Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- //////// CREATIONS DES VARIABLES ET ACCES A LA CONFIG /////////
- $header_add=$body_add=$body_complement=null;
- define ("CONF_FILE", "/usr/local/etc/alcasar.conf");
- define ("DOMAIN_ALLOWED_LIST", "/usr/local/etc/alcasar-uamdomain");
- $conf_files=array(CONF_FILE,DOMAIN_ALLOWED_LIST);
- foreach ($conf_files as $file){
- if (!file_exists($file)){
- exit("File ".$file." unknown");
- }
- if (!is_readable($file)){
- exit("You don't have read rights on the file ".$file);
- }
- }
- $ouvre=fopen(CONF_FILE,"r");
- if ($ouvre){
- while (!feof ($ouvre)){
- $tampon = fgets($ouvre, 4096);
- if (strpos($tampon,"=")!==false){
- $tmp = explode("=",$tampon);
- $conf[$tmp[0]] = $tmp[1];
- }
- }
- }else{
- exit("Error opening the file ".CONF_FILE);
- }
- fclose($ouvre);
- # Shared secret used to encrypt password with coova.
- $uamsecret = "1OtuNWxS";
- # URL loaded after success authenticates (let blank for browser defaults)
- $adminurl = "";
- # Our own path
- $loginpath = $_SERVER['PHP_SELF'];
- $alcasarpath = "http://".trim($conf["HOSTNAME"]).".".trim($conf["DOMAIN"]);
- $statuspath = $alcasarpath."/status.php";
- $organisme = trim($conf["ORGANISM"]);
- $domainname = trim($conf["DOMAIN"]);
- $hostname = "connexion.".$domainname;
- $diagnostic = " GATEWAY UNREACHABLE [ERR 22]"; # "alcasar-watchdog.sh" changes this value if a network issue is detected
- $cert_add = "http://$hostname/certs";
- $direct_access = False;
- $display_menu=False;
- $remote_ip = preg_match('#^([0-9]{1,3}\.){3}[0-9]{1,3}$#', $_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : "";
- $tab = array();
- $user = array();
- $network_pb = False; # "alcasar-watchdog.sh" changes this value if a network issue is detected
- $debug = true;
- // DEBUG RULES
- $organisme="MA COMPAGNIE";
- //
- $img_rep = "./images/";
- $img_organisme = "organisme.png";
- $Language = 'fr';
- if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
- $Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
- $Language = strtolower(substr(chop($Langue[0]),0,2));
- }
- (isset($_GET['lang'])) ? $Language=htmlentities($_GET['lang']) : null;
- switch ($Language) {
- case 'en':
- $l_title_part="Connection";
- $l_title="{$organisme} :: {$l_title_part}";
- $l_intro_title=$l_title_part;
- // $l_intro="We provide you an wifi's internet access, you must accept the terms of use below for continue.";
- $l_button_confirm="I'm agree with terms and I want to continue to the internet";
- $l_facebook_local="en_GB";
- $l_welcome="Welcome";
- $l_explain="You show this page because you tried to browse an internet address.";
- $l_error="Error";
- $l_network_pb="The gateway isn't reachable, the internet network seems not work.";
- $l_create_wait="<h2>Account create currently process</h2>Please wait, this action could take some minutes</br>. Try internet acces later. If you can't browse, please disconnect and reconnect to our network";
- // INTERCEPT SPECIFIC VARS
- $l_ChilliError = "The authentication must be successful through the captive portal service.";
- $l_login = "Successful authentication.<HR>Closing this window interrupts your session";
- $l_logout = "Closing connection";
- $l_loginfailed = "Authentication Failed";
- $l_loggingin = "Identification on the captive portal";
- $l_loggedcont = "Access Control";
- $l_loggedout = "Your session is closed";
- $l_user = "User";
