WebSVN – ALCASAR – Diff – /web/intercept.php

 <?php
-# $Id: intercept.php 2205 2017-05-06 14:07:27Z tom.houdayer $
+# $Id: intercept.php 2238 2017-05-20 20:54:43Z tom.houdayer $
+#
 # intercept.php for ALCASAR captive portal
 # Copyright (C) 2003, 2004 Mondru AB.
 # Modify by REXY & steweb57
 # UI & css style by stephane ERARD
   # Default :	it was not a form request -> client go to login form
 /****************************************************************
 *			GLOBAL FILE PATHS			*
 *****************************************************************/
-define ("CONF_FILE", "/usr/local/etc/alcasar.conf");
+define('CONF_FILE', '/usr/local/etc/alcasar.conf');
-define ("DOMAIN_ALLOWED_LIST", "/usr/local/etc/alcasar-uamdomain");
+define('DOMAIN_ALLOWED_LIST', '/usr/local/etc/alcasar-uamdomain');
 /****************************************************************
 *			FILE reading test			*
 *****************************************************************/
-$conf_files = array(CONF_FILE,DOMAIN_ALLOWED_LIST);
+$conf_files = array(CONF_FILE, DOMAIN_ALLOWED_LIST);
 foreach ($conf_files as $file) {
 	if (!file_exists($file)) {
-		exit("Fichier ".$file." non présent");
+		exit("Fichier $file non présent");
+	}
 	if (!is_readable($file)) {
-		exit("Vous n'avez pas les droits de lecture sur le fichier ".$file);
+		exit("Vous n'avez pas les droits de lecture sur le fichier $file");
+	}
+}
 /****************************************************************
 *			Read CONF_FILE				*
 *****************************************************************/
 $file_conf = fopen(CONF_FILE, 'r');
 if (!$file_conf) {
 	exit('Error opening the file '.CONF_FILE);
+}
 while (!feof($file_conf)) {
-	$tampon = fgets($file_conf, 4096);
+	$buffer = fgets($file_conf, 4096);
-	if ((strpos($tampon, '=') !== false) && (substr($tampon, 0, 1) !== '#')) {
+	if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
-		$tmp = explode('=', $tampon);
+		$tmp = explode('=', $buffer);
 		$conf[$tmp[0]] = trim($tmp[1]);
+	}
+}
 fclose($file_conf);
-$organisme = trim($conf["ORGANISM"]);
+$organisme = $conf["ORGANISM"];
 # Shared secret used to encrypt password with coova.
 $uamsecret = "";
 # URL loaded after success authenticates (let blank for browser defaults)
 $adminurl = "";
 # Our own path
 $loginpath   = htmlspecialchars($_SERVER['PHP_SELF']);
-$alcasarpath = 'http://'.trim($conf['HOSTNAME']).'.'.trim($conf['DOMAIN']);
+$alcasarpath = 'http://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN'];
 $statuspath  = $alcasarpath.'/status.php';
 # Choice of language
 $Language = 'en';
 if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
 	$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
 	$Language = strtolower(substr(chop($Langue[0]),0,2));
+}
-if ($Language === 'es') {
+if ($Language === 'es') {		// Spanish
-	$l_ChilliError		= "La autenticación debe ser un éxito a través del servicio de portal cautivo.";
+	$l_ChilliError			= "La autenticación debe ser un éxito a través del servicio de portal cautivo.";
-	$l_login		= "El éxito de la autenticación.<HR>Cierre esta ventana interrumpte la sesion.";
+	$l_login			= "El éxito de la autenticación.<HR>Cierre esta ventana interrumpte la sesion.";
-	$l_logout		= "Conexión de cierre";
+	$l_logout			= "Conexión de cierre";
-	$l_loginfailed		= "Error de autenticación";
+	$l_loginfailed			= "Error de autenticación";
-	$l_loggingin		= "Identificación en el portal cautivo";
+	$l_loggingin			= "Identificación en el portal cautivo";
-	$l_loggedcont		= "Control de Acceso";
+	$l_loggedcont			= "Control de Acceso";
-	$l_loggedout		= "Su sesión se cierra";
+	$l_loggedout			= "Su sesión se cierra";
-	$l_user			= "Usuario";
+	$l_user				= "Usuario";
-	$l_password		= "Contraseña";
+	$l_password			= "Contraseña";
-	$l_wait			= "Por favor, espere un momento ...";
+	$l_wait				= "Por favor, espere un momento ...";
-	$l_onlinetime		= "Tiempo de conexión:";
+	$l_onlinetime			= "Tiempo de conexión:";
-	$l_remainingtime	= "Desconexión en:";
+	$l_remainingtime		= "Desconexión en:";
-	$l_encrypted		= "La apertura debe usar conexión cifrada";
+	$l_encrypted			= "La apertura debe usar conexión cifrada";
-	$l_boutonO		= "Autenticación";
+	$l_boutonO			= "Autenticación";
-	$l_boutonF		= "Cerrar";
+	$l_boutonF			= "Cerrar";
-	$l_loggedin_stringl1	= "Information System Security";
+	$l_loggedin_stringl1		= "Information System Security";
-	$l_loggedin_stringl2	= "El portal fue creado reglamentos para garantizar la trazabilidad, la rendición de cuentas y el no repudio de las conexiones.";
+	$l_loggedin_stringl2		= "El portal fue creado reglamentos para garantizar la trazabilidad, la rendición de cuentas y el no repudio de las conexiones.";
-	$l_loggedin_stringl3	= "Su actividad en la red es registrada, de conformidad con la privacidad.";
