diff options
author | Renato Botelho <garga@FreeBSD.org> | 2015-03-16 08:17:03 -0300 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2015-03-16 08:17:03 -0300 |
commit | b78655a9cf9cdafb4998b30fb3894bd6c262ea96 (patch) | |
tree | 0223d57ad9b22bf0ff90264bdb00008fb0fbfede /usr/local/captiveportal/index.php | |
parent | aa77c7baf2020c4de1a4ae5db8b587a5a7c14bb8 (diff) | |
parent | 7d61beba45e06f4be2fc5436f14e879ec7dd2675 (diff) | |
download | pfsense-b78655a9cf9cdafb4998b30fb3894bd6c262ea96.zip pfsense-b78655a9cf9cdafb4998b30fb3894bd6c262ea96.tar.gz |
Merge pull request #1562 from phil-davis/usr-review1
Diffstat (limited to 'usr/local/captiveportal/index.php')
-rw-r--r-- | usr/local/captiveportal/index.php | 31 |
1 files changed, 19 insertions, 12 deletions
diff --git a/usr/local/captiveportal/index.php b/usr/local/captiveportal/index.php index 19b35d7..357537f 100644 --- a/usr/local/captiveportal/index.php +++ b/usr/local/captiveportal/index.php @@ -83,12 +83,13 @@ if ($orig_host != $ourhostname) { return; } -if (!empty($cpcfg['redirurl'])) +if (!empty($cpcfg['redirurl'])) { $redirurl = $cpcfg['redirurl']; -else if (preg_match("/redirurl=(.*)/", $orig_request, $matches)) +} else if (preg_match("/redirurl=(.*)/", $orig_request, $matches)) { $redirurl = urldecode($matches[1]); -else if ($_REQUEST['redirurl']) +} else if ($_REQUEST['redirurl']) { $redirurl = $_REQUEST['redirurl']; +} $macfilter = !isset($cpcfg['nomacfilter']); $passthrumac = isset($cpcfg['passthrumacadd']); @@ -111,14 +112,16 @@ if ($macfilter || $passthrumac) { /* find out if we need RADIUS + RADIUSMAC or not */ if (file_exists("{$g['vardb_path']}/captiveportal_radius_{$cpzone}.db")) { $radius_enable = TRUE; - if (isset($cpcfg['radmac_enable'])) + if (isset($cpcfg['radmac_enable'])) { $radmac_enable = TRUE; + } } /* find radius context */ $radiusctx = 'first'; -if ($_POST['auth_user2']) +if ($_POST['auth_user2']) { $radiusctx = 'second'; +} if ($_POST['logout_id']) { echo <<<EOD @@ -141,10 +144,11 @@ EOD; } else if ($macfilter && $clientmac && captiveportal_blocked_mac($clientmac)) { captiveportal_logportalauth($clientmac,$clientmac,$clientip,"Blocked MAC address"); - if (!empty($cpcfg['blockedmacsurl'])) + if (!empty($cpcfg['blockedmacsurl'])) { portal_reply_page($cpcfg['blockedmacsurl'], "redir"); - else + } else { portal_reply_page($redirurl, "error", "This MAC address has been blocked"); + } } else if ($clientmac && $radmac_enable && portal_mac_radius($clientmac,$clientip, $radiusctx)) { /* radius functions handle everything so we exit here since we're done */ @@ -203,12 +207,13 @@ EOD; portal_reply_page($redirurl, $type, $auth_list['reply_message'] ? $auth_list['reply_message'] : $errormsg); } } else { - if (!empty($_POST['auth_user'])) + if (!empty($_POST['auth_user'])) { $user = $_POST['auth_user']; - else if (!empty($_POST['auth_user2'])) + } else if (!empty($_POST['auth_user2'])) { $user = $_POST['auth_user2']; - else + } else { $user = 'unknown'; + } captiveportal_logportalauth($user ,$clientmac,$clientip,"ERROR"); portal_reply_page($redirurl, "error", $errormsg); } @@ -218,8 +223,9 @@ EOD; //check against local user manager $loginok = local_backed($_POST['auth_user'], $_POST['auth_pass']); - if ($loginok && isset($cpcfg['localauth_priv'])) + if ($loginok && isset($cpcfg['localauth_priv'])) { $loginok = userHasPrivilege(getUserEntry($_POST['auth_user']), "user-services-captiveportal-login"); + } if ($loginok){ captiveportal_logportalauth($_POST['auth_user'],$clientmac,$clientip,"LOGIN"); @@ -228,8 +234,9 @@ EOD; captiveportal_logportalauth($_POST['auth_user'],$clientmac,$clientip,"FAILURE"); portal_reply_page($redirurl, "error", $errormsg); } - } else + } else { portal_reply_page($redirurl, "error", $errormsg); + } } else if ($_POST['accept'] && $clientip && $cpcfg['auth_method'] == "none") { captiveportal_logportalauth("unauthenticated",$clientmac,$clientip,"ACCEPT"); |