diff options
author | Ermal <eri@pfsense.org> | 2010-05-28 20:15:30 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2010-05-28 20:17:04 +0000 |
commit | 72b9e452966668484e3a9ae15aedbc65df4a3bd0 (patch) | |
tree | 2637961cf7973790ef8549ad9d83a3259081e804 /usr | |
parent | 23e95c1a265382d6585328b71b12b040cac7f4e3 (diff) | |
download | pfsense-72b9e452966668484e3a9ae15aedbc65df4a3bd0.zip pfsense-72b9e452966668484e3a9ae15aedbc65df4a3bd0.tar.gz |
Some configurations want to be able to ask users about replacing their existing mac during auto mac passthrough logins if they change equipment. Allow this in the backend by requiring the user to need posting a replacemacpassthru field with the post. Also add the possibility to send back with a portal_reply_page generated page the username and password posted.
Diffstat (limited to 'usr')
-rwxr-xr-x | usr/local/captiveportal/index.php | 29 |
1 files changed, 24 insertions, 5 deletions
diff --git a/usr/local/captiveportal/index.php b/usr/local/captiveportal/index.php index 52d177a..204d6fa 100755 --- a/usr/local/captiveportal/index.php +++ b/usr/local/captiveportal/index.php @@ -194,7 +194,7 @@ exit; exit; -function portal_reply_page($redirurl, $type = null, $message = null, $clientmac = null, $clientip = null) { +function portal_reply_page($redirurl, $type = null, $message = null, $clientmac = null, $clientip = null, $username = null, $password = null) { global $g, $config; /* Get captive portal layout */ @@ -232,6 +232,8 @@ function portal_reply_page($redirurl, $type = null, $message = null, $clientmac $htmltext = str_replace("#PORTAL_MESSAGE#", htmlspecialchars($message), $htmltext); $htmltext = str_replace("#CLIENT_MAC#", htmlspecialchars($clientmac), $htmltext); $htmltext = str_replace("#CLIENT_IP#", htmlspecialchars($clientip), $htmltext); + $htmltext = str_replace("#USERNAME#", htmlspecialchars($username), $htmltext); + $htmltext = str_replace("#PASSWORD#", htmlspecialchars($password), $htmltext); echo $htmltext; } @@ -254,7 +256,7 @@ function portal_mac_radius($clientmac,$clientip) { function portal_allow($clientip,$clientmac,$username,$password = null, $attributes = null, $ruleno = null) { - global $redirurl, $g, $config, $type, $passthrumac; + global $redirurl, $g, $config, $type, $passthrumac, $_POST; /* See if a ruleno is passed, if not start locking the sessions because this means there isn't one atm */ $captiveshouldunlock = false; @@ -285,13 +287,31 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut if ($attributes['voucher']) $remaining_time = $attributes['session_timeout']; + $writecfg = false; /* Find an existing session */ if ((isset($config['captiveportal']['noconcurrentlogins'])) && $passthrumac) { if (isset($config['captiveportal']['passthrumacadd'])) { $mac = captiveportal_passthrumac_findbyname($username); if (!empty($mac)) { - portal_reply_page($redirurl, "error", "Username: {$username} is known with another mac address."); - exit; + if ($_POST['replacemacpassthru']) { + foreach ($a_passthrumacs as $idx => $macent) { + if ($macent['mac'] == $mac['mac']) { + unset($config['captiveportal']['passthrumac'][$idx]); + $mac['mac'] = $clientmac; + $config['captiveportal']['passthrumac'][] = $mac; + $macrules = captiveportal_passthrumac_configure_entry($mac); + file_put_contents("{$g['tmp_path']}/macentry.rules.tmp", $macrules); + mwexec("/sbin/ipfw -q {$g['tmp_path']}/macentry.rules.tmp"); + $writecfg = true; + $sessionid = true; + break; + } + } + } else { + portal_reply_page($redirurl, "error", "Username: {$username} is known with another mac address.", + $clientmac, $clientip, $username, $password); + exit; + } } } } @@ -334,7 +354,6 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut return 0; // voucher already used and no time left } - $writecfg = false; if (!isset($sessionid)) { /* generate unique session ID */ |