diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2005-03-20 22:24:53 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2005-03-20 22:24:53 +0000 |
commit | 7faeda46273b8c1bc0b2ded1e5ea95956c90667c (patch) | |
tree | 50f14944482af986f4b5fb8363f7ae55172933fd /usr/local | |
parent | 3b378be5e864cc2b96a89e168e7dbe4541294040 (diff) | |
download | pfsense-7faeda46273b8c1bc0b2ded1e5ea95956c90667c.zip pfsense-7faeda46273b8c1bc0b2ded1e5ea95956c90667c.tar.gz |
Import m0n0wall 1.2b7's captive portal code *WITH* user manager.
And the crowd goes wild.
Diffstat (limited to 'usr/local')
-rwxr-xr-x | usr/local/captiveportal/index.php | 96 | ||||
-rwxr-xr-x | usr/local/www/datetimepicker.js | 22 | ||||
-rwxr-xr-x | usr/local/www/services_captiveportal.php | 27 | ||||
-rwxr-xr-x | usr/local/www/services_captiveportal_ip.php | 1 | ||||
-rwxr-xr-x | usr/local/www/services_captiveportal_mac.php | 1 | ||||
-rwxr-xr-x | usr/local/www/services_captiveportal_users.php | 264 |
6 files changed, 392 insertions, 19 deletions
diff --git a/usr/local/captiveportal/index.php b/usr/local/captiveportal/index.php index 497e506..c51c073 100755 --- a/usr/local/captiveportal/index.php +++ b/usr/local/captiveportal/index.php @@ -27,6 +27,10 @@ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + This version of index.php has been modified by Rob Parker + <rob.parker@keycom.co.uk>. Changes made are in relation to Per-User Bandwidth + Management based on returned RADIUS attributes, and are (c) 2004 Keycom PLC. */ require("globals.inc"); @@ -59,7 +63,12 @@ if (!$clientmac && !isset($config['captiveportal']['nomacfilter'])) { if ($clientmac && portal_mac_fixed($clientmac)) { /* punch hole in ipfw for pass thru mac addresses */ - portal_allow($clientip, $clientmac, "unauthenticated"); + // KEYCOM: passthru mac bandwidth control] + if (isset($config['captiveportal']['peruserbw'])) { + portal_allow($clientip, $clientmac, "unauthenticated",$config['captiveportal']['bwauthmacup'],$config['captiveportal']['bwauthmacdn']); + } else { + portal_allow($clientip, $clientmac, "unauthenticated",0,0); + } } else if ($_POST['accept'] && file_exists("{$g['vardb_path']}/captiveportal_radius.db")) { @@ -72,14 +81,23 @@ if ($clientmac && portal_mac_fixed($clientmac)) { $radiusservers[0]['ipaddr'], $radiusservers[0]['port'], $radiusservers[0]['key']); + $auth_returns = explode("/", $auth_val); + $auth_val = $auth_returns[0]; + $bw_up = $auth_returns[1]; + $bw_down = $auth_returns[2]; if ($auth_val == 2) { - $sessionid = portal_allow($clientip, $clientmac, $_POST['auth_user']); + if (isset($config['captiveportal']['peruserbw'])) { + $sessionid = portal_allow($clientip, $clientmac, $_POST['auth_user'],$bw_up,$bw_down); + } else { + $sessionid = portal_allow($clientip, $clientmac, $_POST['auth_user'],0,0); + } if (isset($config['captiveportal']['radacct_enable']) && isset($radiusservers[0])) { $auth_val = RADIUS_ACCOUNTING_START($_POST['auth_user'], $sessionid, $radiusservers[0]['ipaddr'], $radiusservers[0]['acctport'], - $radiusservers[0]['key']); + $radiusservers[0]['key'], + $clientip); } } else { readfile("{$g['varetc_path']}/captiveportal-error.html"); @@ -88,8 +106,34 @@ if ($clientmac && portal_mac_fixed($clientmac)) { readfile("{$g['varetc_path']}/captiveportal-error.html"); } +} else if ($_POST['accept'] && $config['captiveportal']['auth_method']=="local") { + //check against local usermanager + + //erase expired accounts + if(trim($config['users'][$_POST['auth_user']]['expirationdate'])!