| 1,7 → 1,7 |
|---|
| <?php |
| # $Id$ |
| # |
| # index.php for ALCASAR captive portal |
| # index.php for ALCASAR |
| # by REXY |
| # UI & css style by stephane ERARD |
| # The contents of this file may be used under the terms of the GNU |
| 54,11 → 54,11 |
|---|
| $connection_history = ""; |
| $nb_connection_history = 3; |
| |
| # Obtenir l'état de connexion de l'utilisateur. 1 si connecté sinon 0. |
| # Retrieve the user info behind the remote ip |
| exec ("sudo /usr/sbin/chilli_query list|grep $remote_ip" , $tab); |
| $user = explode (" ", $tab[0]); |
| |
| #then we clean his cache to redirect him properly |
| # cleaning the cache |
| header("Expires: Tue, 01 Jan 2000 00:00:00 GMT"); |
| header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); |
| header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0"); |
| 66,12 → 66,12 |
|---|
| header("Pragma: no-cache"); |
| |
| |
| # on discrimine les accès directs sur Alcasar par rapport aux redirections (blacklist ou pannes rso) |
| # Test if it'a direct connexion to ALCASAR |
| if (isset($_SERVER['HTTP_HOST']) && (($_SERVER['HTTP_HOST'] == $_SERVER['SERVER_ADDR']) || preg_match ("/^alcasar$/", $_SERVER['HTTP_HOST']) || preg_match ("/^$hostname$/", $_SERVER['HTTP_HOST']) || preg_match ("/^$organisme$/", $_SERVER['HTTP_HOST']))) |
| { |
| $direct_access=True; |
| } |
| #### Affichage des 3 dernières connexions de $user[5] |
| # Function to adapt time connexion in seconds to H,M,S |
| function secondsToDuration($seconds = null){ |
| if ($seconds == null) return ""; |
| |
| 83,16 → 83,13 |
|---|
| return $time[0]." h ".$time[1]." m ".$time[2]." s"; |
| } |
| |
| $l_connected = "connected"; // a traduire (choix de la langue ci-dessous mais nécessitant de $connection_history) |
| // si on a pas d'accès à la bdd, la page s'affiche quand même correctement |
| # If the user is connected : retrieve the 3 last connexions |
| if ((isset ($user[4])) && ($user[4] != "0")){ |
| if ((is_file("./acc/manager/lib/sql/drivers/mysql/functions.php"))&&(is_file("/etc/freeradius-web/config.php"))){ |
| include_once("/etc/freeradius-web/config.php"); |
| include_once("./acc/manager/lib/sql/drivers/mysql/functions.php"); |
| |
| $sql = "SELECT UserName, AcctStartTime, AcctStopTime, acctsessiontime FROM radacct WHERE UserName='$user[5]' ORDER BY AcctStartTime DESC LIMIT 0 , $nb_connection_history"; |
| $link = @da_sql_pconnect($config); // on affiche pas les erreurs |
| |
| if ($link){ |
| $res = @da_sql_query($link,$config,$sql); // on affiche pas les erreurs |
| |
| 100,7 → 97,7 |
|---|
| $connection_history.= "<ul>"; |
| while(($row = @da_sql_fetch_array($res,$config))){ |
| $connected = ""; |
| if ($row['acctstoptime'] == "") $connected = " ($l_connected)"; |
| if ($row['acctstoptime'] == "") $connected = " (active)"; |
| $connection_history.="<li title='$row[username] $row[acctstarttime] $row[acctstoptime] (".secondsToDuration($row['acctsessiontime']).")'>$row[acctstarttime] (".secondsToDuration($row['acctsessiontime']).") $connected</li>"; |
| } |
| $connection_history.="</ul>"; |
| 110,22 → 107,17 |
|---|
| } |
| else |
| { |
| # cas où l'utilisateur non-loggué décide de joindre une page HTTP/S => redirection http://URL |
| # the user isn't connected and he isn't in the ipset "not_auth_yet" yet |
| exec("sudo /usr/sbin/ipset list not_auth_yet | grep $remote_ip | wc -l 2>&1", $ipset_not_auth_yet); |
| # ALCASAR => redirection index.php |
| # on place l'IP de l'utilisateur dans un ipset not_auth_yet pour ne pas boucler sur index.php et atteindre la page souhaité qui sera traité par coova-chilli |
| if(!$direct_access && $ipset_not_auth_yet[0] == '0') |
| { |
| exec("sudo /usr/sbin/ipset add not_auth_yet $remote_ip"); |
| #On force l'utilisateur a refaire une requete DNS sur la même URL intercepté. (comme un CTRL+F5) |
| echo "<script>window.location.reload(true)</script>"; |
| echo "<script>window.location.href='http://$_SERVER[HTTP_HOST]'</script>"; |
| header("Location: http://$_SERVER[HTTP_HOST]"); |
| exit; |
| exec("sudo /usr/sbin/ipset add not_auth_yet $remote_ip"); # Add in the ipset "not_auth_yet" to not loop when redirected |
| echo "<script>window.location.assign='http://$_SERVER[HTTP_HOST]'</script>"; |
| echo "<script>window.location.reload(true)</script>"; # the user web browser need to perform a new DNS request when redirected (as in a "<CTRL>+F5") |
| //header("Location: http://$_SERVER[HTTP_HOST]"); |
| exit; |
| } |
| |
| } |
| #### |
| |
| # Choice of language |
| $Language = 'en'; |
| 261,10 → 253,11 |
|---|
| $l_service_sms_n = "SMS service disable"; |
| $l_acc_sms = "Auto registration by SMS"; |
| } |
| |
| $l_title = ($direct_access ? $l_access_welcome : ($network_pb ? $l_access_unavailable : $l_access_denied)); |
| $l_explain = ($direct_access ? $l_explain_acc_access : ($network_pb ? $l_explain_net_pb : $l_explain_access_deny)); |
| |
| # Attribution des icones / images |
| # set the icons |
| $img_rep = "images/"; |
| $img_organisme = "organisme.png"; |
| $img_access = "globe_acces_70.png"; |
| 328,11 → 321,11 |
|---|
| <div id="contenu_acces"> |
| <div id="box_url"> |
| <?php |
| //search here in the blacklist categories (if ((! $direct_access) && (! $network_pb)){} |
| # search here in the blacklist categories if we want to display it (if ((! $direct_access) && (! $network_pb)){} |
| ?> |
| </div> |
| <?php |
| # CHECK IF the SMS service is enable |
| # Check if the SMS service is enable |
| $service_SMS_status="false"; |
| if ($service_SMS_status == "true") { |
| $sms_div=' |