function checkcreds()
{
$sock = new sockets();
$GLOBALS["CACHE_AUTH"] = $sock->GET_INFO("ArticaSplashHotSpotCacheAuth");
$GLOBALS["MAX_TIME"] = $sock->GET_INFO("ArticaSplashHotSpotEndTime");
if (!is_numeric($GLOBALS["CACHE_AUTH"])) {
$GLOBALS["CACHE_AUTH"] = 60;
}
if (!is_numeric($GLOBALS["MAX_TIME"])) {
$GLOBALS["MAX_TIME"] = 0;
}
$gateway_addr = $_REQUEST["gw_address"];
$gw_port = $_REQUEST["gw_port"];
$gw_id = $_REQUEST["gw_id"];
$ARP = $_REQUEST["mac"];
$url = $_REQUEST["url"];
$token = $_REQUEST["token"];
$MAC = $ARP;
ToSyslog("Verify credentials for {$ARP}/{$_POST["username"]} Token:{$token}");
$LOGIN = $_POST["username"];
$IPADDR = null;
$HOST = gethostbyaddr($IPADDR);
$URI = $url;
$array["LOGIN"] = $LOGIN;
$array["IPADDR"] = null;
$array["MAC"] = $MAC;
$array["ARP"] = $MAC;
$array["HOST"] = $HOST;
$array["token"] = $token;
$q = new mysql_squid_builder();
$sql = "SELECT uid,creationtime,ttl,enabled FROM hotspot_members WHERE uid='{$LOGIN}'";
$ligne = mysql_fetch_array($q->QUERY_SQL($sql));
if (trim($ligne["uid"]) != null) {
if ($ligne["enabled"] == 0) {
$Created = $q->time_to_date($ligne["creationtime"], true);
ToSyslog("checkcreds:: {$LOGIN} is disabled {$Created}");
$GLOBALS["ERROR"] = "<strong>{$LOGIN}</strong> {your_account_is_disabled}<br>{created}:{$Created}";
return false;
}
$ttl = $ligne["ttl"];
if ($ligne["creationtime"] > 0) {
if ($ligne["ttl"] > 0) {
$EnOfLife = strtotime("+{$ttl} minutes", $ligne["creationtime"]);
if (time() > $EnOfLife) {
ToSyslog("checkcreds:: {$LOGIN} expired - End of Life");
$GLOBALS["ERROR"] = "{accesstime_to_internet_expired}";
return false;
}
}
}
}
$auth = false;
include_once dirname(__FILE__) . "/ressources/class.user.inc";
if (checkcreds_AD()) {
if ($GLOBALS["HOTSPOT_DEBUG"]) {
ToSyslog("checkcreds_AD return true... in line:" . __LINE__);
}
checkcreds_mysql($array, true);
return UnLock($array);
}
if (checkcreds_ldap()) {
if ($GLOBALS["HOTSPOT_DEBUG"]) {
ToSyslog("checkcreds_ldap return true... in line:" . __LINE__);
}
checkcreds_mysql($array, true);
return UnLock($array);
}
if (checkcreds_mysql($array)) {
if ($GLOBALS["HOTSPOT_DEBUG"]) {
ToSyslog("checkcreds_mysql return true... in line:" . __LINE__);
}
return UnLock($array);
}
events(1, "Login failed for {$LOGIN}/{$IPADDR}", "MAC:{$MAC}\nHost:{$HOST}\n" . @implode("\n", $GLOBALS["LOGS"]));
return false;
}
function checkcreds()
{
$EnableIntelCeleron = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/EnableIntelCeleron"));
$EnableOpenLDAP = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/EnableOpenLDAP"));
$gateway_addr = $_REQUEST["gw_address"];
$gw_port = $_REQUEST["gw_port"];
$gw_id = $_REQUEST["gw_id"];
$ARP = $_REQUEST["mac"];
$url = $_REQUEST["url"];
$token = $_REQUEST["token"];
$ruleid = $_REQUEST["ruleid"];
if ($ruleid == 0) {
if (isset($_SESSION["WIFIDOG_RULES"])) {
$ruleid = $_SESSION["WIFIDOG_RULES"];
}
}
$MAC = $ARP;
if ($EnableIntelCeleron == 1) {
$EnableOpenLDAP = 0;
}
$sock = new wifidog_settings($ruleid);
$USE_MYSQL = intval($sock->GET_INFO("USE_MYSQL"));
$USE_ACTIVEDIRECTORY = intval($sock->GET_INFO("USE_ACTIVEDIRECTORY"));
$DO_NOT_AUTENTICATE = intval($sock->GET_INFO("DO_NOT_AUTENTICATE"));
wifidog_logs("Verify credentials for {$ARP}/{$_POST["username"]} Active Directory:{$USE_ACTIVEDIRECTORY}; Token:{$token} ruleid:{$ruleid}", __FUNCTION__, __LINE__);
$LOGIN = $_POST["username"];
$IPADDR = null;
$HOST = gethostbyaddr($IPADDR);
$URI = $url;
$array["LOGIN"] = $LOGIN;
$array["IPADDR"] = null;
$array["MAC"] = $MAC;
$array["ARP"] = $MAC;
$array["HOST"] = $HOST;
$array["token"] = $token;
$array["ruleid"] = $ruleid;
if ($DO_NOT_AUTENTICATE == 1) {
return UnLock($array, true);
}
$q = new mysql_hotspot();
$sql = "SELECT uid,creationtime,ttl,enabled FROM hotspot_members WHERE uid='{$LOGIN}'";
$ligne = mysql_fetch_array($q->QUERY_SQL($sql));
if (trim($ligne["uid"]) != null) {
$enabled = intval($ligne["enabled"]);
if ($enabled == 0) {
events(1, "Login failed for {$LOGIN}/{$IPADDR}, account locked");
$GLOBALS["ERROR"] = "{your_account_is_disabled}";
return false;
}
}
if ($USE_MYSQL == 0) {
if ($USE_ACTIVEDIRECTORY == 0) {
$USE_MYSQL = 1;
}
}
if ($USE_MYSQL == 0) {
$q->QUERY_SQL("DELETE FROM hotspot_members WHERE uid='{$LOGIN}'");
} else {
if (trim($ligne["uid"]) != null) {
if ($ligne["enabled"] == 0) {
$Created = $q->time_to_date($ligne["creationtime"], true);
wifidog_logs("checkcreds:: {$LOGIN} is disabled {$Created}");
$GLOBALS["ERROR"] = "<strong>{$LOGIN}</strong> {your_account_is_disabled}<br>{created}:{$Created}";
return false;
}
$ttl = $ligne["ttl"];
if ($ligne["creationtime"] > 0) {
if ($ligne["ttl"] > 0) {
$EnOfLife = strtotime("+{$ttl} minutes", $ligne["creationtime"]);
if (time() > $EnOfLife) {
wifidog_logs("checkcreds:: {$LOGIN} expired - End of Life");
$GLOBALS["ERROR"] = "{accesstime_to_internet_expired}";
return false;
}
}
}
}
}
$auth = false;
if ($USE_ACTIVEDIRECTORY == 1) {
if (checkcreds_AD($ruleid)) {
return UnLock($array);
}
}
if ($EnableOpenLDAP == 1) {
if (checkcreds_ldap()) {
if ($GLOBALS["HOTSPOT_DEBUG"]) {
wifidog_logs("checkcreds_ldap return true... in line:" . __LINE__);
}
return UnLock($array);
}
}
if ($USE_MYSQL == 1) {
if (checkcreds_mysql($array)) {
if ($GLOBALS["HOTSPOT_DEBUG"]) {
wifidog_logs("checkcreds_mysql return true... in line:" . __LINE__);
}
return UnLock($array);
}
}
events(1, "Login failed for {$LOGIN}/{$IPADDR}", "MAC:{$MAC}\nHost:{$HOST}\n" . @implode("\n", $GLOBALS["LOGS"]));
$GLOBALS["ERROR"] = "{wrong_unername_or_password}";
return false;
}