1 |
<?php
|
1 |
<?php
|
2 |
# change user password on Alcasar captive Portal
|
2 |
# change user password on Alcasar captive Portal
|
3 |
# Copyright (C) 2003, 2004 Mondru AB.
|
3 |
# Copyright (C) 2003, 2004 Mondru AB.
|
4 |
# Copyright (C) 2008-2009 ANGEL95 & REXY
|
4 |
# Copyright (C) 2008-2009 ANGEL95 & REXY
|
5 |
|
5 |
|
6 |
require('/etc/freeradius-web/config.php');
|
6 |
require('/etc/freeradius-web/config.php');
|
7 |
|
7 |
|
8 |
$current_page = $_SERVER['PHP_SELF'];
|
8 |
$current_page = $_SERVER['PHP_SELF'];
|
9 |
|
9 |
|
10 |
# Choice of language
|
10 |
# Choice of language
|
11 |
$Language = 'fr';
|
11 |
$Language = 'fr';
|
12 |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
|
12 |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
|
13 |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
|
13 |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
|
14 |
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
|
14 |
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
|
15 |
if($Language == 'es'){
|
15 |
if($Language == 'es'){
|
16 |
$R_title = "User password change";
|
16 |
$R_title = "User password change";
|
17 |
$R_form_l1 = "User";
|
17 |
$R_form_l1 = "User";
|
18 |
$R_form_l2 = "Old password";
|
18 |
$R_form_l2 = "Old password";
|
19 |
$R_form_l3 = "New password";
|
19 |
$R_form_l3 = "New password";
|
20 |
$R_form_l4 = "New password (confirmation)";
|
20 |
$R_form_l4 = "New password (confirmation)";
|
21 |
$R_form_button = "Modify";
|
21 |
$R_form_button = "Modify";
|
22 |
$R_form_result1 = "Your password has been successfuly changed";
|
22 |
$R_form_result1 = "Your password has been successfuly changed";
|
23 |
$R_form_result2 = "Error when trying to change password";
|
23 |
$R_form_result2 = "Error when trying to change password";
|
24 |
}
|
- |
|
- |
|
24 |
$R_retour = "ALCASAR home page";}
|
25 |
if($Language == 'de'){
|
25 |
if($Language == 'de'){
|
26 |
$R_title = "User password change";
|
26 |
$R_title = "User password change";
|
27 |
$R_form_l1 = "User";
|
27 |
$R_form_l1 = "User";
|
28 |
$R_form_l2 = "Old password";
|
28 |
$R_form_l2 = "Old password";
|
29 |
$R_form_l3 = "New password";
|
29 |
$R_form_l3 = "New password";
|
30 |
$R_form_l4 = "New password (confirmation)";
|
30 |
$R_form_l4 = "New password (confirmation)";
|
31 |
$R_form_button = "Modify";
|
31 |
$R_form_button = "Modify";
|
32 |
$R_form_result1 = "Your password has been successfuly changed";
|
32 |
$R_form_result1 = "Your password has been successfuly changed";
|
33 |
$R_form_result2 = "Error when trying to change password";
|
33 |
$R_form_result2 = "Error when trying to change password";
|
34 |
}
|
- |
|
- |
|
34 |
$R_retour = "ALCASAR home page";}
|
35 |
if($Language == 'nl'){
|
35 |
if($Language == 'nl'){
|
36 |
$R_title = "User password change";
|
36 |
$R_title = "User password change";
|
37 |
$R_form_l1 = "User";
|
37 |
$R_form_l1 = "User";
|
38 |
$R_form_l2 = "Old password";
|
38 |
$R_form_l2 = "Old password";
|
39 |
