function wifidog_register_perform()
{
session_start();
$page = CurrentPageName();
$autocreate_confirmed = 0;
if ($GLOBALS["HOTSPOT_DEBUG"]) {
ToSyslog("Starting wifidog_register_perform()");
}
$sock = new sockets();
$ArticaHotSpotSMTP = SMTP_SETTINGS();
$email = trim(strtolower($_POST["email"]));
$q = new mysql_squid_builder();
$password2 = trim($_POST["password2"]);
$password = trim($_POST["password"]);
if ($password2 != $password) {
return wifidog_register("{password_mismatch}");
}
if ($ArticaHotSpotSMTP["ENABLED_SMTP"] == 1) {
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
return wifidog_register("{error_email_invalid}");
}
$tr = explode("@", $email);
$domain = $tr[1];
if (!checkdnsrr($domain, 'MX')) {
return wifidog_register("«{$domain}»<br>{error_domain_email_invalid}");
}
}
$ligne = mysql_fetch_array($q->QUERY_SQL("SELECT uid FROM hotspot_members WHERE `uid`='{$email}'"));
$wifidog_build_uri = wifidog_build_uri();
$uriext = $wifidog_build_uri[0];
$HiddenFields = $wifidog_build_uri[1];
if ($ligne["uid"] != null) {
if ($ArticaHotSpotSMTP["ENABLED_SMTP"] == 1) {
$link = "<center><a href=\"{$page}?wifidog-recover=yes&{$uriext}\">{lost_password}</a></center>";
}
return wifidog_register("{this_account_already_exists}<hr>{$link}");
}
$MAC = $_REQUEST["mac"];
$REGISTER_MAX_TIME = $ArticaHotSpotSMTP["REGISTER_MAX_TIME"];
$ArticaSplashHotSpotEndTime = $ArticaHotSpotSMTP["ArticaSplashHotSpotEndTime"];
$password = md5($password);
$creationtime = time();
$autocreate_maxttl = $ArticaHotSpotSMTP["REGISTER_MAX_TIME"];
$sessionkey = md5($password . $creationtime . $email);
$gateway_addr = $_REQUEST["gw_address"];
$gw_port = $_REQUEST["gw_port"];
$gw_id = $_REQUEST["gw_id"];
$ARP = $_REQUEST["mac"];
$url = $_REQUEST["url"];
$token = $_REQUEST["token"];
if ($ArticaHotSpotSMTP["ENABLED_SMTP"] == 0) {
$autocreate_confirmed = 1;
}
if ($GLOBALS["HOTSPOT_DEBUG"]) {
ToSyslog("Create new member {$email},{$password},TTL:{$ArticaSplashHotSpotEndTime} in line:" . __LINE__);
}
$sql = "INSERT IGNORE INTO hotspot_members \n\t(uid,ttl,sessiontime,password,enabled,creationtime,autocreate,autocreate_confirmed,autocreate_maxttl,sessionkey,MAC) VALUES\n\t('{$email}','{$ArticaSplashHotSpotEndTime}','','{$password}',1,'{$creationtime}',1,'{$autocreate_confirmed}',{$autocreate_maxttl},'{$sessionkey}','{$MAC}')";
$q->QUERY_SQL($sql);
if (!$q->ok) {
if (strpos(" {$q->mysql_error}", "Unknown column") > 0) {
if ($GLOBALS["HOTSPOT_DEBUG"]) {
ToSyslog("check_hotspot_tables in line:" . __LINE__);
}
$q->check_hotspot_tables();
if (!$q->ok) {
if ($GLOBALS["HOTSPOT_DEBUG"]) {
ToSyslog("{$q->mysql_error} in line:" . __LINE__);
}
}
$q->QUERY_SQL($sql);
}
}
if (!$q->ok) {
ToSyslog("{$q->mysql_error}");
return wifidog_register($q->mysql_error);
}
if ($ArticaHotSpotSMTP["ENABLED_SMTP"] == 0) {
$array["SERVER_NAME"] = $_SERVER["SERVER_NAME"];
$array["redirecturi"] = $url;
$array["LOGIN"] = $email;
$array["redirecturi"] = $_REQUEST["url"];
$array["REMOTE_ADDR"] = $_REQUEST["ip"];
$array["token"] = $token;
$array["HOST"] = $_REQUEST["ip"];
UnLock($array);
ToSyslog("wifidog_auth/" . __FUNCTION__ . ":: SESSION(HOTSPOT_REDIRECT_URL) = {$url}");
$_SESSION["HOTSPOT_AUTO_REGISTER"] = true;
$_SESSION["HOTSPOT_REDIRECT_URL"] = $url;
$redirecturi = "http://{$gateway_addr}:{$gw_port}/wifidog/auth?token={$token}";
ToSyslog("wifidog_auth/" . __FUNCTION__ . ":: Redirect Token: {$token} to {$redirecturi}");
header("Location: {$redirecturi}");
return;
}
$proto = "http";
$myHostname = $_SERVER["HTTP_HOST"];
$page = CurrentPageName();
if (isset($_SERVER["HTTPS"])) {
$proto = "https";
}
$URL_REDIRECT = "{$proto}://{$myHostname}/{$page}?wifidog-confirm={$sessionkey}";
$smtp_sender = $ArticaHotSpotSMTP["smtp_sender"];
if ($ArticaHotSpotSMTP["REGISTER_MESSAGE"] == null) {
$ArticaHotSpotSMTP["REGISTER_MESSAGE"] = "Hi, in order to activate your account on the HotSpot system,\nclick on the link below";
}
if ($ArticaHotSpotSMTP["RECOVER_MESSAGE"] == null) {
$ArticaHotSpotSMTP["RECOVER_MESSAGE"] = "Hi, in order to recover your password on the HotSpot system,\nclick on the link below";
}
if ($ArticaHotSpotSMTP["CONFIRM_MESSAGE"] == null) {
$ArticaHotSpotSMTP["CONFIRM_MESSAGE"] = "Success\nA message as been sent to you.\nPlease check your WebMail system in order to confirm your registration";
}
if ($ArticaHotSpotSMTP["REGISTER_SUBJECT"] == null) {
$ArticaHotSpotSMTP["REGISTER_SUBJECT"] = "HotSpot account validation";
}
$smtp_senderTR = explode("@", $smtp_sender);
$instance = $smtp_senderTR[1];
$random_hash = md5(date('r', time()));
$boundary = "{$random_hash}/{$instance}";
$body[] = "Return-Path: <{$smtp_sender}>";
$body[] = "Date: " . date("D, d M Y H:i:s") . " +0100 (CET)";
$body[] = "From: {$smtp_sender}";
$body[] = "Subject: {$ArticaHotSpotSMTP["REGISTER_SUBJECT"]}";
$body[] = "To: {$email}";