+	$l_loggedin_stringl3		= "Su actividad en la red es registrada, de conformidad con la privacidad.";
-	$l_loggedin_stringl4	= "Los datos registrados pueden ser capaces de ser operado por una autoridad judicial en el curso de una investigación.";
+	$l_loggedin_stringl4		= "Los datos registrados pueden ser capaces de ser operado por una autoridad judicial en el curso de una investigación.";
-	$l_loggedin_stringl5	= "Estos datos se eliminan automáticamente después de un año.";
+	$l_loggedin_stringl5		= "Estos datos se eliminan automáticamente después de un año.";
-	$l_loggedin_stringl6	= "Click <a href='$alcasarpath'>here</a> to change your password or to integrate the security certificate in your browser";
+	$l_loggedin_stringl6		= "Click <a href='$alcasarpath'>here</a> to change your password or to integrate the security certificate in your browser";
-	$l_loggedout_string	= "Cerrar sesión hizo portal cautivo!";
+	$l_loggedout_string		= "Cerrar sesión hizo portal cautivo!";
-	$l_reply_1		= "Your daily connexion time has been reached";
+	$l_reply_1			= "Your daily connexion time has been reached";
-	$l_reply_2		= "Your monthly connexion time has been reached";
+	$l_reply_2			= "Your monthly connexion time has been reached";
-	$l_reply_3		= "You try to connect outside of your allowed timespan";
+	$l_reply_3			= "You try to connect outside of your allowed timespan";
-	$l_reply_4		= "your account expired";
+	$l_reply_4			= "your account expired";
-	$l_reply_5		= "You have reached the maximum number of simultaneous logins";
+	$l_reply_5			= "You have reached the maximum number of simultaneous logins";
-	$l_reply_6		= "Your authorized connexion time has been reached";
+	$l_reply_6			= "Your authorized connexion time has been reached";
-	$l_online_time		= "Tiempo en linea";
+	$l_online_time			= "Tiempo en linea";
-	$l_remaining_time	= "Tiempo restante";
+	$l_remaining_time		= "Tiempo restante";
-	$l_uam_domain		= "Sitios web autorizados : ";
+	$l_uam_domain			= "Sitios web autorizados : ";
-	$l_autoregistration 	= "Registo autom&aacute;tico";
+	$l_autoregistration 		= "Registo autom&aacute;tico";
-} else if ($Language === 'pt') {
+} else if ($Language === 'pt') {	// Portuguese
-	$l_ChilliError		= "A autenticação precisa ser bem sucedida através do portal.";
+	$l_ChilliError			= "A autenticação precisa ser bem sucedida através do portal.";
-	$l_login		= "Sucesso na autenticação.<HR>Matenha esse pop-up apenas minimizado para não interromper a conexão";
+	$l_login			= "Sucesso na autenticação.<HR>Matenha esse pop-up apenas minimizado para não interromper a conexão";
-	$l_logout		= "Encerrar conexão";
+	$l_logout			= "Encerrar conexão";
-	$l_loginfailed		= "Falha na autenticação";
+	$l_loginfailed			= "Falha na autenticação";
-	$l_loggingin		= "Identificação do portal cativo";
+	$l_loggingin			= "Identificação do portal cativo";
-	$l_loggedcont		= "Controle de acesso";
+	$l_loggedcont			= "Controle de acesso";
-	$l_loggedout		= "Sua sessão foi fechada";
+	$l_loggedout			= "Sua sessão foi fechada";
-	$l_user			= "Usuário";
+	$l_user				= "Usuário";
-	$l_password		= "Senha";
+	$l_password			= "Senha";
-	$l_wait			= "Por favor, aguarde um momento ...";
+	$l_wait				= "Por favor, aguarde um momento ...";
-	$l_onlinetime		= "Tempo de conexão:";
+	$l_onlinetime			= "Tempo de conexão:";
-	$l_remainingtime	= "Desconectado em:";
+	$l_remainingtime		= "Desconectado em:";
-	$l_encrypted		= "A conexão com o portal deve ser criptografada";
+	$l_encrypted			= "A conexão com o portal deve ser criptografada";
-	$l_boutonO		= "Autenticação";
+	$l_boutonO			= "Autenticação";
-	$l_boutonF		= "Fechar";
+	$l_boutonF			= "Fechar";
-	$l_loggedin_stringl1	= "Sistema de Informação e segurança";
+	$l_loggedin_stringl1		= "Sistema de Informação e segurança";
-	$l_loggedin_stringl2	= "Este controle foi criado para garantir acesso seguro.";
+	$l_loggedin_stringl2		= "Este controle foi criado para garantir acesso seguro.";
-	$l_loggedin_stringl3	= "A autenticação será criptografada em 256 bits, impedindo captura por escâner de rede.";
+	$l_loggedin_stringl3		= "A autenticação será criptografada em 256 bits, impedindo captura por escâner de rede.";
-	$l_loggedin_stringl4	= "Sua atividade na Internet será resguardada de acordo com os regulamentos da lei.";
+	$l_loggedin_stringl4		= "Sua atividade na Internet será resguardada de acordo com os regulamentos da lei.";
-	$l_loggedin_stringl5	= "Mantenha o popup da conexão minimizado para não interromper a cessão.";
+	$l_loggedin_stringl5		= "Mantenha o popup da conexão minimizado para não interromper a cessão.";
-	$l_loggedin_stringl6	= "Clique <a href='$alcasarpath'>aqui</a> para alterar sua senha, instalar certificado ou sair do portal.";
+	$l_loggedin_stringl6		= "Clique <a href='$alcasarpath'>aqui</a> para alterar sua senha, instalar certificado ou sair do portal.";
-	$l_loggedout_string	= "desconexão do portal cativo";
