WebSVN – ALCASAR – Diff – /web/acc/admin/network.php

 <?php
-# $Id: network.php 3040 2022-07-17 22:31:53Z rexy $
+# $Id: network.php 3041 2022-07-20 21:06:54Z rexy $
 // written by steweb57, Rexy, Tom HOUDAYER & Pierre RIVAULT
 /********************
 *  READ CONF FILES  *
 	$l_yes			= "Oui";
 	$l_no			= "Non";
 	$l_ssl_title		= "Chiffrer les flux d'authentification entre les utilisateurs et ALCASAR";
 	$l_ssh_title		= "SSH";
 	$l_ssh_port			= "Port";
+	$l_ssh_from			= "IP autorisée";
+	$l_ssh_wan_activate	= "Activer SSH sur WAN";
-	$l_ssh_activate		= "Activer SSH";
+	$l_ssh_lan_activate	= "Activer SSH sur LAN";
 	$l_cert_expiration	= "Date d'expiration :";
 	$l_cert_commonname	= "Nom commun :";
 	$l_cert_organization	= "Organisation :";
 	$l_upload_certificate	= "Importer un certificat officiel";
 	$l_le_integration	= "Intégrer un certificat Let's Encrypt";
 	$l_yes			= "Si";
 	$l_no			= "No";
 	$l_ssl_title		= "La autenticación de cifrado fluye entre usuarios y ALCASAR";
 	$l_ssh_title		= "SSH";
 	$l_ssh_port			= "Puerto";
+	$l_ssh_from			= "IP autorizada";
+	$l_ssh_wan_activate	= "Activar SSH on WAN";
-	$l_ssh_activate		= "Activar SSH";
+	$l_ssh_lan_activate	= "Activar SSH on LAN";
 	$l_cert_expiration	= "Fecha de vencimiento:";
 	$l_cert_commonname	= "Common name:";
 	$l_cert_organization	= "Organización:";
 	$l_upload_certificate	= "Importar un certificado";
 	$l_le_integration	= "Integración con Let's Encrypt";
 	$l_yes			= "Yes";
 	$l_no			= "No";
 	$l_ssl_title		= "Cipher authentication flows between users and ALCASAR";
 	$l_ssh_title		= "SSH";
 	$l_ssh_port			= "Port";
+	$l_ssh_from			= "Authorized IP";
+	$l_ssh_wan_activate	= "Activate SSH on WAN";
-	$l_ssh_activate		= "Activate SSH";
+	$l_ssh_lan_activate	= "Activate SSH on LAN";
 	$l_cert_expiration	= "Expiration date:";
 	$l_cert_commonname	= "Common name:";
 	$l_cert_organization	= "Organization:";
 	$l_upload_certificate	= "Import an officlal certificate";
 	$l_le_integration	= "Integrate a Let's Encrypt certificate";
 					if (file_exists($scpath))  unlink($scpath);
+				}
+			}
+		}
 		break;
+	case 'enable_lan_ssh': // Activate SSH on LAN
+		if (isset($_POST['sshlan'])) {
+			exec('sudo /usr/local/bin/alcasar-ssh.sh --on -l');
+			header('Location: '.$_SERVER['PHP_SELF']);
+		} else{
+			exec('sudo /usr/local/bin/alcasar-ssh.sh --off -l');
+			header('Location: '.$_SERVER['PHP_SELF']);
+		}
+		exit();
 	case 'enable_wan_ssh': // Activate SSH on WAN
 		if (isset($_POST['togglessh'])) {
-			exec('sudo /usr/local/bin/alcasar-ssh.sh --on -p'.escapeshellarg($_POST["ssh_port"]));
+			exec('sudo /usr/local/bin/alcasar-ssh.sh --on -w -p'.escapeshellarg($_POST["ssh_port"]).' -i'.escapeshellarg($_POST["ssh_from"]),$output,$exitCode);
+			if($exitCode === 1){
+				echo("<html><script>if(!alert(`$l_error_bad_ip_port`)){window.location.href = window.location.href;}</script></html>");
+			}else{
+				header('Location: '.$_SERVER['PHP_SELF']);
+			}
 		} else{
-			exec('sudo /usr/local/bin/alcasar-ssh.sh --off');
+			exec('sudo /usr/local/bin/alcasar-ssh.sh --off -w');
+			header('Location: '.$_SERVER['PHP_SELF']);
+		}
-		header('Location: '.$_SERVER['PHP_SELF']);
 		exit();
 	case 'https_login':	// Set HTTPS login status
-		if ($_POST['https_login'] === 'on') {
+		if (isset($_POST['https_login']))	 {
 			exec('sudo /usr/local/bin/alcasar-https.sh --on');
 		} else {
 			exec('sudo /usr/local/bin/alcasar-https.sh --off');
+		}
 		header('Location: '.$_SERVER['PHP_SELF']);
 <br>
 <div class="panel">
 	<div class="panel-header"><?= $l_ssl_title ?></div>
 	<div class="panel-row">
 		<form method="post" action="<?= htmlspecialchars($_SERVER['PHP_SELF']) ?>">
-		<input type="hidden" name="choix" value="https_login">
