WebSVN – ALCASAR – Diff – /web/acc/manager/auth_exceptions.php


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><!-- written by Rexy - 3abtux -->
<HEAD>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<TITLE>Exceptions</TITLE>
<link rel="stylesheet" href="/css/style.css" type="text/css">
</HEAD>
<body>
<?
/********************
*  TEST CONF FILES  *
*********************/
$domain_allowed_list="/usr/local/etc/alcasar-uamdomain";
$url_allowed_list="/usr/local/etc/alcasar-uamallowed";
define ("DOMAIN_ALLOWED_LIST", $domain_allowed_list);
define ("IP_ALLOWED_LIST", $url_allowed_list);
$conf_files=array(DOMAIN_ALLOWED_LIST,IP_ALLOWED_LIST);
foreach ($conf_files as $file){
if (!file_exists($file)){
	exit("Requested file ".$file." isn't present");}
if (!is_readable($file)){
	exit("Can't read the file ".$file);}
}
 
 
# Choice of language
$Language = 'en';
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
	$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
	$Language = strtolower(substr(chop($Langue[0]),0,2)); }
if($Language == 'fr'){
	$l_load="Chargement...";
	$l_error_open_file	= "Erreur d'ouverture du fichier";
	$l_trusted_domain	= "Noms de domaine Internet de confiance";
	$l_domain		= "Noms de domaine";
	$l_comment_explain	= "Lien affiché dans la page d'interception";
	$l_comment_explain2	= "Laissez vide si non affiché";
	$l_remove		= "Retirer de la liste";
	$l_trusted_ip		= "adresses IP de confiance";
	$l_trusted_equipments	= "Equipements de consultation de confiance";
	$l_comment		= "Commentaires";
	$l_trusted_domain_explain = "Gérez ici les noms de domaine Internet pouvant être joints sans authentification";
	$l_trusted_equipments_explain	= "Pour qu'un équipement du réseau de consultation puisse accéder à Internet sans être interceptés : créer un utilisateur dont le nom de login est l'@MAC de l'équipement et le mot de passe est 'password'" ;
	$l_trusted_ip_explain	= "Gérez ici les adresses IP de systèmes ou de réseaux pouvant être joints sans authentification";
	$l_submit		= "Enregistrer";
	$l_add_to_list		= "Ajouter à la liste";
	$l_apply		= "Appliquer les changements";
}
else {
 	$l_load="Loading...";
	$l_error_open_file	= "File open error";
	$l_trusted_domain	= "Trusted Internet domain names";
	$l_domain		= "Domain names";
	$l_comment_explain	= "Link displayed in intercept page";
	$l_comment_explain2	= "Let empty to not display link";
	$l_remove		= "Remove from list";
	$l_trusted_ip		= "Trusted IP addresses";
	$l_trusted_equipments	= "Trusted consultation equipements";
	$l_comment		= "Comments";
	$l_trusted_domain_explain = "Manage Internet domain names that can be joined without authentication";
	$l_trusted_equipments_explain	= "To allow a consultation equipment to connect to Internet without interception, create a user whose name is the MAC address of the device and the password is 'password'";
	  $l_trusted_ip_explain	= "Manage systems IP addresses or networks IP addresses that can be joined without authentication";
	$l_submit		= "Submit";
	$l_add_to_list		= "Add to list";
	$l_apply		= "Apply changes";
}
if (isset($_POST['choix'])){ 
	switch ($_POST['choix'])
	{
	case 'new_uamdomain' :
	if (trim($_POST['add_uamdomain']) != "") 
		{
		$tab=file(DOMAIN_ALLOWED_LIST);
		$insert = true;
		if ($tab) // file isn't empty
			{
			foreach ($tab as $line) // test if domain address doesn't already exist
				{
				$domain=explode("\"", $line);
				if (strcmp(trim($_POST['add_uamdomain']),$domain[1]) == 0)
			       		{
					$insert = false;
					break;
					}
				}
			}
		if ($insert == true) 
			{
			$line ="\nuamdomain=\"" . trim($_POST['add_uamdomain']) . "\" #" . trim($_POST['add_domain_comment']);
			$pointeur=fopen(DOMAIN_ALLOWED_LIST,"a");
			fwrite ($pointeur, $line);
			fclose ($pointeur);
			exec ("sudo /usr/local/bin/alcasar-file-clean.sh");
			exec ("sudo /usr/bin/systemctl restart chilli");
			}
		}
	break;
	case 'change_uamdomain' :
	$tab=file(DOMAIN_ALLOWED_LIST);
	if ($tab)
		{
		$pointeur=fopen(DOMAIN_ALLOWED_LIST,"w+");
		foreach ($tab as $ligne)
			{
			$uamdomain1=explode("\"", $ligne);
			$remove_line = false;
			foreach ($_POST as $key => $value)