+	$l_loggedout_string		= "desconexão do portal cativo";
-	$l_reply_1		= "Seu tempo de conexão diária foi finalizado";
+	$l_reply_1			= "Seu tempo de conexão diária foi finalizado";
-	$l_reply_2		= "Seu tempo de conexão mensal foi finalizado";
+	$l_reply_2			= "Seu tempo de conexão mensal foi finalizado";
-	$l_reply_3		= "Você tenta conectar-se fora do seu período de tempo permitido";
+	$l_reply_3			= "Você tenta conectar-se fora do seu período de tempo permitido";
-	$l_reply_4		= "Sua conta expirou";
+	$l_reply_4			= "Sua conta expirou";
-	$l_reply_5		= "Você atingiu o número máximo de logins simultâneos";
+	$l_reply_5			= "Você atingiu o número máximo de logins simultâneos";
-	$l_reply_6		= "Seu tempo de conexão autorizada finalizou";
+	$l_reply_6			= "Seu tempo de conexão autorizada finalizou";
-	$l_online_time		= "Tempo Online";
+	$l_online_time			= "Tempo Online";
-	$l_remaining_time	= "Tempo restante";
+	$l_remaining_time		= "Tempo restante";
-	$l_uam_domain		= "Sites autorizados : ";
+	$l_uam_domain			= "Sites autorizados : ";
-	$l_autoregistration 	= "Registo autom&aacute;tico";
+	$l_autoregistration 		= "Registo autom&aacute;tico";
-} else if ($Language === 'zh') {
+} else if ($Language === 'zh') {	// Chinese
-	$l_ChilliError		= "验证必须通过强制门户服务";
+	$l_ChilliError			= "验证必须通过强制门户服务";
-	$l_login		= "验证成功<HR>关闭此窗口中断连接";
+	$l_login			= "验证成功<HR>关闭此窗口中断连接";
-	$l_logout		= "关闭连接";
+	$l_logout			= "关闭连接";
-	$l_loginfailed		= "验证失败";
+	$l_loginfailed			= "验证失败";
-	$l_loggingin		= "强制门户身份识别";
+	$l_loggingin			= "强制门户身份识别";
-	$l_loggedcont		= "访问控制";
+	$l_loggedcont			= "访问控制";
-	$l_loggedout		= "您的连接已关闭";
+	$l_loggedout			= "您的连接已关闭";
-	$l_user			= "用户名";
+	$l_user				= "用户名";
-	$l_password		= "密码";
+	$l_password			= "密码";
-	$l_wait			= "请等待 ...";
+	$l_wait				= "请等待 ...";
-	$l_onlinetime		= "连接时间";
+	$l_onlinetime			= "连接时间";
-	$l_remainingtime	= "断开连接于";
+	$l_remainingtime		= "断开连接于";
-	$l_encrypted		= "与门户的连接必须加密";
+	$l_encrypted			= "与门户的连接必须加密";
-	$l_boutonO		= "验证";
+	$l_boutonO			= "验证";
-	$l_boutonF		= "关闭";
+	$l_boutonF			= "关闭";
-	$l_loggedin_stringl1	= "信息系统安全";
+	$l_loggedin_stringl1		= "信息系统安全";
-	$l_loggedin_stringl2	= "这种控制实施以法定保证可追溯性，可归罪性和连接的不否认性.";
+	$l_loggedin_stringl2		= "这种控制实施以法定保证可追溯性，可归罪性和连接的不否认性.";
-	$l_loggedin_stringl3	= "您的网络活动是私密登记的.";
+	$l_loggedin_stringl3		= "您的网络活动是私密登记的.";
-	$l_loggedin_stringl4	= "记录的数据能被司法机关在调查中操作使用.";
+	$l_loggedin_stringl4		= "记录的数据能被司法机关在调查中操作使用.";
-	$l_loggedin_stringl5	= "这些数据将在一年后自动删除.";
+	$l_loggedin_stringl5		= "这些数据将在一年后自动删除.";
-	$l_loggedin_stringl6	= "点击 <a href='$alcasarpath'> 这里 </a> 修改密码或安装浏览器安全证书";
+	$l_loggedin_stringl6		= "点击 <a href='$alcasarpath'> 这里 </a> 修改密码或安装浏览器安全证书";
-	$l_loggedout_string	= "强制网络门户连接已断开";
+	$l_loggedout_string		= "强制网络门户连接已断开";
-	$l_reply_1		= "您已经达到每日连接时间";
+	$l_reply_1			= "您已经达到每日连接时间";
-	$l_reply_2		= "您已经达到每月连接时间";
+	$l_reply_2			= "您已经达到每月连接时间";
-	$l_reply_3		= "您尝试在授权时间以外连接";
+	$l_reply_3			= "您尝试在授权时间以外连接";
-	$l_reply_4		= "您的账号已过期";
+	$l_reply_4			= "您的账号已过期";
-	$l_reply_5		= "您已经达到同时连接的最大数量";
+	$l_reply_5			= "您已经达到同时连接的最大数量";
-	$l_reply_6		= "已经到达您的允许连接时间";
+	$l_reply_6			= "已经到达您的允许连接时间";
-	$l_online_time		= "在线时间";
+	$l_online_time			= "在线时间";
-	$l_remaining_time	= "剩余时间";
+	$l_remaining_time		= "剩余时间";
-	$l_uam_domain		= "授权网站 : ";
+	$l_uam_domain			= "授权网站 : ";
-	$l_autoregistration	= "短信注册";
+	$l_autoregistration		= "短信注册";
-} else if($Language === 'ar') {
+} else if($Language === 'ar') {		// Arabic
-	$l_ChilliError		= "يجب نجاح المصادقة على البوابة الأسيرة";
+	$l_ChilliError			= "يجب نجاح المصادقة على البوابة الأسيرة";
-	$l_login		= "إغلاق هذه النافذة يقطع دورة عملك";
+	$l_login			= "إغلاق هذه النافذة يقطع دورة عملك";
-	$l_logout		= "إغلاق الدورة";
+	$l_logout			= "إغلاق الدورة";
-	$l_loginfailed		= "فشل المصادقة";
+	$l_loginfailed			= "فشل المصادقة";
-	$l_loggingin		= "التعريف على البوابة الأسيرة";
+	$l_loggingin			= "التعريف على البوابة الأسيرة";
-	$l_loggedcont		= "مراقبة الدخول";
+	$l_loggedcont			= "مراقبة الدخول";
-	$l_loggedout		= "دورتكَ مغلقة";
+	$l_loggedout			= "دورتكَ مغلقة";
-	$l_user			= "التعريف";
+	$l_user				= "التعريف";
-	$l_password		= "كلمة السر";
+	$l_password			= "كلمة السر";
-	$l_wait			= "...إنتظر بعض اللحظات";
+	$l_wait				= "...إنتظر بعض اللحظات";
-	$l_onlinetime		= ":مدة الإتصال";
+	$l_onlinetime			= ":مدة الإتصال";
-	$l_remainingtime	= ":انقطاع الإتصال في";
+	$l_remainingtime		= ":انقطاع الإتصال في";
-	$l_encrypted		= "يجب تشفير الإتصال بالبوابة";
+	$l_encrypted			= "يجب تشفير الإتصال بالبوابة";
-	$l_boutonO		= "مصادقة";
+	$l_boutonO			= "مصادقة";
-	$l_boutonF		= "أغلق";
+	$l_boutonF			= "أغلق";
-	$l_loggedin_stringl1	= "سلامة نظم المعلومات";
+	$l_loggedin_stringl1		= "سلامة نظم المعلومات";
-	$l_loggedin_stringl2	= "وُضعت هذه المراقبة للضمان القانوني لتتبع ومساءلة وعدم تنصل الإتصالات";
