| 452 |
richard |
1 |
<?php
|
|
|
2 |
$private_ip = "192.168.182.1";
|
| 498 |
richard |
3 |
$hostname = "alcasar";
|
| 360 |
richard |
4 |
$network_pb = False;
|
| 509 |
richard |
5 |
$cert_add = "http://alcasar/certs";
|
|
|
6 |
|
| 360 |
richard |
7 |
$direct_access = False;
|
| 363 |
richard |
8 |
$diagnostic = "eth0 link down";
|
|
|
9 |
$remote_ip = ($_SERVER['REMOTE_ADDR']);
|
|
|
10 |
$tab = array();$user = array();
|
| 522 |
richard |
11 |
# on discrimine les accès directs sur Alcasar par rapport aux redirections (blacklist ou pannes rso)
|
|
|
12 |
if (($_SERVER['HTTP_HOST'] == $private_ip) || preg_match ("/^alcasar/", $_SERVER['HTTP_HOST']) || preg_match ("/^$hostname/", $_SERVER['HTTP_POST']))
|
|
|
13 |
{
|
|
|
14 |
$direct_access=True;
|
|
|
15 |
exec ("sudo /usr/sbin/chilli_query list|grep $remote_ip" , $tab);
|
|
|
16 |
$user = explode (" ", $tab[0]);
|
|
|
17 |
}
|
| 509 |
richard |
18 |
|
|
|
19 |
#### Connexion DB à faire !
|
|
|
20 |
#### Avec retour 3 dernière connexion de $user[5]
|
|
|
21 |
$result_user = "3 dernières connexions :";
|
|
|
22 |
|
|
|
23 |
####
|
|
|
24 |
|
|
|
25 |
|
| 360 |
richard |
26 |
# Choice of language
|
|
|
27 |
$Language = 'en';
|
|
|
28 |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
|
|
|
29 |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
|
|
|
30 |
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
|
|
|
31 |
if($Language == 'fr'){
|
|
|
32 |
$l_access_denied = "ACCÈS REFUSÉ";
|
| 399 |
franck |
33 |
$l_access_welcome = "Bienvenue sur ALCASAR";
|
| 360 |
richard |
34 |
$l_access_unavailable = "ACCÈS INDISPONIBLE";
|
|
|
35 |
$l_required_domain = "Site WEB demandé";
|
| 536 |
franck |
36 |
$l_explain_acc_access = "Le centre de gestion permet d'administrer le portail. Vous devez posséder un compte d'administration ou de gestion pour y accéder.";
|
| 360 |
richard |
37 |
$l_explain_access_deny = "Vous tentez d'accéder à une ressource dont le contenu est réputé contenir des informations inappropriées.";
|
|
|
38 |
$l_explain_net_pb = "Votre portail détecte que l'accès à Internet est indisponible.";
|
|
|
39 |
$l_contact_access_deny = "Contactez le responsable de la sécurité (OSSI/RSSI) si vous pensez que ce filtrage est abusif.";
|
| 509 |
richard |
40 |
$l_contact_net_pb = "Contactez votre responsable informatique ou votre prestataire Internet pour plus d'information.";
|
| 399 |
franck |
41 |
$l_welcome = "Page principale de votre portail captif";
|
| 509 |
richard |
42 |
$l_acc_access = "<a href=\"https://$hostname/acc\">Accès au centre de gestion</A>";
|
|
|
43 |
$l_install_certif = "<a href=\"$cert_add/certificat_alcasar_ca.crt\">Installer le certificat racine</A>";
|
|
|
44 |
$l_install_certif_more = "<a href=\"$cert_add/certificat_alcasar_ca.crt\">Installation du certificat de l'autorité racine d'ALCASAR</A>";
|
| 536 |
franck |
45 |