				{
				$key = str_replace ("_",".",$key); // dot are replace by '_' in post request
				if (strstr($key,'del-'))
					{
					$uamdomain2 = str_replace('del-','',$key);
					if (strcmp($uamdomain1[1],$uamdomain2) == 0)
				       		{
						$remove_line = True;
						break;
						}
					}
				}
			if (! $remove_line)
				{
				fwrite($pointeur,$ligne);
				}
			}
		fclose($pointeur);
		}
	exec ("sudo /usr/bin/systemctl restart chilli");
	break;
	case 'new_ip' :
	if (trim($_POST['add_ip']) != "") 
		{
		$tab=file(IP_ALLOWED_LIST);
		$insert = true;
		if ($tab) // file isn't empty
			{
			foreach ($tab as $line) // test if domain address doesn't already exist
				{
				$ip=explode("\"", $line);
				if (strcmp(trim($_POST['add_ip']),$ip[1]) == 0)
			       		{
					$insert = false;
					break;
					}
				}
			}
		if ($insert == true) 
			{
			$line ="\nuamallowed=\"" . trim($_POST['add_ip']) ."\" #" . trim($_POST['add_ip_comment']);
			$pointeur=fopen(IP_ALLOWED_LIST,"a");
			fwrite ($pointeur, $line);
			fclose ($pointeur);
			exec ("sudo /usr/local/bin/alcasar-file-clean.sh");
			exec ("sudo /usr/bin/systemctl restart chilli");
			}
		}
	break;
	case 'change_ip' :
	$tab=file(IP_ALLOWED_LIST);
	if ($tab)
		{
		$pointeur=fopen(IP_ALLOWED_LIST,"w+");
		foreach ($tab as $ligne)
			{
			$ip1=explode("\"", $ligne);
			$remove_line = false;
			foreach ($_POST as $key => $value)
				{
				$key = str_replace ("_",".",$key); // dot are replace by '_' in post request
				if (strstr($key,'del-'))
					{
					$ip2 = str_replace('del-','',$key);
					if (strcmp($ip1[1],$ip2) == 0)
				       		{
						$remove_line = True;
						break;
						}
					}
				}
			if (! $remove_line)
				{
				fwrite($pointeur,$ligne);
				}
			}
		fclose($pointeur);
		}
	exec ("sudo /usr/bin/systemctl restart chilli");
	break;
	}
}
?>
<TABLE width="100%" border=0 cellspacing=0 cellpadding=0>
<tr><th><?echo "$l_trusted_domain";?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
</table>
<table width="100%" border=1 cellspacing=0 cellpadding=1>
<tr><td colspan=2 align="center">
<?
echo "$l_trusted_domain_explain</td></tr>\n";
echo "<tr><td align='center' valign='middle'>\n";
echo "<FORM action='$_SERVER[PHP_SELF]' method='POST'>\n";
echo "<table cellspacing=2 cellpadding=2 border=1>";
 
echo "<tr align='center' bgcolor='#d0ddb0'><td>$l_domain<td>$l_comment_explain<td>$l_remove</tr>\n";
// Read the "Domain alowed" file
$tab=file(DOMAIN_ALLOWED_LIST);
if ($tab)  # the file isn't empty
	{
	foreach ($tab as $line)
		{
		if (trim($line) != '') # the line isn't empty
			{
			$domain_allowed=explode("#", $line);
			$uamdomain=trim($domain_allowed[0],"#");
			$domain=explode("\"", $uamdomain);
			echo "<tr><td>$domain[1]";
			echo "<td>";
			if (isset ($domain_allowed[1])) {
				echo trim($domain_allowed[1]);}
			else echo "&nbsp";
			echo "<td>";
			echo "<input type='checkbox' name='del-$domain[1]'>";
			echo "</tr>\n";
			}
		}
	}
echo "</table>";
if ($tab)
	{
	echo "<input type='hidden' name='choix' value='change_uamdomain'>";
	echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';submit();\" value='$l_apply'>";
	}
?>
</form>
</td><td valign='middle' align='center'>
<form action='<?echo"$_SERVER[PHP_SELF]"?>' method='POST'>
<table cellspacing=2 cellpadding=3 border=1>
<tr align='center'><td bgcolor='#d0ddb0'><?echo "$l_domain<td bgcolor='#d0ddb0'>$l_comment_explain";?>
<td></tr>
<tr><td>exemple1 : www.mydomain.com <br>exemple2 : .yourdomain.net
<td>exemple1 : mydomain<br><?echo "$l_comment_explain2";?><td></tr>
<tr><td><input type='text' name='add_uamdomain' size='20'>
<td><input type='text' name='add_domain_comment' size='15'>
<input type='hidden' name='choix' value='new_uamdomain'></td>
<td><input type='submit' onClick="this.disabled=true; this.value='<?echo $l_load;?>';submit();" value='<?echo "$l_add_to_list";?>'>
</tr></table>
</form>
</tr>
</table>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
	<tr><th><?php echo "$l_trusted_ip" ;?></th></tr>
	<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
</table>
<table width="100%" border=1 cellspacing=0 cellpadding=1>
<tr><td colspan=2 align="center">
<?
