/usr/local/www/services_captiveportal.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/services_captiveportal.php @ a9a5b957

1	a5c0b6c7	Scott Ullrich	<?php
2	5b237745	Scott Ullrich	/*
3			services_captiveportal.php
4			part of m0n0wall (http://m0n0.ch/wall)
5	a5c0b6c7	Scott Ullrich
6	0bd34ed6	Scott Ullrich	Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
7	5b237745	Scott Ullrich	All rights reserved.
8	a5c0b6c7	Scott Ullrich
9	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
10			modification, are permitted provided that the following conditions are met:
11	a5c0b6c7	Scott Ullrich
12	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
13			this list of conditions and the following disclaimer.
14	a5c0b6c7	Scott Ullrich
15	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
16			notice, this list of conditions and the following disclaimer in the
17			documentation and/or other materials provided with the distribution.
18	a5c0b6c7	Scott Ullrich
19	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
20			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
21			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
22			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
23			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28			POSSIBILITY OF SUCH DAMAGE.
29			*/
30	1d333258	Scott Ullrich	/*
31			pfSense_MODULE: captiveportal
32			*/
33	5b237745	Scott Ullrich
34	6b07c15a	Matthew Grooms	##\|+PRIV
35			##\|*IDENT=page-services-captiveportal
36			##\|*NAME=Services: Captive portal page
37			##\|*DESCR=Allow access to the 'Services: Captive portal' page.
38			##\|MATCH=services_captiveportal.php
39			##\|-PRIV
40
41	5633ab30	jim-p	$statusurl = "status_captiveportal.php";
42			$logurl = "diag_logs_auth.php";
43
44	5b237745	Scott Ullrich	require("guiconfig.inc");
45	7ab2b688	Scott Ullrich	require("functions.inc");
46			require("filter.inc");
47			require("shaper.inc");
48			require("captiveportal.inc");
49	5b237745	Scott Ullrich
50	b4792bf8	Ermal	$cpzone = $_GET['zone'];
51			if (isset($_POST['zone']))
52			$cpzone = $_POST['zone'];
53	6fde5a1e	Carlos Eduardo Ramos
54	b4792bf8	Ermal	if (empty($cpzone)) {
55			header("Location: services_captiveportal_zones.php");
56			exit;
57	5b237745	Scott Ullrich	}
58
59	b4792bf8	Ermal	if (!is_array($config['captiveportal']))
60			$config['captiveportal'] = array();
61			$a_cp =& $config['captiveportal'];
62
63			$pgtitle = array(gettext("Services"),gettext("Captive portal"), $a_cp[$cpzone]['zone']);
64
65	5b237745	Scott Ullrich	if ($_GET['act'] == "viewhtml") {
66	b4792bf8	Ermal	if (isset($cpzone) && $a_cp[$cpzone])
67			echo base64_decode($pconfig['page']['htmltext']);
68	5b237745	Scott Ullrich	exit;
69			} else if ($_GET['act'] == "viewerrhtml") {
70	b4792bf8	Ermal	if (isset($cpzone) && $a_cp[$cpzone])
71			echo base64_decode($pconfig['page']['errtext']);
72	5b237745	Scott Ullrich	exit;
73	5b87b24e	Ermal	} else if ($_GET['act'] == "viewlogouthtml") {
74	b4792bf8	Ermal	if (isset($cpzone) && $a_cp[$cpzone])
75			echo base64_decode($pconfig['page']['logouttext']);
76	5b87b24e	Ermal	exit;
77	5b237745	Scott Ullrich	}
78
79	b4792bf8	Ermal	if (isset($cpzone) && $a_cp[$cpzone]) {
80			$pconfig['zoneid'] = $a_cp[$cpzone]['zoneid'];
81			$pconfig['cinterface'] = $a_cp[$cpzone]['interface'];