$body[] = "Auto-Submitted: auto-replied";
$body[] = "MIME-Version: 1.0";
$body[] = "Content-Type: multipart/mixed;";
$body[] = "\tboundary=\"{$boundary}\"";
$body[] = "Content-Transfer-Encoding: 8bit";
$body[] = "Message-Id: <{$random_hash}@{$instance}>";
$body[] = "--{$boundary}";
$body[] = "Content-Description: Notification";
$body[] = "Content-Type: text/plain; charset=us-ascii";
$body[] = "";
$body[] = $ArticaHotSpotSMTP["REGISTER_MESSAGE"];
$body[] = $URL_REDIRECT;
$body[] = "";
$body[] = "";
$body[] = "--{$boundary}";
$finalbody = @implode("\r\n", $body);
$smtp = new smtp();
if ($ArticaHotSpotSMTP["smtp_auth_user"] != null) {
$params["auth"] = true;
$params["user"] = $ArticaHotSpotSMTP["smtp_auth_user"];
$params["pass"] = $ArticaHotSpotSMTP["smtp_auth_passwd"];
}
$params["host"] = $ArticaHotSpotSMTP["smtp_server_name"];
$params["port"] = $ArticaHotSpotSMTP["smtp_server_port"];
if (!$smtp->connect($params)) {
return wifidog_register("{error_while_sending_message} {error} {$smtp->error_number} {$smtp->error_text}");
}
if (!$smtp->send(array("from" => $smtp_sender, "recipients" => $email, "body" => $finalbody, "headers" => null))) {
$smtp->quit();
return wifidog_register("{error_while_sending_message} {error} {$smtp->error_number} {$smtp->error_text}");
}
if ($GLOBALS["HOTSPOT_DEBUG"]) {
ToSyslog("From: {$smtp_sender} to {$email} {$ArticaHotSpotSMTP["REGISTER_SUBJECT"]} success");
}
$smtp->quit();
if ($GLOBALS["HOTSPOT_DEBUG"]) {
ToSyslog("wifidog_auth/" . __FUNCTION__ . ":: Token: {$token} -> UnLock(..");
}
$array["LOGIN"] = $email;
$array["ARP"] = $_REQUEST["mac"];
$array["token"] = $token;
$array["redirecturi"] = $_REQUEST["url"];
$array["REMOTE_ADDR"] = $_REQUEST["ip"];
$array["REGISTER"] = true;
if (!UnLock($array)) {
if ($GLOBALS["HOTSPOT_DEBUG"]) {
ToSyslog("wifidog_auth/" . __FUNCTION__ . "::failed_to_create_session");
}
return wifidog_register("{error} {failed_to_create_session}");
}
ToSyslog("wifidog_auth/" . __FUNCTION__ . ":: SESSION(HOTSPOT_REDIRECT_URL) = {$url}");
$_SESSION["HOTSPOT_AUTO_REGISTER"] = true;
$_SESSION["HOTSPOT_REDIRECT_URL"] = $url;
$redirecturi = "http://{$gateway_addr}:{$gw_port}/wifidog/auth?token={$token}";
ToSyslog("wifidog_auth/" . __FUNCTION__ . ":: Redirect Token: {$token} to {$redirecturi}");
header("Location: {$redirecturi}");
}
function table()
{
$today = date("Y-m-d");
$t = time();
$page = CurrentPageName();
$tpl = new templates();
$users = new usersMenus();
$TB_HEIGHT = 500;
$TB_WIDTH = 710;
$members = $tpl->javascript_parse_text("{members}");
$MAC = $tpl->javascript_parse_text("{MAC}");
$ttl = $tpl->javascript_parse_text("{ttl}");
$finaltime = $tpl->javascript_parse_text("{re_authenticate_each}");
$endtime = $tpl->javascript_parse_text("{endtime}");
$q = new mysql_squid_builder();
if (!$q->TABLE_EXISTS("hotspot_activedirectory")) {
$q->check_hotspot_tables();
}
$q->QUERY_SQL("DELETE FROM `hotspot_activedirectory` WHERE ruleid=0");
$hostname = $tpl->javascript_parse_text("{hostname}");
$enabled = $tpl->javascript_parse_text("{enabled}");
$new_connection = $tpl->javascript_parse_text("{new_connection}");
$parameters = $tpl->javascript_parse_text("{parameters}");
$delete = $tpl->javascript_parse_text("{delete}");
$created = $tpl->javascript_parse_text("{created}");
$title = $tpl->javascript_parse_text("{hotspot_ad_title}");
$buttons = "\n\tbuttons : [\n\t{name: '<strong style=font-size:18px>{$new_connection}</strong>', bclass: 'Add', onpress : NewCNx{$t}},\n\t\n\t],";
$html = "\n\t<div id='query-explain'></div>\n\t<table class='flexRT{$t}' style='display: none' id='flexRT{$t}' style='width:99%'></table>\n\t<script>\n\tvar mem{$t}='';\n\t\$(document).ready(function(){\n\t\$('#flexRT{$t}').flexigrid({\n\turl: '{$page}?items=yes&t={$t}&ruleid={$_GET["ruleid"]}',\n\tdataType: 'json',\n\tcolModel : [\n\t{display: '<span style=font-size:18px>{$hostname}</span>', name : 'hostname', width :515, sortable : true, align: 'left'},\n\t{display: '<span style=font-size:18px>{$enabled}</span>', name : 'enabled', width :98, sortable : false, align: 'center'},\n\t{display: ' ', name : 'none', width :55, sortable : true, align: 'center'},\n\t],\n\t{$buttons}\n\t\n\tsearchitems : [\n\t{display: '{$hostname}', name : 'hostname'},\n\t\n\t],\n\tsortname: 'hostname',\n\tsortorder: 'asc',\n\tusepager: true,\n\ttitle: '<span style=font-size:22px>{$title}</span>',\n\tuseRp: true,\n\trp: 50,\n\tshowTableToggleBtn: false,\n\twidth: '99%',\n\theight: 550,\n\tsingleSelect: true,\n\trpOptions: [10, 20, 30, 50,100,200,500]\n\t\n\t});\n\t});\n\n\n\t\n\tfunction NewCNx{$t}(){\n\t\tLoadjs('{$page}?popup-ad-js=yes&md5=&t={$t}&ruleid={$_GET["ruleid"]}');\n\t}\n</script>";
echo $html;
}
function table(){
$page=CurrentPageName();
$tpl=new templates();
$tt=time();
$t=$_GET["t"];
$_GET["ruleid"]=$_GET["ID"];
$groups=$tpl->javascript_parse_text("{groups}");
