775 lines
25 KiB
PHP
Executable File
775 lines
25 KiB
PHP
Executable File
<?php
|
|
require_once 'Framework/Modele.php';
|
|
class Utilisateur extends Modele {
|
|
|
|
public function connecter($login, $mdp)
|
|
{
|
|
$sql = "call sp_get_utilisateur_pass(?);";
|
|
|
|
$utilisateur = $this->executerRequete($sql, array($login));
|
|
if ($utilisateur->rowCount() == 1)
|
|
{
|
|
$user = $utilisateur->fetch(PDO::FETCH_ASSOC);
|
|
$hash = $user['motPass'];
|
|
return (password_verify($mdp, $hash));
|
|
}
|
|
else
|
|
{
|
|
return false;
|
|
}
|
|
}
|
|
|
|
public function getUtilisateurs($codeUtilisateur=null,$nom=null,$prenoms=null) {
|
|
$codeUtilisateur = contruireParamLike($codeUtilisateur);
|
|
$nom = contruireParamLike($nom);
|
|
$prenoms = contruireParamLike($prenoms);
|
|
|
|
$sql = "SELECT A.id , A.id AS idUtilisateur, A.codeUtilisateur, A.codeUtilisateur AS login, S.codePays AS codePaysSociete,
|
|
A.nom, IFNULL(A.prenoms, '') AS prenoms, A.codeTypeUtilisateur, B.libelle AS typeUtilisateur, A.telephone, A.email,
|
|
A.motPass, A.codeProfil, IFNULL(A.codePrestataire, '') AS codePrestataire, IFNULL(C.libelle, '') AS profil, A.gestionDroit,
|
|
IFNULL(D.libelle, '') AS prestataire, IFNULL(D.codeTypePrestataire, '') AS codeTypePrestataire, IFNULL(E.libelle, '') AS typePrestataire,
|
|
IFNULL(D.telephonePortable, '') AS telephonePrestataire, IFNULL(D.faxPrestataire, '') AS faxPrestataire, IFNULL(D.email, '') AS emailPrestataire,
|
|
S.*, C.codeProfilSysteme, S.tauxInteretEcheancier as tauxInteret, A.adminProd, A.adminSin
|
|
FROM utilisateur A
|
|
JOIN societeuser S ON (S.codeSociete=A.codeSociete)
|
|
JOIN typeutilisateur B ON (B.codeTypeUtilisateur=A.codeTypeUtilisateur)
|
|
JOIN profil C ON (C.codeSociete=A.codeSociete AND C.codeProfil=A.codeProfil)
|
|
LEFT JOIN prestataire D ON (D.codeSociete=A.codeSociete AND D.codePrestataire=A.codePrestataire)
|
|
LEFT JOIN typeprestataire E ON (E.codeTypePrestataire=D.codeTypePrestataire)
|
|
WHERE (A.codeSociete=? AND A.codeUtilisateur LIKE ? AND A.nom LIKE ? AND A.prenoms LIKE ?) order by A.nom, A.prenoms";
|
|
|
|
$utilisateurs = $this->executerRequete($sql, array($_SESSION['codeSociete'],$codeUtilisateur,$nom,$prenoms));
|
|
return $utilisateurs;
|
|
}
|
|
|
|
public function getUtilisateur($login)
|
|
{
|
|
$sql = "call sp_r_get_utilisateur(?);";
|
|
|
|
$utilisateur = $this->executerRequete($sql, array($login));
|
|
return $utilisateur->fetch(PDO::FETCH_ASSOC);
|
|
}
|
|
|
|
public function getUtilisateurId($id)
|
|
{
|
|
$sql = "SELECT A.id , A.id AS idUtilisateur, A.codeUtilisateur, A.codeUtilisateur AS login, S.codePays AS codePaysSociete,
|
|
A.nom, IFNULL(A.prenoms, '') AS prenoms, A.codeTypeUtilisateur, B.libelle AS typeUtilisateur, A.telephone, A.email,
|
|
A.motPass, A.codeProfil, IFNULL(A.codePrestataire, '') AS codePrestataire, IFNULL(C.libelle, '') AS profil, A.gestionDroit,
|
|
IFNULL(D.libelle, '') AS prestataire, IFNULL(D.codeTypePrestataire, '') AS codeTypePrestataire, IFNULL(E.libelle, '') AS typePrestataire,
|
|
IFNULL(D.telephonePortable, '') AS telephonePrestataire, IFNULL(D.faxPrestataire, '') AS faxPrestataire, IFNULL(D.email, '') AS emailPrestataire,
|
|
