Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 2369 → Rev 2370

/web/index.php
38,7 → 38,7
$buffer = fgets($file_conf, 4096);
if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
$tmp = explode('=', $buffer);
$conf[$tmp[0]] = trim($tmp[1]);
$conf[trim($tmp[0])] = trim($tmp[1]);
}
}
fclose($file_conf);
45,9 → 45,11
 
$organisme = $conf["ORGANISM"];
$hostname = $conf["HOSTNAME"].'.'.$conf["DOMAIN"];
$useHTTPS = ((isset($_SERVER['HTTPS'])) && (!empty($_SERVER['HTTPS'])) && ($_SERVER['HTTPS'] !== 'off'));
$network_pb = false; // "alcasar-watchdog.sh" changes this value if a network issue is detected
$diagnostic = "can't contact the default router"; // "alcasar-watchdog.sh" changes this value if a network issue is detected
$certCa_link = "http://$hostname/certs/certificat_alcasar_ca.crt";
$certCa_link = (($useHTTPS) ? 'https' : 'http')."://$hostname/certs/certificat_alcasar_ca.crt";
$logout_link = (($useHTTPS) ? 'https' : 'http').'://'.$hostname.':'.(($useHTTPS) ? 3991 : 3990).'/logoff';
$direct_access = false;
$remote_ip = preg_match('#^([0-9]{1,3}\.){3}[0-9]{1,3}$#', $_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '';
$connection_history = '';
161,8 → 163,8
$l_logout = "<a href=\"http://$hostname/index.php?url=$redirect_link\">Ouvrir une session Internet</a>";
} else {
if ($user->username != $user->mac) { // authentication exception or not
$l_logout_explain = "Ferme la session de l'usager actuellement connecté. <br><br>Utilisateur connecté : <a href=\"http://$hostname:3990/logoff\" title=\"Deconnecter l'utilisateur $user->username\"><b>$user->username</b></a><br><br>$nb_connection_history dernières connexions :$connection_history";
$l_logout = "<a href=\"http://$hostname:3990/logoff\">Se déconnecter d'internet</a>";
$l_logout_explain = "Ferme la session de l'usager actuellement connecté. <br><br>Utilisateur connecté : <a href=\"$logout_link\" title=\"Deconnecter l'utilisateur $user->username\"><b>$user->username</b></a><br><br>$nb_connection_history dernières connexions :$connection_history";
$l_logout = "<a href=\"$logout_link\">Se déconnecter d'internet</a>";
} else {
$l_logout_explain = "Votre système ($user->username) est en exception d'authentication.<br><br>$nb_connection_history dernières connexions :$connection_history";
$l_logout = "Information des connexions";
208,8 → 210,8
$l_logout = "<a href=\"http://$hostname/index.php?url=$redirect_link\">Abrir uma conexão de Internet</a>";
} else {
if ($user->username != $user->mac) { // authentication exception or not
$l_logout_explain = "Se desejar, feche a conexão do usuário atual conectado.<br> Usuário conectado : <a href=\"http://$hostname:3990/logoff\" title=\"Disconnect user $user->username\"><b>$user->username</b></a><br><br>$nb_connection_history logins últimos :$connection_history";
$l_logout = "<a href=\"http://$hostname:3990/logoff\">Sair da Internet</a>";
$l_logout_explain = "Se desejar, feche a conexão do usuário atual conectado.<br> Usuário conectado : <a href=\"$logout_link\" title=\"Disconnect user $user->username\"><b>$user->username</b></a><br><br>$nb_connection_history logins últimos :$connection_history";
$l_logout = "<a href=\"$logout_link\">Sair da Internet</a>";
} else {
$l_logout_explain = "O sistema ($user->username) detctou exesso de autenticação.<br><br>$nb_connection_history logins últimos :$connection_history";
$l_logout = "Informações de conexões";
255,8 → 257,8
$l_logout = "<a href=\"http://$hostname/index.php?url=$redirect_link\">打开一个网络进程</a>";
} else {
if ($user->username != $user->mac) { // authentication exception or not
$l_logout_explain = "关闭当前连接进程。<br> 已连接用户:<a href=\"http://$hostname:3990/logoff\" title=\" $user->username\"><b>$user->username</b></a><br><br>$nb_connection_history 最后连接 :$connection_history";
$l_logout = "<a href=\"http://$hostname:3990/logoff\">断开网络</a>";
$l_logout_explain = "关闭当前连接进程。<br> 已连接用户:<a href=\"$logout_link\" title=\" $user->username\"><b>$user->username</b></a><br><br>$nb_connection_history 最后连接 :$connection_history";
$l_logout = "<a href=\"$logout_link\">断开网络</a>";