82			$pconfig['maxproc'] = $a_cp[$cpzone]['maxproc'];
83			$pconfig['maxprocperip'] = $a_cp[$cpzone]['maxprocperip'];
84			$pconfig['timeout'] = $a_cp[$cpzone]['timeout'];
85			$pconfig['idletimeout'] = $a_cp[$cpzone]['idletimeout'];
86			$pconfig['freelogins_count'] = $a_cp[$cpzone]['freelogins_count'];
87			$pconfig['freelogins_resettimeout'] = $a_cp[$cpzone]['freelogins_resettimeout'];
88			$pconfig['freelogins_updatetimeouts'] = isset($a_cp[$cpzone]['freelogins_updatetimeouts']);
89			$pconfig['enable'] = isset($a_cp[$cpzone]['enable']);
90			$pconfig['pms_enabled'] = $a_cp[$cpzone]['pms_enabled'];
91			$pconfig['auth_method'] = $a_cp[$cpzone]['auth_method'];
92			$pconfig['radacct_enable'] = isset($a_cp[$cpzone]['radacct_enable']);
93			$pconfig['radmac_enable'] = isset($a_cp[$cpzone]['radmac_enable']);
94			$pconfig['radmac_secret'] = $a_cp[$cpzone]['radmac_secret'];
95			$pconfig['reauthenticate'] = isset($a_cp[$cpzone]['reauthenticate']);
96			$pconfig['reauthenticateacct'] = $a_cp[$cpzone]['reauthenticateacct'];
97			$pconfig['httpslogin_enable'] = isset($a_cp[$cpzone]['httpslogin']);
98			$pconfig['httpsname'] = $a_cp[$cpzone]['httpsname'];
99			$pconfig['preauthurl'] = strtolower($a_cp[$cpzone]['preauthurl']);
100			$pconfig['cert'] = base64_decode($a_cp[$cpzone]['certificate']);
101			$pconfig['cacert'] = base64_decode($a_cp[$cpzone]['cacertificate']);
102			$pconfig['key'] = base64_decode($a_cp[$cpzone]['private-key']);
103			$pconfig['logoutwin_enable'] = isset($a_cp[$cpzone]['logoutwin_enable']);
104			$pconfig['peruserbw'] = isset($a_cp[$cpzone]['peruserbw']);
105			$pconfig['bwdefaultdn'] = $a_cp[$cpzone]['bwdefaultdn'];
106			$pconfig['bwdefaultup'] = $a_cp[$cpzone]['bwdefaultup'];
107			$pconfig['nomacfilter'] = isset($a_cp[$cpzone]['nomacfilter']);
108			$pconfig['noconcurrentlogins'] = isset($a_cp[$cpzone]['noconcurrentlogins']);
109			$pconfig['redirurl'] = $a_cp[$cpzone]['redirurl'];
110			$pconfig['radiusip'] = $a_cp[$cpzone]['radiusip'];
111			$pconfig['radiusip2'] = $a_cp[$cpzone]['radiusip2'];
112	ebc0e4b6	Ermal	$pconfig['radiusip3'] = $a_cp[$cpzone]['radiusip3'];
113			$pconfig['radiusip4'] = $a_cp[$cpzone]['radiusip4'];
114	b4792bf8	Ermal	$pconfig['radiusport'] = $a_cp[$cpzone]['radiusport'];
115			$pconfig['radiusport2'] = $a_cp[$cpzone]['radiusport2'];
116	ebc0e4b6	Ermal	$pconfig['radiusport3'] = $a_cp[$cpzone]['radiusport3'];
117			$pconfig['radiusport4'] = $a_cp[$cpzone]['radiusport4'];
118	b4792bf8	Ermal	$pconfig['radiusacctport'] = $a_cp[$cpzone]['radiusacctport'];
119			$pconfig['radiuskey'] = $a_cp[$cpzone]['radiuskey'];
120			$pconfig['radiuskey2'] = $a_cp[$cpzone]['radiuskey2'];
121	ebc0e4b6	Ermal	$pconfig['radiuskey3'] = $a_cp[$cpzone]['radiuskey3'];
122			$pconfig['radiuskey4'] = $a_cp[$cpzone]['radiuskey4'];
123	b4792bf8	Ermal	$pconfig['radiusvendor'] = $a_cp[$cpzone]['radiusvendor'];
124			$pconfig['radiussession_timeout'] = isset($a_cp[$cpzone]['radiussession_timeout']);
125			$pconfig['radiussrcip_attribute'] = $a_cp[$cpzone]['radiussrcip_attribute'];
126			$pconfig['passthrumacadd'] = isset($a_cp[$cpzone]['passthrumacadd']);
127			$pconfig['passthrumacaddusername'] = isset($a_cp[$cpzone]['passthrumacaddusername']);
128			$pconfig['radmac_format'] = $a_cp[$cpzone]['radmac_format'];
129			$pconfig['page'] = array();