$from=$tpl->_ENGINE_parse_body("{from}");
$to=$tpl->javascript_parse_text("{to}");
$rule=$tpl->javascript_parse_text("{rule}");
$delete=$tpl->javascript_parse_text("{delete} {zone} ?");
$rewrite_rules_fdb_explain=$tpl->javascript_parse_text("{rewrite_rules_fdb_explain}");
$new_network=$tpl->javascript_parse_text("{new_rule}");
$comment=$tpl->javascript_parse_text("{comment}");
$rules=$tpl->javascript_parse_text("{rules}");
$rule=$tpl->javascript_parse_text("{rule}");
$apply=$tpl->javascript_parse_text("{apply}");
$action=$tpl->javascript_parse_text("{action}");
$order=$tpl->javascript_parse_text("{order}");
$networks=$tpl->javascript_parse_text("{networks}");
$restricted=$tpl->javascript_parse_text("{restricted}");
$type=$tpl->javascript_parse_text("{type}");
$protocol=$tpl->javascript_parse_text("{protocol}");
$port=$tpl->javascript_parse_text("{port}");
$trusted_MAC=$tpl->javascript_parse_text("{trusted_MAC}");
$trusted_sslwebsites=$tpl->javascript_parse_text("{trusted_ssl_sites}");
$title=$networks;
$tt=time();
$q=new mysql_squid_builder();
$q->check_hotspot_tables();
$buttons="
buttons : [
{name: '$new_network', bclass: 'add', onpress : NewRule$tt},
{name: '$trusted_MAC', bclass: 'Settings', onpress : rports},
{name: '$trusted_sslwebsites', bclass: 'Settings', onpress : rssls},
{name: '$apply', bclass: 'Reconf', onpress : Apply$tt},
],";
$html="
<table class='flexRT$tt' style='display: none' id='flexRT$tt' style='width:100%'></table>
<script>
function Start$tt(){
$('#flexRT$tt').flexigrid({
url: '$page?items=yes&t=$tt&tt=$tt&t-rule={$_GET["t"]}&ruleid={$_GET["ruleid"]}',
dataType: 'json',
colModel : [
{display: '$order', name : 'zorder', width :55, sortable : true, align: 'center'},
{display: '$protocol', name : 'proto', width :55, sortable : true, align: 'center'},
{display: '$networks', name : 'pattern', width :448, sortable : true, align: 'left'},
{display: '$type', name : 'hotspoted', width :100, sortable : false, align: 'center'},
{display: '$action', name : 'action', width :100, sortable : true, align: 'center'},
{display: 'up', name : 'up', width :55, sortable : false, align: 'center'},
{display: 'down', name : 'down', width :55, sortable : false, align: 'center'},
{display: ' ', name : 'delete', width : 100, sortable : false, align: 'center'},
],
$buttons
searchitems : [
{display: '$networks', name : 'pattern'},
{display: '$port', name : 'port'},
],
sortname: 'zorder',
sortorder: 'asc',
usepager: true,
title: '$title',
useRp: true,
rp: 50,
showTableToggleBtn: false,
width: '99%',
height: 450,
singleSelect: true,
rpOptions: [10, 20, 30, 50,100,200]
});
}
var xNewRule$tt= function (obj) {
var res=obj.responseText;
if (res.length>3){alert(res);return;}
$('#flexRT$t').flexReload();
$('#flexRT$tt').flexReload();
}
function Apply$tt(){
Loadjs('squid.webauth.restart.php');
}
function NewRule$tt(){
Loadjs('$page?item-js=yes&ID=0&t=$tt',true);
}
function Delete$tt(zmd5){
if(confirm('$delete')){
var XHR = new XHRConnection();
XHR.appendData('policy-delete', zmd5);
XHR.sendAndLoad('$page', 'POST',xNewRule$tt);
}
}
var xINOUT$tt= function (obj) {
var res=obj.responseText;
if (res.length>3){alert(res);return;}
$('#flexRT$t').flexReload();
$('#flexRT$tt').flexReload();
}
function INOUT$tt(ID){
var XHR = new XHRConnection();
XHR.appendData('INOUT', ID);
XHR.sendAndLoad('$page', 'POST',xINOUT$tt);
}
function rports(){
Loadjs('squid.webauth.hotspots.allowed.macs.php',true);
}
function rssls(){
Loadjs('squid.webauth.hotspots.ssl.objects.php',true);
}
function reverse$tt(ID){
var XHR = new XHRConnection();
XHR.appendData('reverse', ID);
XHR.sendAndLoad('$page', 'POST',xINOUT$tt);
}
var x_LinkAclRuleGpid$tt= function (obj) {
var res=obj.responseText;
if(res.length>3){alert(res);return;}
$('#table-$t').flexReload();
$('#flexRT$tt').flexReload();
ExecuteByClassName('SearchFunction');
}
function FlexReloadRulesRewrite(){
$('#flexRT$t').flexReload();
}
function MoveRuleDestination$tt(mkey,direction){
var XHR = new XHRConnection();
XHR.appendData('rules-destination-move', mkey);
XHR.appendData('direction', direction);
XHR.sendAndLoad('$page', 'POST',x_LinkAclRuleGpid$tt);
}
function MoveRuleDestinationAsk$tt(mkey,def){
var zorder=prompt('Order',def);
if(!zorder){return;}
var XHR = new XHRConnection();
XHR.appendData('rules-destination-move', mkey);
XHR.appendData('rules-destination-zorder', zorder);
XHR.sendAndLoad('$page', 'POST',x_LinkAclRuleGpid$tt);
}
Start$tt();
</script>
";
echo $html;
}
function table(){
$today=date("Y-m-d");
$t=time();
$page=CurrentPageName();
$tpl=new templates();
$users=new usersMenus();
$TB_HEIGHT=500;
$TB_WIDTH=710;
$members=$tpl->javascript_parse_text("{members}");
$MAC=$tpl->javascript_parse_text("{MAC}");
$ttl=$tpl->javascript_parse_text("{ttl}");
$finaltime=$tpl->javascript_parse_text("{re_authenticate_each}");
