WebSVN – ALCASAR – Diff – /web/index.php

 <?php
-# $Id: index.php 1999 2016-07-19 08:14:38Z richard $
+# $Id: index.php 2010 2016-07-26 14:08:50Z raphael.pion $
+#
 # index.php for ALCASAR bu Rexy
 # UI & css style by stephane ERARD
 # The contents of this file may be used under the terms of the GNU
 # General Public License Version 2, provided that the above copyright
 	$time[2] = $temp % 60 ;				// seconds
 	$time[1] = ( $temp - $time[2] ) / 60;		// minutes
 	return $time[0]." h ".$time[1]." m ".$time[2]." s";
+}
+//if user need to be warn
+if(isset($_GET['warn']) && isset($_GET['url']))
+{
+	$direct_access = False;
+}
 # If the user is connected : retrieve the 3 last connexions
 if ((isset ($user[4])) && ($user[4] != "0")){
+	if(isset($_GET['redirect'])) # if user has been warned, we redirect him to his website
+	{
+		$redir = "http://".$_GET['url'];
+		header("Location: $_GET[url]",TRUE,307);
+		exit;
+	}
 	if ((is_file("./acc/manager/lib/sql/drivers/mysql/functions.php"))&&(is_file("/etc/freeradius-web/config.php"))){
 		include_once("/etc/freeradius-web/config.php");
 		include_once("./acc/manager/lib/sql/drivers/mysql/functions.php");
 		$sql = "SELECT UserName, AcctStartTime, AcctStopTime, acctsessiontime FROM radacct WHERE UserName='$user[5]' ORDER BY AcctStartTime DESC LIMIT 0 , $nb_connection_history";
 		$link = @da_sql_pconnect($config); // on affiche pas les erreurs
 		if ($link){
 			$res = @da_sql_query($link,$config,$sql); // on affiche pas les erreurs
 		exit;
+	}
 	if ($ipset_not_auth_yet[0] == '1'){ #if user not_auth_yet still here (index.php), we force DNS resquest.
 		 echo "<script>window.location.reload(true)</script>"; # force DNS request
+	}
+}
 # Choice of language
 if($Language == 'fr'){
   $l_access_denied = "Contrôle d'accès";
   $l_access_welcome = "Bienvenue sur ALCASAR";
   $l_sms_explain = "Vous redirige vers une la page explicative de l'auto enregistrement par SMS.<br><br><strong>Identifiant:</strong> votre numéro de téléphone<br><strong>Mot de passe:</strong> votre message";
   $l_back_page = "<a href=\"javascript:history.back()\">Page pr&eacute;c&eacute;dente</a>";
   $l_service_sms = "Service SMS actif";
   $l_service_sms_n = "Service SMS non actif";
   $l_acc_sms = "Auto enregistrement par SMS";
+  $l_explain_warn = "L'administrateur a créé une archive contenant vos journaux de connexion dans le cadre d'une affaire judiciaire.";
+  $l_continue_link = "<a href='index.php?redirect=1&url=$_GET[url]' class='button'>Je comprends et je souhaite continuer ma navigation.</a>";
+  $l_title_warn="Cher utilisateur, ";
+  $l_explain_warn_name="Une personne sous le nom de ";
+  $l_explain_warn_ip="sous cette IP : ";
+  $l_explain_warn_date="a consulté vos journaux de connexion le ";
+  $l_explain_warn_reason="en émettant la raison suivante : ";
+}
 else if($Language == 'pt'){
   $l_access_denied = "Controle de acesso";
   $l_access_welcome = "Bem-vindo ao Alcasar";
   $l_access_unavailable = "ACESSO INDISPONÍVEL";
   $l_sms_explain = "Redirect you on auto registration page.<br><br><strong>Login:</strong> your phone number<br><strong>Password:</strong> SMS content";
   $l_back_page = "<a href=\"javascript:history.back()\">Página anterior</a>";
   $l_service_sms = "SMS service enable";
   $l_service_sms_n = "SMS service disable";
   $l_acc_sms = "Auto registration by SMS";
+  $l_explain_warn = "El administrador ha creado un archivo que contiene los periódicos de inicio de sesión como parte de un proceso judicial.";
