Subversion Repositories ALCASAR

Rev

Rev 2134 | Rev 2186 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2134 Rev 2136
Line 1... Line 1...
1
<?php
1
<?php
2
# $Id: index.php 2134 2017-03-12 19:53:15Z richard $
2
# $Id: index.php 2136 2017-03-16 23:09:43Z richard $
3
#
3
#
4
# index.php for ALCASAR by Rexy
4
# index.php for ALCASAR by Rexy
5
# UI & css style by stephane ERARD
5
# UI & css style by stephane ERARD
6
# The contents of this file may be used under the terms of the GNU
6
# The contents of this file may be used under the terms of the GNU
7
# General Public License Version 2, provided that the above copyright
7
# General Public License Version 2, provided that the above copyright
Line 42... Line 42...
42
fclose($ouvre);
42
fclose($ouvre);
43
$organisme = trim($conf["ORGANISM"]);
43
$organisme = trim($conf["ORGANISM"]);
44
$domainname = trim($conf["DOMAIN"]);
44
$domainname = trim($conf["DOMAIN"]);
45
$hostname = "alcasar.".$domainname;
45
$hostname = "alcasar.".$domainname;
46
$network_pb = False; # "alcasar-watchdog.sh" changes this value if a network issue is detected
46
$network_pb = False; # "alcasar-watchdog.sh" changes this value if a network issue is detected
-
 
47
$diagnostic = "can't contact the default router"; # "alcasar-watchdog.sh" changes this value if a network issue is detected
47
$cert_add = "http://$hostname/certs";
48
$cert_add = "http://$hostname/certs";
48
$direct_access = False;
49
$direct_access = False;
49
$display_menu=False;
50
$display_menu=False;
50
$diagnostic = "can't contact the default router";
-
 
51
$remote_ip = preg_match('#^([0-9]{1,3}\.){3}[0-9]{1,3}$#', $_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : "";
51
$remote_ip = preg_match('#^([0-9]{1,3}\.){3}[0-9]{1,3}$#', $_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : "";
52
$tab = array();$user = array();
52
$tab = array();$user = array();
53
$connection_history =  "";
53
$connection_history =  "";
54
$nb_connection_history = 3;
54
$nb_connection_history = 3;
55
$Language = 'en';
55
$Language = 'en';
Line 141... Line 141...
141
	$l_explain_acc_access = "Le centre de gestion permet d'administrer le portail. Vous devez posséder un compte d'administration ou de gestion pour y accéder.";
141
	$l_explain_acc_access = "Le centre de gestion permet d'administrer le portail. Vous devez posséder un compte d'administration ou de gestion pour y accéder.";
142
	$l_explain_access_deny = "Vous tentez d'accéder à une ressource dont le contenu est réputé contenir des informations inappropriées.";
142
	$l_explain_access_deny = "Vous tentez d'accéder à une ressource dont le contenu est réputé contenir des informations inappropriées.";
143
	$l_explain_net_pb = "Votre portail détecte que l'accès à Internet est indisponible.";
143
	$l_explain_net_pb = "Votre portail détecte que l'accès à Internet est indisponible.";
144
	$l_contact_access_deny = "Contactez le responsable de la séurité (OSSI/RSSI) si vous pensez que ce filtrage est abusif.";
144
	$l_contact_access_deny = "Contactez le responsable de la séurité (OSSI/RSSI) si vous pensez que ce filtrage est abusif.";
145
	$l_contact_net_pb = "Contactez votre responsable informatique ou votre prestataire Internet pour plus d'information.";
145
	$l_contact_net_pb = "Contactez votre responsable informatique ou votre prestataire Internet pour plus d'information.";
146
	$l_welcome = "Page principale de votre portail captif";
-
 
