executerRequete($sql, array($login)); if ($utilisateur->rowCount() == 1) { $user = $utilisateur->fetch(PDO::FETCH_ASSOC); $hash = $user['motPass']; return (password_verify($mdp, $hash)); } else return false; } public function getUtilisateurs($codeUtilisateur=null,$nom=null,$prenoms=null) { $codeUtilisateur = contruireParamLike($codeUtilisateur); $nom = contruireParamLike($nom); $prenoms = contruireParamLike($prenoms); $sql = "SELECT A.id , A.id AS idUtilisateur, A.codeUtilisateur, A.codeUtilisateur AS login, S.codePays AS codePaysSociete, A.nom, IFNULL(A.prenoms, '') AS prenoms, A.codeTypeUtilisateur, B.libelle AS typeUtilisateur, A.telephone, A.email, A.motPass, A.codeProfil, IFNULL(A.codePrestataire, '') AS codePrestataire, IFNULL(C.libelle, '') AS profil, A.gestionDroit, IFNULL(D.libelle, '') AS prestataire, IFNULL(D.codeTypePrestataire, '') AS codeTypePrestataire, IFNULL(E.libelle, '') AS typePrestataire, IFNULL(D.telephonePortable, '') AS telephonePrestataire, IFNULL(D.faxPrestataire, '') AS faxPrestataire, IFNULL(D.email, '') AS emailPrestataire, S.*, C.codeProfilSysteme, S.tauxInteretEcheancier as tauxInteret, A.adminProd, A.adminSin FROM utilisateur A JOIN societeuser S ON (S.codeSociete=A.codeSociete) JOIN typeutilisateur B ON (B.codeTypeUtilisateur=A.codeTypeUtilisateur) JOIN profil C ON (C.codeSociete=A.codeSociete AND C.codeProfil=A.codeProfil) LEFT JOIN prestataire D ON (D.codeSociete=A.codeSociete AND D.codePrestataire=A.codePrestataire) LEFT JOIN typeprestataire E ON (E.codeTypePrestataire=D.codeTypePrestataire) WHERE (A.codeSociete=? AND A.codeUtilisateur LIKE ? AND A.nom LIKE ? AND A.prenoms LIKE ?) order by A.nom, A.prenoms"; $utilisateurs = $this->executerRequete($sql, array($_SESSION['codeSociete'],$codeUtilisateur,$nom,$prenoms)); return $utilisateurs; } public function getUtilisateur($login) { $sql = "call sp_r_get_utilisateur(?);"; $utilisateur = $this->executerRequete($sql, array($login)); return $utilisateur->fetch(PDO::FETCH_ASSOC); } public function getUtilisateurId($id) { $sql = "SELECT A.id , A.id AS idUtilisateur, A.codeUtilisateur, A.codeUtilisateur AS login, S.codePays AS codePaysSociete, A.nom, IFNULL(A.prenoms, '') AS prenoms, A.codeTypeUtilisateur, B.libelle AS typeUtilisateur, A.telephone, A.email, A.motPass, A.codeProfil, IFNULL(A.codePrestataire, '') AS codePrestataire, IFNULL(C.libelle, '') AS profil, A.gestionDroit, IFNULL(D.libelle, '') AS prestataire, IFNULL(D.codeTypePrestataire, '') AS codeTypePrestataire, IFNULL(E.libelle, '') AS typePrestataire, IFNULL(D.telephonePortable, '') AS telephonePrestataire, IFNULL(D.faxPrestataire, '') AS faxPrestataire, IFNULL(D.email, '') AS emailPrestataire, S.*, C.codeProfilSysteme, S.tauxInteretEcheancier as tauxInteret, A.adminProd, A.adminSin FROM utilisateur A JOIN societeuser S ON (S.codeSociete=A.codeSociete) JOIN typeutilisateur B ON (B.codeTypeUtilisateur=A.codeTypeUtilisateur) JOIN profil C ON (C.codeSociete=A.codeSociete AND C.codeProfil=A.codeProfil) LEFT JOIN prestataire D ON (D.codeSociete=A.codeSociete AND D.codePrestataire=A.codePrestataire) LEFT JOIN typeprestataire E ON (E.codeTypePrestataire=D.codeTypePrestataire) WHERE A.id=?"; $utilisateur = $this->executerRequete($sql, array($id)); return $utilisateur->fetch(PDO::FETCH_ASSOC); } public function changerpass($login, $ancmdp, $nvmdp) { $hash = password_hash($nvmdp, PASSWORD_DEFAULT); $sql = "UPDATE utilisateur set motPass=?, reInit = '0' WHERE codeUtilisateur=?"; $this->executerRequete($sql, array($hash, $login)); } public function viderTablesTemporairesUser($login) { $sql = "call viderTablesTemporairesUser(?)"; $this->executerRequete($sql, array($login)); } public function getNombreUtilisateur() { $sql = 'select count(*) as nbUtilisateur FROM utilisateur A WHERE (A.codeSociete=?)'; $resultat = $this->executerRequete($sql, array($_SESSION['codeSociete'])); $ligne = $resultat->fetch(PDO::FETCH_ASSOC); return $ligne['nbUtilisateur']; } //////////// public function ajouter($codeSociete, $codeUtilisateur, $nom, $prenoms, $codeService, $telephone, $email, $fonction, $codeProfil) { $sql = 'INSERT INTO utilisateur (codeSociete, codeUtilisateur, nom, prenoms, codeService, telephone, email, motPass, fonction, dateEntree, gestionDroit, codeProfil) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)'; $this->executerRequete($sql, array($codeSociete, $codeUtilisateur, $nom, $prenoms, $codeService, $telephone, $email, password_hash("0000", PASSWORD_DEFAULT), $fonction, date('Y-m-d'), "0", $codeProfil)); } public function modifier($id, $codeUtilisateur, $nom, $prenoms, $codeService, $telephone, $email, $fonction, $codeProfil) { $sql = 'UPDATE utilisateur SET codeUtilisateur=?, nom=?, prenoms=?, codeService=?, telephone=?, email=?, fonction=?, codeProfil=? where (id=?)'; $this->executerRequete($sql, array($codeUtilisateur, $nom, $prenoms, $codeService, $telephone, $email, $fonction, $codeProfil, $id)); } public function supprimer($id) { $sql = 'DELETE FROM utilisateur WHERE (id=?)'; $this->executerRequete($sql, array($id)); } public function existeligne($codeUtilisateur) { $sql = 'select id FROM utilisateur WHERE (codeUtilisateur=?)'; $resultat = $this->executerRequete($sql, array($codeUtilisateur)); return ($resultat->rowCount() > 0); } public function getListe() { $sql = 'SELECT codeUtilisateur as `code`, concat(nom," ",prenoms) as libelle FROM utilisateur WHERE (codeSociete=?) order by nom, prenoms'; $liste = $this->executerRequete($sql, array($_SESSION['codeSociete'])); return $liste->fetchAll(PDO::FETCH_ASSOC); } public function getUtilisateursProfil($codeProfil) { $codeProfil = contruireParam($codeProfil); $sql = "SELECT case when codeProfil>' ' then '1' else '0' end as choix, id, codeUtilisateur, concat(nom,' ',prenoms) as nom, codeProfil FROM utilisateur WHERE (codeSociete=? AND ?>' ') AND (codeProfil=? OR codeProfil<=' ') order by 1 DESC, nom, prenoms"; $utilisateurs = $this->executerRequete($sql, array($_SESSION['codeSociete'],$codeProfil,$codeProfil)); return $utilisateurs; } public function attribuerProfil($id_utilisateur,$codeProfil,$choix) { $id_utilisateur = contruireParam($id_utilisateur); $codeProfil = contruireParam($codeProfil); $choix = contruireParam($choix); if ($choix=='0') { $codeProfil = ''; } $sql = "update utilisateur set codeProfil=? WHERE (id=?)"; $this->executerRequete($sql, array($codeProfil,$id_utilisateur)); } public function getUtilisateurIdsaisie($idSaisie) { $sql = "call sp_r_get_utilisateur_idSaisie(?);"; $utilisateur = $this->executerRequete($sql, array($idSaisie)); return $utilisateur->fetch(PDO::FETCH_ASSOC); } public function changerlangueutilisateur() { $user = $_SESSION['login']; $codeLangue = $_SESSION['lang']; if($codeLangue == "en_US") { $codeNewLang = "fr_FR"; } else { $codeNewLang = "en_US"; } $sql = "call sp_r_changer_langue_utilisateur(?, ?);"; $this->executerRequete($sql, array($user, $codeNewLang)); $_SESSION['lang'] = $codeNewLang; setcookie('lang', $codeLangue, time()+365*24*3600, '/'); $_COOKIE['lang'] = $codeNewLang; } public function getListeProfil() { if (est_anglophone()) { $sql = 'SELECT codeProfil as `code`, libelleEng as libelle FROM profil WHERE (codeSociete=?) order by libelleEng'; } else { $sql = 'SELECT codeProfil as `code`, libelle FROM profil WHERE (codeSociete=?) order by libelle'; } $liste = $this->executerRequete($sql, array($_SESSION['codeSociete'])); return $liste->fetchAll(PDO::FETCH_ASSOC); } public function getUtilisateursActesVisibles($codeProfil) { $sql = 'call sp_get_utilisateur_profil(?, ?)'; $resultat = $this->executerRequete($sql, array($_SESSION['codeSociete'], $codeProfil)); return $resultat->fetchAll(PDO::FETCH_ASSOC); } public function gereraccesactes($codeUtilisateur, $actVisible) { $sql = 'call sp_r_gerer_accesactes_assureur(?, ?)'; $this->executerRequete($sql, array($codeUtilisateur, $actVisible)); } public function reinitpaswd($codeUtilisateur) { $sql = 'call sp_r_reinit_utilisateur_assureur(?)'; $this->executerRequete($sql, array($codeUtilisateur)); } public function desactiver($codeUtilisateur) { $sql = 'call sp_r_desactiver_utilisateur_assureur(?)'; $this->executerRequete($sql, array($codeUtilisateur)); } public function activer($codeUtilisateur) { $sql = 'call sp_r_activer_utilisateur_assureur(?)'; $this->executerRequete($sql, array($codeUtilisateur)); } public function getUtilisateursHorsProfil($codeProfil) { $codeSociete = $_SESSION['codeSociete']; $sql = 'CALL sp_r_get_utilisateur_hors_profil(?, ?);'; $resultat = $this->executerRequete($sql, array($codeSociete, $codeProfil)); return $resultat->fetchAll(PDO::FETCH_ASSOC); } public function ajoutertousutilisateurprofilassureur($codeProfil) { $codeSociete = $_SESSION['codeSociete']; $user = $_SESSION['login']; $sql = 'call sp_r_ajouter_tous_utilisateur_profil_ass(?, ?, ?)'; $this->executerRequete($sql, array($codeSociete, $codeProfil, $user)); } public function getListeProfilCode() { if (est_anglophone()) { $sql = 'SELECT codeProfil AS `code`, CONCAT(libelleEng, " ( ", codeProfil, " )") AS libelle FROM profil WHERE (codeSociete=?) ORDER BY libelleEng'; } else { $sql = 'SELECT codeProfil AS `code`, CONCAT(libelle, " ( ", codeProfil, " )") AS libelle FROM profil WHERE (codeSociete=?) ORDER BY libelle'; } $liste = $this->executerRequete($sql, array($_SESSION['codeSociete'])); return $liste->fetchAll(PDO::FETCH_ASSOC); } public function ajouterunutilisateurprofilassureur($codeProfil, $codeUtilisateur) { $codeSociete = $_SESSION['codeSociete']; $user = $_SESSION['login']; $sql = 'call sp_r_ajouter_un_utilisateur_profil_ass(?, ?, ?, ?)'; $this->executerRequete($sql, array($codeSociete, $codeProfil, $codeUtilisateur, $user)); } public function getMenusAccessiblesProfil($codeProfil) { $sql = "call sp_r_get_menus_accessibles_profil(?, ?);"; $menu = $this->executerRequete($sql, array($_SESSION['codeSociete'], $codeProfil)); return $menu->fetchAll(); } public function getMenusNonAccessiblesProfil($codeProfil) { $sql = "call sp_r_get_menus_non_accessibles_profil(?, ?);"; $menu = $this->executerRequete($sql, array($_SESSION['codeSociete'], $codeProfil)); return $menu->fetchAll(); } public function ajouterunmenuprincipalprofilassureur($codeProfil, $codeMenu) { $codeSociete = $_SESSION['codeSociete']; $user = $_SESSION['login']; $sql = 'call sp_r_ajouter_un_menu_accessibles_profil(?, ?, ?, ?)'; $this->executerRequete($sql, array($codeSociete, $codeProfil, $codeMenu, $user)); } public function retirerunmenuprincipalprofilassureur($codeProfil, $codeMenu) { $codeSociete = $_SESSION['codeSociete']; $user = $_SESSION['login']; $sql = 'call sp_r_retirer_un_menu_accessibles_profil(?, ?, ?, ?)'; $this->executerRequete($sql, array($codeSociete, $codeProfil, $codeMenu, $user)); } public function ajoutertousmenuprincipalprofilassureur($codeProfil) { $codeSociete = $_SESSION['codeSociete']; $user = $_SESSION['login']; $sql = 'call sp_r_ajouter_tous_menus_accessibles_profil(?, ?, ?)'; $this->executerRequete($sql, array($codeSociete, $codeProfil, $user)); } public function retirerousmenuprincipalprofilassureur($codeProfil) { $codeSociete = $_SESSION['codeSociete']; $user = $_SESSION['login']; $sql = 'call sp_r_retirer_tous_menus_accessibles_profil(?, ?, ?)'; $this->executerRequete($sql, array($codeSociete, $codeProfil, $user)); } public function getListeModule() { if (est_anglophone()) { $sql = 'SELECT codeModule AS `code`, libelleEng AS libelle FROM module ORDER BY 1;'; } else { $sql = 'SELECT codeModule AS `code`, libelle FROM module ORDER BY 1;'; } $liste = $this->executerRequete($sql); return $liste->fetchAll(PDO::FETCH_ASSOC); } public function getListeVueModule($codeModule) { if (est_anglophone()) { $sql = 'call sp_get_vues_module_assureur_eng(?);'; } else { $sql = 'call sp_get_vues_module_assureur(?);'; } $liste = $this->executerRequete($sql, array($codeModule)); return $liste->fetchAll(PDO::FETCH_ASSOC); } public function getSousMenusAccessiblesVue($codeProfil, $vue) { $sql = "call sp_r_get_sous_menus_accessibles_vue(?, ?, ?);"; $menu = $this->executerRequete($sql, array($_SESSION['codeSociete'], $codeProfil, $vue)); return $menu->fetchAll(); } public function getSousMenusNonAccessiblesVue($codeProfil, $vue) { $sql = "call sp_r_get_sous_menus_non_accessibles_vue(?, ?, ?);"; $menu = $this->executerRequete($sql, array($_SESSION['codeSociete'], $codeProfil, $vue)); return $menu->fetchAll(); } public function ajoutertoussousmenusass($codeProfil, $vue) { $codeSociete = $_SESSION['codeSociete']; $user = $_SESSION['login']; $sql = 'call sp_r_ajouter_tous_sous_menus_accessibles_vue(?, ?, ?, ?)'; $this->executerRequete($sql, array($codeSociete, $codeProfil, $vue, $user)); } public function retirertoussousmenusass($codeProfil, $vue) { $codeSociete = $_SESSION['codeSociete']; $user = $_SESSION['login']; $sql = 'call sp_r_retirer_tous_sous_menus_accessibles_vue(?, ?, ?, ?)'; $this->executerRequete($sql, array($codeSociete, $codeProfil, $vue, $user)); } public function ajouterunsousmenusass($codeProfil, $vue, $codeMenu) { $codeSociete = $_SESSION['codeSociete']; $user = $_SESSION['login']; $sql = 'call sp_r_ajouter_un_sous_menus_accessibles_vue(?, ?, ?, ?, ?)'; $this->executerRequete($sql, array($codeSociete, $codeProfil, $vue, $codeMenu, $user)); } public function retirerunsousmenusass($codeProfil, $vue, $codeMenu) { $codeSociete = $_SESSION['codeSociete']; $user = $_SESSION['login']; $sql = 'call sp_r_retirer_un_sous_menus_accessibles_vue(?, ?, ?, ?, ?)'; $this->executerRequete($sql, array($codeSociete, $codeProfil, $vue, $codeMenu, $user)); } public