WebSVN – ALCASAR – Diff – /web/intercept.php

 <?php
-# $Id: intercept.php 2205 2017-05-06 14:07:27Z tom.houdayer $
+# $Id: intercept.php 2238 2017-05-20 20:54:43Z tom.houdayer $
+#
 # intercept.php for ALCASAR captive portal
 # Copyright (C) 2003, 2004 Mondru AB.
 # Modify by REXY & steweb57
 # UI & css style by stephane ERARD
   # Default :	it was not a form request -> client go to login form
 /****************************************************************
 *			GLOBAL FILE PATHS			*
 *****************************************************************/
-define ("CONF_FILE", "/usr/local/etc/alcasar.conf");
+define('CONF_FILE', '/usr/local/etc/alcasar.conf');
-define ("DOMAIN_ALLOWED_LIST", "/usr/local/etc/alcasar-uamdomain");
+define('DOMAIN_ALLOWED_LIST', '/usr/local/etc/alcasar-uamdomain');
 /****************************************************************
 *			FILE reading test			*
 *****************************************************************/
-$conf_files = array(CONF_FILE,DOMAIN_ALLOWED_LIST);
+$conf_files = array(CONF_FILE, DOMAIN_ALLOWED_LIST);
 foreach ($conf_files as $file) {
 	if (!file_exists($file)) {
-		exit("Fichier ".$file." non présent");
+		exit("Fichier $file non présent");
+	}
 	if (!is_readable($file)) {
-		exit("Vous n'avez pas les droits de lecture sur le fichier ".$file);
+		exit("Vous n'avez pas les droits de lecture sur le fichier $file");
+	}
+}
 /****************************************************************
 *			Read CONF_FILE				*
 *****************************************************************/
 $file_conf = fopen(CONF_FILE, 'r');
 if (!$file_conf) {
 	exit('Error opening the file '.CONF_FILE);
+}
 while (!feof($file_conf)) {
-	$tampon = fgets($file_conf, 4096);
+	$buffer = fgets($file_conf, 4096);
-	if ((strpos($tampon, '=') !== false) && (substr($tampon, 0, 1) !== '#')) {
+	if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
-		$tmp = explode('=', $tampon);
+		$tmp = explode('=', $buffer);
 		$conf[$tmp[0]] = trim($tmp[1]);
+	}
+}
 fclose($file_conf);
-$organisme = trim($conf["ORGANISM"]);
+$organisme = $conf["ORGANISM"];
 # Shared secret used to encrypt password with coova.
 $uamsecret = "";
 # URL loaded after success authenticates (let blank for browser defaults)
 $adminurl = "";
 # Our own path
 $loginpath   = htmlspecialchars($_SERVER['PHP_SELF']);
-$alcasarpath = 'http://'.trim($conf['HOSTNAME']).'.'.trim($conf['DOMAIN']);
+$alcasarpath = 'http://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN'];
 $statuspath  = $alcasarpath.'/status.php';
 # Choice of language
 $Language = 'en';
 if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
 	$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
 	$Language = strtolower(substr(chop($Langue[0]),0,2));
+}
-if ($Language === 'es') {
+if ($Language === 'es') {		// Spanish
-	$l_ChilliError		= "La autenticación debe ser un éxito a través del servicio de portal cautivo.";
+	$l_ChilliError			= "La autenticación debe ser un éxito a través del servicio de portal cautivo.";
-	$l_login		= "El éxito de la autenticación.<HR>Cierre esta ventana interrumpte la sesion.";
+	$l_login			= "El éxito de la autenticación.<HR>Cierre esta ventana interrumpte la sesion.";
-	$l_logout		= "Conexión de cierre";
+	$l_logout			= "Conexión de cierre";
-	$l_loginfailed		= "Error de autenticación";
+	$l_loginfailed			= "Error de autenticación";
-	$l_loggingin		= "Identificación en el portal cautivo";
+	$l_loggingin			= "Identificación en el portal cautivo";
-	$l_reply_6		= "Your authorized connexion time has been reached";
+	$l_reply_6			= "Your authorized connexion time has been reached";
-	$l_online_time		= "Tiempo en linea";
+	$l_online_time			= "Tiempo en linea";
-	$l_remaining_time	= "Tiempo restante";
+	$l_remaining_time		= "Tiempo restante";
-	$l_uam_domain		= "Sitios web autorizados : ";
+	$l_uam_domain			= "Sitios web autorizados : ";
-	$l_autoregistration 	= "Registo autom&aacute;tico";
+	$l_autoregistration 		= "Registo autom&aacute;tico";
-} else if ($Language === 'pt') {
+} else if ($Language === 'pt') {	// Portuguese
-	$l_ChilliError		= "A autenticação precisa ser bem sucedida através do portal.";
+	$l_ChilliError			= "A autenticação precisa ser bem sucedida através do portal.";
-	$l_login		= "Sucesso na autenticação.<HR>Matenha esse pop-up apenas minimizado para não interromper a conexão";
+	$l_login			= "Sucesso na autenticação.<HR>Matenha esse pop-up apenas minimizado para não interromper a conexão";
-	$l_logout		= "Encerrar conexão";
+	$l_logout			= "Encerrar conexão";
-	$l_loginfailed		= "Falha na autenticação";
+	$l_loginfailed			= "Falha na autenticação";
-	$l_loggingin		= "Identificação do portal cativo";
+	$l_loggingin			= "Identificação do portal cativo";
-	$l_reply_6		= "Seu tempo de conexão autorizada finalizou";
+	$l_reply_6			= "Seu tempo de conexão autorizada finalizou";
-	$l_online_time		= "Tempo Online";
+	$l_online_time			= "Tempo Online";
-	$l_remaining_time	= "Tempo restante";
+	$l_remaining_time		= "Tempo restante";
-	$l_uam_domain		= "Sites autorizados : ";
+	$l_uam_domain			= "Sites autorizados : ";
-	$l_autoregistration 	= "Registo autom&aacute;tico";
+	$l_autoregistration 		= "Registo autom&aacute;tico";
-} else if ($Language === 'zh') {
+} else if ($Language === 'zh') {	// Chinese
-	$l_ChilliError		= "验证必须通过强制门户服务";
+	$l_ChilliError			= "验证必须通过强制门户服务";
-	$l_login		= "验证成功<HR>关闭此窗口中断连接";
+	$l_login			= "验证成功<HR>关闭此窗口中断连接";
-	$l_logout		= "关闭连接";
+	$l_logout			= "关闭连接";
-	$l_loginfailed		= "验证失败";
+	$l_loginfailed			= "验证失败";
-	$l_loggingin		= "强制门户身份识别";
+	$l_loggingin			= "强制门户身份识别";
-	$l_reply_6		= "已经到达您的允许连接时间";
+	$l_reply_6			= "已经到达您的允许连接时间";
-	$l_online_time		= "在线时间";
+	$l_online_time			= "在线时间";
-	$l_remaining_time	= "剩余时间";
+	$l_remaining_time		= "剩余时间";
-	$l_uam_domain		= "授权网站 : ";
+	$l_uam_domain			= "授权网站 : ";
-	$l_autoregistration	= "短信注册";
+	$l_autoregistration		= "短信注册";
-} else if($Language === 'ar') {
+} else if($Language === 'ar') {		// Arabic
-	$l_ChilliError		= "يجب نجاح المصادقة على البوابة الأسيرة";
+	$l_ChilliError			= "يجب نجاح المصادقة على البوابة الأسيرة";
-	$l_login		= "إغلاق هذه النافذة يقطع دورة عملك";
+	$l_login			= "إغلاق هذه النافذة يقطع دورة عملك";
-	$l_logout		= "إغلاق الدورة";
+	$l_logout			= "إغلاق الدورة";
-	$l_loginfailed		= "فشل المصادقة";
+	$l_loginfailed			= "فشل المصادقة";
-	$l_loggingin		= "التعريف على البوابة الأسيرة";
+	$l_loggingin			= "التعريف على البوابة الأسيرة";
-	$l_reply_6		= "استكملت مذة الإتصال المسموحة";
+	$l_reply_6			= "استكملت مذة الإتصال المسموحة";
-	$l_online_time		= "مذة الإتصال";
+	$l_online_time			= "مذة الإتصال";
-	$l_remaining_time	= "الوقت المتبق";