S.*, C.codeProfilSysteme, S.tauxInteretEcheancier as tauxInteret, A.adminProd, A.adminSin
|
|
FROM utilisateur A
|
|
JOIN societeuser S ON (S.codeSociete=A.codeSociete)
|
|
JOIN typeutilisateur B ON (B.codeTypeUtilisateur=A.codeTypeUtilisateur)
|
|
JOIN profil C ON (C.codeSociete=A.codeSociete AND C.codeProfil=A.codeProfil)
|
|
LEFT JOIN prestataire D ON (D.codeSociete=A.codeSociete AND D.codePrestataire=A.codePrestataire)
|
|
LEFT JOIN typeprestataire E ON (E.codeTypePrestataire=D.codeTypePrestataire)
|
|
WHERE A.id=?";
|
|
|
|
$utilisateur = $this->executerRequete($sql, array($id));
|
|
return $utilisateur->fetch(PDO::FETCH_ASSOC);
|
|
}
|
|
|
|
public function changerpass($login, $ancmdp, $nvmdp)
|
|
{
|
|
$hash = password_hash($nvmdp, PASSWORD_DEFAULT);
|
|
$sql = "call sp_r_changer_mot_passe_assureur(?, ?)";
|
|
$this->executerRequete($sql, array($hash, $login));
|
|
$_SESSION['passExpired'] = false;
|
|
$_SESSION['passAchanger'] = false;
|
|
}
|
|
|
|
public function viderTablesTemporairesUser($login)
|
|
{
|
|
$sql = "call viderTablesTemporairesUser(?)";
|
|
$this->executerRequete($sql, array($login));
|
|
}
|
|
|
|
|
|
public function getNombreUtilisateur()
|
|
{
|
|
$sql = 'select count(*) as nbUtilisateur FROM utilisateur A WHERE (A.codeSociete=?)';
|
|
$resultat = $this->executerRequete($sql, array($_SESSION['codeSociete']));
|
|
$ligne = $resultat->fetch(PDO::FETCH_ASSOC);
|
|
return $ligne['nbUtilisateur'];
|
|
}
|
|
////////////
|
|
|
|
public function ajouter($codeSociete, $codeUtilisateur, $nom, $prenoms, $codeService, $telephone, $email,
|
|
$fonction, $codeProfil) {
|
|
$sql = 'INSERT INTO utilisateur (codeSociete, codeUtilisateur, nom, prenoms, codeService, telephone, email,
|
|
motPass, fonction, dateEntree, gestionDroit, codeProfil) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)';
|
|
$this->executerRequete($sql, array($codeSociete, $codeUtilisateur, $nom, $prenoms, $codeService, $telephone, $email,
|
|
password_hash("0000", PASSWORD_DEFAULT), $fonction, date('Y-m-d'), "0", $codeProfil));
|
|
}
|
|
|
|
public function modifier($id, $codeUtilisateur, $nom, $prenoms, $codeService, $telephone, $email,
|
|
$fonction, $codeProfil) {
|
|
$sql = 'UPDATE utilisateur SET codeUtilisateur=?, nom=?, prenoms=?, codeService=?, telephone=?, email=?,
|
|
fonction=?, codeProfil=? where (id=?)';
|
|
$this->executerRequete($sql, array($codeUtilisateur, $nom, $prenoms, $codeService, $telephone, $email,
|
|
$fonction, $codeProfil, $id));
|
|
}
|
|
|
|
public function supprimer($id) {
|
|
$sql = 'DELETE FROM utilisateur WHERE (id=?)';
|
|
$this->executerRequete($sql, array($id));
|
|
}
|
|
|
|
public function existeligne($codeUtilisateur) {
|
|
$sql = 'select id FROM utilisateur WHERE (codeUtilisateur=?)';
|
|
$resultat = $this->executerRequete($sql, array($codeUtilisateur));
|
|
return ($resultat->rowCount() > 0);
|
|
}
|
|
|
|
public function getListe() {
|
|
$sql = 'SELECT codeUtilisateur as `code`, concat(nom," ",prenoms) as libelle
|
|
FROM utilisateur WHERE (codeSociete=?) order by nom, prenoms';
|
|
|
|
$liste = $this->executerRequete($sql, array($_SESSION['codeSociete']));
|
|
return $liste->fetchAll(PDO::FETCH_ASSOC);
|
|
}
|
|
|
|
public function getUtilisateursProfil($codeProfil) {
|
|
