7,133 → 7,293 |
</HEAD> |
<body> |
<? |
$mac_allowed_list="/usr/local/etc/alcasar-macallowed"; |
/******************** |
* TEST CONF FILES * |
*********************/ |
define ("DOMAIN_ALLOWED_LIST", "/usr/local/etc/alcasar-uamdomain"); |
define ("IP_ALLOWED_LIST", "/usr/local/etc/alcasar-uamallowed"); |
$conf_files=array(DOMAIN_ALLOWED_LIST,IP_ALLOWED_LIST); |
foreach ($conf_files as $file){ |
if (!file_exists($file)){ |
exit("Requested file ".$file." isn't present");} |
if (!is_readable($file)){ |
exit("Can't read the file ".$file);} |
} |
$domain_allowed_list="/usr/local/etc/alcasar-uamdomain"; |
$url_allowed_list="/usr/local/etc/alcasar-uamallowed"; |
# Choice of language |
$Language = 'en'; |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){ |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']); |
$Language = strtolower(substr(chop($Langue[0]),0,2)); } |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']); |
$Language = strtolower(substr(chop($Langue[0]),0,2)); } |
if($Language == 'fr'){ |
$l_error_open_file = "Erreur d'ouverture du fichier"; |
$l_trusted_sites = "Noms de domaine et adresses IP Internet de confiance"; |
$l_trusted_sites_explain1 = "Entrez ici les noms de domaine ou les adresses IP situés sur Internet pouvant être joints sans authentification"; |
$l_trusted_sites_explain2 = "Entrez un nom de domaine ou une adresse IP par ligne"; |
$l_trusted_sites_list = "Liste des noms de domaine de confiance"; |
$l_trusted_urls_list = "Liste d'adresses IP ou d'adresses de réseau de confiance"; |
$l_submit = "Enregistrer"; |
$l_error_open_file = "Erreur d'ouverture du fichier"; |
$l_trusted_domain = "Noms de domaine Internet de confiance"; |
$l_domain = "Noms de domaine"; |
$l_comment_explain = "Lien de la page d'interception"; |
$l_comment_explain2 = "Laissez vide si non affiché"; |
$l_remove = "Retirer de la liste"; |
$l_trusted_ip = "adresses IP de confiance"; |
$l_comment = "Commentaires"; |
$l_trusted_domain_explain = "Gérez ici les noms de domaine Internet pouvant être joints sans authentification"; |
$l_trusted_ip_explain = "Gérez ici les adresses IP de systèmes ou de réseaux pouvant être joints sans authentification"; |
$l_submit = "Enregistrer"; |
$l_add_to_list = "Ajouter à la liste"; |
$l_apply = "Appliquer les changements"; |
} |
else { |
$l_error_open_file = "File open error"; |
$l_trusted_sites = "Trusted Internet domain names and IP addresses"; |
$l_trusted_sites_explain1 = "Enter domain names or IP addresses situated on Internet that could be joined without authentication"; |
$l_trusted_sites_explain2 = "Enter one domain name ou one IP address per line"; |
$l_trusted_sites_list = "Trusted Internet domain names list"; |
$l_trusted_urls_list = "Trusted IP addresses or networks addresses list"; |
$l_submit = "Submit"; |
$l_error_open_file = "File open error"; |
$l_trusted_domain = "Trusted Internet domain names"; |
$l_domain = "Domain names"; |
$l_comment_explain = "Link showed in intercep page"; |
$l_comment_explain2 = "Let empty for no link"; |
$l_remove = "Remove from list"; |
$l_trusted_ip = "Trusted Internet domain and IP addresses"; |