$endtime=$tpl->javascript_parse_text("{endtime}");
$q=new mysql_squid_builder();
if(!$q->TABLE_EXISTS("hotspot_activedirectory")){$q->check_hotspot_tables();}
$hostname=$tpl->javascript_parse_text("{hostname}");
$enabled=$tpl->javascript_parse_text("{enabled}");
$new_connection=$tpl->javascript_parse_text("{new_connection}");
$parameters=$tpl->javascript_parse_text("{parameters}");
$delete=$tpl->javascript_parse_text("{delete}");
$created=$tpl->javascript_parse_text("{created}");
$buttons="
buttons : [
{name: '$new_connection', bclass: 'Add', onpress : NewCNx$t},
],";
$html="
<div id='query-explain'></div>
<table class='flexRT$t' style='display: none' id='flexRT$t' style='width:99%'></table>
<script>
var mem$t='';
$(document).ready(function(){
$('#flexRT$t').flexigrid({
url: '$page?items=yes&t=$t',
dataType: 'json',
colModel : [
{display: '$hostname', name : 'hostname', width :515, sortable : true, align: 'left'},
{display: '$ttl', name : 'ttl', width :190, sortable : true, align: 'left'},
{display: '$enabled', name : 'enabled', width :60, sortable : false, align: 'center'},
{display: ' ', name : 'none', width :35, sortable : true, align: 'center'},
],
$buttons
searchitems : [
{display: '$hostname', name : 'hostname'},
],
sortname: 'hostname',
sortorder: 'asc',
usepager: true,
title: '<span id=\"title-$t\">Active Directory</span>',
useRp: true,
rp: 50,
showTableToggleBtn: false,
width: '99%',
height: 550,
singleSelect: true,
rpOptions: [10, 20, 30, 50,100,200,500]
});
});
function NewCNx$t(){
Loadjs('$page?popup-ad-js=yes&md5=&t=$t');
}
</script>";
echo $html;
}
function buildconfig()
{
# $Id$";
msg_html();
$sock = new sockets();
$unix = new unix();
$q = new mysql_squid_builder();
$q->check_hotspot_tables();
$php = $unix->LOCATE_PHP5_BIN();
$SquidHotSpotPort = intval($sock->GET_INFO("SquidHotSpotPort"));
$ArticaHotSpotPort = intval($sock->GET_INFO("ArticaHotSpotPort"));
$ArticaSSLHotSpotPort = intval($sock->GET_INFO("ArticaSSLHotSpotPort"));
$ArticaSplashHotSpotPort = intval($sock->GET_INFO("ArticaSplashHotSpotPort"));
$SquidHotSpotSSLPort = intval($sock->GET_INFO("SquidHotSpotSSLPort"));
$HospotNoSSL = intval($sock->GET_INFO("HospotNoSSL"));
$HotSpotDenySSL = intval($sock->GET_INFO("HotSpotDenySSL"));
$ArticaHotSpotEmergency = intval($sock->GET_INFO("ArticaHotSpotEmergency"));
$ArticaSplashHotSpotPortSSL = intval($sock->GET_INFO("ArticaSplashHotSpotPortSSL"));
$ArticaSplashHotSpotCertificate = $sock->GET_INFO("ArticaSplashHotSpotCertificate");
$ArticaHotSpotInterface = $sock->GET_INFO("ArticaHotSpotInterface");
$ArticaHotSpotInterface2 = $sock->GET_INFO("ArticaHotSpotInterface2");
if ($ArticaHotSpotInterface == null) {
$ArticaHotSpotInterface = "eth0";
}
$ArticaHotSpotEnableMIT = $sock->GET_INFO("ArticaHotSpotEnableMIT");
$ArticaHotSpotEnableProxy = $sock->GET_INFO("ArticaHotSpotEnableProxy");
if (!is_numeric($ArticaHotSpotEnableMIT)) {
$ArticaHotSpotEnableMIT = 1;
}
if (!is_numeric($ArticaHotSpotEnableProxy)) {
$ArticaHotSpotEnableProxy = 1;
}
if ($ArticaHotSpotInterface2 == $ArticaHotSpotInterface) {
$ArticaHotSpotInterface2 = null;
}
if ($ArticaSplashHotSpotPort == 0) {
$ArticaSplashHotSpotPort = 16080;
}
if ($ArticaSplashHotSpotPortSSL == 0) {
$ArticaSplashHotSpotPortSSL = 16443;
}
if ($ArticaHotSpotPort == 0) {
$ArticaHotSpotPort = rand(38000, 64000);
$sock->SET_INFO("ArticaHotSpotPort", $ArticaHotSpotPort);
}
if ($ArticaSSLHotSpotPort == 0) {
$ArticaSSLHotSpotPort = rand(38500, 64000);
$sock->SET_INFO("ArticaSSLHotSpotPort", $ArticaSSLHotSpotPort);
}
if ($SquidHotSpotPort == 0) {
$SquidHotSpotPort = rand(40000, 64000);
$sock->SET_INFO("SquidHotSpotPort", $SquidHotSpotPort);
}
if ($SquidHotSpotSSLPort == 0) {
$SquidHotSpotSSLPort = rand(40500, 64000);
$sock->SET_INFO("SquidHotSpotSSLPort", $SquidHotSpotSSLPort);
}
$NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES();
$IPADDR = $NETWORK_ALL_INTERFACES[$ArticaHotSpotInterface]["IPADDR"];
$GatewayAddress = $IPADDR;
$sock->SET_INFO("HotSpotGatewayAddr", $IPADDR);
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: HTTP service on {$NETWORK_ALL_INTERFACES[$ArticaHotSpotInterface]["IPADDR"]} `{$IPADDR}` port\n";
}
$HospotHTTPServerName = trim($sock->GET_INFO("HospotHTTPServerName"));
$IPADDR2 = $NETWORK_ALL_INTERFACES[$ArticaHotSpotInterface2]["IPADDR"];
$WifiDogDebugLevel = intval($sock->GET_INFO("WifiDogDebugLevel"));
build_progress("{reconfiguring}", 60);
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: HTTP service on {$ArticaSplashHotSpotPort} port\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: HTTPS service on {$ArticaSplashHotSpotPortSSL} port\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: HotSpot service on {$ArticaHotSpotPort} port\n";
}
if ($ArticaHotSpotInterface2 != null) {