- $l_password = "Password";
- $l_wait = "Please wait a moment ...";
- $l_onlinetime = "Connect time:";
- $l_remainingtime = "Disconnection in:";
- $l_encrypted = "The connection with the portal must be encrypted";
- $l_boutonO = "Authentication";
- $l_boutonF = "Close";
- $l_loggedin_stringl1 = "Information System Security";
- $l_loggedin_stringl2 = "That control was set up regulations to ensure traceability, accountability and non-repudiation of connections.";
- $l_loggedin_stringl3 = "Your activity on the network is registered in accordance with privacy.";
- $l_loggedin_stringl4 = "The recorded data can be able to be operated by a judicial authority in the course of an investigation.";
- $l_loggedin_stringl5 = "These data will be automatically deleted after one year.";
- $l_loggedin_stringl6 = "Click <a href='$alcasarpath'>here</a> to change your password or to integrate the security certificate in your browser";
- $l_loggedout_string = "Disconnection of the captive portal made";
- $l_reply_1 = "Your daily connexion time has been reached";
- $l_reply_2 = "Your monthly connexion time has been reached";
- $l_reply_3 = "You try to connect outside of your allowed timespan";
- $l_reply_4 = "your account expired";
- $l_reply_5 = "You have reached the maximum number of simultaneous logins";
- $l_reply_6 = "Your authorized connexion time has been reached";
- $l_online_time = "Online time";
- $l_remaining_time = "Remaining time";
- $l_uam_domain = "Authorized websites : ";
- break;
- default:
- $l_title_part="Connexion";
- $l_title="{$organisme} :: {$l_title_part}";
- $l_intro_title=$l_title_part;
- // $l_intro="Nous mettons à votre disposition un accès internet wifi, pour poursuivre vous devez accepter les conditions d'utilisation ci-dessous.";
- $l_button_confirm="J'accepte les conditions et souhaite poursuivre sur internet";
- $l_facebook_local="fr_FR";
- $l_welcome="Bienvenue";
- $l_explain="Cette page s'affiche car vous avez essayé d'aller sur internet.";
- $l_error="Erreur";
- $l_network_pb="La connexion internet ne semble pas fonctionner, le service n'est pas disponible.";
- $l_create_wait="<h2>Création de votre accès en cours.</h2>Cette action peux prendre plusieurs minutes.<br/> Merci de faire une nouvelle navigation plus tard. Si vous n'arrivez pas a aller sur internet, coupez et rallumez votre wifi.";
- // INTERCEPT SPECIFIC VARS
- $l_ChilliError = "L'authentification doit être réussie sur le portail captif.";
- $l_login = "Authentification réussie.<HR>La fermeture de cette fenêtre interrompt votre session.";
- $l_logout = "Fermeture de la session";
- $l_loginfailed = "Echec d'authentification";
- $l_loggingin = "Identification sur le portail captif";
- $l_loggedcont = "Contrôle d'accès";
- $l_loggedout = "Votre session est fermée";
- $l_user = "Identifiant";
- $l_password = "Mot de passe";
- $l_wait = "Patientez un instant ...";
- $l_onlinetime = "Temps de connexion:";
- $l_remainingtime = "Deconnexion dans :";
- $l_encrypted = "La connexion avec le portail n'est pas sécurisé";
- $l_boutonO = "Authentification";
- $l_boutonF = "Fermer";
- $l_loggedin_stringl1 = "Sécurité des Systèmes d'Information";
- $l_loggedin_stringl2 = "Ce contrôle a été mis en place pour assurer réglementairement la traçabilité, l'imputabilité et la non-répudiation des connexions.";
- $l_loggedin_stringl3 = "Votre activité sur le réseau est enregistrée conformément au respect de la vie privée.";
