Subversion Repositories ALCASAR

Rev

Rev 1988 | Rev 1992 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 1988 Rev 1989
Line 1... Line 1...
1
<?php
1
<?php
2
# $Id: index.php 1988 2016-07-13 14:16:37Z raphael.pion $
2
# $Id: index.php 1989 2016-07-14 13:38:53Z raphael.pion $
3
#
3
#
4
# index.php for ALCASAR
4
# index.php for ALCASAR
5
# by REXY
5
# by REXY
6
# UI & css style by stephane ERARD
6
# UI & css style by stephane ERARD
7
# The contents of this file may be used under the terms of the GNU
7
# The contents of this file may be used under the terms of the GNU
Line 46... Line 46...
46
$domainname = trim($conf["DOMAIN"]);
46
$domainname = trim($conf["DOMAIN"]);
47
$hostname = "alcasar.".$domainname;
47
$hostname = "alcasar.".$domainname;
48
$network_pb = False;
48
$network_pb = False;
49
$cert_add = "http://$hostname/certs";
49
$cert_add = "http://$hostname/certs";
50
$direct_access = False;
50
$direct_access = False;
-
 
51
$display_button_user_not_auth_yet=False;
51
$diagnostic = "can't contact the default router";
52
$diagnostic = "can't contact the default router";
52
$remote_ip = preg_match('#^([0-9]{1,3}\.){3}[0-9]{1,3}$#', $_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : "";
53
$remote_ip = preg_match('#^([0-9]{1,3}\.){3}[0-9]{1,3}$#', $_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : "";
53
$tab = array();$user = array();
54
$tab = array();$user = array();
54
$connection_history =  "";
55
$connection_history =  "";
55
$nb_connection_history = 3;
56
$nb_connection_history = 3;
Line 109... Line 110...
109
{
110
{
110
	# the user isn't connected and he isn't in the ipset "not_auth_yet" yet 
111
	# the user isn't connected and he isn't in the ipset "not_auth_yet" yet 
111
	exec("sudo /usr/sbin/ipset list not_auth_yet | grep $remote_ip | wc -l 2>&1", $ipset_not_auth_yet);
112
	exec("sudo /usr/sbin/ipset list not_auth_yet | grep $remote_ip | wc -l 2>&1", $ipset_not_auth_yet);
112
	if(!$direct_access && $ipset_not_auth_yet[0] == '0')
113
	if(!$direct_access && $ipset_not_auth_yet[0] == '0')
113
	{
114
	{
-
 
115
		if(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on") # if HTTPS, we redirect user to HTTP to flag him (ipset : not_auth_yet)
-
 
116
		{
-
 
117
			header("Location: http://$_SERVER[HTTP_HOST]");
-
 
118
			exit;
-
 
119
		}
-
 
120
		
-
 
121
		$display_button_user_not_auth_yet=True; # Display menu for user not_auth_yet, he need to click on 'open connection' to be flagged in the ipset "not_auth_yet"
-
 
122
	}
-
 
123
	if(isset($_GET['url'])) #When user clicked to open a connection ...
-
 
124
	{
-
 
125
		exec("sudo /usr/sbin/ipset add not_auth_yet $remote_ip"); # Add user in the ipset "not_auth_yet" to not loop when redirected
-
 
126
	        echo "<script>window.location.href='http://$_GET[url]'</script>"; #we redirect him to his HTTP website (to be intecepted by coova)
-
 
127
		exit; 
-
 
128
		
-
 
129
	}
-
 
130
	if ((!$direct_access && !$display_button_user_not_auth_yet) || $ipset_not_auth_yet[0] == '1'){ #if user not_auth_yet still here (index.php), we force DNS resquest.
-
 
131
		 echo "<script>window.location.reload(true)</script>"; #We force DNS request
-
 
132
	}
-
 
133
	
-
 
134
	
-
 
135
	/* ANCIEN FONCTIONNEMENT : l'utilisateur ne cliquait pas sur le boutton pour etre flaggué + pas d'access au menu index.php avec les boutons
-
 
136
	# the user isn't connected and he isn't in the ipset "not_auth_yet" yet 
-
 
137
	exec("sudo /usr/sbin/ipset list not_auth_yet | grep $remote_ip | wc -l 2>&1", $ipset_not_auth_yet);
-
 
138
	if(!$direct_access && $ipset_not_auth_yet[0] == '0')
-
 
139
	{
114
		exec("sudo /usr/sbin/ipset add not_auth_yet $remote_ip"); # Add in the ipset "not_auth_yet" to not loop when redirected
140
		exec("sudo /usr/sbin/ipset add not_auth_yet $remote_ip"); # Add in the ipset "not_auth_yet" to not loop when redirected
-
 