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: Listen IN on {$ArticaHotSpotInterface} ( {$IPADDR} )\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: Listen OUT on {$ArticaHotSpotInterface2} ( {$IPADDR2} )\n";
}
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: Listen on {$ArticaHotSpotInterface} ( {$IPADDR} )\n";
}
}
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: Proxy Listen on {$SquidHotSpotPort} port\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: Re-authenticate each {$ArticaSplashHotSpotCacheAuth} Minutes\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: Debug Level:{$WifiDogDebugLevel}\n";
}
$Checking_squid = Checking_squid($SquidHotSpotPort);
if (!$Checking_squid) {
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: Reconfiguring proxy...\n";
}
shell_exec("{$php} /usr/share/artica-postfix/exec.squid.php --build --force");
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: Restarting Proxy...\n";
}
shell_exec("/etc/init.d/squid restart --force {$GLOBALS["SCRIPT_SUFFIX"]}");
}
build_progress("{reconfiguring}", 61);
$Checking_squid = Checking_squid($SquidHotSpotPort);
if (!$Checking_squid) {
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: Reconfiguring proxy on port {$SquidHotSpotPort} Failed!!!\n";
}
}
build_progress("{reconfiguring}", 62);
if ($ArticaHotSpotEnableMIT == 1) {
$Checking_squid = Checking_squid($SquidHotSpotSSLPort);
build_progress("{reconfiguring}", 63);
if (!$Checking_squid) {
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: Reconfiguring proxy...\n";
}
shell_exec("{$php} /usr/share/artica-postfix/exec.squid.php --build --force");
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: Restarting Proxy...\n";
}
shell_exec("/etc/init.d/squid restart --force {$GLOBALS["SCRIPT_SUFFIX"]}");
}
$Checking_squid = Checking_squid($SquidHotSpotSSLPort);
if (!$Checking_squid) {
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: Reconfiguring proxy on port {$SquidHotSpotSSLPort} Failed!!!\n";
}
}
}
$modprobe = $unix->find_program("modprobe");
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: probing iptables modules...\n";
}
$array = array();
$array[] = "ip_tables";
$array[] = "ip_conntrack";
$array[] = "ip_conntrack_ftp";
$array[] = "ip_conntrack_irc";
$array[] = "iptable_nat";
$array[] = "ip_nat_ftp";
while (list($num, $ligne) = each($array)) {
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: probing {$ligne}\n";
}
shell_exec("{$modprobe} {$ligne}");
}
$sysctl = $unix->find_program("sysctl");
$echo = $unix->find_program("echo");
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: Enable gateway..\n";
}
shell_exec("{$echo} 1 > /proc/sys/net/ipv4/ip_forward");
shell_exec("{$echo} 1 > /proc/sys/net/ipv4/ip_dynaddr");
shell_exec("{$sysctl} -w net.ipv4.ip_forward=1 2>&1");
shell_exec("{$echo} 1 > /proc/sys/net/ipv4/ip_forward");
$comment = " -m comment --comment \"WiFiDog_NAT\"";
if ($ArticaHotSpotInterface2 != null) {
$iptables = $unix->find_program("iptables");
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}: Chain {$ArticaHotSpotInterface} and {$ArticaHotSpotInterface2}\n";
}
$EXTIF = $ArticaHotSpotInterface2;
$INTIF = $ArticaHotSpotInterface;
shell_exec("{$iptables} -A FORWARD -i {$EXTIF} -o {$INTIF} -m state --state ESTABLISHED,RELATED {$comment} -j ACCEPT");
shell_exec("{$iptables} -A FORWARD -i {$INTIF} -o {$EXTIF} {$comment} -j ACCEPT");
shell_exec("{$iptables} -t nat -A POSTROUTING -o {$EXTIF} {$comment} -j MASQUERADE");
}
$WifidogClientTimeout = intval($sock->GET_INFO("WifidogClientTimeout"));
if ($WifidogClientTimeout < 5) {
$WifidogClientTimeout = 30;
}
build_progress("{reconfiguring}", 64);
$f[] = "# WiFiDog Configuration file";
$f[] = "# Saved by artica on " . date("Y-m-d H:i:s");
$f[] = "";
$f[] = "# Parameter: GatewayID";
$f[] = "# Default: default";
$f[] = "# Optional";
$f[] = "#";
$f[] = "# Set this to the node ID on the auth server";
$f[] = "# This is used to give a customized login page to the clients and for";
$f[] = "# monitoring/statistics purpose. If you run multiple gateways on the same";
$f[] = "# machine each gateway needs to have a different gateway id.";
$f[] = "# If none is supplied, the mac address of the GatewayInterface interface will be used,";
$f[] = "# without the : separators";
$f[] = "";
$f[] = "# GatewayID default";
$f[] = "";
$f[] = "# Parameter: ExternalInterface";
$f[] = "# Default: NONE";
$f[] = "# Optional";
$f[] = "#";
$f[] = "# Set this to the external interface (the one going out to the Inernet or your larger LAN). ";
$f[] = "# Typically vlan1 for OpenWrt, and eth0 or ppp0 otherwise,";
$f[] = "# Normally autodetected";
$f[] = "";
if ($ArticaHotSpotInterface2 != null) {
$f[] = "ExternalInterface {$ArticaHotSpotInterface2}";
} else {
$f[] = "#ExternalInterface eth0 or ppp0 otherwise";
}
$f[] = "";
$f[] = "GatewayInterface {$ArticaHotSpotInterface}";