$l_certif_explain = "Permet l'échange de données sécurisées entre votre station de consultation et le portail captif ALCASAR.<BR>Si ce certificat n'est pas enregistré sur votre station de consultation, il est possible que des alertes de sécurités soient émises par votre navigateur.<br><br>";
|
| 509 |
richard |
46 |
$l_certif_explain_help = "<a href=\"alcasar-certificat.pdf\" target=\"_blank\">Aide pour les certificats</a>";
|
| 369 |
richard |
47 |
if ($user[4] == "0") {
|
| 509 |
richard |
48 |
$l_logout_explain = "Aucune session de consultation Internet n'est actuellement ouverte sur votre système.";
|
| 369 |
richard |
49 |
$l_logout = "<a href=\"http://www.google.fr\">Ouvrir une session Internet</A>";}
|
|
|
50 |
else {
|
| 509 |
richard |
51 |
$l_logout_explain = "Ferme la session de l'usager actuellement connecté. <br><br>Utilisateur connecté :<br><br><a href=\"http://$hostname:3990/logoff\" title=\"Deconnecter l'utilisateur $user[5]\"><b>$user[5]</b></a><br><br>$result_user";
|
|
|
52 |
$l_logout = "<a href=\"http://$hostname:3990/logoff\">Se déconnecter d'internet</A>";}
|
| 498 |
richard |
53 |
$l_password_change = "<a href=\"https://$hostname/pass\">Changer votre mot de passe</A>";
|
| 536 |
franck |
54 |
$l_password_change_explain = "Vous redirige sur la page de changement du mot de passe de votre compte d'accès à internet.<br><br>Vous devez avoir un compte internet valide.";
|
| 360 |
richard |
55 |
$l_back_page = "<a href=\"javascript:history.back()\">Page précédente</a>";
|
|
|
56 |
}
|
|
|
57 |
else {
|
|
|
58 |
$l_access_denied = "ACCESS DENIED";
|
| 369 |
richard |
59 |
$l_access_welcome = "Welcome on ALCASAR";
|
| 360 |
richard |
60 |
$l_access_unavailable = "ACCESS UNAVAILABLE";
|
|
|
61 |
$l_required_domain = "Required WEB site";
|
| 369 |
richard |
62 |
$l_explain_acc_access = "This center control the portal. You must have an administrative account.";
|
| 360 |
richard |
63 |
$l_explain_access_deny = "Your portal has just detected that the Internet access is down";
|
|
|
64 |
$l_explain_net_pb = "Your portal has just detected that the Internet access is down";
|
|
|
65 |
$l_contact_access_deny = "Contact your security system manager if you think this filtering is abusive.";
|
|
|
66 |
$l_contact_net_pb = "Contact your network responsive or your Internet provider for more information";
|
| 369 |
richard |
67 |
$l_welcome = "Your captive portal main page";
|
| 509 |
richard |
68 |
$l_acc_access = "<a href=\"https://$hostname/acc\">ALCASAR Control Center</A>";
|
|
|
69 |
$l_install_certif = "<a href=\"$cert_add/certificate_alcasar_ca.crt\">Install ALCASAR AC Certificate</A>";
|
|
|
70 |
$l_install_certif_more = "<a href=\"$cert_add/certificat_alcasar_ca.cert\">Install ALCASAR AC Certificate</A>";
|
|
|
71 |
$l_certif_explain = "A TRADUIRE<br><br>";
|
|
|
72 |
$l_certif_explain_help = "<a href=\"alcasar-certificat.pdf\" target=\"_blank\">Help for ALCASAR certificate</a>";
|
|
|
73 |
if ($user[4] == "0") {
|
| 369 |
richard |
74 |
$l_logout_explain = "No Internet consultation session is actualy open on your system";
|
|