+  $l_continue_link = "<a href='index.php?redirect=1&url=$_GET[url]' class='button'>Lo comprendo y deseo continuar mi navegación.</a>";
+  $l_title_warn="Estimado usuario,";
+  $l_explain_warn_name="El usario ";
+  $l_explain_warn_ip="con este IP : ";
+  $l_explain_warn_date="consultó a sus registros de conexión el ";
+  $l_explain_warn_reason="con la siguiente razón : ";
+}
 else {
   $l_access_denied = "Access control";
   $l_access_welcome = "Welcome on ALCASAR";
   $l_access_unavailable = "ACCESS UNAVAILABLE";
   $l_sms_explain = "Redirect you on auto registration page.<br><br><strong>Login:</strong> your phone number<br><strong>Password:</strong> SMS content";
   $l_back_page = "<a href=\"javascript:history.back()\">Previous page</a>";
   $l_service_sms = "SMS service enable";
   $l_service_sms_n = "SMS service disable";
   $l_acc_sms = "Auto registration by SMS";
+  $l_explain_warn = "The administrator created an archive which contains your imputabilities logs for a judicial investigation.";
+  $l_continue_link = "<a href='index.php?redirect=1&url=$_GET[url]' class='button'>I understand and I wish to continue.</a>";
+  $l_title_warn="Dear user,";
+  $l_explain_warn_name="Someone called ";
+  $l_explain_warn_ip="with this IP : ";
+  $l_explain_warn_date="has read your connexion logs at ";
+  $l_explain_warn_reason="because : ";
+}
 $l_title = ($direct_access ? $l_access_welcome : ($network_pb ? $l_access_unavailable : $l_access_denied));
 $l_explain = ($direct_access ? $l_explain_acc_access : ($network_pb ? $l_explain_net_pb : $l_explain_access_deny));
 	if ($network_pb) {
 		echo "	<span>$l_explain_net_pb</span>";
+		}
+	}
 	else {
+		#if user need to be warn about that someone who read his logs
+		if(isset($_GET['warn']) && isset($_GET['url']) && $_GET['warn'] == '1')
+		{
+		echo"
+			<div id=\"cadre_titre\" class=\"titre_refus\">
+			<p id=\"acces_controle\" class=\"titre_refus\">$l_title_warn</p>";
+		}
+		else
+		{
 		echo"
 			<div id=\"cadre_titre\" class=\"titre_refus\">
-				<p id=\"acces_controle\" class=\"titre_refus\">$l_title</p>";
+			<p id=\"acces_controle\" class=\"titre_refus\">$l_title</p>";
+		}
+	}
 ?>
 			<div id="boite_logo">
 				<img src="<?php echo "$img_rep$img_organisme"; ?>">
 			</div>
 			$sms_div_over
 			<div id=\"box_info\">
 			</div>";
+	}
 else {
+	#if user need to be warn about that someone who read his logs
+	if(isset($_GET['warn']) && isset($_GET['url']) && $_GET['warn'] == '1')
+	{
+	$filename="/var/www/html/acc/backup/log_info.txt";
+	$l_explain_warn="";
+	if(file_exists($filename)){
+		$fichier = fopen($filename, "r");
+		$content = file($filename);
+        	foreach($content as $line){
+			$infos=explode("|||", $line);
+			$log_date=$infos[0];
+			$log_user=$infos[1];
+			$log_reason=$infos[2];
+			$log_ip=$infos[3];
+		}
+		$l_explain_warn="$l_explain_warn_name$log_user ( $l_explain_warn_ip$log_ip ) $l_explain_warn_date$log_date $l_explain_warn_reason$log_reason";
+	}
+	else
+	{
+		echo "Log error!";
+	}
+	echo "
+		<div id=\"box_refuse\">
+			<img src=\"$img_rep$img_warning\">
+			<p>$l_explain_warn</p>
+		</div>
+		<div id=\"liens_redir\">
+			<p>$l_continue_link</p>
+		</div>";
+	}
+	else
+	{
 		echo "
 			<div id=\"box_refuse\">
 				<img src=\"$img_rep$img_false\">
 				<p>$l_explain</p>
 			</div>
 			<div id=\"liens_redir\">
 				<p>$l_back_page</p>
 			</div>";
-		}
+	}
+}
 	if (($network_pb)&&(! $direct_access)) {
 	echo "	<span>Diagnostic : $diagnostic</span>";
+	}
 ?>
 		</div>

Subversion Repositories ALCASAR

(root)/web/index.php – Rev 1999 → 2010