} } } if ($allowed) { $noProxy = $proxyEnforced ? 'N' : 'Y'; if ($register) { $sql = "insert into user_devices (mac_address, username, auth_time_utc, no_proxy) values ('{$mac}', '" . $conn->escape_string($un) . "', UTC_TIMESTAMP(), '{$noProxy}')"; } else { $sql = "insert into auth_sessions (username, mac_address, ip_address, auth_time_utc, expiry_time_utc, no_proxy) values ('" . $conn->escape_string($un) . "', '{$mac}', '{$srcIP}', UTC_TIMESTAMP(), ADDTIME(UTC_TIMESTAMP(), '{$sessionTime}'), '{$noProxy}')"; } // create a session record if ($conn->query($sql) === false) { $errors[] = "Unable to create " . ($register ? "device" : "session") . " record in database."; } else { $loggedIn = true; iptablesAddUserDevice($mac, $proxyEnforced); } } else { $errors[] = "Your username and password are correct, but you're not authorised to " . ($register ? "register devices" : "log in") . " using this service. <a href='" . SQUID_SUPPORT_URL . "'>Click here to request help with this issue.</a>"; } } else { $errors[] = "Invalid username or password."; } } } if ($errors) { $feedback .= "<p style='color:#f00'>" . implode("<br />", $errors) . "</p>"; } $conn->close(); if ($loggedIn) { $feedback = "<p style='color:#008000'>You are logged in as <strong>{$un}</strong> on this device ({$mac}). You will now be redirected to the page you originally requested.</p>";
function iptablesUpdateChain($proxyEnforced) { $iptMacs = iptablesGetMacs($proxyEnforced); $macs = iptablesGetDbMacs($proxyEnforced); $toAdd = array(); $toDelete = array(); // pass 1: identify MACs to remove from chain foreach ($iptMacs as $mac) { if (!in_array($mac, $macs)) { $toDelete[] = $mac; } } // pass 2: identify MACs to add to chain foreach ($macs as $mac) { if (!in_array($mac, $iptMacs)) { $toAdd[] = $mac; } else { // also check for duplicates in chain $count = count(array_keys($iptMacs, $mac)); while ($count > 1) { $toDelete[] = $mac; $count--; } } } foreach ($toAdd as $mac) { iptablesAddUserDevice($mac, $proxyEnforced); } foreach ($toDelete as $mac) { iptablesRemoveUserDevice($mac, $proxyEnforced); } }