| Line 26... |
Line 26... |
| 26 |
$conf[trim($tmp[0])] = trim($tmp[1]);
|
26 |
$conf[trim($tmp[0])] = trim($tmp[1]);
|
| 27 |
}
|
27 |
}
|
| 28 |
}
|
28 |
}
|
| 29 |
fclose($file_conf);
|
29 |
fclose($file_conf);
|
| 30 |
|
30 |
|
| - |
|
31 |
$csrf_key = "";
|
| - |
|
32 |
$csrf_token = hash('sha256', $_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT'].$_SERVER['REQUEST_URI'].$csrf_key);
|
| 31 |
$tmp = explode("/",$conf["PRIVATE_IP"]);
|
33 |
$tmp = explode("/",$conf["PRIVATE_IP"]);
|
| 32 |
$private_ip=$tmp[0];
|
34 |
$private_ip=$tmp[0];
|
| 33 |
$intif = $conf["INTIF"];
|
35 |
$intif = $conf["INTIF"];
|
| 34 |
if ($conf['MULTIWAN'] !== 'off') {
|
36 |
if ($conf['MULTIWAN'] !== 'off') {
|
| 35 |
exec ('sudo /usr/local/bin/alcasar-list-ip_gw.sh', $list_ip_gw);
|
37 |
exec ('sudo /usr/local/bin/alcasar-list-ip_gw.sh', $list_ip_gw);
|
| Line 111... |
Line 113... |
| 111 |
else {$taille_fichier = $taille_fichier . " o";}
|
113 |
else {$taille_fichier = $taille_fichier . " o";}
|
| 112 |
return $taille_fichier;
|
114 |
return $taille_fichier;
|
| 113 |
}
|
115 |
}
|
| 114 |
|
116 |
|
| 115 |
if (isset($_POST['action'])){
|
117 |
if (isset($_POST['action'])){
|
| 116 |
if (filter_var(trim($_POST['mac_addr']), FILTER_VALIDATE_MAC) !== false){
|
- |
|
| 117 |
$mac= trim($_POST['mac_addr']);
|
118 |
$mac= trim($_POST['mac_addr']);
|
| - |
|
119 |
if ((filter_var($mac, FILTER_VALIDATE_MAC) !== false) && (trim($_POST['post_csrf_token']) == $csrf_token)){
|
| 118 |
switch ($_POST['action']){
|
120 |
switch ($_POST['action']){
|
| 119 |
case "$l_disconnect" :
|
121 |
case "$l_disconnect" :
|
| 120 |
exec("sudo /usr/sbin/chilli_query logout ".$mac);
|
122 |
exec("sudo /usr/sbin/chilli_query logout ".$mac);
|
| 121 |
break;
|
123 |
break;
|
| 122 |
case "$l_stop_capture_disconnect" :
|
124 |
case "$l_stop_capture_disconnect" :
|
| Line 138... |
Line 140... |
| 138 |
break;
|
140 |
break;
|
| 139 |
case "$l_captureoff" :
|
141 |
case "$l_captureoff" :
|
| 140 |
exec('sudo /usr/local/bin/alcasar-iot_capture.sh -k '.$mac.' &>/dev/null &');
|
142 |
exec('sudo /usr/local/bin/alcasar-iot_capture.sh -k '.$mac.' &>/dev/null &');
|
| 141 |
break;
|
143 |
break;
|
| 142 |
}
|
144 |
}
|
| - |
|
145 |
|
| 143 |
}
|
146 |
}
|
| 144 |
unset($_POST['mac_addr']);
|
147 |
unset($_POST['mac_addr']);
|
| 145 |
}
|
148 |
}
|
| 146 |
?>
|
149 |
?>
|
| 147 |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
|
150 |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
|
| Line 221... |
Line 224... |
| 221 |
else {
|
224 |
else {
|
| 222 |
echo "<b>$l_mac_temporarily_allowed</b>";
|
225 |
echo "<b>$l_mac_temporarily_allowed</b>";
|
| 223 |
echo "</td><td>";
|
226 |
echo "</td><td>";
|
| 224 |
echo "<form action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
|
227 |
echo "<form action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
|
| 225 |
echo "<input type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
|
228 |
echo "<input type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
|
| - |
|
229 |
echo "<input type=\"hidden\" name=\"post_csrf_token\" value=\"$csrf_token\">";
|
| 226 |
if($IoT_capture == "on"){
|
230 |
if($IoT_capture == "on"){
|
| 227 |
if(exec('sudo /usr/local/bin/alcasar-iot_capture.sh -i '.$detail[0]) == "CaptureON"){
|
231 |
if(exec('sudo /usr/local/bin/alcasar-iot_capture.sh -i '.$detail[0]) == "CaptureON"){
|
| 228 |