$codeProfil = contruireParam($codeProfil);
|
|
|
|
$sql = "SELECT case when codeProfil>' ' then '1' else '0' end as choix,
|
|
id, codeUtilisateur, concat(nom,' ',prenoms) as nom, codeProfil
|
|
FROM utilisateur
|
|
WHERE (codeSociete=? AND ?>' ') AND (codeProfil=? OR codeProfil<=' ') order by 1 DESC, nom, prenoms";
|
|
|
|
$utilisateurs = $this->executerRequete($sql, array($_SESSION['codeSociete'],$codeProfil,$codeProfil));
|
|
return $utilisateurs;
|
|
}
|
|
|
|
public function attribuerProfil($id_utilisateur,$codeProfil,$choix) {
|
|
$id_utilisateur = contruireParam($id_utilisateur);
|
|
$codeProfil = contruireParam($codeProfil);
|
|
$choix = contruireParam($choix);
|
|
|
|
if ($choix=='0')
|
|
{
|
|
$codeProfil = '';
|
|
}
|
|
|
|
$sql = "update utilisateur set codeProfil=? WHERE (id=?)";
|
|
$this->executerRequete($sql, array($codeProfil,$id_utilisateur));
|
|
}
|
|
|
|
public function getUtilisateurIdsaisie($idSaisie)
|
|
{
|
|
$sql = "call sp_r_get_utilisateur_idSaisie(?);";
|
|
|
|
$utilisateur = $this->executerRequete($sql, array($idSaisie));
|
|
return $utilisateur->fetch(PDO::FETCH_ASSOC);
|
|
}
|
|
|
|
public function changerlangueutilisateur()
|
|
{
|
|
$user = $_SESSION['login'];
|
|
$codeLangue = $_SESSION['lang'];
|
|
|
|
if($codeLangue == "en_US")
|
|
{
|
|
$codeNewLang = "fr_FR";
|
|
}
|
|
else
|
|
{
|
|
$codeNewLang = "en_US";
|
|
}
|
|
|
|
$sql = "call sp_r_changer_langue_utilisateur(?, ?);";
|
|
|
|
$this->executerRequete($sql, array($user, $codeNewLang));
|
|
|
|
$_SESSION['lang'] = $codeNewLang;
|
|
setcookie('lang', $codeNewLang, time()+365*24*3600, '/');
|
|
}
|
|
|
|
public function getListeProfil()
|
|
{
|
|
if (est_anglophone())
|
|
{
|
|
$sql = 'SELECT codeProfil as `code`, libelleEng as libelle FROM profil WHERE (codeSociete=?) order by libelleEng';
|
|
}
|
|
else
|
|
{
|
|
$sql = 'SELECT codeProfil as `code`, libelle FROM profil WHERE (codeSociete=?) order by libelle';
|
|
}
|
|
|
|
$liste = $this->executerRequete($sql, array($_SESSION['codeSociete']));
|
|
return $liste->fetchAll(PDO::FETCH_ASSOC);
|
|
}
|
|
|
|
public function getUtilisateursActesVisibles($codeProfil)
|
|
{
|
|
$sql = 'call sp_get_utilisateur_profil(?, ?)';
|
|
|
|
$resultat = $this->executerRequete($sql, array($_SESSION['codeSociete'], $codeProfil));
|
|
|
|
return $resultat->fetchAll(PDO::FETCH_ASSOC);
|
|
}
|
|
|
|
public function gereraccesactes($codeUtilisateur, $actVisible)
|
|
{
|
|
$sql = 'call sp_r_gerer_accesactes_assureur(?, ?)';
|
|
|
|
$this->executerRequete($sql, array($codeUtilisateur, $actVisible));
|
|
}
|
|
|
|
public function reinitpaswd($codeUtilisateur)
|
|
{
|
|
$sql = 'call s_assureur(?)';
|
|
|
|
$this->executerRequete($sql, array($codeUtilisateur));
|
|
}
|
|
|
|
public function reinitpaswdnew($codeUtilisateur)
|
|
{
|
|
$user = $_SESSION['login'];
|
|
|
|
$sql = 'call sp_r_reinit_utilisateur_assureur_new(?, ?)';
|
|
|
|
$this->executerRequete($sql, array($codeUtilisateur, $user));
|
|
}
|
|
|
|
public function desactiver($codeUtilisateur)
|
|
{
|
|
$sql = 'call sp_r_desactiver_utilisateur_assureur(?)';
|
|
|
|
|
|
$this->executerRequete($sql, array($codeUtilisateur));
|
|
}
|
|
|
|
public function activer($codeUtilisateur)
|
|
{
|
|