|
75 |
$l_logout = "<a href=\"http://www.google.fr\">Open an Internet session</A>";}
|
|
|
76 |
else {
|
| 509 |
richard |
77 |
$l_logout_explain = "Close the session of the user actualy connecterd.<br> User logged-on :<br><br><a href=\"http://$hostname:3990/logoff\" title=\"Disconnect user $user[5]\"><b>$user[5]</b></a><br><br>$result_user";
|
|
|
78 |
$l_logout = "<a href=\"http://$hostname:3990/logoff\">Logoff from internet</A>";}
|
| 498 |
richard |
79 |
$l_password_change = "<a href=\"https://$hostname/pass\">Change your password</A>";
|
| 509 |
richard |
80 |
$l_password_change_explain = "Ridirect you on password change page.<br><br> You should already have an Internet access account.";
|
| 360 |
richard |
81 |
$l_back_page = "<a href=\"javascript:history.back()\">Previous page</a>";
|
|
|
82 |
}
|
| 369 |
richard |
83 |
$l_title = ($direct_access ? $l_access_welcome : ($network_pb ? $l_access_unavailable : $l_access_denied));
|
| 360 |
richard |
84 |
$l_explain = ($direct_access ? $l_explain_acc_access : ($network_pb ? $l_explain_net_pb : $l_explain_access_deny));
|
| 509 |
richard |
85 |
|
|
|
86 |
# Attribution des icones / images
|
|
|
87 |
$img_rep = "images/";
|
|
|
88 |
$img_organisme = "organisme.png";
|
|
|
89 |
$img_access = "globe_acces_70.png";
|
|
|
90 |
$img_connect = "globe_70.png";
|
|
|
91 |
$img_warning = "globe_warning_70.png";
|
|
|
92 |
$img_pwd = "cle_ombre.png";
|
|
|
93 |
$img_certificate = "certificat.png";
|
|
|
94 |
$img_acc = "logo-alcasar_70.png";
|
|
|
95 |
$img_false = "interdit.png";
|
|
|
96 |
$img_internet = $img_connect;
|
|
|
97 |
|
|
|
98 |
if ($user[4] == "0") {
|
|
|
99 |
if (! $network_pb) {
|
|
|
100 |
$img_internet = $img_access;
|
|
|
101 |
}
|
|
|
102 |
else {
|
|
|
103 |
$img_internet = $img_warning;
|
|
|
104 |
}
|
|
|
105 |
}
|
|
|
106 |
else {
|
|
|
107 |
$img_internet = $img_connect;
|
|
|
108 |
}
|
|
|
109 |
|
|
|
110 |
|
| 452 |
richard |
111 |
header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
|
|
|
112 |
echo "<html><head><title>ALCASAR - $l_title";
|
| 360 |
richard |
113 |
?>
|
|
|
114 |
</title>
|
|
|
115 |
<LINK rel=stylesheet type=text/css href="css/style_intercept.css">
|
| 509 |
richard |
116 |
<script>
|
|
|
117 |
function valoriserDiv5(param){
|
|
|
118 |
document.getElementById("box_info").innerHTML = param.innerHTML;
|
|
|
119 |
}
|
|
|
120 |
</script>
|
| 360 |
richard |
121 |
</head>
|
|
|
122 |
|
| 509 |
richard |
123 |
<BODY onload="valoriserDiv5(text_conn);">
|
|
|
124 |
<?php
|
| 360 |
richard |
125 |
if ($direct_access){
|
|
|
126 |
echo "
|
|
|
127 |
<DIV id=\"cadre_titre\" class=\"titre_controle\">
|
|
|
128 |
<P id=\"acces_controle\" class=\"titre_controle\">$l_title</P>";
|
| 509 |
richard |
129 |
if ($network_pb) {
|
|
|
130 |
echo " <SPAN>$l_explain_net_pb</SPAN>";
|
|
|
131 |
}
|
| 360 |
richard |
132 |
}
|
| 509 |
richard |
133 |
else {
|
|
|
134 |
echo"
|
|
|
135 |
<DIV id=\"cadre_titre\" class=\"titre_refus\">
|
|
|
136 |
