From 87c8f2c991b68033295dfb2a59484f578ec5b8d3 Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Sun, 13 Mar 2005 20:13:37 +0000 Subject: Sync with Pascal's latest versin --- usr/local/captiveportal/index.php | 13 -- usr/local/www/fbegin.inc | 1 - usr/local/www/services_captiveportal.php | 168 +++++----------------- usr/local/www/services_captiveportal_ip.php | 17 +-- usr/local/www/services_captiveportal_ip_edit.php | 15 +- usr/local/www/services_captiveportal_mac.php | 17 +-- usr/local/www/services_captiveportal_mac_edit.php | 17 +-- 7 files changed, 51 insertions(+), 197 deletions(-) (limited to 'usr') diff --git a/usr/local/captiveportal/index.php b/usr/local/captiveportal/index.php index c51c073..1f35a57 100755 --- a/usr/local/captiveportal/index.php +++ b/usr/local/captiveportal/index.php @@ -106,19 +106,6 @@ if ($clientmac && portal_mac_fixed($clientmac)) { readfile("{$g['varetc_path']}/captiveportal-error.html"); } -} else if ($_POST['accept'] && $config['captiveportal']['auth_method']=="local") { - //check against local usermanager - - //erase expired accounts - if(trim($config['users'][$_POST['auth_user']]['expirationdate'])!="" && strtotime("-1 day")>strtotime($config['users'][$_POST['auth_user']]['expirationdate'])){ - unset($config['users'][$_POST['auth_user']]); - write_config(); - } - if($config['users'][$_POST['auth_user']]['password']==md5($_POST['auth_pass'])){ - portal_allow($clientip, $clientmac,$_POST['auth_user'],0,0); - } else { - readfile("{$g['varetc_path']}/captiveportal-error.html"); - } } else if ($_POST['accept'] && $clientip) { //KEYCOM: authorised up and down bandwidth defaults (set from webgui). If not set, use 128/128 if (isset($config['captiveportal']['peruserbw'])) { diff --git a/usr/local/www/fbegin.inc b/usr/local/www/fbegin.inc index 09571c9..76a1238 100755 --- a/usr/local/www/fbegin.inc +++ b/usr/local/www/fbegin.inc @@ -99,7 +99,6 @@ function showhide(tspan, tri) {      SNMP
     Proxy ARP
     Captive portal
-      User Manager
     Wake on LAN
VPN
diff --git a/usr/local/www/services_captiveportal.php b/usr/local/www/services_captiveportal.php index 63b47b8..01459fa 100755 --- a/usr/local/www/services_captiveportal.php +++ b/usr/local/www/services_captiveportal.php @@ -1,22 +1,22 @@ #!/usr/local/bin/php -. All rights reserved. - + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - + 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE @@ -50,7 +50,6 @@ $pconfig['cinterface'] = $config['captiveportal']['interface']; $pconfig['timeout'] = $config['captiveportal']['timeout']; $pconfig['idletimeout'] = $config['captiveportal']['idletimeout']; $pconfig['enable'] = isset($config['captiveportal']['enable']); -$pconfig['auth_method'] = $config['captiveportal']['auth_method']; $pconfig['radacct_enable'] = isset($config['captiveportal']['radacct_enable']); $pconfig['httpslogin_enable'] = isset($config['captiveportal']['httpslogin']); $pconfig['httpsname'] = $config['captiveportal']['httpsname']; @@ -80,9 +79,9 @@ if ($_POST) { if ($_POST['enable']) { $reqdfields = explode(" ", "cinterface"); $reqdfieldsn = explode(",", "Interface"); - + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - + /* make sure no interfaces are bridged */ for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) { $coptif = &$config['interfaces']['opt' . $i]; @@ -91,7 +90,7 @@ if ($_POST) { break; } } - + if ($_POST['httpslogin_enable']) { if (!$_POST['cert'] || !$_POST['key']) { $input_errors[] = "Certificate and key must be specified for HTTPS login."; @@ -101,13 +100,13 @@ if ($_POST) { if (!strstr($_POST['key'], "BEGIN RSA PRIVATE KEY") || !strstr($_POST['key'], "END RSA PRIVATE KEY")) $input_errors[] = "This key does not appear to be valid."; } - + if (!$_POST['httpsname'] || !is_domain($_POST['httpsname'])) { $input_errors[] = "The HTTPS server name must be specified for HTTPS login."; } } } - + if ($_POST['timeout'] && (!is_numeric($_POST['timeout']) || ($_POST['timeout'] < 1))) { $input_errors[] = "The timeout must be at least 1 minute."; } @@ -129,7 +128,6 @@ if ($_POST) { $config['captiveportal']['timeout'] = $_POST['timeout']; $config['captiveportal']['idletimeout'] = $_POST['idletimeout']; $config['captiveportal']['enable'] = $_POST['enable'] ? true : false; - $config['captiveportal']['auth_method'] = $_POST['auth_method']; $config['captiveportal']['radacct_enable'] = $_POST['radacct_enable'] ? true : false; $config['captiveportal']['httpslogin'] = $_POST['httpslogin_enable'] ? true : false; $config['captiveportal']['httpsname'] = $_POST['httpsname']; @@ -149,15 +147,15 @@ if ($_POST) { $config['captiveportal']['radiusport'] = $_POST['radiusport']; $config['captiveportal']['radiusacctport'] = $_POST['radiusacctport']; $config['captiveportal']['radiuskey'] = $_POST['radiuskey']; - + /* file upload? */ if (is_uploaded_file($_FILES['htmlfile']['tmp_name'])) $config['captiveportal']['page']['htmltext'] = base64_encode(file_get_contents($_FILES['htmlfile']['tmp_name'])); if (is_uploaded_file($_FILES['errfile']['tmp_name'])) $config['captiveportal']['page']['errtext'] = base64_encode(file_get_contents($_FILES['errfile']['tmp_name'])); - + write_config(); - + $retval = 0; if (!file_exists($d_sysrebootreqd_path)) { config_lock(); @@ -168,79 +166,19 @@ if ($_POST) { } } ?> - - - -<?=gentitle("Services: Captive portal: Edit pass-through MAC address");?> - - - - - @@ -297,13 +216,13 @@ function enable_change(enable_change) { - + - + - + - - + - @@ -359,7 +278,7 @@ to access after they've authenticated.
  onClick="enable_change(false)"> Enable captive portal
Interface
Hard timeout - + + minutes
Clients will be disconnected after this amount of time, regardless of activity. They may log in again immediately, though. Leave this field blank for no hard timeout (not recommended unless an idle timeout is set).
Logout popup window + > Enable logout popup window
If enabled, a popup window will appear when clients are allowed through the captive portal. This allows clients to explicitly disconnect themselves before the idle or hard timeout occurs. When RADIUS accounting is enabled, this option is implied.
Per-user bandwidth restriction - onClick="enable_peruserbw()"> + > Enable per-user bandwidth restriction

