Subversion Repositories ALCASAR

Rev

Rev 2612 | Rev 2743 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2612 Rev 2688
Line 1... Line 1...
1
<?php
1
<?php
2
# $Id: index.php 2612 2018-08-22 16:37:28Z tom.houdayer $
2
# $Id: index.php 2688 2019-01-18 23:15:49Z lucas.echard $
3
#
3
#
4
# index.php for ALCASAR by Rexy
4
# index.php for ALCASAR by Rexy
5
# UI & css style by stephane ERARD
5
# UI & css style by stephane ERARD
6
# The contents of this file may be used under the terms of the GNU
6
# The contents of this file may be used under the terms of the GNU
7
# General Public License Version 2, provided that the above copyright
7
# General Public License Version 2, provided that the above copyright
Line 78... Line 78...
78
                'connected' => false,
78
                'connected' => false,
79
                'username'  => ''
79
                'username'  => ''
80
        ];
80
        ];
81
}
81
}
82
 
82
 
83
// Test if it's a direct connexion to ALCASAR
83
// Test if it's a direct connection to ALCASAR
84
if (isset($_SERVER['HTTP_HOST']) && (($_SERVER['HTTP_HOST'] === $_SERVER['SERVER_ADDR']) || ($_SERVER['HTTP_HOST'] === 'alcasar') || ($_SERVER['HTTP_HOST'] === $hostname) || ($_SERVER['HTTP_HOST'] === $organisme))) {
84
if (isset($_SERVER['HTTP_HOST']) && (($_SERVER['HTTP_HOST'] === $_SERVER['SERVER_ADDR']) || ($_SERVER['HTTP_HOST'] === 'alcasar') || ($_SERVER['HTTP_HOST'] === $hostname) || ($_SERVER['HTTP_HOST'] === $organisme))) {
85
        $direct_access = true;
85
        $direct_access = true;
86
}
86
}
87
 
87
 
88
// Function to adapt time connexion in seconds to H,M,S
88
// Function to adapt time connection in seconds to H,M,S
89
function secondsToDuration($seconds = null){
89
function secondsToDuration($seconds = null){
90
        if ($seconds == null) return "";
90
        if ($seconds == null) return "";
91
        $temp = $seconds % 3600;
91
        $temp = $seconds % 3600;
92
        $time[0] = ( $seconds - $temp ) / 3600 ;        // hours
92
        $time[0] = ( $seconds - $temp ) / 3600 ;        // hours
93
        $time[2] = $temp % 60 ;                         // seconds
93
        $time[2] = $temp % 60 ;                         // seconds
Line 130... Line 130...
130
        }
130
        }
131
} else { // the user isn't authenticated
131
} else { // the user isn't authenticated
132
        if (isset($_GET['url'])) { // it's the second stage (when user has clicked on the button "open a connection")
132
        if (isset($_GET['url'])) { // it's the second stage (when user has clicked on the button "open a connection")
133
                $redir = 'http://'.$_GET['url'];
133
                $redir = 'http://'.$_GET['url'];
134
                header("Location: $redir", true, 307);
134
                header("Location: $redir", true, 307);
135
                exit();
135
                exit();
136
        }
136
        }
137
}
137
}
138
 