$f[] = "GatewayAddress {$GatewayAddress}";
$f[] = "";
$f[] = "# Parameter: HtmlMessageFile";
$f[] = "# Default: wifidog-msg.html";
$f[] = "# Optional";
$f[] = "#";
$f[] = "# This allows you to specify a custome HTML file which will be used for";
$f[] = "# system errors by the gateway. Any \$title, \$message and \$node variables";
$f[] = "# used inside the file will be replaced.";
$f[] = "#";
$f[] = "# HtmlMessageFile /opt/wifidog/etc/wifidog-.html";
$f[] = "";
$f[] = "# Parameter: AuthServer";
$f[] = "# Default: NONE";
$f[] = "# Mandatory, repeatable";
$f[] = "#";
$f[] = "# This allows you to configure your auth server(s). Each one will be tried in order, untill one responds.";
$f[] = "# Set this to the hostname or IP of your auth server(s), the path where";
$f[] = "# WiFiDog-auth resides in and the port it listens on.";
$f[] = "#AuthServer {";
$f[] = "#\tHostname (Mandatory; Default: NONE)";
$f[] = "#\tSSLAvailable (Optional; Default: no; Possible values: yes, no)";
$f[] = "#\tSSLPort (Optional; Default: 443)";
$f[] = "#\tHTTPPort (Optional; Default: 80)";
$f[] = "#\tPath (Optional; Default: /wifidog/ Note: The path must be both prefixed and suffixed by /. Use a single / for server root.)";
$f[] = "# LoginScriptPathFragment (Optional; Default: login/? Note: This is the script the user will be sent to for login.)";
$f[] = "# PortalScriptPathFragment (Optional; Default: portal/? Note: This is the script the user will be sent to after a successfull login.)";
$f[] = "# MsgScriptPathFragment (Optional; Default: gw_message.php? Note: This is the script the user will be sent to upon error to read a readable message.)";
$f[] = "# PingScriptPathFragment (Optional; Default: ping/? Note: This is the script the user will be sent to upon error to read a readable message.)";
$f[] = "# AuthScriptPathFragment (Optional; Default: auth/? Note: This is the script the user will be sent to upon error to read a readable message.)";
$f[] = "#}";
$f[] = "# HospotHTTPServerName = {$HospotHTTPServerName}";
$f[] = "AuthServer {";
if ($HospotHTTPServerName != null) {
$f[] = " Hostname {$HospotHTTPServerName}";
$unix->create_EtcHosts($HospotHTTPServerName, $IPADDR);
} else {
$f[] = " Hostname {$IPADDR}";
}
if ($HotSpotDenySSL == 1) {
$HospotNoSSL = 1;
}
$f[] = " SSLPort {$ArticaSplashHotSpotPortSSL}";
if ($HospotNoSSL == 0) {
$f[] = " SSLAvailable yes";
} else {
$f[] = " SSLAvailable no";
}
$f[] = " HTTPPort {$ArticaSplashHotSpotPort}";
$f[] = " LoginScriptPathFragment hotspot.php?wifidog-login=yes&";
$f[] = " PingScriptPathFragment hotspot.php?wifidog-ping=yes&";
$f[] = " AuthScriptPathFragment hotspot.php?wifidog-auth=yes&";
$f[] = " PortalScriptPathFragment hotspot.php?wifidog-portal=yes&";
$f[] = " Path /";
$f[] = "}";
$f[] = "";
$f[] = "Daemon 1";
$f[] = "GatewayPort {$ArticaHotSpotPort}";
if ($ArticaHotSpotEnableProxy == 1) {
$f[] = "ProxyPort {$SquidHotSpotPort}";
}
$f[] = "HTTPDName Artica HotSpot";
$f[] = "# HTTPDMaxConn 50";
$f[] = "";
$f[] = "# Parameter: HTTPDRealm";
$f[] = "# Default: WiFiDog";
$f[] = "# Optional";
$f[] = "#";
$f[] = "# The name of the HTTP authentication realm. This only used when a user";
$f[] = "# tries to access a protected WiFiDog internal page. See HTTPUserName.";
$f[] = "# HTTPDRealm WiFiDog";
$f[] = "";
$f[] = "# Parameter: HTTPDUserName / HTTPDPassword";
$f[] = "# Default: unset";
$f[] = "# Optional";
$f[] = "#";
$f[] = "# The gateway exposes some information such as the status page through its web";
$f[] = "# interface. This information can be protected with a username and password,";
$f[] = "# which can be set through the HTTPDUserName and HTTPDPassword parameters.";
$f[] = "# HTTPDUserName admin";
$f[] = "# HTTPDPassword secret";
$f[] = "";
$f[] = "CheckInterval 60";
$f[] = "ClientTimeout {$WifidogClientTimeout}";
$f[] = "";
$f[] = "# Parameter: TrustedMACList";
$f[] = "# Default: none";
$f[] = "# Optional";
$f[] = "#";
$f[] = "# Comma separated list of MAC addresses who are allowed to pass";
$f[] = "# through without authentication";
$f[] = "#TrustedMACList 00:15:5D:01:09:06,00:00:C0:1D:F0:0D";
build_progress("{reconfiguring}", 65);
$trusted_macs = trusted_macs();
if ($trusted_macs != null) {
$f[] = "TrustedMACList {$trusted_macs}";
}
$f[] = "";
$f[] = "# Parameter: FirewallRuleSet";
$f[] = "# Default: none";
$f[] = "# Mandatory";
$f[] = "#";
$f[] = "# Groups a number of FirewallRule statements together.";
$f[] = "";
$f[] = "# Parameter: FirewallRule";
$f[] = "# Default: none";
$f[] = "# ";
$f[] = "# Define one firewall rule in a rule set.";
$f[] = "";
$f[] = "# Rule Set: global";
$f[] = "# ";
$f[] = "# Used for rules to be applied to all other rulesets except locked.";
$f[] = "FirewallRuleSet global {";
if ($ArticaHotSpotEmergency == 1) {
$f[] = "\tFirewallRule allow udp to 0.0.0.0/0";