@@ -367,7 +286,7 @@ to access after they've authenticated. - + @@ -384,19 +303,10 @@ to access after they've authenticated.
If this option is set, the captive portal will restrict each user who logs in to a specific bandwidth as set in RADIUS. Your RADIUS server must return the attributes Nomadix-Bw-Up and Nomadix-Bw-Down (1 and 2 VSAs from Vendor 3309, Nomadix) along with Access-Accept for this to work. Bandwidth is set in Kbit/s. You can control pass-through and default bandwidths above. - + -
Kbit/s
Pass-through MAC upload Kbit/s Kbit/s
Pass-through IP download Kbit/s
RADIUS server + - - - - - - - - - @@ -421,7 +331,7 @@ to access after they've authenticated. @@ -445,12 +355,12 @@ to access after they've authenticated.
Paste an RSA private key in PEM format here. - + - - + - - + diff --git a/usr/local/www/services_captiveportal_ip.php b/usr/local/www/services_captiveportal_ip.php index b3d406a..1b7c68a 100755 --- a/usr/local/www/services_captiveportal_ip.php +++ b/usr/local/www/services_captiveportal_ip.php @@ -29,6 +29,7 @@ POSSIBILITY OF SUCH DAMAGE. */ +$pgtitle = array("Services", "Captive portal"); require("guiconfig.inc"); if (!is_array($config['captiveportal']['allowedip'])) @@ -67,17 +68,7 @@ if ($_GET['act'] == "del") { } } ?> - - - -<?=gentitle("Services: Captive portal");?> - - - - - -

