Subversion Repositories ALCASAR

Rev

Rev 2612 | Rev 2743 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2612 Rev 2688
Line 1... Line 1...
1
<?php
1
<?php
2
# $Id: index.php 2612 2018-08-22 16:37:28Z tom.houdayer $
2
# $Id: index.php 2688 2019-01-18 23:15:49Z lucas.echard $
3
#
3
#
4
# index.php for ALCASAR by Rexy
4
# index.php for ALCASAR by Rexy
5
# UI & css style by stephane ERARD
5
# UI & css style by stephane ERARD
6
# The contents of this file may be used under the terms of the GNU
6
# The contents of this file may be used under the terms of the GNU
7
# General Public License Version 2, provided that the above copyright
7
# General Public License Version 2, provided that the above copyright
Line 78... Line 78...
78
		'connected' => false,
78
		'connected' => false,
79
		'username'  => ''
79
		'username'  => ''
80
	];
80
	];
81
}
81
}
82
 
82
 
83
// Test if it's a direct connexion to ALCASAR
83
// Test if it's a direct connection to ALCASAR
84
if (isset($_SERVER['HTTP_HOST']) && (($_SERVER['HTTP_HOST'] === $_SERVER['SERVER_ADDR']) || ($_SERVER['HTTP_HOST'] === 'alcasar') || ($_SERVER['HTTP_HOST'] === $hostname) || ($_SERVER['HTTP_HOST'] === $organisme))) {
84
if (isset($_SERVER['HTTP_HOST']) && (($_SERVER['HTTP_HOST'] === $_SERVER['SERVER_ADDR']) || ($_SERVER['HTTP_HOST'] === 'alcasar') || ($_SERVER['HTTP_HOST'] === $hostname) || ($_SERVER['HTTP_HOST'] === $organisme))) {
85
	$direct_access = true;
85
	$direct_access = true;
86
}
86
}
87
 
87
 
88
// Function to adapt time connexion in seconds to H,M,S
88
// Function to adapt time connection in seconds to H,M,S
89
function secondsToDuration($seconds = null){
89
function secondsToDuration($seconds = null){
90
	if ($seconds == null) return "";
90
	if ($seconds == null) return "";
91
	$temp = $seconds % 3600;
91
	$temp = $seconds % 3600;
92
	$time[0] = ( $seconds - $temp ) / 3600 ;	// hours
92
	$time[0] = ( $seconds - $temp ) / 3600 ;	// hours
93
	$time[2] = $temp % 60 ;				// seconds
93
	$time[2] = $temp % 60 ;				// seconds
Line 130... Line 130...
130
	}
130
	}
131
} else { // the user isn't authenticated
131
} else { // the user isn't authenticated
132
	if (isset($_GET['url'])) { // it's the second stage (when user has clicked on the button "open a connection")
132
	if (isset($_GET['url'])) { // it's the second stage (when user has clicked on the button "open a connection")
133
		$redir = 'http://'.$_GET['url'];
133
		$redir = 'http://'.$_GET['url'];
134
		header("Location: $redir", true, 307);
134
		header("Location: $redir", true, 307);
135
		exit(); 
135
		exit();
136
	}
136
	}
137
}
137
}
138
 
