diff options
-rw-r--r-- | usr/local/www/services_captiveportal.php | 1376 | ||||
-rw-r--r-- | usr/local/www/services_captiveportal_filemanager.php | 221 | ||||
-rw-r--r-- | usr/local/www/services_captiveportal_hostname.php | 206 | ||||
-rw-r--r-- | usr/local/www/services_captiveportal_hostname_edit.php | 141 | ||||
-rw-r--r-- | usr/local/www/services_captiveportal_ip.php | 191 | ||||
-rw-r--r-- | usr/local/www/services_captiveportal_ip_edit.php | 122 | ||||
-rw-r--r-- | usr/local/www/services_captiveportal_mac.php | 28 | ||||
-rw-r--r-- | usr/local/www/services_captiveportal_mac_edit.php | 44 | ||||
-rw-r--r-- | usr/local/www/services_captiveportal_vouchers.php | 489 | ||||
-rw-r--r-- | usr/local/www/services_captiveportal_vouchers_edit.php | 261 | ||||
-rw-r--r-- | usr/local/www/services_captiveportal_zones.php | 128 | ||||
-rw-r--r-- | usr/local/www/services_captiveportal_zones_edit.php | 5 |
12 files changed, 1783 insertions, 1429 deletions
diff --git a/usr/local/www/services_captiveportal.php b/usr/local/www/services_captiveportal.php index a56a6fc..4c3874e 100644 --- a/usr/local/www/services_captiveportal.php +++ b/usr/local/www/services_captiveportal.php @@ -44,8 +44,9 @@ require_once("filter.inc"); require_once("shaper.inc"); require_once("captiveportal.inc"); -if (substr($_GET['act'], 0, 3) == "get") +if (substr($_GET['act'], 0, 3) == "get") { $nocsrf = true; +} require_once("guiconfig.inc"); @@ -54,24 +55,27 @@ global $cpzoneid; $cpzoneid = 1; /* Just a default */ $cpzone = $_GET['zone']; -if (isset($_POST['zone'])) +if (isset($_POST['zone'])) { $cpzone = $_POST['zone']; +} if (empty($cpzone) || empty($config['captiveportal'][$cpzone])) { header("Location: services_captiveportal_zones.php"); exit; } -if (!is_array($config['captiveportal'])) +if (!is_array($config['captiveportal'])) { $config['captiveportal'] = array(); +} $a_cp =& $config['captiveportal']; -$pgtitle = array(gettext("Services"),gettext("Captive portal"), $a_cp[$cpzone]['zone']); +$pgtitle = array(gettext("Services"), gettext("Captive portal"), $a_cp[$cpzone]['zone']); $shortcut_section = "captiveportal"; if ($_GET['act'] == "viewhtml") { - if ($a_cp[$cpzone] && $a_cp[$cpzone]['page']['htmltext']) + if ($a_cp[$cpzone] && $a_cp[$cpzone]['page']['htmltext']) { echo base64_decode($a_cp[$cpzone]['page']['htmltext']); + } exit; } else if ($_GET['act'] == "gethtmlhtml" && $a_cp[$cpzone] && $a_cp[$cpzone]['page']['htmltext']) { $file_data = base64_decode($a_cp[$cpzone]['page']['htmltext']); @@ -89,8 +93,9 @@ if ($_GET['act'] == "viewhtml") { header("Location: services_captiveportal.php?zone={$cpzone}"); exit; } else if ($_GET['act'] == "viewerrhtml") { - if ($a_cp[$cpzone] && $a_cp[$cpzone]['page']['errtext']) + if ($a_cp[$cpzone] && $a_cp[$cpzone]['page']['errtext']) { echo base64_decode($a_cp[$cpzone]['page']['errtext']); + } exit; } else if ($_GET['act'] == "geterrhtml" && $a_cp[$cpzone] && $a_cp[$cpzone]['page']['errtext']) { $file_data = base64_decode($a_cp[$cpzone]['page']['errtext']); @@ -108,8 +113,9 @@ if ($_GET['act'] == "viewhtml") { header("Location: services_captiveportal.php?zone={$cpzone}"); exit; } else if ($_GET['act'] == "viewlogouthtml") { - if ($a_cp[$cpzone] && $a_cp[$cpzone]['page']['logouttext']) + if ($a_cp[$cpzone] && $a_cp[$cpzone]['page']['logouttext']) { echo base64_decode($a_cp[$cpzone]['page']['logouttext']); + } exit; } else if ($_GET['act'] == "getlogouthtml" && $a_cp[$cpzone] && $a_cp[$cpzone]['page']['logouttext']) { $file_data = base64_decode($a_cp[$cpzone]['page']['logouttext']); @@ -128,13 +134,15 @@ if ($_GET['act'] == "viewhtml") { exit; } -if (!is_array($config['ca'])) +if (!is_array($config['ca'])) { $config['ca'] = array(); +} $a_ca =& $config['ca']; -if (!is_array($config['cert'])) +if (!is_array($config['cert'])) { $config['cert'] = array(); +} $a_cert =& $config['cert']; @@ -192,12 +200,15 @@ if ($a_cp[$cpzone]) { $pconfig['reverseacct'] = isset($a_cp[$cpzone]['reverseacct']); $pconfig['radiusnasid'] = $a_cp[$cpzone]['radiusnasid']; $pconfig['page'] = array(); - if ($a_cp[$cpzone]['page']['htmltext']) + if ($a_cp[$cpzone]['page']['htmltext']) { $pconfig['page']['htmltext'] = $a_cp[$cpzone]['page']['htmltext']; - if ($a_cp[$cpzone]['page']['errtext']) + } + if ($a_cp[$cpzone]['page']['errtext']) { $pconfig['page']['errtext'] = $a_cp[$cpzone]['page']['errtext']; - if ($a_cp[$cpzone]['page']['logouttext']) + } + if ($a_cp[$cpzone]['page']['logouttext']) { $pconfig['page']['logouttext'] = $a_cp[$cpzone]['page']['logouttext']; + } } if ($_POST) { @@ -222,12 +233,14 @@ if ($_POST) { /* make sure no interfaces are bridged or used on other zones */ if (is_array($_POST['cinterface'])) { foreach ($pconfig['cinterface'] as $cpbrif) { - if (link_interface_to_bridge($cpbrif)) + if (link_interface_to_bridge($cpbrif)) { $input_errors[] = sprintf(gettext("The captive portal cannot be used on interface %s since it is part of a bridge."), $cpbrif); + } foreach ($a_cp as $cpkey => $cp) { if ($cpkey != $cpzone || empty($cpzone)) { - if (in_array($cpbrif, explode(",", $cp['interface']))) + if (in_array($cpbrif, explode(",", $cp['interface']))) { $input_errors[] = sprintf(gettext("The captive portal cannot be used on interface %s since it is used already on %s instance."), $cpbrif, $cp['zone']); + } } } } @@ -244,21 +257,25 @@ if ($_POST) { } if ($_POST['timeout']) { - if (!is_numeric($_POST['timeout']) || ($_POST['timeout'] < 1)) + if (!is_numeric($_POST['timeout']) || ($_POST['timeout'] < 1)) { $input_errors[] = gettext("The timeout must be at least 1 minute."); - else if (isset($config['dhcpd']) && is_array($config['dhcpd'])) { + } else if (isset($config['dhcpd']) && is_array($config['dhcpd'])) { foreach ($config['dhcpd'] as $dhcpd_if => $dhcpd_data) { - if (!isset($dhcpd_data['enable'])) + if (!isset($dhcpd_data['enable'])) { continue; - if (!is_array($_POST['cinterface']) || !in_array($dhcpd_if, $_POST['cinterface'])) + } + if (!is_array($_POST['cinterface']) || !in_array($dhcpd_if, $_POST['cinterface'])) { continue; + } $deftime = 7200; // Default lease time - if (isset($dhcpd_data['defaultleasetime']) && is_numeric($dhcpd_data['defaultleasetime'])) + if (isset($dhcpd_data['defaultleasetime']) && is_numeric($dhcpd_data['defaultleasetime'])) { $deftime = $dhcpd_data['defaultleasetime']; + } - if ($_POST['timeout'] > $deftime) + if ($_POST['timeout'] > $deftime) { $input_errors[] = gettext("Hard timeout must be less or equal Default lease time set on DHCP Server"); + } } } } @@ -312,14 +329,16 @@ if ($_POST) { if (empty($newcp['zoneid'])) { $newcp['zoneid'] = 2; foreach ($a_cp as $keycpzone => $cp) { - if ($cp['zoneid'] == $newcp['zoneid'] && $keycpzone != $cpzone) - $newcp['zoneid'] += 2; /* Resreve space for SSL config if needed */ + if ($cp['zoneid'] == $newcp['zoneid'] && $keycpzone != $cpzone) { + $newcp['zoneid'] += 2; /* Reserve space for SSL config if needed */ + } } $cpzoneid = $newcp['zoneid']; } $oldifaces = explode(",", $newcp['interface']); - if (is_array($_POST['cinterface'])) + if (is_array($_POST['cinterface'])) { $newcp['interface'] = implode(",", $_POST['cinterface']); + } $newcp['maxproc'] = $_POST['maxproc']; $newcp['maxprocperip'] = $_POST['maxprocperip'] ? $_POST['maxprocperip'] : false; $newcp['timeout'] = $_POST['timeout']; @@ -327,10 +346,11 @@ if ($_POST) { $newcp['freelogins_count'] = $_POST['freelogins_count']; $newcp['freelogins_resettimeout'] = $_POST['freelogins_resettimeout']; $newcp['freelogins_updatetimeouts'] = $_POST['freelogins_updatetimeouts'] ? true : false; - if ($_POST['enable']) + if ($_POST['enable']) { $newcp['enable'] = true; - else + } else { unset($newcp['enable']); + } $newcp['auth_method'] = $_POST['auth_method']; $newcp['localauth_priv'] = isset($_POST['localauth_priv']); $newcp['radacct_enable'] = $_POST['radacct_enable'] ? true : false; @@ -338,22 +358,25 @@ if ($_POST) { $newcp['radmac_enable'] = $_POST['radmac_enable'] ? true : false; $newcp['radmac_secret'] = $_POST['radmac_secret'] ? $_POST['radmac_secret'] : false; $newcp['reauthenticateacct'] = $_POST['reauthenticateacct']; - if ($_POST['httpslogin_enable']) + if ($_POST['httpslogin_enable']) { $newcp['httpslogin'] = true; - else + } else { unset($newcp['httpslogin']); + } $newcp['httpsname'] = $_POST['httpsname']; $newcp['preauthurl'] = $_POST['preauthurl']; $newcp['blockedmacsurl'] = $_POST['blockedmacsurl']; $newcp['peruserbw'] = $_POST['peruserbw'] ? true : false; - if (isset($_POST['bwdefaultdn'])) + if (isset($_POST['bwdefaultdn'])) { $newcp['bwdefaultdn'] = $_POST['bwdefaultdn']; - else + } else { unset($newcp['bwdefaultdn']); - if (isset($_POST['bwdefaultup'])) + } + if (isset($_POST['bwdefaultup'])) { $newcp['bwdefaultup'] = $_POST['bwdefaultup']; - else + } else { unset($newcp['bwdefaultup']); + } $newcp['certref'] = $_POST['certref']; $newcp['nohttpsforwards'] = $_POST['nohttpsforwards'] ? true : false; $newcp['logoutwin_enable'] = $_POST['logoutwin_enable'] ? true : false; @@ -361,28 +384,34 @@ if ($_POST) { $newcp['noconcurrentlogins'] = $_POST['noconcurrentlogins'] ? true : false; $newcp['radius_protocol'] = $_POST['radius_protocol']; $newcp['redirurl'] = $_POST['redirurl']; - if (isset($_POST['radiusip'])) + if (isset($_POST['radiusip'])) { $newcp['radiusip'] = $_POST['radiusip']; - else + } else { unset($newcp['radiusip']); - if (isset($_POST['radiusip2'])) + } + if (isset($_POST['radiusip2'])) { $newcp['radiusip2'] = $_POST['radiusip2']; - else + } else { unset($newcp['radiusip2']); - if (isset($_POST['radiusip3'])) + } + if (isset($_POST['radiusip3'])) { $newcp['radiusip3'] = $_POST['radiusip3']; - else + } else { unset($newcp['radiusip3']); - if (isset($_POST['radiusip4'])) + } + if (isset($_POST['radiusip4'])) { $newcp['radiusip4'] = $_POST['radiusip4']; - else + } else { unset($newcp['radiusip4']); + } $newcp['radiusport'] = $_POST['radiusport']; $newcp['radiusport2'] = $_POST['radiusport2']; - if (isset($_POST['radiusport3'])) + if (isset($_POST['radiusport3'])) { $newcp['radiusport3'] = $_POST['radiusport3']; - if (isset($_POST['radiusport4'])) + } + if (isset($_POST['radiusport4'])) { $newcp['radiusport4'] = $_POST['radiusport4']; + } $newcp['radiusacctport'] = $_POST['radiusacctport']; $newcp['radiuskey'] = $_POST['radiuskey']; $newcp['radiuskey2'] = $_POST['radiuskey2']; @@ -396,16 +425,20 @@ if ($_POST) { $newcp['radmac_format'] = $_POST['radmac_format'] ? $_POST['radmac_format'] : false; $newcp['reverseacct'] = $_POST['reverseacct'] ? true : false; $newcp['radiusnasid'] = trim($_POST['radiusnasid']); - if (!is_array($newcp['page'])) + if (!is_array($newcp['page'])) { $newcp['page'] = array(); + } /* file upload? */ - if (is_uploaded_file($_FILES['htmlfile']['tmp_name'])) + if (is_uploaded_file($_FILES['htmlfile']['tmp_name'])) { $newcp['page']['htmltext'] = base64_encode(file_get_contents($_FILES['htmlfile']['tmp_name'])); - if (is_uploaded_file($_FILES['errfile']['tmp_name'])) + } + if (is_uploaded_file($_FILES['errfile']['tmp_name'])) { $newcp['page']['errtext'] = base64_encode(file_get_contents($_FILES['errfile']['tmp_name'])); - if (is_uploaded_file($_FILES['logoutfile']['tmp_name'])) + } + if (is_uploaded_file($_FILES['logoutfile']['tmp_name'])) { $newcp['page']['logouttext'] = base64_encode(file_get_contents($_FILES['logoutfile']['tmp_name'])); + } write_config(); @@ -424,8 +457,9 @@ if ($_POST) { header("Location: services_captiveportal_zones.php"); exit; } else { - if (is_array($_POST['cinterface'])) + if (is_array($_POST['cinterface'])) { $pconfig['cinterface'] = implode(",", $_POST['cinterface']); + } } } $closehead = false; @@ -512,7 +546,8 @@ function enable_change(enable_change) { <?php if ($savemsg) print_info_box($savemsg); ?> <form action="services_captiveportal.php" method="post" enctype="multipart/form-data" name="iform" id="iform"> <table width="100%" border="0" cellpadding="0" cellspacing="0" summary="captive portal"> - <tr><td class="tabnavtbl"> + <tr> + <td class="tabnavtbl"> <?php $tab_array = array(); $tab_array[] = array(gettext("Captive portal(s)"), true, "services_captiveportal.php?zone={$cpzone}"); @@ -522,588 +557,691 @@ function enable_change(enable_change) { $tab_array[] = array(gettext("Vouchers"), false, "services_captiveportal_vouchers.php?zone={$cpzone}"); $tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php?zone={$cpzone}"); display_top_tabs($tab_array, true); -?> </td></tr> - <tr> - <td class="tabcont"> - <table width="100%" border="0" cellpadding="6" cellspacing="0" summary="main"> - <tr> - <td width="22%" valign="top" class="vtable"> </td> - <td width="78%" class="vtable"> - <input name="enable" type="checkbox" value="yes" <?php if ($pconfig['enable']) echo "checked=\"checked\""; ?> onclick="enable_change(false)" /> - <strong><?=gettext("Enable captive portal"); ?> </strong></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Interfaces"); ?></td> - <td width="78%" class="vtable"> - <select name="cinterface[]" multiple="multiple" size="<?php echo count($config['interfaces']); ?>" class="formselect" id="cinterface"> - <?php - $interfaces = get_configured_interface_with_descr(); - $cselected = explode(",", $pconfig['cinterface']); - foreach ($interfaces as $iface => $ifacename): ?> - <option value="<?=$iface;?>" <?php if (in_array($iface, $cselected)) echo "selected=\"selected\""; ?>> - <?=htmlspecialchars($ifacename);?> - </option> - <?php endforeach; ?> - </select> <br /> - <span class="vexpl"><?=gettext("Select the interface(s) to enable for captive portal."); ?></span></td> - </tr> - <tr> - <td valign="top" class="vncell"><?=gettext("Maximum concurrent connections"); ?></td> - <td class="vtable"> - <table cellpadding="0" cellspacing="0" summary="connections"> - <tr> - <td><input name="maxprocperip" type="text" class="formfld unknown" id="maxprocperip" size="5" value="<?=htmlspecialchars($pconfig['maxprocperip']);?>" /> <?=gettext("per client IP address (0 = no limit)"); ?></td> - </tr> - </table> -<?=gettext("This setting limits the number of concurrent connections to the captive portal HTTP(S) server. This does not set how many users can be logged in " . -"to the captive portal, but rather how many users can load the portal page or authenticate at the same time! " . -"Possible setting allowed is: minimum 4 connections per client IP address, with a total maximum of 100 connections."); ?></td> - </tr> - <tr> - <td valign="top" class="vncell"><?=gettext("Idle timeout"); ?></td> - <td class="vtable"> - <input name="idletimeout" type="text" class="formfld unknown" id="idletimeout" size="6" value="<?=htmlspecialchars($pconfig['idletimeout']);?>" /> -<?=gettext("minutes"); ?><br /> -<?=gettext("Clients will be disconnected after this amount of inactivity. They may log in again immediately, though. Leave this field blank for no idle timeout."); ?></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Hard timeout"); ?></td> - <td width="78%" class="vtable"> - <input name="timeout" type="text" class="formfld unknown" id="timeout" size="6" value="<?=htmlspecialchars($pconfig['timeout']);?>" /> - <?=gettext("minutes"); ?><br /> - <?=gettext("Clients will be disconnected after this amount of time, regardless of activity. They may log in again immediately, though. Leave this field blank for no hard timeout (not recommended unless an idle timeout is set)."); ?></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Pass-through credits allowed per MAC address"); ?></td> - <td width="78%" class="vtable"> - <input name="freelogins_count" type="text" class="formfld unknown" id="freelogins_count" size="6" value="<?=htmlspecialchars($pconfig['freelogins_count']);?>" /> - <?=gettext("per client MAC address (0 or blank = none)"); ?><br /> - <?=gettext("This setting allows passing through the captive portal without authentication a limited number of times per MAC address. Once used up, the client can only log in with valid credentials until the waiting period specified below has expired. Recommended to set a hard timeout and/or idle timeout when using this for it to be effective."); ?></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Waiting period to restore pass-through credits"); ?></td> - <td width="78%" class="vtable"> - <input name="freelogins_resettimeout" type="text" class="formfld unknown" id="freelogins_resettimeout" size="6" value="<?=htmlspecialchars($pconfig['freelogins_resettimeout']);?>" /> - <?=gettext("hours"); ?><br /> - <?=gettext("Clients will have their available pass-through credits restored to the original count after this amount of time since using the first one. This must be above 0 hours if pass-through credits are enabled."); ?></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Reset waiting period on attempted access"); ?></td> - <td width="78%" class="vtable"> - <input name="freelogins_updatetimeouts" type="checkbox" class="formfld" id="freelogins_updatetimeouts" value="yes" <?php if($pconfig['freelogins_updatetimeouts']) echo "checked=\"checked\""; ?> /> - <strong><?=gettext("Enable waiting period reset on attempted access"); ?></strong><br /> - <?=gettext("If enabled, the waiting period is reset to the original duration if access is attempted when all pass-through credits have already been exhausted."); ?></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Logout popup window"); ?></td> - <td width="78%" class="vtable"> - <input name="logoutwin_enable" type="checkbox" class="formfld" id="logoutwin_enable" value="yes" <?php if($pconfig['logoutwin_enable']) echo "checked=\"checked\""; ?> /> - <strong><?=gettext("Enable logout popup window"); ?></strong><br /> - <?=gettext("If enabled, a popup window will appear when clients are allowed through the captive portal. This allows clients to explicitly disconnect themselves before the idle or hard timeout occurs."); ?></td> - </tr> - <tr> - <td valign="top" class="vncell"><?=gettext("Pre-authentication redirect URL"); ?> </td> - <td class="vtable"> - <input name="preauthurl" type="text" class="formfld url" id="preauthurl" size="60" value="<?=htmlspecialchars($pconfig['preauthurl']);?>" /><br /> - <?php printf(gettext("Use this field to set \$PORTAL_REDIRURL\$ variable which can be accessed using your custom captive portal index.php page or error pages."));?> - </td> - </tr> - <tr> - <td valign="top" class="vncell"><?=gettext("After authentication Redirection URL"); ?></td> - <td class="vtable"> - <input name="redirurl" type="text" class="formfld url" id="redirurl" size="60" value="<?=htmlspecialchars($pconfig['redirurl']);?>" /> - <br /> -<?=gettext("If you provide a URL here, clients will be redirected to that URL instead of the one they initially tried " . -"to access after they've authenticated."); ?></td> - </tr> - <tr> - <td valign="top" class="vncell"><?=gettext("Blocked MAC address redirect URL"); ?> </td> - <td class="vtable"> - <input name="blockedmacsurl" type="text" class="formfld url" id="blockedmacsurl" size="60" value="<?=htmlspecialchars($pconfig['blockedmacsurl']);?>" /><br /> - <?php printf(gettext("If you provide a URL here, MAC addresses set to be blocked will be redirect to that URL when attempt to access anything."));?> +?> </td> </tr> <tr> - <td valign="top" class="vncell"><?=gettext("Concurrent user logins"); ?></td> - <td class="vtable"> - <input name="noconcurrentlogins" type="checkbox" class="formfld" id="noconcurrentlogins" value="yes" <?php if ($pconfig['noconcurrentlogins']) echo "checked=\"checked\""; ?> /> - <strong><?=gettext("Disable concurrent logins"); ?></strong><br /> - <?=gettext("If this option is set, only the most recent login per username will be active. Subsequent logins will cause machines previously logged in with the same username to be disconnected."); ?></td> - </tr> - <tr> - <td valign="top" class="vncell"><?=gettext("MAC filtering"); ?> </td> - <td class="vtable"> - <input name="nomacfilter" type="checkbox" class="formfld" id="nomacfilter" value="yes" <?php if ($pconfig['nomacfilter']) echo "checked=\"checked\""; ?> /> - <strong><?=gettext("Disable MAC filtering"); ?></strong><br /> - <?=gettext("If this option is set, no attempts will be made to ensure that the MAC address of clients stays the same while they're logged in." . - "This is required when the MAC address of the client cannot be determined (usually because there are routers between"); ?> <?php echo $g['product_name'] ?> <?=gettext("and the clients)."); ?> - <?=gettext("If this is enabled, RADIUS MAC authentication cannot be used."); ?></td> - </tr> - <tr> - <td valign="top" class="vncell"><?=gettext("Pass-through MAC Auto Entry"); ?></td> - <td class="vtable"> - <input name="passthrumacadd" type="checkbox" class="formfld" id="passthrumacadd" value="yes" <?php if ($pconfig['passthrumacadd']) echo "checked=\"checked\""; ?> /> - <strong><?=gettext("Enable Pass-through MAC automatic additions"); ?></strong><br /> - <?=gettext("If this option is set, a MAC passthrough entry is automatically added after the user has successfully authenticated. Users of that MAC address will never have to authenticate again."); ?> - <?=gettext("To remove the passthrough MAC entry you either have to log in and remove it manually from the"); ?> <a href="services_captiveportal_mac.php"><?=gettext("MAC tab"); ?></a> <?=gettext("or send a POST from another system to remove it."); ?> - <?=gettext("If this is enabled, RADIUS MAC authentication cannot be used. Also, the logout window will not be shown."); ?> - <br /><br /> - <input name="passthrumacaddusername" type="checkbox" class="formfld" id="passthrumacaddusername" value="yes" <?php if ($pconfig['passthrumacaddusername']) echo "checked=\"checked\""; ?> /> - <strong><?=gettext("Enable Pass-through MAC automatic addition with username"); ?></strong><br /> - <?=gettext("If this option is set, with the automatically MAC passthrough entry created the username, used during authentication, will be saved."); ?> - <?=gettext("To remove the passthrough MAC entry you either have to log in and remove it manually from the"); ?> <a href="services_captiveportal_mac.php"><?=gettext("MAC tab"); ?></a> <?=gettext("or send a POST from another system to remove it."); ?> - </td> - </tr> - <tr> - <td valign="top" class="vncell"><?=gettext("Per-user bandwidth restriction"); ?></td> - <td class="vtable"> - <input name="peruserbw" type="checkbox" class="formfld" id="peruserbw" value="yes" <?php if ($pconfig['peruserbw']) echo "checked=\"checked\""; ?> /> - <strong><?=gettext("Enable per-user bandwidth restriction"); ?></strong><br /><br /> - <table cellpadding="0" cellspacing="0" summary="bandwidth"> - <tr> - <td><?=gettext("Default download"); ?></td> - <td><input type="text" class="formfld unknown" name="bwdefaultdn" id="bwdefaultdn" size="10" value="<?=htmlspecialchars($pconfig['bwdefaultdn']);?>" /> <?=gettext("Kbit/s"); ?></td> - </tr> - <tr> - <td><?=gettext("Default upload"); ?></td> - <td><input type="text" class="formfld unknown" name="bwdefaultup" id="bwdefaultup" size="10" value="<?=htmlspecialchars($pconfig['bwdefaultup']);?>" /> <?=gettext("Kbit/s"); ?></td> - </tr></table> - <br /> - <?=gettext("If this option is set, the captive portal will restrict each user who logs in to the specified default bandwidth. RADIUS can override the default settings. Leave empty or set to 0 for no limit."); ?> </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Authentication"); ?></td> - <td width="78%" class="vtable"> - <table cellpadding="0" cellspacing="0" summary="authentication"> - <tr> - <td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="none" onclick="enable_change(false)" <?php if($pconfig['auth_method']!="local" && $pconfig['auth_method']!="radius") echo "checked=\"checked\""; ?