+	$l_loggedin_stringl2		= "وُضعت هذه المراقبة للضمان القانوني لتتبع ومساءلة وعدم تنصل الإتصالات";
-	$l_loggedin_stringl3	= "نشاطك على الشبكة مسجل وفقاً لاحترام الحريات الشخصية";
+	$l_loggedin_stringl3		= "نشاطك على الشبكة مسجل وفقاً لاحترام الحريات الشخصية";
-	$l_loggedin_stringl4	= "لا يمكن استغلال البيانات المسجلة إلاّ من قِبل سلطات التحقيق القضائ";
+	$l_loggedin_stringl4		= "لا يمكن استغلال البيانات المسجلة إلاّ من قِبل سلطات التحقيق القضائ";
-	$l_loggedin_stringl5	= "سيتم حدف هذه البيانات تلقائياً بعد سنة من الْيَوْمَ";
+	$l_loggedin_stringl5		= "سيتم حدف هذه البيانات تلقائياً بعد سنة من الْيَوْمَ";
-	$l_loggedin_stringl6	= "لتغيير كلمة السر أو شهادة الأمان <a href='$alcasarpath'>هنا</a> اضغط ";
+	$l_loggedin_stringl6		= "لتغيير كلمة السر أو شهادة الأمان <a href='$alcasarpath'>هنا</a> اضغط ";
-	$l_loggedout_string	= "تَمّ قطع الإتصال بالبوابة الأسيرة";
+	$l_loggedout_string		= "تَمّ قطع الإتصال بالبوابة الأسيرة";
-	$l_reply_1		= "انتهى وقتك اليومي للإتصال";
+	$l_reply_1			= "انتهى وقتك اليومي للإتصال";
-	$l_reply_2		= "انتهى وقتك الشهري للإتصال";
+	$l_reply_2			= "انتهى وقتك الشهري للإتصال";
-	$l_reply_3		= "محاولة اتصال خارج فترتك المأذونة";
+	$l_reply_3			= "محاولة اتصال خارج فترتك المأذونة";
-	$l_reply_4		= "انتهت مدة صلاحية حسابك";
+	$l_reply_4			= "انتهت مدة صلاحية حسابك";
-	$l_reply_5		= "لقد استكملت العدد الأقصى للإتصالات المتزامنة";
+	$l_reply_5			= "لقد استكملت العدد الأقصى للإتصالات المتزامنة";
-	$l_reply_6		= "استكملت مذة الإتصال المسموحة";
+	$l_reply_6			= "استكملت مذة الإتصال المسموحة";
-	$l_online_time		= "مذة الإتصال";
+	$l_online_time			= "مذة الإتصال";
-	$l_remaining_time	= "الوقت المتبق";
+	$l_remaining_time		= "الوقت المتبق";
-	$l_uam_domain		= ":المواقع المسموحة ";
+	$l_uam_domain			= ":المواقع المسموحة ";
-	$l_autoregistration	= "تسجيل ذاتي (SMS)";
+	$l_autoregistration		= "تسجيل ذاتي (SMS)";
-} else if($Language === 'de') {
+} else if($Language === 'de') {		// German
-	$l_ChilliError		= "Die Authentifizierung ist erfolgreich durch die Nutzung des Portals erfolgt.";
+	$l_ChilliError			= "Die Authentifizierung ist erfolgreich durch die Nutzung des Portals erfolgt.";
-	$l_login		= "Erfolgreiche Authentifizierung.<HR>Schlißen dieses fensters unterbricht die sitzung";
+	$l_login			= "Erfolgreiche Authentifizierung.<HR>Schlißen dieses fensters unterbricht die sitzung";
-	$l_logout		= "Beenden der Verbindung";
+	$l_logout			= "Beenden der Verbindung";
-	$l_loginfailed		= "Authentifizierungsfehler Eigenverbrauch";
+	$l_loginfailed			= "Authentifizierungsfehler Eigenverbrauch";
-	$l_loggingin		= "Kennzeichnung auf dem Eigenverbrauch";
+	$l_loggingin			= "Kennzeichnung auf dem Eigenverbrauch";
-	$l_loggedcont		= "Zutrittskontrolle";
+	$l_loggedcont			= "Zutrittskontrolle";
-	$l_loggedout		= "Ihre Sitzung ist geschlossen";
+	$l_loggedout			= "Ihre Sitzung ist geschlossen";
-	$l_user			= "Benutzer";
+	$l_user				= "Benutzer";
-	$l_password		= "Passwort";
+	$l_password			= "Passwort";
-	$l_wait			= "Bitte warten Sie einen Moment ...";
+	$l_wait				= "Bitte warten Sie einen Moment ...";
-	$l_onlinetime		= "Online-Zeit:";
+	$l_onlinetime			= "Online-Zeit:";
-	$l_remainingtime	= "Abmelden:";
+	$l_remainingtime		= "Abmelden:";
-	$l_encrypted		= "Die Öffnung muß der Anschluß Zahlen";
+	$l_encrypted			= "Die Öffnung muß der Anschluß Zahlen";
-	$l_boutonO		= "Authentifizierung";
+	$l_boutonO			= "Authentifizierung";
-	$l_boutonF		= "Schließen";
+	$l_boutonF			= "Schließen";
-	$l_loggedin_stringl1	= "Information System Security";
+	$l_loggedin_stringl1		= "Information System Security";
-	$l_loggedin_stringl2	= "Dieses Portal wurde eingerichtet, um ordnungsgemäß die Rückverfolgbarkeit, der Zurechenbarkeit und der Nicht-Anerkennung der Verbindungen.";
+	$l_loggedin_stringl2		= "Dieses Portal wurde eingerichtet, um ordnungsgemäß die Rückverfolgbarkeit, der Zurechenbarkeit und der Nicht-Anerkennung der Verbindungen.";
-	$l_loggedin_stringl3	= "Ihre Tätigkeit im Netzwerk registriert ist nach Schutz der Privatsphäre.";
+	$l_loggedin_stringl3		= "Ihre Tätigkeit im Netzwerk registriert ist nach Schutz der Privatsphäre.";
-	$l_loggedin_stringl4	= "Die gespeicherten Daten nicht pouront genutzt werden, dass von einer Justizbehörde im Rahmen einer Untersuchung.";
+	$l_loggedin_stringl4		= "Die gespeicherten Daten nicht pouront genutzt werden, dass von einer Justizbehörde im Rahmen einer Untersuchung.";
-	$l_loggedin_stringl5	= "Diese Daten werden automatisch gelöscht nach einem Jahr.";
+	$l_loggedin_stringl5		= "Diese Daten werden automatisch gelöscht nach einem Jahr.";
-	$l_loggedin_stringl6	= "Click <a href='$alcasarpath'>here</a> to change your password or to integrate the security certificate in your browser";
+	$l_loggedin_stringl6		= "Click <a href='$alcasarpath'>here</a> to change your password or to integrate the security certificate in your browser";
