<?php/* Orignally written by Andrew Niemantsverdriet * email: andrewniemants

1. <?php
2. /* Orignally written by Andrew Niemantsverdriet
3. * email: andrewniemants@gmail.com
4. * website: http://www.rimrockhosting.com
5. *
6. * This code is on github: https://github.com/kaptk2/portal
7. *
8. * Copyright (c) 2012, Andrew Niemantsverdriet
9. * All rights reserved.
10. *
11. * Redistribution and use in source and binary forms, with or without
12. * modification, are permitted provided that the following conditions are met:
13. *
14. * 1. Redistributions of source code must retain the above copyright notice, this
15. * list of conditions and the following disclaimer.
16. * 2. Redistributions in binary form must reproduce the above copyright notice,
17. * this list of conditions and the following disclaimer in the documentation
18. * and/or other materials provided with the distribution.
19. *
20. * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
21. * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
22. * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
23. * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
24. * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
25. * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
26. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
27. * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
29. * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30. *
31. * The views and conclusions contained in the software and documentation are those
32. * of the authors and should not be interpreted as representing official policies,
33. * either expressed or implied, of the FreeBSD Project.
34. */
35.  
36. // Start the session to get access to the saved variables
37. session_start();
38.  
39. // Get the config file
40. require_once("config.php");
41.  
42. function authorizeMySQL($username, $password)
43. {
44. // md5 the password
45. $password = md5($password);
46.  
47. // Checks to see if user is in the MySQL database
48. global $dbServer;
49. global $dbName;
50. global $dbUser;
51. global $dbPassword;
52.  
53. mysql_connect($dbServer, $dbUser, $dbPassword) or die(mysql_error());
54. mysql_select_db($dbName) or die(mysql_error());
55.  
56. // Check to see if the username and password exist in the table
57. $result = mysql_query('SELECT expires FROM guests WHERE
58. username="'.$username.'" AND password="'.$password.'"');
59.  
60. $count = mysql_num_rows($result);
61. $row = mysql_fetch_row($result);
62. $t = time(); // Unix time stamp
63.  
64. if ($count == 1 && ($row[0] > $t))
65. {
66. // Exactly one row should be returned AND the user must
67. // not be expired. $row[0] is the when the account expires.
68. return true;
69. }
70. // Query did not return true so it must be false
71. return false;
72. }
73.  
74. function sendAuthorization($id, $minutes)
75. {
76. global $unifiServer;
77. global $unifiUser;
78. global $unifiPass;
79.  
80. // Start Curl for login
81. $ch = curl_init();
82. // We are posting data
83. curl_setopt($ch, CURLOPT_POST, TRUE);
84. // Set up cookies
85. $cookie_file = "/tmp/unifi_cookie";
86. curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file);
87. curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file);
88. // Allow Self Signed Certs
89. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
90. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
91. // Force SSL3 only
92. curl_setopt($ch, CURLOPT_SSLVERSION, 3);
93. // Login to the UniFi controller
94. curl_setopt($ch, CURLOPT_URL, "$unifiServer/login");
95. curl_setopt($ch, CURLOPT_POSTFIELDS,
96. "login=login&username=$unifiUser&password=$unifiPass");
97. curl_exec ($ch);
98. curl_close ($ch);
99.  
100. // Send user to authorize and the time allowed
101. $data = json_encode(array(
102. 'cmd'=>'authorize-guest',
103. 'mac'=>$id,
104. 'minutes'=>$minutes));
105.  
106. $ch = curl_init();
107. // We are posting data
108. curl_setopt($ch, CURLOPT_POST, TRUE);
109. // Set up cookies
110. $cookie_file = "/tmp/unifi_cookie";
111. curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file);
112. curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file);
113. // Allow Self Signed Certs
114. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
115. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
116. // Force SSL3 only
117. curl_setopt($ch, CURLOPT_SSLVERSION, 3);
118. // Make the API Call
119. curl_setopt($ch, CURLOPT_URL, $unifiServer.'/api/cmd/stamgr');
120. curl_setopt($ch, CURLOPT_POSTFIELDS, 'json='.$data);
121. curl_exec ($ch);
122. curl_close ($ch);
123.  
124. // Logout of the connection
125. $ch = curl_init();
126. // We are posting data
127. curl_setopt($ch, CURLOPT_POST, TRUE);
128. // Set up cookies
129. $cookie_file = "/tmp/unifi_cookie";
130. curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file);
131. curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file);
132. // Allow Self Signed Certs
133. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
134. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
135. // Force SSL3 only
136. curl_setopt($ch, CURLOPT_SSLVERSION, 3);
137. // Make the API Call
138. curl_setopt($ch, CURLOPT_URL, $unifiServer.'/logout');
139. curl_exec ($ch);
140. curl_close ($ch);
141. //header("Location: success.php");
142. sleep(8); // Small sleep to allow controller time to authorize
143. header('Location: '.$_SESSION['url']);
144. }
145.  
146. if ($_POST) // Check to see if the form has been posted to
147. {
148. // Set and sanitze the posted variables
149. $user = preg_replace("/[^a-zA-Z0-9.]/", "", $_POST['username']);
150. $pass = $_POST['password'];
151.  
152. if (authorizeMySQL($user, $pass))
153. {
154. // See if the user exists in mySQL
155. sendAuthorization($_SESSION['id'], '480');
156. }
157. }
158. echo "A valid username or password was not found."
159. ?>