> /> - <?=gettext("No Authentication"); ?></td> - </tr> - <tr> - <td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="local" onclick="enable_change(false)" <?php if($pconfig['auth_method']=="local") echo "checked=\"checked\""; ?> /> - <?=gettext("Local"); ?> <a href="system_usermanager.php"><?=gettext("User Manager"); ?></a> / <?=gettext("Vouchers"); ?></td> - </tr> - <tr> - <td> </td> - <td> </td> - </tr> - <tr> - <td> </td> - <td><input name="localauth_priv" type="checkbox" id="localauth_priv" value="yes" onclick="enable_change(false)" <?php if($pconfig['localauth_priv']=="yes") echo "checked=\"checked\""; ?> /> - <?=gettext("Allow only users/groups with 'Captive portal login' privilege set"); ?></td> - </tr><tr> - <td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="radius" onclick="enable_change(false)" <?php if($pconfig['auth_method']=="radius") echo "checked=\"checked\""; ?> /> - <?=gettext("RADIUS Authentication"); ?></td> - </tr><tr> - <td> </td> - <td> </td> - </tr> -<tr> - <td width="22%" valign="top" class="vncell"><?=gettext("RADIUS Protocol"); ?></td> - <td width="78%" class="vtable"> - <table cellpadding="0" cellspacing="0" summary="radius"> - <tr> - <td colspan="2"><input name="radius_protocol" type="radio" id="radius_protocol" value="PAP" onclick="enable_change(false)" <?php if($pconfig['auth_method']=="radius" && $pconfig['radius_protocol']!="CHAP_MD5" && $pconfig['radius_protocol']!="MSCHAPv1" && $pconfig['radius_protocol']!="MSCHAPv2") echo "checked=\"checked\""; ?> /> - <?=gettext("PAP"); ?></td> - </tr> - <tr> - <td colspan="2"><input name="radius_protocol" type="radio" id="radius_protocol" value="CHAP_MD5" onclick="enable_change(false)" <?php if($pconfig['auth_method']=="radius" && $pconfig['radius_protocol']=="CHAP_MD5") echo "checked=\"checked\""; ?> /> - <?=gettext("CHAP_MD5"); ?></td> - </tr> - <tr> - <td colspan="2"><input name="radius_protocol" type="radio" id="radius_protocol" value="MSCHAPv1" onclick="enable_change(false)" <?php if($pconfig['auth_method']=="radius" && $pconfig['radius_protocol']=="MSCHAPv1") echo "checked=\"checked\""; ?> /> - <?=gettext("MSCHAPv1"); ?></td> - </tr> - <tr> - <td colspan="2"><input name="radius_protocol" type="radio" id="radius_protocol" value="MSCHAPv2" onclick="enable_change(false)" <?php if($pconfig['auth_method']=="radius" && $pconfig['radius_protocol']=="MSCHAPv2") echo "checked=\"checked\""; ?> /> - <?=gettext("MSCHAPv2"); ?></td> - </tr><tr> - <td> </td> - <td> </td> - </tr> - </table> - </td> - </tr><tr> - <td> </td> - <td> </td> - </tr> - </table> - <table width="100%" border="0" cellpadding="6" cellspacing="0" summary="primary athentication"> - <tr> - <td colspan="2" valign="top" class="listtopic">Primary Authentication Source</td> - </tr> - <tr> - <td colspan="2" valign="top" class="optsect_t2"><?=gettext("Primary RADIUS server"); ?></td> - </tr> - <tr> - <td class="vncell" valign="top"><?=gettext("IP address"); ?></td> - <td class="vtable"><input name="radiusip" type="text" class="formfld unknown" id="radiusip" size="20" value="<?=htmlspecialchars($pconfig['radiusip']);?>" /><br /> - <?=gettext("Enter the IP address of the RADIUS server which users of the captive portal have to authenticate against."); ?></td> - </tr> - <tr> - <td class="vncell" valign="top"><?=gettext("Port"); ?></td> - <td class="vtable"><input name="radiusport" type="text" class="formfld unknown" id="radiusport" size="5" value="<?=htmlspecialchars($pconfig['radiusport']);?>" /><br /> - <?=gettext("Leave this field blank to use the default port (1812)."); ?></td> - </tr> - <tr> - <td class="vncell" valign="top"><?=gettext("Shared secret"); ?> </td> - <td class="vtable"><input name="radiuskey" type="text" class="formfld unknown" id="radiuskey" size="16" value="<?=htmlspecialchars($pconfig['radiuskey']);?>" /><br /> - <?=gettext("Leave this field blank to not use a RADIUS shared secret (not recommended)."); ?></td> - </tr> - <tr> - <td colspan="2" class="list" height="12"></td> - </tr> - <tr> - <td colspan="2" valign="top" class="optsect_t2"><?=gettext("Secondary RADIUS server"); ?></td> - </tr> - <tr> - <td class="vncell" valign="top"><?=gettext("IP address"); ?></td> - <td class="vtable"><input name="radiusip2" type="text" class="formfld unknown" id="radiusip2" size="20" value="<?=htmlspecialchars($pconfig['radiusip2']);?>" /><br /> - <?=gettext("If you have a second RADIUS server, you can activate it by entering its IP address here."); ?></td> - </tr> - <tr> - <td class="vncell" valign="top"><?=gettext("Port"); ?></td> - <td class="vtable"><input name="radiusport2" type="text" class="formfld unknown" id="radiusport2" size="5" value="<?=htmlspecialchars($pconfig['radiusport2']);?>" /></td> - </tr> - <tr> - <td class="vncell" valign="top"><?=gettext("Shared secret"); ?> </td> - <td class="vtable"><input name="radiuskey2" type="text" class="formfld unknown" id="radiuskey2" size="16" value="<?=htmlspecialchars($pconfig['radiuskey2']);?>" /></td> - </tr> - <tr> - <td colspan="2" class="list" height="12"></td> - </tr> - <tr> - <td colspan="2" valign="top" class="listtopic">Secondary Authentication Source</td> - </tr> - <tr> - <td colspan="2" valign="top" class="optsect_t2"><?=gettext("Primary RADIUS server"); ?></td> - </tr> - <tr> - <td class="vncell" valign="top"><?=gettext("IP address"); ?></td> - <td class="vtable"><input name="radiusip3" type="text" class="formfld unknown" id="radiusip3" size="20" value="<?=htmlspecialchars($pconfig['radiusip3']);?>" /><br /> - <?=gettext("If you have a third RADIUS server, you can activate it by entering its IP address here."); ?></td> - </tr> - <tr> - <td class="vncell" valign="top"><?=gettext("Port"); ?></td> - <td class="vtable"><input name="radiusport3" type="text" class="formfld unknown" id="radiusport3" size="5" value="<?=htmlspecialchars($pconfig['radiusport3']);?>" /></td> - </tr> - <tr> - <td class="vncell" valign="top"><?=gettext("Shared secret"); ?> </td> - <td class="vtable"><input name="radiuskey3" type="text" class="formfld unknown" id="radiuskey3" size="16" value="<?=htmlspecialchars($pconfig['radiuskey3']);?>" /></td> - </tr> - <tr> - <td colspan="2" class="list" height="12"></td> - </tr> - <tr> - <td colspan="2" valign="top" class="optsect_t2"><?=gettext("Secondary RADIUS server"); ?></td> - </tr> - <tr> - <td class="vncell" valign="top"><?=gettext("IP address"); ?></td> - <td class="vtable"><input name="radiusip4" type="text" class="formfld unknown" id="radiusip4" size="20" value="<?=htmlspecialchars($pconfig['radiusip4']);?>" /><br /> - <?=gettext("If you have a fourth RADIUS server, you can activate it by entering its IP address here."); ?></td> - </tr> - <tr> - <td class="vncell" valign="top"><?=gettext("Port"); ?></td> - <td class="vtable"><input name="radiusport4" type="text" class="formfld unknown" id="radiusport4" size="5" value="<?=htmlspecialchars($pconfig['radiusport4']);?>" /></td> - </tr> - <tr> - <td class="vncell" valign="top"><?=gettext("Shared secret"); ?> </td> - <td class="vtable"><input name="radiuskey4" type="text" class="formfld unknown" id="radiuskey4" size="16" value="<?=htmlspecialchars($pconfig['radiuskey4']);?>" /></td> - </tr> - <tr> - <td colspan="2" class="list" height="12"></td> - </tr> - <tr> - <td colspan="2" valign="top" class="listtopic"><?=gettext("Accounting"); ?></td> - </tr> - <tr> - <td class="vncell"> </td> - <td class="vtable"><input name="radacct_enable" type="checkbox" id="radacct_enable" value="yes" onclick="enable_change(false)" <?php if($pconfig['radacct_enable']) echo "checked=\"checked\""; ?> /> - <strong><?=gettext("send RADIUS accounting packets"); ?></strong><br /> - <?=gettext("If this is enabled, RADIUS accounting packets will be sent to the primary RADIUS server."); ?></td> - </tr> - <tr> - <td class="vncell" valign="top"><?=gettext("Accounting port"); ?></td> - <td class="vtable"><input name="radiusacctport" type="text" class="formfld unknown" id="radiusacctport" size="5" value="<?=htmlspecialchars($pconfig['radiusacctport']);?>" /><br /> - <?=gettext("Leave blank to use the default port (1813)."); ?></td> - </tr> - <tr> - <td colspan="2" class="list" height="12"></td> - </tr> - <tr> - <td class="vncell" valign="top"><?=gettext("Accounting updates"); ?></td> - <td class="vtable"> - <input name="reauthenticateacct" type="radio" value="" <?php if(!$pconfig['reauthenticateacct']) echo "checked=\"checked\""; ?> /> <?=gettext("no accounting updates"); ?><br /> - <input name="reauthenticateacct" type="radio" value="stopstart" <?php if($pconfig['reauthenticateacct'] == "stopstart") echo "checked=\"checked\""; ?> /> <?=gettext("stop/start accounting"); ?><br /> - <input name="reauthenticateacct" type="radio" value="interimupdate" <?php if($pconfig['reauthenticateacct'] == "interimupdate") echo "checked=\"checked\""; ?> /> <?=gettext("interim update"); ?> - </td> - </tr> - <tr> - <td colspan="2" class="list" height="12"></td> - </tr> - <tr> - <td colspan="2" valign="top" class="listtopic"><?=gettext("RADIUS options"); ?></td> - </tr> - <tr> - <td class="vncell"><?=gettext("Reauthentication"); ?></td> - <td class="vtable"><input name="reauthenticate" type="checkbox" id="reauthenticate" value="yes" onclick="enable_change(false)" <?php if($pconfig['reauthenticate']) echo "checked=\"checked\""; ?> /> - <strong><?=gettext("Reauthenticate connected users every minute"); ?></strong><br /> - <?=gettext("If reauthentication is enabled, Access-Requests will be sent to the RADIUS server for each user that is " . - "logged in every minute. If an Access-Reject is received for a user, that user is disconnected from the captive portal immediately."); ?></td> - </tr> - <tr> - <td class=""><?=gettext("RADIUS MAC authentication"); ?></td> - <td class=""> - <input name="radmac_enable" type="checkbox" id="radmac_enable" value="yes" onclick="enable_change(false)" <?php if ($pconfig['radmac_enable']) echo "checked=\"checked\""; ?> /><strong><?=gettext("Enable RADIUS MAC authentication"); ?></strong><br /> - <?=gettext("If this option is enabled, the captive portal will try to authenticate users by sending their MAC address as the username and the password " . - "entered below to the RADIUS server."); ?></td> - </tr> - <tr> - <td class="vncell"><?=gettext("MAC authentication secret"); ?></td> - <td class="vtable"><input name="radmac_secret" type="text" class="formfld unknown" id="radmac_secret" size="16" value="<?=htmlspecialchars($pconfig['radmac_secret']);?>" /></td> - </tr> - <tr> - <td class="vncell" valign="top"><?=gettext("RADIUS NAS IP attribute"); ?></td> - <td class="vtable"> - <select name="radiussrcip_attribute" id="radiussrcip_attribute"> - <?php $iflist = get_configured_interface_with_descr(); - foreach ($iflist as $ifdesc => $ifdescr) { - $ipaddr = get_interface_ip($ifdesc); - if (is_ipaddr($ipaddr)) { - $selected = ""; - if ($ifdesc == $pconfig['radiussrcip_attribute']) - $selected= "selected=\"selected\""; - echo "<option value='{$ifdesc}' {$selected}>{$ifdescr} - {$ipaddr}</option>\n"; - } - } - if (is_array($config['virtualip']['vip'])) { - foreach ($config['virtualip']['vip'] as $sn) { - if ($sn['mode'] == "proxyarp" && $sn['type'] == "network") { - $start = ip2long32(gen_subnet($sn['subnet'], $sn['subnet_bits'])); - $end = ip2long32(gen_subnet_max($sn['subnet'], $sn['subnet_bits'])); - $len = $end - $start; - - for ($i = 0; $i <= $len; $i++) { - $snip = long2ip32($start+$i); - echo "<option value='{$snip}' {$selected}>" . htmlspecialchars("{$sn['descr']} - {$snip}") . "></option>\n"; - } - } else - echo "<option value='{$sn['subnet']}' {$selected}>" . htmlspecialchars("{$sn['descr']} - {$sn['subnet']}") . "></option>\n"; - } - } - ?> - </select><br /> - <?=gettext("Choose the IP to use for calling station attribute."); ?> - </td> - </tr> - - <tr> - <td class="vncell" valign="top"><?=gettext("Session-Timeout"); ?></td> - <td class="vtable"><input name="radiussession_timeout" type="checkbox" id="radiussession_timeout" value="yes" <?php if ($pconfig['radiussession_timeout']) echo "checked=\"checked\""; ?> /><strong><?=gettext("Use RADIUS Session-Timeout attributes"); ?></strong><br /> - <?=gettext("When this is enabled, clients will be disconnected after the amount of time retrieved from the RADIUS Session-Timeout attribute."); ?></td> - </tr> - - <tr> - <td class="vncell" valign="top"><?=gettext("Type"); ?></td> - <td class="vtable"><select name="radiusvendor" id="radiusvendor"> - <option value="default"><?php echo gettext("default"); ?></option> - <?php - $radiusvendors = array("cisco"); - foreach ($radiusvendors as $radiusvendor){ - if ($pconfig['radiusvendor'] == $radiusvendor) - echo "<option selected=\"selected\" value=\"$radiusvendor\">$radiusvendor</option>\n"; - else - echo "<option value=\"$radiusvendor\">$radiusvendor</option>\n"; - } - ?></select><br /> - <?php printf(gettext("If RADIUS type is set to Cisco, in Access-Requests the value of Calling-Station-Id will be set to the client's IP address and " . - "the Called-Station-Id to the client's MAC address. Default behavior is Calling-Station-Id = client's MAC address and Called-Station-Id = %s's WAN IP address."), - $g['product_name']);?></td> - </tr> - - <tr> - <td class="vncell" valign="top"><?=gettext("Accounting Style"); ?></td> - <td class="vtable"><input name="reverseacct" type="checkbox" id="reverseacct" value="yes" <?php if ($pconfig['reverseacct']) echo "checked=\"checked\""; ?> /><strong><?=gettext("Invert Acct-Input-Octets and Acct-Output-Octets"); ?></strong><br /> - <?=gettext("When this is enabled, data counts for RADIUS accounting packets will be taken from the client perspective, not the NAS. Acct-Input-Octets will represent download, and Acct-Output-Octets will represent upload."); ?></td> - </tr> + <td class="tabcont"> + <table width="100%" border="0" cellpadding="6" cellspacing="0" summary="main"> + <tr> + <td width="22%" valign="top" class="vtable"> </td> + <td width="78%" class="vtable"> + <input name="enable" type="checkbox" value="yes" <?php if ($pconfig['enable']) echo "checked=\"checked\""; ?> onclick="enable_change(false)" /> + <strong><?=gettext("Enable captive portal"); ?> </strong> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Interfaces"); ?></td> + <td width="78%" class="vtable"> + <select name="cinterface[]" multiple="multiple" size="<?php echo count($config['interfaces']); ?>" class="formselect" id="cinterface"> + <?php + $interfaces = get_configured_interface_with_descr(); + $cselected = explode(",", $pconfig['cinterface']); + foreach ($interfaces as $iface => $ifacename): ?> + <option value="<?=$iface;?>" <?php if (in_array($iface, $cselected)) echo "selected=\"selected\""; ?>> + <?=htmlspecialchars($ifacename);?> + </option> + <?php + endforeach; + ?> + </select> + <br /> + <span class="vexpl"> + <?=gettext("Select the interface(s) to enable for captive portal."); ?> + </span> + </td> + </tr> + <tr> + <td valign="top" class="vncell"><?=gettext("Maximum concurrent connections"); ?></td> + <td class="vtable"> + <table cellpadding="0" cellspacing="0" summary="connections"> + <tr> + <td> + <input name="maxprocperip" type="text" class="formfld unknown" id="maxprocperip" size="5" value="<?=htmlspecialchars($pconfig['maxprocperip']);?>" /> <?=gettext("per client IP address (0 = no limit)"); ?> + </td> + </tr> + </table> + <?=gettext("This setting limits the number of concurrent connections to the captive portal HTTP(S) server. This does not set how many users can be logged in " . + "to the captive portal, but rather how many users can load the portal page or authenticate at the same time! " . + "Possible setting allowed is: minimum 4 connections per client IP address, with a total maximum of 100 connections."); ?> + </td> + </tr> + <tr> + <td valign="top" class="vncell"><?=gettext("Idle timeout"); ?></td> + <td class="vtable"> + <input name="idletimeout" type="text" class="formfld unknown" id="idletimeout" size="6" value="<?=htmlspecialchars($pconfig['idletimeout']);?>" /> + <?=gettext("minutes"); ?><br /> + <?=gettext("Clients will be disconnected after this amount of inactivity. They may log in again immediately, though. Leave this field blank for no idle timeout."); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Hard timeout"); ?></td> + <td width="78%" class="vtable"> + <input name="timeout" type="text" class="formfld unknown" id="timeout" size="6" value="<?=htmlspecialchars($pconfig['timeout']);?>" /> + <?=gettext("minutes"); ?><br /> + <?=gettext("Clients will be disconnected after this amount of time, regardless of activity. They may log in again immediately, though. Leave this field blank for no hard timeout (not recommended unless an idle timeout is set)."); ?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Pass-through credits allowed per MAC address"); ?></td> + <td width="78%" class="vtable"> + <input name="freelogins_count" type="text" class="formfld unknown" id="freelogins_count" size="6" value="<?=htmlspecialchars($pconfig['freelogins_count']);?>" /> + <?=gettext("per client MAC address (0 or blank = none)"); ?><br /> + <?=gettext("This setting allows passing through the captive portal without authentication a limited number of times per MAC address. Once used up, the client can only log in with valid credentials until the waiting period specified below has expired. Recommended to set a hard timeout and/or idle timeout when using this for it to be effective."); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Waiting period to restore pass-through credits"); ?></td> + <td width="78%" class="vtable"> + <input name="freelogins_resettimeout" type="text" class="formfld unknown" id="freelogins_resettimeout" size="6" value="<?=htmlspecialchars($pconfig['freelogins_resettimeout']);?>" /> + <?=gettext("hours"); ?><br /> + <?=gettext("Clients will have their available pass-through credits restored to the original count after this amount of time since using the first one. This must be above 0 hours if pass-through credits are enabled."); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Reset waiting period on attempted access"); ?></td> + <td width="78%" class="vtable"> + <input name="freelogins_updatetimeouts" type="checkbox" class="formfld" id="freelogins_updatetimeouts" value="yes" <?php if ($pconfig['freelogins_updatetimeouts']) echo "checked=\"checked\""; ?> /> + <strong><?=gettext("Enable waiting period reset on attempted access"); ?></strong><br /> + <?=gettext("If enabled, the waiting period is reset to the original duration if access is attempted when all pass-through credits have already been exhausted."); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Logout popup window"); ?></td> + <td width="78%" class="vtable"> + <input name="logoutwin_enable" type="checkbox" class="formfld" id="logoutwin_enable" value="yes" <?php if ($pconfig['logoutwin_enable']) echo "checked=\"checked\""; ?> /> + <strong><?=gettext("Enable logout popup window"); ?></strong><br /> + <?=gettext("If enabled, a popup window will appear when clients are allowed through the captive portal. This allows clients to explicitly disconnect themselves before the idle or hard timeout occurs."); ?> + </td> + </tr> + <tr> + <td valign="top" class="vncell"><?=gettext("Pre-authentication redirect URL"); ?> </td> + <td class="vtable"> + <input name="preauthurl" type="text" class="formfld url" id="preauthurl" size="60" value="<?=htmlspecialchars($pconfig['preauthurl']);?>" /><br /> + <?php printf(gettext("Use this field to set \$PORTAL_REDIRURL\$ variable which can be accessed using your custom captive portal index.php page or error pages."));?> + </td> + </tr> + <tr> + <td valign="top" class="vncell"><?=gettext("After authentication Redirection URL"); ?></td> + <td class="vtable"> + <input name="redirurl" type="text" class="formfld url" id="redirurl" size="60" value="<?=htmlspecialchars($pconfig['redirurl']);?>" /> + <br /> + <?=gettext("If you provide a URL here, clients will be redirected to that URL instead of the one they initially tried to access after they've authenticated."); ?> + </td> + </tr> + <tr> + <td valign="top" class="vncell"><?=gettext("Blocked MAC address redirect URL"); ?> </td> + <td class="vtable"> + <input name="blockedmacsurl" type="text" class="formfld url" id="blockedmacsurl" size="60" value="<?=htmlspecialchars($pconfig['blockedmacsurl']);?>" /><br /> + <?php printf(gettext("If you provide a URL here, MAC addresses set to be blocked will be redirect to that URL when attempt to access anything."));?> + </td> + </tr> + <tr> + <td valign="top" class="vncell"><?=gettext("Concurrent user logins"); ?></td> + <td class="vtable"> + <input name="noconcurrentlogins" type="checkbox" class="formfld" id="noconcurrentlogins" value="yes" <?php if ($pconfig['noconcurrentlogins']) echo "checked=\"checked\""; ?> /> + <strong><?=gettext("Disable concurrent logins"); ?></strong><br /> + <?=gettext("If this option is set, only the most recent login per username will be active. Subsequent logins will cause machines previously logged in with the same username to be disconnected."); ?> + </td> + </tr> + <tr> + <td valign="top" class="vncell"><?=gettext("MAC filtering"); ?> </td> + <td class="vtable"> + <input name="nomacfilter" type="checkbox" class="formfld" id="nomacfilter" value="yes" <?php if ($pconfig['nomacfilter']) echo "checked=\"checked\""; ?> /> + <strong><?=gettext("Disable MAC filtering"); ?></strong><br /> + <?=gettext("If this option is set, no attempts will be made to ensure that the MAC address of clients stays the same while they're logged in." . + "This is required when the MAC address of the client cannot be determined (usually because there are routers between"); ?> <?php echo $g['product_name'] ?> <?=gettext("and the clients)."); ?> + <?=gettext("If this is enabled, RADIUS MAC authentication cannot be used."); ?> + </td> + </tr> + <tr> + <td valign="top" class="vncell"><?=gettext("Pass-through MAC Auto Entry"); ?></td> + <td class="vtable"> + <input name="passthrumacadd" type="checkbox" class="formfld" id="passthrumacadd" value="yes" <?php if ($pconfig['passthrumacadd']) echo "checked=\"checked\""; ?> /> + <strong><?=gettext("Enable Pass-through MAC automatic additions"); ?></strong><br /> + <?=gettext("If this option is set, a MAC passthrough entry is automatically added after the user has successfully authenticated. Users of that MAC address will never have to authenticate again."); ?> + <?=gettext("To remove the passthrough MAC entry you either have to log in and remove it manually from the"); ?> <a href="services_captiveportal_mac.php"><?=gettext("MAC tab"); ?></a> <?=gettext("or send a POST from another system to remove it."); ?> + <?=gettext("If this is enabled, RADIUS MAC authentication cannot be used. Also, the logout window will not be shown."); ?> + <br /><br /> + <input name="passthrumacaddusername" type="checkbox" class="formfld" id="passthrumacaddusername" value="yes" <?php if ($pconfig['passthrumacaddusername']) echo "checked=\"checked\""; ?> /> + <strong><?=gettext("Enable Pass-through MAC automatic addition with username"); ?></strong><br /> + <?=gettext("If this option is set, with the automatically MAC passthrough entry created the username, used during authentication, will be saved."); ?> + <?=gettext("To remove the passthrough MAC entry you either have to log in and remove it manually from the"); ?> <a href="services_captiveportal_mac.php"><?=gettext("MAC tab"); ?></a> <?=gettext("or send a POST from another system to remove it."); ?> + </td> + </tr> + <tr> + <td valign="top" class="vncell"><?=gettext("Per-user bandwidth restriction"); ?