Services: Captive portal: Allowed IP addresses

@@ -85,9 +76,9 @@ if ($_GET['act'] == "del") {

No Authentication:   onClick="auth_method_change()">
Local Usermanager:   onClick="auth_method_change()">
RADIUS Authentication:   onClick="auth_method_change()">
IP address:
HTTPS login - onClick="enable_https()"> + > Enable HTTPS login
If enabled, the username and password will be transmitted over an HTTPS connection to protect against eavesdroppers. This option only applies when RADIUS authentication is used. A server name, certificate and matching private key must also be specified below.
Portal page contents +
- View current page + View current page

@@ -471,19 +381,19 @@ with a submit button (name="accept") and a hidden field with name=&quo
- View current page + View current page

The contents of the HTML file that you upload here are displayed when a RADIUS authentication error occurs.
  - + +
  Note:
Changing any settings on this page will disconnect all clients! Don't forget to enable the DHCP server on your captive portal interface! Make sure that the default/maximum DHCP lease time is higher than the timeout entered on this page. Also, the DNS forwarder needs to be enabled for DNS lookups by unauthenticated clients to work.
-
+
@@ -148,5 +139,3 @@ if ($_GET['act'] == "del") {
- - diff --git a/usr/local/www/services_captiveportal_ip_edit.php b/usr/local/www/services_captiveportal_ip_edit.php index 4b1cecf..85911e6 100755 --- a/usr/local/www/services_captiveportal_ip_edit.php +++ b/usr/local/www/services_captiveportal_ip_edit.php @@ -29,6 +29,7 @@ POSSIBILITY OF SUCH DAMAGE. */ +$pgtitle = array("Services", "Captive portal", "Edit allowed IP address"); require("guiconfig.inc"); if (!is_array($config['captiveportal']['allowedip'])) @@ -92,17 +93,7 @@ if ($_POST) { } } ?> - - - -<?=gentitle("Services: Captive portal: Edit allowed IP address");?> - - - - - -

Services: Captive portal: Edit allowed IP address

@@ -125,7 +116,7 @@ if ($_POST) { @@ -148,5 +139,3 @@ if ($_POST) {
IP address - +
IP address
- - diff --git a/usr/local/www/services_captiveportal_mac.php b/usr/local/www/services_captiveportal_mac.php index d38c58c..69cf90a 100755 --- a/usr/local/www/services_captiveportal_mac.php +++ b/usr/local/www/services_captiveportal_mac.php @@ -29,6 +29,7 @@ POSSIBILITY OF SUCH DAMAGE. */ +$pgtitle = array("Services", "Captive portal"); require("guiconfig.inc"); if (!is_array($config['captiveportal']['passthrumac'])) @@ -67,17 +68,7 @@ if ($_GET['act'] == "del") { } } ?> - - - -<?=gentitle("Services: Captive portal");?> - - - - - -

Services: Captive portal: Pass-through MAC addresses

@@ -85,9 +76,9 @@ if ($_GET['act'] == "del") {

-
+
@@ -129,5 +120,3 @@ if ($_GET['act'] == "del") {
- - diff --git a/usr/local/www/services_captiveportal_mac_edit.php b/usr/local/www/services_captiveportal_mac_edit.php index f763bac..f204d0f 100755 --- a/usr/local/www/services_captiveportal_mac_edit.php +++ b/usr/local/www/services_captiveportal_mac_edit.php @@ -29,6 +29,7 @@ POSSIBILITY OF SUCH DAMAGE. */ +$pgtitle = array("Services", "Captive portal", "Edit pass-through MAC address"); require("guiconfig.inc"); if (!is_array($config['captiveportal']['passthrumac'])) @@ -57,6 +58,8 @@ if ($_POST) { do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + $_POST['mac'] = str_replace("-", ":", $_POST['mac']); + if (($_POST['mac'] && !is_macaddr($_POST['mac']))) { $input_errors[] = "A valid MAC address must be specified. [".$_POST['mac']."]"; } @@ -90,24 +93,14 @@ if ($_POST) { } } ?> - - - -<?=gentitle("Services: Captive portal: Edit pass-through MAC address");?> - - - - - -

Services: Captive portal: Edit pass-through MAC address

@@ -130,5 +123,3 @@ if ($_POST) {
MAC address - +
MAC address (6 hex octets separated by colons)
- - -- cgit v1.1