$R_form_l3 = "New password";
|
39 |
$R_form_l3 = "New password";
|
40 |
$R_form_l4 = "New password (confirmation)";
|
40 |
$R_form_l4 = "New password (confirmation)";
|
41 |
$R_form_button = "Modify";
|
41 |
$R_form_button = "Modify";
|
42 |
$R_form_result1 = "Your password has been successfuly changed";
|
42 |
$R_form_result1 = "Your password has been successfuly changed";
|
43 |
$R_form_result2 = "Error when trying to change password";
|
43 |
$R_form_result2 = "Error when trying to change password";
|
44 |
}
|
- |
|
- |
|
44 |
$R_retour = "ALCASAR home page";}
|
45 |
if($Language == 'en'){
|
45 |
if($Language == 'en'){
|
46 |
$R_title = "User password change";
|
46 |
$R_title = "User password change";
|
47 |
$R_form_l1 = "User";
|
47 |
$R_form_l1 = "User";
|
48 |
$R_form_l2 = "Old password";
|
48 |
$R_form_l2 = "Old password";
|
49 |
$R_form_l3 = "New password";
|
49 |
$R_form_l3 = "New password";
|
50 |
$R_form_l4 = "New password (confirmation)";
|
50 |
$R_form_l4 = "New password (confirmation)";
|
51 |
$R_form_button = "Modify";
|
51 |
$R_form_button = "Modify";
|
52 |
$R_form_result1 = "Your password has been successfuly changed";
|
52 |
$R_form_result1 = "Your password has been successfuly changed";
|
53 |
$R_form_result2 = "Error when trying to change password";
|
53 |
$R_form_result2 = "Error when trying to change password";
|
54 |
}
|
- |
|
- |
|
54 |
$R_retour = "ALCASAR home page";}
|
55 |
if($Language == 'fr'){
|
55 |
if($Language == 'fr'){
|
56 |
$R_title = "Changement de mot de passe utilisateur";
|
56 |
$R_title = "Changement de mot de passe utilisateur";
|
57 |
$R_form_l1 = "Utilisateur";
|
57 |
$R_form_l1 = "Utilisateur";
|
58 |
$R_form_l2 = "Ancien mot de passe";
|
58 |
$R_form_l2 = "Ancien mot de passe";
|
59 |
$R_form_l3 = "nouveau mot de passe";
|
59 |
$R_form_l3 = "nouveau mot de passe";
|
60 |
$R_form_l4 = "nouveau mot de passe (confirmation)";
|
60 |
$R_form_l4 = "nouveau mot de passe (confirmation)";
|
61 |
$R_form_button = "Modifier";
|
61 |
$R_form_button = "Modifier";
|
62 |
$R_form_result1 = "Votre mot de passe a été modifié avec succès";
|
62 |
$R_form_result1 = "Votre mot de passe a été modifié avec succès";
|
63 |
$R_form_result2 = "Erreur de changement de mot de passe";
|
63 |
$R_form_result2 = "Erreur de changement de mot de passe";
|
- |
|
64 |
$R_retour = "Retour à la page d'accueil ALCASAR";
|
64 |
}
|
65 |
}
|
65 |
echo "
|
66 |
echo "
|
66 |
<html>
|
67 |
<html>
|
67 |
<head>
|
68 |
<head>
|
68 |
<title>$R_title</title>
|
69 |
<title>$R_title</title>
|
69 |
<meta http-equiv=\"Cache-control\" content=\"no-cache\">
|
70 |
<meta http-equiv=\"Cache-control\" content=\"no-cache\">
|
70 |
<meta http-equiv=\"Pragma\" content=\"no-cache\">
|
71 |
<meta http-equiv=\"Pragma\" content=\"no-cache\">
|
71 |
<link rel=\"stylesheet\" href=\"/css/style.css\" type=\"text/css\">
|
72 |
<link rel=\"stylesheet\" href=\"../css/pass.css\" type=\"text/css\">
|
72 |
</head>
|
73 |
</head>
|
73 |
<body>
|
74 |