147
	$l_sms_access = "<a href=\"https://$hostname/autoregistrationinfo.php\">Auto Enregistrement par SMS</a>";
146
	$l_sms_access = "<a href=\"https://$hostname/autoregistrationinfo.php\">Auto Enregistrement par SMS</a>";
148
	$l_install_certif = "<a href=\"$cert_add/certificat_alcasar_ca.der\">Installer le certificat racine</a>";
147
	$l_install_certif = "<a href=\"$cert_add/certificat_alcasar_ca.der\">Installer le certificat racine</a>";
149
	$l_install_certif_more = "<a href=\"$cert_add/certificat_alcasar_ca.der\">Installation du certificat de l'autorité; racine d'ALCASAR</a>";
148
	$l_install_certif_more = "<a href=\"$cert_add/certificat_alcasar_ca.der\">Installation du certificat de l'autorité; racine d'ALCASAR</a>";
150
	$l_certif_explain = "Permet l'échange de données sécurisées entre votre station de consultation et le portail captif ALCASAR.<BR>Si ce certificat n'est pas enregistré sur votre station de consultation, il est possible que des alertes de sécurité soient émises par votre navigateur.<br><br>";
149
	$l_certif_explain = "Permet l'échange de données sécurisées entre votre station de consultation et le portail captif ALCASAR.<BR>Si ce certificat n'est pas enregistré sur votre station de consultation, il est possible que des alertes de sécurité soient émises par votre navigateur.<br><br>";
151
	$l_certif_explain_help = "<a href=\"alcasar-certificat.pdf\" target=\"_blank\">Aide complémentaire</a>";
150
	$l_certif_explain_help = "<a href=\"alcasar-certificat.pdf\" target=\"_blank\">Aide complémentaire</a>";
Line 192... Line 191...
192
	$l_explain_acc_access = "Este é o centro de controle do portal para acessar você deve ter uma conta administrativa valida.";
191
	$l_explain_acc_access = "Este é o centro de controle do portal para acessar você deve ter uma conta administrativa valida.";
193
	$l_explain_access_deny = "Você tenta se conectar a um recurso cujo conteúdo é considerado inadequado no conteúdo de informações.";
192
	$l_explain_access_deny = "Você tenta se conectar a um recurso cujo conteúdo é considerado inadequado no conteúdo de informações.";
194
	$l_explain_net_pb = "O sistema detectou que o acesso é de risco, não será permitido o acesso";
193
	$l_explain_net_pb = "O sistema detectou que o acesso é de risco, não será permitido o acesso";
195
	$l_contact_access_deny = "Entre em contato com o administrador do sistema de segurança se acha que essa filtragem é abusiva.";
194
	$l_contact_access_deny = "Entre em contato com o administrador do sistema de segurança se acha que essa filtragem é abusiva.";
196
	$l_contact_net_pb = "Entre em contato com a empresa fornecedora de Internet para mais informações";
195
	$l_contact_net_pb = "Entre em contato com a empresa fornecedora de Internet para mais informações";
197
	$l_welcome = "Página do portal";
-
 
198
	$l_sms_access = "<a href=\"https://$hostname/autoregistrationinfo.php\">Auto Registration by SMS</a>";
196
	$l_sms_access = "<a href=\"https://$hostname/autoregistrationinfo.php\">Auto Registration by SMS</a>";
199
	$l_install_certif = "<a href=\"$cert_add/certificat_alcasar_ca.der\">Instalar Certificado Alcasar AC</a>";
197
	$l_install_certif = "<a href=\"$cert_add/certificat_alcasar_ca.der\">Instalar Certificado Alcasar AC</a>";
200
	$l_install_certif_more = "<a href=\"$cert_add/certificat_alcasar_ca.der\">Instalar Certificado Alcasar AC</a>";
198
	$l_install_certif_more = "<a href=\"$cert_add/certificat_alcasar_ca.der\">Instalar Certificado Alcasar AC</a>";
201
	$l_certif_explain = "O certificado Permiti a troca de dados seguro entre seu computador e o portal Alcasar.<BR>Se este certificado não estiver incorporado no seu computador, alguns alertas de segurança deverá aparecer no navegador.<br><br>";
199
	$l_certif_explain = "O certificado Permiti a troca de dados seguro entre seu computador e o portal Alcasar.<BR>Se este certificado não estiver incorporado no seu computador, alguns alertas de segurança deverá aparecer no navegador.<br><br>";
202
	$l_certif_explain_help = "<a href=\"alcasar-certificat.pdf\" target=\"_blank\">Essa foi uma ajuda complementar</a>";
200
	$l_certif_explain_help = "<a href=\"alcasar-certificat.pdf\" target=\"_blank\">Essa foi uma ajuda complementar</a>";
Line 243... Line 241...
243
	$l_explain_acc_access = "管理中心能管理门户,您必须通过超级用户或者管理用户来访问。";
241
	$l_explain_acc_access = "管理中心能管理门户,您必须通过超级用户或者管理用户来访问。";
244
	$l_explain_access_deny = "您试图访问一个含有不当信息的资源。";
242
	$l_explain_access_deny = "您试图访问一个含有不当信息的资源。";
245
	$l_explain_net_pb = "您的门户检测因特网不可用。";
243
	$l_explain_net_pb = "您的门户检测因特网不可用。";
246
	$l_contact_access_deny = "如果您认为该过滤不当,请联系安全负责人(OSSI/RSSI)。";
244
	$l_contact_access_deny = "如果您认为该过滤不当,请联系安全负责人(OSSI/RSSI)。";
247
	$l_contact_net_pb = "请联系IT负责人或网络服务商来了解更多信息。";
245
	$l_contact_net_pb = "请联系IT负责人或网络服务商来了解更多信息。";
248
	$l_welcome = "强制门户主页";
-
 
