$valeur){ if($nom != 'id' && $nom != 'name' && $nom != 'title' && $nom != 'style' && $nom != 'class' && $nom != 'alt' && $nom != 'rel' && $nom != 'rev' && $nom != 'texte' && $nom != 'tronque'){ $arg[$nom] = $valeur; } } $url = "creer_url($arg,$rewrite)."\""; if(isset($args['id'])&& $args['id'] != ""){ $url .= " id=\"".$args['id']."\""; } if(isset($args['name'])&& $args['name'] != ""){ $url .= " name=\"".$args['name']."\""; } if(isset($args['title'])&& $args['title'] != ""){ $url .= " title=\"YES".$args['title']."\""; } if(isset($args['target'])&& $args['target'] != ""){ $url .= " target=\"".$args['target']."\""; } if(isset($args['style'])&& $args['style'] != ""){ $url .= " style=\"".$args['style']."\""; } if(isset($args['class'])&& $args['class'] != ""){ $url .= " class=\"".$args['class']."\""; } if(isset($args['alt'])&& $args['alt'] != ""){ $url .= " alt=\"".$args['alt']."\""; } if(isset($args['rel'])&& $args['rel'] != ""){ $url .= " rel=\"".$args['rel']."\""; } if(isset($args['rev'])&& $args['rev'] != ""){ $url .= " rev=\"".$args['rev']."\""; } $url .= " >"; if(isset($args['tronque'])&& $args['tronque'] != ''){ $url .= htmlentities(tronque(html_entity_decode($args['texte']),$args['tronque'])); }else{ $url .= htmlentities(html_entity_decode($args['texte'])); } $url .= ""; return $url; } function creer_url($args=array(),$rewrite=false) { $url = ""; $page = ""; foreach($args as $arg=>$valeur){ if($rewrite){ if($arg == 'domaine'){ $url .= "http://".$valeur; }else if($arg == 'page'){ $page = $valeur; switch ($valeur) { case 'surmesure'; $url .= '/stand-sur-mesure'; break; case 'modulable'; $url .= '/stand-modulable'; break; case 'pliable'; $url .= '/stand-pliable'; break; default; $url .= '/'.$valeur; break; } }else if($arg == 'rubrique'){ if ($page == 'services') { switch ($valeur) { case 'bureau'; $url .= '/bureau-d-etude'; break; case 'labo'; $url .= '/labo-photo-impression'; break; case 'servicelocation'; $url .= '/service-de-location'; break; case 'logistique'; $url .= '/logistique-et-stockage'; break; default; $url .= '/'.$valeur; break; } } else if ($page == 'contact') { switch ($valeur) { case 'rdv'; $url .= '/rendez-vous'; break; default; $url .= '/'.$valeur; break; } } else if ($page == 'surmesure' || $page == 'modulable' || $page == 'pliable' || $page == 'accessoires' || $page == 'promotions') { $rub = $GLOBALS['__CONN__']->mysql_table("SELECT * FROM categories WHERE id=".$valeur); $rub = $rub[0]['nom']; $url .= '/'.str_replace(' ', '-', $this->supprAccents(utf8_decode($rub))).'_'.$valeur; } else $url .= '/'.$valeur; }else if ($arg == 'articles'){ $art = $GLOBALS['__CONN__']->mysql_table("SELECT * FROM produits WHERE id = '".$valeur."'"); $url .= '/'.str_replace(' ', '-', $this->supprAccents(utf8_decode($art[0]['titre']))).'_'.$valeur; }else{ $url .= "/".$valeur; } }else{ if($arg == 'domaine'){ $url .= "http://".$valeur."/index.php?"; }else if($arg == 'lang'){ $url .= $arg."=".$valeur; }else{ $url .= "&".$arg."=".$valeur; } } } if($rewrite){ if(isset($args['page']) && $args['page'] != ""){ $url .= ".html"; }else{ $url .= "/"; } } return $url; } function creer_title($site) { $titre = ""; if (isset($_GET['page']) && !empty($_GET['page'])) { switch ($_GET['page']) { case 'services'; switch ($_GET['rubrique']) { case 'bureau'; $titre .= "Bureau d'étude | Services | ".$site; break; case 'philosophie'; $titre .= "Philosophie | ".$site; break; case 'labo'; $titre .= "Labo Photo-Impression | Services | ".$site; break; case 'servicelocation'; $titre .