$sql = 'call sp_r_activer_utilisateur_assureur(?)';
|
|
|
|
$this->executerRequete($sql, array($codeUtilisateur));
|
|
}
|
|
|
|
public function getUtilisateursHorsProfil($codeProfil)
|
|
{
|
|
$codeSociete = $_SESSION['codeSociete'];
|
|
|
|
$sql = 'CALL sp_r_get_utilisateur_hors_profil(?, ?);';
|
|
|
|
$resultat = $this->executerRequete($sql, array($codeSociete, $codeProfil));
|
|
|
|
return $resultat->fetchAll(PDO::FETCH_ASSOC);
|
|
}
|
|
|
|
public function ajoutertousutilisateurprofilassureur($codeProfil)
|
|
{
|
|
$codeSociete = $_SESSION['codeSociete'];
|
|
$user = $_SESSION['login'];
|
|
|
|
$sql = 'call sp_r_ajouter_tous_utilisateur_profil_ass(?, ?, ?)';
|
|
|
|
$this->executerRequete($sql, array($codeSociete, $codeProfil, $user));
|
|
}
|
|
|
|
public function getListeProfilCode()
|
|
{
|
|
if (est_anglophone())
|
|
{
|
|
$sql = 'SELECT codeProfil AS `code`, CONCAT(libelleEng, " ( ", codeProfil, " )") AS libelle FROM profil WHERE (codeSociete=?) ORDER BY libelleEng';
|
|
}
|
|
else
|
|
{
|
|
$sql = 'SELECT codeProfil AS `code`, CONCAT(libelle, " ( ", codeProfil, " )") AS libelle FROM profil WHERE (codeSociete=?) ORDER BY libelle';
|
|
}
|
|
|
|
$liste = $this->executerRequete($sql, array($_SESSION['codeSociete']));
|
|
return $liste->fetchAll(PDO::FETCH_ASSOC);
|
|
}
|
|
|
|
public function ajouterunutilisateurprofilassureur($codeProfil, $codeUtilisateur)
|
|
{
|
|
$codeSociete = $_SESSION['codeSociete'];
|
|
$user = $_SESSION['login'];
|
|
|
|
$sql = 'call sp_r_ajouter_un_utilisateur_profil_ass(?, ?, ?, ?)';
|
|
|
|
$this->executerRequete($sql, array($codeSociete, $codeProfil, $codeUtilisateur, $user));
|
|
}
|
|
|
|
public function getMenusAccessiblesProfil($codeProfil)
|
|
{
|
|
$sql = "call sp_r_get_menus_accessibles_profil(?, ?);";
|
|
|
|
$menu = $this->executerRequete($sql, array($_SESSION['codeSociete'], $codeProfil));
|
|
|
|
return $menu->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
}
|
|
|
|
public function getMenusNonAccessiblesProfil($codeProfil)
|
|
{
|
|
$sql = "call sp_r_get_menus_non_accessibles_profil(?, ?);";
|
|
|
|
$menu = $this->executerRequete($sql, array($_SESSION['codeSociete'], $codeProfil));
|
|
|
|
return $menu->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
}
|
|
|
|
public function ajouterunmenuprincipalprofilassureur($codeProfil, $codeMenu)
|
|
{
|
|
$codeSociete = $_SESSION['codeSociete'];
|
|
$user = $_SESSION['login'];
|
|
|
|
$sql = 'call sp_r_ajouter_un_menu_accessibles_profil(?, ?, ?, ?)';
|
|
|
|
$this->executerRequete($sql, array($codeSociete, $codeProfil, $codeMenu, $user));
|
|
}
|
|
|
|
public function retirerunmenuprincipalprofilassureur($codeProfil, $codeMenu)
|
|
{
|
|
$codeSociete = $_SESSION['codeSociete'];
|
|
$user = $_SESSION['login'];
|
|
|
|
$sql = 'call sp_r_retirer_un_menu_accessibles_profil(?, ?, ?, ?)';
|
|
|
|
$this->executerRequete($sql, array($codeSociete, $codeProfil, $codeMenu, $user));
|
|
}
|
|
|
|
public function ajoutertousmenuprincipalprofilassureur($codeProfil)
|
|
{
|
|
$codeSociete = $_SESSION['codeSociete'];
|
|
$user = $_SESSION['login'];
|
|
|
|
$sql = 'call sp_r_ajouter_tous_menus_accessibles_profil(?, ?, ?)';
|
|
|
|
$this->executerRequete($sql, array($codeSociete, $codeProfil, $user));