="" && strtotime("-1 day")>strtotime($config['users'][$_POST['auth_user']]['expirationdate'])){ + unset($config['users'][$_POST['auth_user']]); + write_config(); + } + if($config['users'][$_POST['auth_user']]['password']==md5($_POST['auth_pass'])){ + portal_allow($clientip, $clientmac,$_POST['auth_user'],0,0); + } else { + readfile("{$g['varetc_path']}/captiveportal-error.html"); + } } else if ($_POST['accept'] && $clientip) { - portal_allow($clientip, $clientmac, "unauthenticated"); + //KEYCOM: authorised up and down bandwidth defaults (set from webgui). If not set, use 128/128 + if (isset($config['captiveportal']['peruserbw'])) { + $bw_up=$config['captiveportal']['bwauthipup']; + $bw_down=$config['captiveportal']['bwauthipdn']; + if(!isset($bw_up)) { + $bw_up=128; + } + if(!isset($bw_down)) { + $bw_down=128; + } + portal_allow($clientip, $clientmac, "unauthenticated",$bw_up,$bw_down); + } else { + portal_allow($clientip, $clientmac, "unauthenticated",0,0); + } } else if ($_POST['logout_id']) { disconnect_client($_POST['logout_id']); echo <<<EOD @@ -119,7 +163,7 @@ EOD; if (isset($config['captiveportal']['httpslogin'])) $htmltext = str_replace("\$PORTAL_ACTION\$", "https://{$config['captiveportal']['httpsname']}:8001/", $htmltext); else - $htmltext = str_replace("\$PORTAL_ACTION\$", "http://{$config['interfaces'][$config['captiveportal']['interface']]['ipaddr']}:8000/", $htmltext); + $htmltext = str_replace("\$PORTAL_ACTION\$", "", $htmltext); if (preg_match("/redirurl=(.*)/", $orig_request, $matches)) $redirurl = urldecode($matches[1]); @@ -153,7 +197,7 @@ function portal_mac_fixed($clientmac) { return FALSE ; } -function portal_allow($clientip,$clientmac,$clientuser) { +function portal_allow($clientip,$clientmac,$clientuser,$bw_up,$bw_down) { global $orig_host, $orig_request, $g, $config; @@ -175,6 +219,26 @@ function portal_allow($clientip,$clientmac,$clientuser) { /* add ipfw rules for layer 3 */ exec("/sbin/ipfw add $ruleno set 2 skipto 50000 ip from $clientip to any in"); exec("/sbin/ipfw add $ruleno set 2 skipto 50000 ip from any to $clientip out"); + + /* KEYCOM: add ipfw rules for dummynet based on bw_up and bw_down */ + //we're just copying them by adding on some and hoping no collision will occur + //2000 users would be expecting a bit much from a WAP ;) + + //we're using fixed rule numbers which are 'a step above' the m0n0 ones + //this makes sure we always know where our rules are, and taht they are deleted when m0n0's are + //they're set so they shouldn't hit anything important, and also so they are in roughly the right position in the fw. + + //of course, we only need to do this if it's enabled in the config + if (isset($config['captiveportal']['peruserbw'])) { + $up_rule_number = $ruleno + 40500; + $down_rule_number = $ruleno + 45500; + $lanif = $config['interfaces']['lan']['if']; + exec("/sbin/ipfw add $up_rule_number set 4 pipe $up_rule_number ip from $clientip to any via $lanif"); + exec("/sbin/ipfw add $down_rule_number set 4 pipe $down_rule_number ip from any to $clientip via $lanif"); + exec("/sbin/ipfw pipe $up_rule_number config bw " . trim($bw_up) . "Kbit/s queue 10"); + exec("/sbin/ipfw pipe $down_rule_number config bw " . trim($bw_down) . "Kbit/s queue 10"); + } + /* done */ /* add ipfw rules for layer 2 */ if (!isset($config['captiveportal']['nomacfilter'])) { @@ -209,9 +273,17 @@ function portal_allow($clientip,$clientmac,$clientuser) { $cpdb[$i][0], // start time $radiusservers[0]['ipaddr'], $radiusservers[0]['acctport'], - $radiusservers[0]['key']); + $radiusservers[0]['key'], + $clientip); + } + //KEYCOM: we need to delete +40500 and +45500 as well... + //these are the rule numbers we use to control traffic shaping for each logged in user via captive portal + mwexec("/sbin/ipfw delete " . $cpdb[$i][1]); + //we only need to remove our rules if peruserbw is turned on. + if(isset($config['captiveportal']['peruserbw'])) { + mwexec("/sbin/ipfw delete " . ($cpdb[$i][1]+40500)); + mwexec("/sbin/ipfw delete " . ($cpdb[$i][1]+45500)); } - mwexec("/sbin/ipfw delete " . $cpdb[$i][1] . " " . ($cpdb[$i][1]+10000)); unset($cpdb[$i]); break; } @@ -385,9 +457,15 @@ function disconnect_client($sessionid) { $cpdb[$i][0], // start time $radiusservers[0]['ipaddr'], $radiusservers[0]['acctport'], - $radiusservers[0]['key']); + $radiusservers[0]['key'], + $clientip); } + //again we need to remve +40500 and +45500 as well, if they exist mwexec("/sbin/ipfw delete " . $cpdb[$i][1] . " " . ($cpdb[$i][1]+10000)); + if(isset($config['captiveportal']['peruserbw'])) { + mwexec("/sbin/ipfw delete " . ($cpdb[$i][1]+40500)); + mwexec("/sbin/ipfw delete " . ($cpdb[$i][1]+45500)); + } unset($cpdb[$i]); break; } diff --git a/usr/local/www/datetimepicker.js b/usr/local/www/datetimepicker.js index a0f5a9c..c4d585a 100755 --- a/usr/local/www/datetimepicker.js +++ b/usr/local/www/datetimepicker.js @@ -30,15 +30,15 @@ var TimeMode=24;//default TimeMode value. 12 or 24 var ShowLongMonth=true;//Show long month name in Calendar header. example: "January". var ShowMonthYear=true;//Show Month and Year in Calendar header. -var MonthYearColor="#cc0033";//Font Color of Month and Year in Calendar header. -var WeekHeadColor="#0099CC";//Background Color in Week header. -var SundayColor="#6699FF";//Background color of Sunday. -var SaturdayColor="#CCCCFF";//Background color of Saturday. +var MonthYearColor="#435370";//Font Color of Month and Year in Calendar header. +var WeekHeadColor="#777777";//Background Color in Week header. +var SundayColor="#D9DEE8";//Background color of Sunday. +var SaturdayColor="#D9DEE8";//Background color of Saturday. var WeekDayColor="white";//Background color of weekdays. -var FontColor="blue";//color of font in Calendar day cell. +var FontColor="black";//color of font in Calendar day cell. var TodayColor="#FFFF33";//Background color of today. -var SelDateColor="#FFFF99";//Backgrond color of selected date in textbox. -var YrSelColor="#cc0033";//color of font of Year selector. +var SelDateColor="red";//Backgrond color of selected date in textbox. +var YrSelColor="black";//color of font of Year selector. var ThemeBg="";//Background image of Calendar window. //end Configurable parameters //end Global variable @@ -118,7 +118,7 @@ function NewCal(pCtrl,pFormat,pShowTime,pTimeMode) Cal.SetSecond(strSecond); } } - winCal=window.open("","DateTimePicker","toolbar=0,status=0,menubar=0,fullscreen=no,width=195,height=245,resizable=0,top="+cnTop+",left="+cnLeft); + winCal=window.open("","DateTimePicker","toolbar=0,status=0,menubar=0,fullscreen=no,width=195,height=200,resizable=0,top="+cnTop+",left="+cnLeft); docCal=winCal.document; RenderCal(); } @@ -137,9 +137,13 @@ function RenderCal() docCal.open(); docCal.writeln("<html><head><title>"+WindowTitle+"</title>"); docCal.writeln("<script>var winMain=window.opener;</script>"); + docCal.writeln("<style>"); + docCal.writeln("body,td,th,input,select {font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif;font-size: 11px;}"); + docCal.writeln("a {text-decoration: none;}"); + docCal.writeln("</style>"); docCal.writeln("</head><body background='"+ThemeBg+"' link="+FontColor+" vlink="+FontColor+"><form name='Calendar'>"); - vCalHeader="<table border=1 cellpadding=1 cellspacing=1 width='100%' align=\"center\" valign=\"top\">\n"; + vCalHeader="<table border=1 cellpadding=1 cellspacing=1 align=\"center\" valign=\"top\" bgcolor='#EEEEEE' style=\"border-color:#999999; border-style:solid; border-collapse:collapse\">\n"; //Month Selector vCalHeader+="<tr>\n<td colspan='7'><table border=0 width='100%' cellpadding=0 cellspacing=0><tr><td align='left'>\n"; vCalHeader+="<select name=\"MonthSelector\" onChange=\"javascript:winMain.Cal.SwitchMth(this.selectedIndex);winMain.RenderCal();\">\n"; diff --git a/usr/local/www/services_captiveportal.php b/usr/local/www/services_captiveportal.php