Index with facebook

<?php
define ("CONF_FILE", "/usr/local/etc/alcasar.conf");
$conf_files=array(CONF_FILE);
foreach ($conf_files as $file){
    if (!file_exists($file)){
        exit("File ".$file." unknown");
    }
    if (!is_readable($file)){
        exit("You don't have read rights on the file ".$file);
    }
}
$ouvre=fopen(CONF_FILE,"r");
if ($ouvre){
    while (!feof ($ouvre)){
        $tampon = fgets($ouvre, 4096);
        if (strpos($tampon,"=")!==false){
            $tmp = explode("=",$tampon);
            $conf[$tmp[0]] = $tmp[1];
        }
    }
}else{
    exit("Error opening the file ".CONF_FILE);
}
fclose($ouvre);
$organisme = trim($conf["ORGANISM"]);
$domainname = trim($conf["DOMAIN"]);
$hostname = "connexion.".$domainname;

$diagnostic = "can't contact the default router";
$cert_add = "http://$hostname/certs";
$direct_access = False;
$display_menu=False;
$remote_ip = preg_match('#^([0-9]{1,3}\.){3}[0-9]{1,3}$#', $_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : "";
$tab = array();
$user = array();
$network_pb = False;
// DEBUG RULES
$organisme="ORGANISME";
//
$img_rep = "./images/";
$img_organisme = "organisme.png";

$Language = 'fr';
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
    $Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
    $Language = strtolower(substr(chop($Langue[0]),0,2));
}
(isset($_GET['lang'])) ? $Language=htmlentities($_GET['lang']) : null;
switch ($Language) {
    case 'en':
        $l_title_part="Terms of use";
        $l_title="{$organisme} :: {$l_title_part}";
        $l_intro_title="Wifi access";
        $l_intro="We provide you an wifi's internet access, you must accept the terms of use below for continue.";
        $l_button_confirm="I'm agree with terms and I want to continue to the internet";
        $l_facebook_local="en_GB";
        break;

    default:
        $l_title_part="Conditions d'utilisation";
        $l_title="{$organisme} :: {$l_title_part}";
        $l_intro_title="Acc&egrave;s Wifi";
        $l_intro="Nous mettons &agrave; votre disposition un acc&egrave;s internet wifi, pour poursuivre vous devez accepter les conditions d'utilisation ci-dessous.";
        $l_button_confirm="J'accepte les conditions et souhaite poursuivre sur internet";
        $l_facebook_local="fr_FR";
        break;
}

# Retrieve the user info behind the remote ip
exec ("sudo /usr/sbin/chilli_query list | grep -Ew $remote_ip" , $tab);
$user = explode (" ", $tab[0]);
# Test if it's a direct connexion to ALCASAR
if (isset($_SERVER['HTTP_HOST']) && (($_SERVER['HTTP_HOST'] === $_SERVER['SERVER_ADDR']) || ($_SERVER['HTTP_HOST'] === 'alcasar') || ($_SERVER['HTTP_HOST'] === $hostname) || ($_SERVER['HTTP_HOST'] === $organisme))) {
        $direct_access = true;
        exec("sudo /usr/sbin/ipset del not_auth_yet $remote_ip"); # del user of the ipset "not_auth_yet" to not loop
}

# Function to adapt time connexion in seconds to H,M,S
function secondsToDuration($seconds = null){
        if ($seconds == null) return "";
        $temp = $seconds % 3600;
        $time[0] = ( $seconds - $temp ) / 3600 ;        // hours
        $time[2] = $temp % 60 ;                         // seconds
        $time[1] = ( $temp - $time[2] ) / 60;           // minutes
        return $time[0]." h ".$time[1]." m ".$time[2]." s";
}