|
|
}
|
|
|
|
public function retirerousmenuprincipalprofilassureur($codeProfil)
|
|
{
|
|
$codeSociete = $_SESSION['codeSociete'];
|
|
$user = $_SESSION['login'];
|
|
|
|
$sql = 'call sp_r_retirer_tous_menus_accessibles_profil(?, ?, ?)';
|
|
|
|
$this->executerRequete($sql, array($codeSociete, $codeProfil, $user));
|
|
}
|
|
|
|
public function getListeModule()
|
|
{
|
|
if (est_anglophone())
|
|
{
|
|
$sql = 'SELECT codeModule AS `code`, libelleEng AS libelle FROM module ORDER BY 1;';
|
|
}
|
|
else
|
|
{
|
|
$sql = 'SELECT codeModule AS `code`, libelle FROM module ORDER BY 1;';
|
|
}
|
|
|
|
$liste = $this->executerRequete($sql);
|
|
|
|
return $liste->fetchAll(PDO::FETCH_ASSOC);
|
|
}
|
|
|
|
public function getListeVueModule($codeModule)
|
|
{
|
|
if (est_anglophone())
|
|
{
|
|
$sql = 'call sp_get_vues_module_assureur_eng(?);';
|
|
}
|
|
else
|
|
{
|
|
$sql = 'call sp_get_vues_module_assureur(?);';
|
|
}
|
|
|
|
$liste = $this->executerRequete($sql, array($codeModule));
|
|
return $liste->fetchAll(PDO::FETCH_ASSOC);
|
|
}
|
|
|
|
public function getSousMenusAccessiblesVue($codeProfil, $vue)
|
|
{
|
|
$sql = "call sp_r_get_sous_menus_accessibles_vue(?, ?, ?);";
|
|
|
|
$menu = $this->executerRequete($sql, array($_SESSION['codeSociete'], $codeProfil, $vue));
|
|
|
|
return $menu->fetchAll(PDO::FETCH_ASSOC);
|
|
}
|
|
|
|
public function getSousMenusNonAccessiblesVue($codeProfil, $vue)
|
|
{
|
|
$sql = "call sp_r_get_sous_menus_non_accessibles_vue(?, ?, ?);";
|
|
|
|
$menu = $this->executerRequete($sql, array($_SESSION['codeSociete'], $codeProfil, $vue));
|
|
|
|
return $menu->fetchAll(PDO::FETCH_ASSOC);
|
|
}
|
|
|
|
public function ajoutertoussousmenusass($codeProfil, $vue)
|
|
{
|
|
$codeSociete = $_SESSION['codeSociete'];
|
|
$user = $_SESSION['login'];
|
|
|
|
$sql = 'call sp_r_ajouter_tous_sous_menus_accessibles_vue(?, ?, ?, ?)';
|
|
|
|
$this->executerRequete($sql, array($codeSociete, $codeProfil, $vue, $user));
|
|
}
|
|
|
|
public function retirertoussousmenusass($codeProfil, $vue)
|
|
{
|
|
$codeSociete = $_SESSION['codeSociete'];
|
|
$user = $_SESSION['login'];
|
|
|
|
$sql = 'call sp_r_retirer_tous_sous_menus_accessibles_vue(?, ?, ?, ?)';
|
|
|
|
$this->executerRequete($sql, array($codeSociete, $codeProfil, $vue, $user));
|
|
}
|
|
|
|
public function ajouterunsousmenusass($codeProfil, $vue, $codeMenu)
|
|
{
|
|
$codeSociete = $_SESSION['codeSociete'];
|
|
$user = $_SESSION['login'];
|
|
|
|
$sql = 'call sp_r_ajouter_un_sous_menus_accessibles_vue(?, ?, ?, ?, ?)';
|
|
|
|
$this->executerRequete($sql, array($codeSociete, $codeProfil, $vue, $codeMenu, $user));
|
|
}
|
|
public function retirerunsousmenusass($codeProfil, $vue, $codeMenu)
|
|
{
|
|
$codeSociete = $_SESSION['codeSociete'];
|
|
$user = $_SESSION['login'];
|
|
|
|
$sql = 'call sp_r_retirer_un_sous_menus_accessibles_vue(?, ?, ?, ?, ?)';
|
|
|
|
$this->executerRequete($sql, array($codeSociete, $codeProfil, $vue, $codeMenu, $user));
|
|
}
|
|
|
|
public function getListeProfilComplet()
|
|
{
|
|
$sql = 'SELECT * FROM profil WHERE (codeSociete=?) order by libelle';
|
|
|
|
$liste = $this->executerRequete($sql, array($_SESSION['codeSociete']));
|
|
return $liste->fetchAll(PDO::FETCH_ASSOC);
|
