/usr/local/www/services_captiveportal.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/services_captiveportal.php @ 51e9533f

1	a5c0b6c7	Scott Ullrich	<?php
2	5b237745	Scott Ullrich	/*
3			services_captiveportal.php
4			part of m0n0wall (http://m0n0.ch/wall)
5	a5c0b6c7	Scott Ullrich
6	0bd34ed6	Scott Ullrich	Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
7	5b237745	Scott Ullrich	All rights reserved.
8	a5c0b6c7	Scott Ullrich
9	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
10			modification, are permitted provided that the following conditions are met:
11	a5c0b6c7	Scott Ullrich
12	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
13			this list of conditions and the following disclaimer.
14	a5c0b6c7	Scott Ullrich
15	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
16			notice, this list of conditions and the following disclaimer in the
17			documentation and/or other materials provided with the distribution.
18	a5c0b6c7	Scott Ullrich
19	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
20			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
21			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
22			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
23			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28			POSSIBILITY OF SUCH DAMAGE.
29			*/
30	1d333258	Scott Ullrich	/*
31			pfSense_MODULE: captiveportal
32			*/
33	5b237745	Scott Ullrich
34	6b07c15a	Matthew Grooms	##\|+PRIV
35			##\|*IDENT=page-services-captiveportal
36			##\|*NAME=Services: Captive portal page
37			##\|*DESCR=Allow access to the 'Services: Captive portal' page.
38			##\|MATCH=services_captiveportal.php
39			##\|-PRIV
40
41	5633ab30	jim-p	$statusurl = "status_captiveportal.php";
42			$logurl = "diag_logs_auth.php";
43
44	5b237745	Scott Ullrich	require("guiconfig.inc");
45	7ab2b688	Scott Ullrich	require("functions.inc");
46			require("filter.inc");
47			require("shaper.inc");
48			require("captiveportal.inc");
49	5b237745	Scott Ullrich
50	b4792bf8	Ermal	$cpzone = $_GET['zone'];
51			if (isset($_POST['zone']))
52			$cpzone = $_POST['zone'];
53	6fde5a1e	Carlos Eduardo Ramos
54	b4792bf8	Ermal	if (empty($cpzone)) {
55			header("Location: services_captiveportal_zones.php");
56			exit;
57	5b237745	Scott Ullrich	}
58
59	b4792bf8	Ermal	if (!is_array($config['captiveportal']))
60			$config['captiveportal'] = array();
61			$a_cp =& $config['captiveportal'];
62
63			$pgtitle = array(gettext("Services"),gettext("Captive portal"), $a_cp[$cpzone]['zone']);
64
65	5b237745	Scott Ullrich	if ($_GET['act'] == "viewhtml") {
66	b4792bf8	Ermal	if (isset($cpzone) && $a_cp[$cpzone])
67			echo base64_decode($pconfig['page']['htmltext']);
68	5b237745	Scott Ullrich	exit;
69			} else if ($_GET['act'] == "viewerrhtml") {
70	b4792bf8	Ermal	if (isset($cpzone) && $a_cp[$cpzone])
71			echo base64_decode($pconfig['page']['errtext']);
72	5b237745	Scott Ullrich	exit;
73	5b87b24e	Ermal	} else if ($_GET['act'] == "viewlogouthtml") {
74	b4792bf8	Ermal	if (isset($cpzone) && $a_cp[$cpzone])
75			echo base64_decode($pconfig['page']['logouttext']);
76	5b87b24e	Ermal	exit;
77	5b237745	Scott Ullrich	}
78
79	b4792bf8	Ermal	if (isset($cpzone) && $a_cp[$cpzone]) {
80			$pconfig['zoneid'] = $a_cp[$cpzone]['zoneid'];
81			$pconfig['cinterface'] = $a_cp[$cpzone]['interface'];
82			$pconfig['maxproc'] = $a_cp[$cpzone]['maxproc'];
83			$pconfig['maxprocperip'] = $a_cp[$cpzone]['maxprocperip'];
84			$pconfig['timeout'] = $a_cp[$cpzone]['timeout'];
85			$pconfig['idletimeout'] = $a_cp[$cpzone]['idletimeout'];
86			$pconfig['freelogins_count'] = $a_cp[$cpzone]['freelogins_count'];
87			$pconfig['freelogins_resettimeout'] = $a_cp[$cpzone]['freelogins_resettimeout'];
88			$pconfig['freelogins_updatetimeouts'] = isset($a_cp[$cpzone]['freelogins_updatetimeouts']);
89			$pconfig['enable'] = isset($a_cp[$cpzone]['enable']);
90			$pconfig['pms_enabled'] = $a_cp[$cpzone]['pms_enabled'];
91			$pconfig['auth_method'] = $a_cp[$cpzone]['auth_method'];
92			$pconfig['radacct_enable'] = isset($a_cp[$cpzone]['radacct_enable']);
93			$pconfig['radmac_enable'] = isset($a_cp[$cpzone]['radmac_enable']);
94			$pconfig['radmac_secret'] = $a_cp[$cpzone]['radmac_secret'];
95			$pconfig['reauthenticate'] = isset($a_cp[$cpzone]['reauthenticate']);
96			$pconfig['reauthenticateacct'] = $a_cp[$cpzone]['reauthenticateacct'];
97			$pconfig['httpslogin_enable'] = isset($a_cp[$cpzone]['httpslogin']);
98			$pconfig['httpsname'] = $a_cp[$cpzone]['httpsname'];
99			$pconfig['preauthurl'] = strtolower($a_cp[$cpzone]['preauthurl']);
100			$pconfig['cert'] = base64_decode($a_cp[$cpzone]['certificate']);
101			$pconfig['cacert'] = base64_decode($a_cp[$cpzone]['cacertificate']);
102			$pconfig['key'] = base64_decode($a_cp[$cpzone]['private-key']);
103			$pconfig['logoutwin_enable'] = isset($a_cp[$cpzone]['logoutwin_enable']);
104			$pconfig['peruserbw'] = isset($a_cp[$cpzone]['peruserbw']);
105			$pconfig['bwdefaultdn'] = $a_cp[$cpzone]['bwdefaultdn'];
106			$pconfig['bwdefaultup'] = $a_cp[$cpzone]['bwdefaultup'];
107			$pconfig['nomacfilter'] = isset($a_cp[$cpzone]['nomacfilter']);
108			$pconfig['noconcurrentlogins'] = isset($a_cp[$cpzone]['noconcurrentlogins']);
109	b3765f4c	Roberto Nunnari	$pconfig['radius_protocol'] = $a_cp[$cpzone]['radius_protocol'];
110	b4792bf8	Ermal	$pconfig['redirurl'] = $a_cp[$cpzone]['redirurl'];
111			$pconfig['radiusip'] = $a_cp[$cpzone]['radiusip'];
112			$pconfig['radiusip2'] = $a_cp[$cpzone]['radiusip2'];
113	ebc0e4b6	Ermal	$pconfig['radiusip3'] = $a_cp[$cpzone]['radiusip3'];
114			$pconfig['radiusip4'] = $a_cp[$cpzone]['radiusip4'];
115	b4792bf8	Ermal	$pconfig['radiusport'] = $a_cp[$cpzone]['radiusport'];
116			$pconfig['radiusport2'] = $a_cp[$cpzone]['radiusport2'];
117	ebc0e4b6	Ermal	$pconfig['radiusport3'] = $a_cp[$cpzone]['radiusport3'];
118			$pconfig['radiusport4'] = $a_cp[$cpzone]['radiusport4'];
119	b4792bf8	Ermal	$pconfig['radiusacctport'] = $a_cp[$cpzone]['radiusacctport'];
120			$pconfig['radiuskey'] = $a_cp[$cpzone]['radiuskey'];
121			$pconfig['radiuskey2'] = $a_cp[$cpzone]['radiuskey2'];
122	ebc0e4b6	Ermal	$pconfig['radiuskey3'] = $a_cp[$cpzone]['radiuskey3'];
123			$pconfig['radiuskey4'] = $a_cp[$cpzone]['radiuskey4'];
124	b4792bf8	Ermal	$pconfig['radiusvendor'] = $a_cp[$cpzone]['radiusvendor'];
125			$pconfig['radiussession_timeout'] = isset($a_cp[$cpzone]['radiussession_timeout']);
126			$pconfig['radiussrcip_attribute'] = $a_cp[$cpzone]['radiussrcip_attribute'];
127			$pconfig['passthrumacadd'] = isset($a_cp[$cpzone]['passthrumacadd']);
128			$pconfig['passthrumacaddusername'] = isset($a_cp[$cpzone]['passthrumacaddusername']);
129			$pconfig['radmac_format'] = $a_cp[$cpzone]['radmac_format'];
130			$pconfig['page'] = array();
131			if ($a_cp[$cpzone]['page']['htmltext'])
132			$pconfig['page']['htmltext'] = $a_cp[$cpzone]['page']['htmltext'];
133			if ($a_cp[$cpzone]['page']['errtext'])
134			$pconfig['page']['errtext'] = $a_cp[$cpzone]['page']['errtext'];
135			if ($a_cp[$cpzone]['page']['logouttext'])
136			$pconfig['page']['logouttext'] = $a_cp[$cpzone]['page']['logouttext'];
137			}
138	5b237745	Scott Ullrich
139			if ($_POST) {
140
141			unset($input_errors);
142			$pconfig = $_POST;
143
144			/* input validation */
145			if ($_POST['enable']) {
146	b4792bf8	Ermal	$reqdfields = explode(" ", "zone cinterface");
147			$reqdfieldsn = array(gettext("Zone name"), gettext("Interface"));
148	a5c0b6c7	Scott Ullrich
149	5b237745	Scott Ullrich	do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
150	a5c0b6c7	Scott Ullrich
151	b4792bf8	Ermal	/* make sure no interfaces are bridged or used on other zones */
152			if (is_array($_POST['cinterface'])) {
153			foreach ($pconfig['cinterface'] as $cpbrif) {
154	3e4f5a33	jim-p	if (link_interface_to_bridge($cpbrif))
155			$input_errors[] = sprintf(gettext("The captive portal cannot be used on interface %s since it is part of a bridge."), $cpbrif);
156	b4792bf8	Ermal	foreach ($a_cp as $cpkey => $cp) {
157			if ($cpkey != $cpzone \|\| empty($cpzone)) {
158			if (in_array($cpbrif, explode(",", $cp['interface'])))
159			$input_errors[] = sprintf(gettext("The captive portal cannot be used on interface %s since it is used already on %s instance."), $cpbrif, $cp['zone']);
