WebSVN – ALCASAR – Diff – /web/intercept.php



<?php
# $Id: intercept.php 2370 2017-08-09 23:20:58Z tom.houdayer $
#
# intercept.php for ALCASAR captive portal
# Copyright (C) 2003, 2004 Mondru AB.
# Modify by REXY & steweb57
# UI & css style by stephane ERARD

}
while (!feof($file_conf)) {
	$buffer = fgets($file_conf, 4096);
	if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
		$tmp = explode('=', $buffer);
		$conf[trim($tmp[0])] = trim($tmp[1]);
	}
}
fclose($file_conf);
 
$organisme = $conf["ORGANISM"];

// Check if the SMS service is enable
$service_SMS_status = false;
 
// Our own path
$loginpath   = htmlspecialchars($_SERVER['PHP_SELF']);
$alcasarpath = (($conf['HTTPS_LOGIN'] === 'on') ? 'https' : 'http' ).'://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN'];
$statuspath  = $alcasarpath.'/status.php';
 
// Choice of language
$Language = 'en';
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
	$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
	$Language = strtolower(substr(chop($Langue[0]), 0, 2));
}
if ($Language === 'es') {		// Spanish
	$l_ChilliError			= "La autenticación debe ser un éxito a través del servicio de portal cautivo.";
	$l_login			= "El éxito de la autenticación.<HR>Cierre esta ventana interrumpte la sesion.";
	$l_logout			= "Conexión de cierre";

	$l_loggedin_stringl1		= "Information System Security";
	$l_loggedin_stringl2		= "El portal fue creado reglamentos para garantizar la trazabilidad, la rendición de cuentas y el no repudio de las conexiones.";
	$l_loggedin_stringl3		= "Su actividad en la red es registrada, de conformidad con la privacidad.";
	$l_loggedin_stringl4		= "Los datos registrados pueden ser capaces de ser operado por una autoridad judicial en el curso de una investigación.";
	$l_loggedin_stringl5		= "Estos datos se eliminan automáticamente después de un año.";
	$l_loggedin_stringl6		= "Click <a href=\"$alcasarpath\">here</a> to change your password or to integrate the security certificate in your browser";
	$l_loggedout_string		= "Cerrar sesión hizo portal cautivo!";
	$l_reply_1			= "Your daily connexion time has been reached";
	$l_reply_2			= "Your monthly connexion time has been reached";
	$l_reply_3			= "You try to connect outside of your allowed timespan";
	$l_reply_4			= "your account expired";

	$l_loggedin_stringl1		= "Sistema de Informação e segurança";
	$l_loggedin_stringl2		= "Este controle foi criado para garantir acesso seguro.";
	$l_loggedin_stringl3		= "A autenticação será criptografada em 256 bits, impedindo captura por escâner de rede.";
	$l_loggedin_stringl4		= "Sua atividade na Internet será resguardada de acordo com os regulamentos da lei.";
	$l_loggedin_stringl5		= "Mantenha o popup da conexão minimizado para não interromper a cessão.";
	$l_loggedin_stringl6		= "Clique <a href=\"$alcasarpath\">aqui</a> para alterar sua senha, instalar certificado ou sair do portal.";
	$l_loggedout_string		= "desconexão do portal cativo";
	$l_reply_1			= "Seu tempo de conexão diária foi finalizado";
	$l_reply_2			= "Seu tempo de conexão mensal foi finalizado";
	$l_reply_3			= "Você tenta conectar-se fora do seu período de tempo permitido";
	$l_reply_4			= "Sua conta expirou";

	$l_loggedin_stringl1		= "信息系统安全";
	$l_loggedin_stringl2		= "这种控制实施以法定保证可追溯性，可归罪性和连接的不否认性.";
	$l_loggedin_stringl3		= "您的网络活动是私密登记的.";
	$l_loggedin_stringl4		= "记录的数据能被司法机关在调查中操作使用.";
	$l_loggedin_stringl5		= "这些数据将在一年后自动删除.";
	$l_loggedin_stringl6		= "点击 <a href=\"$alcasarpath\"> 这里 </a> 修改密码或安装浏览器安全证书";
	$l_loggedout_string		= "强制网络门户连接已断开";
	$l_reply_1			= "您已经达到每日连接时间";
	$l_reply_2			= "您已经达到每月连接时间";
	$l_reply_3			= "您尝试在授权时间以外连接";
	$l_reply_4			= "您的账号已过期";