141
		
115
	        if(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on")
142
	        if(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on")
116
	        {
143
	        {
117
	                header("Location: http://$_SERVER[HTTP_HOST]");
144
	                header("Location: http://$_SERVER[HTTP_HOST]");
118
	        }
145
	        }
119
	        else
146
	        else
Line 121... Line 148...
121
	                echo "<script>window.location.reload(true)</script>"; # the user web browser need to perform a new DNS request when redirected (as in a "<CTRL>+F5")
148
	                echo "<script>window.location.reload(true)</script>"; # the user web browser need to perform a new DNS request when redirected (as in a "<CTRL>+F5")
122
	                echo "<script>window.location.href='http://$_SERVER[HTTP_HOST]'</script>"; 
149
	                echo "<script>window.location.href='http://$_SERVER[HTTP_HOST]'</script>"; 
123
	        }
150
	        }
124
	        exit; 
151
	        exit; 
125
	}
152
	}
-
 
153
	if(!$direct_access) #If user is already in not_auth_yet
-
 
154
        {
-
 
155
                echo "<script>window.location.reload(true)</script>"; #We force DNS request
-
 
156
                exit;
-
 
157
        }*/
-
 
158
	
126
	
159
	
127
	
160
	
128
}
161
}
129
 
-
 
130
# Choice of language
162
# Choice of language
131
$Language = 'en';
163
$Language = 'en';
132
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
164
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
133
  $Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
165
  $Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
134
  $Language = strtolower(substr(chop($Langue[0]),0,2)); }
166
  $Language = strtolower(substr(chop($Langue[0]),0,2)); }
Line 149... Line 181...
149
  $l_certif_explain = "Permet l'&eacute;change de donn&eacute;es s&eacute;curis&eacute;es entre votre station de consultation et le portail captif ALCASAR.<BR>Si ce certificat n'est pas enregistr&eacute; sur votre station de consultation, il est possible que des alertes de s&eacute;curit&eacute;s soient &eacute;mises par votre navigateur.<br><br>";
181
  $l_certif_explain = "Permet l'&eacute;change de donn&eacute;es s&eacute;curis&eacute;es entre votre station de consultation et le portail captif ALCASAR.<BR>Si ce certificat n'est pas enregistr&eacute; sur votre station de consultation, il est possible que des alertes de s&eacute;curit&eacute;s soient &eacute;mises par votre navigateur.<br><br>";
150
  $l_certif_explain_help = "<a href=\"alcasar-certificat.pdf\" target=\"_blank\">Aide complémentaire</a>";
182
  $l_certif_explain_help = "<a href=\"alcasar-certificat.pdf\" target=\"_blank\">Aide complémentaire</a>";
151
  $l_category = "catégorie :";
183
  $l_category = "catégorie :";
152
if ((isset ($user[4])) && ($user[4] == "0")) {
184
if ((isset ($user[4])) && ($user[4] == "0")) {
153
	  $l_logout_explain = "Aucune session de consultation Internet n'est actuellement ouverte sur votre syst&egrave;me.";
185
	  $l_logout_explain = "Aucune session de consultation Internet n'est actuellement ouverte sur votre syst&egrave;me.";
-
 
186
	  
-
 
187
	  if($display_button_user_not_auth_yet)
-
 
188
	  {
-
 
189
		  $l_logout = "<a href=\"http://alcasar/index.php?url=$_SERVER[HTTP_HOST]\">Ouvrir une session Internet</a>";
-
 
190
	  }
-
 
191
	  else
-
 
192
	  {
154
	  $l_logout = "<a href=\"http://www.google.com\">Ouvrir une session Internet</a>";
193
		  $l_logout = "<a href=\"http://www.google.com\">Ouvrir une session Internet</a>";
-
 
194
	  }
155
	  
195
	  
156
 
196
 
157
	}
197
	}
158
  else {
198
  else {
159
	  if ($user[5] != $user[0]) // authentication exception or not
199
	  if ($user[5] != $user[0]) // authentication exception or not
Line 192... Line 232...
192
  $l_certif_explain = "O certificado Permiti a troca de dados seguro entre seu computador e o portal Alcasar.<BR>Se este certificado não estiver incorporado no seu computador, alguns alertas de segurança deverá aparecer no navegador.<br><br>";
232
  $l_certif_explain = "O certificado Permiti a troca de dados seguro entre seu computador e o portal Alcasar.<BR>Se este certificado não estiver incorporado no seu computador, alguns alertas de segurança deverá aparecer no navegador.<br><br>";
193
  $l_certif_explain_help = "<a href=\"alcasar-certificat.pdf\" target=\"_blank\">Essa foi uma ajuda complementar</a>";
233
  $l_certif_explain_help = "<a href=\"alcasar-certificat.pdf\" target=\"_blank\">Essa foi uma ajuda complementar</a>";
194
  $l_category = "categoria :";
234
  $l_category = "categoria :";
195
if ((isset ($user[4])) && ($user[4] == "0")) {
235
if ((isset ($user[4])) && ($user[4] == "0")) {
196
	  $l_logout_explain = "Não há conexão de Internet aberta em seu computador, deseja conectar?";
236
	  $l_logout_explain = "Não há conexão de Internet aberta em seu computador, deseja conectar?";
-
 