index e86ed35..3185fd2 100755 --- a/usr/local/www/services_captiveportal.php +++ b/usr/local/www/services_captiveportal.php @@ -50,6 +50,7 @@ $pconfig['cinterface'] = $config['captiveportal']['interface']; $pconfig['timeout'] = $config['captiveportal']['timeout']; $pconfig['idletimeout'] = $config['captiveportal']['idletimeout']; $pconfig['enable'] = isset($config['captiveportal']['enable']); +$pconfig['auth_method'] = $config['captiveportal']['auth_method']; $pconfig['radacct_enable'] = isset($config['captiveportal']['radacct_enable']); $pconfig['httpslogin_enable'] = isset($config['captiveportal']['httpslogin']); $pconfig['httpsname'] = $config['captiveportal']['httpsname']; @@ -128,6 +129,7 @@ if ($_POST) { $config['captiveportal']['timeout'] = $_POST['timeout']; $config['captiveportal']['idletimeout'] = $_POST['idletimeout']; $config['captiveportal']['enable'] = $_POST['enable'] ? true : false; + $config['captiveportal']['auth_method'] = $_POST['auth_method']; $config['captiveportal']['radacct_enable'] = $_POST['radacct_enable'] ? true : false; $config['captiveportal']['httpslogin'] = $_POST['httpslogin_enable'] ? true : false; $config['captiveportal']['httpsname'] = $_POST['httpsname']; @@ -180,9 +182,16 @@ if ($_POST) { <?php include("fbegin.inc"); ?> <script language="JavaScript"> <!-- +function auth_method_change() { + if (document.iform.auth_method[0].checked == false) { + document.iform.logoutwin_enable.checked = 1; + } else { + document.iform.logoutwin_enable.checked = 0; + } +} function radacct_change() { if (document.iform.radacct_enable.checked) { - document.iform.logoutwin_enable.checked = 1; + auth_method_change(); } } @@ -198,6 +207,9 @@ function enable_change(enable_change) { document.iform.radiusport.disabled = endis; document.iform.radiuskey.disabled = endis; document.iform.radacct_enable.disabled = endis; + document.iform.auth_method[0].disabled = endis; + document.iform.auth_method[1].disabled = endis; + document.iform.auth_method[2].disabled = endis; document.iform.httpslogin_enable.disabled = endis; document.iform.httpsname.disabled = endis; document.iform.cert.disabled = endis; @@ -210,6 +222,9 @@ function enable_change(enable_change) { if (enable_change && document.iform.radacct_enable.checked) { document.iform.logoutwin_enable.checked = 1; } + if (enable_change && document.iform.auth_method[0].checked == false) { + document.iform.logoutwin_enable.checked = 1; + } } //--> </script> @@ -222,6 +237,7 @@ function enable_change(enable_change) { <li class="tabact">Captive portal</li> <li class="tabinact"><a href="services_captiveportal_mac.php">Pass-through MAC</a></li> <li class="tabinact"><a href="services_captiveportal_ip.php">Allowed IP addresses</a></li> + <li class="tabinact"><a href="services_captiveportal_users.php">Users</a></li> </ul> </td></tr> <tr> @@ -318,6 +334,15 @@ to access after they've authenticated.</td> <td width="22%" valign="top" class="vncell">RADIUS server</td> <td width="78%" class="vtable"> <table cellpadding="0" cellspacing="0"> + <td>No Authentication: </td> + <td><input name="auth_method" type="radio" id="auth_method" value="none" <?php if($pconfig['auth_method']!="local" || $pconfig['auth_method']!="radius") echo "checked"; ?> onClick="auth_method_change()"></td> + </tr> + <td>Local <a href="services_captiveportal_users.php">Usermanager</a>: </td> + <td><input name="auth_method" type="radio" id="auth_method" value="local" <?php if($pconfig['auth_method']=="local") echo "checked"; ?> onClick="auth_method_change()"></td> + </tr> + <td>RADIUS Authentication: </td> + <td><input name="auth_method" type="radio" id="auth_method" value="radius" <?php if($pconfig['auth_method']=="radius") echo "checked"; ?