	$l_loggedin_stringl1		= "سلامة نظم المعلومات";
	$l_loggedin_stringl2		= "وُضعت هذه المراقبة للضمان القانوني لتتبع ومساءلة وعدم تنصل الإتصالات";
	$l_loggedin_stringl3		= "نشاطك على الشبكة مسجل وفقاً لاحترام الحريات الشخصية";
	$l_loggedin_stringl4		= "لا يمكن استغلال البيانات المسجلة إلاّ من قِبل سلطات التحقيق القضائ";
	$l_loggedin_stringl5		= "سيتم حدف هذه البيانات تلقائياً بعد سنة من الْيَوْمَ";
	$l_loggedin_stringl6		= "لتغيير كلمة السر أو شهادة الأمان <a href=\"$alcasarpath\">هنا</a> اضغط ";
	$l_loggedout_string		= "تَمّ قطع الإتصال بالبوابة الأسيرة";
	$l_reply_1			= "انتهى وقتك اليومي للإتصال";
	$l_reply_2			= "انتهى وقتك الشهري للإتصال";
	$l_reply_3			= "محاولة اتصال خارج فترتك المأذونة";
	$l_reply_4			= "انتهت مدة صلاحية حسابك";

	$l_loggedin_stringl1		= "Information System Security";
	$l_loggedin_stringl2		= "Dieses Portal wurde eingerichtet, um ordnungsgemäß die Rückverfolgbarkeit, der Zurechenbarkeit und der Nicht-Anerkennung der Verbindungen.";
	$l_loggedin_stringl3		= "Ihre Tätigkeit im Netzwerk registriert ist nach Schutz der Privatsphäre.";
	$l_loggedin_stringl4		= "Die gespeicherten Daten nicht pouront genutzt werden, dass von einer Justizbehörde im Rahmen einer Untersuchung.";
	$l_loggedin_stringl5		= "Diese Daten werden automatisch gelöscht nach einem Jahr.";
	$l_loggedin_stringl6		= "Click <a href=\"$alcasarpath\">here</a> to change your password or to integrate the security certificate in your browser";
	$l_loggedout_string		= "Trennung des Portals erfolgt Gefangener!";
	$l_reply_1			= "Your daily connexion time has been reached";
	$l_reply_2			= "Your monthly connexion time has been reached";
	$l_reply_3			= "You try to connect outside of your allowed timespan";
	$l_reply_4			= "your account expired";

	$l_loggedin_stringl1		= "Information System Security";
	$l_loggedin_stringl2		= "Het portaal werd opgericht verordeningen om de traceerbaarheid, verantwoordelijkheid en onloochenbaarheid van de verbindingen.";
	$l_loggedin_stringl3		= "Uw activiteit op het netwerk is geregistreerd in overeenstemming met de persoonlijke levenssfeer.";
	$l_loggedin_stringl4		= "De geregistreerde gegevens kunnen worden kunnen worden bediend door een rechterlijke instantie in de loop van een onderzoek.";
	$l_loggedin_stringl5		= "Deze gegevens worden automatisch verwijderd na een jaar.";
	$l_loggedin_stringl6		= "Click <a href=\"$alcasarpath\">here</a> to change your password or to integrate the security certificate in your browser";
	$l_loggedout_string		= "Logout gemaakt intern portaal!";
	$l_reply_1 			= "Your daily connexion time has been reached";
	$l_reply_2			= "Your monthly connexion time has been reached";
	$l_reply_3			= "You try to connect outside of your allowed timespan";
	$l_reply_4			= "your account expired";