- $l_loggedin_stringl4 = "Les données enregistrées ne pourront être exploitées que par une autorité judiciaire dans le cadre d'une enquête.";
- $l_loggedin_stringl5 = "Ces données seront automatiquement supprimées au bout d'un an.";
- $l_loggedin_stringl6 = "Cliquez <a href='$alcasarpath'>ici</a> pour changer votre mot de passe ou pour intégrer le certificat de sécurité à votre navigateur";
- $l_loggedout_string = "Déconnexion du portail captif effectuée !";
- $l_reply_1 = "Votre durée de connexion journalière a été atteinte";
- $l_reply_2 = "Votre durée de connexion mensuelle a été atteinte";
- $l_reply_3 = "Vous tentez de vous connecter en dehors de votre période autorisée";
- $l_reply_4 = "Votre compte a expiré";
- $l_reply_5 = "Vous avez atteint le nombre maximum de connexions simultanées";
- $l_reply_6 = "Votre durée de connexion autorisée a été atteinte";
- $l_online_time = "Temps de connexion";
- $l_remaining_time = "Temps restant";
- $l_uam_domain = "Sites autorisés : ";
- break;
- }
- /////////////////// EXECUTION DES CONTROLES //////////////////
- // Read form parameters which we care about
- $username=(isset($_POST['UserName']) && (preg_match('/^([0-9A-F]{2}-){5}[0-9A-F]{2}$/',$_POST['UserName'])!=1)) ? $_POST['UserName'] : ""; // Interdire la connexion en tapant l'adresse MAC
- $password=(isset($_POST['Password'])) ? $_POST['Password'] : "";
- $challenge=(isset($_POST['challenge'])) ? $_POST['challenge'] : (isset($_GET['challenge'])) ? $_GET['challenge'] : "";
- $button=(isset($_POST['button'])) ? $_POST['button'] : "";
- //if (isset($_POST['logout'])){ $logout = $_POST['logout'];} else {$logout="";}
- //if (isset($_POST['prelogin'])){ $prelogin = $_POST['prelogin'];} else {$prelogin="";}
- $res = (isset($_POST['res'])) ? $_POST['res'] : (isset($_GET['res'])) ? $_GET['res'] : "";
- $uamip = (isset($_POST['uamip'])) ? $_POST['uamip'] : (isset($_GET['uamip'])) ? $_GET['uamip'] : "";
- $uamip = (isset($_POST['uamip'])) ? $_POST['uamip'] : (isset($_GET['uamip'])) ? $_GET['uamip'] : "";
- $uamport = (isset($_POST['uamport'])) ? $_POST['uamport'] : (isset($_GET['uamport'])) ? $_GET['uamport'] : "";
- $userurl = (isset($_POST['userurl'])) ? $_POST['userurl'] : (isset($_GET['userurl'])) ? $_GET['userurl'] : "";
- ($userurl == "http://logout/") ? $userurl="http://www.monsite.fr" : null; //Empecher de cycle de logout
- $timeleft = (isset($_POST['timeleft'])) ? $_POST['timeleft'] : (isset($_GET['timeleft'])) ? $_GET['timeleft'] : "";
- $redirurl = (isset($_POST['redirurl'])) ? $_POST['redirurl'] : (isset($_GET['redirurl'])) ? $_GET['redirurl'] : "";
- $reply =(isset($_GET['reply'])) ? $_GET['reply'] : "";
- // Commencer seulement si la connexion est ok
- if(!$network_pb){
- // HTTPS ONLY
- if(!(isset($_SERVER['HTTPS'])&&($_SERVER['HTTPS'] == 'on'))){
- $body_add.=$l_encrypted;
- $page_type="erreur";
- }
- // translation of radius replies
- if (isset($reply)){
- switch(trim($reply)) {
- case 'Your maximum daily usage time has been reached' : $reply = $l_reply_1 ; break;
- case 'Your maximum monthly usage time has been reached' : $reply = $l_reply_2 ; break;
- case 'You are calling outside your allowed timespan' : $reply = $l_reply_3 ; break;
- case 'Password Has Expired' : $reply = $l_reply_4 ; break;
- case 'You are already logged in - access denied' : $reply = $l_reply_5 ; break;
- case 'Your maximum never usage time has been reached' : $reply = $l_reply_6 ; break;
