Example #1
0
function checkcreds()
{
    $sock = new sockets();
    $GLOBALS["CACHE_AUTH"] = $sock->GET_INFO("ArticaSplashHotSpotCacheAuth");
    $GLOBALS["MAX_TIME"] = $sock->GET_INFO("ArticaSplashHotSpotEndTime");
    if (!is_numeric($GLOBALS["CACHE_AUTH"])) {
        $GLOBALS["CACHE_AUTH"] = 60;
    }
    if (!is_numeric($GLOBALS["MAX_TIME"])) {
        $GLOBALS["MAX_TIME"] = 0;
    }
    $gateway_addr = $_REQUEST["gw_address"];
    $gw_port = $_REQUEST["gw_port"];
    $gw_id = $_REQUEST["gw_id"];
    $ARP = $_REQUEST["mac"];
    $url = $_REQUEST["url"];
    $token = $_REQUEST["token"];
    $MAC = $ARP;
    ToSyslog("Verify credentials for {$ARP}/{$_POST["username"]} Token:{$token}");
    $LOGIN = $_POST["username"];
    $IPADDR = null;
    $HOST = gethostbyaddr($IPADDR);
    $URI = $url;
    $array["LOGIN"] = $LOGIN;
    $array["IPADDR"] = null;
    $array["MAC"] = $MAC;
    $array["ARP"] = $MAC;
    $array["HOST"] = $HOST;
    $array["token"] = $token;
    $q = new mysql_squid_builder();
    $sql = "SELECT uid,creationtime,ttl,enabled FROM hotspot_members WHERE uid='{$LOGIN}'";
    $ligne = mysql_fetch_array($q->QUERY_SQL($sql));
    if (trim($ligne["uid"]) != null) {
        if ($ligne["enabled"] == 0) {
            $Created = $q->time_to_date($ligne["creationtime"], true);
            ToSyslog("checkcreds:: {$LOGIN} is disabled {$Created}");
            $GLOBALS["ERROR"] = "<strong>{$LOGIN}</strong> {your_account_is_disabled}<br>{created}:{$Created}";
            return false;
        }
        $ttl = $ligne["ttl"];
        if ($ligne["creationtime"] > 0) {
            if ($ligne["ttl"] > 0) {
                $EnOfLife = strtotime("+{$ttl} minutes", $ligne["creationtime"]);
                if (time() > $EnOfLife) {
                    ToSyslog("checkcreds:: {$LOGIN} expired - End of Life");
                    $GLOBALS["ERROR"] = "{accesstime_to_internet_expired}";
                    return false;
                }
            }
        }
    }
    $auth = false;
    include_once dirname(__FILE__) . "/ressources/class.user.inc";
    if (checkcreds_AD()) {
        if ($GLOBALS["HOTSPOT_DEBUG"]) {
            ToSyslog("checkcreds_AD return true... in line:" . __LINE__);
        }
        checkcreds_mysql($array, true);
        return UnLock($array);
    }
    if (checkcreds_ldap()) {
        if ($GLOBALS["HOTSPOT_DEBUG"]) {
            ToSyslog("checkcreds_ldap return true... in line:" . __LINE__);
        }
        checkcreds_mysql($array, true);
        return UnLock($array);
    }
    if (checkcreds_mysql($array)) {
        if ($GLOBALS["HOTSPOT_DEBUG"]) {
            ToSyslog("checkcreds_mysql return true... in line:" . __LINE__);
        }
        return UnLock($array);
    }
    events(1, "Login failed for {$LOGIN}/{$IPADDR}", "MAC:{$MAC}\nHost:{$HOST}\n" . @implode("\n", $GLOBALS["LOGS"]));
    return false;
}
Example #2
0
function checkcreds()
{
    $EnableIntelCeleron = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/EnableIntelCeleron"));
    $EnableOpenLDAP = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/EnableOpenLDAP"));
    $gateway_addr = $_REQUEST["gw_address"];
    $gw_port = $_REQUEST["gw_port"];
    $gw_id = $_REQUEST["gw_id"];
    $ARP = $_REQUEST["mac"];
    $url = $_REQUEST["url"];
    $token = $_REQUEST["token"];
    $ruleid = $_REQUEST["ruleid"];
    if ($ruleid == 0) {
        if (isset($_SESSION["WIFIDOG_RULES"])) {