249
	$l_sms_access = "<a href=\"https://$hostname/autoregistrationinfo.php\">短信自动登录 </a>";
246
	$l_sms_access = "<a href=\"https://$hostname/autoregistrationinfo.php\">短信自动登录 </a>";
250
	$l_install_certif = "<a href=\"$cert_add/certificat_alcasar_ca.der\">安装根证书 </a>";
247
	$l_install_certif = "<a href=\"$cert_add/certificat_alcasar_ca.der\">安装根证书 </a>";
251
	$l_install_certif_more = "<a href=\"$cert_add/certificat_alcasar_ca.der\">安装根证书 </a>";
248
	$l_install_certif_more = "<a href=\"$cert_add/certificat_alcasar_ca.der\">安装根证书 </a>";
252
	$l_certif_explain = "允许您的计算机与ALCASAR门户进行安全数据交换。<BR>如果该证书未包含在您的计算机中,您的浏览器将出现一些安全提醒。<br><br>";
249
	$l_certif_explain = "允许您的计算机与ALCASAR门户进行安全数据交换。<BR>如果该证书未包含在您的计算机中,您的浏览器将出现一些安全提醒。<br><br>";
253
	$l_certif_explain_help = "<a href=\"alcasar-certificat.pdf\" target=\"_blank\">额外帮助</a>";
250
	$l_certif_explain_help = "<a href=\"alcasar-certificat.pdf\" target=\"_blank\">额外帮助</a>";
Line 294... Line 291...
294
	$l_explain_acc_access = "مركز التحكم يمكنك من إدارة البوابة. يلزمك التوفر على حساب الادارة للدخول.";
291
	$l_explain_acc_access = "مركز التحكم يمكنك من إدارة البوابة. يلزمك التوفر على حساب الادارة للدخول.";
295
	$l_explain_access_deny = "محاولة لدخول موارد تحتوي على معلومات غير ملائمة المحتوى";
292
	$l_explain_access_deny = "محاولة لدخول موارد تحتوي على معلومات غير ملائمة المحتوى";
296
	$l_explain_net_pb = "بوابتك تكتشف ان الدخول على الانترنت غير متوفر";
293
	$l_explain_net_pb = "بوابتك تكتشف ان الدخول على الانترنت غير متوفر";
297
	$l_contact_access_deny = "المرجو الاتصال بضابط أمن (OSS / RSS) إذا اعتقدت ان هذه التصفية غير قانونية";
294
	$l_contact_access_deny = "المرجو الاتصال بضابط أمن (OSS / RSS) إذا اعتقدت ان هذه التصفية غير قانونية";
298
	$l_contact_net_pb = "المرجو الاتصال بمدير المعلومات أو مورد الأنترنت للمزيد من المعلومات";
295
	$l_contact_net_pb = "المرجو الاتصال بمدير المعلومات أو مورد الأنترنت للمزيد من المعلومات";
299
	$l_welcome = "الصفحة الرسمية للبوابة الأسيرة الخاصة بك";
-
 
300
	$auto_save_sms_text = "تسجيل ذاتي على";
296
	$auto_save_sms_text = "تسجيل ذاتي على";
301
	$l_sms_access = "<a href=\"https://$hostname/autoregistrationinfo.php\">SMS $auto_save_sms_text</a>";
297
	$l_sms_access = "<a href=\"https://$hostname/autoregistrationinfo.php\">SMS $auto_save_sms_text</a>";
302
	$l_install_certif = "<a href=\"$cert_add/certificat_alcasar_ca.der\">ركب جذر الشهادة</a>";
298
	$l_install_certif = "<a href=\"$cert_add/certificat_alcasar_ca.der\">ركب جذر الشهادة</a>";
303
	$install_cert_text = "تركيب شهادة السلطة؛ جذر الكزار";
299
	$install_cert_text = "تركيب شهادة السلطة؛ جذر الكزار";
304
	$l_install_certif_more = "<a href=\"$cert_add/certificat_alcasar_ca.der\">ALCASAR $install_cert_text</a>";
300
	$l_install_certif_more = "<a href=\"$cert_add/certificat_alcasar_ca.der\">ALCASAR $install_cert_text</a>";
Line 367... Line 363...
367
	$l_explain_acc_access = "This center control the portal. You must have an administrative account.";
363
	$l_explain_acc_access = "This center control the portal. You must have an administrative account.";
368
	$l_explain_access_deny = "You try to connect to a resource whose content is deemed to contain inappropriate information.";
364
	$l_explain_access_deny = "You try to connect to a resource whose content is deemed to contain inappropriate information.";
369
	$l_explain_net_pb = "Your portal has just detected that the Internet access is down";
365
	$l_explain_net_pb = "Your portal has just detected that the Internet access is down";
370
	$l_contact_access_deny = "Contact your security system manager if you think this filtering is abusive.";
366
	$l_contact_access_deny = "Contact your security system manager if you think this filtering is abusive.";
371
	$l_contact_net_pb = "Contact your network responsive or your Internet provider for more information";
367
	$l_contact_net_pb = "Contact your network responsive or your Internet provider for more information";
372
	$l_welcome = "Your captive portal main page";
-
 