> onClick="auth_method_change()"></td> + </tr> <tr> <td>IP address:</td> <td><input name="radiusip" type="text" class="formfld" id="radiusip" size="20" value="<?=htmlspecialchars($pconfig['radiusip']);?>"></td> diff --git a/usr/local/www/services_captiveportal_ip.php b/usr/local/www/services_captiveportal_ip.php index c648fb3..4c0fbcb 100755 --- a/usr/local/www/services_captiveportal_ip.php +++ b/usr/local/www/services_captiveportal_ip.php @@ -92,6 +92,7 @@ if ($_GET['act'] == "del") { <li class="tabinact1"><a href="services_captiveportal.php">Captive portal</a></li> <li class="tabinact"><a href="services_captiveportal_mac.php">Pass-through MAC</a></li> <li class="tabact">Allowed IP addresses</li> + <li class="tabinact"><a href="services_captiveportal_users.php">Users</a></li> </ul> </td></tr> <tr> diff --git a/usr/local/www/services_captiveportal_mac.php b/usr/local/www/services_captiveportal_mac.php index 67be1b8..58e6a73 100755 --- a/usr/local/www/services_captiveportal_mac.php +++ b/usr/local/www/services_captiveportal_mac.php @@ -92,6 +92,7 @@ if ($_GET['act'] == "del") { <li class="tabinact1"><a href="services_captiveportal.php">Captive portal</a></li> <li class="tabact">Pass-through MAC</li> <li class="tabinact"><a href="services_captiveportal_ip.php">Allowed IP addresses</a></li> + <li class="tabinact"><a href="services_captiveportal_users.php">Users</a></li> </ul> </td></tr> <tr> diff --git a/usr/local/www/services_captiveportal_users.php b/usr/local/www/services_captiveportal_users.php new file mode 100755 index 0000000..46b9e17 --- /dev/null +++ b/usr/local/www/services_captiveportal_users.php @@ -0,0 +1,264 @@ +#!/usr/local/bin/php +<?php +/* + services_captiveportal_users.php + part of m0n0wall (http://m0n0.ch/wall) + + Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. + All rights reserved. + Copyright (C) 2005 Pascal Suter <d-monodev@psuter.ch>. + All rights reserved. + (files was created by Pascal based on the source code of services_captiveportal.php from Manuel) + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +$pgtitle = array("Services", "Captive portal"); +require("guiconfig.inc"); +if(isset($_POST['save'])){ + //value-checking + if(trim($_POST['password1'])!="********" && + trim($_POST['password1'])!="" && + trim($_POST['password1'])!=trim($_POST['password2'])){ + //passwords are to be changed but don't match + $input_errors[]="passwords don't match"; + } + if((trim($_POST['password1'])=="" || trim($_POST['password1'])=="********") && + (trim($_POST['password2'])=="" || trim($_POST['password2'])=="********")){ + //assume password should be left as is if a password is set already. + if(!empty($config['users'][$_POST['old_username']]['password'])){ + $_POST['password1']="********"; + $_POST['password2']="********"; + } else { + $input_errors[]="password must not be empty"; + } + } else { + if(trim($_POST['password1'])!=trim($_POST['password2'])){ + //passwords are to be changed or set but don't match + $input_errors[]="passwords don't match"; + } else { + //check password for invalid characters + if(!preg_match('/^[a-zA-Z0-9_\-\.@\~\(\)\&\*\+§?!\$£°\%;:]*$/',$_POST['username'])){ + $input_errors[] = "password contains illegal characters, only letters from A-Z and a-z, _, -, .,@,~,(,),&,*,+,§,?,!,$,£,°,%,;,: and numbers are allowed"; + //test pw: AZaz_-.@~()&*+§?!$£°%;: + } + } + } + if($_POST['username']==""){ + $input_errors[] = "username must not be empty!"; + } + //check for a valid expirationdate if one is set at all (valid means, strtotime() puts out a time stamp + //so any strtotime compatible time format may be used. to keep it simple for the enduser, we only claim + //to accept MM/DD/YYYY as inputs. advanced users may use inputs like "+1 day", which will be converted to + //MM/DD/YYYY based on "now" since otherwhise such an entry would lead to a never expiring expirationdate + if(trim($_POST['expirationdate'])!