| Line 1... |
Line 1... |
| 1 |
<?php
|
1 |
<?php
|
| 2 |
# $Id: index.php 2612 2018-08-22 16:37:28Z tom.houdayer $
|
2 |
# $Id: index.php 2688 2019-01-18 23:15:49Z lucas.echard $
|
| 3 |
#
|
3 |
#
|
| 4 |
# index.php for ALCASAR by Rexy
|
4 |
# index.php for ALCASAR by Rexy
|
| 5 |
# UI & css style by stephane ERARD
|
5 |
# UI & css style by stephane ERARD
|
| 6 |
# The contents of this file may be used under the terms of the GNU
|
6 |
# The contents of this file may be used under the terms of the GNU
|
| 7 |
# General Public License Version 2, provided that the above copyright
|
7 |
# General Public License Version 2, provided that the above copyright
|
| Line 78... |
Line 78... |
| 78 |
'connected' => false,
|
78 |
'connected' => false,
|
| 79 |
'username' => ''
|
79 |
'username' => ''
|
| 80 |
];
|
80 |
];
|
| 81 |
}
|
81 |
}
|
| 82 |
|
82 |
|
| 83 |
// Test if it's a direct connexion to ALCASAR
|
83 |
// Test if it's a direct connection to ALCASAR
|
| 84 |
if (isset($_SERVER['HTTP_HOST']) && (($_SERVER['HTTP_HOST'] === $_SERVER['SERVER_ADDR']) || ($_SERVER['HTTP_HOST'] === 'alcasar') || ($_SERVER['HTTP_HOST'] === $hostname) || ($_SERVER['HTTP_HOST'] === $organisme))) {
|
84 |
if (isset($_SERVER['HTTP_HOST']) && (($_SERVER['HTTP_HOST'] === $_SERVER['SERVER_ADDR']) || ($_SERVER['HTTP_HOST'] === 'alcasar') || ($_SERVER['HTTP_HOST'] === $hostname) || ($_SERVER['HTTP_HOST'] === $organisme))) {
|
| 85 |
$direct_access = true;
|
85 |
$direct_access = true;
|
| 86 |
}
|
86 |
}
|
| 87 |
|
87 |
|
| 88 |
// Function to adapt time connexion in seconds to H,M,S
|
88 |
// Function to adapt time connection in seconds to H,M,S
|
| 89 |
function secondsToDuration($seconds = null){
|
89 |
function secondsToDuration($seconds = null){
|
| 90 |
if ($seconds == null) return "";
|
90 |
if ($seconds == null) return "";
|
| 91 |
$temp = $seconds % 3600;
|
91 |
$temp = $seconds % 3600;
|
| 92 |
$time[0] = ( $seconds - $temp ) / 3600 ; // hours
|
92 |
$time[0] = ( $seconds - $temp ) / 3600 ; // hours
|
| 93 |
$time[2] = $temp % 60 ; // seconds
|
93 |
$time[2] = $temp % 60 ; // seconds
|
| Line 130... |
Line 130... |
| 130 |
}
|
130 |
}
|
| 131 |
} else { // the user isn't authenticated
|
131 |
} else { // the user isn't authenticated
|
| 132 |
if (isset($_GET['url'])) { // it's the second stage (when user has clicked on the button "open a connection")
|
132 |
if (isset($_GET['url'])) { // it's the second stage (when user has clicked on the button "open a connection")
|
| 133 |
$redir = 'http://'.$_GET['url'];
|
133 |
$redir = 'http://'.$_GET['url'];
|
| 134 |
header("Location: $redir", true, 307);
|
134 |
header("Location: $redir", true, 307);
|
| 135 |
exit();
|
135 |
exit();
|
| 136 |
}
|
136 |
}
|
| 137 |
}
|
137 |
}
|
| 138 |
|
138 |
|
| 139 |
// Choice of language
|
139 |
// Choice of language
|
| 140 |
$Language = 'en';
|
140 |
$Language = 'en';
|
| Line 222... |
Line 222... |
| 222 |
$l_sms_explain = "Redirect you on auto registration page.<br><br><strong>Login:</strong> your phone number<br><strong>Password:</strong> SMS content";
|
222 |
$l_sms_explain = "Redirect you on auto registration page.<br><br><strong>Login:</strong> your phone number<br><strong>Password:</strong> SMS content";
|
| 223 |
$l_back_page = "<a href=\"javascript:history.back()\">Página anterior</a>";
|
223 |
$l_back_page = "<a href=\"javascript:history.back()\">Página anterior</a>";
|
| 224 |
$l_service_sms = "SMS service enable";
|
224 |
$l_service_sms = "SMS service enable";
|
| 225 |
$l_service_sms_n = "SMS service disable";
|
225 |
$l_service_sms_n = "SMS service disable";
|
| 226 |
$l_acc_sms = "Auto registration by SMS";
|
226 |
$l_acc_sms = "Auto registration by SMS";
|
| 227 |
$l_explain_warn = "El administrador ha creado un archivo que contiene los periódicos de inicio de sesión como parte de un proceso judicial.";
|
227 |
$l_explain_warn = "El administrador ha creado un archivo que contiene los periódicos de inicio de sesión como parte de un proceso judicial.";
|
| 228 |
if (isset($_GET['url'])) {
|
228 |
if (isset($_GET['url'])) {
|
| 229 |
$l_continue_link = "<a href=\"index.php?redirect=1&url=".urlencode($_GET['url'])."\" class=\"button\">Lo comprendo y deseo continuar mi navegación.</a>";
|
229 |
$l_continue_link = "<a href=\"index.php?redirect=1&url=".urlencode($_GET['url'])."\" class=\"button\">Lo comprendo y deseo continuar mi navegación.</a>";
|
| 230 |
} else {
|
230 |
} else {
|
| 231 |
$l_continue_link = "<a href=\"index.php\" class=\"button\">Lo comprendo y deseo continuar mi navegación.</a>";
|
231 |
$l_continue_link = "<a href=\"index.php\" class=\"button\">Lo comprendo y deseo continuar mi navegación.</a>";
|
| 232 |
}
|
232 |
}
|
| Line 358... |
Line 358... |
| 358 |
$l_required_domain = "Required WEB site";
|
358 |
$l_required_domain = "Required WEB site";
|
| 359 |
$l_explain_acc_access = "This center control the portal. You must have an administrative account.";
|
359 |
$l_explain_acc_access = "This center control the portal. You must have an administrative account.";
|
| 360 |
$l_explain_access_deny = "You try to connect to a resource whose content is deemed to contain inappropriate information.";
|
360 |
$l_explain_access_deny = "You try to connect to a resource whose content is deemed to contain inappropriate information.";
|
| 361 |
$l_explain_net_pb = "Your portal has just detected that the Internet access is down";
|
361 |
$l_explain_net_pb = "Your portal has just detected that the Internet access is down";
|
| 362 |
$l_contact_access_deny = "Contact your security system manager if you think this filtering is abusive.";
|
362 |
$l_contact_access_deny = "Contact your security system manager if you think this filtering is abusive.";
|
| 363 |
$l_contact_net_pb = "Contact your network responsive or your Internet provider for more information";
|
363 |
$l_contact_net_pb = "Contact your network responsive or your Internet provider for further information.";
|
| 364 |
$l_sms_access = "<a href=\"//$hostname/autoregistrationinfo.php\">Auto Registration by SMS</a>";
|
364 |
$l_sms_access = "<a href=\"//$hostname/autoregistrationinfo.php\">Auto Registration by SMS</a>";
|
| 365 |
$l_install_certif = "Install ALCASAR AC Certificate";
|
365 |
$l_install_certif = "Install ALCASAR AC Certificate";
|
| 366 |
$l_install_certif_more = "Install ALCASAR AC Certificate";
|
366 |
$l_install_certif_more = "Install ALCASAR AC Certificate";
|
| 367 |
$l_certif_explain = "Allow secure data exchange between your computer and ALCASAR portal.<BR>If this certificate isn't incorporated in your computer, some security alerts should appear in your browser.<br><br>";
|
367 |