function getListeProfilComplet() { $sql = 'SELECT * FROM profil WHERE (codeSociete=?) order by libelle'; $liste = $this->executerRequete($sql, array($_SESSION['codeSociete'])); return $liste->fetchAll(PDO::FETCH_ASSOC); } public function creerprofilass($libelle, $libelleEng) { $codeSociete = $_SESSION['codeSociete']; $user = $_SESSION['login']; $sql = 'call sp_creer_profil_ass(?, ?, ?, ?)'; $this->executerRequete($sql, array($codeSociete, $libelle, $libelleEng, $user)); } public function transfererdroitsprofilassureur($codeProfilSource, $codeProfilDest) { $codeSociete = $_SESSION['codeSociete']; $user = $_SESSION['login']; $sql = 'call sp_r_transferer_droits_profil_ass(?, ?, ?, ?)'; $this->executerRequete($sql, array($codeSociete, $codeProfilSource, $codeProfilDest, $user)); } public function batchviderprofilass($codeProfil) { $codeSociete = $_SESSION['codeSociete']; $user = $_SESSION['login']; $sql = 'call sp_batch_vider_droits_profil_assureur(?, ?, ?)'; $this->executerRequete($sql, array($codeSociete, $codeProfil, $user)); } public function batchattribuerdroitsreferenceass($codeProfil) { $codeSociete = $_SESSION['codeSociete']; $user = $_SESSION['login']; $sql = 'call sp_batch_atrtribuer_droits_reference_profil_assureur(?, ?, ?)'; $this->executerRequete($sql, array($codeSociete, $codeProfil, $user)); } public function getusersassueurfiltre($codeProfil, $nom, $prenoms) { $codeProfil = contruireParamLike($codeProfil); $nom = contruireParamLike($nom); $prenoms = contruireParamLike($prenoms); $codeSociete = $_SESSION['codeSociete']; $sql = 'call sp_liste_users_assureur_filtre(?, ?, ?, ?)'; $resultat = $this->executerRequete($sql, array($codeSociete, $codeProfil, $nom, $prenoms)); return $resultat->fetchAll(PDO::FETCH_ASSOC); } public function getunusersassueur($idUtilisateur) { $sql = 'call sp_un_user_assureur(?)'; $resultat = $this->executerRequete($sql, array($idUtilisateur)); return $resultat->fetch(PDO::FETCH_ASSOC); } public function enregistrermodifusersass($idUtilisateur, $codeProfil, $nom, $prenoms, $actif, $actVisible, $codeLangue, $AffectionVisible) { $user = $_SESSION['login']; $sql = 'call sp_modifier_user_assureur(?, ?, ?, ?, ?, ?, ?, ?, ?)'; $resultat = $this->executerRequete($sql, array($idUtilisateur, $codeProfil, $nom, $prenoms, $actif, $actVisible, $codeLangue, $AffectionVisible, $user)); } public function creeruserassureur($codeProfil, $codeUtilisateur, $nom, $prenoms, $telephone, $email, $motPass, $codeLangue, $actVisible, $AffectionVisible) { $codeSociete = $_SESSION['codeSociete']; $user = $_SESSION['login']; $hash = password_hash($motPass, PASSWORD_DEFAULT); $sql = 'call sp_creer_user_assureur(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)'; $this->executerRequete($sql, array($codeSociete, $codeProfil, $codeUtilisateur, $nom, $prenoms, $telephone, $email, $hash, $codeLangue, $actVisible, $AffectionVisible, $user)); } public function gereraccesaffection($codeUtilisateur, $AffectionVisible) { $sql = 'call sp_r_gerer_accesaffection_assureur(?, ?)'; $this->executerRequete($sql, array($codeUtilisateur, $AffectionVisible)); } public function verifiermotpassdefaut($codeSociete, $mdp) { $sql = "call sp_get_mot_pass_reinit(?);"; $resultat = $this->executerRequete($sql, array($codeSociete)); if ($resultat->rowCount() == 1) { $user = $resultat->fetch(PDO::FETCH_ASSOC); $hash = $user['motPassReinit']; return (password_verify($mdp, $hash)); } else { return false; } } public function set_composanteprime() { $sql = 'SELECT libelle, libelleActif FROM composanteprime WHERE (codeSociete = ?) ORDER BY 1;'; $resultat = $this->executerRequete($sql, array($_SESSION['codeSociete'])); $composanteprimes = $resultat->fetchAll(); foreach ($composanteprimes as $composanteprime) { $cle = $composanteprime['libelle']; $val = $composanteprime['libelleActif']; $_SESSION['composanteprime']["$cle"] = $val; } } public function set_affichagedynamique() { $sql = 'SELECT libelle, libelleActif FROM affichagedynamique WHERE (codeSociete = ?) ORDER BY 1;'; $resultat = $this->executerRequete($sql, array($_SESSION['codeSociete'])); $affichagedynamiques = $resultat->fetchAll(); foreach ($affichagedynamiques as $affichagedynamique) { $cle = $affichagedynamique['libelle']; $val = $affichagedynamique['libelleActif']; $_SESSION['affichagedynamique']["$cle"] = $val; } } public function getListeAgences() { if (est_anglophone()) { $sql = 'SELECT codePointVente AS `code`, CONCAT(libelle, " ( ", codePointVente, " )") AS libelleEng FROM pointvente WHERE (codeSociete=?) AND codeTypePointvente IN ("AP", "AG") ORDER BY libelleEng;'; } else { $sql = 'SELECT codePointVente AS `code`, CONCAT(libelle, " ( ", codePointVente, " )") AS libelle FROM pointvente WHERE (codeSociete=?) AND codeTypePointvente IN ("AP", "AG") ORDER BY libelle;'; } $liste = $this->executerRequete($sql, array($_SESSION['codeSociete'])); return $liste->fetchAll(PDO::FETCH_ASSOC); } public function getusersagencefiltre($codePointVente, $nom, $prenoms) { $codePointVente = contruireParamLike($codePointVente); $nom = contruireParamLike($nom); $prenoms = contruireParamLike($prenoms); $codeSociete = $_SESSION['codeSociete']; $sql = 'call sp_liste_users_agence_filtre(?, ?, ?, ?)'; $resultat = $this->executerRequete($sql, array($codeSociete, $codePointVente, $nom, $prenoms)); return $resultat->fetchAll(PDO::FETCH_ASSOC); } public function enregistrermodifusersagence($idUtilisateur, $codePointVente, $nom, $prenoms, $actif, $actVisible, $codeLangue, $AffectionVisible) { $user = $_SESSION['login']; $sql = 'call sp_modifier_user_agence(?, ?, ?, ?, ?, ?, ?, ?, ?)'; /* var_dump ( array ( "idUtilisateur" => $idUtilisateur, "codePointVente" => $codePointVente, "nom" => $nom, "prenoms" => $prenoms, "actif" => $actif, "actVisible" => $actVisible, "codeLangue" => $codeLangue, "AffectionVisible" => $AffectionVisible, "user" => $user ) ); exit(); */ $resultat = $this->executerRequete($sql, array($idUtilisateur, $codePointVente, $nom, $prenoms, $actif, $actVisible, $codeLangue, $AffectionVisible, $user)); } public function creeruseragence($codePointVente, $codeUtilisateur, $nom, $prenoms, $telephone, $email, $motPass, $codeLangue, $actVisible, $AffectionVisible) { $codeSociete = $_SESSION['codeSociete']; $user = $_SESSION['login']; $hash = password_hash($motPass, PASSWORD_DEFAULT); $sql = 'call sp_creer_user_agence(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)'; /* var_dump ( array ( "codeSociete" => $codeSociete, "codePointVente" => $codePointVente, ) ); exit(); */ $this->executerRequete($sql, array($codeSociete, $codePointVente, $codeUtilisateur, $nom, $prenoms, $telephone, $email, $hash, $codeLangue, $actVisible, $AffectionVisible, $user)); } }