($email_en_base, $email_user) != 0) {
// Si l'un des champs est différent, on met à jour les champs
$sql = "UPDATE " . TABLE_PREFIX . "_utilisateurs SET\n\t\t\t\t\t\tnom='" . protect_data_sql($nom_user) . "',\n\t\t\t\t\t\tprenom='" . protect_data_sql($prenom_user) . "',\n\t\t\t\t\t\temail='" . protect_data_sql($email_user) . "'\n\t\t\t\t\t\twhere login='******'";
if (grr_sql_command($sql) < 0) {
fatal_error(0, get_vocab("msg_login_created_error") . grr_sql_error());
}
//Comme les données de la base on été changés, on doit remettre à jour la variable $row,
//Pour que les données mises en sessions soient les bonnes
//on récupère les données de l'utilisateur
$sql = "SELECT upper(login) login, password, prenom, nom, statut, now() start, default_area, default_room, default_style, default_list_type, default_language, source, etat, default_site\n\t\t\t\t\t\tFROM " . TABLE_PREFIX . "_utilisateurs\n\t\t\t\t\t\tWHERE login = '******' and\n\t\t\t\t\t\tsource = 'ext' and\n\t\t\t\t\t\tetat != 'inactif'";
$res_user = grr_sql_query($sql);
$num_row = grr_sql_count($res_user);
if ($num_row != 1) {
return "2";
}
}
}
}
}
if (grr_sql_command($sql) < 0) {
fatal_error(0, get_vocab("msg_login_created_error") . grr_sql_error());
}
// on récupère les données de l'utilisateur dans $row
$row = grr_sql_row($res_user, 0);
} else {
// L'utilisateur n'est pas présent dans la base locale ou est inactif
// ou possède un mot de passe (utilisateur local GRR)
// On teste si un utilisateur porte déjà le même login
$test = grr_sql_query1("SELECT login FROM " . TABLE_PREFIX . "_utilisateurs WHERE login = '******'");
if ($test != '-1') {
return "3";
} else {
//Aucun utilisateur dans la base locale ne porte le même login. On peut continuer la procédure d'importation
//1er cas : LCS.
if ($sso == "lcs") {
if ($_statut == 'aucun') {
return "5";
} else {
$nom_user = $tab_login["nom"];
$email_user = $tab_login["email"];
$prenom_user = $tab_login["fullname"];
}
//2ème cas : SSO lasso.
} else {
if ($sso == "lasso_visiteur" or $sso == "lasso_utilisateur") {
if (!empty($tab_login)) {
$nom_user = $tab_login["nom"];
$email_user = $tab_login["email"];
$prenom_user = $tab_login["fullname"];
}
//CAS d'un LDAP avec SSO CAS ou avec SSO Lemonldap
//on tente de récupérer des infos dans l'annuaire avant d'importer le profil dans GRR
} else {
if (Settings::get("ldap_statut") != '' && @function_exists("ldap_connect") && @file_exists("include/config_ldap.inc.php") && $_user_ext_authentifie == 'cas') {
// On initialise au cas où on ne réussisse pas à récupérer les infos dans l'annuaire.
$l_nom = $_login;
$l_email = '';
$l_prenom = '';
include "config_ldap.inc.php";
// Connexion à l'annuaire
$ds = grr_connect_ldap($ldap_adresse, $ldap_port, $ldap_login, $ldap_pwd, $use_tls);
$user_dn = grr_ldap_search_user($ds, $ldap_base, Settings::get("ldap_champ_recherche"), $_login, $ldap_filter, "no");
// Test with login and password of the user
if (!$ds) {
$ds = grr_connect_ldap($ldap_adresse, $ldap_port, $_login, $_password, $use_tls);
}
if ($ds) {
$result = @ldap_read($ds, $user_dn, "objectClass=*", array(Settings::get("ldap_champ_nom"), Settings::get("ldap_champ_prenom"), Settings::get("ldap_champ_email")));
}
if ($result) {
// Recuperer les donnees de l'utilisateur
$info = @ldap_get_entries($ds, $result);
if (is_array($info)) {
for ($i = 0; $i < $info["count"]; $i++) {
$val = $info[$i];
if (is_array($val)) {
if (isset($val[Settings::get("ldap_champ_nom")][0])) {
$l_nom = ucfirst($val[Settings::get("ldap_champ_nom")][0]);
} else {
$l_nom = iconv("ISO-8859-1", "utf-8", "Nom à préciser");
}
if (isset($val[Settings::get("ldap_champ_prenom")][0])) {
$l_prenom = ucfirst($val[Settings::get("ldap_champ_prenom")][0]);
} else {
$l_prenom = iconv("ISO-8859-1", "utf-8", "Prénom à préciser");
}
if (isset($val[Settings::get("ldap_champ_email")][0])) {
$l_email = $val[Settings::get("ldap_champ_email")][0];
} else {
$l_email = '';
}
}
}
}
// Convertir depuis UTF-8 (jeu de caracteres par defaut)
if (function_exists("utf8_decode") && Settings::get("ConvertLdapUtf8toIso") == "y") {
$l_email = utf8_decode($l_email);
$l_nom = utf8_decode($l_nom);
$l_prenom = utf8_decode($l_prenom);
}
}
$nom_user = $l_nom;
$email_user = $l_email;
$prenom_user = $l_prenom;
//4ème cas : SSO CAS.