$l_comment = "Comments"; |
$l_trusted_domain_explain = "Manage Internet domain names that can be joined without authentication"; |
$l_trusted_ip_explain = "Manage systems or networks IP addresses that can be joined without authentication"; |
$l_submit = "Submit"; |
$l_add_to_list = "Add to list"; |
$l_apply = "Apply changes"; |
} |
if (isset($_POST['choix'])){ |
switch ($_POST['choix']) |
{ |
case 'MAJ_UAMALLOWED' : |
$tab_domains = explode ("\n", $_POST['trusted_domains']); |
$fichier=fopen($domain_allowed_list,"w+"); |
foreach ($tab_domains as $domain ){ |
$tr_domain=trim($domain); |
if ($tr_domain != ""){ |
fputs ($fichier, "uamdomain=\"".$tr_domain."\"\n");} |
} |
fclose($fichier); |
unset($_POST['trusted_domains']); |
$tab_urls = explode ("\n", $_POST['trusted_urls']); |
$fichier=fopen($url_allowed_list,"w+"); |
foreach ($tab_urls as $url ){ |
$tr_url=trim($url); |
if ($tr_url != ""){ |
fputs ($fichier, "uamallowed=\"".$tr_url."\"\n");} |
case 'new_uamdomain' : |
if (trim($_POST['add_uamdomain']) != "") |
{ |
$tab=file(DOMAIN_ALLOWED_LIST); |
$insert = true; |
if ($tab) // file isn't empty |
{ |
foreach ($tab as $line) // test if domain address doesn't already exist |
{ |
$domain=explode("\"", $line); |
if (strcmp(trim($_POST['add_uamdomain']),$domain[1]) == 0) |
{ |
$insert = false; |
break; |
} |
} |
} |
fclose($fichier); |
unset($_POST['trusted_urls']); |
exec ("sudo service chilli restart"); |
unset ($_POST['choix']); |
break; |
} |
if ($insert == true) |
{ |
$line ="\nuamdomain=\"" . trim($_POST['add_uamdomain']) . "\" #" . trim($_POST['add_domain_comment']); |
$pointeur=fopen(DOMAIN_ALLOWED_LIST,"a"); |
fwrite ($pointeur, $line); |
fclose ($pointeur); |
exec ("sudo /usr/local/bin/alcasar-file-clean.sh"); |
exec ("sudo service chilli restart"); |
} |
} |
break; |
case 'change_uamdomain' : |
$tab=file(DOMAIN_ALLOWED_LIST); |
if ($tab) |
{ |
$pointeur=fopen(DOMAIN_ALLOWED_LIST,"w+"); |
foreach ($tab as $ligne) |
{ |
$uamdomain1=explode("\"", $ligne); |
$remove_line = false; |
foreach ($_POST as $key => $value) |
{ |
$key = str_replace ("_",".",$key); // dot are replace by '_' in post request |
if (strstr($key,'del-')) |
{ |
$uamdomain2 = str_replace('del-','',$key); |
if (strcmp($uamdomain1[1],$uamdomain2) == 0) |
{ |
$remove_line = True; |
break; |
} |
} |
} |
if (! $remove_line) |
{ |
fwrite($pointeur,$ligne); |
} |
} |
fclose($pointeur); |
} |
exec ("sudo service chilli restart"); |
break; |
case 'new_ip' : |
if (trim($_POST['add_ip']) != "") |
{ |
$tab=file(IP_ALLOWED_LIST); |
$insert = true; |
if ($tab) // file isn't empty |
{ |
foreach ($tab as $line) // test if domain address doesn't already exist |
{ |
$ip=explode("\"", $line); |
if (strcmp(trim($_POST['add_ip']),$ip[1]) == 0) |
{ |
$insert = false; |
break; |
} |
} |
} |
if ($insert == true) |
{ |
$line ="\nuamallowed=\"" . trim($_POST['add_ip']) ."\" #" . trim($_POST['add_ip_comment']); |
$pointeur=fopen(IP_ALLOWED_LIST,"a"); |
fwrite ($pointeur, $line); |
fclose ($pointeur); |
exec ("sudo /usr/local/bin/alcasar-file-clean.sh"); |
exec ("sudo service chilli restart"); |
} |
} |
break; |
case 'change_ip' : |
