Subversion Repositories ALCASAR

Compare Revisions

Regard whitespace Rev 2205 → Rev 2238

/web/intercept.php
24,8 → 24,8
/****************************************************************
* GLOBAL FILE PATHS *
*****************************************************************/
define ("CONF_FILE", "/usr/local/etc/alcasar.conf");
define ("DOMAIN_ALLOWED_LIST", "/usr/local/etc/alcasar-uamdomain");
define('CONF_FILE', '/usr/local/etc/alcasar.conf');
define('DOMAIN_ALLOWED_LIST', '/usr/local/etc/alcasar-uamdomain');
 
/****************************************************************
* FILE reading test *
33,10 → 33,10
$conf_files = array(CONF_FILE,DOMAIN_ALLOWED_LIST);
foreach ($conf_files as $file) {
if (!file_exists($file)) {
exit("Fichier ".$file." non présent");
exit("Fichier $file non présent");
}
if (!is_readable($file)) {
exit("Vous n'avez pas les droits de lecture sur le fichier ".$file);
exit("Vous n'avez pas les droits de lecture sur le fichier $file");
}
}
/****************************************************************
47,15 → 47,15
exit('Error opening the file '.CONF_FILE);
}
while (!feof($file_conf)) {
$tampon = fgets($file_conf, 4096);
if ((strpos($tampon, '=') !== false) && (substr($tampon, 0, 1) !== '#')) {
$tmp = explode('=', $tampon);
$buffer = fgets($file_conf, 4096);
if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
$tmp = explode('=', $buffer);
$conf[$tmp[0]] = trim($tmp[1]);
}
}
fclose($file_conf);
 
$organisme = trim($conf["ORGANISM"]);
$organisme = $conf["ORGANISM"];
 
# Shared secret used to encrypt password with coova.
$uamsecret = "";
65,7 → 65,7
 
# Our own path
$loginpath = htmlspecialchars($_SERVER['PHP_SELF']);
$alcasarpath = 'http://'.trim($conf['HOSTNAME']).'.'.trim($conf['DOMAIN']);
$alcasarpath = 'http://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN'];
$statuspath = $alcasarpath.'/status.php';
 
# Choice of language
74,7 → 74,7
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
$Language = strtolower(substr(chop($Langue[0]),0,2));
}
if ($Language === 'es') {
if ($Language === 'es') { // Spanish
$l_ChilliError = "La autenticación debe ser un éxito a través del servicio de portal cautivo.";
$l_login = "El éxito de la autenticación.<HR>Cierre esta ventana interrumpte la sesion.";
$l_logout = "Conexión de cierre";
107,7 → 107,7
$l_remaining_time = "Tiempo restante";
$l_uam_domain = "Sitios web autorizados : ";
$l_autoregistration = "Registo autom&aacute;tico";
} else if ($Language === 'pt') {
} else if ($Language === 'pt') { // Portuguese
$l_ChilliError = "A autenticação precisa ser bem sucedida através do portal.";
$l_login = "Sucesso na autenticação.<HR>Matenha esse pop-up apenas minimizado para não interromper a conexão";
$l_logout = "Encerrar conexão";
140,7 → 140,7
$l_remaining_time = "Tempo restante";
$l_uam_domain = "Sites autorizados : ";
$l_autoregistration = "Registo autom&aacute;tico";
} else if ($Language === 'zh') {
} else if ($Language === 'zh') { // Chinese
$l_ChilliError = "验证必须通过强制门户服务";
$l_login = "验证成功<HR>关闭此窗口中断连接";
$l_logout = "关闭连接";
173,7 → 173,7
$l_remaining_time = "剩余时间";
$l_uam_domain = "授权网站 : ";
$l_autoregistration = "短信注册";
} else if($Language === 'ar') {
} else if($Language === 'ar') { // Arabic
$l_ChilliError = "يجب نجاح المصادقة على البوابة الأسيرة";
$l_login = "إغلاق هذه النافذة يقطع دورة عملك";
$l_logout = "إغلاق الدورة";
206,7 → 206,7
$l_remaining_time = "الوقت المتبق";
$l_uam_domain = ":المواقع المسموحة ";
$l_autoregistration = "تسجيل ذاتي (SMS)";
} else if($Language === 'de') {
} else if($Language === 'de') { // German
$l_ChilliError = "Die Authentifizierung ist erfolgreich durch die Nutzung des Portals erfolgt.";
$l_login = "Erfolgreiche Authentifizierung.<HR>Schlißen dieses fensters unterbricht die sitzung";
$l_logout = "Beenden der Verbindung";
239,7 → 239,7
$l_remaining_time = "Restzeit";
$l_uam_domain = "Autorisierten websites : ";
$l_autoregistration = "Automatische registrierung";
} else if($Language === 'nl') {
} else if($Language === 'nl') { // Dutch
$l_ChilliError = "De authenticatie moet een succes worden via de captive portal dienst.";
$l_login = "Succesvolle authenticatie.<HR>Dit venster te sluiten onderbreekt uw sessie.";
$l_logout = "Slotkoers verbinding";
272,7 → 272,7
$l_remaining_time = "Reterende tijd";
$l_uam_domain = "Geautoriseerde website : ";
$l_autoregistration = "Automatische registratie";
} else if($Language === 'fr') {
} else if($Language === 'fr') { // French
$l_ChilliError = "L'authentification doit être réussie sur le portail captif.";
$l_login = "Authentification réussie.<HR>La fermeture de cette fenêtre interrompt votre session.";
$l_logout = "Fermeture de la session";
305,7 → 305,7
$l_remaining_time = "Temps restant";
$l_uam_domain = "Sites autorisés : ";
$l_autoregistration = "Auto enregistrement (sms)";
} else {
} else { // English
$l_ChilliError = "The authentication must be successful through the captive portal service.";
$l_login = "Successful authentication.<HR>Closing this window interrupts your session";
$l_logout = "Closing connection";
342,14 → 342,18
 