echo "$l_trusted_ip_explain</td></tr>\n";
echo "<tr><td align='center' valign='middle'>\n";
echo "<FORM action='$_SERVER[PHP_SELF]' method='POST'>\n";
echo "<table cellspacing=2 cellpadding=2 border=1>";
 
echo "<tr align='center' bgcolor='#d0ddb0'><td>$l_trusted_ip<td>$l_comment<td>$l_remove</tr>\n";
// Read the "ip alowed" file
$tab=file(IP_ALLOWED_LIST);
if ($tab)  # the file isn't empty
	{
	foreach ($tab as $line)
		{
		if (trim($line) != '') # the line isn't empty
			{
			$ip_allowed=explode("#", $line);
			$ip_a=trim($ip_allowed[0],"#");
			$ip=explode("\"", $ip_a);
			echo "<tr><td>$ip[1]";
			echo "<td>";
			if (isset($ip_allowed[1]))
				echo trim($ip_allowed[1]);
			else echo "&nbsp;";
			echo "<td><input type='checkbox' name='del-$ip[1]'>";
			echo "</tr>\n";
			}
		}
	}
echo "</table>";
if ($tab)
	{
	echo "<input type='hidden' name='choix' value='change_ip'>";
	echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';submit();\" value='$l_apply'>";
	}
?>
</form>
</td><td valign='middle' align='center'>
<form action='<?echo "$_SERVER[PHP_SELF]"?>' method='POST'>
<table cellspacing=2 cellpadding=3 border=1>
<tr align='center'><td bgcolor='#d0ddb0'><?echo "$l_trusted_ip<td bgcolor='#d0ddb0'>$l_comment";?>
<td></tr>
<tr><td>exemple1 : 170.25.23.10 <br>exemple2 : 15.20.20.0/16</td>
<td>my_web_server <br>my_dmz<td></tr>
<tr><td><input type='text' name='add_ip' size='20'></td>
<td><input type='text' name='add_ip_comment' size='15'>
<input type='hidden' name='choix' value='new_ip'></td>
<td><input type='submit' onClick="this.disabled=true; this.value='<?echo $l_load;?>';submit();" value='<?echo "$l_add_to_list";?>'></td>
</tr></table>
 
 
</form>
</table>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
	<tr><th><?php echo "$l_trusted_equipments";?></th></tr>
	<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
</table>
<table width="100%" border=1 cellspacing=0 cellpadding=1>
<tr><td colspan=2 align="center">
<?echo "$l_trusted_equipments_explain";?>
</td></tr>
</table>
</BODY>
</HTML>
 

Rev 2083	Rev 2138
1	`<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">`	1	`<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">`
2	`<HTML><!-- written by Rexy - 3abtux -->`	2	`<HTML><!-- written by Rexy - 3abtux -->`
3	`<HEAD>`	3	`<HEAD>`
4	`<meta http-equiv="Content-Type" content="text/html; charset=utf-8">`	4	`<meta http-equiv="Content-Type" content="text/html; charset=utf-8">`
5	`<TITLE>Exceptions</TITLE>`	5	`<TITLE>Exceptions</TITLE>`
6	`<link rel="stylesheet" href="/css/style.css" type="text/css">`	6	`<link rel="stylesheet" href="/css/style.css" type="text/css">`
7	`</HEAD>`	7	`</HEAD>`
8	`<body>`	8	`<body>`
9	`<?`	9	`<?`
10	`/********************`	10	`/********************`
11	`* TEST CONF FILES *`	11	`* TEST CONF FILES *`
12	`*********************/`	12	`*********************/`
13	`define ("DOMAIN_ALLOWED_LIST", "/usr/local/etc/alcasar-uamdomain");`	13	`$domain_allowed_list="/usr/local/etc/alcasar-uamdomain";`
14	`define ("IP_ALLOWED_LIST", "/usr/local/etc/alcasar-uamallowed");`	14	`$url_allowed_list="/usr/local/etc/alcasar-uamallowed";`
-		15	`define ("DOMAIN_ALLOWED_LIST", $domain_allowed_list);`
-		16	`define ("IP_ALLOWED_LIST", $url_allowed_list);`
15	`$conf_files=array(DOMAIN_ALLOWED_LIST,IP_ALLOWED_LIST);`	17	`$conf_files=array(DOMAIN_ALLOWED_LIST,IP_ALLOWED_LIST);`
16	`foreach ($conf_files as $file){`	18	`foreach ($conf_files as $file){`
17	`if (!file_exists($file)){`	19	`if (!file_exists($file)){`
18	`exit("Requested file ".$file." isn't present");}`	20	`exit("Requested file ".$file." isn't present");}`
19	`if (!is_readable($file)){`	21	`if (!is_readable($file)){`
20	`exit("Can't read the file ".$file);}`	22	`exit("Can't read the file ".$file);}`
21	`}`	23	`}`
22	`$domain_allowed_list="/usr/local/etc/alcasar-uamdomain";`	-
23	`$url_allowed_list="/usr/local/etc/alcasar-uamallowed";`	-
24	`# Choice of language`	24	`# Choice of language`
25	`$Language = 'en';`	25	`$Language = 'en';`
26	`if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){`	26	`if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){`
27	`$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);`	27	`$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);`