160			}
161			}
162			}
163			}
164	a5c0b6c7	Scott Ullrich
165	5b237745	Scott Ullrich	if ($_POST['httpslogin_enable']) {
166			if (!$_POST['cert'] \|\| !$_POST['key']) {
167	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("Certificate and key must be specified for HTTPS login.");
168	5b237745	Scott Ullrich	} else {
169			if (!strstr($_POST['cert'], "BEGIN CERTIFICATE") \|\| !strstr($_POST['cert'], "END CERTIFICATE"))
170	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("This certificate does not appear to be valid.");
171	c6e1b0f5	Ermal Lu?i	if (!strstr($_POST['cacert'], "BEGIN CERTIFICATE") \|\| !strstr($_POST['cacert'], "END CERTIFICATE"))
172	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("This intermmediate certificate does not appear to be valid.");
173	5b237745	Scott Ullrich	if (!strstr($_POST['key'], "BEGIN RSA PRIVATE KEY") \|\| !strstr($_POST['key'], "END RSA PRIVATE KEY"))
174	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("This key does not appear to be valid.");
175	5b237745	Scott Ullrich	}
176	a5c0b6c7	Scott Ullrich
177	5b237745	Scott Ullrich	if (!$_POST['httpsname'] \|\| !is_domain($_POST['httpsname'])) {
178	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("The HTTPS server name must be specified for HTTPS login.");
179	5b237745	Scott Ullrich	}
180			}
181			}
182	a5c0b6c7	Scott Ullrich
183	5b237745	Scott Ullrich	if ($_POST['timeout'] && (!is_numeric($_POST['timeout']) \|\| ($_POST['timeout'] < 1))) {
184	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("The timeout must be at least 1 minute.");
185	5b237745	Scott Ullrich	}
186			if ($_POST['idletimeout'] && (!is_numeric($_POST['idletimeout']) \|\| ($_POST['idletimeout'] < 1))) {
187	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("The idle timeout must be at least 1 minute.");
188	5b237745	Scott Ullrich	}
189	03552507	Erik Fonnesbeck	if ($_POST['freelogins_count'] && (!is_numeric($_POST['freelogins_count']))) {
190	49f61a1c	Erik Fonnesbeck	$input_errors[] = gettext("The pass-through credit count must be a number or left blank.");
191			} else if ($_POST['freelogins_count'] && is_numeric($_POST['freelogins_count']) && ($_POST['freelogins_count'] >= 1)) {
192			if (empty($_POST['freelogins_resettimeout']) \|\| !is_numeric($_POST['freelogins_resettimeout']) \|\| ($_POST['freelogins_resettimeout'] <= 0)) {
193			$input_errors[] = gettext("The waiting period to restore pass-through credits must be above 0 hours.");
194			}
195	03552507	Erik Fonnesbeck	}
196	5b237745	Scott Ullrich	if (($_POST['radiusip'] && !is_ipaddr($_POST['radiusip']))) {
197	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("A valid IP address must be specified. [%s]"), $_POST['radiusip']);
198	5b237745	Scott Ullrich	}
199	0bd34ed6	Scott Ullrich	if (($_POST['radiusip2'] && !is_ipaddr($_POST['radiusip2']))) {
200	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("A valid IP address must be specified. [%s]"), $_POST['radiusip2']);
201	0bd34ed6	Scott Ullrich	}
202	ebc0e4b6	Ermal	if (($_POST['radiusip3'] && !is_ipaddr($_POST['radiusip3']))) {
203			$input_errors[] = sprintf(gettext("A valid IP address must be specified. [%s]"), $_POST['radiusip3']);
204			}
205			if (($_POST['radiusip4'] && !is_ipaddr($_POST['radiusip4']))) {
206			$input_errors[] = sprintf(gettext("A valid IP address must be specified. [%s]"), $_POST['radiusip4']);
207			}
208	5b237745	Scott Ullrich	if (($_POST['radiusport'] && !is_port($_POST['radiusport']))) {
209	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("A valid port number must be specified. [%s]"), $_POST['radiusport']);
210	5b237745	Scott Ullrich	}
211	0bd34ed6	Scott Ullrich	if (($_POST['radiusport2'] && !is_port($_POST['radiusport2']))) {
212	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("A valid port number must be specified. [%s]"), $_POST['radiusport2']);
213	0bd34ed6	Scott Ullrich	}
214	ebc0e4b6	Ermal	if (($_POST['radiusport3'] && !is_port($_POST['radiusport3']))) {
215			$input_errors[] = sprintf(gettext("A valid port number must be specified. [%s]"), $_POST['radiusport3']);
216			}
217			if (($_POST['radiusport4'] && !is_port($_POST['radiusport4']))) {
218			$input_errors[] = sprintf(gettext("A valid port number must be specified. [%s]"), $_POST['radiusport4']);
219			}
220	5b237745	Scott Ullrich	if (($_POST['radiusacctport'] && !is_port($_POST['radiusacctport']))) {
221	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("A valid port number must be specified. [%s]"), $_POST['radiusacctport']);
222	0bd34ed6	Scott Ullrich	}
223	b4792bf8	Ermal	if ($_POST['maxproc'] && (!is_numeric($_POST['maxproc']) \|\| ($_POST['maxproc'] < 4) \|\| ($_POST['maxproc'] > 100))) {
224	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("The maximum number of concurrent connections per client IP address may not be larger than the global maximum.");
225	5b237745	Scott Ullrich	}
226
227			if (!$input_errors) {
228	b4792bf8	Ermal	$newcp =& $a_cp[$cpzone];
229			//$newcp['zoneid'] = $a_cp[$cpzone]['zoneid'];
230			if (empty($newcp['zoneid'])) {
231			$newcp['zoneid'] = 8000;
232			foreach ($a_cp as $keycpzone => $cp)
233			if ($cp['zoneid'] == $newcp['zoneid'] && $keycpzone != $cpzone)
234			$newcp['zoneid'] += 2; /* Resreve space for SSL config if needed */
235			}
236			$oldifaces = $newcp['interface'];
237	3e4f5a33	jim-p	if (is_array($_POST['cinterface']))
238	b4792bf8	Ermal	$newcp['interface'] = implode(",", $_POST['cinterface']);
239			$newcp['maxproc'] = $_POST['maxproc'];
240			$newcp['maxprocperip'] = $_POST['maxprocperip'] ? $_POST['maxprocperip'] : false;
241			$newcp['timeout'] = $_POST['timeout'];
242			$newcp['idletimeout'] = $_POST['idletimeout'];
243			$newcp['freelogins_count'] = $_POST['freelogins_count'];
244			$newcp['freelogins_resettimeout'] = $_POST['freelogins_resettimeout'];
245			$newcp['freelogins_updatetimeouts'] = $_POST['freelogins_updatetimeouts'] ? true : false;
246			if ($_POST['enable'])
247			$newcp['enable'] = true;
248			else
249			unset($newcp['enable']);
250			if ($_POST['pms_enabled'])
251			$newcp['pms_enabled'] = $_POST['pms_enabled'];
252			else
253			unset($newcp['pms_enabled']);
254			$newcp['auth_method'] = $_POST['auth_method'];
255			$newcp['radacct_enable'] = $_POST['radacct_enable'] ? true : false;
256			$newcp['reauthenticate'] = $_POST['reauthenticate'] ? true : false;
257			$newcp['radmac_enable'] = $_POST['radmac_enable'] ? true : false;
258			$newcp['radmac_secret'] = $_POST['radmac_secret'] ? $_POST['radmac_secret'] : false;
259			$newcp['reauthenticateacct'] = $_POST['reauthenticateacct'];
260			$newcp['httpslogin'] = $_POST['httpslogin_enable'] ? true : false;
261			$newcp['httpsname'] = $_POST['httpsname'];
262			$newcp['preauthurl'] = $_POST['preauthurl'];
263			$newcp['peruserbw'] = $_POST['peruserbw'] ? true : false;
264			$newcp['bwdefaultdn'] = $_POST['bwdefaultdn'];
265			$newcp['bwdefaultup'] = $_POST['bwdefaultup'];
266			$newcp['certificate'] = base64_encode($_POST['cert']);
267			$newcp['cacertificate'] = base64_encode($_POST['cacert']);
268			$newcp['private-key'] = base64_encode($_POST['key']);
269			$newcp['logoutwin_enable'] = $_POST['logoutwin_enable'] ? true : false;
270			$newcp['nomacfilter'] = $_POST['nomacfilter'] ? true : false;
271			$newcp['noconcurrentlogins'] = $_POST['noconcurrentlogins'] ? true : false;
272	b3765f4c	Roberto Nunnari	$newcp['radius_protocol'] = $_POST['radius_protocol'];
273	b4792bf8	Ermal	$newcp['redirurl'] = $_POST['redirurl'];
274	ebc0e4b6	Ermal	if (isset($_POST['radiusip']))
275	13a45484	Cyrill Bannwart	$newcp['radiusip'] = $_POST['radiusip'];
276	ebc0e4b6	Ermal	else
277	13a45484	Cyrill Bannwart	unset($newcp['radiusip3']);
278	ebc0e4b6	Ermal	if (isset($_POST['radiusip2']))
279	13a45484	Cyrill Bannwart	$newcp['radiusip2'] = $_POST['radiusip2'];
280	ebc0e4b6	Ermal	else
281	13a45484	Cyrill Bannwart	unset($newcp['radiusip2']);
282	ebc0e4b6	Ermal	if (isset($_POST['radiusip3']))
283	13a45484	Cyrill Bannwart	$newcp['radiusip3'] = $_POST['radiusip3'];
284	ebc0e4b6	Ermal	else
285	13a45484	Cyrill Bannwart	unset($newcp['radiusip3']);