237
	  if($display_button_user_not_auth_yet)
-
 
238
	  {
-
 
239
		  $l_logout = "<a href=\"http://alcasar/index.php?url=$_SERVER[HTTP_HOST]\">Abrir uma conexão de Internet</a>";
-
 
240
	  }
-
 
241
	  else
-
 
242
	  {
197
	  $l_logout = "<a href=\"http://www.google.com\">Abrir uma conexão de Internet</a>";
243
		  $l_logout = "<a href=\"http://www.google.com\">Abrir uma conexão de Internet</a>";
-
 
244
	  }
-
 
245
	  
198
	  
246
	  
199
 
247
 
200
	}
248
	}
201
  else {
249
  else {
202
	  if ($user[5] != $user[0]) // authentication exception or not
250
	  if ($user[5] != $user[0]) // authentication exception or not
Line 235... Line 283...
235
  $l_certif_explain = "Allow secure data exchange between your computer and ALCASAR portal.<BR>If this certificate isn't incorporated in your computer, some security alerts should appear in your browser.<br><br>";
283
  $l_certif_explain = "Allow secure data exchange between your computer and ALCASAR portal.<BR>If this certificate isn't incorporated in your computer, some security alerts should appear in your browser.<br><br>";
236
  $l_certif_explain_help = "<a href=\"alcasar-certificat.pdf\" target=\"_blank\">Complementary help</a>";
284
  $l_certif_explain_help = "<a href=\"alcasar-certificat.pdf\" target=\"_blank\">Complementary help</a>";
237
  $l_category = "category :";
285
  $l_category = "category :";
238
if ((isset ($user[4])) && ($user[4] == "0")) {
286
if ((isset ($user[4])) && ($user[4] == "0")) {
239
	  $l_logout_explain = "No Internet consultation session is actualy open on your system";
287
	  $l_logout_explain = "No Internet consultation session is actualy open on your system";
-
 
288
	  if($display_button_user_not_auth_yet)
-
 
289
	  {
-
 
290
		  $l_logout = "<a href=\"http://alcasar/index.php?url=$_SERVER[HTTP_HOST]\">Open an Internet session</a>";
-
 
291
	  }
-
 
292
	  else
-
 
293
	  {
240
		$l_logout = "<a href=\"http://www.google.com\">Open an Internet session</a>";
294
		  $l_logout = "<a href=\"http://www.google.com\">Open an Internet session</a>";
-
 
295
	  }
241
	  
296
	  
242
 
297
 
243
	}
298
	}
244
  else {
299
  else {
245
	  if ($user[5] != $user[0]) // authentication exception or not
300
	  if ($user[5] != $user[0]) // authentication exception or not
Line 264... Line 319...
264
 
319
 
265
$l_title = ($direct_access ? $l_access_welcome : ($network_pb ? $l_access_unavailable : $l_access_denied));
320
$l_title = ($direct_access ? $l_access_welcome : ($network_pb ? $l_access_unavailable : $l_access_denied));
266
$l_explain = ($direct_access ? $l_explain_acc_access : ($network_pb ? $l_explain_net_pb : $l_explain_access_deny));
321
$l_explain = ($direct_access ? $l_explain_acc_access : ($network_pb ? $l_explain_net_pb : $l_explain_access_deny));
267
 
322
 
268
# set the icons
323
# set the icons
269
$img_rep = "images/";
324
$img_rep = "http://alcasar/images/";
270
$img_organisme = "organisme.png";
325
$img_organisme = "organisme.png";
271
$img_access = "globe_acces_70.png";
326
$img_access = "globe_acces_70.png";
272
$img_connect = "globe_70.png";
327
$img_connect = "globe_70.png";
273
$img_warning = "globe_warning_70.png";
328
$img_warning = "globe_warning_70.png";
274
$img_pwd = "cle_ombre.png";
329
$img_pwd = "cle_ombre.png";
Line 297... Line 352...
297
	<head>
352
	<head>
298
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
353
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
299
	<title>ALCASAR - <?php echo $l_title; ?></title>
354
	<title>ALCASAR - <?php echo $l_title; ?></title>
300
	<meta http-equiv="Cache-control" content="no-cache">
355
	<meta http-equiv="Cache-control" content="no-cache">
301
	<meta http-equiv="Pragma" content="no-cache">
356
	<meta http-equiv="Pragma" content="no-cache">
-
 