if ((isset ($user[4])) && ($user[4] != "0")){ # the user is authenticated
        if(isset($_GET['redirect'])) # if user has been warned, we redirect him to his website
        {
                header('Location: http://'.$_GET['url'], true, 307);
                exit;
        }
}
else # the user isn't authenticated
{
        exec("sudo /usr/sbin/ipset list not_auth_yet | grep $remote_ip | wc -l 2>&1", $ipset_not_auth_yet);
        if(!$direct_access && $ipset_not_auth_yet[0] == '0'){ # it's the first stage of the interception
                $display_menu = True; # Display menu for user not_auth_yet
                if (!isset($_SERVER['HTTPS'])){ # In HTTP, the user is redirected on it's home page. In HTTPS, it's on the default page (see $redirect_link)
                        $redirect_link = $_SERVER['HTTP_HOST'];
                }
        }
        if(isset($_GET['url'])){ # it's the second stage (when user has clicked on the button "open a connection")
                exec("sudo /usr/sbin/ipset add not_auth_yet $remote_ip"); # Add user in the ipset "not_auth_yet" (DNS requests not intercepted)
                $redir = "http://".$_GET['url'];
                header("Location: $redir",TRUE,307);
                exit;
        }
        if ($ipset_not_auth_yet[0] == '1'){ # if user not_auth_yet still here (index.php), we force DNS resquest.
                 echo "<script>window.location.reload(true)</script>"; # force DNS request
        }
}


$content="<!DOCTYPE HTML>\n";
$content.="<html lang=\"{$Language}\">\n";
$content.="\t<head>\n";
$content.="\t\t<title>{$l_title}</title>\n";
$content.="\t\t<meta name=\"exploitant\" content=\"{$organisme}\" />\n";
$content.="\t\t<meta charset=\"UTF-8\" />\n";
$content.="\t\t<meta name=\"viewport\" content=\"width=950px\">\n";
$content.="\t</head>\n";
$content.="\t<body style=\"background: rgb(220,220,220);\">\n";
$content.="\t\t<div style=\"width: 900px; margin-left: auto; margin-right: auto;\">\n";
$content.="\t\t\t<div style=\"background: rgba(255,255,255,1); height:100px; padding: 10px 10px 10px 10px;\">\n";
$content.="\t\t\t\t<div style=\"display:block; float:left; vertical-align:middle;\"><img src=\"$img_rep$img_organisme\" alt=\"logo: {$organisme}\" style=\"height: 100px; display:inline-block;\"/></div>\n";
$content.="\t\t\t\t<div style=\"display:inline-block; float:right; font-size: 36px; color:rgb(100,100,100); line-height:100px; text-align:center; width:400px;\">{$l_intro_title}</div>\n";
$content.="\t\t\t\t<div style=\"clear:both;\"></div>\n";
$content.="\t\t\t</div>\n";
$content.="\t\t\t<div style=\"background: rgba(255,255,255,1); margin-top: 8px; padding:2px; text-align:center; font-size:15px; color:rgb(150,25,20); font-weight:bold;\">$l_intro</div>\n";
$content.="\t\t\t<div style=\"background: rgba(255,255,255,1); margin-top: 8px;\">\n";
$content.="\t\t\t\t<table style=\"padding:0;\"><tr>\n";
$content.="\t\t\t\t\t<td style=\"padding:0;\">
    <table>
        <tr><td style=\"padding:0;\"><iframe src=\"./terms_{$Language}.html\" style=\"border: none;\" width=\"435px;\" height=\"450px\"></iframe></td></tr>
        <tr style=\"padding:0;\" height=\"50px\"><td style=\"text-align:center;\">
            <input type=\"button\" style=\"background:rgb(85,170,85); color:white; border:none; border-radius:8px; -webkit-appearance: none; height:32px; line-height: 32px; vertical-align:middle;\" value=\"{$l_button_confirm}\" onclick=\"window.location.replace('http://{$hostname}/index.php?redirect=1&url=".urlencode('www.monsite.fr')."');\"/>
        </td></tr>
    </table>
</td>\n";
$content.="\t\t\t\t\t<td style=\"padding:0;\">";
if(!$network_pb)
    $content.="<iframe src=\"https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FMA_COMPAGNIE%2F&tabs=timeline&width=450&height=500&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&locale={$l_facebook_local}\" width=\"450px\" height=\"500\" style=\"border:none;overflow:hidden\" scrolling=\"no\" frameborder=\"0\" allowTransparency=\"true\"></iframe>";
$content.="</td>\n";
$content.="\t\t\t\t</table>\n";
$content.="\t\t\t</div>\n";
$content.="\t\t</div>\n";
$content.="\t</body>\n";
$content.="</html>";
echo $content;
?>