+	$l_remaining_time		= "الوقت المتبق";
-	$l_uam_domain		= ":المواقع المسموحة ";
+	$l_uam_domain			= ":المواقع المسموحة ";
-	$l_autoregistration	= "تسجيل ذاتي (SMS)";
+	$l_autoregistration		= "تسجيل ذاتي (SMS)";
-} else if($Language === 'de') {
+} else if($Language === 'de') {		// German
-	$l_ChilliError		= "Die Authentifizierung ist erfolgreich durch die Nutzung des Portals erfolgt.";
+	$l_ChilliError			= "Die Authentifizierung ist erfolgreich durch die Nutzung des Portals erfolgt.";
-	$l_login		= "Erfolgreiche Authentifizierung.<HR>Schlißen dieses fensters unterbricht die sitzung";
+	$l_login			= "Erfolgreiche Authentifizierung.<HR>Schlißen dieses fensters unterbricht die sitzung";
-	$l_logout		= "Beenden der Verbindung";
+	$l_logout			= "Beenden der Verbindung";
-	$l_loginfailed		= "Authentifizierungsfehler Eigenverbrauch";
+	$l_loginfailed			= "Authentifizierungsfehler Eigenverbrauch";
-	$l_loggingin		= "Kennzeichnung auf dem Eigenverbrauch";
+	$l_loggingin			= "Kennzeichnung auf dem Eigenverbrauch";
-	$l_reply_6		= "Your authorized connexion time has been reached";
+	$l_reply_6			= "Your authorized connexion time has been reached";
-	$l_online_time		= "Online-zeit";
+	$l_online_time			= "Online-zeit";
-	$l_remaining_time	= "Restzeit";
+	$l_remaining_time		= "Restzeit";
-	$l_uam_domain		= "Autorisierten websites : ";
+	$l_uam_domain			= "Autorisierten websites : ";
-	$l_autoregistration	= "Automatische registrierung";
+	$l_autoregistration		= "Automatische registrierung";
-} else if($Language === 'nl') {
+} else if($Language === 'nl') {		// Dutch
-	$l_ChilliError		= "De authenticatie moet een succes worden via de captive portal dienst.";
+	$l_ChilliError			= "De authenticatie moet een succes worden via de captive portal dienst.";
-	$l_login		= "Succesvolle authenticatie.<HR>Dit venster te sluiten onderbreekt uw sessie.";
+	$l_login			= "Succesvolle authenticatie.<HR>Dit venster te sluiten onderbreekt uw sessie.";
-	$l_logout		= "Slotkoers verbinding";
+	$l_logout			= "Slotkoers verbinding";
-	$l_loginfailed		= "Authenticatie mislukt";
+	$l_loginfailed			= "Authenticatie mislukt";
-	$l_loggingin		= "Identificatie van de captive-portaal";
+	$l_loggingin			= "Identificatie van de captive-portaal";
-	$l_reply_6		= "Your authorized connexion time has been reached";
+	$l_reply_6			= "Your authorized connexion time has been reached";
-	$l_online_time		= "Online tijd";
+	$l_online_time			= "Online tijd";
-	$l_remaining_time	= "Reterende tijd";
+	$l_remaining_time		= "Reterende tijd";
-	$l_uam_domain		= "Geautoriseerde website : ";
+	$l_uam_domain			= "Geautoriseerde website : ";
-	$l_autoregistration	= "Automatische registratie";
+	$l_autoregistration		= "Automatische registratie";
-} else if($Language === 'fr') {
+} else if($Language === 'fr') {		// French
-	$l_ChilliError		= "L'authentification doit être réussie sur le portail captif.";
+	$l_ChilliError			= "L'authentification doit être réussie sur le portail captif.";
-	$l_login		= "Authentification réussie.<HR>La fermeture de cette fenêtre interrompt votre session.";
+	$l_login			= "Authentification réussie.<HR>La fermeture de cette fenêtre interrompt votre session.";
-	$l_logout		= "Fermeture de la session";
+	$l_logout			= "Fermeture de la session";
-	$l_loginfailed		= "Echec d'authentification";
