68,6 → 68,7 |
|
// Our own path |
$loginpath = htmlspecialchars($_SERVER['PHP_SELF']); |
$useHTTPS = ((isset($_SERVER['HTTPS'])) && (!empty($_SERVER['HTTPS'])) && ($_SERVER['HTTPS'] !== 'off')); |
$alcasarpath = (($conf['HTTPS_LOGIN'] === 'on') ? 'https' : 'http' ).'://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN']; |
$statuspath = $alcasarpath.'/status.php'; |
|
369,41 → 370,45 |
|
# Read form parameters which we care about |
# avoid the "user as a MAC address" attempts |
if ((isset($_POST['UserName'])) && (preg_match('/^([0-9A-F]{2}-){5}[0-9A-F]{2}$/', $_POST['UserName']) !== 1)) |
$username = htmlspecialchars($_POST['UserName']); else $username = ''; |
if (isset($_POST['Password'])) $password = htmlspecialchars($_POST['Password']); else $password = ''; |
if ((isset($_POST['username'])) && (preg_match('/^([0-9A-F]{2}-){5}[0-9A-F]{2}$/', $_POST['username']) !== 1)) |
$username = htmlspecialchars($_POST['username']); else $username = ''; |
if (isset($_POST['password'])) $password = htmlspecialchars($_POST['password']); else $password = ''; |
if (isset($_POST['challenge'])) $challenge = htmlspecialchars($_POST['challenge']); else $challenge = ''; |
if (isset($_POST['button'])) $button = htmlspecialchars($_POST['button']); else $button = ''; |
// if (isset($_POST['logout'])) $logout = htmlspecialchars($_POST['logout']); else $logout = ''; |
// if (isset($_POST['prelogin'])) $prelogin = htmlspecialchars($_POST['prelogin']); else $prelogin = ''; |
if (isset($_POST['res'])) $res = htmlspecialchars($_POST['res']); else $res = ''; |
if (isset($_POST['uamip'])) $uamip = htmlspecialchars($_POST['uamip']); else $uamip = ''; |
if (isset($_POST['uamport'])) $uamport = htmlspecialchars($_POST['uamport']); else $uamport = ''; |
// if (isset($_POST['res'])) $res = htmlspecialchars($_POST['res']); else $res = ''; |
// if (isset($_POST['uamip'])) $uamip = htmlspecialchars($_POST['uamip']); else $uamip = ''; |
// if (isset($_POST['uamport'])) $uamport = htmlspecialchars($_POST['uamport']); else $uamport = ''; |
if (isset($_POST['userurl'])) $userurl = htmlspecialchars($_POST['userurl']); else $userurl = ''; |
if (isset($_POST['timeleft'])) $timeleft = htmlspecialchars($_POST['timeleft']); else $timeleft = ''; |
if (isset($_POST['redirurl'])) $redirurl = htmlspecialchars($_POST['redirurl']); else $redirurl = ''; |
// if (isset($_POST['timeleft'])) $timeleft = htmlspecialchars($_POST['timeleft']); else $timeleft = ''; |
// if (isset($_POST['redirurl'])) $redirurl = htmlspecialchars($_POST['redirurl']); else $redirurl = ''; |
|
# Read query parameters which we care about |
if (isset($_GET['res'])) $res = htmlspecialchars($_GET['res']); |
if (isset($_GET['res'])) $res = htmlspecialchars($_GET['res']); else $res = ''; |
// if (isset($_GET['reason'])) $reason = htmlspecialchars($_GET['reason']); else $reason = ''; |
if (isset($_GET['challenge'])) $challenge = htmlspecialchars($_GET['challenge']); |
if (isset($_GET['uamip'])) $uamip = htmlspecialchars($_GET['uamip']); |
if (isset($_GET['uamport'])) $uamport = htmlspecialchars($_GET['uamport']); |
if (isset($_GET['reply'])) $reply = htmlspecialchars($_GET['reply']); else $reply = ''; |
// if (isset($_GET['uamip'])) $uamip = htmlspecialchars($_GET['uamip']); |
// if (isset($_GET['uamport'])) $uamport = htmlspecialchars($_GET['uamport']); |
if (isset($_GET['timeleft'])) $timeleft = htmlspecialchars($_GET['timeleft']); else $timeleft = ''; |
if (isset($_GET['reply'])) $reply = htmlspecialchars(trim($_GET['reply'])); else $reply = ''; |
if (isset($_GET['redirurl'])) $redirurl = htmlspecialchars($_GET['redirurl']); else $redirurl = ''; |
if (isset($_GET['userurl'])) $userurl = htmlspecialchars($_GET['userurl']); |
if (isset($_GET['timeleft'])) $timeleft = htmlspecialchars($_GET['timeleft']); |
if (isset($_GET['redirurl'])) $redirurl = htmlspecialchars($_GET['redirurl']); |
|
