WebSVN – ALCASAR – Diff – /web/intercept.php

 <?php
-# $Id: intercept.php 3139 2023-07-02 14:22:12Z rexy $
+# $Id: intercept.php 3165 2024-01-10 10:34:50Z rexy $
+#
 # intercept.php for ALCASAR captive portal
-# By Mondru AB.
-# Modify by Rexy & steweb57
+# by Rexy & steweb57
 # UI & css style by Stéphane ERARD & Alexandre VEZIN
 # Help for language translation by B. AUBARD (thanks)
-# The contents of this file may be used under the terms of the GNU
-# General Public License Version 2, provided that the above copyright
-# notice and this permission notice is included in all copies or
-# substantial portions of the software.
 # Redirects from CoovaChilli (chilli daemon) :
 # Response to login:
   # success :	if login successful
   # failed :	if login failed
   # logoff :	if logout successful
 $loginpath = htmlspecialchars($_SERVER['PHP_SELF']);
 $useHTTPS = ((isset($_SERVER['HTTPS'])) && (!empty($_SERVER['HTTPS'])) && ($_SERVER['HTTPS'] !== 'off'));
 $alcasarpath = (($useHTTPS) ? 'https' : 'http' ).'://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN'];
 $statuspath = (($conf['HTTPS_CHILLI'] === 'on') ? 'https' : 'http' ).'://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN'].'/status.php';
+# Redirection if HTTPS needed and not used
+if (($conf['HTTPS_LOGIN'] === 'on') && (!$useHTTPS)) {
+	header('HTTP/1.1 301 Moved Permanently');
+	header('Location: https://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN'].'/intercept.php');
+	exit();
+}
 // Choice of language
 $Language = 'en';
 if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
 	$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
 	$Language = strtolower(substr(chop($Langue[0]), 0, 2));
 	$l_password			= "Contraseña";
 	$l_mandatory			= "* Campos requeridos";
 	$l_wait				= "Por favor, espere un momento ...";
 	$l_onlinetime			= "Tiempo de conexión:";
 	$l_remainingtime		= "Desconexión en:";
-	$l_encrypted			= "La conexión con el portal apertura debe ser cifrada (https)";
 	$l_boutonO			= "Autenticación";
 	$l_boutonF			= "Cerrar";
 	$l_loggedin_stringl1		= "Información del Sistema de Seguridad";
 	$l_loggedin_stringl2		= "El portal fue creado para garantizar la trazabilidad, la rendición de cuentas y el no repudio de las conexiones.";
 	$l_loggedin_stringl3		= "Su actividad en la red es registrada, de conformidad con criterios de privacidad.";
 	$l_password			= "Senha";
 	$l_mandatory			= "* Campos obrigatórios";
 	$l_wait				= "Por favor, aguarde um momento ...";
 	$l_onlinetime			= "Tempo de conexão:";
 	$l_remainingtime		= "Desconectado em:";
-	$l_encrypted			= "A conexão com o portal deve ser criptografada (https)";
 	$l_boutonO			= "Autenticação";
 	$l_boutonF			= "Fechar";
 	$l_loggedin_stringl1		= "Sistema de Informação e segurança";
 	$l_loggedin_stringl2		= "Este controle foi criado para garantir acesso seguro.";
 	$l_loggedin_stringl3		= "A autenticação será criptografada em 256 bits, impedindo captura por escâner de rede.";
 	$l_password			= "密码";
 	$l_mandatory			= "* 必须填写";
 	$l_wait				= "请等待 ...";
 	$l_onlinetime			= "连接时间";
 	$l_remainingtime		= "断开连接于";
-	$l_encrypted			= "与门户的连接必须加密 (https)";
 	$l_boutonO			= "验证";
 	$l_boutonF			= "关闭";
 	$l_loggedin_stringl1		= "信息系统安全";
 	$l_loggedin_stringl2		= "这种控制实施以法定保证可追溯性，可归罪性和连接的不否认性.";
 	$l_loggedin_stringl3		= "您的网络活动是私密登记的.";
 	$l_password			= "كلمة السر";
 	$l_mandatory			="* الحقول المطلوبة";
 	$l_wait				= "...إنتظر بعض اللحظات";
 	$l_onlinetime			= ":مدة الإتصال";
 	$l_remainingtime		= ":انقطاع الإتصال في";
-	$l_encrypted			= "يجب تشفير الإتصال بالبوابة (https)";
 	$l_boutonO			= "مصادقة";
 	$l_boutonF			= "أغلق";
 	$l_loggedin_stringl1		= "سلامة نظم المعلومات";
 	$l_loggedin_stringl2		= "وُضعت هذه المراقبة للضمان القانوني لتتبع ومساءلة وعدم تنصل الإتصالات";
 	$l_loggedin_stringl3		= "نشاطك على الشبكة مسجل وفقاً لاحترام الحريات الشخصية";
 	$l_password			= "Passwort";
 	$l_mandatory			= "* Benötigte Felder";