373
	$l_sms_access = "<a href=\"https://$hostname/autoregistrationinfo.php\">Auto Registration by SMS</a>";
368
	$l_sms_access = "<a href=\"https://$hostname/autoregistrationinfo.php\">Auto Registration by SMS</a>";
374
	$l_install_certif = "<a href=\"$cert_add/certificat_alcasar_ca.der\">Install ALCASAR AC Certificate</a>";
369
	$l_install_certif = "<a href=\"$cert_add/certificat_alcasar_ca.der\">Install ALCASAR AC Certificate</a>";
375
	$l_install_certif_more = "<a href=\"$cert_add/certificat_alcasar_ca.der\">Install ALCASAR AC Certificate</a>";
370
	$l_install_certif_more = "<a href=\"$cert_add/certificat_alcasar_ca.der\">Install ALCASAR AC Certificate</a>";
376
	$l_certif_explain = "Allow secure data exchange between your computer and ALCASAR portal.<BR>If this certificate isn't incorporated in your computer, some security alerts should appear in your browser.<br><br>";
371
	$l_certif_explain = "Allow secure data exchange between your computer and ALCASAR portal.<BR>If this certificate isn't incorporated in your computer, some security alerts should appear in your browser.<br><br>";
377
	$l_certif_explain_help = "<a href=\"alcasar-certificat.pdf\" target=\"_blank\">Complementary help</a>";
372
	$l_certif_explain_help = "<a href=\"alcasar-certificat.pdf\" target=\"_blank\">Complementary help</a>";
Line 477... Line 472...
477
	}
472
	}
478
}
473
}
479
else{ # the user is intercepted
474
else{ # the user is intercepted
480
	exec("sudo /usr/sbin/ipset list not_filtered | grep $remote_ip | wc -l 2>&1", $ipset_not_filtered);
475
	exec("sudo /usr/sbin/ipset list not_filtered | grep $remote_ip | wc -l 2>&1", $ipset_not_filtered);
481
	# if user is in "ipset_not_filtered" then he must refresh its dns cache (we are in the interception process)
476
	# if user is in "ipset_not_filtered" then he must refresh its dns cache (we are in the interception process)
482
	if ($ipset_not_filtered[0] == '1'){
477
	if (($ipset_not_filtered[0] == '1') && (!$network_pb)){
483
		echo "<script>window.location.reload(true)</script>"; # force DNS request
478
		echo "<script>window.location.reload(true)</script>"; # force DNS request
484
	}
479
	}
485
	# if user need to be warned that someone reads his logs
480
	# if user need to be warned that someone reads his logs
486
	if (isset($_GET['warn']) && isset($_GET['url']) && $_GET['warn'] == '1'){
481
	if (isset($_GET['warn']) && isset($_GET['url']) && $_GET['warn'] == '1'){
487
		echo "
482
		echo "
Line 529... Line 524...
529
else {
524
else {
530
	$sms_div='';
525
	$sms_div='';
531
	$sms_div_over='';
526
	$sms_div_over='';
532
}
527
}
533
if ($direct_access || $display_menu){
528
if ($direct_access || $display_menu){
534
	echo "
-
 
535
		<div id=\"box_bienvenue\">
529
	if (!$network_pb){
536
				$l_welcome
530
	       	echo "
537
		</div>
-
 
538
		<div class=\"box_menu\" id=\"box_conn\" onmouseover=\"valoriserDiv5(text_conn);\">
531
		<div class=\"box_menu\" id=\"box_conn\" onmouseover=\"valoriserDiv5(text_conn);\">
539
			<span>$l_logout</span>
532
			<span>$l_logout</span>
540
			<img src=\"$img_rep$img_internet\">
533
			<img src=\"$img_rep$img_internet\">
541
		</div>
534
		</div>";
-
 
535
	}
-
 
536
	echo "
542
		<div class=\"box_menu\" id=\"box_certif\" onmouseover=\"valoriserDiv5(text_certif);\">
537
		<div class=\"box_menu\" id=\"box_certif\" onmouseover=\"valoriserDiv5(text_certif);\">
543
			<span>$l_install_certif</span>
538
			<span>$l_install_certif</span>
544
			<img src=\"$img_rep$img_certificate\">
539
			<img src=\"$img_rep$img_certificate\">
545
		</div>
540
		</div>
546
		<div class=\"box_menu\" id=\"box_mdp\" onmouseover=\"valoriserDiv5(text_mdp);\">
541
		<div class=\"box_menu\" id=\"box_mdp\" onmouseover=\"valoriserDiv5(text_mdp);\">