            $ruleid = $_SESSION["WIFIDOG_RULES"];
        }
    }
    $MAC = $ARP;
    if ($EnableIntelCeleron == 1) {
        $EnableOpenLDAP = 0;
    }
    $sock = new wifidog_settings($ruleid);
    $USE_MYSQL = intval($sock->GET_INFO("USE_MYSQL"));
    $USE_ACTIVEDIRECTORY = intval($sock->GET_INFO("USE_ACTIVEDIRECTORY"));
    $DO_NOT_AUTENTICATE = intval($sock->GET_INFO("DO_NOT_AUTENTICATE"));
    wifidog_logs("Verify credentials for {$ARP}/{$_POST["username"]} Active Directory:{$USE_ACTIVEDIRECTORY}; Token:{$token} ruleid:{$ruleid}", __FUNCTION__, __LINE__);
    $LOGIN = $_POST["username"];
    $IPADDR = null;
    $HOST = gethostbyaddr($IPADDR);
    $URI = $url;
    $array["LOGIN"] = $LOGIN;
    $array["IPADDR"] = null;
    $array["MAC"] = $MAC;
    $array["ARP"] = $MAC;
    $array["HOST"] = $HOST;
    $array["token"] = $token;
    $array["ruleid"] = $ruleid;
    if ($DO_NOT_AUTENTICATE == 1) {
        return UnLock($array, true);
    }
    $q = new mysql_hotspot();
    $sql = "SELECT uid,creationtime,ttl,enabled FROM hotspot_members WHERE uid='{$LOGIN}'";
    $ligne = mysql_fetch_array($q->QUERY_SQL($sql));
    if (trim($ligne["uid"]) != null) {
        $enabled = intval($ligne["enabled"]);
        if ($enabled == 0) {
            events(1, "Login failed for {$LOGIN}/{$IPADDR}, account locked");
            $GLOBALS["ERROR"] = "{your_account_is_disabled}";
            return false;
        }
    }
    if ($USE_MYSQL == 0) {
        if ($USE_ACTIVEDIRECTORY == 0) {
            $USE_MYSQL = 1;
        }
    }
    if ($USE_MYSQL == 0) {
        $q->QUERY_SQL("DELETE FROM hotspot_members WHERE uid='{$LOGIN}'");
    } else {
        if (trim($ligne["uid"]) != null) {
            if ($ligne["enabled"] == 0) {
                $Created = $q->time_to_date($ligne["creationtime"], true);
                wifidog_logs("checkcreds:: {$LOGIN} is disabled {$Created}");
                $GLOBALS["ERROR"] = "<strong>{$LOGIN}</strong> {your_account_is_disabled}<br>{created}:{$Created}";
                return false;
            }
            $ttl = $ligne["ttl"];
            if ($ligne["creationtime"] > 0) {
                if ($ligne["ttl"] > 0) {
                    $EnOfLife = strtotime("+{$ttl} minutes", $ligne["creationtime"]);
                    if (time() > $EnOfLife) {
                        wifidog_logs("checkcreds:: {$LOGIN} expired - End of Life");
                        $GLOBALS["ERROR"] = "{accesstime_to_internet_expired}";
                        return false;
                    }
                }
            }
        }
    }
    $auth = false;
    if ($USE_ACTIVEDIRECTORY == 1) {
        if (checkcreds_AD($ruleid)) {
            return UnLock($array);
        }
    }
    if ($EnableOpenLDAP == 1) {
        if (checkcreds_ldap()) {
            if ($GLOBALS["HOTSPOT_DEBUG"]) {
                wifidog_logs("checkcreds_ldap return true... in line:" . __LINE__);
            }
            return UnLock($array);
        }
    }
    if ($USE_MYSQL == 1) {
        if (checkcreds_mysql($array)) {
            if ($GLOBALS["HOTSPOT_DEBUG"]) {
                wifidog_logs("checkcreds_mysql return true... in line:" . __LINE__);
            }
            return UnLock($array);
        }
    }
    events(1, "Login failed for {$LOGIN}/{$IPADDR}", "MAC:{$MAC}\nHost:{$HOST}\n" . @implode("\n", $GLOBALS["LOGS"]));
    $GLOBALS["ERROR"] = "{wrong_unername_or_password}";
    return false;
}