$tab=file(IP_ALLOWED_LIST); |
if ($tab) |
{ |
$pointeur=fopen(IP_ALLOWED_LIST,"w+"); |
foreach ($tab as $ligne) |
{ |
$ip1=explode("\"", $ligne); |
$remove_line = false; |
foreach ($_POST as $key => $value) |
{ |
$key = str_replace ("_",".",$key); // dot are replace by '_' in post request |
if (strstr($key,'del-')) |
{ |
$ip2 = str_replace('del-','',$key); |
if (strcmp($ip1[1],$ip2) == 0) |
{ |
$remove_line = True; |
break; |
} |
} |
} |
if (! $remove_line) |
{ |
fwrite($pointeur,$ligne); |
} |
} |
fclose($pointeur); |
} |
exec ("sudo service chilli restart"); |
break; |
} |
} |
?> |
<TABLE width="100%" border=0 cellspacing=0 cellpadding=0> |
<tr><th><?echo "$l_trusted_domain";?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |
</table> |
<table width="100%" border=1 cellspacing=0 cellpadding=1> |
<tr><td colspan=2 align="center"> |
<? |
echo "$l_trusted_domain_explain</td></tr>"; |
echo "<tr><td align='center' valign='middle'>"; |
echo "<table cellspacing=2 cellpadding=2 border=1>"; |
echo "<FORM action='$_SERVER[PHP_SELF]' method='POST'>"; |
echo "<tr><th>$l_domain<th>$l_comment_explain<th>$l_remove</tr>"; |
// Read the "Domain alowed" file |
$tab=file(DOMAIN_ALLOWED_LIST); |
if ($tab) # the file isn't empty |
{ |
foreach ($tab as $line) |
{ |
if (trim($line) != '') # the line isn't empty |
{ |
$domain_allowed=explode("#", $line); |
$uamdomain=trim($domain_allowed[0],"#"); |
$domain=explode("\"", $uamdomain); |
echo "<tr><td>$domain[1]"; |
echo "<td>"; |
if (isset ($domain_allowed[1])) { |
echo trim($domain_allowed[1]);} |
else echo " "; |
echo "<td>"; |
echo "<input type='checkbox' name='del-$domain[1]'>"; |
echo "</tr>"; |
} |
} |
} |
echo "</table>"; |
if ($tab) |
{ |
echo "<input type='hidden' name='choix' value='change_uamdomain'>"; |
echo "<input type='submit' value='$l_apply'>"; |
} |
?> |
</form> |
</td><td valign='middle' align='center'> |
<form action='<?echo"$_SERVER[PHP_SELF]"?>' method='POST'> |
<table cellspacing=2 cellpadding=3 border=1> |
<tr><th><?echo"$l_domain</th><th>$l_comment_explain";?> |
<td></td></tr> |
<tr><td>exemple1 : www.mydomain.com <br>exemple2 : .yourdomain.net</td> |
<td>My domain<br><?echo"$l_comment_explain2";?></td></tr> |
<tr><td><input type='text' name='add_uamdomain' size='20'></td> |
<td><input type='text' name='add_domain_comment' size='15'></td> |
<input type='hidden' name='choix' value='new_uamdomain'> |
<td><input type='submit' value='<?echo"$l_add_to_list";?>'></td> |
</tr></table> |
</form> |
</td></tr> |
</table> |
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0"> |
<tr><th><?php echo $l_trusted_sites ;?></th></tr> |
<tr><th><?php echo $l_trusted_ip ;?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |
</TABLE> |
<TABLE width="100%" border=0 cellspacing=0 cellpadding=1> |
<tr bgcolor="#666666"><td> |
<TABLE width="100%" border=0 cellspacing=0 cellpadding=2> |
<tr><td valign="middle" align="left"> |
<center><?php |
echo "$l_trusted_sites_explain1 <BR>"; |
echo "$l_trusted_sites_explain2" ; |
echo "<FORM action='$_SERVER[PHP_SELF]' method='POST'>";?> |
<TABLE cellspacing=2 cellpadding=3 border=1> |