} else {
if ($_user_ext_authentifie == "cas" && !empty($tab_login)) {
// Cas d'une authentification CAS
$nom_user = $tab_login["user_nom"];
$email_user = $tab_login["user_email"];
$prenom_user = $tab_login["user_prenom"];
$code_fonction_user = $tab_login["user_code_fonction"];
$libelle_fonction_user = $tab_login["user_libelle_fonction"];
$language_user = $tab_login["user_language"];
$default_style_user = $tab_login["user_default_style"];
if (Settings::get("sso_ac_corr_profil_statut") == 'y') {
$_statut = effectuer_correspondance_profil_statut($code_fonction_user, $libelle_fonction_user);
}
//CAS ou :
//LDAP n'est pas configuré,
//il peut s'agit d'une authentification "SSO CAS", "SSO Lemonldap" mais ce n'est alors pas normal
//ou bien il s'agit d'une authentification "HTTP"
} else {
//definition du nom
$nom_user = "";
if (Settings::get("http_champ_nom") != "") {
$_nom_user = Settings::get("http_champ_nom");
if (isset($_SERVER["{$_nom_user}"])) {
$nom_user = $_SERVER["{$_nom_user}"];
}
}
if ($nom_user == "") {
$nom_user = $_login;
}
//definition email :
$email_user = "";
if (Settings::get("http_champ_email")) {
$_email_user = Settings::get("http_champ_email");
if (isset($_SERVER["{$_email_user}"])) {
$email_user = $_SERVER["{$_email_user}"];
}
//on verifie le statut si domain statut est actif :
if ($email_user != "") {
if (Settings::get("http_sso_domain") && Settings::get("http_sso_domain") != "") {
//explode du mail :
$domaine = explode("@", $email_user);
if (isset($domaine[1])) {
if ($domaine[1] == Settings::get("http_sso_domain")) {
if (Settings::get("http_sso_statut_domaine") != "") {
$_statut = Settings::get("http_sso_statut_domaine");
}
}
}
}
}
}
//definition du prenom :
$prenom_user = "";
if (Settings::get("http_champ_prenom")) {
$_prenom_user = Settings::get("http_champ_prenom");
if (isset($_SERVER["{$_prenom_user}"])) {
$prenom_user = $_SERVER["{$_prenom_user}"];
}
}
}
}
}
}
// On insère le nouvel utilisateur
$sql = "INSERT INTO " . TABLE_PREFIX . "_utilisateurs SET\n\t\t\t\tnom='" . protect_data_sql($nom_user) . "',\n\t\t\t\tprenom='" . protect_data_sql($prenom_user) . "',\n\t\t\t\tlogin='******',\n\t\t\t\tpassword='',\n\t\t\t\tstatut='" . $_statut . "',\n\t\t\t\temail='" . protect_data_sql($email_user) . "',\n\t\t\t\tetat='actif',";
if (isset($default_style_user) and $default_style_user != "") {
$sql .= "default_style='" . $default_style_user . "',";
}
if (isset($language_user) and $language_user != "") {
$sql .= "default_language='" . $language_user . "',";
}
$sql .= "source='ext'";
if (grr_sql_command($sql) < 0) {
fatal_error(0, get_vocab("msg_login_created_error") . grr_sql_error());
return "2";
}
// on récupère les données de l'utilisateur
$sql = "SELECT upper(login) login, password, prenom, nom, statut, now() start, default_area, default_room, default_style, default_list_type, default_language, source, etat, default_site\n\t\t\tfrom " . TABLE_PREFIX . "_utilisateurs\n\t\t\twhere login = '******' and\n\t\t\tsource = 'ext' and\n\t\t\tetat != 'inactif'";
$res_user = grr_sql_query($sql);
$num_row = grr_sql_count($res_user);
if ($num_row == 1) {
$row = grr_sql_row($res_user, 0);
} else {
return "2";
}
}
}
//On traite le cas NON SSO
//-> LDAP sans SSO
// -> Imap
} else {
$passwd_md5 = md5($_password);
$sql = "SELECT upper(login) login, password, prenom, nom, statut, now() start, default_area, default_room, default_style, default_list_type, default_language, source, etat, default_site\n\tfrom " . TABLE_PREFIX . "_utilisateurs\n\twhere login = '******' and\n\tpassword = '******'";
$res_user = grr_sql_query($sql);
$num_row = grr_sql_count($res_user);
//On est toujours dans le cas NON SSO - L'utilisateur n'est pas présent dans la base locale
if ($num_row != 1) {
if (Settings::get("ldap_statut") != '' && @function_exists("ldap_connect") && @file_exists("include/config_ldap.inc.php")) {
//$login_search = ereg_replace("[^-@._[:space:][:alnum:]]", "", $_login);
$login_search = preg_replace("/[^\\-@._[:space:]a-zA-Z0-9]/", "", $_login);
if ($login_search != $_login) {
return "6";
}
$user_dn = grr_verif_ldap($_login, $_password);
if ($user_dn == "error_1") {
return "7";
} else {
if ($user_dn == "error_2") {
return "8";
} else {
if ($user_dn == "error_3") {
return "9";
} else {
if ($user_dn) {
$auth_ldap = 'yes';
} else {
return "4";
}
}
}
}
} elseif (Settings::get("imap_statut") != '' and @function_exists("imap_open") and @file_exists("include/config_imap.inc.php")) {
// $login_search = ereg_replace("[^-@._[:space:][:alnum:]]", "", $_login);
$login_search = preg_replace("/[^\\-@._[:space:]a-zA-Z0-9]/", "", $_login);
if ($login_search != $_login) {
return "6";
}
$user_imap = grr_verif_imap($_login, $_password);
if ($user_imap) {
$auth_imap = 'yes';
imap_close($user_imap);
} else {
return "10";
}
} else {
return "2";
}
} else {
$row = grr_sql_row($res_user, 0);
// S'il s'agit d'un utilisateur inactif, on s'arrête là
if ($row[12] == 'inactif') {
return "5";
}
}
// Fin du cas NON SSO
}
// Cette partie ne concerne que les utilisateurs pour lesquels l'authentification ldap ci-dessus a réussi
// On tente d'interroger la base ldap pour obtenir des infos sur l'utilisateur
if ($auth_ldap == 'yes') {
// Cas particulier des serveur SE3
// se3_liste_groupes_autorises est vide -> pas de restriction
if (trim(Settings::get("se3_liste_groupes_autorises")) == "") {
$temoin_grp_ok = "oui";
} else {
// se3_liste_groupes_autorises n'est pas vide -> on teste si le $_login appartient à un des groupes
$temoin_grp_ok = "non";
//S'assurer que le fichier est inclus (il existe dans tous les cas où $auth_ldap==yes)
if (!isset($ldap_group_user_field)) {
include "config_ldap.inc.php";
}
//Aller chercher l'info pour faire la comparaison
$member_search = $_login;
if ($ldap_group_user_field != 'uid') {
$ds = grr_connect_ldap($ldap_adresse, $ldap_port, $ldap_login, $ldap_pwd, $use_tls);
$user_dn = grr_ldap_search_user($ds, $ldap_base, Settings::get("ldap_champ_recherche"), $_login, $ldap_filter, "no");
// Test with login and password of the user
if (!$ds) {
$ds = grr_connect_ldap($ldap_adresse, $ldap_port, $_login, $_password, $use_tls);
}
if ($ds) {