- }
- }
- # If attempt to login
- if("$button" == "$l_boutonO"){
- #correction password length in coova-chilli
- #thanks to http://www.stochasticgeometry.ie/2009/09/09/maximum-password-length-in-coova-chilli/
- $hexchal = pack ("H*", $challenge);
- $newchal = pack ("H*", md5($hexchal . $uamsecret));
- # If challenge isn't long enough, repeat it until it is
- while (strlen($newchal) < strlen($password)){
- $newchal .= $newchal;
- }
- $response = md5("\0" . $password . $newchal);
- $newpwd = pack("a*", $password);
- # Encode plain text password with challenge
- $pappassword = implode ("", unpack("H*", ($newpwd ^ $newchal)));
- $header_add.="<meta http-equiv=\"refresh\" content=\"0;url=http://$uamip:$uamport/logon?username=$username&password=$pappassword&userurl=$userurl\">";
- $body_add.="$l_wait";
- $page_type="normal";
- }
- switch($res) {
- case 'success': $result = 1; break; // If login successful
- case 'failed': // Login failed, user not exist
- $result = 2;
- $page_type="erreur";
- $body_add.="<h3>$l_loginfailed</h3>";
- if($reply){ // traitement de la réponse
- $body_add.="<center> $reply <br /><br /></center>";
- }
- break;
- case 'logoff': $result = 3; break; // If logout successful
- case 'already': $result = 4; break; // If tried to login while already logged in
- case 'notyet': $result = 5; break; // If not logged in yet
- default: // Default: It was not a form request -> client autocreate
- if(!$debug)
- include_once('auto.php');
- $result = 0;
- }
- switch($result){
- case 0: // not a form
- case 5: // not yet auth
- $body_complement="onLoad=\"javascript:doOnLoad($result,'$userurl','$redirurl','$adminurl','$timeleft')\"";
- $body_add.=$l_create_wait;
- include_once('auto.php');
- break;
- case 1: // auth ok
- if ((is_file("./acc/manager/lib/sql/drivers/mysql/functions.php"))&&(is_file("/etc/freeradius-web/config.php"))){
- include_once("/etc/freeradius-web/config.php");
- include_once("./acc/manager/lib/sql/drivers/mysql/functions.php");
- $user_url=$_GET['userurl'];
- $user_uid=$_GET['uid'];
- $sql = "SELECT attribute, value FROM radreply WHERE username='$user_uid'";
- $link = @da_sql_pconnect($config); // on n'affiche pas les erreurs
- if ($link){
- $res = @da_sql_query($link,$config,$sql); // on n'affiche pas les erreurs
- if ($res){
- while(($row = @da_sql_fetch_array($res,$config))){
- if ($row['attribute'] == "Filter-Id") $filter_id = $row['value']; // on obtient le Filter-Id de l'utilisateur
- }
- if($filter_id[3] == '1'){
- #set the fourth bit of filter-id to '0'
- $sql = "set @CurrentFilter=(SELECT value from radreply where username='$user_uid');set @CurrentFilterLeft=(SELECT LEFT(@CurrentFilter,3));set @CurrentFilterRight=(SELECT RIGHT(@CurrentFilter,4));UPDATE radreply SET value = CONCAT((@CurrentFilterLeft),'0', (@CurrentFilterRight)) WHERE username='$user_uid'";
- $res = mysqli_multi_query($link,$sql);
- /*
- ////////////////// NOT INFORM IMPUTABILITY LOG //////////////////
- header("Location: http://$hostname/index.php?warn=1&url=$user_url"); //we present to user information about imputability logs
- exit;
- */
- }
- }
- }
- }
- break;
- case 2:
- break;
- case 3:
- break;
- case 4:
- break;
- }
- }
- else{
- $page_type="erreur";
- $body_add.=$l_network_pb;
- }
- //
- $content="<!DOCTYPE HTML>\n";
- $content.="<html lang=\"{$Language}\">\n";
- $content.="\t<head>\n";
