Subversion Repositories ALCASAR

Rev

Rev 2450 | Rev 2591 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2450 Rev 2501
Line 1... Line 1...
1
<?php
1
<?php
2
# $Id: intercept.php 2450 2017-12-05 21:53:42Z tom.houdayer $
2
# $Id: intercept.php 2501 2018-02-28 00:34:14Z tom.houdayer $
3
#
3
#
4
# intercept.php for ALCASAR captive portal
4
# intercept.php for ALCASAR captive portal
5
# Copyright (C) 2003, 2004 Mondru AB.
5
# Copyright (C) 2003, 2004 Mondru AB.
6
# Modify by REXY & steweb57
6
# Modify by REXY & steweb57
7
# UI & css style by stephane ERARD
7
# UI & css style by stephane ERARD
Line 453... Line 453...
453
		include_once('/etc/freeradius-web/config.php');
453
		include_once('/etc/freeradius-web/config.php');
454
		include_once('./acc/manager/lib/sql/drivers/mysql/functions.php');
454
		include_once('./acc/manager/lib/sql/drivers/mysql/functions.php');
455
		$link = @da_sql_pconnect($config); // on affiche pas les erreurs
455
		$link = @da_sql_pconnect($config); // on affiche pas les erreurs
456
		if ($link) {
456
		if ($link) {
457
			$user_uid = da_sql_escape_string($link, $_GET['uid']);
457
			$user_uid = da_sql_escape_string($link, $_GET['uid']);
458
			$sql = "SELECT attribute, value FROM radreply WHERE username='$user_uid' AND attribute='Filter-Id'";
458
			$sql = "SELECT value FROM radreply WHERE username='$user_uid' AND attribute='Alcasar-Imputability-Warning'";
459
			$res = @da_sql_query($link, $config, $sql); // on affiche pas les erreurs
459
			$res = @da_sql_query($link, $config, $sql); // on affiche pas les erreurs
460
			if ($res) {
460
			if ($res) {
461
				$row = @da_sql_fetch_array($res, $config);
461
				$row = @da_sql_fetch_array($res, $config);
462
				$filter_id = $row['value']; // on obtient le Filter-Id de l'utilisateur
-
 
463
				if ($filter_id[3] === '1') {
462
				if ($row['value'] === '1') {
464
					//set the fourth bit of filter-id to '0'
-
 
465
					$sql = "set @CurrentFilter=(SELECT value from radreply where username='$user_uid');set @CurrentFilterLeft=(SELECT LEFT(@CurrentFilter,3));set @CurrentFilterRight=(SELECT RIGHT(@CurrentFilter,4));UPDATE radreply SET value = CONCAT((@CurrentFilterLeft),'0', (@CurrentFilterRight)) WHERE username='$user_uid'";
463
					$sql = "DELETE FROM radreply WHERE username='$user_uid' AND attribute='Alcasar-Imputability-Warning'";
466
					$res = mysqli_multi_query($link,$sql);
464
					@da_sql_query($link, $config, $sql);
467
					header('Location: '.(($conf['HTTPS_LOGIN'] === 'on') ? 'https' : 'http').'://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN'].'/index.php?warn=1&url='.urlencode($_GET['userurl']));   //we present to user information about imputability logs 
465
					header('Location: '.(($conf['HTTPS_LOGIN'] === 'on') ? 'https' : 'http').'://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN'].'/index.php?warn=1&url='.urlencode($_GET['userurl']));   //we present to user information about imputability logs 
468
					exit();
466
					exit();
469
				}
467
				}
470
			}
468
			}
471
		}
469
		}