# If https not use, tell it's wrong
if ((!isset($_SERVER['HTTPS'])) || (empty($_SERVER['HTTPS'])) || ($_SERVER['HTTPS'] === 'off')) {
// Cleaning the cache
header('Expires: Tue, 01 Jan 2000 00:00:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
?>
<!doctype html>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title><?= $l_loggedcont ?></title>
<meta http-equiv="Cache-control" content="no-cache">
<meta http-equiv="Pragma" content="no-cache">
</head>
<body style="background-color: white;">
<h1 style="text-align: center;"><?= $l_loginfailed ?></h1>
413,14 → 417,22
$newpwd = pack('a*', $password);
// Encode plain text password with challenge
$pappassword = implode('', unpack('H*', ($newpwd ^ $newchal)));
 
 
// Cleaning the cache
header('Expires: Tue, 01 Jan 2000 00:00:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
 
header('Location: http://$uamip:$uamport/logon?username=$username&password=$pappassword&userurl=$userurl');
?>
<!doctype html>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title><?= $l_loggingin ?></title>
<meta http-equiv="Cache-control" content="no-cache">
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="refresh" content="0;url=<?= "http://$uamip:$uamport/logon?username=$username&password=$pappassword&userurl=$userurl" ?>">
</head>
<body style="background-color: white;">
458,7 → 470,7
//set the fourth bit of filter-id to '0'
$sql = "set @CurrentFilter=(SELECT value from radreply where username='$user_uid');set @CurrentFilterLeft=(SELECT LEFT(@CurrentFilter,3));set @CurrentFilterRight=(SELECT RIGHT(@CurrentFilter,4));UPDATE radreply SET value = CONCAT((@CurrentFilterLeft),'0', (@CurrentFilterRight)) WHERE username='$user_uid'";
$res = mysqli_multi_query($link,$sql);
header('Location: https://'.trim($conf['HOSTNAME']).'.'.trim($conf['DOMAIN']).'/index.php?warn=1&url='.urlencode($_GET['userurl'])); //we present to user information about imputability logs
header('Location: https://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN'].'/index.php?warn=1&url='.urlencode($_GET['userurl'])); //we present to user information about imputability logs
exit();
}
}
470,14 → 482,20
// Otherwise it was not a form request
// Send out an error message
if ($result === 0) { //erreur
// Cleaning the cache
header('Expires: Tue, 01 Jan 2000 00:00:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
 
header('Location: http://$uamip:$uamport/prelogin');
?>
<!doctype html>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title><?= $l_loggingin ?></title>
<meta http-equiv="Cache-control" content="no-cache">
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="refresh" content="0;url=<?= "http://$uamip:$uamport/prelogin" ?>">
</head>
<body style="background-color: white;">
488,14 → 506,19
<?php
exit();
}
 
// Cleaning the cache
header('Expires: Tue, 01 Jan 2000 00:00:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
?>
<!doctype html>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title><?= $l_loggingin ?></title>
<meta http-equiv="Cache-control" content="no-cache">
<meta http-equiv="Pragma" content="no-cache">
<script type="text/javascript">
function doOnLoad(result, userurl, redirurl, adminurl, timeleft) {
if ((result === 1) || (result === 4)) { //success or already
589,7 → 612,7
echo '<div id="authorized_domain">'.$l_uam_domain;
foreach ($tab as $line) {
if (trim($line) !== '') { // the line isn't empty
$domain_allowed = explode("#", $line);
$domain_allowed = explode('#', $line);
if (trim($domain_allowed[1]) !== '') {
$domain = explode('"', $domain_allowed[0]);
// remove every '.' from the beginning of domain