138
 
139
// Choice of language
139
// Choice of language
140
$Language = 'en';
140
$Language = 'en';
Line 222... Line 222...
222
        $l_sms_explain = "Redirect you on auto registration page.<br><br><strong>Login:</strong> your phone number<br><strong>Password:</strong> SMS content";
222
        $l_sms_explain = "Redirect you on auto registration page.<br><br><strong>Login:</strong> your phone number<br><strong>Password:</strong> SMS content";
223
        $l_back_page = "<a href=\"javascript:history.back()\">Página anterior</a>";
223
        $l_back_page = "<a href=\"javascript:history.back()\">Página anterior</a>";
224
        $l_service_sms = "SMS service enable";
224
        $l_service_sms = "SMS service enable";
225
        $l_service_sms_n = "SMS service disable";
225
        $l_service_sms_n = "SMS service disable";
226
        $l_acc_sms = "Auto registration by SMS";
226
        $l_acc_sms = "Auto registration by SMS";
227
        $l_explain_warn = "El administrador ha creado un archivo que contiene los periódicos de inicio de sesión como parte de un proceso judicial.";
227
        $l_explain_warn = "El administrador ha creado un archivo que contiene los periódicos de inicio de sesión como parte de un proceso judicial.";
228
        if (isset($_GET['url'])) {
228
        if (isset($_GET['url'])) {
229
                $l_continue_link = "<a href=\"index.php?redirect=1&url=".urlencode($_GET['url'])."\" class=\"button\">Lo comprendo y deseo continuar mi navegación.</a>";
229
                $l_continue_link = "<a href=\"index.php?redirect=1&url=".urlencode($_GET['url'])."\" class=\"button\">Lo comprendo y deseo continuar mi navegación.</a>";
230
        } else {
230
        } else {
231
                $l_continue_link = "<a href=\"index.php\" class=\"button\">Lo comprendo y deseo continuar mi navegación.</a>";
231
                $l_continue_link = "<a href=\"index.php\" class=\"button\">Lo comprendo y deseo continuar mi navegación.</a>";
232
        }
232
        }
Line 358... Line 358...
358
        $l_required_domain = "Required WEB site";
358
        $l_required_domain = "Required WEB site";
359
        $l_explain_acc_access = "This center control the portal. You must have an administrative account.";
359
        $l_explain_acc_access = "This center control the portal. You must have an administrative account.";
360
        $l_explain_access_deny = "You try to connect to a resource whose content is deemed to contain inappropriate information.";
360
        $l_explain_access_deny = "You try to connect to a resource whose content is deemed to contain inappropriate information.";
361
        $l_explain_net_pb = "Your portal has just detected that the Internet access is down";
361
        $l_explain_net_pb = "Your portal has just detected that the Internet access is down";
362
        $l_contact_access_deny = "Contact your security system manager if you think this filtering is abusive.";
362
        $l_contact_access_deny = "Contact your security system manager if you think this filtering is abusive.";
363
        $l_contact_net_pb = "Contact your network responsive or your Internet provider for more information";
363
        $l_contact_net_pb = "Contact your network responsive or your Internet provider for further information.";
364
        $l_sms_access = "<a href=\"//$hostname/autoregistrationinfo.php\">Auto Registration by SMS</a>";
364
        $l_sms_access = "<a href=\"//$hostname/autoregistrationinfo.php\">Auto Registration by SMS</a>";
365
        $l_install_certif = "Install ALCASAR AC Certificate";
365
        $l_install_certif = "Install ALCASAR AC Certificate";
366
        $l_install_certif_more = "Install ALCASAR AC Certificate";
366
        $l_install_certif_more = "Install ALCASAR AC Certificate";
367
        $l_certif_explain = "Allow secure data exchange between your computer and ALCASAR portal.<BR>If this certificate isn't incorporated in your computer, some security alerts should appear in your browser.<br><br>";
367
        $l_certif_explain = "Allow secure data exchange between your computer and ALCASAR portal.<BR>If this certificate isn't incorporated in your computer, some security alerts should appear in your browser.<br><br>";
368
        $l_certif_explain_help = "<a href=\"alcasar-certificat.pdf\" target=\"_blank\">Complementary help</a>";
368
        $l_certif_explain_help = "<a href=\"alcasar-certificat.pdf\" target=\"_blank\">Complementary help</a>";
369
        $l_category = "category :";
369
        $l_category = "category:";
370
        if (!$user->connected) {
370
        if (!$user->connected) {
371
                $l_logout_explain = "No Internet consultation session is actualy open on your system";
371
                $l_logout_explain = "No Internet consultation session is currently open on your system";
372
                $l_logout = "<a href=\"//$hostname/index.php?url=$redirect_link\">Open an Internet session</a>";
372
                $l_logout = "<a href=\"//$hostname/index.php?url=$redirect_link\">Open an Internet session</a>";
373
        } else {
373
        } else {
374
                if ($user->username != $user->mac) { // authentication exception or not
374
                if ($user->username != $user->mac) { // authentication exception or not
375
                        $l_logout_explain = "Close the session of the user currently connected.<br> User logged-on : <a href=\"$logout_link\" title=\"Disconnect user $user->username\"><b>$user->username</b></a><br><br>$nb_connection_history last connections :$connection_history";
375
                        $l_logout_explain = "Close the session of the currently logged-in user.<br> User logged-on: <a href=\"$logout_link\" title=\"Disconnect user $user->username\"><b>$user->username</b></a><br><br>$nb_connection_history last connections:$connection_history";
376
                        $l_logout = "<a href=\"$logout_link\">Logoff from internet</a>";
376
                        $l_logout = "<a href=\"$logout_link\">Logoff from the internet</a>";
377
                } else {
377
                } else {
378
                        $l_logout_explain = "Your system ($user->username) is in exception of authentication.<br><br>$nb_connection_history Last logins :$connection_history";
378
                        $l_logout_explain = "Your system ($user->username) is in exception of authentication.<br><br>$nb_connection_history Last logins:$connection_history";
379
                        $l_logout = "Connections information";
379
                        $l_logout = "Connections information";
380
                }
380
                }
381
        }
381
        }
382
        $l_password_change = "<a href=\"https://$hostname/password.php\">Change your password</a>";
382
        $l_password_change = "<a href=\"https://$hostname/password.php\">Change your password</a>";
383
        $l_password_change_explain = "Redirect you on password change page.<br><br> You should already have an Internet access account.";
383
        $l_password_change_explain = "Redirect you on password change page.<br><br> You should already have an Internet access account.";
Line 392... Line 392...
392
        } else {
392
        } else {
393
                $l_continue_link = "<a href=\"index.php\" class=\"button\">I understand and I wish to continue.</a>";
393
                $l_continue_link = "<a href=\"index.php\" class=\"button\">I understand and I wish to continue.</a>";
394
        }
394
        }
395
        $l_title_warn="Dear user,";
395
        $l_title_warn="Dear user,";
396
        $l_explain_warn_name="Someone called ";
396
        $l_explain_warn_name="Someone called ";
397
        $l_explain_warn_ip="with this IP : ";
397
        $l_explain_warn_ip="with this IP: ";
398
        $l_explain_warn_date="has read your connexion logs at ";
398
        $l_explain_warn_date="has read your connection logs at ";
399
        $l_explain_warn_reason="For this reason : ";
399
        $l_explain_warn_reason="For this reason: ";
400
        $l_uam_domain = "Authorized websites : ";
400
        $l_uam_domain = "Authorized websites: ";
401
}
401
}
402
 