$f[] = "\tFirewallRule allow tcp to 0.0.0.0/0";
} else {
$f[] = firewall_rules(0);
}
$f[] = " # FirewallRule syntax:";
$f[] = " # FirewallRule (block|drop|allow|log|ulog) [(tcp|udp|icmp) [port X]] [to IP/CIDR]";
$f[] = "";
$f[] = " ## To block SMTP out, as it's a tech support nightmare, and a legal liability";
$f[] = " #FirewallRule block tcp port 25";
$f[] = " ";
$f[] = " ## Use the following if you don't want clients to be able to access machines on ";
$f[] = " ## the private LAN that gives internet access to wifidog. Note that this is not";
$f[] = " ## client isolation; The laptops will still be able to talk to one another, as";
$f[] = " ## well as to any machine bridged to the wifi of the router.";
$f[] = " # FirewallRule block to 192.168.0.0/16";
$f[] = " # FirewallRule block to 172.16.0.0/12";
$f[] = " # FirewallRule block to 10.0.0.0/8";
$f[] = " ";
$f[] = " ## This is an example ruleset for the Teliphone service.";
$f[] = " #FirewallRule allow udp to 69.90.89.192/27";
$f[] = " #FirewallRule allow udp to 69.90.85.0/27";
$f[] = " #FirewallRule allow tcp port 80 to 69.90.89.205";
$f[] = "";
$f[] = " ## Use the following to log or ulog the traffic you want to allow or block.";
$f[] = " # For OPENWRT: use of these feature requires modules ipt_LOG or ipt_ULOG present in dependencies";
$f[] = " # iptables-mod-extra and iptables-mod-ulog (to adapt it to the linux distribution). ";
$f[] = " # Note: the log or ulog rule must be passed before, the rule you want to match.";
$f[] = " # for openwrt: use of these feature requires modules ipt_LOG or ipt_ULOG present in dependencies";
$f[] = " # iptables-mod-extra and iptables-mod-ulog";
$f[] = " # For example, you want to log (ulog works the same way) the traffic allowed on port 80 to the ip 69.90.89.205:";
$f[] = " #FirewallRule log tcp port 80 to 69.90.89.205";
$f[] = " #FirewallRule allow tcp port 80 to 69.90.89.205";
$f[] = " # And you want to know, who matche your block rule:";
$f[] = " #FirewallRule log to 0.0.0.0/0";
$f[] = " #FirewallRule block to 0.0.0.0/0";
$f[] = "}";
$f[] = "";
$f[] = "# Rule Set: validating-users";
$f[] = "# Used for new users validating their account";
$f[] = "FirewallRuleSet validating-users {";
if ($ArticaHotSpotEmergency == 1) {
$f[] = "\tFirewallRule allow udp to 0.0.0.0/0";
$f[] = "\tFirewallRule allow tcp to 0.0.0.0/0";
} else {
$f[] = firewall_rules(1);
}
$f[] = "FirewallRule allow tcp port 80 to 0.0.0.0/0";
$f[] = "FirewallRule allow tcp port 443 to 0.0.0.0/0";
$f[] = "}";
$f[] = "";
$f[] = "# Rule Set: known-users";
$f[] = "# Used for normal validated users.";
$f[] = "FirewallRuleSet known-users {";
if ($ArticaHotSpotEmergency == 1) {
$f[] = "\tFirewallRule allow udp to 0.0.0.0/0";
$f[] = "\tFirewallRule allow tcp to 0.0.0.0/0";
} else {
$f[] = firewall_rules(1);
}
$f[] = "FirewallRule allow tcp port 80 to 0.0.0.0/0";
$f[] = "FirewallRule allow tcp port 443 to 0.0.0.0/0";
$f[] = "}";
$f[] = "";
$f[] = "# Rule Set: unknown-users";
$f[] = "#";
$f[] = "# Used for unvalidated users, this is the ruleset that gets redirected.";
$f[] = "#";
$f[] = "# XXX The redirect code adds the Default DROP clause.";
$f[] = "FirewallRuleSet unknown-users {";
if ($ArticaHotSpotEmergency == 1) {
$f[] = "\tFirewallRule allow udp to 0.0.0.0/0";
$f[] = "\tFirewallRule allow tcp to 0.0.0.0/0";
} else {
if ($HotSpotDenySSL == 1) {
$f[] = "FirewallRule block tcp port 443 to 0.0.0.0/0";
}
if ($HotSpotDenySSL == 0) {
$f[] = "FirewallRule allow tcp port 443 to 0.0.0.0/0";
}
$f[] = " FirewallRule allow udp port 53";
$f[] = " FirewallRule allow tcp port 53";
$f[] = " FirewallRule allow udp port 67";
$f[] = " FirewallRule allow tcp port 67";
$f[] = firewall_rules(2);
}
$f[] = "}";
$f[] = "";
$f[] = "# Rule Set: locked-users";
$f[] = "#";
$f[] = "# Not currently used";
$f[] = "FirewallRuleSet locked-users {";
if ($ArticaHotSpotEmergency == 1) {
$f[] = "\tFirewallRule allow udp to 0.0.0.0/0";
$f[] = "\tFirewallRule allow tcp to 0.0.0.0/0";
} else {
$f[] = "\tFirewallRule block to 0.0.0.0/0";
}
$f[] = "}";
$f[] = "";
@file_put_contents("/etc/wifidog.conf", @implode("\n", $f));
build_progress("{reconfiguring}", 90);
build_error_page();
}
function table()
{
$page = CurrentPageName();
$tpl = new templates();
$tt = time();
$t = $_GET["t"];
$_GET["ruleid"] = $_GET["ID"];
$groups = $tpl->javascript_parse_text("{groups}");
$from = $tpl->_ENGINE_parse_body("{from}");
$to = $tpl->javascript_parse_text("{to}");
$rule = $tpl->javascript_parse_text("{rule}");
$delete = $tpl->javascript_parse_text("{delete} {zone} ?");
$rewrite_rules_fdb_explain = $tpl->javascript_parse_text("{rewrite_rules_fdb_explain}");
$new_network = $tpl->javascript_parse_text("{new_rule}");
$comment = $tpl->javascript_parse_text("{comment}");
$rules = $tpl->javascript_parse_text("{rules}");
$rule = $tpl->javascript_parse_text("{rule}");