$result = @ldap_read($ds, $user_dn, "objectClass=*", array(Settings::get("ldap_champ_nom"), Settings::get("ldap_champ_prenom"), Settings::get("ldap_champ_email")));
}
if ($result) {
// Recuperer les donnees de l'utilisateur
$info = @ldap_get_entries($ds, $result);
if (is_array($info) && isset($info[0][$ldap_group_user_field])) {
$member_search = $info[0][$ldap_group_user_field];
}
}
}
$tab_grp_autorise = explode(";", Settings::get("se3_liste_groupes_autorises"));
$total = count($tab_grp_autorise);
for ($i = 0; $i < $total; $i++) {
if (se3_grp_members($tab_grp_autorise[$i], $member_search) == "oui") {
$temoin_grp_ok = "oui";
}
}
}
if ($temoin_grp_ok != "oui") {
return "5";
}
// Fin cas particulier des serveur SE3
// on regarde si un utilisateur ldap ayant le même login existe déjà
$sql = "SELECT upper(login) login, password, prenom, nom, statut, now() start, default_area, default_room, default_style, default_list_type, default_language, source, etat, default_site\n\tFROM " . TABLE_PREFIX . "_utilisateurs\n\tWHERE login = '******' and\n\tsource = 'ext' and\n\tetat != 'inactif'";
$res_user = grr_sql_query($sql);
$num_row = grr_sql_count($res_user);
if ($num_row == 1) {
// un utilisateur ldap ayant le même login existe déjà
// Lire les infos sur l'utilisateur depuis LDAP
$user_info = grr_getinfo_ldap($user_dn, $_login, $_password);
// Update GRR database
$user_info[0] = utf8_encode($user_info[0]);
$user_info[1] = utf8_encode($user_info[1]);
$user_info[2] = utf8_encode($user_info[2]);
$sql2 = "UPDATE " . TABLE_PREFIX . "_utilisateurs SET\n\t\tnom='" . protect_data_sql($user_info[0]) . "',\n\t\tprenom='" . protect_data_sql($user_info[1]) . "',\n\t\temail='" . protect_data_sql($user_info[2]) . "'\n\t\tWHERE login='******'";
if (grr_sql_command($sql2) < 0) {
fatal_error(0, get_vocab("msg_login_created_error") . grr_sql_error());
}
// on récupère les données de l'utilisateur dans $row
$res_user = grr_sql_query($sql);
$row = grr_sql_row($res_user, 0);
} else {
// pas d'utilisateur ldap ayant le même login dans la base GRR
// Lire les infos sur l'utilisateur depuis LDAP
$user_info = grr_getinfo_ldap($user_dn, $_login, $_password);
// On teste si un utilisateur porte déjà le même login
$test = grr_sql_query1("SELECT login FROM " . TABLE_PREFIX . "_utilisateurs WHERE login = '******'");
if ($test != '-1') {
return "3";
} else {
$user_info[0] = utf8_encode($user_info[0]);
$user_info[1] = utf8_encode($user_info[1]);
$user_info[2] = utf8_encode($user_info[2]);
// On insère le nouvel utilisateur
$sql = "INSERT INTO " . TABLE_PREFIX . "_utilisateurs SET\n\t\t\tnom='" . protect_data_sql($user_info[0]) . "',\n\t\t\tprenom='" . protect_data_sql($user_info[1]) . "',\n\t\t\tlogin='******',\n\t\t\tpassword='',\n\t\t\tstatut='" . Settings::get("ldap_statut") . "',\n\t\t\temail='" . protect_data_sql($user_info[2]) . "',\n\t\t\tetat='actif',\n\t\t\tsource='ext'";
if (grr_sql_command($sql) < 0) {
fatal_error(0, get_vocab("msg_login_created_error") . grr_sql_error());
}
$sql = "SELECT upper(login) login, password, prenom, nom, statut, now() start, default_area, default_room, default_style, default_list_type, default_language, source, etat, default_site\n\t\t\tFROM " . TABLE_PREFIX . "_utilisateurs\n\t\t\tWHERE login = '******' and\n\t\t\tsource = 'ext' and\n\t\t\tetat != 'inactif'";
$res_user = grr_sql_query($sql);
$num_row = grr_sql_count($res_user);
if ($num_row == 1) {
// on récupère les données de l'utilisateur dans $row
$row = grr_sql_row($res_user, 0);
} else {
return "2";
}
}
}
}
if ($auth_imap == 'yes') {
// on regarde si un utilisateur imap ayant le meme login existe deja
$sql = "SELECT upper(login) login, password, prenom, nom, statut, now() start, default_area, default_room, default_style, default_list_type, default_language, source, etat, default_site\n\tFROM " . TABLE_PREFIX . "_utilisateurs\n\tWHERE login = '******' and\n\tsource = 'ext' and\n\tetat != 'inactif'";
$res_user = grr_sql_query($sql);
$num_row = grr_sql_count($res_user);
if ($num_row == 1) {
// un utilisateur imap ayant le meme login existe deja
// on recupere les donnees de l'utilisateur dans $row
$row = grr_sql_row($res_user, 0);
} else {
// pas d'utilisateur imap ayant le m?me login dans la base GRR
// Lire les infos sur l'utilisateur depuis imap
include "config_imap.inc.php";
// Connexion ? l'annuaire
$conn_imap = grr_connect_imap($imap_adresse, $imap_port, $_login, $_password, $imap_type, $imap_ssl, $imap_cert, $imap_tls);
if ($conn_imap) {
// Test with login and password of the user
$l_nom = "";
$l_prenom = "";
$l_email = $_login . "@" . $imap_domaine;
imap_close($conn_imap);
}
// On teste si un utilisateur porte déjà le même login
$test = grr_sql_query1("SELECT login from " . TABLE_PREFIX . "_utilisateurs where login = '******'");
if ($test != '-1') {
return "3";
} else {
// On insère le nouvel utilisateur
$sql = "INSERT INTO " . TABLE_PREFIX . "_utilisateurs SET\n\t\t\tnom='" . protect_data_sql($l_nom) . "',\n\t\t\tprenom='" . protect_data_sql($l_prenom) . "',\n\t\t\tlogin='******',\n\t\t\tpassword='',\n\t\t\tstatut='" . Settings::get("imap_statut") . "',\n\t\t\temail='" . protect_data_sql($l_email) . "',\n\t\t\tetat='actif',\n\t\t\tsource='ext'";
if (grr_sql_command($sql) < 0) {
fatal_error(0, get_vocab("msg_login_created_error") . grr_sql_error());
}
$sql = "SELECT upper(login) login, password, prenom, nom, statut, now() start, default_area, default_room, default_style, default_list_type, default_language, source, etat, default_site\n\t\t\tfrom " . TABLE_PREFIX . "_utilisateurs\n\t\t\twhere login = '******' and\n\t\t\tsource = 'ext' and\n\t\t\tetat != 'inactif'";
$res_user = grr_sql_query($sql);
$num_row = grr_sql_count($res_user);
if ($num_row == 1) {
// on r?cup?re les donn?es de l'utilisateur dans $row
$row = grr_sql_row($res_user, 0);
} else {
return "2";
}
}
}
}
// On teste si la connexion est active ou non
if (Settings::get("disable_login") == 'yes' and $row[4] != "administrateur") {
return "2";
}
//
// A ce stade, on dispose dans tous les cas d'un tableau $row contenant les informations nécessaires à l'établissment d'une session
//
// Session starts now
session_name(SESSION_NAME);
@session_start();
// Is this user already connected ?