></td> + <td class="vtable"> + <input name="peruserbw" type="checkbox" class="formfld" id="peruserbw" value="yes" <?php if ($pconfig['peruserbw']) echo "checked=\"checked\""; ?> /> + <strong><?=gettext("Enable per-user bandwidth restriction"); ?></strong><br /><br /> + <table cellpadding="0" cellspacing="0" summary="bandwidth"> + <tr> + <td><?=gettext("Default download"); ?></td> + <td> + <input type="text" class="formfld unknown" name="bwdefaultdn" id="bwdefaultdn" size="10" value="<?=htmlspecialchars($pconfig['bwdefaultdn']);?>" /> <?=gettext("Kbit/s"); ?> + </td> + </tr> + <tr> + <td><?=gettext("Default upload"); ?></td> + <td> + <input type="text" class="formfld unknown" name="bwdefaultup" id="bwdefaultup" size="10" value="<?=htmlspecialchars($pconfig['bwdefaultup']);?>" /> <?=gettext("Kbit/s"); ?> + </td> + </tr> + </table> + <br /> + <?=gettext("If this option is set, the captive portal will restrict each user who logs in to the specified default bandwidth. RADIUS can override the default settings. Leave empty or set to 0 for no limit."); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Authentication"); ?></td> + <td width="78%" class="vtable"> + <table cellpadding="0" cellspacing="0" summary="authentication"> + <tr> + <td colspan="2"> + <input name="auth_method" type="radio" id="auth_method" value="none" onclick="enable_change(false)" <?php if ($pconfig['auth_method'] != "local" && $pconfig['auth_method'] != "radius") echo "checked=\"checked\""; ?> /> + <?=gettext("No Authentication"); ?> + </td> + </tr> + <tr> + <td colspan="2"> + <input name="auth_method" type="radio" id="auth_method" value="local" onclick="enable_change(false)" <?php if ($pconfig['auth_method'] == "local") echo "checked=\"checked\""; ?> /> + <?=gettext("Local"); ?> <a href="system_usermanager.php"><?=gettext("User Manager"); ?></a> / <?=gettext("Vouchers"); ?> + </td> + </tr> + <tr> + <td> </td> + <td> </td> + </tr> + <tr> + <td> </td> + <td> + <input name="localauth_priv" type="checkbox" id="localauth_priv" value="yes" onclick="enable_change(false)" <?php if ($pconfig['localauth_priv'] == "yes") echo "checked=\"checked\""; ?> /> + <?=gettext("Allow only users/groups with 'Captive portal login' privilege set"); ?> + </td> + </tr> + <tr> + <td colspan="2"> + <input name="auth_method" type="radio" id="auth_method" value="radius" onclick="enable_change(false)" <?php if ($pconfig['auth_method'] == "radius") echo "checked=\"checked\""; ?> /> + <?=gettext("RADIUS Authentication"); ?> + </td> + </tr> + <tr> + <td> </td> + <td> </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("RADIUS Protocol"); ?></td> + <td width="78%" class="vtable"> + <table cellpadding="0" cellspacing="0" summary="radius"> + <tr> + <td colspan="2"> + <input name="radius_protocol" type="radio" id="radius_protocol" value="PAP" onclick="enable_change(false)" <?php if ($pconfig['auth_method'] == "radius" && $pconfig['radius_protocol'] != "CHAP_MD5" && $pconfig['radius_protocol'] != "MSCHAPv1" && $pconfig['radius_protocol'] != "MSCHAPv2") echo "checked=\"checked\""; ?> /> + <?=gettext("PAP"); ?> + </td> + </tr> + <tr> + <td colspan="2"> + <input name="radius_protocol" type="radio" id="radius_protocol" value="CHAP_MD5" onclick="enable_change(false)" <?php if ($pconfig['auth_method'] == "radius" && $pconfig['radius_protocol'] == "CHAP_MD5") echo "checked=\"checked\""; ?> /> + <?=gettext("CHAP_MD5"); ?> + </td> + </tr> + <tr> + <td colspan="2"> + <input name="radius_protocol" type="radio" id="radius_protocol" value="MSCHAPv1" onclick="enable_change(false)" <?php if ($pconfig['auth_method'] == "radius" && $pconfig['radius_protocol'] == "MSCHAPv1") echo "checked=\"checked\""; ?> /> + <?=gettext("MSCHAPv1"); ?> + </td> + </tr> + <tr> + <td colspan="2"> + <input name="radius_protocol" type="radio" id="radius_protocol" value="MSCHAPv2" onclick="enable_change(false)" <?php if ($pconfig['auth_method'] == "radius" && $pconfig['radius_protocol'] == "MSCHAPv2") echo "checked=\"checked\""; ?> /> + <?=gettext("MSCHAPv2"); ?> + </td> + </tr> + <tr> + <td> </td> + <td> </td> + </tr> + </table> + </td> + </tr> + <tr> + <td> </td> + <td> </td> + </tr> + </table> + <table width="100%" border="0" cellpadding="6" cellspacing="0" summary="primary athentication"> + <tr> + <td colspan="2" valign="top" class="listtopic">Primary Authentication Source</td> + </tr> + <tr> + <td colspan="2" valign="top" class="optsect_t2"><?=gettext("Primary RADIUS server"); ?></td> + </tr> + <tr> + <td class="vncell" valign="top"><?=gettext("IP address"); ?></td> + <td class="vtable"> + <input name="radiusip" type="text" class="formfld unknown" id="radiusip" size="20" value="<?=htmlspecialchars($pconfig['radiusip']);?>" /><br /> + <?=gettext("Enter the IP address of the RADIUS server which users of the captive portal have to authenticate against."); ?> + </td> + </tr> + <tr> + <td class="vncell" valign="top"><?=gettext("Port"); ?></td> + <td class="vtable"> + <input name="radiusport" type="text" class="formfld unknown" id="radiusport" size="5" value="<?=htmlspecialchars($pconfig['radiusport']);?>" /><br /> + <?=gettext("Leave this field blank to use the default port (1812)."); ?> + </td> + </tr> + <tr> + <td class="vncell" valign="top"><?=gettext("Shared secret"); ?> </td> + <td class="vtable"> + <input name="radiuskey" type="text" class="formfld unknown" id="radiuskey" size="16" value="<?=htmlspecialchars($pconfig['radiuskey']);?>" /><br /> + <?=gettext("Leave this field blank to not use a RADIUS shared secret (not recommended)."); ?> + </td> + </tr> + <tr> + <td colspan="2" class="list" height="12"></td> + </tr> + <tr> + <td colspan="2" valign="top" class="optsect_t2"><?=gettext("Secondary RADIUS server"); ?></td> + </tr> + <tr> + <td class="vncell" valign="top"><?=gettext("IP address"); ?></td> + <td class="vtable"> + <input name="radiusip2" type="text" class="formfld unknown" id="radiusip2" size="20" value="<?=htmlspecialchars($pconfig['radiusip2']);?>" /><br /> + <?=gettext("If you have a second RADIUS server, you can activate it by entering its IP address here."); ?> + </td> + </tr> + <tr> + <td class="vncell" valign="top"><?=gettext("Port"); ?></td> + <td class="vtable"> + <input name="radiusport2" type="text" class="formfld unknown" id="radiusport2" size="5" value="<?=htmlspecialchars($pconfig['radiusport2']);?>" /> + </td> + </tr> + <tr> + <td class="vncell" valign="top"><?=gettext("Shared secret"); ?> </td> + <td class="vtable"> + <input name="radiuskey2" type="text" class="formfld unknown" id="radiuskey2" size="16" value="<?=htmlspecialchars($pconfig['radiuskey2']);?>" /> + </td> + </tr> + <tr> + <td colspan="2" class="list" height="12"></td> + </tr> + <tr> + <td colspan="2" valign="top" class="listtopic">Secondary Authentication Source</td> + </tr> + <tr> + <td colspan="2" valign="top" class="optsect_t2"><?=gettext("Primary RADIUS server"); ?></td> + </tr> + <tr> + <td class="vncell" valign="top"><?=gettext("IP address"); ?></td> + <td class="vtable"> + <input name="radiusip3" type="text" class="formfld unknown" id="radiusip3" size="20" value="<?=htmlspecialchars($pconfig['radiusip3']);?>" /><br /> + <?=gettext("If you have a third RADIUS server, you can activate it by entering its IP address here."); ?> + </td> + </tr> + <tr> + <td class="vncell" valign="top"><?=gettext("Port"); ?></td> + <td class="vtable"> + <input name="radiusport3" type="text" class="formfld unknown" id="radiusport3" size="5" value="<?=htmlspecialchars($pconfig['radiusport3']);?>" /> + </td> + </tr> + <tr> + <td class="vncell" valign="top"><?=gettext("Shared secret"); ?> </td> + <td class="vtable"> + <input name="radiuskey3" type="text" class="formfld unknown" id="radiuskey3" size="16" value="<?=htmlspecialchars($pconfig['radiuskey3']);?>" /> + </td> + </tr> + <tr> + <td colspan="2" class="list" height="12"></td> + </tr> + <tr> + <td colspan="2" valign="top" class="optsect_t2"><?=gettext("Secondary RADIUS server"); ?></td> + </tr> + <tr> + <td class="vncell" valign="top"><?=gettext("IP address"); ?></td> + <td class="vtable"> + <input name="radiusip4" type="text" class="formfld unknown" id="radiusip4" size="20" value="<?=htmlspecialchars($pconfig['radiusip4']);?>" /><br /> + <?=gettext("If you have a fourth RADIUS server, you can activate it by entering its IP address here."); ?> + </td> + </tr> + <tr> + <td class="vncell" valign="top"><?=gettext("Port"); ?></td> + <td class="vtable"> + <input name="radiusport4" type="text" class="formfld unknown" id="radiusport4" size="5" value="<?=htmlspecialchars($pconfig['radiusport4']);?>" /> + </td> + </tr> + <tr> + <td class="vncell" valign="top"><?=gettext("Shared secret"); ?> </td> + <td class="vtable"> + <input name="radiuskey4" type="text" class="formfld unknown" id="radiuskey4" size="16" value="<?=htmlspecialchars($pconfig['radiuskey4']);?>" /> + </td> + </tr> + <tr> + <td colspan="2" class="list" height="12"></td> + </tr> + <tr> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Accounting"); ?></td> + </tr> + <tr> + <td class="vncell"> </td> + <td class="vtable"> + <input name="radacct_enable" type="checkbox" id="radacct_enable" value="yes" onclick="enable_change(false)" <?php if ($pconfig['radacct_enable']) echo "checked=\"checked\""; ?> /> + <strong><?=gettext("send RADIUS accounting packets"); ?></strong><br /> + <?=gettext("If this is enabled, RADIUS accounting packets will be sent to the primary RADIUS server."); ?> + </td> + </tr> + <tr> + <td class="vncell" valign="top"><?=gettext("Accounting port"); ?></td> + <td class="vtable"> + <input name="radiusacctport" type="text" class="formfld unknown" id="radiusacctport" size="5" value="<?=htmlspecialchars($pconfig['radiusacctport']);?>" /><br /> + <?=gettext("Leave blank to use the default port (1813)."); ?> + </td> + </tr> + <tr> + <td colspan="2" class="list" height="12"></td> + </tr> + <tr> + <td class="vncell" valign="top"><?=gettext("Accounting updates"); ?></td> + <td class="vtable"> + <input name="reauthenticateacct" type="radio" value="" <?php if (!$pconfig['reauthenticateacct']) echo "checked=\"checked\""; ?> /> <?=gettext("no accounting updates"); ?><br /> + <input name="reauthenticateacct" type="radio" value="stopstart" <?php if ($pconfig['reauthenticateacct'] == "stopstart") echo "checked=\"checked\""; ?> /> <?=gettext("stop/start accounting"); ?><br /> + <input name="reauthenticateacct" type="radio" value="interimupdate" <?php if ($pconfig['reauthenticateacct'] == "interimupdate") echo "checked=\"checked\""; ?> /> <?=gettext("interim update"); ?> + </td> + </tr> + <tr> + <td colspan="2" class="list" height="12"></td> + </tr> + <tr> + <td colspan="2" valign="top" class="listtopic"><?=gettext("RADIUS options"); ?></td> + </tr> + <tr> + <td class="vncell"><?=gettext("Reauthentication"); ?></td> + <td class="vtable"> + <input name="reauthenticate" type="checkbox" id="reauthenticate" value="yes" onclick="enable_change(false)" <?php if ($pconfig['reauthenticate']) echo "checked=\"checked\""; ?> /> + <strong><?=gettext("Reauthenticate connected users every minute"); ?></strong><br /> + <?=gettext("If reauthentication is enabled, Access-Requests will be sent to the RADIUS server for each user that is " . + "logged in every minute. If an Access-Reject is received for a user, that user is disconnected from the captive portal immediately."); ?> + </td> + </tr> + <tr> + <td class=""><?=gettext("RADIUS MAC authentication"); ?></td> + <td class=""> + <input name="radmac_enable" type="checkbox" id="radmac_enable" value="yes" onclick="enable_change(false)" <?php if ($pconfig['radmac_enable']) echo "checked=\"checked\""; ?> /><strong><?=gettext("Enable RADIUS MAC authentication"); ?></strong><br /> + <?=gettext("If this option is enabled, the captive portal will try to authenticate users by sending their MAC address as the username and the password " . + "entered below to the RADIUS server."); ?> + </td> + </tr> + <tr> + <td class="vncell"><?=gettext("MAC authentication secret"); ?></td> + <td class="vtable"> + <input name="radmac_secret" type="text" class="formfld unknown" id="radmac_secret" size="16" value="<?=htmlspecialchars($pconfig['radmac_secret']);?>" /> + </td> + </tr> + <tr> + <td class="vncell" valign="top"><?=gettext("RADIUS NAS IP attribute"); ?></td> + <td class="vtable"> + <select name="radiussrcip_attribute" id="radiussrcip_attribute"> + <?php + $iflist = get_configured_interface_with_descr(); + foreach ($iflist as $ifdesc => $ifdescr) { + $ipaddr = get_interface_ip($ifdesc); + if (is_ipaddr($ipaddr)) { + $selected = ""; + if ($ifdesc == $pconfig['radiussrcip_attribute']) { + $selected= "selected=\"selected\""; + } + echo "<option value='{$ifdesc}' {$selected}>{$ifdescr} - {$ipaddr}</option>\n"; + } + } + if (is_array($config['virtualip']['vip'])) { + foreach ($config['virtualip']['vip'] as $sn) { + if ($sn['mode'] == "proxyarp" && $sn['type'] == "network") { + $start = ip2long32(gen_subnet($sn['subnet'], $sn['subnet_bits'])); + $end = ip2long32(gen_subnet_max($sn['subnet'], $sn['subnet_bits'])); + $len = $end - $start; - <tr> - <td class="vncell" valign="top"><?=gettext("NAS Identifier"); ?></td> - <td class="vtable"><input name="radiusnasid" type="text" maxlength="253" class="formfld unknown" id="radiusnasid" value="<?=htmlspecialchars($pconfig['radiusnasid']);?>" /><br /> - <?=gettext("Specify a NAS identifier to override the default value") . " (" . php_uname("n") . ")"; ?></td> - </tr> - <tr> - <td class="vncell" valign="top"><?=gettext("MAC address format"); ?></td> - <td class="vtable"> - <select name="radmac_format" id="radmac_format"> - <option value="default"><?php echo gettext("default"); ?></option> + for ($i = 0; $i <= $len; $i++) { + $snip = long2ip32($start+$i); + echo "<option value='{$snip}' {$selected}>" . htmlspecialchars("{$sn['descr']} - {$snip}") . "></option>\n"; + } + } else { + echo "<option value='{$sn['subnet']}' {$selected}>" . htmlspecialchars("{$sn['descr']} - {$sn['subnet']}") . "></option>\n"; + } + } + } + ?> + </select><br /> + <?=gettext("Choose the IP to use for calling station attribute."); ?> + </td> + </tr> + <tr> + <td class="vncell" valign="top"><?=gettext("Session-Timeout"); ?></td> + <td class="vtable"> + <input name="radiussession_timeout" type="checkbox" id="radiussession_timeout" value="yes" <?php if ($pconfig['radiussession_timeout']) echo "checked=\"checked\""; ?> /><strong><?=gettext("Use RADIUS Session-Timeout attributes"); ?></strong><br /> + <?=gettext("When this is enabled, clients will be disconnected after the amount of time retrieved from the RADIUS Session-Timeout attribute."); ?> + </td> + </tr> + <tr> + <td class="vncell" valign="top"><?=gettext("Type"); ?></td> + <td class="vtable"> + <select name="radiusvendor" id="radiusvendor"> + <option value="default"><?php echo gettext("default"); ?></option> + <?php + $radiusvendors = array("cisco"); + foreach ($radiusvendors as $radiusvendor) { + if ($pconfig['radiusvendor'] == $radiusvendor) { + echo "<option selected=\"selected\" value=\"$radiusvendor\">$radiusvendor</option>\n"; + } else { + echo "<option value=\"$radiusvendor\">$radiusvendor</option>\n"; + } + } + ?> + </select><br /> + <?php printf(gettext("If RADIUS type is set to Cisco, in Access-Requests the value of Calling-Station-Id will be set to the client's IP address and " . + "the Called-Station-Id to the client's MAC address. Default behavior is Calling-Station-Id = client's MAC address and Called-Station-Id = %s's WAN IP address."), + $g['product_name']);?> + </td> + </tr> + <tr> + <td class="vncell" valign="top"><?=gettext("Accounting Style"); ?></td> + <td class="vtable"> + <input name="reverseacct" type="checkbox" id="reverseacct" value="yes" <?php if ($pconfig['reverseacct']) echo "checked=\"checked\""; ?> /><strong><?=gettext("Invert Acct-Input-Octets and Acct-Output-Octets"); ?></strong><br /> + <?=gettext("When this is enabled, data counts for RADIUS accounting packets will be taken from the client perspective, not the NAS. Acct-Input-Octets will represent download, and Acct-Output-Octets will represent upload."); ?> + </td> + </tr> + <tr> + <td class="vncell" valign="top"><?=gettext("NAS Identifier"); ?></td> + <td class="vtable"> + <input name="radiusnasid" type="text" maxlength="253" class="formfld unknown" id="radiusnasid" value="<?=htmlspecialchars($pconfig['radiusnasid']);?>" /><br /> + <?=gettext("Specify a NAS identifier to override the default value") . " (" . php_uname("n") . ")"; ?> + </td> + </tr> + <tr> + <td class="vncell" valign="top"><?=gettext("MAC address format"); ?></td> + <td class="vtable"> + <select name="radmac_format" id="radmac_format"> + <option value="default"><?php echo gettext("default"); ?></option> + <?php + $macformats = array("singledash", "ietf", "cisco", "unformatted"); + foreach ($macformats as $macformat) { + if ($pconfig['radmac_format'] == $macformat) { + echo "<option selected=\"selected\" value=\"$macformat\">",gettext($macformat),"</option>\n"; + } else { + echo "<option value=\"$macformat\">",gettext($macformat),"</option>\n"; + } + } + ?> + </select><br /> + <?=gettext("This option changes the MAC address format used in the whole RADIUS system. Change this if you also"); ?> + <?=gettext("need to change the username format for RADIUS MAC authentication."); ?><br /> + <?=gettext("default:"); ?> 00:11:22:33:44:55<br /> + <?=gettext("singledash:"); ?> 001122-334455<br /> + <?=gettext("ietf:"); ?> 00-11-22-33-44-55<br /> + <?=gettext("cisco:"); ?> 0011.2233.4455<br /> + <?=gettext("unformatted:"); ?> 001122334455 + </td> + </tr> + </table> + </td> + </tr> + <tr> + <td valign="top" class="vncell"><?=gettext("HTTPS login"); ?></td> + <td class="vtable"> + <input name="httpslogin_enable" type="checkbox" class="formfld" id="httpslogin_enable" value="yes" onclick="enable_change(false)" <?php if ($pconfig['httpslogin_enable']) echo "checked=\"checked\""; ?> /> + <strong><?=gettext("Enable HTTPS login"); ?></strong><br /> + <?=gettext("If enabled, the username and password will be transmitted over an HTTPS connection to protect against eavesdroppers. A server name and certificate must also be specified below."); ?> + </td> + </tr> + <tr> + <td valign="top" class="vncell"><?=gettext("HTTPS server name"); ?> </td> + <td class="vtable"> + <input name="httpsname" type="text" class="formfld unknown" id="httpsname" size="30" value="<?=htmlspecialchars($pconfig['httpsname']);?>" /><br /> + <?php printf(gettext("This name will be used in the form action for the HTTPS POST and should match the Common Name (CN) in your certificate (otherwise, the client browser will most likely display a security warning). Make sure captive portal clients can resolve this name in DNS and verify on the client that the IP resolves to the correct interface IP on %s."), $g['product_name']);?> + </td> + </tr> + <tr id="ssl_opts"> + <td width="22%" valign="top" class="vncell"><?=gettext("SSL Certificate"); ?></td> + <td width="78%" class="vtable"> + <?php if (count($a_cert)): ?> + <select name="certref" id="certref" class="formselect"> + <?php + foreach ($a_cert as $cert): + $selected = ""; + if ($pconfig['certref'] == $cert['refid']) { + $selected = " selected=\"selected\""; + } + ?> + <option value="<?=$cert['refid'];?>"<?=$selected;?>><?=$cert['descr'];?></option> + <?php endforeach; ?> + </select> + <?php else: ?> + <b><?=gettext("No Certificates defined."); ?></b> <br />Create one under <a href="system_certmanager.php">System > Cert Manager</a>. + <?php endif; ?> + </td> + </tr> + <tr> + <td valign="top" class="vncell"><?=gettext("Disable HTTPS forwards"); ?></td> + <td class="vtable"> + <input name="nohttpsforwards" type="checkbox" class="formfld" id="nohttpsforwards" value="yes" <?php if ($pconfig['nohttpsforwards']) echo "checked=\"checked\""; ?> /> + <strong><?=gettext("Disable HTTPS forwards"); ?></strong><br/> + <?=gettext("If this option is set, attempts to connect to SSL/HTTPS (Port 443) sites will not be forwarded to the captive portal. This prevents certificate errors from being presented to the user even if HTTPS logins are enabled. Users must attempt a connecton to an HTTP (Port 80) site to get forwarded to the captive portal. If HTTPS logins are enabled, the user will be redirected to the HTTPS login page."); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Portal page contents"); ?></td> + <td width="78%" class="vtable"> + <?=$mandfldhtml;?><input type="file" name="htmlfile" class="formfld file" id="htmlfile" /><br /> <?php - $macformats = array("singledash","ietf","cisco","unformatted"); - foreach ($macformats as $macformat) { - if ($pconfig['radmac_format'] == $macformat) { - echo "<option selected=\"selected\" value=\"$macformat\">",gettext($macformat),"</option>\n"; + list($host) = explode(":", $_SERVER['HTTP_HOST']); + $zoneid = $pconfig['zoneid'] ? $pconfig['zoneid'] : 8000; + if ($pconfig['httpslogin_enable']) { + $port = $pconfig['listenporthttps'] ? $pconfig['listenporthttps'] : ($zoneid + 8001); + $href = "https://{$host}:{$port}"; } else { - echo "<option value=\"$macformat\">",gettext($macformat),"</option>\n"; + $port = $pconfig['listenporthttp'] ? $pconfig['listenporthttp'] : ($zoneid + 8000); + $href = "http://{$host}:{$port}"; } - } ?> - </select><br /> - <?=gettext("This option changes the MAC address format used in the whole RADIUS system. Change this if you also"); ?> - <?=gettext("need to change the username format for RADIUS MAC authentication."); ?><br /> - <?=gettext("default:"); ?> 00:11:22:33:44:55<br /> - <?=gettext("singledash:"); ?> 001122-334455<br /> - <?=gettext("ietf:"); ?> 00-11-22-33-44-55<br /> - <?=gettext("cisco:"); ?> 0011.2233.4455<br /> - <?=gettext("unformatted:"); ?> 001122334455 - </td> - </tr> - </table> - </td> - </tr> - <tr> - <td valign="top" class="vncell"><?=gettext("HTTPS login"); ?></td> - <td class="vtable"> - <input name="httpslogin_enable" type="checkbox" class="formfld" id="httpslogin_enable" value="yes" onclick="enable_change(false)" <?php if($pconfig['httpslogin_enable']) echo "checked=\"checked\""; ?> /> - <strong><?=gettext("Enable HTTPS login"); ?></strong><br /> - <?=gettext("If enabled, the username and password will be transmitted over an HTTPS connection to protect against eavesdroppers. A server name and certificate must also be specified below."); ?></td> - </tr> - <tr> - <td valign="top" class="vncell"><?=gettext("HTTPS server name"); ?> </td> - <td class="vtable"> - <input name="httpsname" type="text" class="formfld unknown" id="httpsname" size="30" value="<?=htmlspecialchars($pconfig['httpsname']);?>" /><br /> - <?php printf(gettext("This name will be used in the form action for the HTTPS POST and should match the Common Name (CN) in your certificate (otherwise, the client browser will most likely display a security warning). Make sure captive portal clients can resolve this name in DNS and verify on the client that the IP resolves to the correct interface IP on %s."), $g['product_name']);?> </td> - </tr> - <tr id="ssl_opts"> - <td width="22%" valign="top" class="vncell"><?=gettext("SSL Certificate"); ?></td> - <td width="78%" class="vtable"> - <?php if (count($a_cert)): ?> - <select name="certref" id="certref" class="formselect"> - <?php - foreach($a_cert as $cert): - $selected = ""; - if ($pconfig['certref'] == $cert['refid']) - $selected = " selected=\"selected\""; - ?> - <option value="<?=$cert['refid'];?>"<?=$selected;?>><?=$cert['descr'];?></option> - <?php endforeach; ?> - </select> - <?php else: ?> - <b><?=gettext("No Certificates defined."); ?></b> <br />Create one under <a href="system_certmanager.php">System > Cert Manager</a>. - <?php endif; ?> + <?php if ($pconfig['page']['htmltext']): ?> + <a href="<?