-	$l_loggedout_string	= "Trennung des Portals erfolgt Gefangener!";
+	$l_loggedout_string		= "Trennung des Portals erfolgt Gefangener!";
-	$l_reply_1		= "Your daily connexion time has been reached";
+	$l_reply_1			= "Your daily connexion time has been reached";
-	$l_reply_2		= "Your monthly connexion time has been reached";
+	$l_reply_2			= "Your monthly connexion time has been reached";
-	$l_reply_3		= "You try to connect outside of your allowed timespan";
+	$l_reply_3			= "You try to connect outside of your allowed timespan";
-	$l_reply_4		= "your account expired";
+	$l_reply_4			= "your account expired";
-	$l_reply_5		= "You have reached the maximum number of simultaneous logins";
+	$l_reply_5			= "You have reached the maximum number of simultaneous logins";
-	$l_reply_6		= "Your authorized connexion time has been reached";
+	$l_reply_6			= "Your authorized connexion time has been reached";
-	$l_online_time		= "Online-zeit";
+	$l_online_time			= "Online-zeit";
-	$l_remaining_time	= "Restzeit";
+	$l_remaining_time		= "Restzeit";
-	$l_uam_domain		= "Autorisierten websites : ";
+	$l_uam_domain			= "Autorisierten websites : ";
-	$l_autoregistration	= "Automatische registrierung";
+	$l_autoregistration		= "Automatische registrierung";
-} else if($Language === 'nl') {
+} else if($Language === 'nl') {		// Dutch
-	$l_ChilliError		= "De authenticatie moet een succes worden via de captive portal dienst.";
+	$l_ChilliError			= "De authenticatie moet een succes worden via de captive portal dienst.";
-	$l_login		= "Succesvolle authenticatie.<HR>Dit venster te sluiten onderbreekt uw sessie.";
+	$l_login			= "Succesvolle authenticatie.<HR>Dit venster te sluiten onderbreekt uw sessie.";
-	$l_logout		= "Slotkoers verbinding";
+	$l_logout			= "Slotkoers verbinding";
-	$l_loginfailed		= "Authenticatie mislukt";
+	$l_loginfailed			= "Authenticatie mislukt";
-	$l_loggingin		= "Identificatie van de captive-portaal";
+	$l_loggingin			= "Identificatie van de captive-portaal";
-	$l_loggedcont		= "toegangscontrole";
+	$l_loggedcont			= "toegangscontrole";
-	$l_loggedout		= "Uw sessie is gesloten";
+	$l_loggedout			= "Uw sessie is gesloten";
-	$l_user			= "Gebruiker";
+	$l_user				= "Gebruiker";
-	$l_password		= "Wachtwoord";
+	$l_password			= "Wachtwoord";
-	$l_wait			= "Wacht een moment ...";
+	$l_wait				= "Wacht een moment ...";
-	$l_onlinetime		= "Sluit tijd:";
+	$l_onlinetime			= "Sluit tijd:";
-	$l_remainingtime	= "Verbreking in:";
+	$l_remainingtime		= "Verbreking in:";
-	$l_encrypted		= "De opening moet gebruiken gecodeerde verbinding";
+	$l_encrypted			= "De opening moet gebruiken gecodeerde verbinding";
-	$l_boutonO		= "Authenticatie";
+	$l_boutonO			= "Authenticatie";
-	$l_boutonF		= "Sluiten";
+	$l_boutonF			= "Sluiten";
-	$l_loggedin_stringl1	= "Information System Security";
+	$l_loggedin_stringl1		= "Information System Security";
-	$l_loggedin_stringl2	= "Het portaal werd opgericht verordeningen om de traceerbaarheid, verantwoordelijkheid en onloochenbaarheid van de verbindingen.";
+	$l_loggedin_stringl2		= "Het portaal werd opgericht verordeningen om de traceerbaarheid, verantwoordelijkheid en onloochenbaarheid van de verbindingen.";
-	$l_loggedin_stringl3	= "Uw activiteit op het netwerk is geregistreerd in overeenstemming met de persoonlijke levenssfeer.";
+	$l_loggedin_stringl3		= "Uw activiteit op het netwerk is geregistreerd in overeenstemming met de persoonlijke levenssfeer.";
-	$l_loggedin_stringl4	= "De geregistreerde gegevens kunnen worden kunnen worden bediend door een rechterlijke instantie in de loop van een onderzoek.";
+	$l_loggedin_stringl4		= "De geregistreerde gegevens kunnen worden kunnen worden bediend door een rechterlijke instantie in de loop van een onderzoek.";
-	$l_loggedin_stringl5	= "Deze gegevens worden automatisch verwijderd na een jaar.";
+	$l_loggedin_stringl5		= "Deze gegevens worden automatisch verwijderd na een jaar.";
-	$l_loggedin_stringl6	= "Click <a href='$alcasarpath'>here</a> to change your password or to integrate the security certificate in your browser";
+	$l_loggedin_stringl6		= "Click <a href='$alcasarpath'>here</a> to change your password or to integrate the security certificate in your browser";
-	$l_loggedout_string	= "Logout gemaakt intern portaal!";
+	$l_loggedout_string		= "Logout gemaakt intern portaal!";
-	$l_reply_1 		= "Your daily connexion time has been reached";
+	$l_reply_1 			= "Your daily connexion time has been reached";
-	$l_reply_2		= "Your monthly connexion time has been reached";
+	$l_reply_2			= "Your monthly connexion time has been reached";
-	$l_reply_3		= "You try to connect outside of your allowed timespan";
+	$l_reply_3			= "You try to connect outside of your allowed timespan";
-	$l_reply_4		= "your account expired";
+	$l_reply_4			= "your account expired";
-	$l_reply_5		= "You have reached the maximum number of simultaneous logins";
