| Line 1... |
Line 1... |
| 1 |
<?php
|
1 |
<?php
|
| 2 |
# $Id: intercept.php 1948 2016-06-16 09:04:30Z raphael.pion $
|
2 |
# $Id: intercept.php 2010 2016-07-26 14:08:50Z raphael.pion $
|
| 3 |
#
|
3 |
#
|
| 4 |
# intercept.php for ALCASAR captive portal
|
4 |
# intercept.php for ALCASAR captive portal
|
| 5 |
# Copyright (C) 2003, 2004 Mondru AB.
|
5 |
# Copyright (C) 2003, 2004 Mondru AB.
|
| 6 |
# Modify by REXY & steweb57
|
6 |
# Modify by REXY & steweb57
|
| 7 |
# UI & css style by stephane ERARD
|
7 |
# UI & css style by stephane ERARD
|
| Line 372... |
Line 372... |
| 372 |
case 'already': $result = 4; break; // If tried to login while already logged in
|
372 |
case 'already': $result = 4; break; // If tried to login while already logged in
|
| 373 |
case 'notyet': $result = 5; break; // If not logged in yet
|
373 |
case 'notyet': $result = 5; break; // If not logged in yet
|
| 374 |
default: $result = 0; // Default: It was not a form request -> client go to login form
|
374 |
default: $result = 0; // Default: It was not a form request -> client go to login form
|
| 375 |
}
|
375 |
}
|
| 376 |
|
376 |
|
| - |
|
377 |
//check if we need to warn user about the imputability logs.
|
| - |
|
378 |
if($result == 1)
|
| - |
|
379 |
{
|
| - |
|
380 |
if ((is_file("./acc/manager/lib/sql/drivers/mysql/functions.php"))&&(is_file("/etc/freeradius-web/config.php"))){
|
| - |
|
381 |
include_once("/etc/freeradius-web/config.php");
|
| - |
|
382 |
include_once("./acc/manager/lib/sql/drivers/mysql/functions.php");
|
| - |
|
383 |
$user_url=$_GET['userurl'];
|
| - |
|
384 |
$user_uid=$_GET['uid'];
|
| - |
|
385 |
$sql = "SELECT attribute, value FROM radreply WHERE username='$user_uid'";
|
| - |
|
386 |
$link = @da_sql_pconnect($config); // on affiche pas les erreurs
|
| - |
|
387 |
if ($link){
|
| - |
|
388 |
$res = @da_sql_query($link,$config,$sql); // on affiche pas les erreurs
|
| - |
|
389 |
if ($res){
|
| - |
|
390 |
while(($row = @da_sql_fetch_array($res,$config))){
|
| - |
|
391 |
if ($row['attribute'] == "Filter-Id") $filter_id = $row['value']; // on obtient le Filter-Id de l'utilisateur
|
| - |
|
392 |
}
|
| - |
|
393 |
if($filter_id[3] == '1')
|
| - |
|
394 |
{
|
| - |
|
395 |
#set the fourth bit of filter-id to '0'
|
| - |
|
396 |
$sql = "set @CurrentFilter=(SELECT value from radreply where username='$user_uid');set @CurrentFilterLeft=(SELECT LEFT(@CurrentFilter,3));set @CurrentFilterRight=(SELECT RIGHT(@CurrentFilter,4));UPDATE radreply SET value = CONCAT((@CurrentFilterLeft),'0', (@CurrentFilterRight)) WHERE username='$user_uid'";
|
| - |
|
397 |
$res = mysqli_multi_query($link,$sql);
|
| - |
|
398 |
header("Location: http://alcasar/index.php?warn=1&url=$user_url"); //we present to user information about imputability logs
|
| - |
|
399 |
exit;
|
| - |
|
400 |
}
|
| - |
|
401 |
}
|
| - |
|
402 |
}
|
| - |
|
403 |
}
|
| - |
|
404 |
|
| - |
|
405 |
}
|
| - |
|
406 |
|
| - |
|
407 |
|
| 377 |
# Otherwise it was not a form request
|
408 |
# Otherwise it was not a form request
|
| 378 |
# Send out an error message
|
409 |
# Send out an error message
|
| 379 |
if ($result == 0) { //erreur
|
410 |
if ($result == 0) { //erreur
|
| 380 |
echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
|
411 |
echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
|
| 381 |
<html>
|
412 |
<html>
|