286	ebc0e4b6	Ermal	if (isset($_POST['radiusip4']))
287	13a45484	Cyrill Bannwart	$newcp['radiusip4'] = $_POST['radiusip4'];
288	ebc0e4b6	Ermal	else
289	13a45484	Cyrill Bannwart	unset($newcp['radiusip4']);
290	b4792bf8	Ermal	$newcp['radiusport'] = $_POST['radiusport'];
291			$newcp['radiusport2'] = $_POST['radiusport2'];
292	ebc0e4b6	Ermal	if (isset($_POST['radiusport3']))
293	13a45484	Cyrill Bannwart	$newcp['radiusport3'] = $_POST['radiusport3'];
294	ebc0e4b6	Ermal	if (isset($_POST['radiusport4']))
295	13a45484	Cyrill Bannwart	$newcp['radiusport4'] = $_POST['radiusport4'];
296	b4792bf8	Ermal	$newcp['radiusacctport'] = $_POST['radiusacctport'];
297			$newcp['radiuskey'] = $_POST['radiuskey'];
298			$newcp['radiuskey2'] = $_POST['radiuskey2'];
299	ebc0e4b6	Ermal	$newcp['radiuskey3'] = $_POST['radiuskey3'];
300			$newcp['radiuskey4'] = $_POST['radiuskey4'];
301	b4792bf8	Ermal	$newcp['radiusvendor'] = $_POST['radiusvendor'] ? $_POST['radiusvendor'] : false;
302			$newcp['radiussession_timeout'] = $_POST['radiussession_timeout'] ? true : false;
303			$newcp['radiussrcip_attribute'] = $_POST['radiussrcip_attribute'];
304			$newcp['passthrumacadd'] = $_POST['passthrumacadd'] ? true : false;
305			$newcp['passthrumacaddusername'] = $_POST['passthrumacaddusername'] ? true : false;
306			$newcp['radmac_format'] = $_POST['radmac_format'] ? $_POST['radmac_format'] : false;
307			if (!is_array($newcp['page']))
308			$newcp['page'] = array();
309			$newcp['timeout'] = 60;
310	a5c0b6c7	Scott Ullrich
311	5b237745	Scott Ullrich	/* file upload? */
312			if (is_uploaded_file($_FILES['htmlfile']['tmp_name']))
313	b4792bf8	Ermal	$newcp['page']['htmltext'] = base64_encode(file_get_contents($_FILES['htmlfile']['tmp_name']));
314	c980716e	Scott Ullrich	if (is_uploaded_file($_FILES['errfile']['tmp_name']))
315	b4792bf8	Ermal	$newcp['page']['errtext'] = base64_encode(file_get_contents($_FILES['errfile']['tmp_name']));
316	5b87b24e	Ermal	if (is_uploaded_file($_FILES['logoutfile']['tmp_name']))
317	b4792bf8	Ermal	$newcp['page']['logouttext'] = base64_encode(file_get_contents($_FILES['logoutfile']['tmp_name']));
318	a5c0b6c7	Scott Ullrich
319	5b237745	Scott Ullrich	write_config();
320	a5c0b6c7	Scott Ullrich
321	b4792bf8	Ermal	if (!empty($oldifaces) && $oldifaces != $newcp['interface']) {
322			$ocpinterfaces = explode(",", $oldifaces);
323			foreach ($ocpinterfaces as $cpifgrp) {
324			$listrealif = get_real_interface($cpifgrp);
325			if (does_interface_exist($listrealif)) {
326			pfSense_interface_flags($listrealif, -IFF_IPFW_FILTER);
327			$carpif = link_ip_to_carp_interface(find_interface_ip($listrealif));
328			if (!empty($carpif)) {
329			$carpsif = explode(" ", $carpif);
330			foreach ($carpsif as $cpcarp)
331			pfSense_interface_flags($cpcarp, -IFF_IPFW_FILTER);
332			}
333			}
334			}
335			}
336	ea1eac37	Scott Ullrich
337	b4792bf8	Ermal	captiveportal_configure_zone($newcp);
338			filter_configure();
339			header("Location: services_captiveportal_zones.php");
340			exit;
341			} else {
342	3e4f5a33	jim-p	if (is_array($_POST['cinterface']))
343			$pconfig['cinterface'] = implode(",", $_POST['cinterface']);
344	5b237745	Scott Ullrich	}
345			}
346	3d4bd975	Scott Ullrich	include("head.inc");
347	5b237745	Scott Ullrich	?>
348	9699028a	Scott Ullrich	<?php include("fbegin.inc"); ?>
349	5b237745	Scott Ullrich	<script language="JavaScript">
350			<!--
351			function enable_change(enable_change) {
352	0bd34ed6	Scott Ullrich	var endis, radius_endis;
353	07bd3f83	Scott Ullrich	endis = !(document.iform.enable.checked \|\| enable_change);
354	0bd34ed6	Scott Ullrich	radius_endis = !((!endis && document.iform.auth_method[2].checked) \|\| enable_change);
355	a5c0b6c7	Scott Ullrich
356	07bd3f83	Scott Ullrich	document.iform.cinterface.disabled = endis;
357	b4792bf8	Ermal	//document.iform.maxproc.disabled = endis;
358	422d57b4	Scott Ullrich	document.iform.maxprocperip.disabled = endis;
359	07bd3f83	Scott Ullrich	document.iform.idletimeout.disabled = endis;
360	03552507	Erik Fonnesbeck	document.iform.freelogins_count.disabled = endis;
361			document.iform.freelogins_resettimeout.disabled = endis;
362			document.iform.freelogins_updatetimeouts.disabled = endis;
363	07bd3f83	Scott Ullrich	document.iform.timeout.disabled = endis;
364	f5adee3f	jim-p	document.iform.preauthurl.disabled = endis;
365	07bd3f83	Scott Ullrich	document.iform.redirurl.disabled = endis;
366	0bd34ed6	Scott Ullrich	document.iform.radiusip.disabled = radius_endis;
367			document.iform.radiusip2.disabled = radius_endis;
368	ebc0e4b6	Ermal	document.iform.radiusip3.disabled = radius_endis;
369			document.iform.radiusip4.disabled = radius_endis;
370	0bd34ed6	Scott Ullrich	document.iform.radiusport.disabled = radius_endis;
371	164a1525	Scott Ullrich	document.iform.radiusport3.disabled = radius_endis;
372			document.iform.radiusport4.disabled = radius_endis;
373	0bd34ed6	Scott Ullrich	document.iform.radiusport2.disabled = radius_endis;
374			document.iform.radiuskey.disabled = radius_endis;
375			document.iform.radiuskey2.disabled = radius_endis;
376	ebc0e4b6	Ermal	document.iform.radiuskey3.disabled = radius_endis;
377			document.iform.radiuskey4.disabled = radius_endis;
378	856e58a6	Scott Ullrich	document.iform.radacct_enable.disabled = radius_endis;
379	f5fa7d5e	Ermal Luçi	document.iform.peruserbw.disabled = endis;
380			document.iform.bwdefaultdn.disabled = endis;
381			document.iform.bwdefaultup.disabled = endis;
382	856e58a6	Scott Ullrich	document.iform.reauthenticate.disabled = radius_endis;
383	7faeda46	Scott Ullrich	document.iform.auth_method[0].disabled = endis;
384			document.iform.auth_method[1].disabled = endis;
385			document.iform.auth_method[2].disabled = endis;
386	b3765f4c	Roberto Nunnari	document.iform.radius_protocol[0].disabled = radius_endis;
387			document.iform.radius_protocol[1].disabled = radius_endis;
388			document.iform.radius_protocol[2].disabled = radius_endis;
389			document.iform.radius_protocol[3].disabled = radius_endis;
390	0bd34ed6	Scott Ullrich	document.iform.radmac_enable.disabled = radius_endis;
391	07bd3f83	Scott Ullrich	document.iform.httpslogin_enable.disabled = endis;
392	d11c1f93	sullrich	document.iform.radmac_format.disabled = radius_endis;
393	07bd3f83	Scott Ullrich	document.iform.httpsname.disabled = endis;
394			document.iform.cert.disabled = endis;
395	f5adee3f	jim-p	document.iform.cacert.disabled = endis;
396	07bd3f83	Scott Ullrich	document.iform.key.disabled = endis;
397			document.iform.logoutwin_enable.disabled = endis;
398	c980716e	Scott Ullrich	document.iform.nomacfilter.disabled = endis;
399	0bd34ed6	Scott Ullrich	document.iform.noconcurrentlogins.disabled = endis;
400			document.iform.radiusvendor.disabled = radius_endis;
401	2342bfb0	Ermal Lu?i	document.iform.radiussession_timeout.disabled = radius_endis;
402	822b687b	Ermal	document.iform.radiussrcip_attribute.disabled = radius_endis;
403	07bd3f83	Scott Ullrich	document.iform.htmlfile.disabled = endis;
404			document.iform.errfile.disabled = endis;
405	5b87b24e	Ermal	document.iform.logoutfile.disabled = endis;
406	a5c0b6c7	Scott Ullrich
407	856e58a6	Scott Ullrich	document.iform.radiusacctport.disabled = (radius_endis \|\| !document.iform.radacct_enable.checked) && !enable_change;
408	a5c0b6c7	Scott Ullrich
409	856e58a6	Scott Ullrich	document.iform.radmac_secret.disabled = (radius_endis \|\| !document.iform.radmac_enable.checked) && !enable_change;
410	a5c0b6c7	Scott Ullrich
411	88adfa28	Warren Baker	var radacct_dis = (radius_endis \|\| !document.iform.radacct_enable.checked) && !enable_change;
412			document.iform.reauthenticateacct[0].disabled = radacct_dis;
413			document.iform.reauthenticateacct[1].disabled = radacct_dis;
414			document.iform.reauthenticateacct[2].disabled = radacct_dis;
415	5b237745	Scott Ullrich	}
416			//-->
417			</script>
418	93588e1a	Scott Dale	<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
419	5b237745	Scott Ullrich	<?php if ($input_errors) print_input_errors($input_errors); ?>
420			<?php if ($savemsg) print_info_box($savemsg); ?>
421			<form action="services_captiveportal.php" method="post" enctype="multipart/form-data" name="iform" id="iform">