130			if ($a_cp[$cpzone]['page']['htmltext'])
131			$pconfig['page']['htmltext'] = $a_cp[$cpzone]['page']['htmltext'];
132			if ($a_cp[$cpzone]['page']['errtext'])
133			$pconfig['page']['errtext'] = $a_cp[$cpzone]['page']['errtext'];
134			if ($a_cp[$cpzone]['page']['logouttext'])
135			$pconfig['page']['logouttext'] = $a_cp[$cpzone]['page']['logouttext'];
136			}
137	5b237745	Scott Ullrich
138			if ($_POST) {
139
140			unset($input_errors);
141			$pconfig = $_POST;
142
143			/* input validation */
144			if ($_POST['enable']) {
145	b4792bf8	Ermal	$reqdfields = explode(" ", "zone cinterface");
146			$reqdfieldsn = array(gettext("Zone name"), gettext("Interface"));
147	a5c0b6c7	Scott Ullrich
148	5b237745	Scott Ullrich	do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
149	a5c0b6c7	Scott Ullrich
150	b4792bf8	Ermal	/* make sure no interfaces are bridged or used on other zones */
151			if (is_array($_POST['cinterface'])) {
152			foreach ($pconfig['cinterface'] as $cpbrif) {
153	3e4f5a33	jim-p	if (link_interface_to_bridge($cpbrif))
154			$input_errors[] = sprintf(gettext("The captive portal cannot be used on interface %s since it is part of a bridge."), $cpbrif);
155	b4792bf8	Ermal	foreach ($a_cp as $cpkey => $cp) {
156			if ($cpkey != $cpzone \|\| empty($cpzone)) {
157			if (in_array($cpbrif, explode(",", $cp['interface'])))
158			$input_errors[] = sprintf(gettext("The captive portal cannot be used on interface %s since it is used already on %s instance."), $cpbrif, $cp['zone']);
159			}
160			}
161			}
162			}
163	a5c0b6c7	Scott Ullrich
164	5b237745	Scott Ullrich	if ($_POST['httpslogin_enable']) {
165			if (!$_POST['cert'] \|\| !$_POST['key']) {
166	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("Certificate and key must be specified for HTTPS login.");
167	5b237745	Scott Ullrich	} else {
168			if (!strstr($_POST['cert'], "BEGIN CERTIFICATE") \|\| !strstr($_POST['cert'], "END CERTIFICATE"))
169	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("This certificate does not appear to be valid.");
170	c6e1b0f5	Ermal Lu?i	if (!strstr($_POST['cacert'], "BEGIN CERTIFICATE") \|\| !strstr($_POST['cacert'], "END CERTIFICATE"))
171	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("This intermmediate certificate does not appear to be valid.");
172	5b237745	Scott Ullrich	if (!strstr($_POST['key'], "BEGIN RSA PRIVATE KEY") \|\| !strstr($_POST['key'], "END RSA PRIVATE KEY"))
173	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("This key does not appear to be valid.");
174	5b237745	Scott Ullrich	}
175	a5c0b6c7	Scott Ullrich
176	5b237745	Scott Ullrich	if (!$_POST['httpsname'] \|\| !is_domain($_POST['httpsname'])) {
177	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("The HTTPS server name must be specified for HTTPS login.");
178	5b237745	Scott Ullrich	}
179			}
180			}
181	a5c0b6c7	Scott Ullrich
182	5b237745	Scott Ullrich	if ($_POST['timeout'] && (!is_numeric($_POST['timeout']) \|\| ($_POST['timeout'] < 1))) {
183	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("The timeout must be at least 1 minute.");
184	5b237745	Scott Ullrich	}
185			if ($_POST['idletimeout'] && (!is_numeric($_POST['idletimeout']) \|\| ($_POST['idletimeout'] < 1))) {
186	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("The idle timeout must be at least 1 minute.");