} else {
$l_logout_explain = "您的系统($user->username)验证例外<br><br>$nb_connection_history 最后连接: $connection_history";
$l_logout = "连接信息";
309,9 → 311,9
$close_session_text = "إقفال جلسة المستخدم المتصل حاليا";
$userlogged_text = "المستخدم متصل";
$disconnect_user_text = "قطع الاتصال على المستخدم";
$l_logout_explain = "Ferme la session de l'usager actuellement connecté. <br><br>Utilisateur connecté : <a href=\"http://$hostname:3990/logoff\" title=\"Deconnecter l'utilisateur $user->username\"><b>$user->username</b></a><br><br>$nb_connection_history dernières connexions :$connection_history";
$l_logout_explain = "Ferme la session de l'usager actuellement connecté. <br><br>Utilisateur connecté : <a href=\"$logout_link\" title=\"Deconnecter l'utilisateur $user->username\"><b>$user->username</b></a><br><br>$nb_connection_history dernières connexions :$connection_history";
$logout_internet_text = "قطع الاتصال على الإنترنت";
$l_logout = "<a href=\"http://$hostname:3990/logoff\">$logout_internet_text</a>";
$l_logout = "<a href=\"$logout_link\">$logout_internet_text</a>";
} else {
$your_system_text = "نظامك";
$auth_except_text = "على توثيق استثنائي";
370,8 → 372,8
$l_logout = "<a href=\"http://$hostname/index.php?url=$redirect_link\">Open an Internet session</a>";
} else {
if ($user->username != $user->mac) { // authentication exception or not
$l_logout_explain = "Close the session of the user currently connected.<br> User logged-on : <a href=\"http://$hostname:3990/logoff\" title=\"Disconnect user $user->username\"><b>$user->username</b></a><br><br>$nb_connection_history last connections :$connection_history";
$l_logout = "<a href=\"http://$hostname:3990/logoff\">Logoff from internet</a>";
$l_logout_explain = "Close the session of the user currently connected.<br> User logged-on : <a href=\"$logout_link\" title=\"Disconnect user $user->username\"><b>$user->username</b></a><br><br>$nb_connection_history last connections :$connection_history";
$l_logout = "<a href=\"$logout_link\">Logoff from internet</a>";
} else {
$l_logout_explain = "Your system ($user->username) is in exception of authentication.<br><br>$nb_connection_history Last logins :$connection_history";
$l_logout = "Connections information";
/web/intercept.php
50,7 → 50,7
$buffer = fgets($file_conf, 4096);
if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
$tmp = explode('=', $buffer);
$conf[$tmp[0]] = trim($tmp[1]);
$conf[trim($tmp[0])] = trim($tmp[1]);
}
}
fclose($file_conf);
68,7 → 68,7
 
// Our own path
$loginpath = htmlspecialchars($_SERVER['PHP_SELF']);
$alcasarpath = 'http://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN'];
$alcasarpath = (($conf['HTTPS_LOGIN'] === 'on') ? 'https' : 'http' ).'://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN'];
$statuspath = $alcasarpath.'/status.php';
 
// Choice of language
75,7 → 75,7
$Language = 'en';
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
$Language = strtolower(substr(chop($Langue[0]),0,2));
$Language = strtolower(substr(chop($Langue[0]), 0, 2));
}
if ($Language === 'es') { // Spanish
$l_ChilliError = "La autenticación debe ser un éxito a través del servicio de portal cautivo.";
98,7 → 98,7
$l_loggedin_stringl3 = "Su actividad en la red es registrada, de conformidad con la privacidad.";
$l_loggedin_stringl4 = "Los datos registrados pueden ser capaces de ser operado por una autoridad judicial en el curso de una investigación.";
$l_loggedin_stringl5 = "Estos datos se eliminan automáticamente después de un año.";
$l_loggedin_stringl6 = "Click <a href='$alcasarpath'>here</a> to change your password or to integrate the security certificate in your browser";
$l_loggedin_stringl6 = "Click <a href=\"$alcasarpath\">here</a> to change your password or to integrate the security certificate in your browser";
$l_loggedout_string = "Cerrar sesión hizo portal cautivo!";
$l_reply_1 = "Your daily connexion time has been reached";
$l_reply_2 = "Your monthly connexion time has been reached";
131,7 → 131,7