28	`$Language = strtolower(substr(chop($Langue[0]),0,2)); }`	28	`$Language = strtolower(substr(chop($Langue[0]),0,2)); }`
29	`if($Language == 'fr'){`	29	`if($Language == 'fr'){`
30	`$l_load="Chargement...";`	30	`$l_load="Chargement...";`
31	`$l_error_open_file = "Erreur d'ouverture du fichier";`	31	`$l_error_open_file = "Erreur d'ouverture du fichier";`
32	`$l_trusted_domain = "Noms de domaine Internet de confiance";`	32	`$l_trusted_domain = "Noms de domaine Internet de confiance";`
33	`$l_domain = "Noms de domaine";`	33	`$l_domain = "Noms de domaine";`
34	`$l_comment_explain = "Lien affiché dans la page d'interception";`	34	`$l_comment_explain = "Lien affiché dans la page d'interception";`
35	`$l_comment_explain2 = "Laissez vide si non affiché";`	35	`$l_comment_explain2 = "Laissez vide si non affiché";`
36	`$l_remove = "Retirer de la liste";`	36	`$l_remove = "Retirer de la liste";`
37	`$l_trusted_ip = "adresses IP de confiance";`	37	`$l_trusted_ip = "adresses IP de confiance";`
38	`$l_trusted_equipments = "Equipements de consultation de confiance";`	38	`$l_trusted_equipments = "Equipements de consultation de confiance";`
39	`$l_comment = "Commentaires";`	39	`$l_comment = "Commentaires";`
40	`$l_trusted_domain_explain = "Gérez ici les noms de domaine Internet pouvant être joints sans authentification";`	40	`$l_trusted_domain_explain = "Gérez ici les noms de domaine Internet pouvant être joints sans authentification";`
41	`$l_trusted_equipments_explain = "Pour qu'un équipement du réseau de consultation puisse accéder à Internet sans être interceptés : créer un utilisateur dont le nom de login est l'@MAC de l'équipement et le mot de passe est 'password'" ;`	41	`$l_trusted_equipments_explain = "Pour qu'un équipement du réseau de consultation puisse accéder à Internet sans être interceptés : créer un utilisateur dont le nom de login est l'@MAC de l'équipement et le mot de passe est 'password'" ;`
42	`$l_trusted_ip_explain = "Gérez ici les adresses IP de systèmes ou de réseaux pouvant être joints sans authentification";`	42	`$l_trusted_ip_explain = "Gérez ici les adresses IP de systèmes ou de réseaux pouvant être joints sans authentification";`
43	`$l_submit = "Enregistrer";`	43	`$l_submit = "Enregistrer";`
44	`$l_add_to_list = "Ajouter à la liste";`	44	`$l_add_to_list = "Ajouter à la liste";`
45	`$l_apply = "Appliquer les changements";`	45	`$l_apply = "Appliquer les changements";`
46	`}`	46	`}`
47	`else {`	47	`else {`
48	`$l_load="Loading...";`	48	`$l_load="Loading...";`
49	`$l_error_open_file = "File open error";`	49	`$l_error_open_file = "File open error";`
50	`$l_trusted_domain = "Trusted Internet domain names";`	50	`$l_trusted_domain = "Trusted Internet domain names";`
51	`$l_domain = "Domain names";`	51	`$l_domain = "Domain names";`
52	`$l_comment_explain = "Link displayed in intercept page";`	52	`$l_comment_explain = "Link displayed in intercept page";`
53	`$l_comment_explain2 = "Let empty to not display link";`	53	`$l_comment_explain2 = "Let empty to not display link";`
54	`$l_remove = "Remove from list";`	54	`$l_remove = "Remove from list";`
55	`$l_trusted_ip = "Trusted IP addresses";`	55	`$l_trusted_ip = "Trusted IP addresses";`
56	`$l_trusted_equipments = "Trusted consultation equipements";`	56	`$l_trusted_equipments = "Trusted consultation equipements";`
57	`$l_comment = "Comments";`	57	`$l_comment = "Comments";`
58	`$l_trusted_domain_explain = "Manage Internet domain names that can be joined without authentication";`	58	`$l_trusted_domain_explain = "Manage Internet domain names that can be joined without authentication";`
59	`$l_trusted_equipments_explain = "To allow a consultation equipment to connect to Internet without interception, create a user whose name is the MAC address of the device and the password is 'password'";`	59	`$l_trusted_equipments_explain = "To allow a consultation equipment to connect to Internet without interception, create a user whose name is the MAC address of the device and the password is 'password'";`
60	`$l_trusted_ip_explain = "Manage systems IP addresses or networks IP addresses that can be joined without authentication";`	60	`$l_trusted_ip_explain = "Manage systems IP addresses or networks IP addresses that can be joined without authentication";`