187	5b237745	Scott Ullrich	}
188	03552507	Erik Fonnesbeck	if ($_POST['freelogins_count'] && (!is_numeric($_POST['freelogins_count']))) {
189	49f61a1c	Erik Fonnesbeck	$input_errors[] = gettext("The pass-through credit count must be a number or left blank.");
190			} else if ($_POST['freelogins_count'] && is_numeric($_POST['freelogins_count']) && ($_POST['freelogins_count'] >= 1)) {
191			if (empty($_POST['freelogins_resettimeout']) \|\| !is_numeric($_POST['freelogins_resettimeout']) \|\| ($_POST['freelogins_resettimeout'] <= 0)) {
192			$input_errors[] = gettext("The waiting period to restore pass-through credits must be above 0 hours.");
193			}
194	03552507	Erik Fonnesbeck	}
195	5b237745	Scott Ullrich	if (($_POST['radiusip'] && !is_ipaddr($_POST['radiusip']))) {
196	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("A valid IP address must be specified. [%s]"), $_POST['radiusip']);
197	5b237745	Scott Ullrich	}
198	0bd34ed6	Scott Ullrich	if (($_POST['radiusip2'] && !is_ipaddr($_POST['radiusip2']))) {
199	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("A valid IP address must be specified. [%s]"), $_POST['radiusip2']);
200	0bd34ed6	Scott Ullrich	}
201	ebc0e4b6	Ermal	if (($_POST['radiusip3'] && !is_ipaddr($_POST['radiusip3']))) {
202			$input_errors[] = sprintf(gettext("A valid IP address must be specified. [%s]"), $_POST['radiusip3']);
203			}
204			if (($_POST['radiusip4'] && !is_ipaddr($_POST['radiusip4']))) {
205			$input_errors[] = sprintf(gettext("A valid IP address must be specified. [%s]"), $_POST['radiusip4']);
206			}
207	5b237745	Scott Ullrich	if (($_POST['radiusport'] && !is_port($_POST['radiusport']))) {
208	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("A valid port number must be specified. [%s]"), $_POST['radiusport']);
209	5b237745	Scott Ullrich	}
210	0bd34ed6	Scott Ullrich	if (($_POST['radiusport2'] && !is_port($_POST['radiusport2']))) {
211	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("A valid port number must be specified. [%s]"), $_POST['radiusport2']);
212	0bd34ed6	Scott Ullrich	}
213	ebc0e4b6	Ermal	if (($_POST['radiusport3'] && !is_port($_POST['radiusport3']))) {
214			$input_errors[] = sprintf(gettext("A valid port number must be specified. [%s]"), $_POST['radiusport3']);
215			}
216			if (($_POST['radiusport4'] && !is_port($_POST['radiusport4']))) {
217			$input_errors[] = sprintf(gettext("A valid port number must be specified. [%s]"), $_POST['radiusport4']);
218			}
219	5b237745	Scott Ullrich	if (($_POST['radiusacctport'] && !is_port($_POST['radiusacctport']))) {
220	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("A valid port number must be specified. [%s]"), $_POST['radiusacctport']);
221	0bd34ed6	Scott Ullrich	}
222	b4792bf8	Ermal	if ($_POST['maxproc'] && (!is_numeric($_POST['maxproc']) \|\| ($_POST['maxproc'] < 4) \|\| ($_POST['maxproc'] > 100))) {
223	6fde5a1e	Carlos Eduardo Ramos	$input_errors[] = gettext("The maximum number of concurrent connections per client IP address may not be larger than the global maximum.");
224	5b237745	Scott Ullrich	}
225
226			if (!$input_errors) {
227	b4792bf8	Ermal	$newcp =& $a_cp[$cpzone];
228			//$newcp['zoneid'] = $a_cp[$cpzone]['zoneid'];
229			if (empty($newcp['zoneid'])) {
230			$newcp['zoneid'] = 8000;
231			foreach ($a_cp as $keycpzone => $cp)