422			<table width="100%" border="0" cellpadding="0" cellspacing="0">
423	9699028a	Scott Ullrich	<tr><td class="tabnavtbl">
424	64b85ffe	Scott Ullrich	<?php
425			$tab_array = array();
426	b4792bf8	Ermal	$tab_array[] = array(gettext("Captive portal(s)"), true, "services_captiveportal.php?zone={$cpzone}");
427			$tab_array[] = array(gettext("Pass-through MAC"), false, "services_captiveportal_mac.php?zone={$cpzone}");
428			$tab_array[] = array(gettext("Allowed IP addresses"), false, "services_captiveportal_ip.php?zone={$cpzone}");
429			$tab_array[] = array(gettext("Allowed Hostnames"), false, "services_captiveportal_hostname.php?zone={$cpzone}");
430			$tab_array[] = array(gettext("Vouchers"), false, "services_captiveportal_vouchers.php?zone={$cpzone}");
431			$tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php?zone={$cpzone}");
432	9592c132	Scott Ullrich	display_top_tabs($tab_array, true);
433	0bd34ed6	Scott Ullrich	?> </td></tr>
434	5b237745	Scott Ullrich	<tr>
435	c980716e	Scott Ullrich	<td class="tabcont">
436			<table width="100%" border="0" cellpadding="6" cellspacing="0">
437	a5c0b6c7	Scott Ullrich	<tr>
438	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vtable"> </td>
439			<td width="78%" class="vtable">
440			<input name="enable" type="checkbox" value="yes" <?php if ($pconfig['enable']) echo "checked"; ?> onClick="enable_change(false)">
441	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable captive portal"); ?> </strong></td>
442	5b237745	Scott Ullrich	</tr>
443	a5c0b6c7	Scott Ullrich	<tr>
444	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Interfaces"); ?></td>
445	5b237745	Scott Ullrich	<td width="78%" class="vtable">
446	d823b81c	sullrich	<select name="cinterface[]" multiple="true" size="<?php echo count($config['interfaces']); ?>" class="formselect" id="cinterface">
447	af98cced	Scott Ullrich	<?php
448	fbb45bb0	Ermal Luçi	$interfaces = get_configured_interface_with_descr();
449	c980716e	Scott Ullrich	foreach ($interfaces as $iface => $ifacename): ?>
450	f8b11310	Ermal Lu?i	<option value="<?=$iface;?>" <?php if (stristr($pconfig['cinterface'], $iface)) echo "selected"; ?>>
451	5b237745	Scott Ullrich	<?=htmlspecialchars($ifacename);?>
452			</option>
453			<?php endforeach; ?>
454			</select> <br>
455	16457bdd	Renato Botelho	<span class="vexpl"><?=gettext("Select the interface(s) to enable for captive portal."); ?></span></td>
456	5b237745	Scott Ullrich	</tr>
457	4362e48a	Scott Ullrich	<tr>
458	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("Maximum concurrent connections"); ?></td>
459	4362e48a	Scott Ullrich	<td class="vtable">
460			<table cellpadding="0" cellspacing="0">
461			<tr>
462	b4792bf8	Ermal	<td><input name="maxprocperip" type="text" class="formfld unknown" id="maxprocperip" size="5" value="<?=htmlspecialchars($pconfig['maxprocperip']);?>"> <?=gettext("per client IP address (0 = no limit)"); ?></td>
463	4362e48a	Scott Ullrich	</tr>
464			</table>
465	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("This setting limits the number of concurrent connections to the captive portal HTTP(S) server. This does not set how many users can be logged in " .
466			"to the captive portal, but rather how many users can load the portal page or authenticate at the same time! " .
467	16457bdd	Renato Botelho	"Default is 4 connections per client IP address, with a total maximum of 16 connections."); ?></td>
468	4362e48a	Scott Ullrich	</tr>
469	5b237745	Scott Ullrich	<tr>
470	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("Idle timeout"); ?></td>
471	5b237745	Scott Ullrich	<td class="vtable">
472	b5c78501	Seth Mos	<input name="idletimeout" type="text" class="formfld unknown" id="idletimeout" size="6" value="<?=htmlspecialchars($pconfig['idletimeout']);?>">
473	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("minutes"); ?><br>
474	16457bdd	Renato Botelho	<?=gettext("Clients will be disconnected after this amount of inactivity. They may log in again immediately, though. Leave this field blank for no idle timeout."); ?></td>
475	5b237745	Scott Ullrich	</tr>
476	a5c0b6c7	Scott Ullrich	<tr>
477	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Hard timeout"); ?></td>
478	a5c0b6c7	Scott Ullrich	<td width="78%" class="vtable">
479	b5c78501	Seth Mos	<input name="timeout" type="text" class="formfld unknown" id="timeout" size="6" value="<?=htmlspecialchars($pconfig['timeout']);?>">
480	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("minutes"); ?><br>
481	16457bdd	Renato Botelho	<?=gettext("Clients will be disconnected after this amount of time, regardless of activity. They may log in again immediately, though. Leave this field blank for no hard timeout (not recommended unless an idle timeout is set)."); ?></td>
482	5b237745	Scott Ullrich	</tr>
483	03552507	Erik Fonnesbeck	<tr>
484	49f61a1c	Erik Fonnesbeck	<td width="22%" valign="top" class="vncell"><?=gettext("Pass-through credits allowed per MAC address"); ?></td>
485	03552507	Erik Fonnesbeck	<td width="78%" class="vtable">
486			<input name="freelogins_count" type="text" class="formfld unknown" id="freelogins_count" size="6" value="<?=htmlspecialchars($pconfig['freelogins_count']);?>">
487			<?=gettext("per client MAC address (0 or blank = none)"); ?><br>
488			<?=gettext("This setting allows passing through the captive portal without authentication a limited number of times per MAC address. Once used up, the client can only log in with valid credentials until the waiting period specified below has expired. Recommended to set a hard timeout and/or idle timeout when using this for it to be effective."); ?></td>
489			</tr>
490			<tr>
491	49f61a1c	Erik Fonnesbeck	<td width="22%" valign="top" class="vncell"><?=gettext("Waiting period to restore pass-through credits"); ?></td>
492	03552507	Erik Fonnesbeck	<td width="78%" class="vtable">
493			<input name="freelogins_resettimeout" type="text" class="formfld unknown" id="freelogins_resettimeout" size="6" value="<?=htmlspecialchars($pconfig['freelogins_resettimeout']);?>">
494			<?=gettext("hours"); ?><br>
495	49f61a1c	Erik Fonnesbeck	<?=gettext("Clients will have their available pass-through credits restored to the original count after this amount of time since using the first one. This must be above 0 hours if pass-through credits are enabled."); ?></td>
496	03552507	Erik Fonnesbeck	</tr>
497			<tr>
498	49f61a1c	Erik Fonnesbeck	<td width="22%" valign="top" class="vncell"><?=gettext("Reset waiting period on attempted access"); ?></td>
499	03552507	Erik Fonnesbeck	<td width="78%" class="vtable">
500			<input name="freelogins_updatetimeouts" type="checkbox" class="formfld" id="freelogins_updatetimeouts" value="yes" <?php if($pconfig['freelogins_updatetimeouts']) echo "checked"; ?>>
501			<strong><?=gettext("Enable waiting period reset on attempted access"); ?></strong><br>
502	49f61a1c	Erik Fonnesbeck	<?=gettext("If enabled, the waiting period is reset to the original duration if access is attempted when all pass-through credits have already been exhausted."); ?></td>
503	03552507	Erik Fonnesbeck	</tr>
504	a5c0b6c7	Scott Ullrich	<tr>
505	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Logout popup window"); ?></td>
506	a5c0b6c7	Scott Ullrich	<td width="78%" class="vtable">
507	5b237745	Scott Ullrich	<input name="logoutwin_enable" type="checkbox" class="formfld" id="logoutwin_enable" value="yes" <?php if($pconfig['logoutwin_enable']) echo "checked"; ?>>
508	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable logout popup window"); ?></strong><br>
509	16457bdd	Renato Botelho	<?=gettext("If enabled, a popup window will appear when clients are allowed through the captive portal. This allows clients to explicitly disconnect themselves before the idle or hard timeout occurs."); ?></td>
510	5b237745	Scott Ullrich	</tr>
511	a00e1d89	Scott Ullrich	<tr>
512			<td valign="top" class="vncell"><?=gettext("Pre-authentication redirect URL"); ?> </td>
513			<td class="vtable">
514			<input name="preauthurl" type="text" class="formfld url" id="preauthurl" size="60" value="<?=htmlspecialchars($pconfig['preauthurl']);?>"><br>
515			<?php printf(gettext("Use this field to set \$PORTAL_REDIRURL\$ variable which can be accessed using your custom captive portal index.php page or error pages."));?>
516			</td>
517			</tr>
518	5b237745	Scott Ullrich	<tr>
519	ecc19349	Scott Ullrich	<td valign="top" class="vncell"><?=gettext("After authentication Redirection URL"); ?></td>
520	5b237745	Scott Ullrich	<td class="vtable">
521	b5c78501	Seth Mos	<input name="redirurl" type="text" class="formfld url" id="redirurl" size="60" value="<?=htmlspecialchars($pconfig['redirurl']);?>">
522	5b237745	Scott Ullrich	<br>
523	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("If you provide a URL here, clients will be redirected to that URL instead of the one they initially tried " .
524	16457bdd	Renato Botelho	"to access after they've authenticated."); ?></td>
525	5b237745	Scott Ullrich	</tr>
526			<tr>
527	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("Concurrent user logins"); ?></td>
528	0bd34ed6	Scott Ullrich	<td class="vtable">
529			<input name="noconcurrentlogins" type="checkbox" class="formfld" id="noconcurrentlogins" value="yes" <?php if ($pconfig['noconcurrentlogins']) echo "checked"; ?>>
530	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Disable concurrent logins"); ?></strong><br>
531	16457bdd	Renato Botelho	<?=gettext("If this option is set, only the most recent login per username will be active. Subsequent logins will cause machines previously logged in with the same username to be disconnected."); ?></td>
532	0bd34ed6	Scott Ullrich	</tr>
533			<tr>
534	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("MAC filtering"); ?> </td>
535	c980716e	Scott Ullrich	<td class="vtable">
536			<input name="nomacfilter" type="checkbox" class="formfld" id="nomacfilter" value="yes" <?php if ($pconfig['nomacfilter']) echo "checked"; ?>>
537	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Disable MAC filtering"); ?></strong><br>
538			<?=gettext("If this option is set, no attempts will be made to ensure that the MAC address of clients stays the same while they're logged in." .
539	16457bdd	Renato Botelho	"This is required when the MAC address of the client cannot be determined (usually because there are routers between"); ?> <?php echo $g['product_name'] ?> <?=gettext("and the clients)."); ?>
540			<?=gettext("If this is enabled, RADIUS MAC authentication cannot be used."); ?></td>
541	7e587bdb	Scott Ullrich	</tr>
542			<tr>
543	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("Pass-through MAC Auto Entry"); ?></td>
544	6ce61a8f	Ermal	<td class="vtable">
545			<input name="passthrumacadd" type="checkbox" class="formfld" id="passthrumacadd" value="yes" <?php if ($pconfig['passthrumacadd']) echo "checked"; ?>>
546	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable Pass-through MAC automatic additions"); ?></strong><br>
547	16457bdd	Renato Botelho	<?=gettext("If this option is set, a MAC passthrough entry is automatically added after the user has successfully authenticated. Users of that MAC address will never have to authenticate again."); ?>
548			<?=gettext("To remove the passthrough MAC entry you either have to log in and remove it manually from the"); ?> <a href="services_captiveportal_mac.php"><?=gettext("Pass-through MAC tab"); ?></a> <?=gettext("or send a POST from another system to remove it."); ?>
549			<?=gettext("If this is enabled, RADIUS MAC authentication cannot be used. Also, the logout window will not be shown."); ?>
550	1c291e64	Ermal	<br/><br/>
551			<input name="passthrumacaddusername" type="checkbox" class="formfld" id="passthrumacaddusername" value="yes" <?php if ($pconfig['passthrumacaddusername']) echo "checked"; ?>>
552	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable Pass-through MAC automatic addition with username"); ?></strong><br>
553	16457bdd	Renato Botelho	<?=gettext("If this option is set, with the automatically MAC passthrough entry created the username, used during authentication, will be saved."); ?>
554			<?=gettext("To remove the passthrough MAC entry you either have to log in and remove it manually from the"); ?> <a href="services_captiveportal_mac.php"><?=gettext("Pass-through MAC tab"); ?></a> <?=gettext("or send a POST from another system to remove it."); ?>
555	1c291e64	Ermal	</td>
556	6ce61a8f	Ermal	</tr>
557			<tr>
558	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("Per-user bandwidth restriction"); ?></td>
559	7e587bdb	Scott Ullrich	<td class="vtable">
560			<input name="peruserbw" type="checkbox" class="formfld" id="peruserbw" value="yes" <?php if ($pconfig['peruserbw']) echo "checked"; ?>>
561	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable per-user bandwidth restriction"); ?></strong><br><br>
562	7e587bdb	Scott Ullrich	<table cellpadding="0" cellspacing="0">
563			<tr>
564	6fde5a1e	Carlos Eduardo Ramos	<td><?=gettext("Default download"); ?></td>
565			<td><input type="text" class="formfld unknown" name="bwdefaultdn" id="bwdefaultdn" size="10" value="<?=htmlspecialchars($pconfig['bwdefaultdn']);?>"> <?=gettext("Kbit/s"); ?></td>
566	7e587bdb	Scott Ullrich	</tr>
567			<tr>
568	6fde5a1e	Carlos Eduardo Ramos	<td><?=gettext("Default upload"); ?></td>
569			<td><input type="text" class="formfld unknown" name="bwdefaultup" id="bwdefaultup" size="10" value="<?=htmlspecialchars($pconfig['bwdefaultup']);?>"> <?=gettext("Kbit/s"); ?></td>
570	7e587bdb	Scott Ullrich	</tr></table>
571			<br>
572	16457bdd	Renato Botelho	<?=gettext("If this option is set, the captive portal will restrict each user who logs in to the specified default bandwidth. RADIUS can override the default settings. Leave empty or set to 0 for no limit."); ?> </td>
573	7e587bdb	Scott Ullrich	</tr>
574	b4792bf8	Ermal	<tr>
575			<td valign="top" class="vncell"><?=gettext("PMS authentication"); ?> </td>
576			<td class="vtable">
577			<input name="pms_enabled" type="checkbox" class="formfld" id="pms_enabled" value="yes" <?php if ($pconfig['pms_enabled']) echo "checked"; ?>>
578			<strong><?=gettext("Enable PMS authentication"); ?></strong><br>
579			<?=gettext("If this option is set, users will be authenticated through the PMS backend if they fill the necessary information in the login page.");?>
580			</td>
581			</tr>
582	a5c0b6c7	Scott Ullrich	<tr>
583	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Authentication"); ?></td>
584	a5c0b6c7	Scott Ullrich	<td width="78%" class="vtable">
585	c980716e	Scott Ullrich	<table cellpadding="0" cellspacing="0">
586			<tr>
587	0bd34ed6	Scott Ullrich	<td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="none" onClick="enable_change(false)" <?php if($pconfig['auth_method']!="local" && $pconfig['auth_method']!="radius") echo "checked"; ?>>
588	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("No Authentication"); ?></td>
589	c980716e	Scott Ullrich	</tr>
590			<tr>
591	0bd34ed6	Scott Ullrich	<td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="local" onClick="enable_change(false)" <?php if($pconfig['auth_method']=="local") echo "checked"; ?>>
592	58f963d0	Scott Ullrich	<?=gettext("Local"); ?> <a href="system_usermanager.php"><?=gettext("User Manager"); ?></a> / <?=gettext("Vouchers"); ?></td>
593	c980716e	Scott Ullrich	</tr>
594			<tr>
595	0bd34ed6	Scott Ullrich	<td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="radius" onClick="enable_change(false)" <?php if($pconfig['auth_method']=="radius") echo "checked"; ?>>
596	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("RADIUS Authentication"); ?></td>
597	c980716e	Scott Ullrich	</tr><tr>
598			<td> </td>
599			<td> </td>
600			</tr>
601	b3765f4c	Roberto Nunnari	<tr>
602			<td width="22%" valign="top" class="vncell"><?=gettext("Radius Protocol"); ?></td>
603			<td width="78%" class="vtable">
604			<table cellpadding="0" cellspacing="0">
605			<tr>
606			<td colspan="2"><input name="radius_protocol" type="radio" id="radius_protocol" value="PAP" onClick="enable_change(false)" <?php if($pconfig['auth_method']=="radius" && $pconfig['radius_protocol']!="CHAP_MD5" && $pconfig['radius_protocol']!="MSCHAPv1" && $pconfig['radius_protocol']!="MSCHAPv2") echo "checked"; ?>>
607			<?=gettext("PAP"); ?></td>
608			</tr>