|
}
|
|
|
|
public function creerprofilass($libelle, $libelleEng)
|
|
{
|
|
$codeSociete = $_SESSION['codeSociete'];
|
|
$user = $_SESSION['login'];
|
|
|
|
$sql = 'call sp_creer_profil_ass(?, ?, ?, ?)';
|
|
|
|
$this->executerRequete($sql, array($codeSociete, $libelle, $libelleEng, $user));
|
|
}
|
|
|
|
public function transfererdroitsprofilassureur($codeProfilSource, $codeProfilDest)
|
|
{
|
|
$codeSociete = $_SESSION['codeSociete'];
|
|
$user = $_SESSION['login'];
|
|
|
|
$sql = 'call sp_r_transferer_droits_profil_ass(?, ?, ?, ?)';
|
|
|
|
$this->executerRequete($sql, array($codeSociete, $codeProfilSource, $codeProfilDest, $user));
|
|
}
|
|
|
|
public function batchviderprofilass($codeProfil)
|
|
{
|
|
$codeSociete = $_SESSION['codeSociete'];
|
|
$user = $_SESSION['login'];
|
|
|
|
$sql = 'call sp_batch_vider_droits_profil_assureur(?, ?, ?)';
|
|
|
|
$this->executerRequete($sql, array($codeSociete, $codeProfil, $user));
|
|
}
|
|
|
|
public function batchattribuerdroitsreferenceass($codeProfil)
|
|
{
|
|
$codeSociete = $_SESSION['codeSociete'];
|
|
$user = $_SESSION['login'];
|
|
|
|
$sql = 'call sp_batch_atrtribuer_droits_reference_profil_assureur(?, ?, ?)';
|
|
|
|
$this->executerRequete($sql, array($codeSociete, $codeProfil, $user));
|
|
}
|
|
|
|
public function getusersassueurfiltre($codeProfil, $nom, $prenoms, $codePointVente)
|
|
{
|
|
$codeProfil = contruireParamLike($codeProfil);
|
|
$nom = contruireParamLike($nom);
|
|
$prenoms = contruireParamLike($prenoms);
|
|
$codePointVente = contruireParamLike($codePointVente);
|
|
|
|
$codeSociete = $_SESSION['codeSociete'];
|
|
|
|
$sql = 'call sp_liste_users_assureur_filtre(?, ?, ?, ?, ?)';
|
|
|
|
$resultat = $this->executerRequete($sql, array($codeSociete, $codeProfil, $nom, $prenoms, $codePointVente));
|
|
|
|
return $resultat->fetchAll(PDO::FETCH_ASSOC);
|
|
}
|
|
|
|
public function getunusersassueur($idUtilisateur)
|
|
{
|
|
$sql = 'call sp_un_user_assureur(?)';
|
|
|
|
$resultat = $this->executerRequete($sql, array($idUtilisateur));
|
|
|
|
return $resultat->fetch(PDO::FETCH_ASSOC);
|
|
}
|
|
|
|
public function enregistrermodifusersass($idUtilisateur, $codeProfil, $nom, $prenoms, $actif, $actVisible, $codeLangue, $AffectionVisible,
|
|
$telephone, $email, $codePointVente, $filtrePointVente)
|
|
{
|
|
$user = $_SESSION['login'];
|
|
/*
|
|
nom
|
|
prenoms
|
|
codeProfil
|
|
actif
|
|
telephone
|
|
email
|
|
codeLangue
|
|
actVisible
|
|
AffectionVisible
|
|
codePointVente
|
|
filtrePointVente
|
|
*/
|
|
|
|
|
|
$sql = 'call sp_modifier_user_assureur(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)';
|
|
|
|
$resultat = $this->executerRequete($sql, array($idUtilisateur, $codeProfil, $nom, $prenoms, $actif, $actVisible, $codeLangue, $AffectionVisible, $user,
|
|
$telephone, $email, $codePointVente, $filtrePointVente));
|
|
}
|
|
|
|
public function creeruserassureur($codeProfil, $codeUtilisateur, $nom, $prenoms, $telephone, $email, $motPass, $codeLangue, $actVisible,
|
|
$AffectionVisible, $codeModeGenerationPass, $codeModeEnvoiPass, $codePointVente, $filtrePointVente)
|
|
{
|
|
$codeSociete = $_SESSION['codeSociete'];
|
|
$user = $_SESSION['login'];
|
|
$passAutoGen = "";
|
|
|
|
switch ($codeModeGenerationPass)
