| Line 1... |
Line 1... |
| 1 |
<?php
|
1 |
<?php
|
| 2 |
# $Id: index.php 1992 2016-07-15 16:10:59Z richard $
|
2 |
# $Id: index.php 1993 2016-07-15 17:27:35Z richard $
|
| 3 |
#
|
3 |
#
|
| 4 |
# index.php for ALCASAR bu Rexy
|
4 |
# index.php for ALCASAR bu Rexy
|
| 5 |
# UI & css style by stephane ERARD
|
5 |
# UI & css style by stephane ERARD
|
| 6 |
# The contents of this file may be used under the terms of the GNU
|
6 |
# The contents of this file may be used under the terms of the GNU
|
| 7 |
# General Public License Version 2, provided that the above copyright
|
7 |
# General Public License Version 2, provided that the above copyright
|
| Line 55... |
Line 55... |
| 55 |
$nb_connection_history = 3;
|
55 |
$nb_connection_history = 3;
|
| 56 |
$Language = 'en';
|
56 |
$Language = 'en';
|
| 57 |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
|
57 |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
|
| 58 |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
|
58 |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
|
| 59 |
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
|
59 |
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
|
| 60 |
$redirect_link = "http://www.alcasar.net";
|
60 |
$redirect_link = "www.alcasar.net"; # beware !!! HTTP only
|
| 61 |
|
61 |
|
| 62 |
# Retrieve the user info behind the remote ip
|
62 |
# Retrieve the user info behind the remote ip
|
| 63 |
exec ("sudo /usr/sbin/chilli_query list|grep $remote_ip" , $tab);
|
63 |
exec ("sudo /usr/sbin/chilli_query list|grep $remote_ip" , $tab);
|
| 64 |
$user = explode (" ", $tab[0]);
|
64 |
$user = explode (" ", $tab[0]);
|
| 65 |
|
65 |
|
| 66 |
|
66 |
|
| 67 |
# Test if it's a direct connexion to ALCASAR
|
67 |
# Test if it's a direct connexion to ALCASAR
|
| 68 |
if ((isset($_SERVER['HTTP_HOST'])) && (($_SERVER['HTTP_HOST'] == $_SERVER['SERVER_ADDR']) || (preg_match ("/^alcasar$/", $_SERVER['HTTP_HOST'])) || (preg_match ("/^$hostname$/", $_SERVER['HTTP_HOST'])) || (preg_match ("/^$organisme$/", $_SERVER['HTTP_HOST']))))
|
68 |
if (isset($_SERVER['HTTP_HOST']))
|
| 69 |
{
|
69 |
{
|
| 70 |
echo $_SERVER['HTTP_HOST']." / ".$_SERVER['SERVER_ADDR']." / ".$hostname." / ".$organisme;
|
70 |
if (($_SERVER['HTTP_HOST'] == $_SERVER['SERVER_ADDR']) || (preg_match ("/^alcasar$/", $_SERVER['HTTP_HOST'])) || (preg_match ("/^$hostname$/", $_SERVER['HTTP_HOST'])) || (preg_match ("/^$organisme$/", $_SERVER['HTTP_HOST'])))
|
| - |
|
71 |
{
|
| 71 |
$direct_access=True;
|
72 |
$direct_access=True;
|
| 72 |
exec("sudo /usr/sbin/ipset del not_auth_yet $remote_ip"); # del user of the ipset "not_auth_yet" to not loop
|
73 |
exec("sudo /usr/sbin/ipset del not_auth_yet $remote_ip"); # del user of the ipset "not_auth_yet" to not loop
|
| - |
|
74 |
}
|
| 73 |
}
|
75 |
}
|
| 74 |
# Function to adapt time connexion in seconds to H,M,S
|
76 |
# Function to adapt time connexion in seconds to H,M,S
|
| 75 |
function secondsToDuration($seconds = null){
|
77 |
function secondsToDuration($seconds = null){
|
| 76 |
if ($seconds == null) return "";
|
78 |
if ($seconds == null) return "";
|
| 77 |
$temp = $seconds % 3600;
|
79 |
$temp = $seconds % 3600;
|
| Line 104... |
Line 106... |
| 104 |
}
|
106 |
}
|
| 105 |
}
|
107 |
}
|
| 106 |
else # user not connected
|
108 |
else # user not connected
|
| 107 |
{
|
109 |
{
|
| 108 |
exec("sudo /usr/sbin/ipset list not_auth_yet | grep $remote_ip | wc -l 2>&1", $ipset_not_auth_yet);
|
110 |
exec("sudo /usr/sbin/ipset list not_auth_yet | grep $remote_ip | wc -l 2>&1", $ipset_not_auth_yet);
|
| 109 |
if(!$direct_access && $ipset_not_auth_yet[0] == '0') # it's an interception
|
111 |
if(!$direct_access && $ipset_not_auth_yet[0] == '0') # it's the fist stage of an interception
|
| 110 |
{
|
112 |
{
|
| 111 |
$display_menu = True; # Display menu for user not_auth_yet
|
113 |
$display_menu = True; # Display menu for user not_auth_yet
|
| 112 |
$redirect_link = $_SERVER['HTTP_HOST'];
|
114 |
$redirect_link = $_SERVER['HTTP_HOST']; # to keep the user URL
|
| 113 |
}
|
115 |
}
|
| 114 |
if(isset($_GET['url'])) # When user has clicked to open a connection ...
|
116 |
if(isset($_GET['url'])) # it's the second stage (when user has clicked to open a connection ...)
|
| 115 |
{
|
117 |
{
|
| 116 |
exec("sudo /usr/sbin/ipset add not_auth_yet $remote_ip"); # Add user in the ipset "not_auth_yet" (DNS requests not intercepted)
|
118 |
exec("sudo /usr/sbin/ipset add not_auth_yet $remote_ip"); # Add user in the ipset "not_auth_yet" (DNS requests not intercepted)
|
| - |
|
119 |
if(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'off') # in HTTP, the user is redirected on it's home page (in HTiTPS, it's on the default page)
|
| - |
|
120 |
{
|
| - |
|
121 |
$redirect_link = "http://".$_GET['url'];
|
| - |
|
122 |
}
|
| - |
|
123 |
else
|
| - |
|
124 |
{
|
| 117 |
#header('Location: http://www.alcasar.net',TRUE,307);
|
125 |
$redirect_link = "http://".$redirect_link;
|
| - |
|
126 |
}
|
| 118 |
header("Location: $redirect_link");
|
127 |
header("Location: $redirect_link",TRUE,307);
|
| 119 |
exit;
|
128 |
exit;
|
| 120 |
}
|
129 |
}
|
| 121 |
if ($ipset_not_auth_yet[0] == '1'){ #if user not_auth_yet still here (index.php), we force DNS resquest.
|
130 |
if ($ipset_not_auth_yet[0] == '1'){ #if user not_auth_yet still here (index.php), we force DNS resquest.
|
| 122 |
echo "<script>window.location.reload(true)</script>"; # force DNS request
|
131 |
echo "<script>window.location.reload(true)</script>"; # force DNS request
|
| 123 |
}
|
132 |
}
|