61	`$l_submit = "Submit";`	61	`$l_submit = "Submit";`
62	`$l_add_to_list = "Add to list";`	62	`$l_add_to_list = "Add to list";`
63	`$l_apply = "Apply changes";`	63	`$l_apply = "Apply changes";`
64	`}`	64	`}`
65	`if (isset($_POST['choix'])){`	65	`if (isset($_POST['choix'])){`
66	`switch ($_POST['choix'])`	66	`switch ($_POST['choix'])`
67	`{`	67	`{`
68	`case 'new_uamdomain' :`	68	`case 'new_uamdomain' :`
69	`if (trim($_POST['add_uamdomain']) != "")`	69	`if (trim($_POST['add_uamdomain']) != "")`
70	`{`	70	`{`
71	`$tab=file(DOMAIN_ALLOWED_LIST);`	71	`$tab=file(DOMAIN_ALLOWED_LIST);`
72	`$insert = true;`	72	`$insert = true;`
73	`if ($tab) // file isn't empty`	73	`if ($tab) // file isn't empty`
74	`{`	74	`{`
75	`foreach ($tab as $line) // test if domain address doesn't already exist`	75	`foreach ($tab as $line) // test if domain address doesn't already exist`
76	`{`	76	`{`
77	`$domain=explode("\"", $line);`	77	`$domain=explode("\"", $line);`
78	`if (strcmp(trim($_POST['add_uamdomain']),$domain[1]) == 0)`	78	`if (strcmp(trim($_POST['add_uamdomain']),$domain[1]) == 0)`
79	`{`	79	`{`
80	`$insert = false;`	80	`$insert = false;`
81	`break;`	81	`break;`
82	`}`	82	`}`
83	`}`	83	`}`
84	`}`	84	`}`
85	`if ($insert == true)`	85	`if ($insert == true)`
86	`{`	86	`{`
87	`$line ="\nuamdomain=\"" . trim($_POST['add_uamdomain']) . "\" #" . trim($_POST['add_domain_comment']);`	87	`$line ="\nuamdomain=\"" . trim($_POST['add_uamdomain']) . "\" #" . trim($_POST['add_domain_comment']);`
88	`$pointeur=fopen(DOMAIN_ALLOWED_LIST,"a");`	88	`$pointeur=fopen(DOMAIN_ALLOWED_LIST,"a");`
89	`fwrite ($pointeur, $line);`	89	`fwrite ($pointeur, $line);`
90	`fclose ($pointeur);`	90	`fclose ($pointeur);`
91	`exec ("sudo /usr/local/bin/alcasar-file-clean.sh");`	91	`exec ("sudo /usr/local/bin/alcasar-file-clean.sh");`
92	`exec ("sudo /usr/bin/systemctl restart chilli");`	92	`exec ("sudo /usr/bin/systemctl restart chilli");`
93	`}`	93	`}`
94	`}`	94	`}`
95	`break;`	95	`break;`
96	`case 'change_uamdomain' :`	96	`case 'change_uamdomain' :`
97	`$tab=file(DOMAIN_ALLOWED_LIST);`	97	`$tab=file(DOMAIN_ALLOWED_LIST);`
98	`if ($tab)`	98	`if ($tab)`
99	`{`	99	`{`
100	`$pointeur=fopen(DOMAIN_ALLOWED_LIST,"w+");`	100	`$pointeur=fopen(DOMAIN_ALLOWED_LIST,"w+");`
101	`foreach ($tab as $ligne)`	101	`foreach ($tab as $ligne)`
102	`{`	102	`{`
103	`$uamdomain1=explode("\"", $ligne);`	103	`$uamdomain1=explode("\"", $ligne);`
104	`$remove_line = false;`	104	`$remove_line = false;`
105	`foreach ($_POST as $key => $value)`	105	`foreach ($_POST as $key => $value)`
106	`{`	106	`{`
107	`$key = str_replace ("_",".",$key); // dot are replace by '_' in post request`	107	`$key = str_replace ("_",".",$key); // dot are replace by '_' in post request`
108	`if (strstr($key,'del-'))`	108	`if (strstr($key,'del-'))`
109	`{`	109	`{`
110	`$uamdomain2 = str_replace('del-','',$key);`	110	`$uamdomain2 = str_replace('del-','',$key);`
111	`if (strcmp($uamdomain1[1],$uamdomain2) == 0)`	111	`if (strcmp($uamdomain1[1],$uamdomain2) == 0)`
112	`{`	112	`{`
113	`$remove_line = True;`	113	`$remove_line = True;`
114	`break;`	114	`break;`
115	`}`	115	`}`
116	`}`	116	`}`
117	`}`	117	`}`
118	`if (! $remove_line)`	118	`if (! $remove_line)`
119	`{`	119	`{`
120	`fwrite($pointeur,$ligne);`	120	`fwrite($pointeur,$ligne);`
121	`}`	121	`}`
122	`}`	122	`}`
123	`fclose($pointeur);`	123	`fclose($pointeur);`
124	`}`	124	`}`
125	`exec ("sudo /usr/bin/systemctl restart chilli");`	125	`exec ("sudo /usr/bin/systemctl restart chilli");`
126	`break;`	126	`break;`
127	`case 'new_ip' :`	127	`case 'new_ip' :`
128	`if (trim($_POST['add_ip']) != "")`	128	`if (trim($_POST['add_ip']) != "")`
129	`{`	129	`{`
130	`$tab=file(IP_ALLOWED_LIST);`	130	`$tab=file(IP_ALLOWED_LIST);`
131	`$insert = true;`	131	`$insert = true;`
132	`if ($tab) // file isn't empty`	132	`if ($tab) // file isn't empty`
133	`{`	133	`{`
134	`foreach ($tab as $line) // test if domain address doesn't already exist`	134	`foreach ($tab as $line) // test if domain address doesn't already exist`
135	`{`	135	`{`
136	`$ip=explode("\"", $line);`	136	`$ip=explode("\"", $line);`