- $content.="<style>body{ font-size:13px;}</style>";
- $content.="\t\t<title>{$l_title}</title>\n";
- $content.="\t\t<meta name=\"exploitant\" content=\"{$organisme}\" />\n";
- $content.="\t\t<meta charset=\"UTF-8\" />\n";
- $content.="\t\t<meta name=\"viewport\" content=\"width=950px\">\n";
- $content.="<script type=\"text/javascript\" language=\"JavaScript\">
- alcasar_popup = null;
- function popUp(URL) {
- if (self.name != \"alcasar_popup\") {
- alcasar_popup = window.open(URL, 'alcasar_popup', 'width=500,height=460,directories=no,resizable=no,scrollbars=yes,location=no,toolbar=no,statusbar=no,menubar=no');
- }
- }
- function doOnLoad(result, userurl, redirurl, adminurl, timeleft) {
- if ((result == 1)||(result == 4)) { //success or already
- //window.location = userurl;
- if (alcasar_popup != null) alcasar_popup.focus();
- if (adminurl != ''){
- window.location = adminurl;
- } else if (redirurl != '') {
- window.location = redirurl;
- } else if (userurl != '') {
- window.location = userurl;
- } else {
- window.home();
- }
- }
- if ((result == 2) || (result == 3) || result == 5) { //failed or logoff or notyet
- if (alcasar_popup != null) alcasar_popup.close();
- document.form1.UserName.focus();
- }
- }
- </script>";
- $content.=$header_add;
- $content.="\t</head>\n";
- $content.="\t<body style=\"background: rgb(220,220,220);\" {$body_complement}>\n";
- $content.="\t\t<div style=\"width: 900px; margin-left: auto; margin-right: auto;\">\n";
- $content.="\t\t\t<div style=\"background: rgba(255,255,255,1); height:100px; padding: 10px 10px 10px 10px;\">\n";
- $content.="\t\t\t\t<div style=\"display:block; float:left; vertical-align:middle;\"><img src=\"$img_rep$img_organisme\" alt=\"logo: {$organisme}\" style=\"height: 100px; display:inline-block;\"/></div>\n";
- $content.="\t\t\t\t<div style=\"display:inline-block; float:right; font-size: 36px; color:rgb(100,100,100); line-height:100px; text-align:center; width:400px;\">{$l_intro_title}</div>\n";
- $content.="\t\t\t\t<div style=\"clear:both;\"></div>\n";
- $content.="\t\t\t</div>\n";
- $content.="\t\t\t<div style=\"background: rgba(255,255,255,1); margin-top: 8px; padding:2px; text-align:center; font-size:15px; color:rgb(150,25,20); font-weight:bold;\">$l_explain</div>\n";
- $content.="\t\t\t<div style=\"background: rgba(255,255,255,1); margin-top: 8px;\">\n";
- $content.="\t\t\t\t<table style=\"padding:0;\"><tr style=\"vertical-align: top;\">\n";
- $content.="\t\t\t\t\t<td style=\"padding:0; padding-left:5px; width:440px; height:450px;\">";
- switch($page_type){
- case 'erreur':
- $content.="<h2 style=\"font-weight: bold; color:rgb(150,25,20);\">{$l_error}</h2>";
- break;
- case 'normal':
- $content.="";
- default:
- }
- $content.=$body_add;
- $content.="</td>";
- $content.="\t\t\t\t\t<td style=\"padding:0;\">";
- if(!$network_pb)
- $content.="<iframe src=\"https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FMA_COMPAGNIE%2F&tabs=timeline&width=450&height=500&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&locale={$l_facebook_local}\" width=\"450px\" height=\"500\" style=\"border:none;overflow:hidden\" scrolling=\"no\" frameborder=\"0\" allowTransparency=\"true\"></iframe>";
- $content.="</td>\n";
- $content.="\t\t\t\t</table>\n";
- $content.="\t\t\t</div>\n";
- $content.="\t\t</div>\n";
- $content.="\t</body>\n";
- $content.="</html>";
- echo $content;
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement