24,8 → 24,8 |
/**************************************************************** |
* GLOBAL FILE PATHS * |
*****************************************************************/ |
define ("CONF_FILE", "/usr/local/etc/alcasar.conf"); |
define ("DOMAIN_ALLOWED_LIST", "/usr/local/etc/alcasar-uamdomain"); |
define('CONF_FILE', '/usr/local/etc/alcasar.conf'); |
define('DOMAIN_ALLOWED_LIST', '/usr/local/etc/alcasar-uamdomain'); |
|
/**************************************************************** |
* FILE reading test * |
33,10 → 33,10 |
$conf_files = array(CONF_FILE,DOMAIN_ALLOWED_LIST); |
foreach ($conf_files as $file) { |
if (!file_exists($file)) { |
exit("Fichier ".$file." non présent"); |
exit("Fichier $file non présent"); |
} |
if (!is_readable($file)) { |
exit("Vous n'avez pas les droits de lecture sur le fichier ".$file); |
exit("Vous n'avez pas les droits de lecture sur le fichier $file"); |
} |
} |
/**************************************************************** |
47,15 → 47,15 |
exit('Error opening the file '.CONF_FILE); |
} |
while (!feof($file_conf)) { |
$tampon = fgets($file_conf, 4096); |
if ((strpos($tampon, '=') !== false) && (substr($tampon, 0, 1) !== '#')) { |
$tmp = explode('=', $tampon); |
$buffer = fgets($file_conf, 4096); |
if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) { |
$tmp = explode('=', $buffer); |
$conf[$tmp[0]] = trim($tmp[1]); |
} |
} |
fclose($file_conf); |
|
$organisme = trim($conf["ORGANISM"]); |
$organisme = $conf["ORGANISM"]; |
|
# Shared secret used to encrypt password with coova. |
$uamsecret = ""; |
65,7 → 65,7 |
|
# Our own path |
$loginpath = htmlspecialchars($_SERVER['PHP_SELF']); |
$alcasarpath = 'http://'.trim($conf['HOSTNAME']).'.'.trim($conf['DOMAIN']); |
$alcasarpath = 'http://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN']; |
$statuspath = $alcasarpath.'/status.php'; |
|
# Choice of language |
74,7 → 74,7 |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']); |
$Language = strtolower(substr(chop($Langue[0]),0,2)); |
} |
if ($Language === 'es') { |
if ($Language === 'es') { // Spanish |
$l_ChilliError = "La autenticación debe ser un éxito a través del servicio de portal cautivo."; |
$l_login = "El éxito de la autenticación.<HR>Cierre esta ventana interrumpte la sesion."; |
$l_logout = "Conexión de cierre"; |
107,7 → 107,7 |
$l_remaining_time = "Tiempo restante"; |
$l_uam_domain = "Sitios web autorizados : "; |
$l_autoregistration = "Registo automático"; |
} else if ($Language === 'pt') { |
} else if ($Language === 'pt') { // Portuguese |
$l_ChilliError = "A autenticação precisa ser bem sucedida através do portal."; |
$l_login = "Sucesso na autenticação.<HR>Matenha esse pop-up apenas minimizado para não interromper a conexão"; |
$l_logout = "Encerrar conexão"; |
140,7 → 140,7 |
$l_remaining_time = "Tempo restante"; |
$l_uam_domain = "Sites autorizados : "; |
$l_autoregistration = "Registo automático"; |
} else if ($Language === 'zh') { |
} else if ($Language === 'zh') { // Chinese |
$l_ChilliError = "验证必须通过强制门户服务"; |
$l_login = "验证成功<HR>关闭此窗口中断连接"; |
$l_logout = "关闭连接"; |
173,7 → 173,7 |
$l_remaining_time = "剩余时间"; |
$l_uam_domain = "授权网站 : "; |
$l_autoregistration = "短信注册"; |
} else if($Language === 'ar') { |
} else if($Language === 'ar') { // Arabic |
$l_ChilliError = "يجب نجاح المصادقة على البوابة الأسيرة"; |
$l_login = "إغلاق هذه النافذة يقطع دورة عملك"; |
$l_logout = "إغلاق الدورة"; |
206,7 → 206,7 |
$l_remaining_time = "الوقت المتبق"; |
$l_uam_domain = ":المواقع المسموحة "; |
$l_autoregistration = "تسجيل ذاتي (SMS)"; |
} else if($Language === 'de') { |
} else if($Language === 'de') { // German |
$l_ChilliError = "Die Authentifizierung ist erfolgreich durch die Nutzung des Portals erfolgt."; |
$l_login = "Erfolgreiche Authentifizierung.<HR>Schlißen dieses fensters unterbricht die sitzung"; |
$l_logout = "Beenden der Verbindung"; |
239,7 → 239,7 |
$l_remaining_time = "Restzeit"; |
$l_uam_domain = "Autorisierten websites : "; |
$l_autoregistration = "Automatische registrierung"; |
} else if($Language === 'nl') { |
} else if($Language === 'nl') { // Dutch |
$l_ChilliError = "De authenticatie moet een succes worden via de captive portal dienst."; |
$l_login = "Succesvolle authenticatie.<HR>Dit venster te sluiten onderbreekt uw sessie."; |
$l_logout = "Slotkoers verbinding"; |
272,7 → 272,7 |
$l_remaining_time = "Reterende tijd"; |
$l_uam_domain = "Geautoriseerde website : "; |
$l_autoregistration = "Automatische registratie"; |
} else if($Language === 'fr') { |
} else if($Language === 'fr') { // French |
$l_ChilliError = "L'authentification doit être réussie sur le portail captif."; |
$l_login = "Authentification réussie.<HR>La fermeture de cette fenêtre interrompt votre session."; |
$l_logout = "Fermeture de la session"; |
305,7 → 305,7 |
$l_remaining_time = "Temps restant"; |