echo "<input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" name=\"action\" value=\"$l_stop_capture_disconnect\">";
|
232 |
echo "<input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" name=\"action\" value=\"$l_stop_capture_disconnect\">";
|
| 229 |
echo "<input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" name=\"action\" value=\"$l_captureoff\">";
|
233 |
echo "<input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" name=\"action\" value=\"$l_captureoff\">";
|
| 230 |
}
|
234 |
}
|
| Line 245... |
Line 249... |
| 245 |
if ($cn != '-') { echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user $detail[5]\">$detail[5] ($cn)</a>";}
|
249 |
if ($cn != '-') { echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user $detail[5]\">$detail[5] ($cn)</a>";}
|
| 246 |
else { echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user $detail[5]\">$detail[5]</a>";}
|
250 |
else { echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user $detail[5]\">$detail[5]</a>";}
|
| 247 |
echo "<td>";
|
251 |
echo "<td>";
|
| 248 |
echo "<form action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
|
252 |
echo "<form action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
|
| 249 |
echo "<input type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
|
253 |
echo "<input type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
|
| - |
|
254 |
echo "<input type=\"hidden\" name=\"post_csrf_token\" value=\"$csrf_token\">";
|
| 250 |
echo "<input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" name=\"action\" value=\"$l_disconnect\">";
|
255 |
echo "<input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" name=\"action\" value=\"$l_disconnect\">";
|
| 251 |
echo "</form></td>";
|
256 |
echo "</form></td>";
|
| 252 |
}
|
257 |
}
|
| 253 |
}
|
258 |
}
|
| 254 |
// equipment without authenticated user
|
259 |
// equipment without authenticated user
|
| Line 262... |
Line 267... |
| 262 |
echo " ";
|
267 |
echo " ";
|
| 263 |
echo "<td>";
|
268 |
echo "<td>";
|
| 264 |
echo "<form action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
|
269 |
echo "<form action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
|
| 265 |
# Dissociate user (... or other) who is not connected yet
|
270 |
# Dissociate user (... or other) who is not connected yet
|
| 266 |
echo "<input type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
|
271 |
echo "<input type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
|
| - |
|
272 |
echo "<input type=\"hidden\" name=\"post_csrf_token\" value=\"$csrf_token\">";
|
| 267 |
exec ("grep $detail[0] /usr/local/etc/alcasar-ethers-info", $mac_in_ether_file);
|
273 |
exec ("grep $detail[0] /usr/local/etc/alcasar-ethers-info", $mac_in_ether_file);
|
| 268 |
if (empty($mac_in_ether_file[1])){
|
274 |
if (empty($mac_in_ether_file[1])){
|
| 269 |
echo "<input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" name=\"action\" value=\"$l_dissociate\">"; // Dissociate only MAC not in ether file (dhcp)
|
275 |
echo "<input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" name=\"action\" value=\"$l_dissociate\">"; // Dissociate only MAC not in ether file (dhcp)
|
| 270 |
}
|
276 |
}
|
| 271 |
echo "<input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" name=\"action\" value=\"$l_connect\">"; // Enable temporarily @MAC access
|
277 |
echo "<input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" name=\"action\" value=\"$l_connect\">"; // Enable temporarily @MAC access
|