138
 
139
// Choice of language
139
// Choice of language
140
$Language = 'en';
140
$Language = 'en';
Line 222... Line 222...
222
	$l_sms_explain = "Redirect you on auto registration page.<br><br><strong>Login:</strong> your phone number<br><strong>Password:</strong> SMS content";
222
	$l_sms_explain = "Redirect you on auto registration page.<br><br><strong>Login:</strong> your phone number<br><strong>Password:</strong> SMS content";
223
	$l_back_page = "<a href=\"javascript:history.back()\">Página anterior</a>";
223
	$l_back_page = "<a href=\"javascript:history.back()\">Página anterior</a>";
224
	$l_service_sms = "SMS service enable";
224
	$l_service_sms = "SMS service enable";
225
	$l_service_sms_n = "SMS service disable";
225
	$l_service_sms_n = "SMS service disable";
226
	$l_acc_sms = "Auto registration by SMS";
226
	$l_acc_sms = "Auto registration by SMS";
227
	$l_explain_warn = "El administrador ha creado un archivo que contiene los periódicos de inicio de sesión como parte de un proceso judicial."; 
227
	$l_explain_warn = "El administrador ha creado un archivo que contiene los periódicos de inicio de sesión como parte de un proceso judicial.";
228
	if (isset($_GET['url'])) {
228
	if (isset($_GET['url'])) {
229
		$l_continue_link = "<a href=\"index.php?redirect=1&url=".urlencode($_GET['url'])."\" class=\"button\">Lo comprendo y deseo continuar mi navegación.</a>";
229
		$l_continue_link = "<a href=\"index.php?redirect=1&url=".urlencode($_GET['url'])."\" class=\"button\">Lo comprendo y deseo continuar mi navegación.</a>";
230
	} else {
230
	} else {
231
		$l_continue_link = "<a href=\"index.php\" class=\"button\">Lo comprendo y deseo continuar mi navegación.</a>";
231
		$l_continue_link = "<a href=\"index.php\" class=\"button\">Lo comprendo y deseo continuar mi navegación.</a>";
232
	}
232
	}
Line 358... Line 358...
358
	$l_required_domain = "Required WEB site";
358
	$l_required_domain = "Required WEB site";
359
	$l_explain_acc_access = "This center control the portal. You must have an administrative account.";
359
	$l_explain_acc_access = "This center control the portal. You must have an administrative account.";
360
	$l_explain_access_deny = "You try to connect to a resource whose content is deemed to contain inappropriate information.";
360
	$l_explain_access_deny = "You try to connect to a resource whose content is deemed to contain inappropriate information.";
361
	$l_explain_net_pb = "Your portal has just detected that the Internet access is down";
361
	$l_explain_net_pb = "Your portal has just detected that the Internet access is down";
362
	$l_contact_access_deny = "Contact your security system manager if you think this filtering is abusive.";
362
	$l_contact_access_deny = "Contact your security system manager if you think this filtering is abusive.";
363
	$l_contact_net_pb = "Contact your network responsive or your Internet provider for more information";
363
	$l_contact_net_pb = "Contact your network responsive or your Internet provider for further information.";
364
	$l_sms_access = "<a href=\"//$hostname/autoregistrationinfo.php\">Auto Registration by SMS</a>";
364
	$l_sms_access = "<a href=\"//$hostname/autoregistrationinfo.php\">Auto Registration by SMS</a>";
365
	$l_install_certif = "Install ALCASAR AC Certificate";
365
	$l_install_certif = "Install ALCASAR AC Certificate";
366
	$l_install_certif_more = "Install ALCASAR AC Certificate";
366
	$l_install_certif_more = "Install ALCASAR AC Certificate";
367
	$l_certif_explain = "Allow secure data exchange between your computer and ALCASAR portal.<BR>If this certificate isn't incorporated in your computer, some security alerts should appear in your browser.<br><br>";
367
	$l_certif_explain = "Allow secure data exchange between your computer and ALCASAR portal.<BR>If this certificate isn't incorporated in your computer, some security alerts should appear in your browser.<br><br>";
368
	$l_certif_explain_help = "<a href=\"alcasar-certificat.pdf\" target=\"_blank\">Complementary help</a>";
368
	$l_certif_explain_help = "<a href=\"alcasar-certificat.pdf\" target=\"_blank\">Complementary help</a>";
369
	$l_category = "category :";
369
	$l_category = "category:";
370
	if (!$user->connected) {
370
	if (!$user->connected) {
371
		$l_logout_explain = "No Internet consultation session is actualy open on your system";
371
		$l_logout_explain = "No Internet consultation session is currently open on your system";
372
		$l_logout = "<a href=\"//$hostname/index.php?url=$redirect_link\">Open an Internet session</a>";
372
		$l_logout = "<a href=\"//$hostname/index.php?url=$redirect_link\">Open an Internet session</a>";
373
	} else {
373
	} else {
374
		if ($user->username != $user->mac) { // authentication exception or not
374
		if ($user->username != $user->mac) { // authentication exception or not
375
			$l_logout_explain = "Close the session of the user currently connected.<br> User logged-on : <a href=\"$logout_link\" title=\"Disconnect user $user->username\"><b>$user->username</b></a><br><br>$nb_connection_history last connections :$connection_history";
375
			$l_logout_explain = "Close the session of the currently logged-in user.<br> User logged-on: <a href=\"$logout_link\" title=\"Disconnect user $user->username\"><b>$user->username</b></a><br><br>$nb_connection_history last connections:$connection_history";
376
			$l_logout = "<a href=\"$logout_link\">Logoff from internet</a>";
376
			$l_logout = "<a href=\"$logout_link\">Logoff from the internet</a>";
377
		} else {
377
		} else {
378
			$l_logout_explain = "Your system ($user->username) is in exception of authentication.<br><br>$nb_connection_history Last logins :$connection_history";
378
			$l_logout_explain = "Your system ($user->username) is in exception of authentication.<br><br>$nb_connection_history Last logins:$connection_history";
379
			$l_logout = "Connections information";
379
			$l_logout = "Connections information";
380
		}
380
		}
381
	}
381
	}
382
	$l_password_change = "<a href=\"https://$hostname/password.php\">Change your password</a>";
382
	$l_password_change = "<a href=\"https://$hostname/password.php\">Change your password</a>";
383
	$l_password_change_explain = "Redirect you on password change page.<br><br> You should already have an Internet access account.";
383
	$l_password_change_explain = "Redirect you on password change page.<br><br> You should already have an Internet access account.";
Line 392... Line 392...
392
	} else {
392
	} else {
393
		$l_continue_link = "<a href=\"index.php\" class=\"button\">I understand and I wish to continue.</a>";
393
		$l_continue_link = "<a href=\"index.php\" class=\"button\">I understand and I wish to continue.</a>";
394
	}
394
	}
395
	$l_title_warn="Dear user,";
395
	$l_title_warn="Dear user,";
396
	$l_explain_warn_name="Someone called ";
396
	$l_explain_warn_name="Someone called ";
397
	$l_explain_warn_ip="with this IP : ";
397
	$l_explain_warn_ip="with this IP: ";
398
	$l_explain_warn_date="has read your connexion logs at ";
398
	$l_explain_warn_date="has read your connection logs at ";
399
	$l_explain_warn_reason="For this reason : ";
399
	$l_explain_warn_reason="For this reason: ";
400
	$l_uam_domain = "Authorized websites : ";
400
	$l_uam_domain = "Authorized websites: ";
401
}
401
}
402
 