$l_uam_domain = "Sites autorisés : "; |
$l_autoregistration = "Auto enregistrement (sms)"; |
} else { |
} else { // English |
$l_ChilliError = "The authentication must be successful through the captive portal service."; |
$l_login = "Successful authentication.<HR>Closing this window interrupts your session"; |
$l_logout = "Closing connection"; |
342,14 → 342,18 |
|
# If https not use, tell it's wrong |
if ((!isset($_SERVER['HTTPS'])) || (empty($_SERVER['HTTPS'])) || ($_SERVER['HTTPS'] === 'off')) { |
// Cleaning the cache |
header('Expires: Tue, 01 Jan 2000 00:00:00 GMT'); |
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); |
header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0'); |
header('Cache-Control: post-check=0, pre-check=0', false); |
header('Pragma: no-cache'); |
?> |
<!doctype html> |
<!DOCTYPE html> |
<html> |
<head> |
<meta charset="utf-8"> |
<title><?= $l_loggedcont ?></title> |
<meta http-equiv="Cache-control" content="no-cache"> |
<meta http-equiv="Pragma" content="no-cache"> |
</head> |
<body style="background-color: white;"> |
<h1 style="text-align: center;"><?= $l_loginfailed ?></h1> |
413,14 → 417,22 |
$newpwd = pack('a*', $password); |
// Encode plain text password with challenge |
$pappassword = implode('', unpack('H*', ($newpwd ^ $newchal))); |
|
|
// Cleaning the cache |
header('Expires: Tue, 01 Jan 2000 00:00:00 GMT'); |
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); |
header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0'); |
header('Cache-Control: post-check=0, pre-check=0', false); |
header('Pragma: no-cache'); |
|
header('Location: http://$uamip:$uamport/logon?username=$username&password=$pappassword&userurl=$userurl'); |
?> |
<!doctype html> |
<!DOCTYPE html> |
<html> |
<head> |
<meta charset="utf-8"> |
<title><?= $l_loggingin ?></title> |
<meta http-equiv="Cache-control" content="no-cache"> |
<meta http-equiv="Pragma" content="no-cache"> |
<meta http-equiv="refresh" content="0;url=<?= "http://$uamip:$uamport/logon?username=$username&password=$pappassword&userurl=$userurl" ?>"> |
</head> |
<body style="background-color: white;"> |
458,7 → 470,7 |
//set the fourth bit of filter-id to '0' |
$sql = "set @CurrentFilter=(SELECT value from radreply where username='$user_uid');set @CurrentFilterLeft=(SELECT LEFT(@CurrentFilter,3));set @CurrentFilterRight=(SELECT RIGHT(@CurrentFilter,4));UPDATE radreply SET value = CONCAT((@CurrentFilterLeft),'0', (@CurrentFilterRight)) WHERE username='$user_uid'"; |
$res = mysqli_multi_query($link,$sql); |
header('Location: https://'.trim($conf['HOSTNAME']).'.'.trim($conf['DOMAIN']).'/index.php?warn=1&url='.urlencode($_GET['userurl'])); //we present to user information about imputability logs |
header('Location: https://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN'].'/index.php?warn=1&url='.urlencode($_GET['userurl'])); //we present to user information about imputability logs |
exit(); |
} |
} |
470,14 → 482,20 |
// Otherwise it was not a form request |
// Send out an error message |
if ($result === 0) { //erreur |
// Cleaning the cache |
header('Expires: Tue, 01 Jan 2000 00:00:00 GMT'); |
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); |
header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0'); |
header('Cache-Control: post-check=0, pre-check=0', false); |
header('Pragma: no-cache'); |
|
header('Location: http://$uamip:$uamport/prelogin'); |
?> |
<!doctype html> |
<!DOCTYPE html> |
<html> |
<head> |
<meta charset="utf-8"> |
<title><?= $l_loggingin ?></title> |
<meta http-equiv="Cache-control" content="no-cache"> |
<meta http-equiv="Pragma" content="no-cache"> |
<meta http-equiv="refresh" content="0;url=<?= "http://$uamip:$uamport/prelogin" ?>"> |
</head> |
<body style="background-color: white;"> |
488,14 → 506,19 |
<?php |
exit(); |
} |
|
// Cleaning the cache |
header('Expires: Tue, 01 Jan 2000 00:00:00 GMT'); |
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); |
header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0'); |
header('Cache-Control: post-check=0, pre-check=0', false); |
header('Pragma: no-cache'); |
?> |
<!doctype html> |
<!DOCTYPE html> |
<html> |
<head> |
<meta charset="utf-8"> |
<title><?= $l_loggingin ?></title> |
<meta http-equiv="Cache-control" content="no-cache"> |
<meta http-equiv="Pragma" content="no-cache"> |
<script type="text/javascript"> |
function doOnLoad(result, userurl, redirurl, adminurl, timeleft) { |
if ((result === 1) || (result === 4)) { //success or already |
589,7 → 612,7 |
echo '<div id="authorized_domain">'.$l_uam_domain; |
foreach ($tab as $line) { |
if (trim($line) !== '') { // the line isn't empty |
$domain_allowed = explode("#", $line); |
$domain_allowed = explode('#', $line); |
if (trim($domain_allowed[1]) !== '') { |
$domain = explode('"', $domain_allowed[0]); |
// remove every '.' from the beginning of domain |