<?php
 //Verifier la validité d'une date en php
 //int checkdate ( int month, int day, int year)
//  $result = checkdate(13, 10, 2002); resultat booleen
/*
  if( $result == true )
  {
      echo 'la date est valide';
  }
  else
  {
      echo 'la date n\'est pas valide';
  }   */

function tomktime($dates) {   // convertit une date yyyy-mm-jj em mktime
       $partie_dates = explode("-", $dates);
       $datesday= $partie_dates[2];
       $datesmonth= $partie_dates[1];
       $datesyear= $partie_dates[0];
       $datesU=mktime(0,0,0, $datesmonth,$datesday,$datesyear);
       return($datesU);
}

function datevalue($dates)   {
  //Prend une date de format BDD 2005-06-02 00:00:00
  //et recupére juste la date et retourne 2005-06-02
 $prepartie_date=explode(" ", $dates);
 $datevalue =$prepartie_date[0];
 return($datevalue);
}

function transDate($dates)   {
  //convertit une date de format mm/jj/aaaa en aaaa-mm-jj(format bdd)
 $partie_date=explode("/", $dates);
 $datevalue =$partie_date[2]."-".$partie_date[0]."-".$partie_date[1]; //
 return($datevalue);
}


function ConvertToBDTime($times) {

$times_tmp=str_replace(" ","",$times);
$ConvertToBDTime="1899-12-30 ".$times_tmp.":00";
return($ConvertToBDTime);
}

function TimeValue($times) {

$partie_times = explode(":", $times);
$timesstamp= $partie_times[0]*3600 + $partie_times[1]*60;
return($timesstamp);
}

function TimePart($datetime) {
  //recupere juste le temps de datetime dont le format est 1899-12-30 12:00:00

$partie_datetime = explode(" ", $datetime);
$TimePart= $partie_datetime[1];
return($TimePart);
}


function diff_time($t1 , $t2){
 //Heures au format (hh:mm:ss) la plus grande puis le plus petite

  $tab=explode(":", $t1);
  $tab2=explode(":", $t2);

  $h=$tab[0];
  $m=$tab[1];
  $s=$tab[2];
  $h2=$tab2[0];
  $m2=$tab2[1];
  $s2=$tab2[2];

  if ($h2>$h) {
  $h=$h+24;
  }
  if ($m2>$m) {
  $m=$m+60;
  $h2++;
  }
  if ($s2>$s) {
  $s=$s+60;
  $m2++;
  }

  $ht=$h-$h2;
  $mt=$m-$m2;
  $st=$s-$s2;
  if (strlen($ht)==1) {
  $ht="0".$ht;
  }
  if (strlen($mt)==1) {
  $mt="0".$mt;
  }
  if (strlen($st)==1) {
  $st="0".$st;
  }
  return $ht.":".$mt.":".$st;

}

/*********************************************************************************/




/****************************************************************************/



function dateadd($per,$n,$d)
{

  switch($per) {
    case "yyyy":
      $n*=12;
      break;
    case "m":
     $d=mktime(date("H",$d),date("i",$d),date("s",$d),date("n",$d)+$n,date("j",$d),date("Y",$d));
     $n=0; break;
    case "w":
     $n*=7;
    case "d":
     $n*=24; echo "ligne 112 n=$n";
    case "h":
     $n*=60;
    case "n":
     $n*=60;
   }
   echo "ligne 130".$d+$n;
   return ($d+$n);
   }
/******************************************************************************/

//'session("CodeAdmin") = 4
//'session("accesslevel") = 5


//''' initiate global vars and constants


//''' instantiate error handling and messaging
//set error_list = CreateObject("Scripting.Dictionary")   // objet pour le hachage
//set msg_list = CreateObject("Scripting.Dictionary")      // o
	

//on error resume next

/*if err.number <> 0 then response.redirect "error.asp"
on error goto 0*/
$error_list=array();
$msg_list=array();
//''' command object
//set cmd = Server.CreateObject("ADODB.Command")   //infos de connexion
//cmd.ActiveConnection = cn