+	$l_reply_5			= "You have reached the maximum number of simultaneous logins";
-	$l_reply_6		= "Your authorized connexion time has been reached";
+	$l_reply_6			= "Your authorized connexion time has been reached";
-	$l_online_time		= "Online tijd";
+	$l_online_time			= "Online tijd";
-	$l_remaining_time	= "Reterende tijd";
+	$l_remaining_time		= "Reterende tijd";
-	$l_uam_domain		= "Geautoriseerde website : ";
+	$l_uam_domain			= "Geautoriseerde website : ";
-	$l_autoregistration	= "Automatische registratie";
+	$l_autoregistration		= "Automatische registratie";
-} else if($Language === 'fr') {
+} else if($Language === 'fr') {		// French
-	$l_ChilliError		= "L'authentification doit être réussie sur le portail captif.";
+	$l_ChilliError			= "L'authentification doit être réussie sur le portail captif.";
-	$l_login		= "Authentification réussie.<HR>La fermeture de cette fenêtre interrompt votre session.";
+	$l_login			= "Authentification réussie.<HR>La fermeture de cette fenêtre interrompt votre session.";
-	$l_logout		= "Fermeture de la session";
+	$l_logout			= "Fermeture de la session";
-	$l_loginfailed		= "Echec d'authentification";
+	$l_loginfailed			= "Echec d'authentification";
-	$l_loggingin		= "Identification sur le portail captif";
+	$l_loggingin			= "Identification sur le portail captif";
-	$l_loggedcont		= "Contrôle d'accès";
+	$l_loggedcont			= "Contrôle d'accès";
-	$l_loggedout		= "Votre session est fermée";
+	$l_loggedout			= "Votre session est fermée";
-	$l_user			= "Identifiant";
+	$l_user				= "Identifiant";
-	$l_password		= "Mot de passe";
+	$l_password			= "Mot de passe";
-	$l_wait			= "Patientez un instant ...";
+	$l_wait				= "Patientez un instant ...";
-	$l_onlinetime		= "Temps de connexion:";
+	$l_onlinetime			= "Temps de connexion:";
-	$l_remainingtime	= "Deconnexion dans :";
+	$l_remainingtime		= "Deconnexion dans :";
-	$l_encrypted		= "La connexion avec le portail doit être chiffrée";
+	$l_encrypted			= "La connexion avec le portail doit être chiffrée";
-	$l_boutonO		= "Authentification";
+	$l_boutonO			= "Authentification";
-	$l_boutonF		= "Fermer";
+	$l_boutonF			= "Fermer";
-	$l_loggedin_stringl1	= "Sécurité des Systèmes d'Information";
+	$l_loggedin_stringl1		= "Sécurité des Systèmes d'Information";
-	$l_loggedin_stringl2	= "Ce contrôle a été mis en place pour assurer réglementairement la traçabilité, l'imputabilité et la non-répudiation des connexions.";
+	$l_loggedin_stringl2		= "Ce contrôle a été mis en place pour assurer réglementairement la traçabilité, l'imputabilité et la non-répudiation des connexions.";
-	$l_loggedin_stringl3	= "Votre activité sur le réseau est enregistrée conformément au respect de la vie privée.";
+	$l_loggedin_stringl3		= "Votre activité sur le réseau est enregistrée conformément au respect de la vie privée.";
-	$l_loggedin_stringl4	= "Les données enregistrées ne pourront être exploitées que par une autorité judiciaire dans le cadre d'une enquête.";
+	$l_loggedin_stringl4		= "Les données enregistrées ne pourront être exploitées que par une autorité judiciaire dans le cadre d'une enquête.";
-	$l_loggedin_stringl5	= "Ces données seront automatiquement supprimées au bout d'un an.";
+	$l_loggedin_stringl5		= "Ces données seront automatiquement supprimées au bout d'un an.";
-	$l_loggedin_stringl6	= "Cliquez <a href='$alcasarpath'>ici</a> pour changer votre mot de passe ou pour intégrer le certificat de sécurité à votre navigateur";
+	$l_loggedin_stringl6		= "Cliquez <a href='$alcasarpath'>ici</a> pour changer votre mot de passe ou pour intégrer le certificat de sécurité à votre navigateur";
-	$l_loggedout_string	= "Déconnexion du portail captif effectuée !";
+	$l_loggedout_string		= "Déconnexion du portail captif effectuée !";
-	$l_reply_1		= "Votre durée de connexion journalière a été atteinte";
+	$l_reply_1			= "Votre durée de connexion journalière a été atteinte";
-	$l_reply_2		= "Votre durée de connexion mensuelle a été atteinte";
+	$l_reply_2			= "Votre durée de connexion mensuelle a été atteinte";
-	$l_reply_3		= "Vous tentez de vous connecter en dehors de votre période autorisée";
+	$l_reply_3			= "Vous tentez de vous connecter en dehors de votre période autorisée";
-	$l_reply_4		= "Votre compte a expiré";
+	$l_reply_4			= "Votre compte a expiré";
-	$l_reply_5		= "Vous avez atteint le nombre maximum de connexions simultanées";
+	$l_reply_5			= "Vous avez atteint le nombre maximum de connexions simultanées";
-	$l_reply_6		= "Votre durée de connexion autorisée a été atteinte";
+	$l_reply_6			= "Votre durée de connexion autorisée a été atteinte";
-	$l_online_time		= "Temps de connexion";
+	$l_online_time			= "Temps de connexion";
-	$l_remaining_time	= "Temps restant";
+	$l_remaining_time		= "Temps restant";
-	$l_uam_domain		= "Sites autorisés : ";
+	$l_uam_domain			= "Sites autorisés : ";