$apply = $tpl->javascript_parse_text("{apply}");
$action = $tpl->javascript_parse_text("{action}");
$order = $tpl->javascript_parse_text("{order}");
$networks = $tpl->javascript_parse_text("{networks}");
$restricted = $tpl->javascript_parse_text("{restricted}");
$type = $tpl->javascript_parse_text("{type}");
$protocol = $tpl->javascript_parse_text("{protocol}");
$port = $tpl->javascript_parse_text("{port}");
$trusted_MAC = $tpl->javascript_parse_text("{trusted_MAC}");
$trusted_sslwebsites = $tpl->javascript_parse_text("{trusted_ssl_sites}");
$title = $networks;
$tt = time();
$q = new mysql_squid_builder();
$q->check_hotspot_tables();
$buttons = "\n\tbuttons : [\n\t{name: '<strong style=font-size:20px>{$new_network}</strong>', bclass: 'add', onpress : NewRule{$tt}},\n\t{name: '<strong style=font-size:20px>{$trusted_MAC}</strong>', bclass: 'Settings', onpress : rports},\n\t{name: '<strong style=font-size:20px>{$trusted_sslwebsites}</strong>', bclass: 'Settings', onpress : rssls},\n\t{name: '<strong style=font-size:20px>{$apply}</strong>', bclass: 'Reconf', onpress : Apply{$tt}},\n\t],";
$html = "\n\t<table class='flexRT{$tt}' style='display: none' id='flexRT{$tt}' style='width:100%'></table>\n\t<script>\n\tfunction Start{$tt}(){\n\t\$('#flexRT{$tt}').flexigrid({\n\turl: '{$page}?items=yes&t={$tt}&tt={$tt}&t-rule={$_GET["t"]}&ruleid={$_GET["ruleid"]}',\n\tdataType: 'json',\n\tcolModel : [\n\t{display: '<span style=font-size:22px>{$order}</span>', name : 'zorder', width :78, sortable : true, align: 'center'},\n\t{display: '<span style=font-size:22px>{$protocol}</span>', name : 'proto', width :138, sortable : true, align: 'center'},\n\t{display: '<span style=font-size:22px>{$networks}</span>', name : 'pattern', width :612, sortable : true, align: 'left'},\n\t{display: '<span style=font-size:22px>{$type}</span>', name : 'hotspoted', width :100, sortable : false, align: 'center'},\n\t{display: '<span style=font-size:22px>{$action}</span>', name : 'action', width :100, sortable : true, align: 'center'},\n\t{display: '<span style=font-size:22px>up</span>', name : 'up', width :81, sortable : false, align: 'center'},\n\t{display: '<span style=font-size:22px>down</span>', name : 'down', width :81, sortable : false, align: 'center'},\n\t{display: ' ', name : 'delete', width : 81, sortable : false, align: 'center'},\n\t],\n\t{$buttons}\n\tsearchitems : [\n\t{display: '{$networks}', name : 'pattern'},\n\t{display: '{$port}', name : 'port'},\n\t],\n\tsortname: 'zorder',\n\tsortorder: 'asc',\n\tusepager: true,\n\ttitle: '<span style=font-size:30px>{$title}</span>',\n\tuseRp: true,\n\trp: 50,\n\tshowTableToggleBtn: false,\n\twidth: '99%',\n\theight: 450,\n\tsingleSelect: true,\n\trpOptions: [10, 20, 30, 50,100,200]\n\n});\n}\n\nvar xNewRule{$tt}= function (obj) {\n\tvar res=obj.responseText;\n\tif (res.length>3){alert(res);return;}\n\t\$('#flexRT{$t}').flexReload();\n\t\$('#flexRT{$tt}').flexReload();\n}\n\nfunction Apply{$tt}(){\n\tLoadjs('squid.webauth.restart.php');\n}\n\n\nfunction NewRule{$tt}(){\n\tLoadjs('{$page}?item-js=yes&ID=0&t={$tt}',true);\n}\nfunction Delete{$tt}(zmd5){\n\tif(confirm('{$delete}')){\n\t\tvar XHR = new XHRConnection();\n\t\tXHR.appendData('policy-delete', zmd5);\n\t\tXHR.sendAndLoad('{$page}', 'POST',xNewRule{$tt});\n\t}\n}\n\nvar xINOUT{$tt}= function (obj) {\n\tvar res=obj.responseText;\n\tif (res.length>3){alert(res);return;}\n\t\$('#flexRT{$t}').flexReload();\n\t\$('#flexRT{$tt}').flexReload();\n}\n\n\nfunction INOUT{$tt}(ID){\n\tvar XHR = new XHRConnection();\n\tXHR.appendData('INOUT', ID);\n\tXHR.sendAndLoad('{$page}', 'POST',xINOUT{$tt});\n}\n\nfunction rports(){\n\tLoadjs('squid.webauth.hotspots.allowed.macs.php',true);\n}\n\nfunction rssls(){\n\tLoadjs('squid.webauth.hotspots.ssl.objects.php',true);\n}\n\nfunction reverse{$tt}(ID){\n\tvar XHR = new XHRConnection();\n\tXHR.appendData('reverse', ID);\n\tXHR.sendAndLoad('{$page}', 'POST',xINOUT{$tt});\n}\n\nvar x_LinkAclRuleGpid{$tt}= function (obj) {\nvar res=obj.responseText;\nif(res.length>3){alert(res);return;}\n\$('#table-{$t}').flexReload();\n\$('#flexRT{$tt}').flexReload();\nExecuteByClassName('SearchFunction');\n}\nfunction FlexReloadRulesRewrite(){\n\$('#flexRT{$t}').flexReload();\n}\n\nfunction MoveRuleDestination{$tt}(mkey,direction){\nvar XHR = new XHRConnection();\nXHR.appendData('rules-destination-move', mkey);\nXHR.appendData('direction', direction);\nXHR.sendAndLoad('{$page}', 'POST',x_LinkAclRuleGpid{$tt});\n}\n\nfunction MoveRuleDestinationAsk{$tt}(mkey,def){\nvar zorder=prompt('Order',def);\nif(!zorder){return;}\nvar XHR = new XHRConnection();\nXHR.appendData('rules-destination-move', mkey);\nXHR.appendData('rules-destination-zorder', zorder);\nXHR.sendAndLoad('{$page}', 'POST',x_LinkAclRuleGpid{$tt});\n}\nStart{$tt}();\n\n</script>\n";
echo $html;
}