<body>
|
74 |
<center>
|
75 |
<div id=\"page\">
|
75 |
<table border=0 width=400 cellpadding=0 cellspacing=2>
|
76 |
<div id=\"block_pass\">
|
76 |
<tr>
|
- |
|
77 |
<td>
|
- |
|
78 |
<form name=\"master\" action=\"$current_page\" method=\"post\">
|
77 |
<form name=\"master\" action=\"$current_page\" method=\"post\">
|
79 |
<input type=hidden name=action value=checkpass>
|
78 |
<input type=hidden name=action value=checkpass>
|
80 |
<br>
|
- |
|
81 |
<table border=0 width=540 cellpadding=1 cellspacing=1>
|
79 |
<p id=\"titre_pass\">$R_title</p>
|
82 |
<tr valign=top>
|
80 |
<table id=\"champs_pass\">
|
83 |
<td width=340></td>
|
81 |
<tr>
|
84 |
<td bgcolor=\"black\" width=200>
|
82 |
<td class=\"first_item\">$R_form_l1</td>
|
85 |
<table border=0 width=100% cellpadding=2 cellspacing=0>
|
83 |
<td><input type=\"text\" name=\"login\" value=\"\" label=\"test\"></td>
|
- |
|
84 |
</tr>
|
- |
|
85 |
<tr>
|
86 |
<tr bgcolor=\"#907030\" align=right valign=top><th>
|
86 |
<td class=\"first_item\">$R_form_l2</td>
|
87 |
<font color=\"white\">$R_title</font>
|
87 |
<td><input type=\"password\" name=\"passwd\" value=\"\"></td>
|
88 |
</th></tr>
|
88 |
</tr>
|
89 |
</table>
|
- |
|
90 |
</td></tr>
|
89 |
<tr>
|
91 |
<tr bgcolor=\"black\" valign=top><td colspan=2>
|
90 |
<td class=\"first_item\">$R_form_l3</td>
|
92 |
<table border=0 width=100% cellpadding=12 cellspacing=0 bgcolor=\"#ffffd0\" valign=top>
|
91 |
<td><input type=\"password\" name=\"newpasswd\" value=\"\"></td>
|
- |
|
92 |
</tr>
|
93 |
<tr><td>
|
93 |
<tr>
|
94 |
<table border=1 bordercolordark=#ffffe0 bordercolorlight=#000000 width=100% cellpadding=2 cellspacing=0 bgcolor=\"#ffffe0\" valign=top>
|
- |
|
95 |
<tr><td align=center bgcolor=\"#d0ddb0\">$R_form_l1</td><td><input type=\"text\" name=\"login\" value=\"\"></td></tr>
|
94 |
<td class=\"first_item\">$R_form_l4</td>
|
96 |
<tr><td align=center bgcolor=\"#d0ddb0\">$R_form_l2</td><td><input type=\"password\" name=\"passwd\" value=\"\"></td></tr>
|
- |
|
97 |
<tr><td align=center bgcolor=\"#d0ddb0\">$R_form_l3</td><td><input type=\"password\" name=\"newpasswd\" value=\"\"></td></tr>
|
95 |
<td><input type=\"password\" name=\"newpasswd2\" value=\"\"></td>
|
98 |
<tr><td align=center bgcolor=\"#d0ddb0\">$R_form_l4</td><td><input type=\"password\" name=\"newpasswd2\" value=\"\"> <input type=\"submit\" class=button value=\"$R_form_button\"></td></tr>
|
- |
|
99 |
</table>
|
96 |
</tr>
|
100 |
</table>
|
97 |
</table>
|
- |
|
98 |
<span><a href=\"http://alcasar\">$R_retour</a></span>
|
- |
|
99 |
<input type=\"submit\" class=\"button\" id=\"btn_pass\" value=\"$R_form_button\">
|
- |
|
100 |
</div>
|
101 |
</table>";
|
101 |
</div>
|
- |
|
102 |
";
|
102 |
|
103 |
|
103 |
if (is_file("sql/drivers/$config[sql_type]/functions.php"))
|
104 |
if (is_file("sql/drivers/$config[sql_type]/functions.php"))
|
104 |
include_once("sql/drivers/$config[sql_type]/functions.php");
|
105 |
include_once("sql/drivers/$config[sql_type]/functions.php");