=$href?>" target="_blank"><?=gettext("View current page"); ?></a> + <br /> + <a href="?zone=<?=$cpzone?>&act=gethtmlhtml" target="_blank"><?=gettext("Download current page"); ?></a> + <br /> + <a href="?zone=<?=$cpzone?>&act=delhtmlhtml" onclick="return confirm('Do you really want to restore default page?')" target="_blank"> + <?=gettext("Restore default portal page"); ?> + </a> + <br /> + <br /> + <?php endif; ?> + <?php + printf( + gettext('Upload an HTML/PHP file for the portal page here (leave blank to keep the current one). ' . + 'Make sure to include a form (POST to %1$s) with a submit button (%2$s) and a hidden field with %3$s and %4$s. ' . + 'Include the %5$s and %6$s and/or %7$s input fields if authentication is enabled, otherwise it will always fail.'), + '"$PORTAL_ACTION$"', + "name="accept"", + "name="redirurl"", + 'value="$PORTAL_REDIRURL$"', + ""auth_user"", + ""auth_pass"", + ""auth_voucher""); + ?> + <?=gettext("Example code for the form:"); ?><br /> + <br /> + <tt><form method="post" action="$PORTAL_ACTION$"><br /> + <input name="auth_user" type="text"><br /> + <input name="auth_pass" type="password"><br /> + <input name="auth_voucher" type="text"><br /> + <input name="redirurl" type="hidden" value="$PORTAL_REDIRURL$"><br /> + <input name="accept" type="submit" value="Continue"><br /> + </form></tt> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Authentication"); ?><br /> + <?=gettext("error page"); ?><br /> + <?=gettext("contents"); ?> + </td> + <td class="vtable"> + <input name="errfile" type="file" class="formfld file" id="errfile" /><br /> + <?php if ($pconfig['page']['errtext']): ?> + <a href="?zone=<?=$cpzone?>&act=viewerrhtml" target="_blank"><?=gettext("View current page"); ?></a> + <br /> + <a href="?zone=<?=$cpzone?>&act=geterrhtml" target="_blank"><?=gettext("Download current page"); ?></a> + <br /> + <a href="?zone=<?=$cpzone?>&act=delerrhtml" onclick="return confirm('Do you really want to restore default page?')" target="_blank"> + <?=gettext("Restore default error page"); ?> + </a> + <br /> + <br /> + <?php endif; ?> + <?=gettext("The contents of the HTML/PHP file that you upload here are displayed when an authentication error occurs. " . + "You may include"); ?> "$PORTAL_MESSAGE$", <?=gettext("which will be replaced by the error or reply messages from the RADIUS server, if any."); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Logout"); ?><br /> + <?=gettext("page"); ?><br /> + <?=gettext("contents"); ?></td> + <td class="vtable"> + <input name="logoutfile" type="file" class="formfld file" id="logoutfile" /><br /> + <?php if ($pconfig['page']['logouttext']): ?> + <a href="?zone=<?=$cpzone?>&act=viewlogouthtml" target="_blank"><?=gettext("View current page"); ?></a> + <br /> + <a href="?zone=<?=$cpzone?>&act=getlogouthtml" target="_blank"><?=gettext("Download current page"); ?></a> + <br /> + <a href="?zone=<?=$cpzone?>&act=dellogouthtml" onclick="return confirm('Do you really want to restore default page?')" target="_blank"> + <?=gettext("Restore default logout page"); ?> + </a> + <br /> + <br /> + <?php endif; ?> + <?=gettext("The contents of the HTML/PHP file that you upload here are displayed on authentication success when the logout popup is enabled."); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <?php echo "<input name='zone' id='zone' type='hidden' value='" . htmlspecialchars($cpzone) . "' />"; ?> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" onclick="enable_change(true)" /> + <a href="services_captiveportal_zones.php"><input name="Cancel" type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" onclick="enable_change(true)" /></a> + </td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <span class="vexpl"> + <span class="red"> + <strong> + <?=gettext("Note:"); ?><br /> + </strong> + </span> + <?=gettext("Changing any settings on this page will disconnect all clients! Don't forget to enable the DHCP server on your captive portal interface! Make sure that the default/maximum DHCP lease time is higher than the timeout entered on this page. Also, the DNS forwarder needs to be enabled for DNS lookups by unauthenticated clients to work."); ?> + </span> + </td> + </tr> + </table> </td> </tr> - <tr> - <td valign="top" class="vncell"><?=gettext("Disable HTTPS forwards"); ?></td> - <td class="vtable"> - <input name="nohttpsforwards" type="checkbox" class="formfld" id="nohttpsforwards" value="yes" <?php if ($pconfig['nohttpsforwards']) echo "checked=\"checked\""; ?> /> - <strong><?=gettext("Disable HTTPS forwards"); ?></strong><br/> - <?=gettext("If this option is set, attempts to connect to SSL/HTTPS (Port 443) sites will not be forwarded to the captive portal. This prevents certificate errors from being presented to the user even if HTTPS logins are enabled. Users must attempt a connecton to an HTTP (Port 80) site to get forwarded to the captive portal. If HTTPS logins are enabled, the user will be redirected to the HTTPS login page."); ?></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Portal page contents"); ?></td> - <td width="78%" class="vtable"> - <?=$mandfldhtml;?><input type="file" name="htmlfile" class="formfld file" id="htmlfile" /><br /> - <?php - list($host) = explode(":", $_SERVER['HTTP_HOST']); - $zoneid = $pconfig['zoneid'] ? $pconfig['zoneid'] : 8000; - if ($pconfig['httpslogin_enable']) { - $port = $pconfig['listenporthttps'] ? $pconfig['listenporthttps'] : ($zoneid + 8001); - $href = "https://{$host}:{$port}"; - } else { - $port = $pconfig['listenporthttp'] ? $pconfig['listenporthttp'] : ($zoneid + 8000); - $href = "http://{$host}:{$port}"; - } - ?> - <?php if ($pconfig['page']['htmltext']): ?> - <a href="<?=$href?>" target="_blank"><?=gettext("View current page"); ?></a> - <br /> - <a href="?zone=<?=$cpzone?>&act=gethtmlhtml" target="_blank"><?=gettext("Download current page"); ?></a> - <br /> - <a href="?zone=<?=$cpzone?>&act=delhtmlhtml" onclick="return confirm('Do you really want to restore default page?')" target="_blank"> - <?=gettext("Restore default portal page"); ?> - </a> - <br /> - <br /> - <?php endif; ?> - <?php - printf( - gettext('Upload an HTML/PHP file for the portal page here (leave blank to keep the current one). ' . - 'Make sure to include a form (POST to %1$s) with a submit button (%2$s) and a hidden field with %3$s and %4$s. ' . - 'Include the %5$s and %6$s and/or %7$s input fields if authentication is enabled, otherwise it will always fail.'), - '"$PORTAL_ACTION$"', - "name="accept"", - "name="redirurl"", - 'value="$PORTAL_REDIRURL$"', - ""auth_user"", - ""auth_pass"", - ""auth_voucher""); - ?> - <?=gettext("Example code for the form:"); ?><br /> - <br /> - <tt><form method="post" action="$PORTAL_ACTION$"><br /> - <input name="auth_user" type="text"><br /> - <input name="auth_pass" type="password"><br /> - <input name="auth_voucher" type="text"><br /> - <input name="redirurl" type="hidden" value="$PORTAL_REDIRURL$"><br /> - <input name="accept" type="submit" value="Continue"><br /> - </form></tt></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Authentication"); ?><br /> - <?=gettext("error page"); ?><br /> - <?=gettext("contents"); ?></td> - <td class="vtable"> - <input name="errfile" type="file" class="formfld file" id="errfile" /><br /> - <?php if ($pconfig['page']['errtext']): ?> - <a href="?zone=<?=$cpzone?>&act=viewerrhtml" target="_blank"><?=gettext("View current page"); ?></a> - <br /> - <a href="?zone=<?=$cpzone?>&act=geterrhtml" target="_blank"><?=gettext("Download current page"); ?></a> - <br /> - <a href="?zone=<?=$cpzone?>&act=delerrhtml" onclick="return confirm('Do you really want to restore default page?')" target="_blank"> - <?=gettext("Restore default error page"); ?> - </a> - <br /> - <br /> - <?php endif; ?> -<?=gettext("The contents of the HTML/PHP file that you upload here are displayed when an authentication error occurs. " . -"You may include"); ?> "$PORTAL_MESSAGE$", <?=gettext("which will be replaced by the error or reply messages from the RADIUS server, if any."); ?></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Logout"); ?><br /> - <?=gettext("page"); ?><br /> - <?=gettext("contents"); ?></td> - <td class="vtable"> - <input name="logoutfile" type="file" class="formfld file" id="logoutfile" /><br /> - <?php if ($pconfig['page']['logouttext']): ?> - <a href="?zone=<?=$cpzone?>&act=viewlogouthtml" target="_blank"><?=gettext("View current page"); ?></a> - <br /> - <a href="?zone=<?=$cpzone?>&act=getlogouthtml" target="_blank"><?=gettext("Download current page"); ?></a> - <br /> - <a href="?zone=<?=$cpzone?>&act=dellogouthtml" onclick="return confirm('Do you really want to restore default page?')" target="_blank"> - <?=gettext("Restore default logout page"); ?> - </a> - <br /> - <br /> - <?php endif; ?> -<?=gettext("The contents of the HTML/PHP file that you upload here are displayed on authentication success when the logout popup is enabled."); ?></td> - </tr> - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - <?php echo "<input name='zone' id='zone' type='hidden' value='" . htmlspecialchars($cpzone) . "' />"; ?> - <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" onclick="enable_change(true)" /> - <a href="services_captiveportal_zones.php"><input name="Cancel" type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" onclick="enable_change(true)" /></a> - </td> - </tr> - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"><span class="vexpl"><span class="red"><strong><?=gettext("Note:"); ?><br /> - </strong></span><?=gettext("Changing any settings on this page will disconnect all clients! Don't forget to enable the DHCP server on your captive portal interface! Make sure that the default/maximum DHCP lease time is higher than the timeout entered on this page. Also, the DNS forwarder needs to be enabled for DNS lookups by unauthenticated clients to work."); ?> </span></td> - </tr> - </table> - </td> - </tr> - </table> +</table> </form> <script type="text/javascript"> //<![CDATA[ diff --git a/usr/local/www/services_captiveportal_filemanager.php b/usr/local/www/services_captiveportal_filemanager.php index 1368753..f672938 100644 --- a/usr/local/www/services_captiveportal_filemanager.php +++ b/usr/local/www/services_captiveportal_filemanager.php @@ -45,9 +45,9 @@ function cpelementscmp($a, $b) { } function cpelements_sort() { - global $config, $cpzone; + global $config, $cpzone; - usort($config['captiveportal'][$cpzone]['element'],"cpelementscmp"); + usort($config['captiveportal'][$cpzone]['element'], "cpelementscmp"); } require("guiconfig.inc"); @@ -57,23 +57,26 @@ require("shaper.inc"); require("captiveportal.inc"); $cpzone = $_GET['zone']; -if (isset($_POST['zone'])) - $cpzone = $_POST['zone']; - +if (isset($_POST['zone'])) { + $cpzone = $_POST['zone']; +} + if (empty($cpzone)) { - header("Location: services_captiveportal_zones.php"); - exit; + header("Location: services_captiveportal_zones.php"); + exit; } -if (!is_array($config['captiveportal'])) - $config['captiveportal'] = array(); +if (!is_array($config['captiveportal'])) { + $config['captiveportal'] = array(); +} $a_cp =& $config['captiveportal']; -$pgtitle = array(gettext("Services"),gettext("Captive portal"), $a_cp[$cpzone]['zone']); +$pgtitle = array(gettext("Services"), gettext("Captive portal"), $a_cp[$cpzone]['zone']); $shortcut_section = "captiveportal"; -if (!is_array($a_cp[$cpzone]['element'])) +if (!is_array($a_cp[$cpzone]['element'])) { $a_cp[$cpzone]['element'] = array(); +} $a_element =& $a_cp[$cpzone]['element']; // Calculate total size of all files @@ -83,18 +86,19 @@ foreach ($a_element as $element) { } if ($_POST) { - unset($input_errors); + unset($input_errors); - if (is_uploaded_file($_FILES['new']['tmp_name'])) { + if (is_uploaded_file($_FILES['new']['tmp_name'])) { - if(!stristr($_FILES['new']['name'], "captiveportal-")) - $name = "captiveportal-" . $_FILES['new']['name']; - else - $name = $_FILES['new']['name']; - $size = filesize($_FILES['new']['tmp_name']); + if (!stristr($_FILES['new']['name'], "captiveportal-")) { + $name = "captiveportal-" . $_FILES['new']['name']; + } else { + $name = $_FILES['new']['name']; + } + $size = filesize($_FILES['new']['tmp_name']); - // is there already a file with that name? - foreach ($a_element as $element) { + // is there already a file with that name? + foreach ($a_element as $element) { if ($element['name'] == $name) { $input_errors[] = sprintf(gettext("A file with the name '%s' already exists."), $name); break; @@ -121,7 +125,7 @@ if ($_POST) { header("Location: services_captiveportal_filemanager.php?zone={$cpzone}"); exit; } - } + } } else if (($_GET['act'] == "del") && !empty($cpzone) && $a_element[$_GET['id']]) { conf_mount_rw(); @unlink("{$g['captiveportal_element_path']}/" . $a_element[$_GET['id']]['name']); @@ -142,7 +146,8 @@ include("head.inc"); <input type="hidden" name="zone" id="zone" value="<?=htmlspecialchars($cpzone);?>" /> <?php if ($input_errors) print_input_errors($input_errors); ?> <table width="100%" border="0" cellpadding="0" cellspacing="0" summary="captiveportal file manager"> - <tr><td class="tabnavtbl"> + <tr> + <td class="tabnavtbl"> <?php $tab_array = array(); $tab_array[] = array(gettext("Captive portal(s)"), false, "services_captiveportal.php?zone={$cpzone}"); @@ -152,81 +157,109 @@ include("head.inc"); $tab_array[] = array(gettext("Vouchers"), false, "services_captiveportal_vouchers.php?zone={$cpzone}"); $tab_array[] = array(gettext("File Manager"), true, "services_captiveportal_filemanager.php?zone={$cpzone}"); display_top_tabs($tab_array, true); -?> </td></tr> - <tr> - <td class="tabcont"> - <table width="80%" border="0" cellpadding="0" cellspacing="0" summary="main"> - <tr> - <td width="70%" class="listhdrr"><?=gettext("Name"); ?></td> - <td width="20%" class="listhdr"><?=gettext("Size"); ?></td> - <td width="10%" class="list"> - <table border="0" cellspacing="0" cellpadding="1" summary="icons"> - <tr> - <td width="17" height="17"></td> - <td><a href="services_captiveportal_filemanager.php?zone=<?=$cpzone;?>&act=add"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add file"); ?>" width="17" height="17" border="0" alt="add" /></a></td> - </tr> - </table> - </td> - </tr> -<?php if (is_array($a_cp[$cpzone]['element'])): - $i = 0; foreach ($a_cp[$cpzone]['element'] as $element): ?> - <tr> - <td class="listlr"><?=htmlspecialchars($element['name']);?></td> - <td class="listr" align="right"><?=format_bytes($element['size']);?></td> - <td valign="middle" class="list nowrap"> - <a href="services_captiveportal_filemanager.php?zone=<?=$cpzone;?>&act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this file?"); ?>')"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete file"); ?>" width="17" height="17" border="0" alt="delete" /></a> - </td> - </tr> - <?php $i++; endforeach; endif; ?> - - <?php if ($total_size > 0): ?> - <tr> - <td class="listlr" style="background-color: #eee"><strong><?=gettext("TOTAL"); ?></strong></td> - <td class="listr" style="background-color: #eee" align="right"><strong><?=format_bytes($total_size);?></strong></td> - <td valign="middle" class="list nowrap"></td> - </tr> - <?php endif; ?> - - <?php if ($_GET['act'] == 'add'): ?> - <tr> - <td class="listlr" colspan="2"><input type="file" name="new" class="formfld file" size="40" id="new" /> - <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Upload"); ?>" /></td> - <td valign="middle" class="list nowrap"> - <a href="services_captiveportal_filemanager.php?zone=<?=$cpzone;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("cancel"); ?>" width="17" height="17" border="0" alt="delete" /></a> +?> </td> - </tr> - <?php else: ?> - <tr> - <td class="list" colspan="2"></td> - <td class="list"> - <table border="0" cellspacing="0" cellpadding="1" summary="add"> - <tr> - <td width="17" height="17"></td> - <td><a href="services_captiveportal_filemanager.php?zone=<?=$cpzone;?>&act=add"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add file"); ?>" width="17" height="17" border="0" alt="add" /></a></td> - </tr> + </tr> + <tr> + <td class="tabcont"> + <table width="80%" border="0" cellpadding="0" cellspacing="0" summary="main"> + <tr> + <td width="70%" class="listhdrr"><?=gettext("Name"); ?></td> + <td width="20%" class="listhdr"><?=gettext("Size"); ?></td> + <td width="10%" class="list"> + <table border="0" cellspacing="0" cellpadding="1" summary="icons"> + <tr> + <td width="17" height="17"></td> + <td> + <a href="services_captiveportal_filemanager.php?zone=<?=$cpzone;?>&act=add"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add file"); ?>" width="17" height="17" border="0" alt="add" /></a> + </td> + </tr> + </table> + </td> + </tr> +<?php + if (is_array($a_cp[$cpzone]['element'])): + $i = 0; + foreach ($a_cp[$cpzone]['element'] as $element): +?> + <tr> + <td class="listlr"><?=htmlspecialchars($element['name']);?></td> + <td class="listr" align="right"><?=format_bytes($element['size']);?></td> + <td valign="middle" class="list nowrap"> + <a href="services_captiveportal_filemanager.php?zone=<?=$cpzone;?>&act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this file?"); ?>')"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete file"); ?>" width="17" height="17" border="0" alt="delete" /></a> + </td> + </tr> +<?php + $i++; + endforeach; + endif; +?> + +<?php + if ($total_size > 0): +?> + <tr> + <td class="listlr" style="background-color: #eee"><strong><?=gettext("TOTAL"); ?></strong></td> + <td class="listr" style="background-color: #eee" align="right"><strong><?=format_bytes($total_size);?></strong></td> + <td valign="middle" class="list nowrap"></td> + </tr> +<?php + endif; + + if ($_GET['act'] == 'add'): +?> + <tr> + <td class="listlr" colspan="2"> + <input type="file" name="new" class="formfld file" size="40" id="new" /> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Upload"); ?>" /> + </td> + <td valign="middle" class="list nowrap"> + <a href="services_captiveportal_filemanager.php?zone=<?=$cpzone;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("cancel"); ?>" width="17" height="17" border="0" alt="delete" /></a> + </td> + </tr> +<?php + else: +?> + <tr> + <td class="list" colspan="2"></td> + <td class="list"> + <table border="0" cellspacing="0" cellpadding="1" summary="add"> + <tr> + <td width="17" height="17"></td> + <td> + <a href="services_captiveportal_filemanager.php?zone=<?=$cpzone;?>&act=add"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add file"); ?>" width="17" height="17" border="0" alt="add" /></a> + </td> + </tr> + </table> + </td> + </tr> +<?php + endif; +?> </table> + <span class="vexpl"> + <span class="red"> + <strong> + <?=gettext("Note:"); ?><br /> + </strong> + </span> + <?=gettext("Any files that you upload here with the filename prefix of captiveportal- will " . + "be made available in the root directory of the captive portal HTTP(S) server. " . + "You may reference them directly from your portal page HTML code using relative paths. " . + "Example: you've uploaded an image with the name 'captiveportal-test.jpg' using the " . + "file manager. Then you can include it in your portal page like this:"); ?> + <br /><br /> + <tt><img src="captiveportal-test.jpg" width=... height=...></tt> + <br /><br /> + <?=gettext("In addition, you can also upload .php files for execution. You can pass the filename " . + "to your custom page from the initial page by using text similar to:"); ?> + <br /><br /> + <tt><a href="/captiveportal-aup.php?zone=$PORTAL_ZONE$&redirurl=$PORTAL_REDIRURL$"><?=gettext("Acceptable usage policy"); ?></a></tt> + <br /><br /> + <?php printf(gettext("The total size limit for all files is %s."), format_bytes($g['captiveportal_element_sizelimit']));?> + </span> </td> - </tr> - <?php endif; ?> - </table> - <span class="vexpl"><span class="red"><strong> - <?=gettext("Note:"); ?><br /> - </strong></span> - <?=gettext("Any files that you upload here with the filename prefix of captiveportal- will " . - "be made available in the root directory of the captive portal HTTP(S) server. " . - "You may reference them directly from your portal page HTML code using relative paths. " . - "Example: you've uploaded an image with the name 'captiveportal-test.jpg' using the " . - "file manager. Then you can include it in your portal page like this:"); ?><br /><br /> - <tt><img src="captiveportal-test.jpg" width=... height=...></tt> - <br /><br /> - <?=gettext("In addition, you can also upload .php files for execution. You can pass the filename " . - "to your custom page from the initial page by using text similar to:"); ?> - <br /><br /> - <tt><a href="/captiveportal-aup.php?zone=$PORTAL_ZONE$&redirurl=$PORTAL_REDIRURL$"><?=gettext("Acceptable usage policy"); ?></a></tt> - <br /><br /> - <?php printf(gettext("The total size limit for all files is %s."), format_bytes($g['captiveportal_element_sizelimit']));?></span> -</td> -</tr> + </tr> </table> </form> <?php include("fend.inc"); ?> diff --git a/usr/local/www/services_captiveportal_hostname.php b/usr/local/www/services_captiveportal_hostname.php index 03afc59..939fb23 100644 --- a/usr/local/www/services_captiveportal_hostname.php +++ b/usr/local/www/services_captiveportal_hostname.php @@ -49,36 +49,40 @@ require("shaper.inc"); require("captiveportal.inc"); $cpzone = $_GET['zone']; -if (isset($_POST['zone'])) +if (isset($_POST['zone'])) { $cpzone = $_POST['zone']; +} if (empty($cpzone) || empty($config['captiveportal'][$cpzone])) { - header("Location: services_captiveportal_zones.php"); - exit; + header("Location: services_captiveportal_zones.php"); + exit; } -if (!is_array($config['captiveportal'])) +if (!is_array($config['captiveportal'])) { $config['captiveportal'] = array(); +} $a_cp =& $config['captiveportal']; -if (isset($cpzone) && !empty($cpzone) && isset($a_cp[$cpzone]['zoneid'])) +if (isset($cpzone) && !empty($cpzone) && isset($a_cp[$cpzone]['zoneid'])) { $cpzoneid = $a_cp[$cpzone]['zoneid']; +} -$pgtitle = array(gettext("Services"),gettext("Captive portal"), $a_cp[$cpzone]['zone']); +$pgtitle = array(gettext("Services"), gettext("Captive portal"), $a_cp[$cpzone]['zone']); $shortcut_section = "captiveportal"; if ($_GET['act'] == "del" && !empty($cpzone) && isset($cpzoneid)) { $a_allowedhostnames =& $a_cp[$cpzone]['allowedhostname']; if ($a_allowedhostnames[$_GET['id']]) { $ipent = $a_allowedhostnames[$_GET['id']]; - + if (isset($a_cp[$cpzone]['enable'])) { - if(is_ipaddr($ipent['hostname'])) + if (is_ipaddr($ipent['hostname'])) { $ip = $ipent['hostname']; - else + } else { $ip = gethostbyname($ipent['hostname']); + } $sn = (is_ipaddrv6($ip)) ? 128 : 32; - if(is_ipaddr($ip)) { + if (is_ipaddr($ip)) { $ipfw = pfSense_ipfw_getTablestats($cpzoneid, IP_FW_TABLE_XLISTENTRY, 3, $ip); if (is_array($ipfw)) { captiveportal_free_dn_ruleno($ipfw['dnpipe']); @@ -89,7 +93,7 @@ if ($_GET['act'] == "del" && !empty($cpzone) && isset($cpzoneid)) { pfSense_ipfw_Tableaction($cpzoneid, IP_FW_TABLE_XDEL, 4, $ip, $sn); } } - + unset($a_allowedhostnames[$_GET['id']]); write_config(); captiveportal_allowedhostname_configure(); @@ -107,7 +111,8 @@ include("head.inc"); <input type="hidden" name="zone" id="zone" value="<?=htmlspecialchars($cpzone);?>" /> <?php if ($savemsg) print_info_box($savemsg); ?> <table width="100%" border="0" cellpadding="0" cellspacing="0" summary="captiveportal hostname"> - <tr><td class="tabnavtbl"> + <tr> + <td class="tabnavtbl"> <?php $tab_array = array(); $tab_array[] = array(gettext("Captive portal(s)"), false, "services_captiveportal.php?zone={$cpzone}"); @@ -118,86 +123,109 @@ include("head.inc"); $tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php?zone={$cpzone}"); display_top_tabs($tab_array, true); ?