pfSense

https://forum.pfsense.org/index.php?topic=91435.0

According to https://github.com/pfsense/pfsense/blob/master/etc/inc/voucher.inc#L292 when a voucher is expired manually, a test is executed to see if that voucher is in use.
Or, $cpentry is used the correct way.
$cpentry is an array filled up one (or multiple ) arrays.
In this case, only one "array in array" will be found.

Next issue: if a logged in user/voucher is found, captiveportal_disconnect()is called.
captiveportal_disconnect() presumes that $cpzoneid is set to a valid zone ID.
When calling captiveportal_disconnect() from /etc/inc/voucher.inc $cpzoneid isn't set.

Right now, I use this:

                /* Check if this voucher has any active sessions */
                $cpentry = captiveportal_read_db("WHERE username = '{$voucher}'");
                if (!empty($cpentry) && !empty($cpentry[0]) ) {
                    $cpentry = $cpentry[0];
                    // surface global variable $cpzoneid needed by captiveportal_disconnect()
                    $cpzoneid = $config['captiveportal'][$cpzone]['zoneid'];
                    captiveportal_disconnect($cpentry,null,13);
                    captiveportal_logportalauth($cpentry[4],$cpentry[3],$cpentry[2],"FORCLY TERMINATING VOUCHER {$voucher} SESSION");
                    $unsetindexes[] = $cpentry[5];
                }

The array $cpentry is correctly now.
$cpzoneid is surfaced locally - maybe this should be done more globally.

Note: the only place where $cpzoneid is set, is in /usr/local/captiveportal/index.php : here https://github.com/pfsense/pfsense/blob/master/usr/local/captiveportal/index.php#L58