//''' recordset object
//set rs = Server.CreateObject("ADODB.Recordset")

//''' set locale identifier - default is US English
//''' (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/script56/html/vsmsclcid.asp)
//session.lcid = 1033

/*'::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
''  ERROR AND MESSAGE DISPLAY SUBS
'::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::   */

function display_errs() {
/*':::::::::::::::::::::::::::::::::::::::::::::::::::::
	' display content of the error dictionary object
'::::::::::::::::::::::::::::::::::::::::::::::::::::: */
  global    $error_list;

  if (count($error_list) > 0) {
	//''' display errors
    $a_errors=array_values($error_list);
	for ($i = 0; $i <= (sizeof($error_list) - 1); $i++){
	echo( "<div class=ErrFont>".$a_errors[$i]."</div>");
    }
  }
  
}



function display_msg() {
/*':::::::::::::::::::::::::::::::::::::::::::::::::::::
' displays msgs after successful database action
':::::::::::::::::::::::::::::::::::::::::::::::::::::
	':: check if a msg was passed to the page         */

    global   $msg_list;

    if ((isset($_REQUEST["msg"])) && ($_REQUEST["msg"] <> "")){
	    $msg = str_replace("://", "", $_REQUEST["msg"]);
		$msg = str_replace("script", "", $_REQUEST["msg"]);
		$msg = str_replace("%", "", $_REQUEST["msg"]);    // voir est-ce que c % ou ?
		$msg = str_replace("form", "", $_REQUEST["msg"]);
		$msg_list["msg"]=$msg;
      }
//	':: display messages

    $a_msg=array_values($msg_list);
	for ($i = 0; $i <= (sizeof($msg_list) - 1); $i++){
      echo( "<div class=MsgFont><b><font color='#FF0000'>".$a_msg[$i]."</font></b></div>");
    }
}

/*'::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
''  USER MANAGMENT FUNCTIONS
'::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::*/



function check_security($iLevel)   {
/*':::::::::::::::::::::::::::::::::::::::::::::::::::::
' authenticates user and verifies access level
':::::::::::::::::::::::::::::::::::::::::::::::::::::*/
	if (($_SESSION["CodeAdmin"] == "") || (is_Null($_SESSION["accesslevel"])))  {
        Header("Location: login.php?ret_page=".to_url(getenv("SCRIPT_NAME"))."?"."");
        Header("Location:".getenv("QUERY_STRING")."");
	}elseif ($_SESSION["accesslevel"] <> "") {       //entierlong=clng(chaine)
//pas necessaire en php
		if ($_SESSION["accesslevel"] < $iLevel)
        Header("Location: login.php?action=noaccess&ret_page=".to_url(getenv("SCRIPT_NAME"))."?".getenv("QUERY_STRING"));
	else   {
		$CodeAdmin = $_SESSION["CodeAdmin"];
		$accesslevel = $_SESSION["accesslevel"];
    }
}
}




function do_login() {
/*':::::::::::::::::::::::::::::::::::::::::::::::::::::
' autheticates user in db and creates session
':::::::::::::::::::::::::::::::::::::::::::::::::::::  */
	$sql = "SELECT NomU, password FROM Admin WHERE NomU = ".to_sql($NomU,"text")." AND password = ". to_sql($password,"text")."";
    $rs= mysql_query($Sql);
    	if ($row = mysql_fetch_assoc($rs)) {
		//'login failed
		$error_list["login"] = "Nom d'utilisateur ou mot de passe incorrect." ;
		$b_error = true ;
	}else{
	//	'login and password passed
		$sql = "SELECT CodeAdmin, accesslevel FROM Admin WHERE NomU = ".to_sql($NomU,"text")." AND password = ".to_sql($password,"text")."";
        $rs= mysql_query($Sql);
	    
        if ($row = mysql_fetch_row($rs)) {
		//	'should never happen
            $error_list["login"] = "L'utilisateur n'éxiste pas.";
			$b_error = true;
		}else{
		//	'login user
			$_SESSION["CodeAdmin"] = $row[0];
			$_SESSION["accesslevel"] = $row[1];
			//'add Nom Utilisateur to app dict (global.asa)
			if (isset($online_Admin))  $online_Admin[session.sessionid] = $_SESSION["CodeAdmin"].",".$NomU;         
		//	'store last visit date in session, set current date in db
            if (!empty($php_errormsg)) break;       //	on error resume next