=""){ + if(strtotime($_POST['expirationdate'])>0){ + if(strtotime("-1 day")>strtotime(date("m/d/Y",strtotime($_POST['expirationdate'])))){ + $input_errors[] = "selected expiration date lies in the past"; + } else { + //convert from any strtotime compatible date to MM/DD/YYYY + $expdate = strtotime($_POST['expirationdate']); + $_POST['expirationdate'] = date("m/d/Y",$expdate); + } + } else { + $input_errors[] = "invalid expiration date format, use MM/DD/YYYY instead"; + } + } + //check username: only allow letters from A-Z and a-z, _, -, . and numbers from 0-9 (note: username can + //not contain characters which are not allowed in an xml-token. i.e. if you'd use @ in a username, config.xml + //could not be parsed anymore! + if(!preg_match('/^[a-zA-Z0-9_\-\.]*$/',$_POST['username'])){ + $input_errors[] = "username contains illegal characters, only letters from A-Z and a-z, _, -, . and numbers are allowed"; + } + + if(!empty($input_errors)){ + //there are illegal inputs --> print out error message and show formular again (and fill in all recently entered values + //except passwords + $_GET['act']="new"; + $_POST['old_username']=($_POST['old_username'] ? $_POST['old_username'] : $_POST['username']); + $_GET['username']=$_POST['old_username']; + foreach(Array("username","fullname","expirationdate") as $field){ + $config['users'][$_POST['old_username']][$field]=$_POST[$field]; + } + } else { + //all values are okay --> saving changes + $_POST['username']=trim($_POST['username']); + if($_POST['old_username']!="" && $_POST['old_username']!=$_POST['username']){ + //change the username (which is used as array-index) + $config['users'][$_POST['username']]=$config['users'][$_POST['old_username']]; + unset($config['users'][$_POST['old_username']]); + } + foreach(Array('fullname','expirationdate') as $field){ + $config['users'][$_POST['username']][$field]=trim($_POST[$field]); + } + if(trim($_POST['password1'])!="********" && trim($_POST['password1'])!=""){ + $config['users'][$_POST['username']]['password']=md5(trim($_POST['password1'])); + } + write_config(); + $savemsg=$_POST['username']." successfully saved<br>"; + } +} else if ($_GET['act']=="delete" && isset($_GET['username'])){ + unset($config['users'][$_GET['username']]); + write_config(); + $savemsg=$_GET['username']." successfully deleted<br>"; +} +//erase expired accounts +$changed=false; +if(is_array($config['users'])){ + foreach($config['users'] as $username => $user){ + if(trim($user['expirationdate'])!="" && strtotime("-1 day")>strtotime($user['expirationdate']) && empty($input_errors)){ + unset($config['users'][$username]); + $changed=true; + $savemsg.="$username has expired --> $username was deleted<br>"; + } + } + if($changed){ + write_config(); + } +} + +?> +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> +<html> +<head> +<title><?=gentitle("pfSense webGUI");?></title> +<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> +<link href="gui.css" rel="stylesheet" type="text/css"> +</head> + +<form> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<?php include("fbegin.inc"); ?> +<script language="javascript" type="text/javascript" src="datetimepicker.js"> +//Date Time Picker script- by TengYong Ng of http://www.rainforestnet.com +//Script featured on JavaScript Kit (http://www.javascriptkit.com) +//For this script, visit http://www.javascriptkit.com +</script> +<?php if ($input_errors) print_input_errors($input_errors); ?> +<?php if ($savemsg) print_info_box($savemsg); ?