$sql = "SELECT SESSION_ID from " . TABLE_PREFIX . "_log where SESSION_ID = '" . session_id() . "' and LOGIN = '******' and now() between START and END";
$res = grr_sql_query($sql);
$num_row = grr_sql_count($res);
if ($num_row > 0 and isset($_SESSION['start'])) {
$sql = "UPDATE " . TABLE_PREFIX . "_log set END = now() + interval " . Settings::get("sessionMaxLength") . " minute where SESSION_ID = '" . session_id() . "' and START = '" . $_SESSION['start'] . "'";
// $sql = "update ".TABLE_PREFIX."_log set END = now() + interval " . Settings::get("sessionMaxLength") . " minute where SESSION_ID = '" . session_id() . "'";
$res = grr_sql_query($sql);
if (!$res) {
fatal_error(0, 'erreur mysql' . grr_sql_error());
}
return "1";
} else {
session_unset();
// session_destroy();
}
// reset $_SESSION
$_SESSION = array();
$_SESSION['login'] = $row[0];
$_SESSION['password'] = $row[1];
$_SESSION['prenom'] = $row[2];
$_SESSION['nom'] = $row[3];
$_SESSION['statut'] = $row[4];
$_SESSION['start'] = $row[5];
$_SESSION['maxLength'] = Settings::get("sessionMaxLength");
if ($row[6] > 0) {
$_SESSION['default_area'] = $row[6];
} else {
$_SESSION['default_area'] = Settings::get("default_area");
}
if ($row[7] > 0) {
$_SESSION['default_room'] = $row[7];
} else {
$_SESSION['default_room'] = Settings::get("default_room");
}
if ($row[8] != '') {
$_SESSION['default_style'] = $row[8];
} else {
$_SESSION['default_style'] = Settings::get("default_css");
}
if ($row[9] != '') {
$_SESSION['default_list_type'] = $row[9];
} else {
$_SESSION['default_list_type'] = Settings::get("area_list_format");
}
if ($row[10] != '') {
$_SESSION['default_language'] = $row[10];
} else {
$_SESSION['default_language'] = Settings::get("default_language");
}
if ($row[13] > 0) {
$_SESSION['default_site'] = $row[13];
} else {
$_SESSION['default_site'] = Settings::get("default_site");
}
$_SESSION['source_login'] = $row[11];
if ($est_authentifie_sso) {
// Variable de session qui permet de savoir qu'un utilisateur est authentifié à un SSO
$_SESSION['est_authentifie_sso'] = "y";
}
// It's a new connection, insert into log
if (isset($_SERVER["HTTP_REFERER"])) {
$httpreferer = substr($_SERVER["HTTP_REFERER"], 0, 254);
} else {
$httpreferer = '';
}
$ua = $_SERVER['HTTP_USER_AGENT'];
$ua = explode(' ', $ua);
$count = count($ua);
for ($i = 0; $i < $count; $i++) {
if (strncmp($ua[$i], '(Windows', 8) == 0) {
$os = "Windows ";
$i += 2;
switch ($ua[$i]) {
case '6.1;':
$os .= "7";
break;
case '6.2;':
$os .= "8";
break;
case '6.3;':
$os .= "8.1";
break;
default:
$os .= "";
break;
}
}
if (strncmp($ua[$i], 'Trident', 7) == 0) {
$brow = "Internet Explorer ";
$i += 1;
$b = explode(':', $ua[$i]);
$brow .= trim($b[1], ")");
}
if (strncmp($ua[$i], 'Firefox', 7) == 0) {
$b = explode('/', $ua[$i]);
$brow = $b[0] . ' ' . $b[1];
}
if (strncmp($ua[$i], 'Chrome', 6) == 0) {
$b = explode('/', $ua[$i]);
$brow = $b[0] . ' ' . $b[1];
}
}
if (isset($os) && isset($brow)) {
$useragent = $os . ' ' . $brow;
} else {
$useragent = substr($_SERVER['HTTP_USER_AGENT'], 0, 254);
}
$sql = "INSERT INTO " . TABLE_PREFIX . "_log (LOGIN, START, SESSION_ID, REMOTE_ADDR, USER_AGENT, REFERER, AUTOCLOSE, END) values (\n\t'" . protect_data_sql($_SESSION['login']) . "',\n\t'" . $_SESSION['start'] . "',\n\t'" . session_id() . "',\n\t'" . $_SERVER['REMOTE_ADDR'] . "',\n\t'" . $useragent . "',\n\t'" . $httpreferer . "',\n\t'1',\n\t'" . $_SESSION['start'] . "' + interval " . Settings::get("sessionMaxLength") . " minute\n\t)\n;";
grr_sql_query($sql);
/* Fonctionnalité SE3 (Palissy - Saintes - philippe.duval@ac-poitiers.fr) :
Utilisation du LDAP pour inscrire automatiquement les utilisateurs dans les groupes administration, accès et gestion
Ce code est associé à une nouvelle table :
CREATE TABLE ".TABLE_PREFIX."_j_groupe_se3 (groupe varchar(40) NOT NULL default '',id_area_room int(11) NOT NULL default '0', statut varchar(20) NOT NULL default '', PRIMARY KEY (`groupe`,`id_area_room`));
Par ailleurs, pour que cette fonctionnalité soit complète et dans l'esprit de GRR, il faudra développer une "petite" interface dans GRR pour gérer les entrées dans cette table.
*/
// Début de la fonctionnalité SE3
$grp = @grr_sql_query("SELECT groupe, id_area_room, statut FROM " . TABLE_PREFIX . "_j_groupe_se3");
if ($grp) {
// si la table ".TABLE_PREFIX."_j_groupe_se3 est implantée et non vide
//A modifier recalcul a chaque boucle
while ($resgrp = @mysqli_fetch_array($grp)) {
// balaye tous les groupes présents dans la table ".TABLE_PREFIX."_j_groupadmin_area
$statut_se3 = $resgrp['statut'];
$area_se3 = $resgrp['id_area_room'];
if ($statut_se3 == 'administrateur') {
$table_user_se3 = "" . TABLE_PREFIX . "_j_useradmin_area";
$type_res = 'id_area';
}
if ($statut_se3 == 'acces_restreint') {
$table_user_se3 = "" . TABLE_PREFIX . "_j_user_area";
$type_res = 'id_area';
}
if ($statut_se3 == 'gestionnaire') {
$table_user_se3 = "" . TABLE_PREFIX . "_j_user_room";
$type_res = 'id_room';
}
if (se3_grp_members($resgrp['groupe'], $_login) == "oui") {
@grr_sql_query("INSERT INTO `" . $table_user_se3 . "` (login, " . $type_res . ") values('" . $_login . "'," . $area_se3 . ")");
} else {
@grr_sql_query("DELETE FROM `" . $table_user_se3 . "` WHERE `login`='" . $_login . "' AND `" . $type_res . "`=" . $area_se3);
}
}
}
// Note : Il reste à gérer finement l'interface graphique et à déduire l'incompatibilité éventuelle entre le domaine par défaut et les domaines autorisés pour chaque utilisateur
// Fin de la fonctionnalité SE3
/* Application du patch en production depuis la rentrée à Palissy : Zéro problème (ci-dessous, l'extraction de la table via phpmyadmin)
CREATE TABLE `".TABLE_PREFIX."_j_groupe_se3` (
`groupe` varchar(40) NOT NULL default '',
`id_area_room` int(11) NOT NULL default '0',
`statut` varchar(20) NOT NULL default '',
PRIMARY KEY (`groupe`,`id_area_room`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
INSERT INTO `".TABLE_PREFIX."_j_groupe_se3` (`groupe`, `id_area_room`, `statut`) VALUES
('GRR_ADMIN_SALLES_REUNIONS', 1, 'administrateur'),
('GRR_ADMIN_SALLES_PEDAGOGIQUES', 2, 'administrateur'),
('GRR_ADMIN_LABOS_LANGUES', 3, 'administrateur'),
('GRR_SALLES_REUNIONS', 1, 'acces_restreint'),
('GRR_SALLES_PEDAGOGIQUES', 2, 'acces_restreint'),
('GRR_LABOS_LANGUES', 3, 'acces_restreint'),
('GRR_GESTION_SALLE_A01', 1, 'gestionnaire'),
('GRR_GESTION_SALLE_A03', 2, 'gestionnaire'),
('GRR_GESTION_SALLE_A314', 3, 'gestionnaire'),
('GRR_GESTION_SALLE_A409', 4, 'gestionnaire'),
('GRR_GESTION_SALLE_D05', 5, 'gestionnaire'),
('GRR_GESTION_SALLE_A301E', 6, 'gestionnaire');
*/
return "1";
}
die;
}
if ($unicode_encoding) {
header("Content-Type: text/html;charset=utf-8");
} else {
header("Content-Type: text/html;charset=" . $charset_html);
}
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
if (authGetUserLevel(getUserName(), -1) < 2) {
showAccessDenied("");
exit;
}
$sql = "SELECT nom, login, etat, statut FROM " . TABLE_PREFIX . "_utilisateurs WHERE (login='******')";
$res = grr_sql_query($sql);
if ($res) {
$nb_result = grr_sql_count($res);
if ($nb_result > 1) {
echo "<span class=\"avertissement\">Plusieurs utilisateur ont le même identifiants que l'utilisateur ci-dessus. Signalez ce problème à l'administrateur.</span>";
} else {
if ($nb_result == 1) {
$row = grr_sql_row($res, 0);
if ($row[2] == 'inactif') {
echo "<span class=\"avertissement\">" . get_vocab('utilisateur_rendu_inactif') . get_vocab('login') . get_vocab('deux_points') . $row[1] . "</span>";
} else {
if ($row[3] == 'visiteur') {
echo "<span class=\"avertissement\">" . get_vocab('utilisateur_simple_visiteur') . get_vocab('login') . get_vocab('deux_points') . $row[1] . "</span>";
}
}
} else {
if ($nb_result == 0) {
if ($identifiant_beneficiaire != "") {
grr_sql_command("DELETE FROM " . TABLE_PREFIX . "_room WHERE id={$room}");
//Go back to the admin page
header("Location: admin_room.php?id_area={$id_area}&id_site={$id_site}");
die;
} else {
//print the page header
print_header("", "", "", $type = "with_session");
echo "<div class=\"page_sans_col_gauche\">";
//We tell them how bad what theyre about to do is
//Find out how many appointments would be deleted
$sql = "SELECT name, start_time, end_time FROM " . TABLE_PREFIX . "_entry WHERE room_id={$room}";
$res = grr_sql_query($sql);
if (!$res) {
echo grr_sql_error();
} else {
if (grr_sql_count($res) > 0) {
echo get_vocab("deletefollowing") . ":<ul>";
for ($i = 0; $row = grr_sql_row($res, $i); $i++) {
echo "<li>{$row['0']} (";
echo time_date_string($row[1], $dformat) . " -> ";
echo time_date_string($row[2], $dformat) . ")";
}
echo "</ul>";
}
}
echo "<h1 style=\"text-align:center;\">" . get_vocab("sure") . "</h1>";
echo "<h1 style=\"text-align:center;\"><a href=\"admin_room_del.php?type=room&room={$room}&confirm=Y&id_area={$id_area}\">" . get_vocab("YES") . "!</a> <a href=\"admin_room.php?id_area={$id_area}\">" . get_vocab("NO") . "!</a></h1>";
echo "</div>";
}
}
if ($type == "area") {
// On teste si l'utilisateur administre le domaine
$test_admin = grr_sql_query1("select count(id_area) from ".TABLE_PREFIX."_j_useradmin_area j where j.login = '******' and j.id_area='".$row_area[0]."'");
if ($test_admin >= 1) $is_admin = 'y'; else $is_admin = 'n';
// On teste si l'utilisateur gère des ressources dans ce domaine
$nb_room = grr_sql_query1("select count(r.room_name) from ".TABLE_PREFIX."_room r
left join ".TABLE_PREFIX."_area a on r.area_id=a.id
where a.id='".$row_area[0]."'");
$req_room = "select r.room_name from ".TABLE_PREFIX."_room r
left join ".TABLE_PREFIX."_j_user_room j on r.id=j.id_room
left join ".TABLE_PREFIX."_area a on r.area_id=a.id
where j.login = '******' and a.id='".$row_area[0]."'";
$res_room = grr_sql_query($req_room);
$is_gestionnaire = '';
if ($res_room) {
if ((grr_sql_count($res_room) == $nb_room) and ($nb_room!=0))
$is_gestionnaire = $vocab["all_rooms"];
else
for ($j = 0; ($row_room = grr_sql_row($res_room, $j)); $j++) {
$is_gestionnaire .= $row_room[0]."<br />";
}
}
// On teste si l'utilisateur reçoit des mails automatiques
$req_mail = "select r.room_name from ".TABLE_PREFIX."_room r
left join ".TABLE_PREFIX."_j_mailuser_room j on r.id=j.id_room
left join ".TABLE_PREFIX."_area a on r.area_id=a.id
where j.login = '******' and a.id='".$row_area[0]."'";
$res_mail = grr_sql_query($req_mail);
$is_mail = '';
if ($res_mail) {
for ($j = 0; ($row_mail = grr_sql_row($res_mail, $j)); $j++) {
if ($req == -1) $result_inter .= traite_requete("INSERT INTO ".TABLE_PREFIX."_setting VALUES ('gestion_lien_aide', 'ext');");
$req = grr_sql_query1("SELECT count(VALUE) FROM ".TABLE_PREFIX."_setting WHERE NAME='lien_aide'");
if ($req == 0) $result_inter .= traite_requete("INSERT INTO ".TABLE_PREFIX."_setting VALUES ('lien_aide', '');");
$req = grr_sql_query1("SELECT VALUE FROM ".TABLE_PREFIX."_setting WHERE NAME='display_short_description'");
if ($req == -1) $result_inter .= traite_requete("INSERT INTO ".TABLE_PREFIX."_setting VALUES ('display_short_description', '1');");
$req = grr_sql_query1("SELECT VALUE FROM ".TABLE_PREFIX."_setting WHERE NAME='remplissage_description_breve'");
if ($req == -1) $result_inter .= traite_requete("INSERT INTO ".TABLE_PREFIX."_setting VALUES ('remplissage_description_breve', '1');");
$req1 = grr_sql_query1("SELECT VALUE FROM ".TABLE_PREFIX."_setting WHERE NAME='ldap_statut'");
$req2 = grr_sql_query1("SELECT count(VALUE) FROM ".TABLE_PREFIX."_setting WHERE NAME='ldap_champ_recherche'");
if ((($req1=="utilisateur") or ($req1=="visiteur")) and ($req2 == 0)) {
$result_inter .= "<br /><span style=\"color:red;\"><b>AVERTISSEMENT</b> : suite à cette mise à jour, vous devez configurer l'<b>attribut utilisé pour la recherche dans l'annuaire ldap</b>. Pour cela, rendez-vous dans la page de configuration LDAP.</span><br />";
}
if ($req2 == 0) $result_inter .= traite_requete("INSERT INTO ".TABLE_PREFIX."_setting VALUES ('ldap_champ_recherche', 'uid');");
$req = grr_sql_count(grr_sql_query("SHOW COLUMNS FROM ".TABLE_PREFIX."_entry LIKE 'beneficiaire'"));
if ($req == 0) {
$result_inter .= traite_requete("ALTER TABLE `".TABLE_PREFIX."_entry` ADD beneficiaire VARCHAR( 100 ) NOT NULL AFTER `create_by`");
$result_inter .= traite_requete("update `".TABLE_PREFIX."_entry` set `beneficiaire` = `create_by`");
$result_inter .= traite_requete("ALTER TABLE `".TABLE_PREFIX."_entry_moderate` ADD beneficiaire VARCHAR( 100 ) NOT NULL AFTER `create_by`");
$result_inter .= traite_requete("update `".TABLE_PREFIX."_entry_moderate` set `beneficiaire` = `create_by`");
$result_inter .= traite_requete("ALTER TABLE `".TABLE_PREFIX."_repeat` ADD beneficiaire VARCHAR( 100 ) NOT NULL AFTER `create_by`");
$result_inter .= traite_requete("update `".TABLE_PREFIX."_repeat` set `beneficiaire` = `create_by`");
$result_inter .= traite_requete("ALTER TABLE `".TABLE_PREFIX."_entry` ADD beneficiaire_ext VARCHAR( 200 ) NOT NULL AFTER `create_by`");
$result_inter .= traite_requete("ALTER TABLE `".TABLE_PREFIX."_entry_moderate` ADD beneficiaire_ext VARCHAR( 200 ) NOT NULL AFTER `create_by`");
$result_inter .= traite_requete("ALTER TABLE `".TABLE_PREFIX."_repeat` ADD beneficiaire_ext VARCHAR( 200 ) NOT NULL AFTER `create_by`");
};
$result_inter .= traite_requete("ALTER TABLE ".TABLE_PREFIX."_room ADD qui_peut_reserver_pour VARCHAR( 1 ) DEFAULT '5' NOT NULL");
if ($result_inter == '')
{
</select>
<input type="hidden" name="id_area" value="<?php echo $id_area;?>" />
<input type="submit" value="Enregistrer" />
</div></form>
</td></tr>
<!-- selection pour ajout de masse !-->
<?php
$sql = "SELECT u.login, u.nom, u.prenom FROM ".TABLE_PREFIX."_utilisateurs u
left join ".TABLE_PREFIX."_j_useradmin_area on ".TABLE_PREFIX."_j_useradmin_area.login=u.login
WHERE ((etat!='inactif' and (statut='utilisateur' or statut='administrateur' or statut='gestionnaire_utilisateur'))
AND (".TABLE_PREFIX."_j_useradmin_area.login is null or (".TABLE_PREFIX."_j_useradmin_area.login=u.login and ".TABLE_PREFIX."_j_useradmin_area.id_area!=".$id_area."))) order by u.nom, u.prenom";
$res = grr_sql_query($sql);
$nb_users = grr_sql_count($res);
if ($nb_users > 0) {
?>
<tr><td>
<h3><?php echo get_vocab("add_multiple_user_to_list").get_vocab("deux_points");?></h3>
<form action="admin_right_admin.php" method='post'>
<div><select name="agent" size="8" style="width:200px;" multiple="multiple" ondblclick="Deplacer(this.form.agent,this.form.elements['reg_multi_admin_login[]'])">
<?php
if ($res) for ($i = 0; ($row = grr_sql_row($res, $i)); $i++) {
if (authUserAccesArea($row[0],$id_area) == 1) {
echo "<option value='$row[0]'>".grr_htmlSpecialChars($row[1])." ".grr_htmlSpecialChars($row[2])."</option>";
}
}
?>
$reg_prenom = isset($_POST["reg_prenom"]) ? $_POST["reg_prenom"] : NULL;
$reg_email = isset($_POST["reg_email"]) ? $_POST["reg_email"] : NULL;
$reg_mdp = isset($_POST["reg_mdp"]) ? $_POST["reg_mdp"] : NULL;
$reg_type_user = isset($_POST["reg_type_user"]) ? $_POST["reg_type_user"] : NULL;
$reg_statut = isset($_POST["reg_statut"]) ? $_POST["reg_statut"] : NULL;
$reg_type_auth = isset($_POST["reg_type_auth"]) ? $_POST["reg_type_auth"] : NULL;
$nb_row++;
for ($row = 1; $row < $nb_row; $row++) {
if ($reg_type_auth[$row] != "ext") {
$reg_mdp[$row] = md5(unslashes($reg_mdp[$row]));
}
// On nettoie les windozeries
$reg_nom[$row] = protect_data_sql(corriger_caracteres($reg_nom[$row]));
$reg_prenom[$row] = protect_data_sql(corriger_caracteres($reg_prenom[$row]));
$reg_email[$row] = protect_data_sql(corriger_caracteres($reg_email[$row]));
$test_login = grr_sql_count(grr_sql_query("SELECT login FROM " . TABLE_PREFIX . "_utilisateurs WHERE login='******'"));
if ($test_login == 0) {
$regdata = grr_sql_query("INSERT INTO " . TABLE_PREFIX . "_utilisateurs SET nom='" . $reg_nom[$row] . "',prenom='" . $reg_prenom[$row] . "',login='******',email='" . $reg_email[$row] . "',password='******',statut='" . $reg_type_user[$row] . "',etat='" . $reg_statut[$row] . "',source='" . $reg_type_auth[$row] . "'");
} else {
$regdata = grr_sql_query("UPDATE " . TABLE_PREFIX . "_utilisateurs SET nom='" . $reg_nom[$row] . "',prenom='" . $reg_prenom[$row] . "',email='" . $reg_email[$row] . "',password='******',statut='" . $reg_type_user[$row] . "',etat='" . $reg_statut[$row] . "',source='" . $reg_type_auth[$row] . "' WHERE login='******'");
}
if (!$regdata) {
echo "<p><font color=\"red\">" . $reg_login[$row] . get_vocab("deux_points") . get_vocab("message_records_error") . "</font></p>";
} else {
if ($reg_stat[$row] == "nouveau") {
echo "<p>" . $reg_login[$row] . get_vocab("deux_points") . get_vocab("admin_import_users_csv12") . "</p>";
} else {
echo "<p>" . $reg_login[$row] . get_vocab("deux_points") . get_vocab("message_records") . "</p>";
}
}
}
echo "<h3>" . get_vocab("type_de_creneaux") . "</h3>";
echo "<table>";
//echo "<p style=\"text-align:left;\"><b>ATTENTION :</b> Les deux types de configuration des creneaux sont incompatibles entre eux : un changement du type de creneaux entraene donc, apres validation, un <b>effacement de toutes les reservations de ce domaine</b></p>.";
echo "<tr><td colspan=\"2\"><label><input type=\"radio\" name=\"enable_periods\" value=\"n\" onclick=\"bascule()\" ";
if ($row["enable_periods"] == 'n') {
echo "checked=\"checked\"";
}
echo " />" . get_vocab("creneaux_de_reservation_temps") . "</label><br />";
echo "<label><input type=\"radio\" name=\"enable_periods\" value=\"y\" onclick=\"bascule()\" ";
if ($row["enable_periods"] == 'y') {
echo "checked=\"checked\"";
}
echo " />" . get_vocab("creneaux_de_reservation_pre_definis") . "</label></td></tr></table>";
//Les creneaux de reservation sont bases sur des intitules pre-definis.
$sql_periode = grr_sql_query("SELECT num_periode, nom_periode FROM " . TABLE_PREFIX . "_area_periodes where id_area='" . $id_area . "' order by num_periode");
$num_periodes = grr_sql_count($sql_periode);
if (!isset($number_periodes)) {
if ($num_periodes == 0) {
$number_periodes = 10;
} else {
$number_periodes = $num_periodes;
}
}
if ($row["enable_periods"] == 'y') {
echo "<table id=\"menu2\" border=\"1\" cellspacing=\"1\" cellpadding=\"6\">";
} else {
echo "<table style=\"display:none\" id=\"menu2\" border=\"1\" cellspacing=\"1\" cellpadding=\"6\">";
}
echo "<tr><td>" . get_vocab("nombre_de_creneaux") . get_vocab("deux_points") . "</td>";
echo "<td style=\"width:30%;\"><input type=\"text\" id=\"nb_per\" name=\"number_periodes\" size=\"1\" onkeypress=\"if (event.keyCode==13) return aff_creneaux()\" value=\"{$number_periodes}\" />\n\t\t\t<a href=\"#Per\" onclick=\"javascript:return(aff_creneaux())\">" . get_vocab("goto") . "</a>\n";
echo "</td></tr>\n<tr><td colspan=\"2\">";
if ($nb_types_valides == 0) {
// Aucun type n'a été sélectionné. Dans ce cas, on impose au moins un type :
$del = grr_sql_query("DELETE FROM " . TABLE_PREFIX . "_j_type_area WHERE id_area='" . $id_area . "' AND id_type = '" . $type_si_aucun . "'");
$msg = "Vous devez au définir au moins un type valide !";
}
// Type par défaut :
// On enregistre le nouveau type par défaut :
$reg_type_par_defaut = grr_sql_query("UPDATE " . TABLE_PREFIX . "_area SET id_type_par_defaut='" . $_GET['id_type_par_defaut'] . "' WHERE id='" . $id_area . "'");
}
affiche_pop_up($msg, "admin");
$area_name = grr_sql_query1("SELECT area_name FROM " . TABLE_PREFIX . "_area WHERE id='" . $id_area . "'");
echo "<div class=\"page_sans_col_gauche\">";
echo "<h2>" . get_vocab('admin_type.php') . "</h2>";
echo "<h2>" . get_vocab("match_area") . get_vocab('deux_points') . " " . $area_name . "</h2>";
$res = grr_sql_query($sql);
$nb_lignes = grr_sql_count($res);
if ($nb_lignes == 0) {
echo "</body></html>";
die;
}
echo "<form action=\"admin_type_area.php\" id=\"type\" method=\"get\">\n";
echo "<table>";
if (authGetUserLevel(getUserName(), -1) >= 6) {
echo "<tr><td><a href=\"admin_type_modify.php?id=0\">" . get_vocab("display_add_type") . "</a></td></tr>";
}
echo "<tr><td>" . get_vocab("explications_active_type") . "</td></tr>";
echo "<tr><td>\n";
// Affichage du tableau
echo "<table border=\"1\" cellpadding=\"3\"><tr>\n";
// echo "<tr><td><b>".get_vocab("type_num")."</a></b></td>\n";
echo "<td><b>" . get_vocab("type_num") . "</b></td>\n";
//Date derniere modif
echo date_time_string($row[7], $dformat) . ";";
echo "\r\n";
}
}
if ($summarize == 5) {
//Télécharger le fichier CSV
header('Content-Encoding: UTF-8');
header("Content-Type: application/csv-tab-delimited-table");
header("Content-disposition: filename=resume.csv");
echo "";
$res = grr_sql_query($sql);
if (!$res) {
fatal_error(0, grr_sql_error());
}
$nmatch = grr_sql_count($res);
if ($nmatch == 0) {
echo html_entity_decode($vocab["nothing_found"]) . "\r\n";
grr_sql_free($res);
} else {
if ($_GET["sumby"] == "6") {
echo html_entity_decode($vocab["summarize_by"]) . " " . html_entity_decode($vocab["sum_by_creator"]) . " - {$day} {$month} {$year};";
} else {
if ($_GET["sumby"] == "3") {
echo html_entity_decode($vocab["summarize_by"]) . " " . html_entity_decode($vocab["sum_by_descrip"]) . " - {$day} {$month} {$year};";
} else {
if ($_GET["sumby"] == "5") {
echo html_entity_decode($vocab["summarize_by"]) . " " . html_entity_decode($vocab["type"]) . " - {$day} {$month} {$year};";
} else {
$fieldname = grr_sql_query1("SELECT fieldname FROM " . TABLE_PREFIX . "_overload WHERE id='" . $_GET["sumby"] . "'");
echo html_entity_decode($vocab["summarize_by"]) . " " . html_entity_decode($fieldname) . " - {$day} {$month} {$year};";
$is_admin = 'yes';
echo "<h3>" . get_vocab("administration_site") . get_vocab("deux_points") . "</h3>";
echo "<b>" . $this_site_name . "</b>";
?>
</td>
<td>
<?php
$exist_admin = 'no';
$sql = "select login, nom, prenom from " . TABLE_PREFIX . "_utilisateurs where (statut='utilisateur' or statut='gestionnaire_utilisateur')";
$res = grr_sql_query($sql);
if ($res) {
for ($i = 0; $row = grr_sql_row($res, $i); $i++) {
$is_admin = 'yes';
$sql3 = "SELECT login FROM " . TABLE_PREFIX . "_j_useradmin_site WHERE (id_site='" . $id_site . "' and login='******')";
$res3 = grr_sql_query($sql3);
$nombre = grr_sql_count($res3);
if ($nombre == 0) {
$is_admin = 'no';
}
if ($is_admin == 'yes') {
if ($exist_admin == 'no') {
echo "<h3>" . get_vocab("user_admin_site_list") . get_vocab("deux_points") . "</h3>";
$exist_admin = 'yes';
}
echo "<b>";
echo "{$row['1']} {$row['2']}</b> | <a href='admin_admin_site.php?action=del_admin&login_admin=" . urlencode($row[0]) . "&id_site={$id_site}'>" . get_vocab("delete") . "</a><br />";
}
}
}
if ($exist_admin == 'no') {
echo "<h3><span class=\"avertissement\">" . get_vocab("no_admin_this_site") . "</span></h3>";
echo get_vocab("OK");
?>
" style="font-variant: small-caps;"/>
</fieldset>
</form>
</div>
<hr style="margin-top: 32px; margin-bottom: 24px;"/>
<h3>
<?php
echo get_vocab("cleaning_log");
?>
</h3>
<?php
$sql = "select START from " . TABLE_PREFIX . "_log order by END";
$res = grr_sql_query($sql);
$logs_number = grr_sql_count($res);
$row = grr_sql_row($res, 0);
$annee = substr($row[0], 0, 4);
$mois = substr($row[0], 5, 2);
$jour = substr($row[0], 8, 2);
echo "<p>" . get_vocab("logs_number") . "<b>" . $logs_number . "</b><br />";
echo get_vocab("older_date_log") . "<b>" . $jour . "/" . $mois . "/" . $annee . "</b></p>";
if (!isset($_POST['cleanYear'])) {
$_POST['cleanYear'] = strftime("%Y");
}
if (!isset($_POST['cleanMonth'])) {
$_POST['cleanMonth'] = strftime("%m");
}
if (!isset($_POST['cleanDay'])) {
$_POST['cleanDay'] = strftime("%d");
}
function affiche_nom_prenom_email($_beneficiaire,$_beneficiaire_ext,$type="nomail"){
if ($_beneficiaire !="") {
$sql_beneficiaire = "SELECT prenom, nom, email FROM ".TABLE_PREFIX."_utilisateurs WHERE login = '******'";
$res_beneficiaire = grr_sql_query($sql_beneficiaire);
if ($res_beneficiaire) {
$nb_result = grr_sql_count($res_beneficiaire);
if ($nb_result == 0) {
$chaine = get_vocab("utilisateur_inconnu").$_beneficiaire.")";
} else {
$row_user = grr_sql_row($res_beneficiaire, 0);
if ($type == "formail") {
$chaine = removeMailUnicode($row_user[0])." ".removeMailUnicode($row_user[1]);
if ($row_user[2] != "") {
$chaine .= " (".$row_user[2].")";
}
} else if ($type == "onlymail") {
// Cas où en envoie uniquement le mail
$chaine = grr_sql_query1("select email from ".TABLE_PREFIX."_utilisateurs where login='******'");
} else if (($type == "withmail") and ($row_user[2] != "")) {
// Cas où en envoie les noms, prénoms et mail
$chaine = affiche_lien_contact($_beneficiaire,"identifiant:oui","afficher_toujours");
} else {
// Cas où en envoie les noms, prénoms sans le mail
$chaine = $row_user[0]." ".$row_user[1];
}
}
return $chaine;
die();
} else {
return "";
die();
}
} else {
// cas d'un bénéficiaire extérieur
// On récupère le tableau des nom et emails
$tab_benef = donne_nom_email($_beneficiaire_ext);
// Cas où en envoie uniquement le mail
if ($type == "onlymail") {
$chaine = $tab_benef["email"];
// Cas où en envoie les noms, prénoms et mail
} else if (($type == "withmail") and ($tab_benef["email"] != "")) {
$email = explode('@',$tab_benef["email"]);
$person = $email[0];
if (isset($email[1])) {
$domain = $email[1];
$chaine = "<script type=\"text/javascript\">encode_adresse('".$person."','".$domain."','".AddSlashes($tab_benef["nom"])."',1);</script>";
} else {
$chaine = $tab_benef["nom"];
}
} else {
// Cas où en envoie les noms, prénoms sans le mail
$chaine = $tab_benef["nom"];
}
return $chaine;
die();
}
}