|
|
{
|
|
case "0":
|
|
$hash = password_hash($motPass, PASSWORD_DEFAULT);
|
|
break;
|
|
case "1":
|
|
$passAutoGen = uniqid();
|
|
$hash = password_hash($passAutoGen, PASSWORD_DEFAULT);
|
|
$motPass = $passAutoGen;
|
|
break;
|
|
case 2:
|
|
$hash = "";
|
|
break;
|
|
default:
|
|
$hash = password_hash($motPass, PASSWORD_DEFAULT);
|
|
}
|
|
|
|
$sql = 'call sp_creer_user_assureur(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)';
|
|
|
|
$this->executerRequete($sql, array($codeSociete, $codeProfil, $codeUtilisateur, $nom, $prenoms, $telephone,
|
|
$email, $hash, $codeLangue, $actVisible, $AffectionVisible, $user, $codeModeGenerationPass, $passAutoGen,
|
|
$codeModeEnvoiPass, $motPass, $codePointVente, $filtrePointVente));
|
|
}
|
|
|
|
public function gereraccesaffection($codeUtilisateur, $AffectionVisible)
|
|
{
|
|
$sql = 'call sp_r_gerer_accesaffection_assureur(?, ?)';
|
|
|
|
$this->executerRequete($sql, array($codeUtilisateur, $AffectionVisible));
|
|
}
|
|
|
|
public function verifiermotpassdefaut($codeSociete, $mdp)
|
|
{
|
|
$sql = "call sp_get_mot_pass_reinit(?);";
|
|
|
|
$resultat = $this->executerRequete($sql, array($codeSociete));
|
|
|
|
if ($resultat->rowCount() == 1)
|
|
{
|
|
$user = $resultat->fetch(PDO::FETCH_ASSOC);
|
|
$hash = $user['motPassReinit'];
|
|
return (password_verify($mdp, $hash));
|
|
}
|
|
else
|
|
{
|
|
return false;
|
|
}
|
|
}
|
|
|
|
public function set_composanteprime()
|
|
{
|
|
$sql = 'SELECT libelle, libelleActif FROM composanteprime WHERE (codeSociete = ?) ORDER BY 1;';
|
|
|
|
$resultat = $this->executerRequete($sql, array($_SESSION['codeSociete']));
|
|
$composanteprimes = $resultat->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
foreach ($composanteprimes as $composanteprime)
|
|
{
|
|
$cle = $composanteprime['libelle'];
|
|
$val = $composanteprime['libelleActif'];
|
|
$_SESSION['composanteprime']["$cle"] = $val;
|
|
}
|
|
}
|
|
|
|
public function set_affichagedynamique()
|
|
{
|
|
$sql = 'SELECT libelle, libelleActif FROM affichagedynamique WHERE (codeSociete = ?) ORDER BY 1;';
|
|
|
|
$resultat = $this->executerRequete($sql, array($_SESSION['codeSociete']));
|
|
$affichagedynamiques = $resultat->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
foreach ($affichagedynamiques as $affichagedynamique)
|
|
{
|
|
$cle = $affichagedynamique['libelle'];
|
|
$val = $affichagedynamique['libelleActif'];
|
|
$_SESSION['affichagedynamique']["$cle"] = $val;
|
|
}
|
|
}
|
|
|
|
public function getcomplexitepassword()
|
|
{
|
|
$sql = 'SELECT concat("#",complexitePassWord,"#") as complexitePassWord, longueurPassWord
|
|
FROM societeuser where (codeSociete=?) limit 1;';
|
|
|
|
$resultat = $this->executerRequete($sql, array($_SESSION['codeSociete']));
|
|
|
|
return $resultat->fetch(PDO::FETCH_ASSOC);
|
|
}
|
|
|
|
public function respecteoldpass($login, $mdp)
|
|
{
|
|
$respecteoldpass = true;
|
|
|
|
$sql = "call sp_get_utilisateur_old_pass(?);";
|
|
|
|
$resultat = $this->executerRequete($sql, array($login));
|
|
|
|
$olds_pass = $resultat->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
foreach ($olds_pass as $old_pass)
|
|
{
|
|
$hash = $old_pass['motPass'];
|
|
if (password_verify($mdp, $hash))