> - </td></tr> - <tr> - <td class="tabcont"> - <table width="100%" border="0" cellpadding="0" cellspacing="0" summary="main"> - <tr> - <td width="60%" class="listhdrr"><?=gettext("Hostname"); ?></td> - <td width="40%" class="listhdr"><?=gettext("Description"); ?></td> - <td width="10%" class="list"> - <table border="0" cellspacing="0" cellpadding="1" summary="add"> - <tr> - <td width="17" height="17"></td> - <td><a href="services_captiveportal_hostname_edit.php?zone=<?=$cpzone;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add address"); ?>" width="17" height="17" border="0" alt="add" /></a></td> - </tr> - </table> - </td> - </tr> -<?php if (is_array($a_cp[$cpzone]['allowedhostname'])): - $i = 0; foreach ($a_cp[$cpzone]['allowedhostname'] as $ip): ?> - <tr ondblclick="document.location='services_captiveportal_hostname_edit.php?zone=<?=$cpzone;?>&id=<?=$i;?>'"> - <td class="listlr"> - <?php - if($ip['dir'] == "to") { - echo "any <img src=\"/themes/{$g['theme']}/images/icons/icon_in.gif\" width=\"11\" height=\"11\" align=\"middle\" alt=\"in\" /> "; - } - if($ip['dir'] == "both") { - echo "<img src=\"/themes/{$g['theme']}/images/icons/icon_pass.gif\" width=\"11\" height=\"11\" align=\"middle\" alt=\"pass\" /> "; - } - echo strtolower($ip['hostname']); - if($ip['dir'] == "from") { - echo "<img src=\"/themes/{$g['theme']}/images/icons/icon_in.gif\" width=\"11\" height=\"11\" align=\"middle\" alt=\"in\" /> any"; - } - - ?> - </td> - <td class="listbg"> - <?=htmlspecialchars($ip['descr']);?> - </td> - <td valign="middle" class="list nowrap"> <a href="services_captiveportal_hostname_edit.php?zone=<?=$cpzone;?>&id=<?=$i;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit address"); ?>" width="17" height="17" border="0" alt="add" /></a> - <a href="services_captiveportal_hostname.php?zone=<?=$cpzone;?>&act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this address?"); ?>')"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete address"); ?>" width="17" height="17" border="0" alt="delete" /></a></td> - </tr> - <?php $i++; endforeach; endif; ?> - <tr> - <td class="list" colspan="2"> </td> - <td class="list"> - <table border="0" cellspacing="0" cellpadding="1" summary="add"> - <tr> - <td width="17" height="17"></td> - <td><a href="services_captiveportal_hostname_edit.php?zone=<?=$cpzone;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add address"); ?>" width="17" height="17" border="0" alt="add" /></a></td> - </tr> - </table> - </td> + </td> </tr> <tr> - <td colspan="2" class="list"><p class="vexpl"><span class="red"><strong> - <?=gettext("Note:"); ?><br /> - </strong></span> - <?=gettext("Adding allowed Hostnames will allow a DNS hostname access to/from access through the captive portal without being taken to the portal page. This can be used for a web server serving images for the portal page or a DNS server on another network, for example. By specifying <em>from</em> addresses, it may be used to always allow pass-through access from a client behind the captive portal."); ?></p> - <table border="0" cellspacing="0" cellpadding="0" summary="icons"> - <tr> - <td><span class="vexpl"><?=gettext("any"); ?> <img src="/themes/<?=$g['theme'];?>/images/icons/icon_in.gif" width="11" height="11" align="middle" alt="in" /> x.x.x.x </span></td> - <td><span class="vexpl"><?=gettext("All connections"); ?> <strong><?=gettext("to"); ?></strong> <?=gettext("the Hostname are allowed"); ?></span></td> - </tr> - <tr> - <td colspan="5" height="4"></td> - </tr> - <tr> - <td>x.x.x.x <span class="vexpl"><img src="/themes/<?=$g['theme'];?>/images/icons/icon_in.gif" width="11" height="11" align="middle" alt="in" /></span> <?=gettext("any"); ?> </td> - <td><span class="vexpl"><?=gettext("All connections"); ?> <strong><?=gettext("from"); ?></strong> <?=gettext("the Hostname are allowed"); ?> </span></td> - </tr> - <tr> - <td><span class="vexpl"><img src="/themes/<?=$g['theme'];?>/images/icons/icon_pass.gif" width="11" height="11" align="right" alt="pass" /></span> </td> - <td><span class="vexpl"> All connections <strong>to</strong> and <strong>from</strong> the Hostname are allowed </span></td> + <td class="tabcont"> + <table width="100%" border="0" cellpadding="0" cellspacing="0" summary="main"> + <tr> + <td width="60%" class="listhdrr"><?=gettext("Hostname"); ?></td> + <td width="40%" class="listhdr"><?=gettext("Description"); ?></td> + <td width="10%" class="list"> + <table border="0" cellspacing="0" cellpadding="1" summary="add"> + <tr> + <td width="17" height="17"></td> + <td> + <a href="services_captiveportal_hostname_edit.php?zone=<?=$cpzone;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add address"); ?>" width="17" height="17" border="0" alt="add" /></a> + </td> + </tr> + </table> + </td> + </tr> +<?php + if (is_array($a_cp[$cpzone]['allowedhostname'])): + $i = 0; + foreach ($a_cp[$cpzone]['allowedhostname'] as $ip): +?> + <tr ondblclick="document.location='services_captiveportal_hostname_edit.php?zone=<?=$cpzone;?>&id=<?=$i;?>'"> + <td class="listlr"> +<?php + if ($ip['dir'] == "to") { + echo "any <img src=\"/themes/{$g['theme']}/images/icons/icon_in.gif\" width=\"11\" height=\"11\" align=\"middle\" alt=\"in\" /> "; + } + if ($ip['dir'] == "both") { + echo "<img src=\"/themes/{$g['theme']}/images/icons/icon_pass.gif\" width=\"11\" height=\"11\" align=\"middle\" alt=\"pass\" /> "; + } + echo strtolower($ip['hostname']); + if ($ip['dir'] == "from") { + echo "<img src=\"/themes/{$g['theme']}/images/icons/icon_in.gif\" width=\"11\" height=\"11\" align=\"middle\" alt=\"in\" /> any"; + } +?> + </td> + <td class="listbg"> + <?=htmlspecialchars($ip['descr']);?> + </td> + <td valign="middle" class="list nowrap"> + <a href="services_captiveportal_hostname_edit.php?zone=<?=$cpzone;?>&id=<?=$i;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit address"); ?>" width="17" height="17" border="0" alt="add" /></a> + <a href="services_captiveportal_hostname.php?zone=<?=$cpzone;?>&act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this address?"); ?>')"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete address"); ?>" width="17" height="17" border="0" alt="delete" /></a> + </td> + </tr> +<?php + $i++; + endforeach; + endif; +?> + <tr> + <td class="list" colspan="2"> </td> + <td class="list"> + <table border="0" cellspacing="0" cellpadding="1" summary="add"> + <tr> + <td width="17" height="17"></td> + <td> + <a href="services_captiveportal_hostname_edit.php?zone=<?=$cpzone;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add address"); ?>" width="17" height="17" border="0" alt="add" /></a> + </td> + </tr> + </table> + </td> + </tr> + <tr> + <td colspan="2" class="list"> + <p class="vexpl"> + <span class="red"> + <strong> + <?=gettext("Note:"); ?><br /> + </strong> + </span> + <?=gettext("Adding allowed Hostnames will allow a DNS hostname access to/from access through the captive portal without being taken to the portal page. This can be used for a web server serving images for the portal page or a DNS server on another network, for example. By specifying <em>from</em> addresses, it may be used to always allow pass-through access from a client behind the captive portal."); ?> + </p> + <table border="0" cellspacing="0" cellpadding="0" summary="icons"> + <tr> + <td> + <span class="vexpl"><?=gettext("any"); ?> <img src="/themes/<?=$g['theme'];?>/images/icons/icon_in.gif" width="11" height="11" align="middle" alt="in" /> x.x.x.x </span> + </td> + <td> + <span class="vexpl"><?=gettext("All connections"); ?> <strong><?=gettext("to"); ?></strong> <?=gettext("the Hostname are allowed"); ?></span> + </td> + </tr> + <tr> + <td colspan="5" height="4"></td> + </tr> + <tr> + <td>x.x.x.x <span class="vexpl"><img src="/themes/<?=$g['theme'];?>/images/icons/icon_in.gif" width="11" height="11" align="middle" alt="in" /></span> <?=gettext("any"); ?> </td> + <td><span class="vexpl"><?=gettext("All connections"); ?> <strong><?=gettext("from"); ?></strong> <?=gettext("the Hostname are allowed"); ?> </span></td> + </tr> + <tr> + <td><span class="vexpl"><img src="/themes/<?=$g['theme'];?>/images/icons/icon_pass.gif" width="11" height="11" align="right" alt="pass" /></span> </td> + <td><span class="vexpl"> All connections <strong>to</strong> and <strong>from</strong> the Hostname are allowed </span></td> + </tr> + </table> + </td> + <td class="list"> </td> + </tr> + </table> + </td> </tr> - </table></td> - <td class="list"> </td> - </tr> - </table> - </td> - </tr> - </table> +</table> </form> <?php include("fend.inc"); ?> </body> diff --git a/usr/local/www/services_captiveportal_hostname_edit.php b/usr/local/www/services_captiveportal_hostname_edit.php index 9d7c7d6..dc33739 100644 --- a/usr/local/www/services_captiveportal_hostname_edit.php +++ b/usr/local/www/services_captiveportal_hostname_edit.php @@ -1,4 +1,4 @@ -<?php +<?php /* services_captiveportal_hostname_edit.php Copyright (C) 2013-2015 Electric Sheep Fencing, LP @@ -8,17 +8,17 @@ Originally part of m0n0wall (http://m0n0.ch/wall) Copyright (C) 2004 Dinesh Nair <dinesh@alphaque.com> All rights reserved. - + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - + 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE @@ -48,7 +48,7 @@ function allowedhostnamescmp($a, $b) { function allowedhostnames_sort() { global $g, $config, $cpzone; - usort($config['captiveportal'][$cpzone]['allowedhostname'],"allowedhostnamescmp"); + usort($config['captiveportal'][$cpzone]['allowedhostname'], "allowedhostnamescmp"); } require("guiconfig.inc"); @@ -57,29 +57,34 @@ require_once("filter.inc"); require("shaper.inc"); require("captiveportal.inc"); -$pgtitle = array(gettext("Services"),gettext("Captive portal"),gettext("Edit allowed Hostname")); +$pgtitle = array(gettext("Services"), gettext("Captive portal"), gettext("Edit allowed Hostname")); $shortcut_section = "captiveportal"; $cpzone = $_GET['zone']; -if (isset($_POST['zone'])) - $cpzone = $_POST['zone']; +if (isset($_POST['zone'])) { + $cpzone = $_POST['zone']; +} if (empty($cpzone) || empty($config['captiveportal'][$cpzone])) { - header("Location: services_captiveportal_zones.php"); - exit; + header("Location: services_captiveportal_zones.php"); + exit; } -if (!is_array($config['captiveportal'])) - $config['captiveportal'] = array(); +if (!is_array($config['captiveportal'])) { + $config['captiveportal'] = array(); +} $a_cp =& $config['captiveportal']; -if (is_numericint($_GET['id'])) +if (is_numericint($_GET['id'])) { $id = $_GET['id']; -if (isset($_POST['id']) && is_numericint($_POST['id'])) +} +if (isset($_POST['id']) && is_numericint($_POST['id'])) { $id = $_POST['id']; +} -if (!is_array($a_cp[$cpzone]['allowedhostname'])) +if (!is_array($a_cp[$cpzone]['allowedhostname'])) { $a_cp[$cpzone]['allowedhostname'] = array(); +} $a_allowedhostnames = &$a_cp[$cpzone]['allowedhostname']; if (isset($id) && $a_allowedhostnames[$id]) { @@ -100,25 +105,29 @@ if ($_POST) { /* input validation */ $reqdfields = explode(" ", "hostname"); $reqdfieldsn = array(gettext("Allowed Hostname")); - + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); - - if (($_POST['hostname'] && !is_hostname($_POST['hostname']))) + + if (($_POST['hostname'] && !is_hostname($_POST['hostname']))) { $input_errors[] = sprintf(gettext("A valid Hostname must be specified. [%s]"), $_POST['hostname']); + } - if ($_POST['bw_up'] && !is_numeric($_POST['bw_up'])) + if ($_POST['bw_up'] && !is_numeric($_POST['bw_up'])) { $input_errors[] = gettext("Upload speed needs to be an integer"); - if ($_POST['bw_down'] && !is_numeric($_POST['bw_down'])) + } + if ($_POST['bw_down'] && !is_numeric($_POST['bw_down'])) { $input_errors[] = gettext("Download speed needs to be an integer"); + } foreach ($a_allowedhostnames as $ipent) { - if (isset($id) && ($a_allowedhostnames[$id]) && ($a_allowedhostnames[$id] === $ipent)) + if (isset($id) && ($a_allowedhostnames[$id]) && ($a_allowedhostnames[$id] === $ipent)) { continue; - - if ($ipent['hostname'] == $_POST['hostname']){ + } + + if ($ipent['hostname'] == $_POST['hostname']) { $input_errors[] = sprintf("[%s] %s.", $_POST['hostname'], gettext("already allowed")) ; break ; - } + } } if (!$input_errors) { @@ -127,17 +136,20 @@ if ($_POST) { $ip['sn'] = $_POST['sn']; $ip['dir'] = $_POST['dir']; $ip['descr'] = $_POST['descr']; - if ($_POST['bw_up']) + if ($_POST['bw_up']) { $ip['bw_up'] = $_POST['bw_up']; - if ($_POST['bw_down']) + } + if ($_POST['bw_down']) { $ip['bw_down'] = $_POST['bw_down']; - if (isset($id) && $a_allowedhostnames[$id]) + } + if (isset($id) && $a_allowedhostnames[$id]) { $a_allowedhostnames[$id] = $ip; - else + } else { $a_allowedhostnames[] = $ip; + } allowedhostnames_sort(); - + write_config(); $rules = captiveportal_allowedhostname_configure(); @@ -145,7 +157,7 @@ if ($_POST) { $cpzoneid = $a_cp[$cpzone]['zoneid']; mwexec("/sbin/ipfw -x {$cpzoneid} {$g['tmp_path']}/hostname_rules"); unset($rules); - + header("Location: services_captiveportal_hostname.php?zone={$cpzone}"); exit; } @@ -157,52 +169,65 @@ include("head.inc"); <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> <?php if ($input_errors) print_input_errors($input_errors); ?> - <form action="services_captiveportal_hostname_edit.php" method="post" name="iform" id="iform"> - <table width="100%" border="0" cellpadding="6" cellspacing="0" summary="captiveportal hostname edit"> +<form action="services_captiveportal_hostname_edit.php" method="post" name="iform" id="iform"> + <table width="100%" border="0" cellpadding="6" cellspacing="0" summary="captiveportal hostname edit"> <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Direction"); ?></td> - <td width="78%" class="vtable"> - <select name="dir" class="formfld"> - <?php - $dirs = array(gettext("Both"),gettext("From"),gettext("To")) ; - foreach ($dirs as $dir): ?> - <option value="<?=strtolower($dir);?>" <?php if (strtolower($dir) == strtolower($pconfig['dir'])) echo "selected=\"selected\"";?> > - <?=htmlspecialchars($dir);?> - </option> - <?php endforeach; ?> - </select> - <br /> - <span class="vexpl"><?=gettext("Use"); ?> <em><?=gettext("From"); ?></em> <?=gettext("to always allow an Hostname through the captive portal (without authentication)"); ?>. - <?=gettext("Use"); ?> <em><?=gettext("To"); ?></em> <?=gettext("to allow access from all clients (even non-authenticated ones) behind the portal to this Hostname"); ?>.</span></td> + <td width="78%" class="vtable"> + <select name="dir" class="formfld"> + <?php + $dirs = array(gettext("Both"), gettext("From"), gettext("To")) ; + foreach ($dirs as $dir): + ?> + <option value="<?=strtolower($dir);?>" <?php if (strtolower($dir) == strtolower($pconfig['dir'])) echo "selected=\"selected\"";?> > + <?=htmlspecialchars($dir);?> + </option> + <?php + endforeach; + ?> + </select> + <br /> + <span class="vexpl"> + <?=gettext("Use"); ?> <em><?=gettext("From"); ?></em> <?=gettext("to always allow an Hostname through the captive portal (without authentication)"); ?>. + <?=gettext("Use"); ?> <em><?=gettext("To"); ?></em> <?=gettext("to allow access from all clients (even non-authenticated ones) behind the portal to this Hostname"); ?>. + </span> + </td> </tr> <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Hostname"); ?></td> - <td width="78%" class="vtable"> + <td width="78%" class="vtable"> <?=$mandfldhtml;?><input name="hostname" type="text" class="formfld unknown" id="hostname" size="17" value="<?=htmlspecialchars($pconfig['hostname']);?>" /> - <br /> - <span class="vexpl"><?=gettext("Hostname");?>.</span></td> + <br /> + <span class="vexpl"><?=gettext("Hostname");?>.</span> + </td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td> - <td width="78%" class="vtable"> - <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>" /> - <br /> <span class="vexpl"><?=gettext("You may enter a description here for your reference (not parsed)"); ?>.</span></td> - </tr> + <td width="78%" class="vtable"> + <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>" /> + <br /> + <span class="vexpl"><?=gettext("You may enter a description here for your reference (not parsed)"); ?>.</span> + </td> + </tr> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Bandwidth up"); ?></td> <td width="78%" class="vtable"> - <input name="bw_up" type="text" class="formfld unknown" id="bw_up" size="10" value="<?=htmlspecialchars($pconfig['bw_up']);?>" /> - <br /> <span class="vexpl"><?=gettext("Enter a upload limit to be enforced on this Hostname in Kbit/s"); ?></span></td> + <input name="bw_up" type="text" class="formfld unknown" id="bw_up" size="10" value="<?=htmlspecialchars($pconfig['bw_up']);?>" /> + <br /> + <span class="vexpl"><?=gettext("Enter a upload limit to be enforced on this Hostname in Kbit/s"); ?></span> + </td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Bandwidth down"); ?></td> <td width="78%" class="vtable"> - <input name="bw_down" type="text" class="formfld unknown" id="bw_down" size="10" value="<?=htmlspecialchars($pconfig['bw_down']);?>" /> - <br /> <span class="vexpl"><?=gettext("Enter a download limit to be enforced on this Hostname in Kbit/s"); ?></span></td> + <input name="bw_down" type="text" class="formfld unknown" id="bw_down" size="10" value="<?=htmlspecialchars($pconfig['bw_down']);?>" /> + <br /> + <span class="vexpl"><?=gettext("Enter a download limit to be enforced on this Hostname in Kbit/s"); ?></span> + </td> </tr> <tr> <td width="22%" valign="top"> </td> - <td width="78%"> + <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" /> <input name="zone" type="hidden" value="<?=htmlspecialchars($cpzone);?>" /> <?php if (isset($id) && $a_allowedhostnames[$id]): ?> diff --git a/usr/local/www/services_captiveportal_ip.php b/usr/local/www/services_captiveportal_ip.php index 72b1126..c475aeb 100644 --- a/usr/local/www/services_captiveportal_ip.php +++ b/usr/local/www/services_captiveportal_ip.php @@ -47,43 +47,46 @@ require("shaper.inc"); require("captiveportal.inc"); $cpzone = $_GET['zone']; -if (isset($_POST['zone'])) - $cpzone = $_POST['zone']; +if (isset($_POST['zone'])) { + $cpzone = $_POST['zone']; +} if (empty($cpzone) || empty($config['captiveportal'][$cpzone])) { - header("Location: services_captiveportal_zones.php"); - exit; + header("Location: services_captiveportal_zones.php"); + exit; } -if (!is_array($config['captiveportal'])) - $config['captiveportal'] = array(); +if (!is_array($config['captiveportal'])) { + $config['captiveportal'] = array(); +} $a_cp =& $config['captiveportal']; -if (isset($cpzone) && !empty($cpzone) && isset($a_cp[$cpzone]['zoneid'])) +if (isset($cpzone) && !empty($cpzone) && isset($a_cp[$cpzone]['zoneid'])) { $cpzoneid = $a_cp[$cpzone]['zoneid']; +} -$pgtitle = array(gettext("Services"),gettext("Captive portal"), $a_cp[$cpzone]['zone']); +$pgtitle = array(gettext("Services"), gettext("Captive portal"), $a_cp[$cpzone]['zone']); $shortcut_section = "captiveportal"; if ($_GET['act'] == "del" && !empty($cpzone) && isset($cpzoneid)) { $a_allowedips =& $config['captiveportal'][$cpzone]['allowedip']; if ($a_allowedips[$_GET['id']]) { $ipent = $a_allowedips[$_GET['id']]; - + if (isset($config['captiveportal'][$cpzone]['enable'])) { $mask = (!empty($ipent['sn'])) ? $ipent['sn'] : 32; - + $ipfw = pfSense_ipfw_getTablestats($cpzoneid, IP_FW_TABLE_XLISTENTRY, 3, $ipent['ip']); pfSense_ipfw_Tableaction($cpzoneid, IP_FW_TABLE_XDEL, 3, $ipent['ip'], $mask); pfSense_ipfw_Tableaction($cpzoneid, IP_FW_TABLE_XDEL, 4, $ipent['ip'], $mask); - + if (is_array($ipfw)) { captiveportal_free_dn_ruleno($ipfw['dnpipe']); pfSense_pipe_action("pipe delete {$ipfw['dnpipe']}"); pfSense_pipe_action("pipe delete " . ($ipfw['dnpipe']+1)); } } - + unset($a_allowedips[$_GET['id']]); write_config(); header("Location: services_captiveportal_ip.php?zone={$cpzone}"); @@ -97,10 +100,11 @@ include("head.inc"); <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> <form action="services_captiveportal_ip.php" method="post"> -<input type="hidden" name="zone" id="zone" value="<?=htmlspecialchars($cpzone);?>" /> -<?php if ($savemsg) print_info_box($savemsg); ?> -<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="captiveportal ip addresses"> - <tr><td class="tabnavtbl"> + <input type="hidden" name="zone" id="zone" value="<?=htmlspecialchars($cpzone);?>" /> + <?php if ($savemsg) print_info_box($savemsg); ?> + <table width="100%" border="0" cellpadding="0" cellspacing="0" summary="captiveportal ip addresses"> + <tr> + <td class="tabnavtbl"> <?php $tab_array = array(); $tab_array[] = array(gettext("Captive portal(s)"), false, "services_captiveportal.php?zone={$cpzone}"); @@ -111,74 +115,93 @@ include("head.inc"); $tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php?zone={$cpzone}"); display_top_tabs($tab_array, true); ?> - </td></tr> - <tr> - <td class="tabcont"> - <table width="100%" border="0" cellpadding="0" cellspacing="0" summary="main"> - <tr> - <td width="40%" class="listhdrr"><?=gettext("IP address"); ?></td> - <td width="50%" class="listhdr"><?=gettext("Description"); ?></td> - <td width="10%" class="list"> - <table border="0" cellspacing="0" cellpadding="1" summary="add"> - <tr> - <td width="17" height="17"></td> - <td><a href="services_captiveportal_ip_edit.php?zone=<?=$cpzone;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add address"); ?>" width="17" height="17" border="0" alt="add" /></a></td> - </tr> - </table> - </td> - </tr> -<?php if (is_array($a_cp[$cpzone]['allowedip'])): - $i = 0; foreach ($a_cp[$cpzone]['allowedip'] as $ip): ?> - <tr ondblclick="document.location='services_captiveportal_ip_edit.php?zone=<?=$cpzone;?>&id=<?=$i;?>'"> - <td class="listlr"> - <?php - if($ip['dir'] == "to") { - echo "any <img src=\"/themes/{$g['theme']}/images/icons/icon_in.gif\" width=\"11\" height=\"11\" align=\"middle\" alt=\"in\" /> "; - } - if($ip['dir'] == "both") { - echo "<img src=\"/themes/{$g['theme']}/images/icons/icon_pass.gif\" width=\"11\" height=\"11\" align=\"middle\" alt=\"pass\" /> "; - } - echo strtolower($ip['ip']); - if($ip['sn'] != "32" && is_numeric($ip['sn'])) { - $sn = $ip['sn']; - echo "/$sn"; - } - if($ip['dir'] == "from") { - echo "<img src=\"/themes/{$g['theme']}/images/icons/icon_in.gif\" width=\"11\" height=\"11\" align=\"middle\" alt=\"any\" /> any"; - } - - ?> - </td> - <td class="listbg"> - <?=htmlspecialchars($ip['descr']);?> - </td> - <td valign="middle" class="list nowrap"><a href="services_captiveportal_ip_edit.php?zone=<?=$cpzone;?>&id=<?=$i;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit address"); ?>" width="17" height="17" border="0" alt="edit" /></a> - <a href="services_captiveportal_ip.php?zone=<?=$cpzone;?>&act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this address?"); ?>')"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete address"); ?>" width="17" height="17" border="0" alt="delete" /></a></td> - </tr> - <?php $i++; endforeach; endif; ?> - <tr> - <td class="list" colspan="2"> </td> - <td class="list"> - <table border="0" cellspacing="0" cellpadding="1" summary="add"> - <tr> - <td width="17" height="17"></td> - <td><a href="services_captiveportal_ip_edit.php?zone=<?=$cpzone;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add address"); ?>" width="17" height="17" border="0" alt="add" /></a></td> - </tr> - </table> - </td> - </tr> - <tr> - <td colspan="2" class="list"><p class="vexpl"><span class="red"><strong> - <?=gettext("Note:"); ?><br /> - </strong></span> - <?=gettext("Adding allowed IP addresses will allow IP access to/from these addresses through the captive portal without being taken to the portal page. This can be used for a web server serving images for the portal page or a DNS server on another network, for example."); ?