-	$l_autoregistration	= "Auto enregistrement (sms)";
+	$l_autoregistration		= "Auto enregistrement (sms)";
-} else {
+} else {				// English
-	$l_ChilliError		= "The authentication must be successful through the captive portal service.";
+	$l_ChilliError			= "The authentication must be successful through the captive portal service.";
-	$l_login		= "Successful authentication.<HR>Closing this window interrupts your session";
+	$l_login			= "Successful authentication.<HR>Closing this window interrupts your session";
-	$l_logout		= "Closing connection";
+	$l_logout			= "Closing connection";
-	$l_loginfailed		= "Authentication Failed";
+	$l_loginfailed			= "Authentication Failed";
-	$l_loggingin		= "Identification on the captive portal";
+	$l_loggingin			= "Identification on the captive portal";
-	$l_loggedcont		= "Access Control";
+	$l_loggedcont			= "Access Control";
-	$l_loggedout		= "Your session is closed";
+	$l_loggedout			= "Your session is closed";
-	$l_user			= "User";
+	$l_user				= "User";
-	$l_password		= "Password";
+	$l_password			= "Password";
-	$l_wait			= "Please wait a moment ...";
+	$l_wait				= "Please wait a moment ...";
-	$l_onlinetime		= "Connect time:";
+	$l_onlinetime			= "Connect time:";
-	$l_remainingtime	= "Disconnection in:";
+	$l_remainingtime		= "Disconnection in:";
-	$l_encrypted		= "The connection with the portal must be encrypted";
+	$l_encrypted			= "The connection with the portal must be encrypted";
-	$l_boutonO		= "Authentication";
+	$l_boutonO			= "Authentication";
-	$l_boutonF		= "Close";
+	$l_boutonF			= "Close";
-	$l_loggedin_stringl1	= "Information System Security";
+	$l_loggedin_stringl1		= "Information System Security";
-	$l_loggedin_stringl2	= "That control was set up regulations to ensure traceability, accountability and non-repudiation of connections.";
+	$l_loggedin_stringl2		= "That control was set up regulations to ensure traceability, accountability and non-repudiation of connections.";
-	$l_loggedin_stringl3	= "Your activity on the network is registered in accordance with privacy.";
+	$l_loggedin_stringl3		= "Your activity on the network is registered in accordance with privacy.";
-	$l_loggedin_stringl4	= "The recorded data can be able to be operated by a judicial authority in the course of an investigation.";
+	$l_loggedin_stringl4		= "The recorded data can be able to be operated by a judicial authority in the course of an investigation.";
-	$l_loggedin_stringl5	= "These data will be automatically deleted after one year.";
+	$l_loggedin_stringl5		= "These data will be automatically deleted after one year.";
-	$l_loggedin_stringl6	= "Click <a href='$alcasarpath'>here</a> to change your password or to integrate the security certificate in your browser";
+	$l_loggedin_stringl6		= "Click <a href='$alcasarpath'>here</a> to change your password or to integrate the security certificate in your browser";
-	$l_loggedout_string	= "Disconnection of the captive portal made";
+	$l_loggedout_string		= "Disconnection of the captive portal made";
-	$l_reply_1		= "Your daily connexion time has been reached";
+	$l_reply_1			= "Your daily connexion time has been reached";
-	$l_reply_2		= "Your monthly connexion time has been reached";
+	$l_reply_2			= "Your monthly connexion time has been reached";
-	$l_reply_3		= "You try to connect outside of your allowed timespan";
+	$l_reply_3			= "You try to connect outside of your allowed timespan";
-	$l_reply_4		= "your account expired";
+	$l_reply_4			= "your account expired";
-	$l_reply_5		= "You have reached the maximum number of simultaneous logins";
+	$l_reply_5			= "You have reached the maximum number of simultaneous logins";
-	$l_reply_6		= "Your authorized connexion time has been reached";
+	$l_reply_6			= "Your authorized connexion time has been reached";
-	$l_online_time		= "Online time";
+	$l_online_time			= "Online time";
-	$l_remaining_time	= "Remaining time";
+	$l_remaining_time		= "Remaining time";
-	$l_uam_domain		= "Authorized websites : ";
+	$l_uam_domain			= "Authorized websites : ";
-	$l_autoregistration	= "Auto registration (sms)";
+	$l_autoregistration		= "Auto registration (sms)";
+}
 # If https not use, tell it's wrong
 if ((!isset($_SERVER['HTTPS'])) || (empty($_SERVER['HTTPS'])) || ($_SERVER['HTTPS'] === 'off')) {
+	// Cleaning the cache
+	header('Expires: Tue, 01 Jan 2000 00:00:00 GMT');
+	header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
+	header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
+	header('Cache-Control: post-check=0, pre-check=0', false);
+	header('Pragma: no-cache');
 	?>
-	<!doctype html>
+	<!DOCTYPE html>
 	<html>
 	<head>
 		<meta charset="utf-8">
 		<title><?= $l_loggedcont ?></title>
-		<meta http-equiv="Cache-control" content="no-cache">
-		<meta http-equiv="Pragma" content="no-cache">
 	</head>
 	<body style="background-color: white;">