|
105 |
else{
|
106 |
else{
|
106 |
echo "<b>Could not include SQL library</b><br>\n";
|
107 |
echo "<b>Could not include SQL library</b><br>\n";
|
107 |
exit();
|
108 |
exit();
|
108 |
}
|
109 |
}
|
109 |
if (isset($action)){
|
110 |
if (isset($action)){
|
110 |
if ($action == 'checkpass'){
|
111 |
if ($action == 'checkpass'){
|
111 |
$link = @da_sql_pconnect($config);
|
112 |
$link = @da_sql_pconnect($config);
|
112 |
if ($link){
|
113 |
if ($link){
|
113 |
$res = @da_sql_query($link,$config,
|
114 |
$res = @da_sql_query($link,$config,
|
114 |
"SELECT attribute,value FROM $config[sql_check_table] WHERE username = '$login'
|
115 |
"SELECT attribute,value FROM $config[sql_check_table] WHERE username = '$login'
|
115 |
AND attribute = '$config[sql_password_attribute]';");
|
116 |
AND attribute = '$config[sql_password_attribute]';");
|
116 |
if ($res){
|
117 |
if ($res){
|
117 |
$row = @da_sql_fetch_array($res,$config);
|
118 |
$row = @da_sql_fetch_array($res,$config);
|
118 |
if (is_file("crypt/$config[general_encryption_method].php")){
|
119 |
if (is_file("crypt/$config[general_encryption_method].php")){
|
119 |
include("crypt/$config[general_encryption_method].php");
|
120 |
include("crypt/$config[general_encryption_method].php");
|
120 |
$enc_passwd = $row['value'];
|
121 |
$enc_passwd = $row['value'];
|
121 |
$passwd = da_encrypt($passwd,$enc_passwd);
|
122 |
$passwd = da_encrypt($passwd,$enc_passwd);
|
122 |
$newpasswd = da_encrypt($newpasswd,$enc_passwd);
|
123 |
$newpasswd = da_encrypt($newpasswd,$enc_passwd);
|
123 |
$newpasswd2 = da_encrypt($newpasswd2,$enc_passwd);
|
124 |
$newpasswd2 = da_encrypt($newpasswd2,$enc_passwd);
|
124 |
if (($passwd == $enc_passwd) and ($newpasswd == $newpasswd2)){
|
125 |
if (($passwd == $enc_passwd) and ($newpasswd == $newpasswd2)){
|
125 |
$msg = '<font color=blue><b>'.$R_form_result1.'</b></font>';
|
126 |
$msg = '<font color=blue><b>'.$R_form_result1.'</b></font>';
|
126 |
$res2 = @da_sql_query($link,$config,
|
127 |
$res2 = @da_sql_query($link,$config,
|
127 |
"UPDATE $config[sql_check_table] set value='$newpasswd' WHERE username = '$login'
|
128 |
"UPDATE $config[sql_check_table] set value='$newpasswd' WHERE username = '$login'
|
128 |
AND attribute = '$config[sql_password_attribute]';");}
|
129 |
AND attribute = '$config[sql_password_attribute]';");}
|
129 |
else
|
130 |
else
|
130 |
$msg = '<font color=red><b>'.$R_form_result2.'</b></font>';
|
131 |
$msg = '<font color=red><b>'.$R_form_result2.'</b></font>';
|
131 |
}
|
132 |
}
|
132 |
else
|
133 |
else
|
133 |
echo "<b>Could not open encryption library file</b><br>\n";
|
134 |
echo "<b>Could not open encryption library file</b><br>\n";
|
134 |
}
|
135 |
}
|
135 |
}
|
136 |
}
|
136 |
echo "<tr><td colspan=3 align=center>$msg</td></tr>\n";
|
137 |
echo "<span align=center>$msg</span>\n";
|
137 |
}
|
138 |
}
|
138 |
}
|
139 |
}
|
139 |
?>
|
140 |
?>
|
140 |
</body>
|
141 |
</body>
|
141 |
</html>
|
142 |
</html>
|
142 |
|
143 |
|