></p> - </td> - <td class="list"> </td> - </tr> - </table> - </td> - </tr> - </table> + </td> + </tr> + <tr> + <td class="tabcont"> + <table width="100%" border="0" cellpadding="0" cellspacing="0" summary="main"> + <tr> + <td width="40%" class="listhdrr"><?=gettext("IP address"); ?></td> + <td width="50%" class="listhdr"><?=gettext("Description"); ?></td> + <td width="10%" class="list"> + <table border="0" cellspacing="0" cellpadding="1" summary="add"> + <tr> + <td width="17" height="17"></td> + <td> + <a href="services_captiveportal_ip_edit.php?zone=<?=$cpzone;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add address"); ?>" width="17" height="17" border="0" alt="add" /></a> + </td> + </tr> + </table> + </td> + </tr> +<?php + if (is_array($a_cp[$cpzone]['allowedip'])): + $i = 0; + foreach ($a_cp[$cpzone]['allowedip'] as $ip): +?> + <tr ondblclick="document.location='services_captiveportal_ip_edit.php?zone=<?=$cpzone;?>&id=<?=$i;?>'"> + <td class="listlr"> +<?php + if ($ip['dir'] == "to") { + echo "any <img src=\"/themes/{$g['theme']}/images/icons/icon_in.gif\" width=\"11\" height=\"11\" align=\"middle\" alt=\"in\" /> "; + } + if ($ip['dir'] == "both") { + echo "<img src=\"/themes/{$g['theme']}/images/icons/icon_pass.gif\" width=\"11\" height=\"11\" align=\"middle\" alt=\"pass\" /> "; + } + echo strtolower($ip['ip']); + if ($ip['sn'] != "32" && is_numeric($ip['sn'])) { + $sn = $ip['sn']; + echo "/$sn"; + } + if ($ip['dir'] == "from") { + echo "<img src=\"/themes/{$g['theme']}/images/icons/icon_in.gif\" width=\"11\" height=\"11\" align=\"middle\" alt=\"any\" /> any"; + } +?> + </td> + <td class="listbg"> + <?=htmlspecialchars($ip['descr']);?> + </td> + <td valign="middle" class="list nowrap"> + <a href="services_captiveportal_ip_edit.php?zone=<?=$cpzone;?>&id=<?=$i;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit address"); ?>" width="17" height="17" border="0" alt="edit" /></a> + + <a href="services_captiveportal_ip.php?zone=<?=$cpzone;?>&act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this address?"); ?>')"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete address"); ?>" width="17" height="17" border="0" alt="delete" /></a> + </td> + </tr> +<?php + $i++; + endforeach; + endif; +?> + <tr> + <td class="list" colspan="2"> </td> + <td class="list"> + <table border="0" cellspacing="0" cellpadding="1" summary="add"> + <tr> + <td width="17" height="17"></td> + <td> + <a href="services_captiveportal_ip_edit.php?zone=<?=$cpzone;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add address"); ?>" width="17" height="17" border="0" alt="add" /></a> + </td> + </tr> + </table> + </td> + </tr> + <tr> + <td colspan="2" class="list"> + <p class="vexpl"> + <span class="red"> + <strong> + <?=gettext("Note:"); ?><br /> + </strong> + </span> + <?=gettext("Adding allowed IP addresses will allow IP access to/from these addresses through the captive portal without being taken to the portal page. This can be used for a web server serving images for the portal page or a DNS server on another network, for example."); ?> + </p> + </td> + <td class="list"> </td> + </tr> + </table> + </td> + </tr> + </table> </form> <?php include("fend.inc"); ?> </body> diff --git a/usr/local/www/services_captiveportal_ip_edit.php b/usr/local/www/services_captiveportal_ip_edit.php index 4ad066a..c5e5544 100644 --- a/usr/local/www/services_captiveportal_ip_edit.php +++ b/usr/local/www/services_captiveportal_ip_edit.php @@ -1,24 +1,24 @@ -<?php +<?php /* services_captiveportal_ip_edit.php Copyright (C) 2013-2015 Electric Sheep Fencing, LP Copyright (C) 2011 Scott Ullrich <sullrich@gmail.com> All rights reserved. - Originally part of m0n0wall (http://m0n0.ch/wall) + Originally part of m0n0wall (http://m0n0.ch/wall) Copyright (C) 2004 Dinesh Nair <dinesh@alphaque.com> All rights reserved. - + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - + 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE @@ -49,7 +49,7 @@ function allowedipscmp($a, $b) { function allowedips_sort() { global $g, $config, $cpzone; - usort($config['captiveportal'][$cpzone]['allowedip'],"allowedipscmp"); + usort($config['captiveportal'][$cpzone]['allowedip'], "allowedipscmp"); } require("guiconfig.inc"); @@ -58,29 +58,34 @@ require_once("filter.inc"); require("shaper.inc"); require("captiveportal.inc"); -$pgtitle = array(gettext("Services"),gettext("Captive portal"),gettext("Edit allowed IP address")); +$pgtitle = array(gettext("Services"), gettext("Captive portal"), gettext("Edit allowed IP address")); $shortcut_section = "captiveportal"; $cpzone = $_GET['zone']; -if (isset($_POST['zone'])) - $cpzone = $_POST['zone']; - +if (isset($_POST['zone'])) { + $cpzone = $_POST['zone']; +} + if (empty($cpzone) || empty($config['captiveportal'][$cpzone])) { - header("Location: services_captiveportal_zones.php"); - exit; + header("Location: services_captiveportal_zones.php"); + exit; } -if (!is_array($config['captiveportal'])) - $config['captiveportal'] = array(); +if (!is_array($config['captiveportal'])) { + $config['captiveportal'] = array(); +} $a_cp =& $config['captiveportal']; -if (is_numericint($_GET['id'])) +if (is_numericint($_GET['id'])) { $id = $_GET['id']; -if (isset($_POST['id']) && is_numericint($_POST['id'])) +} +if (isset($_POST['id']) && is_numericint($_POST['id'])) { $id = $_POST['id']; +} -if (!is_array($config['captiveportal'][$cpzone]['allowedip'])) +if (!is_array($config['captiveportal'][$cpzone]['allowedip'])) { $config['captiveportal'][$cpzone]['allowedip'] = array(); +} $a_allowedips =& $config['captiveportal'][$cpzone]['allowedip']; if (isset($id) && $a_allowedips[$id]) { @@ -99,29 +104,34 @@ if ($_POST) { /* input validation */ $reqdfields = explode(" ", "ip sn"); $reqdfieldsn = array(gettext("Allowed IP address"), gettext("Subnet mask")); - + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); - - if ($_POST['ip'] && !is_ipaddr($_POST['ip'])) + + if ($_POST['ip'] && !is_ipaddr($_POST['ip'])) { $input_errors[] = sprintf(gettext("A valid IP address must be specified. [%s]"), $_POST['ip']); - - if ($_POST['sn'] && (!is_numeric($_POST['sn']) || ($_POST['sn'] < 1) || ($_POST['sn'] > 32))) + } + + if ($_POST['sn'] && (!is_numeric($_POST['sn']) || ($_POST['sn'] < 1) || ($_POST['sn'] > 32))) { $input_errors[] = gettext("A valid subnet mask must be specified"); - - if ($_POST['bw_up'] && !is_numeric($_POST['bw_up'])) + } + + if ($_POST['bw_up'] && !is_numeric($_POST['bw_up'])) { $input_errors[] = gettext("Upload speed needs to be an integer"); + } - if ($_POST['bw_down'] && !is_numeric($_POST['bw_down'])) + if ($_POST['bw_down'] && !is_numeric($_POST['bw_down'])) { $input_errors[] = gettext("Download speed needs to be an integer"); + } foreach ($a_allowedips as $ipent) { - if (isset($id) && ($a_allowedips[$id]) && ($a_allowedips[$id] === $ipent)) + if (isset($id) && ($a_allowedips[$id]) && ($a_allowedips[$id] === $ipent)) { continue; - - if ($ipent['ip'] == $_POST['ip']){ + } + + if ($ipent['ip'] == $_POST['ip']) { $input_errors[] = sprintf("[%s] %s.", $_POST['ip'], gettext("already allowed")) ; break ; - } + } } if (!$input_errors) { @@ -129,16 +139,19 @@ if ($_POST) { $ip['ip'] = $_POST['ip']; $ip['sn'] = $_POST['sn']; $ip['descr'] = $_POST['descr']; - if ($_POST['bw_up']) + if ($_POST['bw_up']) { $ip['bw_up'] = $_POST['bw_up']; - if ($_POST['bw_down']) + } + if ($_POST['bw_down']) { $ip['bw_down'] = $_POST['bw_down']; + } if (isset($id) && $a_allowedips[$id]) { $oldip = $a_allowedips[$id]['ip']; - if (!empty($a_allowedips[$id]['sn'])) + if (!empty($a_allowedips[$id]['sn'])) { $oldmask = $a_allowedips[$id]['sn']; - else + } else { $oldmask = 32; + } $a_allowedips[$id] = $ip; } else { $a_allowedips[] = $ip; @@ -169,7 +182,7 @@ if ($_POST) { mwexec("/sbin/ipfw -x {$cpzoneid} -q {$g['tmp_path']}/{$uniqid}_tmp"); @unlink("{$g['tmp_path']}/{$uniqid}_tmp"); } - + header("Location: services_captiveportal_ip.php?zone={$cpzone}"); exit; } @@ -181,48 +194,51 @@ include("head.inc"); <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> <?php if ($input_errors) print_input_errors($input_errors); ?> - <form action="services_captiveportal_ip_edit.php" method="post" name="iform" id="iform"> - <table width="100%" border="0" cellpadding="6" cellspacing="0" summary="captiveportal allow ip edit"> +<form action="services_captiveportal_ip_edit.php" method="post" name="iform" id="iform"> + <table width="100%" border="0" cellpadding="6" cellspacing="0" summary="captiveportal allow ip edit"> <tr> - <td colspan="2" valign="top" class="listtopic"><?=gettext("Edit allowed ip rule");?></td> - </tr> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Edit allowed ip rule");?></td> + </tr> <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("IP address"); ?></td> - <td width="78%" class="vtable"> + <td width="78%" class="vtable"> <?=$mandfldhtml;?><input name="ip" type="text" class="formfld unknown" id="ip" size="17" value="<?=htmlspecialchars($pconfig['ip']);?>" /> /<select name='sn' class="formselect" id='sn'> <?php for ($i = 32; $i >= 1; $i--): ?> <option value="<?=$i;?>" <?php if ($i == $pconfig['sn']) echo "selected=\"selected\""; ?>><?=$i;?></option> <?php endfor; ?> </select> - <br /> + <br /> <span class="vexpl"><?=gettext("IP address and subnet mask. Use /32 for a single IP");?>.</span> </td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td> - <td width="78%" class="vtable"> + <td width="78%" class="vtable"> <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>" /> - <br /> <span class="vexpl"><?=gettext("You may enter a description here for your reference (not parsed)"); ?>.</span> + <br /> + <span class="vexpl"><?=gettext("You may enter a description here for your reference (not parsed)"); ?>.</span> </td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Bandwidth up"); ?></td> <td width="78%" class="vtable"> - <input name="bw_up" type="text" class="formfld unknown" id="bw_up" size="10" value="<?=htmlspecialchars($pconfig['bw_up']);?>" /> - <br /> <span class="vexpl"><?=gettext("Enter a upload limit to be enforced on this IP address in Kbit/s"); ?></span> - </td> + <input name="bw_up" type="text" class="formfld unknown" id="bw_up" size="10" value="<?=htmlspecialchars($pconfig['bw_up']);?>" /> + <br /> + <span class="vexpl"><?=gettext("Enter a upload limit to be enforced on this IP address in Kbit/s"); ?></span> + </td> </tr> <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Bandwidth down"); ?></td> - <td width="78%" class="vtable"> - <input name="bw_down" type="text" class="formfld unknown" id="bw_down" size="10" value="<?=htmlspecialchars($pconfig['bw_down']);?>" /> - <br /> <span class="vexpl"><?=gettext("Enter a download limit to be enforced on this IP address in Kbit/s"); ?></span> - </td> + <td width="22%" valign="top" class="vncell"><?=gettext("Bandwidth down"); ?></td> + <td width="78%" class="vtable"> + <input name="bw_down" type="text" class="formfld unknown" id="bw_down" size="10" value="<?=htmlspecialchars($pconfig['bw_down']);?>" /> + <br /> + <span class="vexpl"><?=gettext("Enter a download limit to be enforced on this IP address in Kbit/s"); ?></span> + </td> </tr> <tr> <td width="22%" valign="top"> </td> - <td width="78%"> + <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" /> <input name="zone" type="hidden" value="<?=htmlspecialchars($cpzone);?>" /> <?php if (isset($id) && $a_allowedips[$id]): ?> @@ -230,7 +246,7 @@ include("head.inc"); <?php endif; ?> </td> </tr> - </table> + </table> </form> <?php include("fend.inc"); ?> </body> diff --git a/usr/local/www/services_captiveportal_mac.php b/usr/local/www/services_captiveportal_mac.php index b81a4c2..d6fe66a 100644 --- a/usr/local/www/services_captiveportal_mac.php +++ b/usr/local/www/services_captiveportal_mac.php @@ -49,19 +49,21 @@ global $cpzone; global $cpzoneid; $cpzone = $_GET['zone']; -if (isset($_POST['zone'])) +if (isset($_POST['zone'])) { $cpzone = $_POST['zone']; +} if (empty($cpzone) || empty($config['captiveportal'][$cpzone])) { header("Location: services_captiveportal_zones.php"); exit; } -if (!is_array($config['captiveportal'])) +if (!is_array($config['captiveportal'])) { $config['captiveportal'] = array(); +} $a_cp =& $config['captiveportal']; -$pgtitle = array(gettext("Services"),gettext("Captive portal"), $a_cp[$cpzone]['zone']); +$pgtitle = array(gettext("Services"), gettext("Captive portal"), $a_cp[$cpzone]['zone']); $shortcut_section = "captiveportal"; if ($_POST) { @@ -80,8 +82,9 @@ if ($_POST) { @unlink("{$g['tmp_path']}/passthrumac_gui"); } $savemsg = get_std_save_message($retval); - if ($retval == 0) + if ($retval == 0) { clear_subsystem_dirty('passthrumac'); + } } } @@ -94,16 +97,18 @@ if ($_POST) { echo gettext("Please set the zone on which the operation should be allowed"); exit; } - if (!is_array($a_cp[$cpzone]['passthrumac'])) + if (!is_array($a_cp[$cpzone]['passthrumac'])) { $a_cp[$cpzone]['passthrumac'] = array(); + } $a_passthrumacs =& $a_cp[$cpzone]['passthrumac']; if ($_POST['username']) { $mac = captiveportal_passthrumac_findbyname($_POST['username']); - if (!empty($mac)) + if (!empty($mac)) { $_POST['delmac'] = $mac['mac']; - else + } else { echo gettext("No entry exists for this username:") . " " . $_POST['username'] . "\n"; + } } if ($_POST['delmac']) { $found = false; @@ -123,8 +128,9 @@ if ($_POST) { unset($a_passthrumacs[$idx]); write_config(); echo gettext("The entry was successfully deleted") . "\n"; - } else + } else { echo gettext("No entry exists for this mac address:") . " " . $_POST['delmac'] . "\n"; + } } exit; } @@ -158,7 +164,8 @@ include("head.inc"); <?php print_info_box_np(gettext("The captive portal MAC address configuration has been changed.<br />You must apply the changes in order for them to take effect."));?><br /> <?php endif; ?> <table width="100%" border="0" cellpadding="0" cellspacing="0" summary="captiveportal mac"> - <tr><td class="tabnavtbl"> + <tr> + <td class="tabnavtbl"> <?php $tab_array = array(); $tab_array[] = array(gettext("Captive portal(s)"), false, "services_captiveportal.php?zone={$cpzone}"); @@ -169,7 +176,8 @@ include("head.inc"); $tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php?zone={$cpzone}"); display_top_tabs($tab_array, true); ?> - </td></tr> + </td> + </tr> <tr> <td class="tabcont"> <table width="100%" border="0" cellpadding="0" cellspacing="0" summary="main"> diff --git a/usr/local/www/services_captiveportal_mac_edit.php b/usr/local/www/services_captiveportal_mac_edit.php index 50a28db..191c9bb 100644 --- a/usr/local/www/services_captiveportal_mac_edit.php +++ b/usr/local/www/services_captiveportal_mac_edit.php @@ -46,7 +46,7 @@ function passthrumacscmp($a, $b) { function passthrumacs_sort() { global $config, $cpzone; - usort($config['captiveportal'][$cpzone]['passthrumac'],"passthrumacscmp"); + usort($config['captiveportal'][$cpzone]['passthrumac'], "passthrumacscmp"); } require("guiconfig.inc"); @@ -58,29 +58,34 @@ require("captiveportal.inc"); global $cpzone; global $cpzoneid; -$pgtitle = array(gettext("Services"),gettext("Captive portal"),gettext("Edit MAC address rules")); +$pgtitle = array(gettext("Services"), gettext("Captive portal"), gettext("Edit MAC address rules")); $shortcut_section = "captiveportal"; $cpzone = $_GET['zone']; -if (isset($_POST['zone'])) +if (isset($_POST['zone'])) { $cpzone = $_POST['zone']; +} if (empty($cpzone) || empty($config['captiveportal'][$cpzone])) { header("Location: services_captiveportal_zones.php"); exit; } -if (!is_array($config['captiveportal'])) +if (!is_array($config['captiveportal'])) { $config['captiveportal'] = array(); +} $a_cp =& $config['captiveportal']; -if (is_numericint($_GET['id'])) +if (is_numericint($_GET['id'])) { $id = $_GET['id']; -if (isset($_POST['id']) && is_numericint($_POST['id'])) +} +if (isset($_POST['id']) && is_numericint($_POST['id'])) { $id = $_POST['id']; +} -if (!is_array($a_cp[$cpzone]['passthrumac'])) +if (!is_array($a_cp[$cpzone]['passthrumac'])) { $a_cp[$cpzone]['passthrumac'] = array(); +} $a_passthrumacs = &$a_cp[$cpzone]['passthrumac']; if (isset($id) && $a_passthrumacs[$id]) { @@ -118,16 +123,19 @@ if ($_POST) { $input_errors[] = sprintf("%s. [%s]", gettext("A valid MAC address must be specified"), $_POST['mac']); } } - if ($_POST['bw_up'] && !is_numeric($_POST['bw_up'])) + if ($_POST['bw_up'] && !is_numeric($_POST['bw_up'])) { $input_errors[] = gettext("Upload speed needs to be an integer"); - if ($_POST['bw_down'] && !is_numeric($_POST['bw_down'])) + } + if ($_POST['bw_down'] && !is_numeric($_POST['bw_down'])) { $input_errors[] = gettext("Download speed needs to be an integer"); + } foreach ($a_passthrumacs as $macent) { - if (isset($id) && ($a_passthrumacs[$id]) && ($a_passthrumacs[$id] === $macent)) + if (isset($id) && ($a_passthrumacs[$id]) && ($a_passthrumacs[$id] === $macent)) { continue; + } - if ($macent['mac'] == $_POST['mac']){ + if ($macent['mac'] == $_POST['mac']) { $input_errors[] = sprintf("[%s] %s.", $_POST['mac'], gettext("already exists")); break; } @@ -137,12 +145,15 @@ if ($_POST) { $mac = array(); $mac['action'] = $_POST['action']; $mac['mac'] = $_POST['mac']; - if ($_POST['bw_up']) + if ($_POST['bw_up']) { $mac['bw_up'] = $_POST['bw_up']; - if ($_POST['bw_down']) + } + if ($_POST['bw_down']) { $mac['bw_down'] = $_POST['bw_down']; - if ($_POST['username']) + } + if ($_POST['username']) { $mac['username'] = $_POST['username']; + } $mac['descr'] = $_POST['descr']; @@ -208,11 +219,12 @@ include("head.inc"); <?php $ip = getenv('REMOTE_ADDR'); $mac = `/usr/sbin/arp -an | grep {$ip} | cut -d" " -f4`; - $mac = str_replace("\n","",$mac); + $mac = str_replace("\n", "", $mac); ?> <a onclick="document.forms[0].mac.value='<?=$mac?>';" href="#"><?=gettext("Copy my MAC address");?></a> <br /> - <span class="vexpl"><?=gettext("MAC address (6 hex octets separated by colons)"); ?></span></td> + <span class="vexpl"><?=gettext("MAC address (6 hex octets separated by colons)"); ?></span> + </td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td> diff --git a/usr/local/www/services_captiveportal_vouchers.php b/usr/local/www/services_captiveportal_vouchers.php index 2f02802..82477b5 100644 --- a/usr/local/www/services_captiveportal_vouchers.php +++ b/usr/local/www/services_captiveportal_vouchers.php @@ -1,21 +1,21 @@ -<?php +<?php /* services_captiveportal_vouchers.php Copyright (C) 2013-2015 Electric Sheep Fencing, LP Copyright (C) 2007 Marcel Wiget <mwiget@mac.com> - All rights reserved. - + All rights reserved. + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - + 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE @@ -39,8 +39,9 @@ ##|*MATCH=services_captiveportal_vouchers.php* ##|-PRIV -if ($_POST['postafterlogin']) +if ($_POST['postafterlogin']) { $nocsrf= true; +} require("guiconfig.inc"); require("functions.inc"); @@ -52,15 +53,16 @@ require_once("voucher.inc"); $referer = (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '/services_captiveportal_vouchers.php'); $cpzone = $_GET['zone']; -if (isset($_POST['zone'])) - $cpzone = $_POST['zone']; +if (isset($_POST['zone'])) { + $cpzone = $_POST['zone']; +} if (empty($cpzone)) { - header("Location: services_captiveportal_zones.php"); - exit; + header("Location: services_captiveportal_zones.php"); + exit; } -if($_REQUEST['generatekey']) { +if ($_REQUEST['generatekey']) { exec("/usr/bin/openssl genrsa 64 > /tmp/key64.private"); exec("/usr/bin/openssl rsa -pubout < /tmp/key64.private > /tmp/key64.public"); $privatekey = str_replace("\n", "\\n", file_get_contents("/tmp/key64.private")); @@ -77,12 +79,14 @@ EOF; exit; } -if (!is_array($config['captiveportal'])) - $config['captiveportal'] = array(); +if (!is_array($config['captiveportal'])) { + $config['captiveportal'] = array(); +} $a_cp =& $config['captiveportal']; -if (!is_array($config['voucher'])) +if (!is_array($config['voucher'])) { $config['voucher'] = array(); +} if (empty($a_cp[$cpzone])) { log_error("Submission on captiveportal page with unknown zone parameter: " . htmlspecialchars($cpzone)); @@ -94,25 +98,33 @@ if (empty($a_cp[$cpzone])) { $pgtitle = array(gettext("Services"), gettext("Captive portal"), gettext("Vouchers"), $a_cp[$cpzone]['zone']); $shortcut_section = "captiveportal-vouchers"; -if (!is_array($config['voucher'][$cpzone]['roll'])) +if (!is_array($config['voucher'][$cpzone]['roll'])) { $config['voucher'][$cpzone]['roll'] = array(); -if (!isset($config['voucher'][$cpzone]['charset'])) +} +if (!isset($config['voucher'][$cpzone]['charset'])) { $config['voucher'][$cpzone]['charset'] = '2345678abcdefhijkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ'; -if (!isset($config['voucher'][$cpzone]['rollbits'])) +} +if (!isset($config['voucher'][$cpzone]['rollbits'])) { $config['voucher'][$cpzone]['rollbits'] = 16; -if (!isset($config['voucher'][$cpzone]['ticketbits'])) +} +if (!isset($config['voucher'][$cpzone]['ticketbits'])) { $config['voucher'][$cpzone]['ticketbits'] = 10; -if (!isset($config['voucher'][$cpzone]['checksumbits'])) +} +if (!isset($config['voucher'][$cpzone]['checksumbits'])) { $config['voucher'][$cpzone]['checksumbits'] = 5; -if (!isset($config['voucher'][$cpzone]['magic'])) +} +if (!isset($config['voucher'][$cpzone]['magic'])) { $config['voucher'][$cpzone]['magic'] = rand(); // anything slightly random will do +} if (!isset($config['voucher'][$cpzone]['exponent'])) { while (true) { - while (($exponent = rand()) % 30000 < 5000) + while (($exponent = rand()) % 30000 < 5000) { continue; + } $exponent = ($exponent * 2) + 1; // Make it odd number - if ($exponent <= 65537) + if ($exponent <= 65537) { break; + } } $config['voucher'][$cpzone]['exponent'] = $exponent; unset($exponent); @@ -131,31 +143,32 @@ if (!isset($config['voucher'][$cpzone]['publickey'])) { } // Check for invalid or expired vouchers -if (!isset($config['voucher'][$cpzone]['descrmsgnoaccess'])) +if (!isset($config['voucher'][$cpzone]['descrmsgnoaccess'])) { $config['voucher'][$cpzone]['descrmsgnoaccess'] = gettext("Voucher invalid"); -if (!isset($config['voucher'][$cpzone]['descrmsgexpired'])) +} +if (!isset($config['voucher'][$cpzone]['descrmsgexpired'])) { $config['voucher'][$cpzone]['descrmsgexpired'] = gettext("Voucher expired"); +} $a_roll = &$config['voucher'][$cpzone]['roll']; if ($_GET['act'] == "del") { - $id = $_GET['id']; - if ($a_roll[$id]) { - $roll = $a_roll[$id]['number']; + $id = $_GET['id']; + if ($a_roll[$id]) { + $roll = $a_roll[$id]['number']; $voucherlck = lock("voucher{$cpzone}"); unset($a_roll[$id]); voucher_unlink_db($roll); unlock($voucherlck); write_config(); - } + } header("Location: services_captiveportal_vouchers.php?zone={$cpzone}"); exit; -} -/* print all vouchers of the selected roll */ -else if ($_GET['act'] == "csv") { +} else if ($_GET['act'] == "csv") { + /* print all vouchers of the selected roll */ $privkey = base64_decode($config['voucher'][$cpzone]['privatekey']); - if (strstr($privkey,"BEGIN RSA PRIVATE KEY")) { - $fd = fopen("{$g['varetc_path']}/voucher_{$cpzone}.private","w"); + if (strstr($privkey, "BEGIN RSA PRIVATE KEY")) { + $fd = fopen("{$g['varetc_path']}/voucher_{$cpzone}.private", "w"); if (!$fd) { $input_errors[] = gettext("Cannot write private key file") . ".\n"; } else { @@ -169,11 +182,13 @@ else if ($_GET['act'] == "csv") { $count = $a_voucher[$id]['count']; header("Content-Type: application/octet-stream"); header("Content-Disposition: attachment; filename=vouchers_{$cpzone}_roll{$number}.csv"); - if (file_exists("{$g['varetc_path']}/voucher_{$cpzone}.cfg")) + if (file_exists("{$g['varetc_path']}/voucher_{$cpzone}.cfg")) { system("/usr/local/bin/voucher -c {$g['varetc_path']}/voucher_{$cpzone}.cfg -p {$g['varetc_path']}/voucher_{$cpzone}.private $number $count"); + } @unlink("{$g['varetc_path']}/voucher_{$cpzone}.private"); - } else + } else { header("Location: services_captiveportal_vouchers.php?zone={$cpzone}"); + } exit; } } else { @@ -210,48 +225,59 @@ if ($_POST) { /* input validation */ if ($_POST['enable'] == "yes") { - if (!