232			if ($cp['zoneid'] == $newcp['zoneid'] && $keycpzone != $cpzone)
233			$newcp['zoneid'] += 2; /* Resreve space for SSL config if needed */
234			}
235			$oldifaces = $newcp['interface'];
236	3e4f5a33	jim-p	if (is_array($_POST['cinterface']))
237	b4792bf8	Ermal	$newcp['interface'] = implode(",", $_POST['cinterface']);
238			$newcp['maxproc'] = $_POST['maxproc'];
239			$newcp['maxprocperip'] = $_POST['maxprocperip'] ? $_POST['maxprocperip'] : false;
240			$newcp['timeout'] = $_POST['timeout'];
241			$newcp['idletimeout'] = $_POST['idletimeout'];
242			$newcp['freelogins_count'] = $_POST['freelogins_count'];
243			$newcp['freelogins_resettimeout'] = $_POST['freelogins_resettimeout'];
244			$newcp['freelogins_updatetimeouts'] = $_POST['freelogins_updatetimeouts'] ? true : false;
245			if ($_POST['enable'])
246			$newcp['enable'] = true;
247			else
248			unset($newcp['enable']);
249			if ($_POST['pms_enabled'])
250			$newcp['pms_enabled'] = $_POST['pms_enabled'];
251			else
252			unset($newcp['pms_enabled']);
253			$newcp['auth_method'] = $_POST['auth_method'];
254			$newcp['radacct_enable'] = $_POST['radacct_enable'] ? true : false;
255			$newcp['reauthenticate'] = $_POST['reauthenticate'] ? true : false;
256			$newcp['radmac_enable'] = $_POST['radmac_enable'] ? true : false;
257			$newcp['radmac_secret'] = $_POST['radmac_secret'] ? $_POST['radmac_secret'] : false;
258			$newcp['reauthenticateacct'] = $_POST['reauthenticateacct'];
259			$newcp['httpslogin'] = $_POST['httpslogin_enable'] ? true : false;
260			$newcp['httpsname'] = $_POST['httpsname'];
261			$newcp['preauthurl'] = $_POST['preauthurl'];
262			$newcp['peruserbw'] = $_POST['peruserbw'] ? true : false;
263			$newcp['bwdefaultdn'] = $_POST['bwdefaultdn'];
264			$newcp['bwdefaultup'] = $_POST['bwdefaultup'];
265			$newcp['certificate'] = base64_encode($_POST['cert']);
266			$newcp['cacertificate'] = base64_encode($_POST['cacert']);
267			$newcp['private-key'] = base64_encode($_POST['key']);
268			$newcp['logoutwin_enable'] = $_POST['logoutwin_enable'] ? true : false;
269			$newcp['nomacfilter'] = $_POST['nomacfilter'] ? true : false;
270			$newcp['noconcurrentlogins'] = $_POST['noconcurrentlogins'] ? true : false;
271			$newcp['redirurl'] = $_POST['redirurl'];
272	ebc0e4b6	Ermal	if (isset($_POST['radiusip']))
273	13a45484	Cyrill Bannwart	$newcp['radiusip'] = $_POST['radiusip'];
274	ebc0e4b6	Ermal	else
275	13a45484	Cyrill Bannwart	unset($newcp['radiusip3']);
276	ebc0e4b6	Ermal	if (isset($_POST['radiusip2']))
277	13a45484	Cyrill Bannwart	$newcp['radiusip2'] = $_POST['radiusip2'];
278	ebc0e4b6	Ermal	else
279	13a45484	Cyrill Bannwart	unset($newcp['radiusip2']);
280	ebc0e4b6	Ermal	if (isset($_POST['radiusip3']))
281	13a45484	Cyrill Bannwart	$newcp['radiusip3'] = $_POST['radiusip3'];
282	ebc0e4b6	Ermal	else
283	13a45484	Cyrill Bannwart	unset($newcp['radiusip3']);
284	ebc0e4b6	Ermal	if (isset($_POST['radiusip4']))
285	13a45484	Cyrill Bannwart	$newcp['radiusip4'] = $_POST['radiusip4'];
286	ebc0e4b6	Ermal	else
287	13a45484	Cyrill Bannwart	unset($newcp['radiusip4']);
288	b4792bf8	Ermal	$newcp['radiusport'] = $_POST['radiusport'];
289			$newcp['radiusport2'] = $_POST['radiusport2'];
290	ebc0e4b6	Ermal	if (isset($_POST['radiusport3']))
291	13a45484	Cyrill Bannwart	$newcp['radiusport3'] = $_POST['radiusport3'];