+	$l_loginfailed			= "Echec d'authentification";
-	$l_loggingin		= "Identification sur le portail captif";
+	$l_loggingin			= "Identification sur le portail captif";
-	$l_reply_6		= "Votre durée de connexion autorisée a été atteinte";
+	$l_reply_6			= "Votre durée de connexion autorisée a été atteinte";
-	$l_online_time		= "Temps de connexion";
+	$l_online_time			= "Temps de connexion";
-	$l_remaining_time	= "Temps restant";
+	$l_remaining_time		= "Temps restant";
-	$l_uam_domain		= "Sites autorisés : ";
+	$l_uam_domain			= "Sites autorisés : ";
-	$l_autoregistration	= "Auto enregistrement (sms)";
+	$l_autoregistration		= "Auto enregistrement (sms)";
-} else {
+} else {				// English
-	$l_ChilliError		= "The authentication must be successful through the captive portal service.";
+	$l_ChilliError			= "The authentication must be successful through the captive portal service.";
-	$l_login		= "Successful authentication.<HR>Closing this window interrupts your session";
+	$l_login			= "Successful authentication.<HR>Closing this window interrupts your session";
-	$l_logout		= "Closing connection";
+	$l_logout			= "Closing connection";
-	$l_loginfailed		= "Authentication Failed";
+	$l_loginfailed			= "Authentication Failed";
-	$l_loggingin		= "Identification on the captive portal";
+	$l_loggingin			= "Identification on the captive portal";
-	$l_autoregistration	= "Auto registration (sms)";
+	$l_autoregistration		= "Auto registration (sms)";
+}
 # If https not use, tell it's wrong
 if ((!isset($_SERVER['HTTPS'])) || (empty($_SERVER['HTTPS'])) || ($_SERVER['HTTPS'] === 'off')) {
+	// Cleaning the cache
+	header('Expires: Tue, 01 Jan 2000 00:00:00 GMT');
+	header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
+	header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
+	header('Cache-Control: post-check=0, pre-check=0', false);
+	header('Pragma: no-cache');
 	?>
-	<!doctype html>
+	<!DOCTYPE html>
 	<html>
 	<head>
 		<meta charset="utf-8">
 		<title><?= $l_loggedcont ?></title>
-		<meta http-equiv="Cache-control" content="no-cache">
-		<meta http-equiv="Pragma" content="no-cache">
 	</head>
 	<body style="background-color: white;">
 		<h1 style="text-align: center;"><?= $l_loginfailed ?></h1>
 		<center><?= $l_encrypted ?></center>
 	</body>
+	}
 	$newpwd   = pack('a*', $password);
 	// Encode plain text password with challenge
 	$pappassword = implode('', unpack('H*', ($newpwd ^ $newchal)));
+	// Cleaning the cache
+	header('Expires: Tue, 01 Jan 2000 00:00:00 GMT');
+	header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
+	header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
+	header('Cache-Control: post-check=0, pre-check=0', false);
+	header('Pragma: no-cache');
+	header('Location: http://$uamip:$uamport/logon?username=$username&password=$pappassword&userurl=$userurl');
 	?>
-	<!doctype html>
+	<!DOCTYPE html>
 	<html>
 	<head>
 		<meta charset="utf-8">
 		<title><?= $l_loggingin ?></title>
-		<meta http-equiv="Cache-control" content="no-cache">
-		<meta http-equiv="Pragma" content="no-cache">
 		<meta http-equiv="refresh" content="0;url=<?= "http://$uamip:$uamport/logon?username=$username&password=$pappassword&userurl=$userurl" ?>">
 	</head>
 	<body style="background-color: white;">
 		<h1 style="text-align: center;"><?= $l_loggingin ?></h1>