609			<tr>
610			<td colspan="2"><input name="radius_protocol" type="radio" id="radius_protocol" value="CHAP_MD5" onClick="enable_change(false)" <?php if($pconfig['auth_method']=="radius" && $pconfig['radius_protocol']=="CHAP_MD5") echo "checked"; ?>>
611			<?=gettext("CHAP_MD5"); ?></td>
612			</tr>
613			<tr>
614			<td colspan="2"><input name="radius_protocol" type="radio" id="radius_protocol" value="MSCHAPv1" onClick="enable_change(false)" <?php if($pconfig['auth_method']=="radius" && $pconfig['radius_protocol']=="MSCHAPv1") echo "checked"; ?>>
615			<?=gettext("MSCHAPv1"); ?></td>
616			</tr>
617			<tr>
618			<td colspan="2"><input name="radius_protocol" type="radio" id="radius_protocol" value="MSCHAPv2" onClick="enable_change(false)" <?php if($pconfig['auth_method']=="radius" && $pconfig['radius_protocol']=="MSCHAPv2") echo "checked"; ?>>
619			<?=gettext("MSCHAPv2"); ?></td>
620			</tr><tr>
621			<td> </td>
622			<td> </td>
623			</tr>
624			</table>
625			</tr><tr>
626			<td> </td>
627			<td> </td>
628			</tr>
629			</table>
630	0bd34ed6	Scott Ullrich	<table width="100%" border="0" cellpadding="6" cellspacing="0">
631	a5c0b6c7	Scott Ullrich	<tr>
632	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("Primary RADIUS server"); ?></td>
633	0bd34ed6	Scott Ullrich	</tr>
634			<tr>
635	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("IP address"); ?></td>
636	b5c78501	Seth Mos	<td class="vtable"><input name="radiusip" type="text" class="formfld unknown" id="radiusip" size="20" value="<?=htmlspecialchars($pconfig['radiusip']);?>"><br>
637	16457bdd	Renato Botelho	<?=gettext("Enter the IP address of the RADIUS server which users of the captive portal have to authenticate against."); ?></td>
638	0bd34ed6	Scott Ullrich	</tr>
639			<tr>
640	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Port"); ?></td>
641	b5c78501	Seth Mos	<td class="vtable"><input name="radiusport" type="text" class="formfld unknown" id="radiusport" size="5" value="<?=htmlspecialchars($pconfig['radiusport']);?>"><br>
642	16457bdd	Renato Botelho	<?=gettext("Leave this field blank to use the default port (1812)."); ?></td>
643	0bd34ed6	Scott Ullrich	</tr>
644			<tr>
645	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Shared secret"); ?>  </td>
646	b5c78501	Seth Mos	<td class="vtable"><input name="radiuskey" type="text" class="formfld unknown" id="radiuskey" size="16" value="<?=htmlspecialchars($pconfig['radiuskey']);?>"><br>
647	16457bdd	Renato Botelho	<?=gettext("Leave this field blank to not use a RADIUS shared secret (not recommended)."); ?></td>
648	0bd34ed6	Scott Ullrich	</tr>
649	a5c0b6c7	Scott Ullrich	<tr>
650	0bd34ed6	Scott Ullrich	<td colspan="2" class="list" height="12"></td>
651			</tr>
652			<tr>
653	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("Secondary RADIUS server"); ?></td>
654	0bd34ed6	Scott Ullrich	</tr>
655			<tr>
656	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("IP address"); ?></td>
657	b5c78501	Seth Mos	<td class="vtable"><input name="radiusip2" type="text" class="formfld unknown" id="radiusip2" size="20" value="<?=htmlspecialchars($pconfig['radiusip2']);?>"><br>
658	16457bdd	Renato Botelho	<?=gettext("If you have a second RADIUS server, you can activate it by entering its IP address here."); ?></td>
659	0bd34ed6	Scott Ullrich	</tr>
660			<tr>
661	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Port"); ?></td>
662	b5c78501	Seth Mos	<td class="vtable"><input name="radiusport2" type="text" class="formfld unknown" id="radiusport2" size="5" value="<?=htmlspecialchars($pconfig['radiusport2']);?>"></td>
663	0bd34ed6	Scott Ullrich	</tr>
664			<tr>
665	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Shared secret"); ?>  </td>
666	0b704a40	Ermal	<td class="vtable"><input name="radiuskey2" type="text" class="formfld unknown" id="radiuskey2" size="16" value="<?=htmlspecialchars($pconfig['radiuskey2']);?>"></td>
667	0bd34ed6	Scott Ullrich	</tr>
668			<tr>
669			<td colspan="2" class="list" height="12"></td>
670			</tr>
671	ebc0e4b6	Ermal	<tr>
672	164a1525	Scott Ullrich	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("Tertiary RADIUS server"); ?></td>
673	ebc0e4b6	Ermal	</tr>
674			<tr>
675			<td class="vncell" valign="top"><?=gettext("IP address"); ?></td>
676			<td class="vtable"><input name="radiusip3" type="text" class="formfld unknown" id="radiusip3" size="20" value="<?=htmlspecialchars($pconfig['radiusip3']);?>"><br>
677	d568e38d	Scott Ullrich	<?=gettext("If you have a third RADIUS server, you can activate it by entering its IP address here."); ?></td>
678	ebc0e4b6	Ermal	</tr>
679			<tr>
680			<td class="vncell" valign="top"><?=gettext("Port"); ?></td>
681			<td class="vtable"><input name="radiusport3" type="text" class="formfld unknown" id="radiusport3" size="5" value="<?=htmlspecialchars($pconfig['radiusport3']);?>"></td>
682			</tr>
683			<tr>
684			<td class="vncell" valign="top"><?=gettext("Shared secret"); ?>  </td>
685			<td class="vtable"><input name="radiuskey3" type="text" class="formfld unknown" id="radiuskey3" size="16" value="<?=htmlspecialchars($pconfig['radiuskey3']);?>"></td>
686			</tr>
687			<tr>
688			<td colspan="2" class="list" height="12"></td>
689			</tr>
690			<tr>
691	164a1525	Scott Ullrich	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("Quaternary RADIUS server"); ?></td>
692	ebc0e4b6	Ermal	</tr>
693			<tr>
694			<td class="vncell" valign="top"><?=gettext("IP address"); ?></td>
695			<td class="vtable"><input name="radiusip4" type="text" class="formfld unknown" id="radiusip4" size="20" value="<?=htmlspecialchars($pconfig['radiusip4']);?>"><br>
696	d568e38d	Scott Ullrich	<?=gettext("If you have a fourth RADIUS server, you can activate it by entering its IP address here."); ?></td>
697	ebc0e4b6	Ermal	</tr>
698			<tr>
699			<td class="vncell" valign="top"><?=gettext("Port"); ?></td>
700			<td class="vtable"><input name="radiusport4" type="text" class="formfld unknown" id="radiusport4" size="5" value="<?=htmlspecialchars($pconfig['radiusport4']);?>"></td>
701			</tr>
702			<tr>
703			<td class="vncell" valign="top"><?=gettext("Shared secret"); ?>  </td>
704			<td class="vtable"><input name="radiuskey4" type="text" class="formfld unknown" id="radiuskey4" size="16" value="<?=htmlspecialchars($pconfig['radiuskey4']);?>"></td>
705			</tr>
706			<tr>
707			<td colspan="2" class="list" height="12"></td>
708			</tr>
709	856e58a6	Scott Ullrich	<tr>
710	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("Accounting"); ?></td>
711	856e58a6	Scott Ullrich	</tr>
712			<tr>
713			<td class="vncell"> </td>
714			<td class="vtable"><input name="radacct_enable" type="checkbox" id="radacct_enable" value="yes" onClick="enable_change(false)" <?php if($pconfig['radacct_enable']) echo "checked"; ?>>
715	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("send RADIUS accounting packets"); ?></strong><br>
716	16457bdd	Renato Botelho	<?=gettext("If this is enabled, RADIUS accounting packets will be sent to the primary RADIUS server."); ?></td>
717	856e58a6	Scott Ullrich	</tr>
718			<tr>
719	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Accounting port"); ?></td>
720	b5c78501	Seth Mos	<td class="vtable"><input name="radiusacctport" type="text" class="formfld unknown" id="radiusacctport" size="5" value="<?=htmlspecialchars($pconfig['radiusacctport']);?>"><br>
721	16457bdd	Renato Botelho	<?=gettext("Leave blank to use the default port (1813)."); ?></td>
722	856e58a6	Scott Ullrich	</tr>
723			<tr>
724			<td colspan="2" class="list" height="12"></td>
725			</tr>
726			<tr>
727	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("Reauthentication"); ?></td>
728	856e58a6	Scott Ullrich	</tr>
729			<tr>
730			<td class="vncell"> </td>
731			<td class="vtable"><input name="reauthenticate" type="checkbox" id="reauthenticate" value="yes" onClick="enable_change(false)" <?php if($pconfig['reauthenticate']) echo "checked"; ?>>
732	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Reauthenticate connected users every minute"); ?></strong><br>
733			<?=gettext("If reauthentication is enabled, Access-Requests will be sent to the RADIUS server for each user that is " .