|
|
{
|
|
$respecteoldpass = false;
|
|
break;
|
|
}
|
|
}
|
|
|
|
return $respecteoldpass;
|
|
}
|
|
|
|
public function pass_updated($login)
|
|
{
|
|
$respecteoldpass = true;
|
|
|
|
$sql = "call sp_get_utilisateur_old_pass(?);";
|
|
|
|
$resultat = $this->executerRequete($sql, array($login));
|
|
|
|
$olds_pass = $resultat->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
foreach ($olds_pass as $old_pass)
|
|
{
|
|
$hash = $old_pass['motPass'];
|
|
if (password_verify($mdp, $hash))
|
|
{
|
|
$respecteoldpass = false;
|
|
break;
|
|
}
|
|
}
|
|
|
|
return $respecteoldpass;
|
|
}
|
|
|
|
/*
|
|
public function passtropvieux($login)
|
|
{
|
|
$respecteoldpass = true;
|
|
|
|
$sql = 'select fn_r_pass_trop_vieux(?) as passtropvieux;';
|
|
|
|
$resultat = $this->executerRequete($sql, array($login));
|
|
$ligne = $resultat->fetch(PDO::FETCH_ASSOC);
|
|
return ($ligne['passtropvieux']=="1");
|
|
}
|
|
*/
|
|
|
|
// Tables connexes
|
|
public function getListeTypeUtilisateur() {
|
|
$sql = 'SELECT codeTypeUtilisateur as code, libelle
|
|
FROM typeutilisateur order by libelle';
|
|
|
|
$liste = $this->executerRequete($sql);
|
|
return $liste;
|
|
}
|
|
|
|
public function motpassoublie($login)
|
|
{
|
|
$passAutoGen = uniqid();
|
|
$hash = password_hash($passAutoGen, PASSWORD_DEFAULT);
|
|
$motPass = $passAutoGen;
|
|
|
|
$sql = "SELECT fn_message_motpasseoublie(?, ?, ?, ?) As message;";
|
|
|
|
$resultat = $this->executerRequete($sql, array($login, $_SESSION['lang'], $motPass, $hash))->fetch(PDO::FETCH_ASSOC);
|
|
|
|
return $resultat['message'];
|
|
}
|
|
|
|
public function alowed_ip($login, $ipConnexion)
|
|
{
|
|
$sql = 'select fn_alowed_ip(?, ?) AS alowedIp;';
|
|
|
|
$resultat = $this->executerRequete($sql, array($login, $ipConnexion));
|
|
$ligne = $resultat->fetch(PDO::FETCH_ASSOC);
|
|
return $ligne['alowedIp'];
|
|
}
|
|
|
|
public function changerlangueutilisateurconnexion($login, $codeNewLang)
|
|
{
|
|
$sql = "call sp_r_changer_langue_utilisateur(?, ?);";
|
|
|
|
$this->executerRequete($sql, array($login, $codeNewLang));
|
|
|
|
$_SESSION['lang'] = $codeNewLang;
|
|
setcookie('lang', $codeNewLang, time()+365*24*3600, '/');
|
|
}
|
|
|
|
public function set_otp_value($login, $otpValue)
|
|
{
|
|
$hash = password_hash($otpValue, PASSWORD_DEFAULT);
|
|
|
|
$sql = 'UPDATE utilisateur SET otpValue=? WHERE codeutilisateur=?;';
|
|
|
|
$this->executerRequete($sql, array($hash, $login));
|
|
}
|
|
|
|
public function get_otp_value($login)
|
|
{
|
|
$sql = 'SELECT otpValue FROM utilisateur WHERE codeutilisateur=?;';
|
|
$resultat = $this->executerRequete($sql, array($login));
|
|
$ligne = $resultat->fetch(PDO::FETCH_ASSOC);
|
|
return $ligne['otpValue'];
|
|
}
|
|
|
|
public function envoyer_otp($login, $otpValue)
|
|
{
|
|
$sql = 'CALL sp_envoyer_otp(?, ?, ?);';
|
|
|
|
$this->executerRequete($sql, array($_SESSION['codeSociete'], $login, $otpValue));
|
|
}
|
|
|
|
public function getContextePolice()
|
|
{
|
|
$user = $_SESSION['login'];
|
|
|
|
$sql = 'CALL sp_get_contexte_police(?);';
|
|
|
|
$liste = $this->executerRequete($sql, array($user));
|
|
|
|
$_SESSION['contextPolice'] = $liste->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
}
|
|
|
|
} |