			$rs = mysql_query("SELECT dtlast FROM Admin WHERE CodeAdmin = ".to_sql($_SESSION["CodeAdmin"],"number"));
			if ($row = mysql_fetch_row($rs)) {
			$_SESSION["dtlast"] = $row[0];
            //if err.number = 0
            if (empty($php_errormsg)) {
            mysql_query("UPDATE Admin SET last_ip='".getenv("REMOTE_ADDR")."', dtlast = ".to_sql($now,"date")." WHERE CodeAdmin = ".to_sql($_SESSION["CodeAdmin"],"number")."");

		//	if (!empty($php_errormsg)) goto 0;    voir pour le goto en php

			//'where to next?
			$querystring = $_REQUEST["querystring"];
			$ret_page = $_REQUEST["ret_page"];
			if (($ret_page <> getenv("SCRIPT_NAME")) && ($ret_page <> ""))
				//'return to page that preceded login
	    		Echo($ret_page);
			else
				//'go home
				Header("Location: default.php");
          }
        }
    }
    }
 mysql_free_result($rs);
      
}



/*'::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
''  FORMATTING FUNCTIONS
'::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::      */

function to_url($strValue) {
/*':::::::::::::::::::::::::::::::::::::::::::::::::::::
' make passed paramters url friendly
':::::::::::::::::::::::::::::::::::::::::::::::::::::  */
	if (IsNull($strValue))  $strValue = "";
	$to_url = urlencode($strValue);
	return($to_url);
}



function to_html($strValue) {
/*':::::::::::::::::::::::::::::::::::::::::::::::::::::
' convert and clean string
':::::::::::::::::::::::::::::::::::::::::::::::::::::   */
	if (Is_Null($strValue)) $strValue = "" ;
	$strValue =  str_replace("&lt;%", "<".chr(37), $strValue);
	$strValue = str_replace("%&gt;", chr(37).">", $strValue);
	$strValue = str_replace("&lt;script%", "<script",1, $strValue);
	$strValue = str_replace("&lt;/script&gt", "</script>",1, $strValue);
	$to_html = htmlspecialchars($strValue);
    return($to_html);
 }


/********************************************************************************/

function to_sql($Value,$DataType){
    $to_sql="";
	$dteDateTime = $Value;


	if (($Value == "") || (is_Null($Value))) {
		$to_sql = "NULL";
	}elseif (($DataType == "date") || ($DataType == "absdate"))  {
		//	if (var_dump(checkdate($dteDateTime)) == True)
			if (($DataType == "date") && (date("G",$dteDateTime)>0) && (
            $application["server_time_diff"]<>0) && ( !is_Null($application["server_time_diff"]))) {
            $dteDateTime = DateAdd("h",$application["server_time_diff"],$dteDateTime);

			$dteDay = date("j",$dteDateTime);
			$dteMonth = date("n",$dteDateTime);
			$dteYear = date("Y",$dteDateTime);
			$dteHour = date("h",$dteDateTime);
			$dteMinute = date("i",$dteDateTime);
			$dteSecond = date("s",$dteDateTime);
			$dteDateTime = $dteYear."-".substr((string)($dteMonth + 100),-2)."-".substr((string)($dteDay + 100),-2)." ".substr((string)($dteHour + 100),-2).":".substr((string)($dteMinute + 100),-2).":".substr((string)(dteSecond + 100),-2);

				$to_sql = "NULL";//puisque c'est une bdd mysql
           }
           
	}elseif ($DataType <> "number") {
        $Value = str_replace("<".chr(37),"&lt;%",$Value);
		$Value = str_replace(chr(37).">","%&gt;",$Value);
		$Value = str_replace("<script","&lt;script",1,$Value);
		$Value = str_replace("</script>","&lt;/script&gt",1,$Value);
		$to_sql = "'".str_replace("'", "''",$Value)."'";
	}elseif (strpos($Value,"."))  {
		$to_sql = $Value;
	}else{
		$to_sql = (int)($Value);
    }


	return($to_sql);
}
//':::::::::::::::::::::::::::::::::::::::::::
//Cette fonction sera remplacée par strip_tags() fonction de php
/*function strip_html($str_html)   {
':::::::::::::::::::::::::::::::::::::::::::::::::::::
' removes html tags from str_html
':::::::::::::::::::::::::::::::::::::::::::::::::::::  

	set objRegExp = new Regexp

	objRegExp.IgnoreCase = True
	objRegExp.Global = True
	objRegExp.Pattern = "<(.|\n)+? >"

	str_output = objRegExp.str_replace(str_html, "")
	str_output = str_replace(str_output, "<", "&lt;")
	str_output = str_replace(str_output, ">", "&gt;")
	strip_html = str_output
	set objRegExp = Nothing
}
*/
function get_options($sql,$selected_value){
/*':::::::::::::::::::::::::::::::::::::::::::::::::::::
' displays option tags for a select list
':::::::::::::::::::::::::::::::::::::::::::::::::::::*/

	if (is_Null($selected_value)) $selected_value = "";
    $rsSelect= mysql_query($Sql);
    while ($row = mysql_fetch_row($rsSelect)) {
		if (!is_Null($row[0])) {
			$get_options = $get_options."<option";
			if ((string)($row[0]) == (string)($selected_value)) {
				$get_options = $get_options." SELECTED";
            }
			$get_options = $get_options." value='".$row[0]."'>";
			if (mysql_num_fields($rsSelect)-1 == 0) {  //Nombre de colonnes
				$get_options = $get_options."".$row[0]." ";
			}else{
				for ($i = 1; $i<= mysql_num_fields($rsSelect)-1;$i++) {
					if ($row[$i] <> "") {
						$get_options = $get_options."".$row[$i];
						if ($i < mysql_num_fields($rsSelect)-1)  $get_options = $get_options.": ";
                    }
                }
            }
			$get_options = $get_options."</option>"."\n".chr(9).chr(9);
        }
    //rsSelect.MoveNext     //Pas besoin
    }
	mysql_free_result($rsSelect);
	return($get_options);
}

function is_reserved($strValue) {
/*':::::::::::::::::::::::::::::::::::::::::::::::::::::
' compare a string with a list of vb and sql reserved words
':::::::::::::::::::::::::::::::::::::::::::::::::::::  */
	$reserved_words = "|and||as||boolean||byref||byte||byval||call||case||class||const||currency||date||desc||debug||dim||do||double||each||else||elseif||empty||end||endif||enum||eqv||event||exit||false||for||function||get||goto||if||imp||implements||in||integer||is||let||like||long||loop||lset||me||mod||new||next||not||nothing||null||on||option||optional||or||paramarray||preserve||private||public||raiseevent||redim||rem||resume||rows||rset||select||set||shared||single||size||static||stop||sub||then||to||true||type||typeof||until||variant||wend||while||with||xor|" ;
	if (strpos($reserved_words,"|".strtolower($strValue)."|") > 0)
		$is_reserved = true;
	else
		$is_reserved = false;
 return($is_reserved);
}

/*':: correct secure urls :::::::::::::::::::::::::::::::::::::::
': this section assures that user does not persist in
': ssl (https://) mode. only pages in the application
': secure_pages variable (global.asa) will stay in https.
'::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::*/

//if request.servervariables("https") = "on" then

//': list of pages where https is permitted
/*secure_list = application("secure_pages")
this_page = request.servervariables("script_name")

a_tmp = split(secure_list, ",")
for ctr = 0 to uBound(a_tmp)
	if instr(this_page,trim(a_tmp(ctr))) > 0 then
		'' this page should be secure
		b_redirect = false
		exit for
	else
		b_redirect = true
	end if
next
if b_redirect then response.redirect "http://" & request.servervariables("server_name") & request.servervariables("script_name")

end if*/

//'::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

?>