137	`if (strcmp(trim($_POST['add_ip']),$ip[1]) == 0)`	137	`if (strcmp(trim($_POST['add_ip']),$ip[1]) == 0)`
138	`{`	138	`{`
139	`$insert = false;`	139	`$insert = false;`
140	`break;`	140	`break;`
141	`}`	141	`}`
142	`}`	142	`}`
143	`}`	143	`}`
144	`if ($insert == true)`	144	`if ($insert == true)`
145	`{`	145	`{`
146	`$line ="\nuamallowed=\"" . trim($_POST['add_ip']) ."\" #" . trim($_POST['add_ip_comment']);`	146	`$line ="\nuamallowed=\"" . trim($_POST['add_ip']) ."\" #" . trim($_POST['add_ip_comment']);`
147	`$pointeur=fopen(IP_ALLOWED_LIST,"a");`	147	`$pointeur=fopen(IP_ALLOWED_LIST,"a");`
148	`fwrite ($pointeur, $line);`	148	`fwrite ($pointeur, $line);`
149	`fclose ($pointeur);`	149	`fclose ($pointeur);`
150	`exec ("sudo /usr/local/bin/alcasar-file-clean.sh");`	150	`exec ("sudo /usr/local/bin/alcasar-file-clean.sh");`
151	`exec ("sudo /usr/bin/systemctl restart chilli");`	151	`exec ("sudo /usr/bin/systemctl restart chilli");`
152	`}`	152	`}`
153	`}`	153	`}`
154	`break;`	154	`break;`
155	`case 'change_ip' :`	155	`case 'change_ip' :`
156	`$tab=file(IP_ALLOWED_LIST);`	156	`$tab=file(IP_ALLOWED_LIST);`
157	`if ($tab)`	157	`if ($tab)`
158	`{`	158	`{`
159	`$pointeur=fopen(IP_ALLOWED_LIST,"w+");`	159	`$pointeur=fopen(IP_ALLOWED_LIST,"w+");`
160	`foreach ($tab as $ligne)`	160	`foreach ($tab as $ligne)`
161	`{`	161	`{`
162	`$ip1=explode("\"", $ligne);`	162	`$ip1=explode("\"", $ligne);`
163	`$remove_line = false;`	163	`$remove_line = false;`
164	`foreach ($_POST as $key => $value)`	164	`foreach ($_POST as $key => $value)`
165	`{`	165	`{`
166	`$key = str_replace ("_",".",$key); // dot are replace by '_' in post request`	166	`$key = str_replace ("_",".",$key); // dot are replace by '_' in post request`
167	`if (strstr($key,'del-'))`	167	`if (strstr($key,'del-'))`
168	`{`	168	`{`
169	`$ip2 = str_replace('del-','',$key);`	169	`$ip2 = str_replace('del-','',$key);`
170	`if (strcmp($ip1[1],$ip2) == 0)`	170	`if (strcmp($ip1[1],$ip2) == 0)`
171	`{`	171	`{`
172	`$remove_line = True;`	172	`$remove_line = True;`
173	`break;`	173	`break;`
174	`}`	174	`}`
175	`}`	175	`}`
176	`}`	176	`}`
177	`if (! $remove_line)`	177	`if (! $remove_line)`
178	`{`	178	`{`
179	`fwrite($pointeur,$ligne);`	179	`fwrite($pointeur,$ligne);`
180	`}`	180	`}`
181	`}`	181	`}`
182	`fclose($pointeur);`	182	`fclose($pointeur);`
183	`}`	183	`}`
184	`exec ("sudo /usr/bin/systemctl restart chilli");`	184	`exec ("sudo /usr/bin/systemctl restart chilli");`
185	`break;`	185	`break;`
186	`}`	186	`}`
187	`}`	187	`}`
188	`?>`	188	`?>`
189	`<TABLE width="100%" border=0 cellspacing=0 cellpadding=0>`	189	`<TABLE width="100%" border=0 cellspacing=0 cellpadding=0>`
190	`<tr><th><?echo "$l_trusted_domain";?></th></tr>`	190	`<tr><th><?echo "$l_trusted_domain";?></th></tr>`
191	`<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>`	191	`<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>`
192	`</table>`	192	`</table>`
193	`<table width="100%" border=1 cellspacing=0 cellpadding=1>`	193	`<table width="100%" border=1 cellspacing=0 cellpadding=1>`
194	`<tr><td colspan=2 align="center">`	194	`<tr><td colspan=2 align="center">`
195	`<?`	195	`<?`
196	`echo "$l_trusted_domain_explain</td></tr>";`	196	`echo "$l_trusted_domain_explain</td></tr>\n";`
197	`echo "<tr><td align='center' valign='middle'>";`	197	`echo "<tr><td align='center' valign='middle'>\n";`
-		198	`echo "<FORM action='$_SERVER[PHP_SELF]' method='POST'>\n";`
198	`echo "<table cellspacing=2 cellpadding=2 border=1>";`	199	`echo "<table cellspacing=2 cellpadding=2 border=1>";`
199	`echo "<FORM action='$_SERVER[PHP_SELF]' method='POST'>";`	-
200	`echo "<tr align='center' bgcolor='#d0ddb0'><td>$l_domain<td>$l_comment_explain<td>$l_remove</tr>";`	200	`echo "<tr align='center' bgcolor='#d0ddb0'><td>$l_domain<td>$l_comment_explain<td>$l_remove</tr>\n";`
201	`// Read the "Domain alowed" file`	201	`// Read the "Domain alowed" file`
202	`$tab=file(DOMAIN_ALLOWED_LIST);`	202	`$tab=file(DOMAIN_ALLOWED_LIST);`
203	`if ($tab) # the file isn't empty`	203	`if ($tab) # the file isn't empty`
204	`{`	204	`{`
205	`foreach ($tab as $line)`	205	`foreach ($tab as $line)`
206	`{`	206	`{`
207	`if (trim($line) != '') # the line isn't empty`	207	`if (trim($line) != '') # the line isn't empty`