$l_certif_explain = "Allow secure data exchange between your computer and ALCASAR portal.<BR>If this certificate isn't incorporated in your computer, some security alerts should appear in your browser.<br><br>";
|
| 368 |
$l_certif_explain_help = "<a href=\"alcasar-certificat.pdf\" target=\"_blank\">Complementary help</a>";
|
368 |
$l_certif_explain_help = "<a href=\"alcasar-certificat.pdf\" target=\"_blank\">Complementary help</a>";
|
| 369 |
$l_category = "category :";
|
369 |
$l_category = "category:";
|
| 370 |
if (!$user->connected) {
|
370 |
if (!$user->connected) {
|
| 371 |
$l_logout_explain = "No Internet consultation session is actualy open on your system";
|
371 |
$l_logout_explain = "No Internet consultation session is currently open on your system";
|
| 372 |
$l_logout = "<a href=\"//$hostname/index.php?url=$redirect_link\">Open an Internet session</a>";
|
372 |
$l_logout = "<a href=\"//$hostname/index.php?url=$redirect_link\">Open an Internet session</a>";
|
| 373 |
} else {
|
373 |
} else {
|
| 374 |
if ($user->username != $user->mac) { // authentication exception or not
|
374 |
if ($user->username != $user->mac) { // authentication exception or not
|
| 375 |
$l_logout_explain = "Close the session of the user currently connected.<br> User logged-on : <a href=\"$logout_link\" title=\"Disconnect user $user->username\"><b>$user->username</b></a><br><br>$nb_connection_history last connections :$connection_history";
|
375 |
$l_logout_explain = "Close the session of the currently logged-in user.<br> User logged-on: <a href=\"$logout_link\" title=\"Disconnect user $user->username\"><b>$user->username</b></a><br><br>$nb_connection_history last connections:$connection_history";
|
| 376 |
$l_logout = "<a href=\"$logout_link\">Logoff from internet</a>";
|
376 |
$l_logout = "<a href=\"$logout_link\">Logoff from the internet</a>";
|
| 377 |
} else {
|
377 |
} else {
|
| 378 |
$l_logout_explain = "Your system ($user->username) is in exception of authentication.<br><br>$nb_connection_history Last logins :$connection_history";
|
378 |
$l_logout_explain = "Your system ($user->username) is in exception of authentication.<br><br>$nb_connection_history Last logins:$connection_history";
|
| 379 |
$l_logout = "Connections information";
|
379 |
$l_logout = "Connections information";
|
| 380 |
}
|
380 |
}
|
| 381 |
}
|
381 |
}
|
| 382 |
$l_password_change = "<a href=\"https://$hostname/password.php\">Change your password</a>";
|
382 |
$l_password_change = "<a href=\"https://$hostname/password.php\">Change your password</a>";
|
| 383 |
$l_password_change_explain = "Redirect you on password change page.<br><br> You should already have an Internet access account.";
|
383 |
$l_password_change_explain = "Redirect you on password change page.<br><br> You should already have an Internet access account.";
|
| Line 392... |
Line 392... |
| 392 |
} else {
|
392 |
} else {
|
| 393 |
$l_continue_link = "<a href=\"index.php\" class=\"button\">I understand and I wish to continue.</a>";
|
393 |
$l_continue_link = "<a href=\"index.php\" class=\"button\">I understand and I wish to continue.</a>";
|
| 394 |
}
|
394 |
}
|
| 395 |
$l_title_warn="Dear user,";
|
395 |
$l_title_warn="Dear user,";
|
| 396 |
$l_explain_warn_name="Someone called ";
|
396 |
$l_explain_warn_name="Someone called ";
|
| 397 |
$l_explain_warn_ip="with this IP : ";
|
397 |
$l_explain_warn_ip="with this IP: ";