734	16457bdd	Renato Botelho	"logged in every minute. If an Access-Reject is received for a user, that user is disconnected from the captive portal immediately."); ?></td>
735	856e58a6	Scott Ullrich	</tr>
736			<tr>
737	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Accounting updates"); ?></td>
738	856e58a6	Scott Ullrich	<td class="vtable">
739	6fde5a1e	Carlos Eduardo Ramos	<input name="reauthenticateacct" type="radio" value="" <?php if(!$pconfig['reauthenticateacct']) echo "checked"; ?>> <?=gettext("no accounting updates"); ?><br>
740			<input name="reauthenticateacct" type="radio" value="stopstart" <?php if($pconfig['reauthenticateacct'] == "stopstart") echo "checked"; ?>> <?=gettext("stop/start accounting"); ?><br>
741			<input name="reauthenticateacct" type="radio" value="interimupdate" <?php if($pconfig['reauthenticateacct'] == "interimupdate") echo "checked"; ?>> <?=gettext("interim update"); ?>
742	856e58a6	Scott Ullrich	</td>
743			</tr>
744			<tr>
745			<td colspan="2" class="list" height="12"></td>
746			</tr>
747	0bd34ed6	Scott Ullrich	<tr>
748	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("RADIUS MAC authentication"); ?></td>
749	0bd34ed6	Scott Ullrich	</tr>
750			<tr>
751			<td class="vncell"> </td>
752			<td class="vtable">
753	6fde5a1e	Carlos Eduardo Ramos	<input name="radmac_enable" type="checkbox" id="radmac_enable" value="yes" onClick="enable_change(false)" <?php if ($pconfig['radmac_enable']) echo "checked"; ?>><strong><?=gettext("Enable RADIUS MAC authentication"); ?></strong><br>
754			<?=gettext("If this option is enabled, the captive portal will try to authenticate users by sending their MAC address as the username and the password " .
755	16457bdd	Renato Botelho	"entered below to the RADIUS server."); ?></td>
756	0bd34ed6	Scott Ullrich	</tr>
757			<tr>
758	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell"><?=gettext("Shared secret"); ?></td>
759	b5c78501	Seth Mos	<td class="vtable"><input name="radmac_secret" type="text" class="formfld unknown" id="radmac_secret" size="16" value="<?=htmlspecialchars($pconfig['radmac_secret']);?>"></td>
760	0bd34ed6	Scott Ullrich	</tr>
761			<tr>
762			<td colspan="2" class="list" height="12"></td>
763			</tr>
764			<tr>
765	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("RADIUS options"); ?></td>
766	0bd34ed6	Scott Ullrich	</tr>
767	cf0542ac	Scott Ullrich
768	822b687b	Ermal	<tr>
769	d440e668	Chris Buechler	<td class="vncell" valign="top"><?=gettext("RADIUS NAS IP attribute"); ?></td>
770	822b687b	Ermal	<td>
771			<select name="radiussrcip_attribute" id="radiussrcip_attribute">
772			<?php $iflist = get_configured_interface_with_descr();
773			foreach ($iflist as $ifdesc => $ifdescr) {
774			$ipaddr = get_interface_ip($ifdesc);
775			if (is_ipaddr($ipaddr)) {
776			$selected = "";
777	50779708	Ermal	if ($ifdesc == $pconfig['radiussrcip_attribute'])
778	ebc0e4b6	Ermal	$selected= "selected";
779	822b687b	Ermal	echo "<option value='{$ifdesc}' {$selected}>{$ifdescr} - {$ipaddr}</option>\n";
780			}
781			}
782	34e9ca60	Ermal	if (is_array($config['virtualip']['vip'])) {
783			foreach ($config['virtualip']['vip'] as $sn) {
784			if ($sn['mode'] == "proxyarp" && $sn['type'] == "network") {
785			$start = ip2long32(gen_subnet($sn['subnet'], $sn['subnet_bits']));
786			$end = ip2long32(gen_subnet_max($sn['subnet'], $sn['subnet_bits']));
787			$len = $end - $start;
788
789			for ($i = 0; $i <= $len; $i++) {
790			$snip = long2ip32($start+$i);
791			echo "<option value='{$snip}' {$selected}>" . htmlspecialchars("{$sn['descr']} - {$snip}") . "></option>\n";
792			}
793			} else
794			echo "<option value='{$sn['subnet']}' {$selected}>" . htmlspecialchars("{$sn['descr']} - {$sn['subnet']}") . "></option>\n";
795			}
796			}
797	822b687b	Ermal	?>
798			</select><br/>
799	375828d9	Chris Buechler	<?=gettext("Choose the IP to use for calling station attribute."); ?>
800	822b687b	Ermal	</td>
801			</tr>
802
803	0bd34ed6	Scott Ullrich	<tr>
804	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Session-Timeout"); ?></td>
805			<td class="vtable"><input name="radiussession_timeout" type="checkbox" id="radiussession_timeout" value="yes" <?php if ($pconfig['radiussession_timeout']) echo "checked"; ?>><strong><?=gettext("Use RADIUS Session-Timeout attributes"); ?></strong><br>
806	16457bdd	Renato Botelho	<?=gettext("When this is enabled, clients will be disconnected after the amount of time retrieved from the RADIUS Session-Timeout attribute."); ?></td>
807	0bd34ed6	Scott Ullrich	</tr>
808	cf0542ac	Scott Ullrich
809	0bd34ed6	Scott Ullrich	<tr>
810	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Type"); ?></td>
811	0bd34ed6	Scott Ullrich	<td class="vtable"><select name="radiusvendor" id="radiusvendor">
812	6fde5a1e	Carlos Eduardo Ramos	<option><?=gettext("default"); ?></option>
813	a5c0b6c7	Scott Ullrich	<?php
814	0bd34ed6	Scott Ullrich	$radiusvendors = array("cisco");
815			foreach ($radiusvendors as $radiusvendor){
816			if ($pconfig['radiusvendor'] == $radiusvendor)
817			echo "<option selected value=\"$radiusvendor\">$radiusvendor</option>\n";
818			else
819			echo "<option value=\"$radiusvendor\">$radiusvendor</option>\n";
820			}
821			?></select><br>
822	3b7f0f53	Erik Fonnesbeck	<?php printf(gettext("If RADIUS type is set to Cisco, in Access-Requests the value of Calling-Station-Id will be set to the client's IP address and " .