> +<table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr><td> + <ul id="tabnav"> + <li class="tabinact1"><a href="services_captiveportal.php">Captive portal</a></li> + <li class="tabinact"><a href="services_captiveportal_mac.php">Pass-through MAC</a></li> + <li class="tabinact"><a href="services_captiveportal_ip.php">Allowed IP addresses</a></li> + <li class="tabact">Users</li> + </ul> + </td></tr> + <tr> + <td class="tabcont"> +<?php +if($_GET['act']=="new" || $_GET['act']=="edit"){ + if($_GET['act']=="edit" && isset($_GET['username'])){ + $user=$config['users'][$_GET['username']]; + } +?> + <form action="services_captiveportal_users.php" method="post" name="iform" id="iform"> + <table width="100%" border="0" cellpadding="6" cellspacing="0"> + <tr> + <td width="22%" valign="top" class="vncellreq">Username</td> + <td width="78%" class="vtable"> + <input name="username" type="text" class="formfld" id="username" size="20" value="<? echo $_GET['username']; ?>"> + <br> + <span class="vexpl">Username to be used</span></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq">Password</td> + <td width="78%" class="vtable"> + <input name="password1" type="password" class="formfld" id="password1" size="20" value="<?php echo ($_GET['act']=='edit' ? "********" : "" ); ?>"> + <br> + <span class="vexpl">Password for the user</span></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq">confirm Password</td> + <td width="78%" class="vtable"> + <input name="password2" type="password" class="formfld" id="password2" size="20" value="<?php echo ($_GET['act']=='edit' ? "********" : "" ); ?>"> + <br> + <span class="vexpl">Confirm the above Password</span></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell">Full Name</td> + <td width="78%" class="vtable"> + <input name="fullname" type="text" class="formfld" id="fullname" size="20" value="<? echo $user['fullname']; ?>"> + <br> + Full Name of current user, for your own information only</td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell">Expiration Date</td> + <td width="78%" class="vtable"> + <input name="expirationdate" type="text" class="formfld" id="expirationdate" size="10" value="<? echo $user['expirationdate']; ?>"> + <a href="javascript:NewCal('expirationdate','mmddyyyy')"><img src="cal.gif" width="16" height="16" border="0" alt="Pick a date"></a> + <br> <span class="vexpl">enter nothing if account doesnt expire, otherwhise enter the expiration date in us-format: mm/dd/yyyy</span></td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input name="save" type="submit" class="formbtn" value="Save"> + <input name="old_username" type="hidden" value="<? echo $_GET['username'];?>"> + </td> + </tr> + </table> + </form> +<?php +} else { + echo <<<END + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td width="35%" class="listhdrr">Username</td> + <td width="20%" class="listhdrr">Full Name</td> + <td width="35%" class="listhdr">Expires</td> + <td width="10%" class="list"></td> + </tr> +END; + if(is_array($config['users'])){ + foreach($config['users'] as $username => $user){ +?> + <tr> + <td class="listlr"> + <?php echo $username; ?> + </td> + <td class="listr"> + <?php echo $user['fullname']; ?> + </td> + <td class="listbg"> + <?php echo $user['expirationdate']; ?> + </td> + <td valign="middle" nowrap class="list"> <a href="services_captiveportal_users.php?act=edit&username=<?php echo $username; ?>"><img src="e.gif" width="17" height="17" border="0"></a> + <a href="services_captiveportal_users.php?act=delete&username=<?php echo $username; ?>" onclick="return confirm('Do you really want to delete this User?')"><img src="x.gif" width="17" height="17" border="0"></a></td> + </tr> +<?php + } + } + echo <<<END + <tr> + <td class="list" colspan="3"></td> + <td class="list"> <a href="services_captiveportal_users.php?act=new"><img src="plus.gif" width="17" height="17" border="0"></a></td> + </tr> + </table> +END; +} +?> + + </td> + </tr> + </table> +<?php include("fend.inc"); ?> |