292	ebc0e4b6	Ermal	if (isset($_POST['radiusport4']))
293	13a45484	Cyrill Bannwart	$newcp['radiusport4'] = $_POST['radiusport4'];
294	b4792bf8	Ermal	$newcp['radiusacctport'] = $_POST['radiusacctport'];
295			$newcp['radiuskey'] = $_POST['radiuskey'];
296			$newcp['radiuskey2'] = $_POST['radiuskey2'];
297	ebc0e4b6	Ermal	$newcp['radiuskey3'] = $_POST['radiuskey3'];
298			$newcp['radiuskey4'] = $_POST['radiuskey4'];
299	b4792bf8	Ermal	$newcp['radiusvendor'] = $_POST['radiusvendor'] ? $_POST['radiusvendor'] : false;
300			$newcp['radiussession_timeout'] = $_POST['radiussession_timeout'] ? true : false;
301			$newcp['radiussrcip_attribute'] = $_POST['radiussrcip_attribute'];
302			$newcp['passthrumacadd'] = $_POST['passthrumacadd'] ? true : false;
303			$newcp['passthrumacaddusername'] = $_POST['passthrumacaddusername'] ? true : false;
304			$newcp['radmac_format'] = $_POST['radmac_format'] ? $_POST['radmac_format'] : false;
305			if (!is_array($newcp['page']))
306			$newcp['page'] = array();
307			$newcp['timeout'] = 60;
308	a5c0b6c7	Scott Ullrich
309	5b237745	Scott Ullrich	/* file upload? */
310			if (is_uploaded_file($_FILES['htmlfile']['tmp_name']))
311	b4792bf8	Ermal	$newcp['page']['htmltext'] = base64_encode(file_get_contents($_FILES['htmlfile']['tmp_name']));
312	c980716e	Scott Ullrich	if (is_uploaded_file($_FILES['errfile']['tmp_name']))
313	b4792bf8	Ermal	$newcp['page']['errtext'] = base64_encode(file_get_contents($_FILES['errfile']['tmp_name']));
314	5b87b24e	Ermal	if (is_uploaded_file($_FILES['logoutfile']['tmp_name']))
315	b4792bf8	Ermal	$newcp['page']['logouttext'] = base64_encode(file_get_contents($_FILES['logoutfile']['tmp_name']));
316	a5c0b6c7	Scott Ullrich
317	5b237745	Scott Ullrich	write_config();
318	a5c0b6c7	Scott Ullrich
319	b4792bf8	Ermal	if (!empty($oldifaces) && $oldifaces != $newcp['interface']) {
320			$ocpinterfaces = explode(",", $oldifaces);
321			foreach ($ocpinterfaces as $cpifgrp) {
322			$listrealif = get_real_interface($cpifgrp);
323			if (does_interface_exist($listrealif)) {
324			pfSense_interface_flags($listrealif, -IFF_IPFW_FILTER);
325			$carpif = link_ip_to_carp_interface(find_interface_ip($listrealif));
326			if (!empty($carpif)) {
327			$carpsif = explode(" ", $carpif);
328			foreach ($carpsif as $cpcarp)
329			pfSense_interface_flags($cpcarp, -IFF_IPFW_FILTER);
330			}
331			}
332			}
333			}
334	ea1eac37	Scott Ullrich
335	b4792bf8	Ermal	captiveportal_configure_zone($newcp);
336			filter_configure();
337			header("Location: services_captiveportal_zones.php");
338			exit;
339			} else {
340	3e4f5a33	jim-p	if (is_array($_POST['cinterface']))
341			$pconfig['cinterface'] = implode(",", $_POST['cinterface']);
342	5b237745	Scott Ullrich	}
343			}
344	3d4bd975	Scott Ullrich	include("head.inc");
345	5b237745	Scott Ullrich	?>
346	9699028a	Scott Ullrich	<?php include("fbegin.inc"); ?>
347	5b237745	Scott Ullrich	<script language="JavaScript">
348			<!--
349			function enable_change(enable_change) {
350	0bd34ed6	Scott Ullrich	var endis, radius_endis;
351	07bd3f83	Scott Ullrich	endis = !(document.iform.enable.checked \|\| enable_change);
352	0bd34ed6	Scott Ullrich	radius_endis = !((!endis && document.iform.auth_method[2].checked) \|\| enable_change);
353	a5c0b6c7	Scott Ullrich
354	07bd3f83	Scott Ullrich	document.iform.cinterface.disabled = endis;