208	`{`	208	`{`
209	`$domain_allowed=explode("#", $line);`	209	`$domain_allowed=explode("#", $line);`
210	`$uamdomain=trim($domain_allowed[0],"#");`	210	`$uamdomain=trim($domain_allowed[0],"#");`
211	`$domain=explode("\"", $uamdomain);`	211	`$domain=explode("\"", $uamdomain);`
212	`echo "<tr><td>$domain[1]";`	212	`echo "<tr><td>$domain[1]";`
213	`echo "<td>";`	213	`echo "<td>";`
214	`if (isset ($domain_allowed[1])) {`	214	`if (isset ($domain_allowed[1])) {`
215	`echo trim($domain_allowed[1]);}`	215	`echo trim($domain_allowed[1]);}`
216	`else echo "&nbsp";`	216	`else echo "&nbsp";`
217	`echo "<td>";`	217	`echo "<td>";`
218	`echo "<input type='checkbox' name='del-$domain[1]'>";`	218	`echo "<input type='checkbox' name='del-$domain[1]'>";`
219	`echo "</tr>";`	219	`echo "</tr>\n";`
220	`}`	220	`}`
221	`}`	221	`}`
222	`}`	222	`}`
223	`echo "</table>";`	223	`echo "</table>";`
224	`if ($tab)`	224	`if ($tab)`
225	`{`	225	`{`
226	`echo "<input type='hidden' name='choix' value='change_uamdomain'>";`	226	`echo "<input type='hidden' name='choix' value='change_uamdomain'>";`
227	`echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';submit();\" value='$l_apply'>";`	227	`echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';submit();\" value='$l_apply'>";`
228	`}`	228	`}`
229	`?>`	229	`?>`
230	`</form>`	230	`</form>`
231	`</td><td valign='middle' align='center'>`	231	`</td><td valign='middle' align='center'>`
232	`<form action='<?echo"$_SERVER[PHP_SELF]"?>' method='POST'>`	232	`<form action='<?echo"$_SERVER[PHP_SELF]"?>' method='POST'>`
233	`<table cellspacing=2 cellpadding=3 border=1>`	233	`<table cellspacing=2 cellpadding=3 border=1>`
234	`<tr align='center'><td bgcolor='#d0ddb0'><?echo "$l_domain<td bgcolor='#d0ddb0'>$l_comment_explain";?>`	234	`<tr align='center'><td bgcolor='#d0ddb0'><?echo "$l_domain<td bgcolor='#d0ddb0'>$l_comment_explain";?>`
235	`<td></tr>`	235	`<td></tr>`
236	`<tr><td>exemple1 : www.mydomain.com <br>exemple2 : .yourdomain.net`	236	`<tr><td>exemple1 : www.mydomain.com <br>exemple2 : .yourdomain.net`
237	`<td>exemple1 : mydomain<br><?echo "$l_comment_explain2";?><td></tr>`	237	`<td>exemple1 : mydomain<br><?echo "$l_comment_explain2";?><td></tr>`
238	`<tr><td><input type='text' name='add_uamdomain' size='20'>`	238	`<tr><td><input type='text' name='add_uamdomain' size='20'>`
239	`<td><input type='text' name='add_domain_comment' size='15'>`	239	`<td><input type='text' name='add_domain_comment' size='15'>`
240	`<input type='hidden' name='choix' value='new_uamdomain'>`	240	`<input type='hidden' name='choix' value='new_uamdomain'></td>`
241	`<td><input type='submit' onClick="this.disabled=true; this.value='<?echo $l_load;?>';submit();" value='<?echo "$l_add_to_list";?>'>`	241	`<td><input type='submit' onClick="this.disabled=true; this.value='<?echo $l_load;?>';submit();" value='<?echo "$l_add_to_list";?>'>`
242	`</tr></table>`	242	`</tr></table>`
243	`</form>`	243	`</form>`
244	`</tr>`	244	`</tr>`
245	`</table>`	245	`</table>`
246	`<table width="100%" border="0" cellspacing="0" cellpadding="0">`	246	`<table width="100%" border="0" cellspacing="0" cellpadding="0">`
247	`<tr><th><?php echo "$l_trusted_ip" ;?></th></tr>`	247	`<tr><th><?php echo "$l_trusted_ip" ;?></th></tr>`
248	`<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>`	248	`<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>`
249	`</table>`	249	`</table>`
250	`<table width="100%" border=1 cellspacing=0 cellpadding=1>`	250	`<table width="100%" border=1 cellspacing=0 cellpadding=1>`
251	`<tr><td colspan=2 align="center">`	251	`<tr><td colspan=2 align="center">`
252	`<?`	252	`<?`
253	`echo "$l_trusted_ip_explain</td></tr>";`	253	`echo "$l_trusted_ip_explain</td></tr>\n";`
254	`echo "<tr><td align='center' valign='middle'>";`	254	`echo "<tr><td align='center' valign='middle'>\n";`
-		255	`echo "<FORM action='$_SERVER[PHP_SELF]' method='POST'>\n";`
255	`echo "<table cellspacing=2 cellpadding=2 border=1>";`	256	`echo "<table cellspacing=2 cellpadding=2 border=1>";`
256	`echo "<FORM action='$_SERVER[PHP_SELF]' method='POST'>";`	-
257	`echo "<tr align='center' bgcolor='#d0ddb0'><td>$l_trusted_ip<td>$l_comment<td>$l_remove</tr>";`	257	`echo "<tr align='center' bgcolor='#d0ddb0'><td>$l_trusted_ip<td>$l_comment<td>$l_remove</tr>\n";`