<tr><td width=50% height=100% align=center> |
<H3><?php echo $l_trusted_sites_list ;?></H3> |
exemple1 : www.domain1.org<BR> |
exemple2 : domain2.net<BR> |
<?php |
echo "<textarea name='trusted_domains' rows=5 cols=40>"; |
$ouvre=fopen($domain_allowed_list,"r"); |
if ($ouvre) |
{ |
while (!feof ($ouvre)) |
{ |
$tampon = fgets($ouvre, 4096); |
$domain_list_l = substr($tampon,10); |
$domain_list = trim ($domain_list_l,"\"\n\t "); |
$tab_domains = explode (",", $domain_list); |
foreach ($tab_domains as $domain ){ |
if ($domain) { echo $domain."\n";} |
} |
} |
} |
else { |
echo "failed to open $domain_allowed_list"; |
} |
fclose($ouvre); |
echo "</textarea>"; |
?> |
</td> |
<td width=50% height=100% align=center> |
<H3><?php echo $l_trusted_urls_list ;?></H3> |
exemple1 : 192.168.0.10<BR> |
exemple2 : 172.16.20.0/24<BR> |
<?php |
echo "<textarea name='trusted_urls' rows=5 cols=40>"; |
$ouvre=fopen($url_allowed_list,"r"); |
if ($ouvre) |
{ |
while (!feof ($ouvre)) |
{ |
$tampon = fgets($ouvre, 4096); |
$url_list_l = substr($tampon,11); |
$url_list = trim ($url_list_l,"\"\n\t "); |
$tab_urls = explode (",", $url_list); |
foreach ($tab_urls as $url ){ |
if ($url) echo $url."\n"; |
} |
} |
} |
else { |
echo "failed to open $url_allowed_list"; |
} |
fclose($ouvre); |
echo "</textarea>"; |
?> |
</td></tr> |
</TABLE> |
<input type='hidden' name='choix' value='MAJ_UAMALLOWED'> |
<input type='submit' value='<?php echo $l_submit ;?>'> |
</FORM> |
</td></tr> |
</TABLE> |
</TABLE> |
<table width="100%" border=1 cellspacing=0 cellpadding=1> |
<tr><td colspan=2 align="center"> |
<? |
echo "$l_trusted_ip_explain</td></tr>"; |
echo "<tr><td align='center' valign='middle'>"; |
echo "<table cellspacing=2 cellpadding=2 border=1>"; |
echo "<FORM action='$_SERVER[PHP_SELF]' method='POST'>"; |
echo "<tr><th>$l_trusted_ip<th>$l_comment<th>$l_remove</tr>"; |
// Read the "ip alowed" file |
$tab=file(IP_ALLOWED_LIST); |
if ($tab) # the file isn't empty |
{ |
foreach ($tab as $line) |
{ |
if (trim($line) != '') # the line isn't empty |
{ |
$ip_allowed=explode("#", $line); |
$ip_a=trim($ip_allowed[0],"#"); |
$ip=explode("\"", $ip_a); |
echo "<tr><td>$ip[1]"; |
echo "<td>"; |
if (isset($ip_allowed[1])) |
echo trim($ip_allowed[1]); |
else echo " "; |
echo "<td><input type='checkbox' name='del-$ip[1]'>"; |
echo "</tr>"; |
} |
} |
} |
echo "</table>"; |
if ($tab) |
{ |
echo "<input type='hidden' name='choix' value='change_ip'>"; |
echo "<input type='submit' value='$l_apply'>"; |
} |
?> |
</form> |
</td><td valign='middle' align='center'> |
<form action='<?echo"$_SERVER[PHP_SELF]"?>' method='POST'> |
<table cellspacing=2 cellpadding=3 border=1> |
<tr><th><?echo"$l_trusted_ip</th><th>$l_comment";?> |
<td></td></tr> |
<tr><td>exemple1 : 170.25.23.10 <br>exemple2 : 15.20.20.0/16</td> |
<td>my_web_server <br>my_dmz</td> |
<tr><td><input type='text' name='add_ip' size='20'></td> |
<td><input type='text' name='add_ip_comment' size='15'></td> |
<input type='hidden' name='choix' value='new_ip'> |
<td><input type='submit' value='<?echo"$l_add_to_list";?>'></td> |
</tr></table> |
</form> |
</td></tr> |
</table> |
</BODY> |
</HTML> |