402
 
403
$l_title   = ($direct_access ? $l_access_welcome     : ($network_pb ? $l_access_unavailable : $l_access_denied));
403
$l_title   = ($direct_access ? $l_access_welcome     : ($network_pb ? $l_access_unavailable : $l_access_denied));
404
$l_explain = ($direct_access ? $l_explain_acc_access : ($network_pb ? $l_explain_net_pb     : $l_explain_access_deny));
404
$l_explain = ($direct_access ? $l_explain_acc_access : ($network_pb ? $l_explain_net_pb     : $l_explain_access_deny));
405
 
405
 
Line 459... Line 459...
459
}
459
}
460
 
460
 
461
// Search blacklist categories
461
// Search blacklist categories
462
if ((!$direct_access) && (!$network_pb) && (!isset($_GET['warn']))) {
462
if ((!$direct_access) && (!$network_pb) && (!isset($_GET['warn']))) {
463
        $pattern = str_replace('www.', '', $_SERVER['HTTP_HOST']);
463
        $pattern = str_replace('www.', '', $_SERVER['HTTP_HOST']);
464
        $output = [];
464
        $categories = [];
465
        exec('grep -Re ' . escapeshellarg('^'.$pattern.'$') . " /etc/e2guardian/lists/blacklists/*/domains | cut -d'/' -f6", $output);
465
        exec('grep -Re ' . escapeshellarg('^'.$pattern.'$') . " /etc/e2guardian/lists/blacklists/*/domains | cut -d'/' -f6", $categories);
466
        $lists = [];
-
 
467
        foreach ($output as $line) {
-
 
468
                $lists[] = $line;
-
 
469
        }
-
 
470
 
466
 
471
        $filteredUrlHtml = $l_required_domain.' : '.htmlspecialchars($_SERVER['HTTP_HOST']);
467
        $filteredUrlHtml = $l_required_domain.' : '.htmlspecialchars($_SERVER['HTTP_HOST']);
472
        if (!empty($lists)) {
468
        if (!empty($categories)) {
473
                $filteredUrlHtml .= "<br>$l_category ".implode(', ', $lists);
469
                $filteredUrlHtml .= "<br>$l_category ".implode(', ', $categories);
474
        }
470
        }
475
}
471
}
476
 
472
 
477
// Cleaning the cache
473
// Cleaning the cache
478
header('Expires: Tue, 01 Jan 2000 00:00:00 GMT');
474
header('Expires: Tue, 01 Jan 2000 00:00:00 GMT');
Line 562... Line 558...
562
                                </div>
558
                                </div>
563
 
559
 
564
                                <div class="div-cache" id="text_certif">
560
                                <div class="div-cache" id="text_certif">
565
                                        <h2><a href="<?= $certCa_link ?>"><?= $l_install_certif_more ?></a></h2>
561
                                        <h2><a href="<?= $certCa_link ?>"><?= $l_install_certif_more ?></a></h2>
566
                                        <p><?= "$l_certif_explain $l_certif_explain_help" ?></p>
562
                                        <p><?= "$l_certif_explain $l_certif_explain_help" ?></p>
567
                                        <img src="<?= $img_rep.$img_certificate ?>">                           
563
                                        <img src="<?= $img_rep.$img_certificate ?>">
568
                                </div>
564
                                </div>
569
 
565
 
570
                                <div class="div-cache" id="text_mdp">
566
                                <div class="div-cache" id="text_mdp">
571
                                        <h2><?= $l_password_change ?></h2>
567
                                        <h2><?= $l_password_change ?></h2>
572
                                        <p><?= $l_password_change_explain ?></p>
568
                                        <p><?= $l_password_change_explain ?></p>