258	`// Read the "ip alowed" file`	258	`// Read the "ip alowed" file`
259	`$tab=file(IP_ALLOWED_LIST);`	259	`$tab=file(IP_ALLOWED_LIST);`
260	`if ($tab) # the file isn't empty`	260	`if ($tab) # the file isn't empty`
261	`{`	261	`{`
262	`foreach ($tab as $line)`	262	`foreach ($tab as $line)`
263	`{`	263	`{`
264	`if (trim($line) != '') # the line isn't empty`	264	`if (trim($line) != '') # the line isn't empty`
265	`{`	265	`{`
266	`$ip_allowed=explode("#", $line);`	266	`$ip_allowed=explode("#", $line);`
267	`$ip_a=trim($ip_allowed[0],"#");`	267	`$ip_a=trim($ip_allowed[0],"#");`
268	`$ip=explode("\"", $ip_a);`	268	`$ip=explode("\"", $ip_a);`
269	`echo "<tr><td>$ip[1]";`	269	`echo "<tr><td>$ip[1]";`
270	`echo "<td>";`	270	`echo "<td>";`
271	`if (isset($ip_allowed[1]))`	271	`if (isset($ip_allowed[1]))`
272	`echo trim($ip_allowed[1]);`	272	`echo trim($ip_allowed[1]);`
273	`else echo " ";`	273	`else echo " ";`
274	`echo "<td><input type='checkbox' name='del-$ip[1]'>";`	274	`echo "<td><input type='checkbox' name='del-$ip[1]'>";`
275	`echo "</tr>";`	275	`echo "</tr>\n";`
276	`}`	276	`}`
277	`}`	277	`}`
278	`}`	278	`}`
279	`echo "</table>";`	279	`echo "</table>";`
280	`if ($tab)`	280	`if ($tab)`
281	`{`	281	`{`
282	`echo "<input type='hidden' name='choix' value='change_ip'>";`	282	`echo "<input type='hidden' name='choix' value='change_ip'>";`
283	`echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';submit();\" value='$l_apply'>";`	283	`echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';submit();\" value='$l_apply'>";`
284	`}`	284	`}`
285	`?>`	285	`?>`
286	`</form>`	286	`</form>`
287	`</td><td valign='middle' align='center'>`	287	`</td><td valign='middle' align='center'>`
288	`<form action='<?echo "$_SERVER[PHP_SELF]"?>' method='POST'>`	288	`<form action='<?echo "$_SERVER[PHP_SELF]"?>' method='POST'>`
289	`<table cellspacing=2 cellpadding=3 border=1>`	289	`<table cellspacing=2 cellpadding=3 border=1>`
290	`<tr align='center'><td bgcolor='#d0ddb0'><?echo "$l_trusted_ip<td bgcolor='#d0ddb0'>$l_comment";?>`	290	`<tr align='center'><td bgcolor='#d0ddb0'><?echo "$l_trusted_ip<td bgcolor='#d0ddb0'>$l_comment";?>`
291	`<td></tr>`	291	`<td></tr>`
292	`<tr><td>exemple1 : 170.25.23.10 <br>exemple2 : 15.20.20.0/16</td>`	292	`<tr><td>exemple1 : 170.25.23.10 <br>exemple2 : 15.20.20.0/16</td>`
293	`<td>my_web_server <br>my_dmz<td></tr>`	293	`<td>my_web_server <br>my_dmz<td></tr>`
294	`<tr><td><input type='text' name='add_ip' size='20'></td>`	294	`<tr><td><input type='text' name='add_ip' size='20'></td>`
295	`<td><input type='text' name='add_ip_comment' size='15'></td>`	295	`<td><input type='text' name='add_ip_comment' size='15'>`
296	`<input type='hidden' name='choix' value='new_ip'>`	296	`<input type='hidden' name='choix' value='new_ip'></td>`
297	`<td><input type='submit' onClick="this.disabled=true; this.value='<?echo $l_load;?>';submit();" value='<?echo "$l_add_to_list";?>'></td>`	297	`<td><input type='submit' onClick="this.disabled=true; this.value='<?echo $l_load;?>';submit();" value='<?echo "$l_add_to_list";?>'></td>`
298	`</tr></table>`	298	`</tr></table>`
299	`</td></tr>`	-
300	`</table>`	-
301	`</form>`	299	`</form>`
-		300	`</table>`
302	`<table width="100%" border="0" cellspacing="0" cellpadding="0">`	301	`<table width="100%" border="0" cellspacing="0" cellpadding="0">`
303	`<tr><th><?php echo "$l_trusted_equipments";?></th></tr>`	302	`<tr><th><?php echo "$l_trusted_equipments";?></th></tr>`
304	`<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>`	303	`<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>`
305	`</table>`	304	`</table>`
306	`<table width="100%" border=1 cellspacing=0 cellpadding=1>`	305	`<table width="100%" border=1 cellspacing=0 cellpadding=1>`
307	`<tr><td colspan=2 align="center">`	306	`<tr><td colspan=2 align="center">`
308	`<?echo "$l_trusted_equipments_explain";?>`	307	`<?echo "$l_trusted_equipments_explain";?>`
309	`</td></tr>`	308	`</td></tr>`
310	`</table>`	309	`</table>`
311	`</BODY>`	310	`</BODY>`
312	`</HTML>`	311	`</HTML>`
313		312

Subversion Repositories ALCASAR

(root)/web/acc/manager/auth_exceptions.php – Rev 2083 → 2138