$_POST['vouchersyncusername']) { + if (!$_POST['vouchersyncusername']) { $reqdfields = explode(" ", "charset rollbits ticketbits checksumbits publickey magic"); - $reqdfieldsn = array(gettext("charset"),gettext("rollbits"),gettext("ticketbits"),gettext("checksumbits"),gettext("publickey"),gettext("magic")); + $reqdfieldsn = array(gettext("charset"), gettext("rollbits"), gettext("ticketbits"), gettext("checksumbits"), gettext("publickey"), gettext("magic")); } else { $reqdfields = explode(" ", "vouchersyncdbip vouchersyncport vouchersyncpass vouchersyncusername"); - $reqdfieldsn = array(gettext("Synchronize Voucher Database IP"),gettext("Sync port"),gettext("Sync password"),gettext("Sync username")); + $reqdfieldsn = array(gettext("Synchronize Voucher Database IP"), gettext("Sync port"), gettext("Sync password"), gettext("Sync username")); } - + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); } - - if (!$_POST['vouchersyncusername']) { + + if (!$_POST['vouchersyncusername']) { // Check for form errors - if ($_POST['charset'] && (strlen($_POST['charset'] < 2))) + if ($_POST['charset'] && (strlen($_POST['charset'] < 2))) { $input_errors[] = gettext("Need at least 2 characters to create vouchers."); - if ($_POST['charset'] && (strpos($_POST['charset'],"\"")>0)) + } + if ($_POST['charset'] && (strpos($_POST['charset'], "\"")>0)) { $input_errors[] = gettext("Double quotes aren't allowed."); - if ($_POST['charset'] && (strpos($_POST['charset'],",")>0)) + } + if ($_POST['charset'] && (strpos($_POST['charset'], ",")>0)) { $input_errors[] = "',' " . gettext("aren't allowed."); - if ($_POST['rollbits'] && (!is_numeric($_POST['rollbits']) || ($_POST['rollbits'] < 1) || ($_POST['rollbits'] > 31))) + } + if ($_POST['rollbits'] && (!is_numeric($_POST['rollbits']) || ($_POST['rollbits'] < 1) || ($_POST['rollbits'] > 31))) { $input_errors[] = gettext("# of Bits to store Roll Id needs to be between 1..31."); - if ($_POST['ticketbits'] && (!is_numeric($_POST['ticketbits']) || ($_POST['ticketbits'] < 1) || ($_POST['ticketbits'] > 16))) + } + if ($_POST['ticketbits'] && (!is_numeric($_POST['ticketbits']) || ($_POST['ticketbits'] < 1) || ($_POST['ticketbits'] > 16))) { $input_errors[] = gettext("# of Bits to store Ticket Id needs to be between 1..16."); - if ($_POST['checksumbits'] && (!is_numeric($_POST['checksumbits']) || ($_POST['checksumbits'] < 1) || ($_POST['checksumbits'] > 31))) + } + if ($_POST['checksumbits'] && (!is_numeric($_POST['checksumbits']) || ($_POST['checksumbits'] < 1) || ($_POST['checksumbits'] > 31))) { $input_errors[] = gettext("# of Bits to store checksum needs to be between 1..31."); - if ($_POST['publickey'] && (!strstr($_POST['publickey'],"BEGIN PUBLIC KEY"))) + } + if ($_POST['publickey'] && (!strstr($_POST['publickey'], "BEGIN PUBLIC KEY"))) { $input_errors[] = gettext("This doesn't look like an RSA Public key."); - if ($_POST['privatekey'] && (!strstr($_POST['privatekey'],"BEGIN RSA PRIVATE KEY"))) + } + if ($_POST['privatekey'] && (!strstr($_POST['privatekey'], "BEGIN RSA PRIVATE KEY"))) { $input_errors[] = gettext("This doesn't look like an RSA Private key."); - if ($_POST['vouchersyncdbip'] && (is_ipaddr_configured($_POST['vouchersyncdbip']))) + } + if ($_POST['vouchersyncdbip'] && (is_ipaddr_configured($_POST['vouchersyncdbip']))) { $input_errors[] = gettext("You cannot sync the voucher database to this host (itself)."); + } } if (!$input_errors) { - if (empty($config['voucher'][$cpzone])) - $newvoucher = array(); - else - $newvoucher = $config['voucher'][$cpzone]; - if ($_POST['enable'] == "yes") + if (empty($config['voucher'][$cpzone])) { + $newvoucher = array(); + } else { + $newvoucher = $config['voucher'][$cpzone]; + } + if ($_POST['enable'] == "yes") { $newvoucher['enable'] = true; - else + } else { unset($newvoucher['enable']); + } if (empty($_POST['vouchersyncusername'])) { unset($newvoucher['vouchersyncdbip']); unset($newvoucher['vouchersyncport']); @@ -275,19 +301,21 @@ if ($_POST) { $newvoucher['vouchersyncport'] = $_POST['vouchersyncport']; $newvoucher['vouchersyncusername'] = $_POST['vouchersyncusername']; $newvoucher['vouchersyncpass'] = $_POST['vouchersyncpass']; - if($newvoucher['vouchersyncpass'] && $newvoucher['vouchersyncusername'] && - $newvoucher['vouchersyncport'] && $newvoucher['vouchersyncdbip']) { + if ($newvoucher['vouchersyncpass'] && $newvoucher['vouchersyncusername'] && + $newvoucher['vouchersyncport'] && $newvoucher['vouchersyncdbip']) { // Synchronize the voucher DB from the master node require_once("xmlrpc.inc"); $protocol = "http"; if (is_array($config['system']) && is_array($config['system']['webgui']) && !empty($config['system']['webgui']['protocol']) && - $config['system']['webgui']['protocol'] == "https") + $config['system']['webgui']['protocol'] == "https") { $protocol = "https"; - if ($protocol == "https" || $newvoucher['vouchersyncport'] == "443") + } + if ($protocol == "https" || $newvoucher['vouchersyncport'] == "443") { $url = "https://{$newvoucher['vouchersyncdbip']}"; - else + } else { $url = "http://{$newvoucher['vouchersyncdbip']}"; + } $execcmd = <<<EOF \$toreturn = array(); @@ -307,12 +335,12 @@ EOF; $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); $cli->setCredentials($newvoucher['vouchersyncusername'], $newvoucher['vouchersyncpass']); $resp = $cli->send($msg, "250"); - if(!is_object($resp)) { + if (!is_object($resp)) { $error = "A communications error occurred while attempting CaptivePortalVoucherSync XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; log_error($error); file_notice("CaptivePortalVoucherSync", $error, "Communications error occurred", ""); $input_errors[] = $error; - } elseif($resp->faultCode()) { + } elseif ($resp->faultCode()) { $cli->setDebug(1); $resp = $cli->send($msg, "250"); $error = "An error code was received while attempting CaptivePortalVoucherSync XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); @@ -324,31 +352,42 @@ EOF; } if (!$input_errors) { $toreturn = XML_RPC_Decode($resp->value()); - if(!is_array($toreturn)) { - if($toreturn == "Authentication failed") + if (!is_array($toreturn)) { + if ($toreturn == "Authentication failed") { $input_errors[] = "Could not synchronize the voucher database: Authentication Failed."; - } else { + } + } else { // If we received back the voucher roll and other information then store it. - if($toreturn['voucher']['roll']) + if ($toreturn['voucher']['roll']) { $newvoucher['roll'] = $toreturn['voucher']['roll']; - if($toreturn['voucher']['rollbits']) + } + if ($toreturn['voucher']['rollbits']) { $newvoucher['rollbits'] = $toreturn['voucher']['rollbits']; - if($toreturn['voucher']['ticketbits']) + } + if ($toreturn['voucher']['ticketbits']) { $newvoucher['ticketbits'] = $toreturn['voucher']['ticketbits']; - if($toreturn['voucher']['checksumbits']) + } + if ($toreturn['voucher']['checksumbits']) { $newvoucher['checksumbits'] = $toreturn['voucher']['checksumbits']; - if($toreturn['voucher']['magic']) + } + if ($toreturn['voucher']['magic']) { $newvoucher['magic'] = $toreturn['voucher']['magic']; - if($toreturn['voucher']['exponent']) + } + if ($toreturn['voucher']['exponent']) { $newvoucher['exponent'] = $toreturn['voucher']['exponent']; - if($toreturn['voucher']['publickey']) + } + if ($toreturn['voucher']['publickey']) { $newvoucher['publickey'] = $toreturn['voucher']['publickey']; - if($toreturn['voucher']['privatekey']) + } + if ($toreturn['voucher']['privatekey']) { $newvoucher['privatekey'] = $toreturn['voucher']['privatekey']; - if($toreturn['voucher']['descrmsgnoaccess']) + } + if ($toreturn['voucher']['descrmsgnoaccess']) { $newvoucher['descrmsgnoaccess'] = $toreturn['voucher']['descrmsgnoaccess']; - if($toreturn['voucher']['descrmsgexpired']) + } + if ($toreturn['voucher']['descrmsgexpired']) { $newvoucher['descrmsgexpired'] = $toreturn['voucher']['descrmsgexpired']; + } $savemsg = gettext("Voucher database has been synchronized from {$url}:{$port}"); $config['voucher'][$cpzone] = $newvoucher; @@ -374,10 +413,10 @@ function generatenewkey() { jQuery('#privatekey').val('One moment please...'); jQuery.ajax("services_captiveportal_vouchers.php?zone=<?php echo($cpzone); ?>&generatekey=true", { type: 'get', - success: function(data) { + success: function(data) { eval(data); } - }); + }); } function before_save() { document.iform.charset.disabled = false; @@ -389,13 +428,14 @@ function before_save() { document.iform.privatekey.disabled = false; document.iform.msgnoaccess.disabled = false; document.iform.msgexpired.disabled = false; - for(var x=0; x < <?php echo count($a_roll); ?>; x++) + for (var x=0; x < <?php echo count($a_roll); ?>; x++) { jQuery('#addeditdelete' + x).show(); + } jQuery('#addnewroll').show(); } function enable_change(enable_change) { var endis; - endis = !(document.iform.enable.checked || enable_change); + endis = !(document.iform.enable.checked || enable_change); document.iform.charset.disabled = endis; document.iform.rollbits.disabled = endis; document.iform.ticketbits.disabled = endis; @@ -409,7 +449,7 @@ function enable_change(enable_change) { document.iform.vouchersyncport.disabled = endis; document.iform.vouchersyncpass.disabled = endis; document.iform.vouchersyncusername.disabled = endis; - if(document.iform.vouchersyncusername.value != "") { + if (document.iform.vouchersyncusername.value != "") { document.iform.charset.disabled = true; document.iform.rollbits.disabled = true; document.iform.ticketbits.disabled = true; @@ -419,12 +459,14 @@ function enable_change(enable_change) { document.iform.privatekey.disabled = true; document.iform.msgnoaccess.disabled = true; document.iform.msgexpired.disabled = true; - for(var x=0; x < <?php echo count($a_roll); ?>; x++) + for (var x=0; x < <?php echo count($a_roll); ?>; x++) { jQuery('#addeditdelete' + x).hide(); + } jQuery('#addnewroll').hide(); } else { - for(var x=0; x < <?php echo count($a_roll); ?>; x++) + for (var x=0; x < <?php echo count($a_roll); ?>; x++) { jQuery('#addeditdelete' + x).show(); + } jQuery('#addnewroll').show(); } } @@ -439,7 +481,7 @@ function enable_change(enable_change) { <table width="100%" border="0" cellpadding="0" cellspacing="0" summary="tab pane"> <tr> <td class="tabnavtbl"> -<?php +<?php $tab_array = array(); $tab_array[] = array(gettext("Captive portal(s)"), false, "services_captiveportal.php?zone={$cpzone}"); $tab_array[] = array(gettext("MAC"), false, "services_captiveportal_mac.php?zone={$cpzone}"); @@ -448,13 +490,13 @@ function enable_change(enable_change) { $tab_array[] = array(gettext("Vouchers"), true, "services_captiveportal_vouchers.php?zone={$cpzone}"); $tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php?zone={$cpzone}"); display_top_tabs($tab_array, true); -?> +?> </td> </tr> <tr> <td class="tabcont"> <table width="100%" border="0" cellpadding="6" cellspacing="0" summary="checkbox pane"> - <tr> + <tr> <td width="22%" valign="top" class="vtable"> </td> <td width="78%" class="vtable"> <input name="enable" type="checkbox" value="yes" <?php if ($pconfig['enable']) echo "checked=\"checked\""; ?> onclick="enable_change(false)" /> @@ -464,9 +506,10 @@ function enable_change(enable_change) { <tr> <td valign="top" class="vncell"> <?=gettext("Voucher Rolls"); ?> - <?php - if($pconfig['vouchersyncdbip']) + <?php + if ($pconfig['vouchersyncdbip']) { echo "<br />(Synchronized from {$pconfig['vouchersyncdbip']})"; + } ?> </td> <td class="vtable"> @@ -478,9 +521,9 @@ function enable_change(enable_change) { <td width="35%" class="listhdr"><?=gettext("Comment"); ?></td> <td width="15%" class="list"></td> </tr> - <?php $i = 0; foreach($a_roll as $rollent): ?> - <tr> - <td class="listlr"> + <?php $i = 0; foreach ($a_roll as $rollent): ?> + <tr> + <td class="listlr"> <?=htmlspecialchars($rollent['number']); ?> </td> <td class="listr"> @@ -492,26 +535,27 @@ function enable_change(enable_change) { <td class="listr"> <?=htmlspecialchars($rollent['descr']); ?> </td> - <td valign="middle" class="list nowrap"> + <td valign="middle" class="list nowrap"> <div id='addeditdelete<?=$i?>'> - <?php if ($pconfig['enable']): ?> + <?php if ($pconfig['enable']): ?> <a href="services_captiveportal_vouchers_edit.php?zone=<?=$cpzone;?>&id=<?=$i; ?>"><img src="/themes/<?=$g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit voucher"); ?>" width="17" height="17" border="0" alt="<?=gettext("edit voucher"); ?>" /></a> <a href="services_captiveportal_vouchers.php?zone=<?=$cpzone;?>&act=del&id=<?=$i; ?>" onclick="return confirm('<?=gettext("Do you really want to delete this voucher? This makes all vouchers from this roll invalid"); ?>')"><img src="/themes/<?=$g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete vouchers"); ?>" width="17" height="17" border="0" alt="<?=gettext("delete vouchers"); ?>" /></a> <a href="services_captiveportal_vouchers.php?zone=<?=$cpzone;?>&act=csv&id=<?=$i; ?>"><img src="/themes/<?=$g['theme']; ?>/images/icons/icon_log_s.gif" title="<?=gettext("generate vouchers for this roll to CSV file"); ?>" width="11" height="15" border="0" alt="<?=gettext("generate vouchers for this roll to CSV file"); ?>" /></a> - <?php endif;?> + <?php endif;?> </div> </td> </tr> <?php $i++; endforeach; ?> - <tr> + <tr> <td class="list" colspan="4"></td> <?php - if ($pconfig['enable']) + if ($pconfig['enable']) { echo "<td class=\"list\"><div id='addnewroll'> <a href=\"services_captiveportal_vouchers_edit.php?zone={$cpzone}\"><img src=\"/themes/{$g['theme']}/images/icons/icon_plus.gif\" title=\"" . gettext("add voucher") . "\" width=\"17\" height=\"17\" border=\"0\" alt=\"" . gettext("add voucher") . "\" /></a></div></td>"; + } ?> </tr> - </table> - <?php if ($pconfig['enable']): ?> + </table> + <?php if ($pconfig['enable']): ?> <?=gettext("Create, generate and activate Rolls with Vouchers that allow access through the " . "captive portal for the configured time. Once a voucher is activated, " . "its clock is started and runs uninterrupted until it expires. During that " . @@ -520,128 +564,131 @@ function enable_change(enable_change) { <?php else: ?> <?=gettext("Enable Voucher support first using the checkbox above and hit Save at the bottom."); ?> <?php endif;?> - </td> - </tr> - <tr> - <td valign="top" class="vncellreq"> - <?=gettext("Voucher public key"); ?> - </td> - <td class="vtable"> - <textarea name="publickey" cols="65" rows="4" id="publickey" class="formpre"><?=htmlspecialchars($pconfig['publickey']);?></textarea> - <br /> - <?=gettext("Paste an RSA public key (64 Bit or smaller) in PEM format here. This key is used to decrypt vouchers."); ?> <a href='#' onclick='generatenewkey();'><?=gettext('Generate');?></a> <?=gettext('new key');?>.</td> - </tr> - <tr> - <td valign="top" class="vncell"><?=gettext("Voucher private key"); ?></td> - <td class="vtable"> - <textarea name="privatekey" cols="65" rows="5" id="privatekey" class="formpre"><?=htmlspecialchars($pconfig['privatekey']);?></textarea> - <br /> - <?=gettext("Paste an RSA private key (64 Bit or smaller) in PEM format here. This key is only used to generate encrypted vouchers and doesn't need to be available if the vouchers have been generated offline."); ?> <a href='#' onclick='generatenewkey();'> <?=gettext('Generate');?></a> <?=gettext('new key');?>.</td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Character set"); ?></td> - <td width="78%" class="vtable"> - <input name="charset" type="text" class="formfld" id="charset" size="80" value="<?=htmlspecialchars($pconfig['charset']);?>" /> - <br /> - <?=gettext("Tickets are generated with the specified character set. It should contain printable characters (numbers, lower case and upper case letters) that are hard to confuse with others. Avoid e.g. 0/O and l/1."); ?> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"># <?=gettext("of Roll Bits"); ?></td> - <td width="78%" class="vtable"> - <input name="rollbits" type="text" class="formfld" id="rollbits" size="2" value="<?=htmlspecialchars($pconfig['rollbits']);?>" /> - <br /> - <?=gettext("Reserves a range in each voucher to store the Roll # it belongs to. Allowed range: 1..31. Sum of Roll+Ticket+Checksum bits must be one Bit less than the RSA key size."); ?> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"># <?=gettext("of Ticket Bits"); ?></td> - <td width="78%" class="vtable"> - <input name="ticketbits" type="text" class="formfld" id="ticketbits" size="2" value="<?=htmlspecialchars($pconfig['ticketbits']);?>" /> - <br /> - <?=gettext("Reserves a range in each voucher to store the Ticket# it belongs to. Allowed range: 1..16. Using 16 bits allows a roll to have up to 65535 vouchers. A bit array, stored in RAM and in the config, is used to mark if a voucher has been used. A bit array for 65535 vouchers requires 8 KB of storage."); ?> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"># <?=gettext("of Checksum Bits"); ?></td> - <td width="78%" class="vtable"> - <input name="checksumbits" type="text" class="formfld" id="checksumbits" size="2" value="<?=htmlspecialchars($pconfig['checksumbits']);?>" /> - <br /> - <?=gettext("Reserves a range in each voucher to store a simple checksum over Roll # and Ticket#. Allowed range is 0..31."); ?> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Magic Number"); ?></td> - <td width="78%" class="vtable"> - <input name="magic" type="text" class="formfld" id="magic" size="20" value="<?=htmlspecialchars($pconfig['magic']);?>" /> - <br /> - <?=gettext("Magic number stored in every voucher. Verified during voucher check. Size depends on how many bits are left by Roll+Ticket+Checksum bits. If all bits are used, no magic number will be used and checked."); ?> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Invalid Voucher Message"); ?></td> - <td width="78%" class="vtable"> - <input name="msgnoaccess" type="text" class="formfld" id="msgnoaccess" size="80" value="<?=htmlspecialchars($pconfig['msgnoaccess']);?>" /> - <br /><?=gettext("Error message displayed for invalid vouchers on captive portal error page"); ?> ($PORTAL_MESSAGE$). - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Expired Voucher Message"); ?></td> - <td width="78%" class="vtable"> - <input name="msgexpired" type="text" class="formfld" id="msgexpired" size="80" value="<?=htmlspecialchars($pconfig['msgexpired']);?>" /> - <br /><?=gettext("Error message displayed for expired vouchers on captive portal error page"); ?> ($PORTAL_MESSAGE$). - </td> - </tr> - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - - </td> - </tr> - <tr> - <td colspan="2" valign="top" class="listtopic"><?=gettext("Voucher database synchronization"); ?></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Synchronize Voucher Database IP"); ?></td> - <td width="78%" class="vtable"> - <input name="vouchersyncdbip" type="text" class="formfld" id="vouchersyncdbip" size="17" value="<?=htmlspecialchars($pconfig['vouchersyncdbip']);?>" /> - <br /><?=gettext("IP address of master nodes webConfigurator to synchronize voucher database and used vouchers from."); ?> - <br /><?=gettext("NOTE: this should be setup on the slave nodes and not the primary node!"); ?> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Voucher sync port"); ?></td> - <td width="78%" class="vtable"> - <input name="vouchersyncport" type="text" class="formfld" id="vouchersyncport" size="7" value="<?=htmlspecialchars($pconfig['vouchersyncport']);?>" /> - <br /><?=gettext("This is the port of the master voucher nodes webConfigurator. Example: 443"); ?> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Voucher sync username"); ?></td> - <td width="78%" class="vtable"> - <input name="vouchersyncusername" type="text" class="formfld" id="vouchersyncusername" size="25" value="<?=htmlspecialchars($pconfig['vouchersyncusername']);?>" autocomplete="off" /> - <br /><?=gettext("This is the username of the master voucher nodes webConfigurator."); ?> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Voucher sync password"); ?></td> - <td width="78%" class="vtable"> - <input name="vouchersyncpass" type="password" class="formfld" id="vouchersyncpass" size="25" value="<?=htmlspecialchars($pconfig['vouchersyncpass']);?>" autocomplete="off" /> - <br /><?=gettext("This is the password of the master voucher nodes webConfigurator."); ?> - </td> - </tr> - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - <input type="hidden" name="zone" id="zone" value="<?=htmlspecialchars($cpzone);?>" /> - <input type="hidden" name="exponent" id="exponent" value="<?=$pconfig['exponent'];?>" /> - <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" onclick="enable_change(true); before_save();" /> - <input type="button" class="formbtn" value="<?=gettext("Cancel");?>" onclick="window.location.href='<?=$referer;?>'" /> - </td> - </tr> - <tr> - <td colspan="2" class="list"><p class="vexpl"> - <span class="red"><strong> <?=gettext("Note:"); ?><br /> </strong></span> + </td> + </tr> + <tr> + <td valign="top" class="vncellreq"> + <?=gettext("Voucher public key"); ?> + </td> + <td class="vtable"> + <textarea name="publickey" cols="65" rows="4" id="publickey" class="formpre"><?=htmlspecialchars($pconfig['publickey']);?></textarea> + <br /> + <?=gettext("Paste an RSA public key (64 Bit or smaller) in PEM format here. This key is used to decrypt vouchers."); ?> <a href='#' onclick='generatenewkey();'><?=gettext('Generate');?></a> <?=gettext('new key');?>. + </td> + </tr> + <tr> + <td valign="top" class="vncell"><?=gettext("Voucher private key"); ?></td> + <td class="vtable"> + <textarea name="privatekey" cols="65" rows="5" id="privatekey" class="formpre"><?=htmlspecialchars($pconfig['privatekey']);?></textarea> + <br /> + <?=gettext("Paste an RSA private key (64 Bit or smaller) in PEM format here. This key is only used to generate encrypted vouchers and doesn't need to be available if the vouchers have been generated offline."); ?> <a href='#' onclick='generatenewkey();'> <?=gettext('Generate');?></a> <?=gettext('new key');?>. + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Character set"); ?></td> + <td width="78%" class="vtable"> + <input name="charset" type="text" class="formfld" id="charset" size="80" value="<?=htmlspecialchars($pconfig['charset']);?>" /> + <br /> + <?=gettext("Tickets are generated with the specified character set. It should contain printable characters (numbers, lower case and upper case letters) that are hard to confuse with others. Avoid e.g. 0/O and l/1."); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"># <?=gettext("of Roll Bits"); ?></td> + <td width="78%" class="vtable"> + <input name="rollbits" type="text" class="formfld" id="rollbits" size="2" value="<?=htmlspecialchars($pconfig['rollbits']);?>" /> + <br /> + <?=gettext("Reserves a range in each voucher to store the Roll # it belongs to. Allowed range: 1..31. Sum of Roll+Ticket+Checksum bits must be one Bit less than the RSA key size."); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"># <?=gettext("of Ticket Bits"); ?></td> + <td width="78%" class="vtable"> + <input name="ticketbits" type="text" class="formfld" id="ticketbits" size="2" value="<?=htmlspecialchars($pconfig['ticketbits']);?>" /> + <br /> + <?=gettext("Reserves a range in each voucher to store the Ticket# it belongs to. Allowed range: 1..16. Using 16 bits allows a roll to have up to 65535 vouchers. A bit array, stored in RAM and in the config, is used to mark if a voucher has been used. A bit array for 65535 vouchers requires 8 KB of storage."); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"># <?