823			"the Called-Station-Id to the client's MAC address. Default behavior is Calling-Station-Id = client's MAC address and Called-Station-Id = %s's WAN IP address."),
824	16457bdd	Renato Botelho	$g['product_name']);?></td>
825	0bd34ed6	Scott Ullrich	</tr>
826			</table>
827	5b237745	Scott Ullrich	</tr>
828	d11c1f93	sullrich	<tr>
829	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("MAC address format"); ?></td>
830	d11c1f93	sullrich	<td class="vtable">
831			<select name="radmac_format" id="radmac_format">
832	6fde5a1e	Carlos Eduardo Ramos	<option><?=gettext("default"); ?></option>
833	d11c1f93	sullrich	<?php
834	6fde5a1e	Carlos Eduardo Ramos	$macformats = array(gettext("singledash"),gettext("ietf"),gettext("cisco"),gettext("unformatted"));
835	d11c1f93	sullrich	foreach ($macformats as $macformat) {
836			if ($pconfig['radmac_format'] == $macformat)
837			echo "<option selected value=\"$macformat\">$macformat</option>\n";
838			else
839			echo "<option value=\"$macformat\">$macformat</option>\n";
840			}
841			?>
842			</select></br>
843	60f13e63	Carlos Eduardo Ramos	<?=gettext("This option changes the MAC address format used in the whole RADIUS system. Change this if you also"); ?>
844	16457bdd	Renato Botelho	<?=gettext("need to change the username format for RADIUS MAC authentication."); ?><br>
845			<?=gettext("default:"); ?> 00:11:22:33:44:55<br>
846			<?=gettext("singledash:"); ?> 001122-334455<br>
847			<?=gettext("ietf:"); ?> 00-11-22-33-44-55<br>
848			<?=gettext("cisco:"); ?> 0011.2233.4455<br>
849			<?=gettext("unformatted:"); ?> 001122334455
850	d11c1f93	sullrich	</tr>
851	5b237745	Scott Ullrich	<tr>
852	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("HTTPS login"); ?></td>
853	5b237745	Scott Ullrich	<td class="vtable">
854	c980716e	Scott Ullrich	<input name="httpslogin_enable" type="checkbox" class="formfld" id="httpslogin_enable" value="yes" <?php if($pconfig['httpslogin_enable']) echo "checked"; ?>>
855	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable HTTPS login"); ?></strong><br>
856	16457bdd	Renato Botelho	<?=gettext("If enabled, the username and password will be transmitted over an HTTPS connection to protect against eavesdroppers. A server name, certificate and matching private key must also be specified below."); ?></td>
857	5b237745	Scott Ullrich	</tr>
858			<tr>
859	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("HTTPS server name"); ?> </td>
860	5b237745	Scott Ullrich	<td class="vtable">
861	b5c78501	Seth Mos	<input name="httpsname" type="text" class="formfld unknown" id="httpsname" size="30" value="<?=htmlspecialchars($pconfig['httpsname']);?>"><br>
862	3b7f0f53	Erik Fonnesbeck	<?php printf(gettext("This name will be used in the form action for the HTTPS POST and should match the Common Name (CN) in your certificate (otherwise, the client browser will most likely display a security warning). Make sure captive portal clients can resolve this name in DNS and verify on the client that the IP resolves to the correct interface IP on %s."), $g['product_name']);?> </td>
863	5b237745	Scott Ullrich	</tr>
864			<tr>
865	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("HTTPS certificate"); ?></td>
866	5b237745	Scott Ullrich	<td class="vtable">
867			<textarea name="cert" cols="65" rows="7" id="cert" class="formpre"><?=htmlspecialchars($pconfig['cert']);?></textarea>
868			<br>
869	16457bdd	Renato Botelho	<?=gettext("Paste a signed certificate in X.509 PEM format here."); ?></td>
870	5b237745	Scott Ullrich	</tr>
871			<tr>
872	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("HTTPS private key"); ?></td>
873	5b237745	Scott Ullrich	<td class="vtable">
874			<textarea name="key" cols="65" rows="7" id="key" class="formpre"><?=htmlspecialchars($pconfig['key']);?></textarea>
875			<br>
876	16457bdd	Renato Botelho	<?=gettext("Paste an RSA private key in PEM format here."); ?></td>
877	5b237745	Scott Ullrich	</tr>
878	c6e1b0f5	Ermal Lu?i	<tr>
879	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("HTTPS intermediate certificate"); ?></td>
880	c6e1b0f5	Ermal Lu?i	<td class="vtable">
881			<textarea name="cacert" cols="65" rows="7" id="cacert" class="formpre"><?=htmlspecialchars($pconfig['cacert']);?></textarea>
882			<br>
883	16457bdd	Renato Botelho	<?=gettext("Paste a certificate in X.509 PEM format here."); ?></td>
884	c6e1b0f5	Ermal Lu?i	</tr>
885	a5c0b6c7	Scott Ullrich	<tr>
886	b4792bf8	Ermal	<td width="22%" valign="top" class="vncell"><?=gettext("Portal page contents"); ?></td>
887	a5c0b6c7	Scott Ullrich	<td width="78%" class="vtable">
888	b5c78501	Seth Mos	<?=$mandfldhtml;?><input type="file" name="htmlfile" class="formfld file" id="htmlfile"><br>
889	16f5fe76	Scott Ullrich	<?php
890			list($host) = explode(":", $_SERVER['HTTP_HOST']);
891	b4792bf8	Ermal	if($pconfig['zoneid']) {
892			$href = "https://{$host}:{$pconfig['zoneid']}";
893	16f5fe76	Scott Ullrich	} else {
894	b4792bf8	Ermal	$href = "http://{$host}:8000";
895	a5c0b6c7	Scott Ullrich	}
896	16f5fe76	Scott Ullrich	?>
897	b4792bf8	Ermal	<?php if ($pconfig['page']['htmltext']): ?>
898	6fde5a1e	Carlos Eduardo Ramos	<a href="<?=$href?>" target="_new"><?=gettext("View current page"); ?></a>
899	5b237745	Scott Ullrich	<br>
900			<br>
901			<?php endif; ?>
902	3b7f0f53	Erik Fonnesbeck	<?php
903	16457bdd	Renato Botelho	printf(
904	3b7f0f53	Erik Fonnesbeck	gettext('Upload an HTML/PHP file for the portal page here (leave blank to keep the current one). ' .
905			'Make sure to include a form (POST to %1$s) with a submit button (%2$s) and a hidden field with %3$s and %4$s. ' .
906			'Include the %5$s and %6$s and/or %7$s input fields if authentication is enabled, otherwise it will always fail.'),
907	16457bdd	Renato Botelho	""{$PORTAL_ACTION}"",
908			"name="accept"",
909			"name="redirurl"",
910			"value="{$PORTAL_REDIRURL}"",
911			""auth_user"",
912			""auth_pass"",
913			""auth_voucher"");
914			?>
915			<?=gettext("Example code for the form:"); ?><br>
916	5b237745	Scott Ullrich	<br>
917			<tt><form method="post" action="$PORTAL_ACTION$"><br>
918			<input name="auth_user" type="text"><br>
919			<input name="auth_pass" type="password"><br>
920	336e3c1c	Charlie	<input name="auth_voucher" type="text"><br>
921	5b237745	Scott Ullrich	<input name="redirurl" type="hidden" value="$PORTAL_REDIRURL$"><br>
922			<input name="accept" type="submit" value="Continue"><br>
923			</form></tt></td>
924			</tr>
925			<tr>
926	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Authentication"); ?><br>
927			<?=gettext("error page"); ?><br>
928			<?=gettext("contents"); ?></td>
929	5b237745	Scott Ullrich	<td class="vtable">
930	b5c78501	Seth Mos	<input name="errfile" type="file" class="formfld file" id="errfile"><br>
931	b4792bf8	Ermal	<?php if ($pconfig['page']['errtext']): ?>
932	6fde5a1e	Carlos Eduardo Ramos	<a href="?act=viewerrhtml" target="_blank"><?=gettext("View current page"); ?></a>
933	5b237745	Scott Ullrich	<br>
934			<br>
935			<?php endif; ?>
936	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("The contents of the HTML/PHP file that you upload here are displayed when an authentication error occurs. " .
937	16457bdd	Renato Botelho	"You may include"); ?> "$PORTAL_MESSAGE$", <?=gettext("which will be replaced by the error or reply messages from the RADIUS server, if any."); ?></td>
938	5b87b24e	Ermal	</tr>
939			<tr>
940	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Logout"); ?><br>
941			<?=gettext("page"); ?><br>
942			<?=gettext("contents"); ?></td>
943	5b87b24e	Ermal	<td class="vtable">
944			<input name="logoutfile" type="file" class="formfld file" id="logoutfile"><br>
945	b4792bf8	Ermal	<?php if ($pconfig['page']['logouttext']): ?>
946	6fde5a1e	Carlos Eduardo Ramos	<a href="?act=viewlogouthtml" target="_blank"><?=gettext("View current page"); ?></a>
947	5b87b24e	Ermal	<br>
948			<br>
949			<?php endif; ?>
950	a36e98ff	Erik Fonnesbeck	<?=gettext("The contents of the HTML/PHP file that you upload here are displayed on authentication success when the logout popup is enabled."); ?></td>
951	5b237745	Scott Ullrich	</tr>
952	a5c0b6c7	Scott Ullrich	<tr>
953	5b237745	Scott Ullrich	<td width="22%" valign="top"> </td>
954	a5c0b6c7	Scott Ullrich	<td width="78%">
955	b4792bf8	Ermal	<?php echo "<input name='zone' id='zone' type='hidden' value='{$cpzone}'/>"; ?>
956	6fde5a1e	Carlos Eduardo Ramos	<input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" onClick="enable_change(true)">
957	b4792bf8	Ermal	<a href="services_captiveportal_zones.php"><input name="Cancel" type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" onClick="enable_change(true)"></a>
958	5b237745	Scott Ullrich	</td>
959			</tr>
960	a5c0b6c7	Scott Ullrich	<tr>
961	5b237745	Scott Ullrich	<td width="22%" valign="top"> </td>
962	16457bdd	Renato Botelho	<td width="78%"><span class="vexpl"><span class="red"><strong><?=gettext("Note:"); ?><br>
963			</strong></span><?=gettext("Changing any settings on this page will disconnect all clients! Don't forget to enable the DHCP server on your captive portal interface! Make sure that the default/maximum DHCP lease time is higher than the timeout entered on this page. Also, the DNS forwarder needs to be enabled for DNS lookups by unauthenticated clients to work."); ?> </span></td>
964	5b237745	Scott Ullrich	</tr>
965			</table>
966			</td>
967			</tr>
968			</table>
969			</form>
970			<script language="JavaScript">
971			<!--
972			enable_change(false);
973			//-->
974			</script>
975			<?php include("fend.inc"); ?>
976	93588e1a	Scott Dale	</body>
977			</html>

Project

General

Profile

pfSense