+			<input type="hidden" name="choix" value="https_login">
-		<select name="https_login">
-			<option value="on"<?=  (($conf['HTTPS_LOGIN'] === 'on')  ? ' selected' : '') ?>><?= $l_yes ?></option>
+			<input type="checkbox" name="https_login" id="https_login" <?= ($conf['HTTPS_LOGIN'] === 'on')? "checked": "" ?>><b><?= $l_ssl_title ?></b><br>
-			<option value="off"<?= (($conf['HTTPS_LOGIN'] === 'off') ? ' selected' : '') ?>><?= $l_no ?></option>
-		</select>
-		<input type="submit" onClick="document.getElementById('ldoverlay').style.display='block';" value="<?= $l_apply ?>"><br>
+			<input type="submit" onClick="document.getElementById('ldoverlay').style.display='block';" value="<?= $l_apply ?>"><br>
 		</form>
 	</div>
 </div>
 <br>
 <div class="panel">
 	<div class="panel-header"><?= $l_ssh_title ?></div>
+	<table width="100%" cellspacing="0" cellpadding="5" border="1">
+	<tr>
+		<td width="50%" align="center">
-	<div class="panel-row">
+			<div class="panel-row">
-		<form method="post" action="<?= htmlspecialchars($_SERVER['PHP_SELF']) ?>">
+				<form method="post" action="<?= htmlspecialchars($_SERVER['PHP_SELF']) ?>">
+					<input type="hidden" name="choix" value="enable_lan_ssh">
+					<input type="checkbox" name="sshlan" id="sshlan" <?= $conf['SSH_LAN'] === 'on' ? "checked": "" ?>> <b><?= $l_ssh_lan_activate ?></b><br><br>
+					<input type="submit" onClick="document.getElementById('ldoverlay').style.display='block';" value="<?= $l_apply ?>"><br>
+				</form>
+			</div>
+		</td>
+		<td width="50%" align="center">
+			<div class="panel-row">
+				<form method="post" action="<?= htmlspecialchars($_SERVER['PHP_SELF']) ?>">
-		<input type="hidden" name="choix" value="enable_wan_ssh">
+				<input type="hidden" name="choix" value="enable_wan_ssh">
-		<input type="checkbox" name="togglessh" id="togglessh" <?= is_numeric($conf['SSH_WAN'])? "checked": "" ?> onchange="document.getElementById('sshtable').style.display = this.checked ? 'block' : 'none';"> <b>Activer SSH <!-- TODO : Mettre traduction --></b><br>
+				<input type="checkbox" name="togglessh" id="togglessh" <?= is_numeric($conf['SSH_WAN'])? "checked": "" ?> onchange="document.getElementById('sshtable').style.display = this.checked ? 'block' : 'none';"> <b><?= $l_ssh_wan_activate ?></b><br><br>
-		<div id="sshtable" style="display:<?= is_numeric($conf['SSH_WAN'])? "block": "none" ?>">
+				<div id="sshtable" style="display:<?= is_numeric($conf['SSH_WAN'])? "block": "none" ?>">
+					<table cellspacing="2" cellpadding="3" border="1">
+						<tr>
+							<th><?= $l_ssh_port ?></th><th><?= $l_ssh_from ?></th>
+						</tr>
+						<tr>
-			<label for="ssh_port"><?= $l_ssh_port ?></label> : <input style="width:120px" type="text" id="ssh_port" name="ssh_port" value="<?= is_numeric($conf['SSH_WAN']) ? $conf['SSH_WAN']:22 ?>" /><br>
+							<td><input style="width:120px" type="text" id="ssh_port" name="ssh_port" value="<?= is_numeric($conf['SSH_WAN']) ? $conf['SSH_WAN']:22 ?>" /></td>
+							<td><input style="width:120px" type="text" id="ssh_from" name="ssh_from" value="<?= $conf['SSH_ADMIN_FROM'] ?>" /></td>
+						</tr>
+					</table>
+					<p>Activer sur tout réseau : 0.0.0.0/0</p>
-		</div>
+				</div>
-		<input type="submit" onClick="document.getElementById('ldoverlay').style.display='block';" value="<?= $l_apply ?>"><br>
+				<input type="submit" onClick="document.getElementById('ldoverlay').style.display='block';" value="<?= $l_apply ?>"><br>
-		</form>
+				</form>
-	</div>
+			</div>
+		</td>
+	</tr>
+	</table>
 </div>
 <br>
 <div class="panel">
 	<div class="panel-header"><?= $l_import_cert ?></div>
 	<div class="panel-row">

Subversion Repositories ALCASAR

(root)/web/acc/admin/network.php @ 3042 – Rev 3040 → 3041