 	$l_wait				= "Bitte warten Sie einen Moment ...";
 	$l_onlinetime			= "Online-Zeit:";
 	$l_remainingtime		= "Abmelden:";
-	$l_encrypted			= "Die Verbindung muss verschlüsselt sein (https)";
 	$l_boutonO			= "Authentifizierung";
 	$l_boutonF			= "Schließen";
 	$l_loggedin_stringl1		= "Information System Security";
 	$l_loggedin_stringl2		= "Dieses Portal wurde eingerichtet, um ordnungsgemäß die Rückverfolgbarkeit, die Zurechenbarkeit und die Nicht-Abstreitbarkeit der Verbindungen zu sichern.";
 	$l_loggedin_stringl3		= "Ihre Tätigkeiten im Netzwerk werden im Hinblick auf den Schutz Ihrer Privatsphäre gespeichert.";
 	$l_password			= "Wachtwoord";
 	$l_mandatory			= "* Verplichte velden";
 	$l_wait				= "Wacht een moment ...";
 	$l_onlinetime			= "Sluit tijd:";
 	$l_remainingtime		= "Verbreking in:";
-	$l_encrypted			= "De opening moet gebruiken gecodeerde verbinding (https)";
 	$l_boutonO			= "Authenticatie";
 	$l_boutonF			= "Sluiten";
 	$l_loggedin_stringl1		= "Information System Security";
 	$l_loggedin_stringl2		= "Het portaal werd opgericht verordeningen om de traceerbaarheid, verantwoordelijkheid en onloochenbaarheid van de verbindingen.";
 	$l_loggedin_stringl3		= "Uw activiteit op het netwerk is geregistreerd in overeenstemming met de persoonlijke levenssfeer.";
 	$l_password			= "Mot de passe";
 	$l_mandatory			= "* champs requis";
 	$l_wait				= "Patientez un instant ...";
 	$l_onlinetime			= "Temps de connexion:";
 	$l_remainingtime		= "Deconnexion dans :";
-	$l_encrypted			= "La connexion avec le portail doit être chiffrée (https)";
 	$l_boutonO			= "Authentification";
 	$l_boutonF			= "Fermer";
 	$l_loggedin_stringl1		= "Sécurité des Systèmes d'Information";
 	$l_loggedin_stringl2		= "Ce contrôle a été mis en place pour assurer réglementairement la traçabilité, l'imputabilité et la non-répudiation des connexions.";
 	$l_loggedin_stringl3		= "Votre activité sur le réseau est enregistrée conformément au respect de la vie privée.";
 	$l_password			= "Password";
 	$l_mandatory			= "* field required";
 	$l_wait				= "Please wait a moment ...";
 	$l_onlinetime			= "Connect time:";
 	$l_remainingtime		= "Disconnection in:";
-	$l_encrypted			= "The connection with the portal must be encrypted (https)";
 	$l_boutonO			= "Authentication";
 	$l_boutonF			= "Close";
 	$l_loggedin_stringl1		= "Information System Security";
 	$l_loggedin_stringl2		= "That control was set up regulations to ensure traceability, accountability and non-repudiation of connections.";
 	$l_loggedin_stringl3		= "Your activity on the network is registered in accordance with privacy.";
 	$l_uam_domain			= "Open access websites : ";
 	$l_sms_registration		= "Register by SMS";
 	$l_email_registration		= "Register by E-mail";
+}
-# If HTTPS not use, tell it's wrong
-if (($conf['HTTPS_LOGIN'] === 'on') && ((!isset($_SERVER['HTTPS'])) || (empty($_SERVER['HTTPS'])) || ($_SERVER['HTTPS'] === 'off'))) {
-	// Cleaning the cache
-	header('Expires: Tue, 01 Jan 2000 00:00:00 GMT');
-	header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
-	header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
-	header('Cache-Control: post-check=0, pre-check=0', false);
-	header('Pragma: no-cache');
-	?>
-	<!DOCTYPE html>
-	<html>
-	<head>
-		<meta charset="utf-8">
-		<title><?= $l_loggedcont ?></title>
-	</head>
-	<body style="background-color: white;">
-		<h1 style="text-align: center;"><?= $l_loginfailed ?></h1>
-		<center><?= $l_encrypted ?></center>
-	</body>
-	</html>
-	<?php
-	exit();
-}
 # Read form parameters which we care about
 # avoid the "user as a MAC address" attempts
 if ((isset($_POST['username'])) && (preg_match('/^([0-9A-F]{2}-){5}[0-9A-F]{2}$/', $_POST['username']) !== 1))
 				$username	= htmlspecialchars(trim($_POST['username']));	else $username = '';
 if (isset($_POST['password']))	$password	= htmlspecialchars($_POST['password']);		else $password = '';

Subversion Repositories ALCASAR

(root)/web/intercept.php – Rev 3139 → 3165