// Get required parameters from CoovaChilli config file if missing |
if (empty($uamip)) { |
$uamip = trim(exec('grep uamlisten /etc/chilli.conf | sed -e "s/uamlisten//"')); |
// TODO: clean unused query params |
|
$uamip = $conf['HOSTNAME'].'.'.$conf['DOMAIN']; |
if ($useHTTPS) { |
$uamproto = 'https'; |
$uamport = 3991; |
} else { |
$uamproto = 'http'; |
$uamport = 3990; |
} |
if (empty($uamport)) { |
$uamport = trim(exec('grep uamport /etc/chilli.conf | sed -e "s/uamport//"')); |
} |
|
# translation of radius replies |
if (isset($reply)) { |
switch (trim($reply)) { |
if (!empty($reply)) { |
switch ($reply) { |
case 'Your maximum daily usage time has been reached' : $reply = $l_reply_1; break; |
case 'Your maximum monthly usage time has been reached' : $reply = $l_reply_2; break; |
case 'You are calling outside your allowed timespan' : $reply = $l_reply_3; break; |
429,7 → 434,7 |
// Encode plain text password with challenge |
$pappassword = implode('', unpack('H*', ($newpwd ^ $newchal))); |
|
header("Location: http://$uamip:$uamport/logon?username=$username&password=$pappassword&userurl=$userurl"); |
header("Location: $uamproto://$uamip:$uamport/logon?username=$username&password=$pappassword&userurl=$userurl"); |
exit(); |
} |
|
443,7 → 448,7 |
} |
|
//check if we need to warn user about the imputability logs. |
if($result === 1) { |
if ($result === 1) { |
if ((is_file('./acc/manager/lib/sql/drivers/mysql/functions.php')) && (is_file('/etc/freeradius-web/config.php'))) { |
include_once('/etc/freeradius-web/config.php'); |
include_once('./acc/manager/lib/sql/drivers/mysql/functions.php'); |
455,7 → 460,7 |
if ($res) { |
$row = @da_sql_fetch_array($res, $config); |
$filter_id = $row['value']; // on obtient le Filter-Id de l'utilisateur |
if($filter_id[3] === '1') { |
if ($filter_id[3] === '1') { |
//set the fourth bit of filter-id to '0' |
$sql = "set @CurrentFilter=(SELECT value from radreply where username='$user_uid');set @CurrentFilterLeft=(SELECT LEFT(@CurrentFilter,3));set @CurrentFilterRight=(SELECT RIGHT(@CurrentFilter,4));UPDATE radreply SET value = CONCAT((@CurrentFilterLeft),'0', (@CurrentFilterRight)) WHERE username='$user_uid'"; |
$res = mysqli_multi_query($link,$sql); |
467,10 → 472,9 |
} |
} |
|
// Otherwise it was not a form request |
// Send out an error message |
if ($result === 0) { //erreur |
header("Location: http://$uamip:$uamport/prelogin"); |
// By default, redirect to prelogin in order to generate a challenge |
if ($result === 0) { |
header("Location: $uamproto://$uamip:$uamport/prelogin"); |
exit(); |
} |
|
511,7 → 515,7 |
} |
} |
if ((result === 2) || (result === 3) || result === 5) { // failed or logoff or notyet |
document.form1.UserName.focus(); |
document.form1.username.focus(); |
} |
} |
</script> |
535,18 → 539,16 |
<img id="logo-alcasar" src="/images/logo-alcasar.png"> |
<form name="form1" method="post" action="<?= $loginpath ?>"> |
<input type="hidden" name="challenge" value="<?= $challenge ?>"> |
<input type="hidden" name="uamip" value="<?= $uamip ?>"> |
<input type="hidden" name="uamport" value="<?= $uamport ?>"> |
<input type="hidden" name="userurl" value="<?= $userurl ?>"> |
<table id="boite-logon"> |
<tr> |
<td width="20%" rowspan="4"><img id="logo-organ" src="/images/organisme.png"></td> |
<td width="30%" align="right"><?= $l_user ?></td> |
<td width="50%" align="left"><input type="text" maxLength="32" name="UserName" autocomplete="off"></td> |
<td width="50%" align="left"><input type="text" maxLength="32" name="username" autocomplete="off"></td> |
</tr> |
<tr> |
<td align="right"><?= $l_password ?></td> |
<td align="left"><input maxLength="32" type="password" name="Password" autocomplete="off"></td> |
<td align="left"><input maxLength="32" type="password" name="password" autocomplete="off"></td> |
</tr> |
<tr> |
<td height="23" align="left"><input value="<?= $l_boutonO ?>" type="submit" name="button"></td> |