 		<h1 style="text-align: center;"><?= $l_loginfailed ?></h1>
 		<center><?= $l_encrypted ?></center>
 	</body>
 	//thanks to http://www.stochasticgeometry.ie/2009/09/09/maximum-password-length-in-coova-chilli/
 	$hexchal = pack('H*', $challenge);
 	$newchal = pack('H*', md5($hexchal . $uamsecret));
 	// If challenge isn't long enough, repeat it until it is
-	while (strlen($newchal) < strlen($password)){
+	while (strlen($newchal) < strlen($password)) {
 		$newchal .= $newchal;
+	}
 	$newpwd   = pack('a*', $password);
 	// Encode plain text password with challenge
 	$pappassword = implode('', unpack('H*', ($newpwd ^ $newchal)));
+	// Cleaning the cache
+	header('Expires: Tue, 01 Jan 2000 00:00:00 GMT');
+	header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
+	header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
+	header('Cache-Control: post-check=0, pre-check=0', false);
+	header('Pragma: no-cache');
+	header('Location: http://$uamip:$uamport/logon?username=$username&password=$pappassword&userurl=$userurl');
 	?>
-	<!doctype html>
+	<!DOCTYPE html>
 	<html>
 	<head>
 		<meta charset="utf-8">
 		<title><?= $l_loggingin ?></title>
-		<meta http-equiv="Cache-control" content="no-cache">
-		<meta http-equiv="Pragma" content="no-cache">
 		<meta http-equiv="refresh" content="0;url=<?= "http://$uamip:$uamport/logon?username=$username&password=$pappassword&userurl=$userurl" ?>">
 	</head>
 	<body style="background-color: white;">
 		<h1 style="text-align: center;"><?= $l_loggingin ?></h1>
 		<center><?= $l_wait ?></center>
 				$filter_id = $row['value']; // on obtient le Filter-Id de l'utilisateur
 				if($filter_id[3] === '1') {
 					//set the fourth bit of filter-id to '0'
 					$sql = "set @CurrentFilter=(SELECT value from radreply where username='$user_uid');set @CurrentFilterLeft=(SELECT LEFT(@CurrentFilter,3));set @CurrentFilterRight=(SELECT RIGHT(@CurrentFilter,4));UPDATE radreply SET value = CONCAT((@CurrentFilterLeft),'0', (@CurrentFilterRight)) WHERE username='$user_uid'";
 					$res = mysqli_multi_query($link,$sql);
-					header('Location: https://'.trim($conf['HOSTNAME']).'.'.trim($conf['DOMAIN']).'/index.php?warn=1&url='.urlencode($_GET['userurl']));   //we present to user information about imputability logs
+					header('Location: https://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN'].'/index.php?warn=1&url='.urlencode($_GET['userurl']));   //we present to user information about imputability logs
 					exit();
+				}
+			}
+		}
+	}
 // Otherwise it was not a form request
 // Send out an error message
 if ($result === 0) {	//erreur
+	// Cleaning the cache
+	header('Expires: Tue, 01 Jan 2000 00:00:00 GMT');
+	header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
+	header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
+	header('Cache-Control: post-check=0, pre-check=0', false);
+	header('Pragma: no-cache');
+	header('Location: http://$uamip:$uamport/prelogin');
 	?>
-	<!doctype html>
+	<!DOCTYPE html>
 	<html>
 	<head>
 		<meta charset="utf-8">
 		<title><?= $l_loggingin ?></title>
-		<meta http-equiv="Cache-control" content="no-cache">
-		<meta http-equiv="Pragma" content="no-cache">
 		<meta http-equiv="refresh" content="0;url=<?= "http://$uamip:$uamport/prelogin" ?>">
 	</head>
 	<body style="background-color: white;">
 		<h1 style="text-align: center;"><?= $l_loggingin ?></h1>
 		<center><?= $l_wait ?></center>
 	</body>
 	</html>
 	<?php
 	exit();
+}
+// Cleaning the cache
+header('Expires: Tue, 01 Jan 2000 00:00:00 GMT');
+header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
+header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
+header('Cache-Control: post-check=0, pre-check=0', false);
+header('Pragma: no-cache');
 ?>
-<!doctype html>
+<!DOCTYPE html>
 <html>
 <head>
 	<meta charset="utf-8">
 	<title><?= $l_loggingin ?></title>
-	<meta http-equiv="Cache-control" content="no-cache">
-	<meta http-equiv="Pragma" content="no-cache">
 	<script type="text/javascript">
 	function doOnLoad(result, userurl, redirurl, adminurl, timeleft) {
 		if ((result === 1) || (result === 4)) {	//success or already
 			var url;
 			if (adminurl !== '') {
 		$tab = file(DOMAIN_ALLOWED_LIST);
 		if ($tab) { // the file isn't empty
 			echo '<div id="authorized_domain">'.$l_uam_domain;
 			foreach ($tab as $line) {
 				if (trim($line) !== '') { // the line isn't empty
-					$domain_allowed = explode("#", $line);
+					$domain_allowed = explode('#', $line);
 					if (trim($domain_allowed[1]) !== '') {
 						$domain = explode('"', $domain_allowed[0]);
 						// remove every '.' from the beginning of domain
 						$domain[1] = ltrim($domain[1], '.');
 						echo '<a href="http://'.trim($domain[1]).'">'.trim($domain_allowed[1]).'</a>  ';

Subversion Repositories ALCASAR

(root)/web/intercept.php – Rev 2205 → 2238