|
| 398 |
$l_explain_warn_date="has read your connexion logs at ";
|
398 |
$l_explain_warn_date="has read your connection logs at ";
|
| 399 |
$l_explain_warn_reason="For this reason : ";
|
399 |
$l_explain_warn_reason="For this reason: ";
|
| 400 |
$l_uam_domain = "Authorized websites : ";
|
400 |
$l_uam_domain = "Authorized websites: ";
|
| 401 |
}
|
401 |
}
|
| 402 |
|
402 |
|
| 403 |
$l_title = ($direct_access ? $l_access_welcome : ($network_pb ? $l_access_unavailable : $l_access_denied));
|
403 |
$l_title = ($direct_access ? $l_access_welcome : ($network_pb ? $l_access_unavailable : $l_access_denied));
|
| 404 |
$l_explain = ($direct_access ? $l_explain_acc_access : ($network_pb ? $l_explain_net_pb : $l_explain_access_deny));
|
404 |
$l_explain = ($direct_access ? $l_explain_acc_access : ($network_pb ? $l_explain_net_pb : $l_explain_access_deny));
|
| 405 |
|
405 |
|
| Line 459... |
Line 459... |
| 459 |
}
|
459 |
}
|
| 460 |
|
460 |
|
| 461 |
// Search blacklist categories
|
461 |
// Search blacklist categories
|
| 462 |
if ((!$direct_access) && (!$network_pb) && (!isset($_GET['warn']))) {
|
462 |
if ((!$direct_access) && (!$network_pb) && (!isset($_GET['warn']))) {
|
| 463 |
$pattern = str_replace('www.', '', $_SERVER['HTTP_HOST']);
|
463 |
$pattern = str_replace('www.', '', $_SERVER['HTTP_HOST']);
|
| 464 |
$output = [];
|
464 |
$categories = [];
|
| 465 |
exec('grep -Re ' . escapeshellarg('^'.$pattern.'$') . " /etc/e2guardian/lists/blacklists/*/domains | cut -d'/' -f6", $output);
|
465 |
exec('grep -Re ' . escapeshellarg('^'.$pattern.'$') . " /etc/e2guardian/lists/blacklists/*/domains | cut -d'/' -f6", $categories);
|
| 466 |
$lists = [];
|
- |
|
| 467 |
foreach ($output as $line) {
|
- |
|
| 468 |
$lists[] = $line;
|
- |
|
| 469 |
}
|
- |
|
| 470 |
|
466 |
|
| 471 |
$filteredUrlHtml = $l_required_domain.' : '.htmlspecialchars($_SERVER['HTTP_HOST']);
|
467 |
$filteredUrlHtml = $l_required_domain.' : '.htmlspecialchars($_SERVER['HTTP_HOST']);
|
| 472 |
if (!empty($lists)) {
|
468 |
if (!empty($categories)) {
|
| 473 |
$filteredUrlHtml .= "<br>$l_category ".implode(', ', $lists);
|
469 |
$filteredUrlHtml .= "<br>$l_category ".implode(', ', $categories);
|
| 474 |
}
|
470 |
}
|
| 475 |
}
|
471 |
}
|
| 476 |
|
472 |
|
| 477 |
// Cleaning the cache
|
473 |
// Cleaning the cache
|
| 478 |
header('Expires: Tue, 01 Jan 2000 00:00:00 GMT');
|
474 |
header('Expires: Tue, 01 Jan 2000 00:00:00 GMT');
|
| Line 562... |
Line 558... |
| 562 |
</div>
|
558 |
</div>
|
| 563 |
|
559 |
|
| 564 |
<div class="div-cache" id="text_certif">
|
560 |
<div class="div-cache" id="text_certif">
|
| 565 |
<h2><a href="<?= $certCa_link ?>"><?= $l_install_certif_more ?></a></h2>
|
561 |
<h2><a href="<?= $certCa_link ?>"><?= $l_install_certif_more ?></a></h2>
|
| 566 |
<p><?= "$l_certif_explain $l_certif_explain_help" ?></p>
|
562 |
<p><?= "$l_certif_explain $l_certif_explain_help" ?></p>
|
| 567 |
<img src="<?= $img_rep.$img_certificate ?>">
|
563 |
<img src="<?= $img_rep.$img_certificate ?>">
|
| 568 |
</div>
|
564 |
</div>
|
| 569 |
|
565 |
|
| 570 |
<div class="div-cache" id="text_mdp">
|
566 |
<div class="div-cache" id="text_mdp">
|
| 571 |
<h2><?= $l_password_change ?></h2>
|
567 |
<h2><?= $l_password_change ?></h2>
|
| 572 |
<p><?= $l_password_change_explain ?></p>
|
568 |
<p><?= $l_password_change_explain ?></p>
|