	$l_loggedin_stringl1		= "Sécurité des Systèmes d'Information";
	$l_loggedin_stringl2		= "Ce contrôle a été mis en place pour assurer réglementairement la traçabilité, l'imputabilité et la non-répudiation des connexions.";
	$l_loggedin_stringl3		= "Votre activité sur le réseau est enregistrée conformément au respect de la vie privée.";
	$l_loggedin_stringl4		= "Les données enregistrées ne pourront être exploitées que par une autorité judiciaire dans le cadre d'une enquête.";
	$l_loggedin_stringl5		= "Ces données seront automatiquement supprimées au bout d'un an.";
	$l_loggedin_stringl6		= "Cliquez <a href=\"$alcasarpath\">ici</a> pour changer votre mot de passe ou pour intégrer le certificat de sécurité à votre navigateur";
	$l_loggedout_string		= "Déconnexion du portail captif effectuée !";
	$l_reply_1			= "Votre durée de connexion journalière a été atteinte";
	$l_reply_2			= "Votre durée de connexion mensuelle a été atteinte";
	$l_reply_3			= "Vous tentez de vous connecter en dehors de votre période autorisée";
	$l_reply_4			= "Votre compte a expiré";

	$l_loggedin_stringl1		= "Information System Security";
	$l_loggedin_stringl2		= "That control was set up regulations to ensure traceability, accountability and non-repudiation of connections.";
	$l_loggedin_stringl3		= "Your activity on the network is registered in accordance with privacy.";
	$l_loggedin_stringl4		= "The recorded data can be able to be operated by a judicial authority in the course of an investigation.";
	$l_loggedin_stringl5		= "These data will be automatically deleted after one year.";
	$l_loggedin_stringl6		= "Click <a href=\"$alcasarpath\">here</a> to change your password or to integrate the security certificate in your browser";
	$l_loggedout_string		= "Disconnection of the captive portal made";
	$l_reply_1			= "Your daily connexion time has been reached";
	$l_reply_2			= "Your monthly connexion time has been reached";
	$l_reply_3			= "You try to connect outside of your allowed timespan";
	$l_reply_4			= "your account expired";

# Read form parameters which we care about
# avoid the "user as a MAC address" attempts
if ((isset($_POST['UserName'])) && (preg_match('/^([0-9A-F]{2}-){5}[0-9A-F]{2}$/', $_POST['UserName']) !== 1))
				$username	= htmlspecialchars($_POST['UserName']);		else $username = '';
if (isset($_POST['Password']))	$password	= htmlspecialchars($_POST['Password']);		else $password = '';
if (isset($_POST['challenge']))	$challenge	= htmlspecialchars($_POST['challenge']);	else $challenge = '';
if (isset($_POST['button']))	$button		= htmlspecialchars($_POST['button']);		else $button = '';
// if (isset($_POST['logout']))	$logout		= htmlspecialchars($_POST['logout']);		else $logout = '';
// if (isset($_POST['prelogin']))	$prelogin	= htmlspecialchars($_POST['prelogin']);		else $prelogin = '';
if (isset($_POST['res']))	$res		= htmlspecialchars($_POST['res']);		else $res = '';
if (isset($_POST['uamip']))	$uamip		= htmlspecialchars($_POST['uamip']);		else $uamip = '';

				$filter_id = $row['value']; // on obtient le Filter-Id de l'utilisateur
				if($filter_id[3] === '1') {
					//set the fourth bit of filter-id to '0'
					$sql = "set @CurrentFilter=(SELECT value from radreply where username='$user_uid');set @CurrentFilterLeft=(SELECT LEFT(@CurrentFilter,3));set @CurrentFilterRight=(SELECT RIGHT(@CurrentFilter,4));UPDATE radreply SET value = CONCAT((@CurrentFilterLeft),'0', (@CurrentFilterRight)) WHERE username='$user_uid'";
					$res = mysqli_multi_query($link,$sql);
					header('Location: '.(($conf['HTTPS_LOGIN'] === 'on') ? 'https' : 'http').'://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN'].'/index.php?warn=1&url='.urlencode($_GET['userurl']));   //we present to user information about imputability logs 
					exit();
				}
			}
		}
	}
Subversion Repositories ALCASAR

(root)/web/intercept.php – Rev 2324 → 2370