$l_loggedin_stringl3 = "A autenticação será criptografada em 256 bits, impedindo captura por escâner de rede.";
$l_loggedin_stringl4 = "Sua atividade na Internet será resguardada de acordo com os regulamentos da lei.";
$l_loggedin_stringl5 = "Mantenha o popup da conexão minimizado para não interromper a cessão.";
$l_loggedin_stringl6 = "Clique <a href='$alcasarpath'>aqui</a> para alterar sua senha, instalar certificado ou sair do portal.";
$l_loggedin_stringl6 = "Clique <a href=\"$alcasarpath\">aqui</a> para alterar sua senha, instalar certificado ou sair do portal.";
$l_loggedout_string = "desconexão do portal cativo";
$l_reply_1 = "Seu tempo de conexão diária foi finalizado";
$l_reply_2 = "Seu tempo de conexão mensal foi finalizado";
164,7 → 164,7
$l_loggedin_stringl3 = "您的网络活动是私密登记的.";
$l_loggedin_stringl4 = "记录的数据能被司法机关在调查中操作使用.";
$l_loggedin_stringl5 = "这些数据将在一年后自动删除.";
$l_loggedin_stringl6 = "点击 <a href='$alcasarpath'> 这里 </a> 修改密码或安装浏览器安全证书";
$l_loggedin_stringl6 = "点击 <a href=\"$alcasarpath\"> 这里 </a> 修改密码或安装浏览器安全证书";
$l_loggedout_string = "强制网络门户连接已断开";
$l_reply_1 = "您已经达到每日连接时间";
$l_reply_2 = "您已经达到每月连接时间";
197,7 → 197,7
$l_loggedin_stringl3 = "نشاطك على الشبكة مسجل وفقاً لاحترام الحريات الشخصية";
$l_loggedin_stringl4 = "لا يمكن استغلال البيانات المسجلة إلاّ من قِبل سلطات التحقيق القضائ";
$l_loggedin_stringl5 = "سيتم حدف هذه البيانات تلقائياً بعد سنة من الْيَوْمَ";
$l_loggedin_stringl6 = "لتغيير كلمة السر أو شهادة الأمان <a href='$alcasarpath'>هنا</a> اضغط ";
$l_loggedin_stringl6 = "لتغيير كلمة السر أو شهادة الأمان <a href=\"$alcasarpath\">هنا</a> اضغط ";
$l_loggedout_string = "تَمّ قطع الإتصال بالبوابة الأسيرة";
$l_reply_1 = "انتهى وقتك اليومي للإتصال";
$l_reply_2 = "انتهى وقتك الشهري للإتصال";
230,7 → 230,7
$l_loggedin_stringl3 = "Ihre Tätigkeit im Netzwerk registriert ist nach Schutz der Privatsphäre.";
$l_loggedin_stringl4 = "Die gespeicherten Daten nicht pouront genutzt werden, dass von einer Justizbehörde im Rahmen einer Untersuchung.";
$l_loggedin_stringl5 = "Diese Daten werden automatisch gelöscht nach einem Jahr.";
$l_loggedin_stringl6 = "Click <a href='$alcasarpath'>here</a> to change your password or to integrate the security certificate in your browser";
$l_loggedin_stringl6 = "Click <a href=\"$alcasarpath\">here</a> to change your password or to integrate the security certificate in your browser";
$l_loggedout_string = "Trennung des Portals erfolgt Gefangener!";
$l_reply_1 = "Your daily connexion time has been reached";
$l_reply_2 = "Your monthly connexion time has been reached";
263,7 → 263,7
$l_loggedin_stringl3 = "Uw activiteit op het netwerk is geregistreerd in overeenstemming met de persoonlijke levenssfeer.";
$l_loggedin_stringl4 = "De geregistreerde gegevens kunnen worden kunnen worden bediend door een rechterlijke instantie in de loop van een onderzoek.";
$l_loggedin_stringl5 = "Deze gegevens worden automatisch verwijderd na een jaar.";
$l_loggedin_stringl6 = "Click <a href='$alcasarpath'>here</a> to change your password or to integrate the security certificate in your browser";
$l_loggedin_stringl6 = "Click <a href=\"$alcasarpath\">here</a> to change your password or to integrate the security certificate in your browser";
$l_loggedout_string = "Logout gemaakt intern portaal!";
$l_reply_1 = "Your daily connexion time has been reached";
$l_reply_2 = "Your monthly connexion time has been reached";
296,7 → 296,7
$l_loggedin_stringl3 = "Votre activité sur le réseau est enregistrée conformément au respect de la vie privée.";
$l_loggedin_stringl4 = "Les données enregistrées ne pourront être exploitées que par une autorité judiciaire dans le cadre d'une enquête.";
$l_loggedin_stringl5 = "Ces données seront automatiquement supprimées au bout d'un an.";
$l_loggedin_stringl6 = "Cliquez <a href='$alcasarpath'>ici</a> pour changer votre mot de passe ou pour intégrer le certificat de sécurité à votre navigateur";
$l_loggedin_stringl6 = "Cliquez <a href=\"$alcasarpath\">ici</a> pour changer votre mot de passe ou pour intégrer le certificat de sécurité à votre navigateur";
$l_loggedout_string = "Déconnexion du portail captif effectuée !";