=gettext("of Checksum Bits"); ?></td> + <td width="78%" class="vtable"> + <input name="checksumbits" type="text" class="formfld" id="checksumbits" size="2" value="<?=htmlspecialchars($pconfig['checksumbits']);?>" /> + <br /> + <?=gettext("Reserves a range in each voucher to store a simple checksum over Roll # and Ticket#. Allowed range is 0..31."); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Magic Number"); ?></td> + <td width="78%" class="vtable"> + <input name="magic" type="text" class="formfld" id="magic" size="20" value="<?=htmlspecialchars($pconfig['magic']);?>" /> + <br /> + <?=gettext("Magic number stored in every voucher. Verified during voucher check. Size depends on how many bits are left by Roll+Ticket+Checksum bits. If all bits are used, no magic number will be used and checked."); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Invalid Voucher Message"); ?></td> + <td width="78%" class="vtable"> + <input name="msgnoaccess" type="text" class="formfld" id="msgnoaccess" size="80" value="<?=htmlspecialchars($pconfig['msgnoaccess']);?>" /> + <br /><?=gettext("Error message displayed for invalid vouchers on captive portal error page"); ?> ($PORTAL_MESSAGE$). + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Expired Voucher Message"); ?></td> + <td width="78%" class="vtable"> + <input name="msgexpired" type="text" class="formfld" id="msgexpired" size="80" value="<?=htmlspecialchars($pconfig['msgexpired']);?>" /> + <br /><?=gettext("Error message displayed for expired vouchers on captive portal error page"); ?> ($PORTAL_MESSAGE$). + </td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + + </td> + </tr> + <tr> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Voucher database synchronization"); ?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Synchronize Voucher Database IP"); ?></td> + <td width="78%" class="vtable"> + <input name="vouchersyncdbip" type="text" class="formfld" id="vouchersyncdbip" size="17" value="<?=htmlspecialchars($pconfig['vouchersyncdbip']);?>" /> + <br /><?=gettext("IP address of master nodes webConfigurator to synchronize voucher database and used vouchers from."); ?> + <br /><?=gettext("NOTE: this should be setup on the slave nodes and not the primary node!"); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Voucher sync port"); ?></td> + <td width="78%" class="vtable"> + <input name="vouchersyncport" type="text" class="formfld" id="vouchersyncport" size="7" value="<?=htmlspecialchars($pconfig['vouchersyncport']);?>" /> + <br /><?=gettext("This is the port of the master voucher nodes webConfigurator. Example: 443"); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Voucher sync username"); ?></td> + <td width="78%" class="vtable"> + <input name="vouchersyncusername" type="text" class="formfld" id="vouchersyncusername" size="25" value="<?=htmlspecialchars($pconfig['vouchersyncusername']);?>" autocomplete="off" /> + <br /><?=gettext("This is the username of the master voucher nodes webConfigurator."); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Voucher sync password"); ?></td> + <td width="78%" class="vtable"> + <input name="vouchersyncpass" type="password" class="formfld" id="vouchersyncpass" size="25" value="<?=htmlspecialchars($pconfig['vouchersyncpass']);?>" autocomplete="off" /> + <br /><?=gettext("This is the password of the master voucher nodes webConfigurator."); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input type="hidden" name="zone" id="zone" value="<?=htmlspecialchars($cpzone);?>" /> + <input type="hidden" name="exponent" id="exponent" value="<?=$pconfig['exponent'];?>" /> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" onclick="enable_change(true); before_save();" /> + <input type="button" class="formbtn" value="<?=gettext("Cancel");?>" onclick="window.location.href='<?=$referer;?>'" /> + </td> + </tr> + <tr> + <td colspan="2" class="list"> + <p class="vexpl"> + <span class="red"><strong> <?=gettext("Note:"); ?><br /> </strong></span> <?=gettext("Changing any Voucher parameter (apart from managing the list of Rolls) on this page will render existing vouchers useless if they were generated with different settings."); ?> <br /> <?=gettext("Specifying the Voucher Database Synchronization options will not record any other value from the other options. They will be retrieved/synced from the master."); ?> diff --git a/usr/local/www/services_captiveportal_vouchers_edit.php b/usr/local/www/services_captiveportal_vouchers_edit.php index b43a0f7..5b1afbe 100644 --- a/usr/local/www/services_captiveportal_vouchers_edit.php +++ b/usr/local/www/services_captiveportal_vouchers_edit.php @@ -1,21 +1,21 @@ -<?php +<?php /* services_captiveportal_vouchers_edit.php Copyright (C) 2013-2015 Electric Sheep Fencing, LP Copyright (C) 2007 Marcel Wiget <mwiget@mac.com>. - All rights reserved. - + All rights reserved. + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - + 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE @@ -27,7 +27,7 @@ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* +/* pfSense_MODULE: captiveportal */ @@ -49,20 +49,22 @@ $pgtitle = array(gettext("Services"), gettext("Captive portal"), gettext("Edit V $shortcut_section = "captiveportal-vouchers"; $cpzone = $_GET['zone']; -if (isset($_POST['zone'])) - $cpzone = $_POST['zone']; +if (isset($_POST['zone'])) { + $cpzone = $_POST['zone']; +} if (empty($cpzone) || empty($config['captiveportal'][$cpzone])) { - header("Location: services_captiveportal_zones.php"); - exit; + header("Location: services_captiveportal_zones.php"); + exit; } -if (!is_array($config['captiveportal'])) - $config['captiveportal'] = array(); +if (!is_array($config['captiveportal'])) { + $config['captiveportal'] = array(); +} $a_cp =& $config['captiveportal']; if (!is_array($config['voucher'])) { - $config['voucher'] = array(); + $config['voucher'] = array(); } if (!is_array($config['voucher'][$cpzone]['roll'])) { @@ -70,10 +72,12 @@ if (!is_array($config['voucher'][$cpzone]['roll'])) { } $a_roll = &$config['voucher'][$cpzone]['roll']; -if (is_numericint($_GET['id'])) +if (is_numericint($_GET['id'])) { $id = $_GET['id']; -if (isset($_POST['id']) && is_numericint($_POST['id'])) +} +if (isset($_POST['id']) && is_numericint($_POST['id'])) { $id = $_POST['id']; +} if (isset($id) && $a_roll[$id]) { $pconfig['zone'] = $a_roll[$id]['zone']; @@ -87,81 +91,86 @@ $maxnumber = (1<<$config['voucher'][$cpzone]['rollbits']) -1; // Highest Roll $maxcount = (1<<$config['voucher'][$cpzone]['ticketbits']) -1; // Highest Ticket# if ($_POST) { - + unset($input_errors); $pconfig = $_POST; - /* input validation */ - $reqdfields = explode(" ", "number count minutes"); - $reqdfieldsn = array(gettext("Number"),gettext("Count"),gettext("minutes")); + /* input validation */ + $reqdfields = explode(" ", "number count minutes"); + $reqdfieldsn = array(gettext("Number"), gettext("Count"), gettext("minutes")); - do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); // Look for duplicate roll # - foreach($a_roll as $re) { - if($re['number'] == $_POST['number']) { + foreach ($a_roll as $re) { + if ($re['number'] == $_POST['number']) { $input_errors[] = sprintf(gettext("Roll number %s already exists."), $_POST['number']); break; } } - - if (!is_numeric($_POST['number']) || $_POST['number'] >= $maxnumber) - $input_errors[] = sprintf(gettext("Roll number must be numeric and less than %s"), $maxnumber); - - if (!is_numeric($_POST['count']) || $_POST['count'] < 1 || $_POST['count'] > $maxcount) - $input_errors[] = sprintf(gettext("A roll has at least one voucher and less than %s."), $maxcount); - - if (!is_numeric($_POST['minutes']) || $_POST['minutes'] < 1) - $input_errors[] = gettext("Each voucher must be good for at least 1 minute."); - - if (!$input_errors) { - - if (isset($id) && $a_roll[$id]) - $rollent = $a_roll[$id]; - - $rollent['zone'] = $_POST['zone']; - $rollent['number'] = $_POST['number']; - $rollent['minutes'] = $_POST['minutes']; - $rollent['descr'] = $_POST['descr']; - - /* New Roll or modified voucher count: create bitmask */ - $voucherlck = lock("voucher{$cpzone}"); - if ($_POST['count'] != $rollent['count']) { - $rollent['count'] = $_POST['count']; - $len = ($rollent['count']>>3) + 1; // count / 8 +1 - $rollent['used'] = base64_encode(str_repeat("\000",$len)); // 4 bitmask - $rollent['active'] = array(); - voucher_write_used_db($rollent['number'], $rollent['used']); - voucher_write_active_db($rollent['number'], array()); // create empty DB - voucher_log(LOG_INFO,sprintf(gettext('All %1$s vouchers from Roll %2$s marked unused'), $rollent['count'], $rollent['number'])); - } else { - // existing roll has been modified but without changing the count - // read active and used DB from ramdisk and store it in XML config - $rollent['used'] = base64_encode(voucher_read_used_db($rollent['number'])); - $activent = array(); - $db = array(); - $active_vouchers = voucher_read_active_db($rollent['number'], $rollent['minutes']); - foreach($active_vouchers as $voucher => $line) { - list($timestamp, $minutes) = explode(",", $line); - $activent['voucher'] = $voucher; - $activent['timestamp'] = $timestamp; - $activent['minutes'] = $minutes; - $db[] = $activent; - } - $rollent['active'] = $db; - } - unlock($voucherlck); - - if (isset($id) && $a_roll[$id]) - $a_roll[$id] = $rollent; - else - $a_roll[] = $rollent; - - write_config(); - - header("Location: services_captiveportal_vouchers.php?zone={$cpzone}"); - exit; - } + + if (!is_numeric($_POST['number']) || $_POST['number'] >= $maxnumber) { + $input_errors[] = sprintf(gettext("Roll number must be numeric and less than %s"), $maxnumber); + } + + if (!is_numeric($_POST['count']) || $_POST['count'] < 1 || $_POST['count'] > $maxcount) { + $input_errors[] = sprintf(gettext("A roll has at least one voucher and less than %s."), $maxcount); + } + + if (!is_numeric($_POST['minutes']) || $_POST['minutes'] < 1) { + $input_errors[] = gettext("Each voucher must be good for at least 1 minute."); + } + + if (!$input_errors) { + + if (isset($id) && $a_roll[$id]) { + $rollent = $a_roll[$id]; + } + + $rollent['zone'] = $_POST['zone']; + $rollent['number'] = $_POST['number']; + $rollent['minutes'] = $_POST['minutes']; + $rollent['descr'] = $_POST['descr']; + + /* New Roll or modified voucher count: create bitmask */ + $voucherlck = lock("voucher{$cpzone}"); + if ($_POST['count'] != $rollent['count']) { + $rollent['count'] = $_POST['count']; + $len = ($rollent['count']>>3) + 1; // count / 8 +1 + $rollent['used'] = base64_encode(str_repeat("\000", $len)); // 4 bitmask + $rollent['active'] = array(); + voucher_write_used_db($rollent['number'], $rollent['used']); + voucher_write_active_db($rollent['number'], array()); // create empty DB + voucher_log(LOG_INFO, sprintf(gettext('All %1$s vouchers from Roll %2$s marked unused'), $rollent['count'], $rollent['number'])); + } else { + // existing roll has been modified but without changing the count + // read active and used DB from ramdisk and store it in XML config + $rollent['used'] = base64_encode(voucher_read_used_db($rollent['number'])); + $activent = array(); + $db = array(); + $active_vouchers = voucher_read_active_db($rollent['number'], $rollent['minutes']); + foreach ($active_vouchers as $voucher => $line) { + list($timestamp, $minutes) = explode(",", $line); + $activent['voucher'] = $voucher; + $activent['timestamp'] = $timestamp; + $activent['minutes'] = $minutes; + $db[] = $activent; + } + $rollent['active'] = $db; + } + unlock($voucherlck); + + if (isset($id) && $a_roll[$id]) { + $a_roll[$id] = $rollent; + } else { + $a_roll[] = $rollent; + } + + write_config(); + + header("Location: services_captiveportal_vouchers.php?zone={$cpzone}"); + exit; + } } include("head.inc"); @@ -171,51 +180,51 @@ include("head.inc"); <?php if ($input_errors) print_input_errors($input_errors); ?> <?php if ($savemsg) print_info_box($savemsg); ?> <form action="services_captiveportal_vouchers_edit.php" method="post" name="iform" id="iform"> - <table width="100%" border="0" cellpadding="6" cellspacing="0" summary="content pane"> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Roll"); ?>#</td> - <td width="78%" class="vtable"> - <?=$mandfldhtml;?><input name="number" type="text" class="formfld" id="number" size="10" value="<?=htmlspecialchars($pconfig['number']);?>" /> - <br /> - <span class="vexpl"><?=gettext("Enter the Roll"); ?># (0..<?=htmlspecialchars($maxnumber);?>) <?=gettext("found on top of the generated/printed vouchers"); ?>.</span> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Minutes per Ticket"); ?></td> - <td width="78%" class="vtable"> - <?=$mandfldhtml;?><input name="minutes" type="text" class="formfld" id="minutes" size="10" value="<?=htmlspecialchars($pconfig['minutes']);?>" /> - <br /> - <span class="vexpl"><?=gettext("Defines the time in minutes that a user is allowed access. The clock starts ticking the first time a voucher is used for authentication"); ?>.</span> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Count"); ?></td> - <td width="78%" class="vtable"> - <?=$mandfldhtml;?><input name="count" type="text" class="formfld" id="count" size="10" value="<?=htmlspecialchars($pconfig['count']);?>" /> - <br /> - <span class="vexpl"><?=gettext("Enter the number of vouchers"); ?> (1..<?=htmlspecialchars($maxcount);?>) <?=gettext("found on top of the generated/printed vouchers. WARNING: Changing this number for an existing Roll will mark all vouchers as unused again"); ?>.</span> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Comment"); ?></td> - <td width="78%" class="vtable"> - <?=$mandfldhtml;?><input name="descr" type="text" class="formfld" id="descr" size="60" value="<?=htmlspecialchars($pconfig['descr']);?>" /> - <br /> - <span class="vexpl"><?=gettext("Can be used to further identify this roll. Ignored by the system"); ?>.</span> - </td> - </tr> - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" /> - <input name="zone" type="hidden" value="<?=htmlspecialchars($cpzone);?>" /> - <?php if (isset($id) && $a_roll[$id]): ?> - <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" /> - <?php endif; ?> - </td> - </tr> - </table> - </form> + <table width="100%" border="0" cellpadding="6" cellspacing="0" summary="content pane"> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Roll"); ?>#</td> + <td width="78%" class="vtable"> + <?=$mandfldhtml;?><input name="number" type="text" class="formfld" id="number" size="10" value="<?=htmlspecialchars($pconfig['number']);?>" /> + <br /> + <span class="vexpl"><?=gettext("Enter the Roll"); ?># (0..<?=htmlspecialchars($maxnumber);?>) <?=gettext("found on top of the generated/printed vouchers"); ?>.</span> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Minutes per Ticket"); ?></td> + <td width="78%" class="vtable"> + <?=$mandfldhtml;?><input name="minutes" type="text" class="formfld" id="minutes" size="10" value="<?=htmlspecialchars($pconfig['minutes']);?>" /> + <br /> + <span class="vexpl"><?=gettext("Defines the time in minutes that a user is allowed access. The clock starts ticking the first time a voucher is used for authentication"); ?>.</span> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Count"); ?></td> + <td width="78%" class="vtable"> + <?=$mandfldhtml;?><input name="count" type="text" class="formfld" id="count" size="10" value="<?=htmlspecialchars($pconfig['count']);?>" /> + <br /> + <span class="vexpl"><?=gettext("Enter the number of vouchers"); ?> (1..<?=htmlspecialchars($maxcount);?>) <?=gettext("found on top of the generated/printed vouchers. WARNING: Changing this number for an existing Roll will mark all vouchers as unused again"); ?>.</span> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Comment"); ?></td> + <td width="78%" class="vtable"> + <?=$mandfldhtml;?><input name="descr" type="text" class="formfld" id="descr" size="60" value="<?=htmlspecialchars($pconfig['descr']);?>" /> + <br /> + <span class="vexpl"><?=gettext("Can be used to further identify this roll. Ignored by the system"); ?>.</span> + </td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" /> + <input name="zone" type="hidden" value="<?=htmlspecialchars($cpzone);?>" /> + <?php if (isset($id) && $a_roll[$id]): ?> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" /> + <?php endif; ?> + </td> + </tr> + </table> +</form> <?php include("fend.inc"); ?> </body> </html> diff --git a/usr/local/www/services_captiveportal_zones.php b/usr/local/www/services_captiveportal_zones.php index 8974167..5eb9742 100644 --- a/usr/local/www/services_captiveportal_zones.php +++ b/usr/local/www/services_captiveportal_zones.php @@ -44,8 +44,9 @@ require("captiveportal.inc"); global $cpzone; global $cpzoneid; -if (!is_array($config['captiveportal'])) +if (!is_array($config['captiveportal'])) { $config['captiveportal'] = array(); +} $a_cp = &$config['captiveportal']; if ($_GET['act'] == "del" && !empty($_GET['zone'])) { @@ -55,15 +56,16 @@ if ($_GET['act'] == "del" && !empty($_GET['zone'])) { unset($a_cp[$cpzone]['enable']); captiveportal_configure_zone($a_cp[$cpzone]); unset($a_cp[$cpzone]); - if (isset($config['voucher'][$cpzone])) + if (isset($config['voucher'][$cpzone])) { unset($config['voucher'][$cpzone]); + } write_config(); header("Location: services_captiveportal_zones.php"); exit; } } -$pgtitle = array(gettext("Captive Portal"),gettext("Zones")); +$pgtitle = array(gettext("Captive Portal"), gettext("Zones")); $shortcut_section = "captiveportal"; include("head.inc"); @@ -78,61 +80,73 @@ include("head.inc"); <?php endif; ?> <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0" summary="captive portal"> -<tr> - <td width="15%" class="listhdrr"><?=gettext("Zone");?></td> - <td width="30%" class="listhdrr"><?=gettext("Interfaces");?></td> - <td width="10%" class="listhdrr"><?=gettext("Number of users");?></td> - <td width="40%" class="listhdrr"><?=gettext("Description");?></td> - <td width="5%" class="list"> - <table border="0" cellspacing="0" cellpadding="1" summary="icons"> - <tr> - <td valign="middle" width="17"> </td> - <td valign="middle"><a href="services_captiveportal_zones_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?=gettext("add a new captiveportal instance");?>" alt="add" /></a></td> - </tr> - </table> - </td> -</tr> - <?php foreach ($a_cp as $cpzone => $cpitem): - if (!is_array($cpitem)) + <tr> + <td width="15%" class="listhdrr"><?=gettext("Zone");?></td> + <td width="30%" class="listhdrr"><?=gettext("Interfaces");?></td> + <td width="10%" class="listhdrr"><?=gettext("Number of users");?></td> + <td width="40%" class="listhdrr"><?=gettext("Description");?></td> + <td width="5%" class="list"> + <table border="0" cellspacing="0" cellpadding="1" summary="icons"> + <tr> + <td valign="middle" width="17"> </td> + <td valign="middle"> + <a href="services_captiveportal_zones_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?=gettext("add a new captiveportal instance");?>" alt="add" /></a> + </td> + </tr> + </table> + </td> + </tr> +<?php + foreach ($a_cp as $cpzone => $cpitem): + if (!is_array($cpitem)) { continue; - ?> -<tr> - <td class="listlr" ondblclick="document.location='services_captiveportal.php?zone=<?=$cpzone;?>';"> - <?=htmlspecialchars($cpitem['zone']);?> - </td> - <td class="listlr" ondblclick="document.location='services_captiveportal.php?zone=<?=$cpzone;?>';"> - <?php $cpifaces = explode(",", $cpitem['interface']); - foreach ($cpifaces as $cpiface) - echo convert_friendly_interface_to_friendly_descr($cpiface) . " "; - ?> - </td> - <td class="listr" ondblclick="document.location='services_captiveportal.php?zone=<?=$cpzone;?>';"> - <?=count(captiveportal_read_db());?> - </td> - <td class="listbg" ondblclick="document.location='services_captiveportal.php?zone=<?=$cpzone;?>';"> - <?=htmlspecialchars($cpitem['descr']);?> - </td> - <td valign="middle" class="list nowrap"> - <table border="0" cellspacing="0" cellpadding="1" summary="icons"> - <tr> - <td valign="middle"><a href="services_captiveportal.php?zone=<?=$cpzone?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="<?=gettext("edit captiveportal instance"); ?>" alt="edit" /></a></td> - <td><a href="services_captiveportal_zones.php?act=del&zone=<?=$cpzone;?>" onclick="return confirm('<?=gettext("Do you really want to delete this entry?");?>')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="<?=gettext("delete captiveportal instance");?>" alt="delete" /></a></td> - </tr> - </table> - </td> -</tr> - <?php endforeach; ?> -<tr> - <td class="list" colspan="4"></td> - <td class="list"> - <table border="0" cellspacing="0" cellpadding="1" summary="add"> - <tr> - <td valign="middle" width="17"> </td> - <td valign="middle"><a href="services_captiveportal_zones_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?=gettext("add a new captiveportal instance");?>" alt="add" /></a></td> - </tr> - </table> - </td> -</tr> + } +?> + <tr> + <td class="listlr" ondblclick="document.location='services_captiveportal.php?zone=<?=$cpzone;?>';"> + <?=htmlspecialchars($cpitem['zone']);?> + </td> + <td class="listlr" ondblclick="document.location='services_captiveportal.php?zone=<?=$cpzone;?>';"> +<?php + $cpifaces = explode(",", $cpitem['interface']); + foreach ($cpifaces as $cpiface) { + echo convert_friendly_interface_to_friendly_descr($cpiface) . " "; + } +?> + </td> + <td class="listr" ondblclick="document.location='services_captiveportal.php?zone=<?=$cpzone;?>';"> + <?=count(captiveportal_read_db());?> + </td> + <td class="listbg" ondblclick="document.location='services_captiveportal.php?zone=<?=$cpzone;?>';"> + <?=htmlspecialchars($cpitem['descr']);?> + </td> + <td valign="middle" class="list nowrap"> + <table border="0" cellspacing="0" cellpadding="1" summary="icons"> + <tr> + <td valign="middle"><a href="services_captiveportal.php?zone=<?=$cpzone?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="<?=gettext("edit captiveportal instance"); ?>" alt="edit" /></a></td> + <td> + <a href="services_captiveportal_zones.php?act=del&zone=<?=$cpzone;?>" onclick="return confirm('<?=gettext("Do you really want to delete this entry?");?>')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="<?=gettext("delete captiveportal instance");?>" alt="delete" /></a> + </td> + </tr> + </table> + </td> + </tr> +<?php + endforeach; +?> + <tr> + <td class="list" colspan="4"></td> + <td class="list"> + <table border="0" cellspacing="0" cellpadding="1" summary="add"> + <tr> + <td valign="middle" width="17"> </td> + <td valign="middle"> + <a href="services_captiveportal_zones_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?=gettext("add a new captiveportal instance");?>" alt="add" /></a> + </td> + </tr> + </table> + </td> + </tr> </table> </form> <?php include("fend.inc"); ?> diff --git a/usr/local/www/services_captiveportal_zones_edit.php b/usr/local/www/services_captiveportal_zones_edit.php index 26ab823..fa37c80 100644 --- a/usr/local/www/services_captiveportal_zones_edit.php +++ b/usr/local/www/services_captiveportal_zones_edit.php @@ -43,11 +43,12 @@ require_once("filter.inc"); require("shaper.inc"); require("captiveportal.inc"); -$pgtitle = array(gettext("Services"),gettext("Captive portal"),gettext("Edit Zones")); +$pgtitle = array(gettext("Services"), gettext("Captive portal"), gettext("Edit Zones")); $shortcut_section = "captiveportal"; -if (!is_array($config['captiveportal'])) +if (!is_array($config['captiveportal'])) { $config['captiveportal'] = array(); +} $a_cp =& $config['captiveportal']; if ($_POST) { |