= "Service de Location | Services | ".$site; break; case 'logistique'; $titre .= "Logistique et Stockage | Services | ".$site; break; case 'livraison'; $titre .= "Livraison | Services | ".$site; break; case 'tootem_projets'; $titre .= "Tootem Projets | Services | ".$site; break; case 'financement'; $titre .= "Financement | Services | ".$site; break; case 'faq'; $titre .= "FAQ | Services | ".$site; break; case 'acces'; $titre .= "Plan d'accès | Services | ".$site; break; case 'glossaire'; $titre .= "Glossaire | Services | ".$site; break; } break; case 'accueil'; //$titre = $site; $titre = $site; break; case 'actualites'; $titre = 'Actualités | '.$site; break; case 'nouveautes'; $titre = 'Nouveautés | '.$site; break; case 'contact'; if (isset($_GET['rubrique']) && !empty($_GET['rubrique'])) $titre = ucwords(strtolower($_GET['rubrique'])).' | '.$site; else $titre = 'Contact | '.$site; break; case 'show_room'; $titre = 'Show Room | '.$site; break; case 'recherche'; $titre = 'Recherche | '.$site; break; default; if ($_GET['page'] == 'surmesure') $page = 'Stand sur mesure'; else if ($_GET['page'] == 'modulable') $page = 'Stand modulable'; else if ($_GET['page'] == 'pliable') $page = 'Stand modulable'; else if ($_GET['page'] == 'accessoires') $page = 'Accessoires'; else if ($_GET['page'] == 'promotions') $page = 'Promotions'; $r = explode('_', $_GET['rubrique']); $r = $r[1]; $rubrique = $GLOBALS['__CONN__']->mysql_table("SELECT * FROM categories WHERE id = '".$r."'"); $rubrique = $rubrique[0]['nom']; $titre .= ucwords(strtolower($rubrique)).' | '.ucwords(strtolower($page)).' | '.$site; if (isset($_GET['articles']) && !empty($_GET['articles'])) { $r = explode('_', $_GET['articles']); $r = $r[1]; $articles = $GLOBALS['__CONN__']->mysql_table("SELECT titre FROM produits WHERE id = '".$r."'"); $titre = ucwords(strtolower($articles[0]['titre'])).' | '.utf8_encode($titre); } break; } } else //$titre = $site; $titre = $site; return $titre; } public function formate($str, $charset='utf-8'){ $str = htmlentities(utf8_decode($str)); $str = preg_replace('#&([A-za-z])(?:acute|cedil|circ|grave|orn|ring|slash|th|tilde|uml);#', '\1', $str); $str = preg_replace('#&([A-za-z]{2})(?:lig);#', '\1', $str); // pour les ligatures e.g. 'œ' $str = preg_replace('#&[^;]+;#', '', $str); // supprime les autres caractï¿½res $str=str_replace(' ','-',$str); $str=str_replace('\'','-',$str); return $str; } } ?>dir_log(); $this->check_logs(); } function dir_log() { if (!file_exists('../logs')) mkdir('../logs/',0700); if (!file_exists('../logs/'.date('Y'))) mkdir('../logs/'.date('Y').'/',0700); if (!file_exists('../logs/'.date('Y').'/'.date('F'))) mkdir('../logs/'.date('Y').'/'.date('F'),0700); } function check_logs(){ if(IsSet($_SERVER['HTTP_REFERER'])){ $url = $_SERVER['HTTP_REFERER']; }else{ $url = "direct"; } $gets = ""; foreach($_GET as $champ => $valeur) { $gets .= $champ." : ".$valeur." / "; } $posts = ""; foreach($_POST as $champ => $valeur) { $posts .= $champ." : ".$valeur." / "; } $sessions = ""; foreach($_SESSION as $champ => $valeur) { $sessions .= $champ." : ".$valeur." / "; } $envs = ""; foreach($_ENV as $champ => $valeur) { if ($champ == 'HTTP_HOST' || $champ == 'PHP_VER' || $champ == 'REDIRECT_STATUS' || $champ == 'REQUEST_METHOD' || $champ == 'REQUEST_URI' || $champ == 'SCRIPT_FILENAME' || $champ == 'SERVER_ADDR' || $champ == 'SERVER_SOFTWARE') $envs .= $champ." : ".$valeur." / "; } $files = ""; foreach($_FILES as $champ => $valeur) { $files .= "(".$champ.")->"; if (is_array($valeur)){ foreach($valeur as $champ2 => $valeur2) { $files .= $champ." : ".$valeur2." / "; } } } $log = array ('referer' => $this->detect_os() . ' - ' . $this->detect_nav() , 'ip' => $_SERVER['REMOTE_ADDR'], 'date' => date("Y-d-m"), 'heure' => date("H:i"), 'url' => $url, 'gets' => $gets, 'posts' => $posts, 'files' => $files, 'sessions' => $sessions, 'envs' => $envs, 'status' => $GLOBALS['__SECU__']->getStatus()); $this->write_log("../logs/".date('Y')."/".date('F')."/analyse_".date('d').".log"); } function write_log($logfile="../"){ $fp = fopen("$logfile","a"); fputs($fp, "[CONFIG:".$log['referer']."] [IP:".$log['ip']."] [DATE:".$log['date']."] [HEURE:".$log['heure']."] [PROVENANCE:".$log['url']."] [GET:".$log['gets']."] [POST:".$log['posts']."] [FILES:".$log['files']."] [SESSION:".$log['sessions']."] [ENV:".$log['envs']."] [STATUS:".$log['status']."]\r\n\r\n"); fclose($fp); } function detect_nav() { if(false!==strpos($_SERVER["HTTP_USER_AGENT"],"MSIE")) return "Internet explorer"; elseif(false!==strpos($_SERVER["HTTP_USER_AGENT"],"Firefox/")) return "Firefox"; elseif(false!==strpos($_SERVER["HTTP_USER_AGENT"],"Chrome/")) return "Chrome"; elseif(false!==strpos($_SERVER["HTTP_USER_AGENT"],"Safari/")) return "Safari"; elseif(false!==strpos($_SERVER["HTTP_USER_AGENT"],"Opera/")) return "Opera"; elseif(false!==strpos($_SERVER["HTTP_USER_AGENT"],"Mozilla/")) return "Netscape"; return "Inconnu"; } function detect_os( $ua = '' ) { if( ! $ua ) $ua = $_SERVER['HTTP_USER_AGENT']; $os = 'Inconnue'; $os_arr = Array( // liste des os a detecter. Vous pouvez en ajouter des nouveaux 'Windows NT 6.1' => 'Windows Seven', 'Windows NT 6.0' => 'Windows Vista', 'Windows NT 5.2' => 'Windows Server 2003', 'Windows NT 5.1' => 'Windows XP', 'Windows NT 5.0' => 'Windows 2000', 'Windows NT' => 'Windows NT', 'Windows CE' => 'Windows Mobile', 'Win 9x 4.90' => 'Windows Millenium.', 'Windows 98' => 'Windows 98', 'Windows 95' => 'Windows 95', 'Win95' => 'Windows 95', 'Ubuntu' => 'Linux Ubuntu', 'Fedora' => 'Linux Fedora', 'Linux' => 'Linux', 'Unix' => 'Unix', 'Macintosh' => 'Mac', 'Mac OS X' => 'Mac OS X', ); $ua = strtolower( $ua ); foreach( $os_arr as $k => $v ) { if( ereg( strtolower( $k ), $ua ) ) { $os = $v; break; } } return $os; } } ?>login($_POST['F_U_LOGIN'],$_POST['F_U_PASS'],$_POST['type'],$_POST['page']); } if (isset($_POST['F_U_LOGOUT'])&& !isset($_POST['F_ACTION'])) { $this->logout($_POST['page']); } if (isset($_POST['F_AJOUT_CLIENT'])&& !isset($_POST['F_ACTION'])) { $this->add_Client($_POST['page']); } if (isset($_POST['F_AJOUT_MEMBRE'])&& !isset($_POST['F_ACTION'])) { $this->add_Membre(); } if (isset($_POST['F_MAJ_MEMBRE'])&& !isset($_POST['F_ACTION'])) { if(!$GLOBALS['__FORM__']->erreurs){ $this->upd_Membre(); }else{ $GLOBALS['__FORM__']->erreurs = $GLOBALS['__FORM__']->erreurs." - vos données n'ont pas été mise a jour.\r\n"; } } if(isset($_SESSION['Username'])){ $tb = array( 1 => array('name' => 'select','value' => "*" ), 2 => array('name' => 'table' ,'value' => "connections"), 3 => array('name' => 'condition','value' => "email='".$_SESSION['Username']."'") ); $this->user = $GLOBALS['__CONN__']->mysql_requete($tb, "ligne"); $this->user['U_LOGGED'] = 1; } } function add_Client($page){ $add_Client_Ok = "index.php?lang=fr&page=boutique&client=".$page; $add_Client_Erreur = "index.php?lang=fr&page=erreur"; $id_membre = $_SESSION['id_anonyme']; $civilite = $_POST['client_civilite']; $nom = $_POST['client_nom']; $prenom = $_POST['client_prenom']; $email = $_POST['client_email']; $naissance = $_POST['client_naissance']; $password = $_POST['client_password']; $niveau = "0~0~0~0~1"; $valide = 1; $active = 1; $requete = "INSERT INTO connections(id_membre,civilite,nom,prenom,naissance,email,userName,password,niveau,valide,active) VALUE ('$id_membre','$civilite','$nom','$prenom','$naissance','$email','$userName','$password','$niveau',$valide,$active)"; $GLOBALS['__CONN__']->mysql_insert($requete); $GLOBALS['__CONN__']->login($email,$password,"email",$add_Client_Ok); } function add_Membre(){ $add_Membre_Ok = "index.php?lang=fr&page=membres&rubrique=remerciement"; $add_Membre_Erreur = "index.php?lang=fr&page=erreur"; $id_membre = $_SESSION['id_anonyme']; $nom = $_POST['F_C_NOM']; $prenom = $_POST['F_C_PRENOM']; $userName = $_POST['F_C_ARTISTE']; $email = $_POST['F_C_M_MAIL']; $password = $_POST['F_C_P_PASS']; $tel = $_POST['F_C_TEL']; $adresse = $_POST['F_C_ADRESSE']; $codepostal = $_POST['F_C_CP']; $ville = $_POST['F_C_VILLE']; $niveau = "0~0~0~1~1"; $valide = 0; $active = 1; $requete = "INSERT INTO connections(id_membre,nom,prenom,userName,email,password,niveau,active) VALUE ('$id_membre','$nom','$prenom','$userName','$email','$password','$niveau',$active)"; $GLOBALS['__CONN__']->mysql_insert($requete); if(isset($_POST['NEWSLETTER'])&& $_POST['NEWSLETTER'] != ""){ $requete = "INSERT INTO newsletter(email,inscrit) VALUE ('$email',$active)"; $GLOBALS['__CONN__']->mysql_insert($requete); } $requete = "INSERT INTO membres(id_membre,artiste,nom,prenom,tel,mail,adresse,cp,ville,actif,valide) VALUE ('$id_membre','$userName','$nom','$prenom','$tel','$email','$adresse','$codepostal','$ville',$active,$valide)"; if (!file_exists('./images/'.$id_membre)){ if (!mkdir('./images/'.$id_membre, 0755)){ die('Echec lors de la création du répertoires Membre...'); } if (!mkdir('./images/'.$id_membre.'/avatar', 0755)){ die('Echec lors de la création du répertoires Avatar...'); } if (!mkdir('./images/'.$id_membre.'/visuels', 0755)){ die('Echec lors de la création du répertoires Visuels...'); } if (!copy('./images/index.php', './images/'.$id_membre.'/index.php')) { echo "La copie du fichier $file n'a pas réussi...\n"; } if (!copy('./images/index.php', './images/'.$id_membre.'/avatar/index.php')) { die("La copie du fichier $file n'a pas réussi..."); } if (!copy('./images/index.php', './images/'.$id_membre.'/visuels/index.php')) { die("La copie du fichier $file n'a pas réussi..."); } if (!copy('./images/avatar_default.jpg', './images/'.$id_membre.'/avatar/avatar_default.jpg')) { die("La copie du fichier $file n'a pas réussi..."); } } $GLOBALS['__CONN__']->mysql_insert($requete); $this->login($email,$password,"email"); header("Location: $add_Membre_Ok"); exit; } function upd_Membre(){ $tb_c['id_membre'] = "id_membre='".$_POST['F_C_ID_MEMBRE']."' "; $tb_c['nom'] = "nom='".$_POST['F_C_NOM']."' "; $tb_c['prenom'] = "prenom='".$_POST['F_C_PRENOM']."' "; $tb_c['userName'] = "userName='".$_POST['F_C_ARTISTE']."' "; $tb_c['email'] = "email='".$_POST['F_C_M_MAIL']."' "; $champs_c = implode(",", $tb_c); $tb_m['id_membre'] = "id_membre='".$_POST['F_C_ID_MEMBRE']."' "; $tb_m['nom'] = "nom='".$_POST['F_C_NOM']."' "; $tb_m['prenom'] = "prenom='".$_POST['F_C_PRENOM']."' "; $tb_m['artiste'] = "artiste='".$_POST['F_C_ARTISTE']."' "; $tb_m['email'] = "mail='".$_POST['F_C_M_MAIL']."' "; $tb_m['tel'] = "tel='".$_POST['F_C_TEL']."' "; $tb_m['adresse'] = "adresse='".$_POST['F_C_ADRESSE']."' "; $tb_m['codepostal'] = "cp='".$_POST['F_C_CP']."' "; $tb_m['ville'] = "ville='".$_POST['F_C_VILLE']."' "; $champs = implode(",", $tb_c); $requete = "UPDATE connections SET ".$champs."WHERE id_membre='".$_POST['F_C_ID_MEMBRE']."'"; $GLOBALS['__CONN__']->mysql_insert($requete); $result_C_Ok = $GLOBALS['__CONN__']->mysql_insert($requete); if($result_C_Ok){ $GLOBALS['__FORM__']->erreurs = $GLOBALS['__FORM__']->erreurs." - vos données n'ont pas été mise a jour.\r\n"; }else{ $GLOBALS['__FORM__']->erreurs = $GLOBALS['__FORM__']->erreurs." - vos informations de compte ont bien été mise a jour.\r\n"; } $champs = implode(",", $tb_m); $requete = "UPDATE membres SET ".$champs."WHERE id_membre='".$_POST['F_C_ID_MEMBRE']."'"; $result_M_Ok = $GLOBALS['__CONN__']->mysql_insert($requete); if($result_M_Ok){ $GLOBALS['__FORM__']->erreurs = $GLOBALS['__FORM__']->erreurs." - vos données n'ont pas été mise a jour.\r\n"; }else{ $GLOBALS['__FORM__']->erreurs = $GLOBALS['__FORM__']->erreurs." - vos informations de compte ont bien été mise a jour.\r\n"; } } function login($login=NULL,$pass=NULL,$type=NULL,$page=NULL) { if($type == 'login'){ $select = "userName='".addslashes($login)."'"; }elseif($type == 'email'){ $select = "email='".addslashes($login)."'"; } $loginGoToErreur = "index.php?lang=fr&page=erreur"; $tb = array( 1 => array('name' => 'select','value' => "*" ), 2 => array('name' => 'table' ,'value' => "connections"), 3 => array('name' => 'condition','value' => $select), 4 => array('name' => 'condition','value' => "password='".addslashes($pass)."'") ); $LoginRS = $GLOBALS['__CONN__']->mysql_requete($tb, "ligne"); if ($LoginRS) { if($LoginRS['active']){ $_SESSION['Username'] = $login; $niveau = explode("~", $LoginRS['niveau']); if($niveau[0]){ $_SESSION['masterGroup'] = $niveau[0]; $_SESSION['id_master'] = $LoginRS['id_membre']; } if($niveau[1]){ $_SESSION['adminGroup'] = $niveau[1]; $_SESSION['id_admin'] = $LoginRS['id_membre']; } if($niveau[2]){ $_SESSION['modoGroup'] = $niveau[2]; $_SESSION['id_modo'] = $LoginRS['id_membre']; } if($niveau[3]){ $_SESSION['membreGroup'] = $niveau[3]; $_SESSION['id_membre'] = $LoginRS['id_membre']; } if($niveau[4]){ $_SESSION['clientGroup'] = $niveau[4]; $_SESSION['id_client'] = $LoginRS['id_membre']; } $_SESSION['id_anonyme'] = NULL; unset($_SESSION['id_anonyme']); if($page != NULL){ $loginGoTo = $page; header("Location: $loginGoTo"); exit; }else{ return true; } }else{ if($page != NULL){ header("Location: $loginGoToErreur"); exit; }else{ return false; } } }else{ if($page != NULL){ header("Location: $loginGoToErreur"); exit; }else{ return false; } } } function logout($page) { $_SESSION['Username'] = NULL; $_SESSION['actif'] = NULL; $_SESSION['masterGroup'] = NULL; $_SESSION['id_master'] = NULL; $_SESSION['adminGroup'] = NULL; $_SESSION['id_admin'] = NULL; $_SESSION['modoGroup'] = NULL; $_SESSION['id_modo'] = NULL; $_SESSION['membreGroup'] = NULL; $_SESSION['id_membre'] = NULL; $_SESSION['clientGroup'] = NULL; $_SESSION['id_client'] = NULL; $_SESSION['logged'] = NULL; unset($_SESSION['Username']); unset($_SESSION['actif']); unset($_SESSION['masterGroup']); unset($_SESSION['id_master']); unset($_SESSION['adminGroup']); unset($_SESSION['id_admin']); unset($_SESSION['modoGroup']); unset($_SESSION['id_modo']); unset($_SESSION['membreGroup']); unset($_SESSION['id_membre']); unset($_SESSION['clientGroup']); unset($_SESSION['id_client']); unset($_SESSION['logged']); $logoutGoTo = $page; if ($logoutGoTo) { header("Location: $logoutGoTo "); exit; } } } ?>