357
<?php
-
 
358
	if($display_button_user_not_auth_yet) #if user is intercepted (ipset:not_auth_yet), css style is not included properly
-
 
359
	{
-
 
360
		echo "<style>";
-
 
361
		include("css/style_intercept.css");
-
 
362
		echo "</style>";
-
 
363
	}
-
 
364
	else
-
 
365
	{
302
	<link rel="stylesheet" type="text/css" href="css/style_intercept.css">
366
	echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"css/style_intercept.css\">";
-
 
367
	}
-
 
368
?>
303
	<script type="text/javascript">
369
	<script type="text/javascript">
304
		function valoriserDiv5(param){
370
		function valoriserDiv5(param){
305
			document.getElementById("box_info").innerHTML = param.innerHTML;
371
			document.getElementById("box_info").innerHTML = param.innerHTML;
306
		}
372
		}
307
	</script>
373
	</script>
308
</head>
374
</head>
309
<body onload="valoriserDiv5(text_conn);">
375
<body onload="valoriserDiv5(text_conn);">
310
<?php
376
<?php
311
if ($direct_access){
377
if ($direct_access || $display_button_user_not_auth_yet){
312
	echo "
378
	echo "
313
		<div id=\"cadre_titre\" class=\"titre_controle\">
379
		<div id=\"cadre_titre\" class=\"titre_controle\">
314
			<p id=\"acces_controle\" class=\"titre_controle\">$l_title</p>";
380
			<p id=\"acces_controle\" class=\"titre_controle\">$l_title</p>";
315
	if ($network_pb) {
381
	if ($network_pb) {
316
		echo "	<span>$l_explain_net_pb</span>";
382
		echo "	<span>$l_explain_net_pb</span>";
Line 321... Line 387...
321
			<div id=\"cadre_titre\" class=\"titre_refus\">
387
			<div id=\"cadre_titre\" class=\"titre_refus\">
322
				<p id=\"acces_controle\" class=\"titre_refus\">$l_title</p>";
388
				<p id=\"acces_controle\" class=\"titre_refus\">$l_title</p>";
323
	}
389
	}
324
?>
390
?>
325
			<div id="boite_logo">
391
			<div id="boite_logo">
326
				<img src="images/organisme.png">
392
				<img src="<?php echo "$img_rep$img_organisme"; ?>">
327
			</div>
393
			</div>
328
		</div>
394
		</div>
329
		<div id="contenu_acces">
395
		<div id="contenu_acces">
330
			<div id="box_url">
396
			<div id="box_url">
331
<?php 
397
<?php 
Line 356... Line 422...
356
$sms_div='';
422
$sms_div='';
357
$sms_div_over='';
423
$sms_div_over='';
358
}
424
}
359
?>
425
?>
360
<?php
426
<?php
361
if ($direct_access){
427
if ($direct_access || $display_button_user_not_auth_yet){
362
	echo "	<div id=\"box_bienvenue\">
428
	echo "	<div id=\"box_bienvenue\">
363
				$l_welcome
429
				$l_welcome
364
			</div>
430
			</div>
365
			<div class=\"box_menu\" id=\"box_conn\" onmouseover=\"valoriserDiv5(text_conn);\">
431
			<div class=\"box_menu\" id=\"box_conn\" onmouseover=\"valoriserDiv5(text_conn);\">
366
				<span>$l_logout</span>
432
				<span>$l_logout</span>
Line 392... Line 458...
392
			</div>
458
			</div>
393
			$sms_div_over
459
			$sms_div_over
394
			<div id=\"box_info\">
460
			<div id=\"box_info\">
395
			</div>";
461
			</div>";
396
	}
462
	}
397
	else {
463
else {
398
		echo "
464
		echo "
399
			<div id=\"box_refuse\">
465
			<div id=\"box_refuse\">
400
				<img src=\"$img_rep$img_false\">
466
				<img src=\"$img_rep$img_false\">
401
				<p>$l_explain</p>
467
				<p>$l_explain</p>
402
			</div>
468
			</div>
Line 414... Line 480...
414
				<a href="https://<?php echo $hostname; ?>/acc/"><img src=<?php echo $img_rep.''.$img_adm; ?>></a>
480
				<a href="https://<?php echo $hostname; ?>/acc/"><img src=<?php echo $img_rep.''.$img_adm; ?>></a>
415
			</div>
481
			</div>
416
		</div>
482
		</div>
417
	</body>
483
	</body>
418
</html>
484
</html>
-
 
485
 
-
 
486