355	b4792bf8	Ermal	//document.iform.maxproc.disabled = endis;
356	422d57b4	Scott Ullrich	document.iform.maxprocperip.disabled = endis;
357	07bd3f83	Scott Ullrich	document.iform.idletimeout.disabled = endis;
358	03552507	Erik Fonnesbeck	document.iform.freelogins_count.disabled = endis;
359			document.iform.freelogins_resettimeout.disabled = endis;
360			document.iform.freelogins_updatetimeouts.disabled = endis;
361	07bd3f83	Scott Ullrich	document.iform.timeout.disabled = endis;
362	f5adee3f	jim-p	document.iform.preauthurl.disabled = endis;
363	07bd3f83	Scott Ullrich	document.iform.redirurl.disabled = endis;
364	0bd34ed6	Scott Ullrich	document.iform.radiusip.disabled = radius_endis;
365			document.iform.radiusip2.disabled = radius_endis;
366	ebc0e4b6	Ermal	document.iform.radiusip3.disabled = radius_endis;
367			document.iform.radiusip4.disabled = radius_endis;
368	0bd34ed6	Scott Ullrich	document.iform.radiusport.disabled = radius_endis;
369	164a1525	Scott Ullrich	document.iform.radiusport3.disabled = radius_endis;
370			document.iform.radiusport4.disabled = radius_endis;
371	0bd34ed6	Scott Ullrich	document.iform.radiusport2.disabled = radius_endis;
372			document.iform.radiuskey.disabled = radius_endis;
373			document.iform.radiuskey2.disabled = radius_endis;
374	ebc0e4b6	Ermal	document.iform.radiuskey3.disabled = radius_endis;
375			document.iform.radiuskey4.disabled = radius_endis;
376	856e58a6	Scott Ullrich	document.iform.radacct_enable.disabled = radius_endis;
377	f5fa7d5e	Ermal Luçi	document.iform.peruserbw.disabled = endis;
378			document.iform.bwdefaultdn.disabled = endis;
379			document.iform.bwdefaultup.disabled = endis;
380	856e58a6	Scott Ullrich	document.iform.reauthenticate.disabled = radius_endis;
381	7faeda46	Scott Ullrich	document.iform.auth_method[0].disabled = endis;
382			document.iform.auth_method[1].disabled = endis;
383			document.iform.auth_method[2].disabled = endis;
384	b4792bf8	Ermal	document.iform.auth_method[3].disabled = endis;
385	0bd34ed6	Scott Ullrich	document.iform.radmac_enable.disabled = radius_endis;
386	07bd3f83	Scott Ullrich	document.iform.httpslogin_enable.disabled = endis;
387	d11c1f93	sullrich	document.iform.radmac_format.disabled = radius_endis;
388	07bd3f83	Scott Ullrich	document.iform.httpsname.disabled = endis;
389			document.iform.cert.disabled = endis;
390	f5adee3f	jim-p	document.iform.cacert.disabled = endis;
391	07bd3f83	Scott Ullrich	document.iform.key.disabled = endis;
392			document.iform.logoutwin_enable.disabled = endis;
393	c980716e	Scott Ullrich	document.iform.nomacfilter.disabled = endis;
394	0bd34ed6	Scott Ullrich	document.iform.noconcurrentlogins.disabled = endis;
395			document.iform.radiusvendor.disabled = radius_endis;
396	2342bfb0	Ermal Lu?i	document.iform.radiussession_timeout.disabled = radius_endis;
397	822b687b	Ermal	document.iform.radiussrcip_attribute.disabled = radius_endis;
398	07bd3f83	Scott Ullrich	document.iform.htmlfile.disabled = endis;
399			document.iform.errfile.disabled = endis;
400	5b87b24e	Ermal	document.iform.logoutfile.disabled = endis;
401	a5c0b6c7	Scott Ullrich
402	856e58a6	Scott Ullrich	document.iform.radiusacctport.disabled = (radius_endis \|\| !document.iform.radacct_enable.checked) && !enable_change;
403	a5c0b6c7	Scott Ullrich