 		<center><?= $l_wait ?></center>
 				$filter_id = $row['value']; // on obtient le Filter-Id de l'utilisateur
 				if($filter_id[3] === '1') {
 					//set the fourth bit of filter-id to '0'
 					$sql = "set @CurrentFilter=(SELECT value from radreply where username='$user_uid');set @CurrentFilterLeft=(SELECT LEFT(@CurrentFilter,3));set @CurrentFilterRight=(SELECT RIGHT(@CurrentFilter,4));UPDATE radreply SET value = CONCAT((@CurrentFilterLeft),'0', (@CurrentFilterRight)) WHERE username='$user_uid'";
 					$res = mysqli_multi_query($link,$sql);
-					header('Location: https://'.trim($conf['HOSTNAME']).'.'.trim($conf['DOMAIN']).'/index.php?warn=1&url='.urlencode($_GET['userurl']));   //we present to user information about imputability logs
+					header('Location: https://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN'].'/index.php?warn=1&url='.urlencode($_GET['userurl']));   //we present to user information about imputability logs
 					exit();
+				}
+			}
+		}
+	}
 // Otherwise it was not a form request
 // Send out an error message
 if ($result === 0) {	//erreur
+	// Cleaning the cache
+	header('Expires: Tue, 01 Jan 2000 00:00:00 GMT');
+	header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
+	header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
+	header('Cache-Control: post-check=0, pre-check=0', false);
+	header('Pragma: no-cache');
+	header('Location: http://$uamip:$uamport/prelogin');
 	?>
-	<!doctype html>
+	<!DOCTYPE html>
 	<html>
 	<head>
 		<meta charset="utf-8">
 		<title><?= $l_loggingin ?></title>
-		<meta http-equiv="Cache-control" content="no-cache">
-		<meta http-equiv="Pragma" content="no-cache">
 		<meta http-equiv="refresh" content="0;url=<?= "http://$uamip:$uamport/prelogin" ?>">
 	</head>
 	<body style="background-color: white;">
 		<h1 style="text-align: center;"><?= $l_loggingin ?></h1>
 		<center><?= $l_wait ?></center>
 	</body>
 	</html>
 	<?php
 	exit();
+}
+// Cleaning the cache
+header('Expires: Tue, 01 Jan 2000 00:00:00 GMT');
+header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
+header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
+header('Cache-Control: post-check=0, pre-check=0', false);
+header('Pragma: no-cache');
 ?>
-<!doctype html>
+<!DOCTYPE html>
 <html>
 <head>
 	<meta charset="utf-8">
 	<title><?= $l_loggingin ?></title>
-	<meta http-equiv="Cache-control" content="no-cache">
-	<meta http-equiv="Pragma" content="no-cache">
 	<script type="text/javascript">
 	function doOnLoad(result, userurl, redirurl, adminurl, timeleft) {
 		if ((result === 1) || (result === 4)) {	//success or already
 			var url;
 			if (adminurl !== '') {
 		$tab = file(DOMAIN_ALLOWED_LIST);
 		if ($tab) { // the file isn't empty
 			echo '<div id="authorized_domain">'.$l_uam_domain;
 			foreach ($tab as $line) {
 				if (trim($line) !== '') { // the line isn't empty
-					$domain_allowed = explode("#", $line);
+					$domain_allowed = explode('#', $line);
 					if (trim($domain_allowed[1]) !== '') {
 						$domain = explode('"', $domain_allowed[0]);
 						// remove every '.' from the beginning of domain
 						$domain[1] = ltrim($domain[1], '.');
 						echo '<a href="http://'.trim($domain[1]).'">'.trim($domain_allowed[1]).'</a>  ';

Subversion Repositories ALCASAR

(root)/web/intercept.php @ 2747 – Rev 2205 → 2238