$l_reply_1 = "Votre durée de connexion journalière a été atteinte";
$l_reply_2 = "Votre durée de connexion mensuelle a été atteinte";
329,7 → 329,7
$l_loggedin_stringl3 = "Your activity on the network is registered in accordance with privacy.";
$l_loggedin_stringl4 = "The recorded data can be able to be operated by a judicial authority in the course of an investigation.";
$l_loggedin_stringl5 = "These data will be automatically deleted after one year.";
$l_loggedin_stringl6 = "Click <a href='$alcasarpath'>here</a> to change your password or to integrate the security certificate in your browser";
$l_loggedin_stringl6 = "Click <a href=\"$alcasarpath\">here</a> to change your password or to integrate the security certificate in your browser";
$l_loggedout_string = "Disconnection of the captive portal made";
$l_reply_1 = "Your daily connexion time has been reached";
$l_reply_2 = "Your monthly connexion time has been reached";
372,7 → 372,7
if ((isset($_POST['UserName'])) && (preg_match('/^([0-9A-F]{2}-){5}[0-9A-F]{2}$/', $_POST['UserName']) !== 1))
$username = htmlspecialchars($_POST['UserName']); else $username = '';
if (isset($_POST['Password'])) $password = htmlspecialchars($_POST['Password']); else $password = '';
if (isset($_POST['challenge']))$challenge = htmlspecialchars($_POST['challenge']); else $challenge = '';
if (isset($_POST['challenge'])) $challenge = htmlspecialchars($_POST['challenge']); else $challenge = '';
if (isset($_POST['button'])) $button = htmlspecialchars($_POST['button']); else $button = '';
// if (isset($_POST['logout'])) $logout = htmlspecialchars($_POST['logout']); else $logout = '';
// if (isset($_POST['prelogin'])) $prelogin = htmlspecialchars($_POST['prelogin']); else $prelogin = '';
459,7 → 459,7
//set the fourth bit of filter-id to '0'
$sql = "set @CurrentFilter=(SELECT value from radreply where username='$user_uid');set @CurrentFilterLeft=(SELECT LEFT(@CurrentFilter,3));set @CurrentFilterRight=(SELECT RIGHT(@CurrentFilter,4));UPDATE radreply SET value = CONCAT((@CurrentFilterLeft),'0', (@CurrentFilterRight)) WHERE username='$user_uid'";
$res = mysqli_multi_query($link,$sql);
header('Location: https://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN'].'/index.php?warn=1&url='.urlencode($_GET['userurl'])); //we present to user information about imputability logs
header('Location: '.(($conf['HTTPS_LOGIN'] === 'on') ? 'https' : 'http').'://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN'].'/index.php?warn=1&url='.urlencode($_GET['userurl'])); //we present to user information about imputability logs
exit();
}
}
/web/js/ChilliLibrary.js
250,7 → 250,7
return chilliController.onError('Cannot get challenge');
}
 
if ( resp.clientSate === chilliController.stateCodes.AUTH ) {
if ( resp.clientState === chilliController.stateCodes.AUTH ) {
log('logonStep2: Already connected. Aborting.');
return chilliController.onError('Already connected.');
}
/web/js/statusControler.js
1,6 → 1,4
chilliController.interval = 20;
chilliController.host = "alcasar";
chilliController.port = 3990;
chilliController.onUpdate = updateUI ;
chilliController.onError = handleError ;
chilliClock.onTick = function () { }
/web/status.php
44,6 → 44,7
$connection_history = '';
$nb_connection_history = 3;
$homepage_url = (($conf['HTTPS_LOGIN'] === 'on') ? 'https' : 'http' ).'://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN'].'/';
$useHTTPS = ((isset($_SERVER['HTTPS'])) && (!empty($_SERVER['HTTPS'])) && ($_SERVER['HTTPS'] !== 'off'));
 
// Wait for chilli (update its tables)
sleep(1); // TODO: wait after login only?
354,6 → 355,11
<title>ALCASAR - <?= $organisme ?></title>
<link type="text/css" href="css/status.css" rel="stylesheet">
<script src="js/ChilliLibrary.js"></script>
<script>
chilliController.host = '<?= $conf['HOSTNAME'].'.'.$conf['DOMAIN'] ?>';
chilliController.port = <?= (($useHTTPS) ? 3991 : 3990) ?>;
chilliController.ssl = <?= (($useHTTPS) ? 'true' : 'false') ?>;
</script>
<script src="js/statusControler.js"></script>
</head>
<body>