402
 
403
$l_title   = ($direct_access ? $l_access_welcome     : ($network_pb ? $l_access_unavailable : $l_access_denied));
403
$l_title   = ($direct_access ? $l_access_welcome     : ($network_pb ? $l_access_unavailable : $l_access_denied));
404
$l_explain = ($direct_access ? $l_explain_acc_access : ($network_pb ? $l_explain_net_pb     : $l_explain_access_deny));
404
$l_explain = ($direct_access ? $l_explain_acc_access : ($network_pb ? $l_explain_net_pb     : $l_explain_access_deny));
405
 
405
 
Line 459... Line 459...
459
}
459
}
460
 
460
 
461
// Search blacklist categories
461
// Search blacklist categories
462
if ((!$direct_access) && (!$network_pb) && (!isset($_GET['warn']))) {
462
if ((!$direct_access) && (!$network_pb) && (!isset($_GET['warn']))) {
463
	$pattern = str_replace('www.', '', $_SERVER['HTTP_HOST']);
463
	$pattern = str_replace('www.', '', $_SERVER['HTTP_HOST']);
464
	$output = [];
464
	$categories = [];
465
	exec('grep -Re ' . escapeshellarg('^'.$pattern.'$') . " /etc/e2guardian/lists/blacklists/*/domains | cut -d'/' -f6", $output);
465
	exec('grep -Re ' . escapeshellarg('^'.$pattern.'$') . " /etc/e2guardian/lists/blacklists/*/domains | cut -d'/' -f6", $categories);
466
	$lists = [];
-
 
467
	foreach ($output as $line) {
-
 
468
		$lists[] = $line;
-
 
469
	}
-
 
470
 
466
 
471
	$filteredUrlHtml = $l_required_domain.' : '.htmlspecialchars($_SERVER['HTTP_HOST']);
467
	$filteredUrlHtml = $l_required_domain.' : '.htmlspecialchars($_SERVER['HTTP_HOST']);
472
	if (!empty($lists)) {
468
	if (!empty($categories)) {
473
		$filteredUrlHtml .= "<br>$l_category ".implode(', ', $lists);
469
		$filteredUrlHtml .= "<br>$l_category ".implode(', ', $categories);
474
	}
470
	}
475
}
471
}
476
 
472
 
477
// Cleaning the cache
473
// Cleaning the cache
478
header('Expires: Tue, 01 Jan 2000 00:00:00 GMT');
474
header('Expires: Tue, 01 Jan 2000 00:00:00 GMT');
Line 562... Line 558...
562
				</div>
558
				</div>
563
 
559
 
564
				<div class="div-cache" id="text_certif">
560
				<div class="div-cache" id="text_certif">
565
					<h2><a href="<?= $certCa_link ?>"><?= $l_install_certif_more ?></a></h2>
561
					<h2><a href="<?= $certCa_link ?>"><?= $l_install_certif_more ?></a></h2>
566
					<p><?= "$l_certif_explain $l_certif_explain_help" ?></p>
562
					<p><?= "$l_certif_explain $l_certif_explain_help" ?></p>
567
					<img src="<?= $img_rep.$img_certificate ?>">				
563
					<img src="<?= $img_rep.$img_certificate ?>">
568
				</div>
564
				</div>
569
 
565
 
570
				<div class="div-cache" id="text_mdp">
566
				<div class="div-cache" id="text_mdp">
571
					<h2><?= $l_password_change ?></h2>
567
					<h2><?= $l_password_change ?></h2>
572
					<p><?= $l_password_change_explain ?></p>
568
					<p><?= $l_password_change_explain ?></p>