<P id=\"acces_controle\" class=\"titre_refus\">$l_title</P>";
|
| 363 |
richard |
137 |
}
|
| 360 |
richard |
138 |
?>
|
|
|
139 |
<DIV id="boite_logo">
|
|
|
140 |
<IMG src="images/organisme.png">
|
|
|
141 |
</DIV>
|
|
|
142 |
</DIV>
|
|
|
143 |
<DIV id="contenu_acces">
|
|
|
144 |
<DIV id="box_url">
|
| 509 |
richard |
145 |
<?php if (! $direct_access){echo "$l_required_domain : $_SERVER[HTTP_HOST]";}?>
|
| 360 |
richard |
146 |
</DIV>
|
| 509 |
richard |
147 |
<?php
|
|
|
148 |
if ($direct_access){
|
| 369 |
richard |
149 |
echo " <DIV id=\"box_bienvenue\">
|
| 360 |
richard |
150 |
$l_welcome
|
|
|
151 |
</DIV>
|
| 509 |
richard |
152 |
<DIV class=\"box_menu\" id=\"box_conn\" onmouseover=\"valoriserDiv5(text_conn);\">
|
|
|
153 |
<SPAN>$l_logout</SPAN>
|
|
|
154 |
<IMG src=\"$img_rep$img_internet\">
|
|
|
155 |
</DIV>
|
|
|
156 |
<DIV class=\"box_menu\" id=\"box_certif\" onmouseover=\"valoriserDiv5(text_certif);\">
|
|
|
157 |
<SPAN>$l_install_certif</SPAN>
|
|
|
158 |
<IMG src=\"$img_rep$img_certificate\">
|
|
|
159 |
</DIV>
|
|
|
160 |
|
|
|
161 |
<DIV class=\"box_menu\" id=\"box_mdp\" onmouseover=\"valoriserDiv5(text_mdp);\">
|
|
|
162 |
<IMG src=\"$img_rep$img_pwd\">
|
| 360 |
richard |
163 |
<SPAN>$l_password_change</SPAN>
|
| 509 |
richard |
164 |
</DIV>
|
|
|
165 |
<DIV class=\"box_menu\" id=\"box_acc\" onmouseover=\"valoriserDiv5(text_acc);\">
|
|
|
166 |
<SPAN>$l_acc_access</SPAN>
|
|
|
167 |
<IMG src=\"$img_rep$img_acc\">
|
|
|
168 |
</DIV>
|
|
|
169 |
<DIV class=\"div-cache\" id=\"text_conn\">
|
|
|
170 |
<H2>$l_logout</H2>
|
|
|
171 |
<P>$l_logout_explain</P>
|
|
|
172 |
<IMG src=\"$img_rep$img_internet\">
|
|
|
173 |
</DIV>
|
|
|
174 |
<DIV class=\"div-cache\" id=\"text_certif\">
|
|
|
175 |
<H2>$l_install_certif_more</H2>
|
|
|
176 |
<P>$l_certif_explain $l_certif_explain_help</P>
|
|
|
177 |
<IMG src=\"$img_rep$img_certificate\">
|
|
|
178 |
</DIV>
|
|
|
179 |
<DIV class=\"div-cache\" id=\"text_mdp\">
|
|
|
180 |
<H2>$l_password_change</H2>
|
| 360 |
richard |
181 |
<P>$l_password_change_explain</P>
|
| 509 |
richard |
182 |
<IMG src=\"$img_rep$img_pwd\">
|
|
|
183 |
</DIV>
|
|
|
184 |
<DIV class=\"div-cache\" id=\"text_acc\">
|
|
|
185 |
<H2>$l_acc_access</H2>
|
|
|
186 |
<P>$l_explain</P>
|
|
|
187 |
<IMG src=\"$img_rep$img_acc\">
|
|
|
188 |
</DIV>
|
|
|
189 |
<DIV id=\"box_info\">
|
| 369 |
richard |
190 |
</DIV>";
|
| 509 |
richard |
191 |
}
|
|
|
192 |
else {
|
|
|
193 |
echo "
|
| 360 |
richard |
194 |
<DIV id=\"box_refuse\">
|
| 509 |
richard |
195 |
<img src=\"$img_rep$img_false\">
|
| 360 |
richard |
196 |
<P>$l_explain</P>
|
|
|
197 |
</DIV>
|
|
|
198 |
<DIV id=\"liens_redir\">
|
|
|
199 |
<P>$l_back_page</P>
|
| 509 |
richard |
200 |
</DIV>";
|
|
|
201 |
}
|
|
|
202 |
if (($network_pb)&&(! $direct_access)) {
|
|
|
203 |
echo " <SPAN>Diagnostic : $diagnostic</SPAN>";
|
|
|
204 |
}
|
|
|
205 |
|
| 363 |
richard |
206 |
?>
|
| 360 |
richard |
207 |
</DIV>
|
|
|
208 |
</BODY>
|
|
|
209 |
</html>
|