404	856e58a6	Scott Ullrich	document.iform.radmac_secret.disabled = (radius_endis \|\| !document.iform.radmac_enable.checked) && !enable_change;
405	a5c0b6c7	Scott Ullrich
406	88adfa28	Warren Baker	var radacct_dis = (radius_endis \|\| !document.iform.radacct_enable.checked) && !enable_change;
407			document.iform.reauthenticateacct[0].disabled = radacct_dis;
408			document.iform.reauthenticateacct[1].disabled = radacct_dis;
409			document.iform.reauthenticateacct[2].disabled = radacct_dis;
410	5b237745	Scott Ullrich	}
411			//-->
412			</script>
413	93588e1a	Scott Dale	<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
414	5b237745	Scott Ullrich	<?php if ($input_errors) print_input_errors($input_errors); ?>
415			<?php if ($savemsg) print_info_box($savemsg); ?>
416			<form action="services_captiveportal.php" method="post" enctype="multipart/form-data" name="iform" id="iform">
417			<table width="100%" border="0" cellpadding="0" cellspacing="0">
418	9699028a	Scott Ullrich	<tr><td class="tabnavtbl">
419	64b85ffe	Scott Ullrich	<?php
420			$tab_array = array();
421	b4792bf8	Ermal	$tab_array[] = array(gettext("Captive portal(s)"), true, "services_captiveportal.php?zone={$cpzone}");
422			$tab_array[] = array(gettext("Pass-through MAC"), false, "services_captiveportal_mac.php?zone={$cpzone}");
423			$tab_array[] = array(gettext("Allowed IP addresses"), false, "services_captiveportal_ip.php?zone={$cpzone}");
424			$tab_array[] = array(gettext("Allowed Hostnames"), false, "services_captiveportal_hostname.php?zone={$cpzone}");
425			$tab_array[] = array(gettext("Vouchers"), false, "services_captiveportal_vouchers.php?zone={$cpzone}");
426			$tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php?zone={$cpzone}");
427	9592c132	Scott Ullrich	display_top_tabs($tab_array, true);
428	0bd34ed6	Scott Ullrich	?> </td></tr>
429	5b237745	Scott Ullrich	<tr>
430	c980716e	Scott Ullrich	<td class="tabcont">
431			<table width="100%" border="0" cellpadding="6" cellspacing="0">
432	a5c0b6c7	Scott Ullrich	<tr>
433	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vtable"> </td>
434			<td width="78%" class="vtable">
435			<input name="enable" type="checkbox" value="yes" <?php if ($pconfig['enable']) echo "checked"; ?> onClick="enable_change(false)">
436	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable captive portal"); ?> </strong></td>
437	5b237745	Scott Ullrich	</tr>
438	a5c0b6c7	Scott Ullrich	<tr>
439	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Interfaces"); ?></td>
440	5b237745	Scott Ullrich	<td width="78%" class="vtable">
441	d823b81c	sullrich	<select name="cinterface[]" multiple="true" size="<?php echo count($config['interfaces']); ?>" class="formselect" id="cinterface">
442	af98cced	Scott Ullrich	<?php
443	fbb45bb0	Ermal Luçi	$interfaces = get_configured_interface_with_descr();
444	c980716e	Scott Ullrich	foreach ($interfaces as $iface => $ifacename): ?>
445	f8b11310	Ermal Lu?i	<option value="<?=$iface;?>" <?php if (stristr($pconfig['cinterface'], $iface)) echo "selected"; ?>>
446	5b237745	Scott Ullrich	<?=htmlspecialchars($ifacename);?>
447			</option>
448			<?php endforeach; ?>
449			</select> <br>
450	16457bdd	Renato Botelho	<span class="vexpl"><?=gettext("Select the interface(s) to enable for captive portal."); ?></span></td>
451	5b237745	Scott Ullrich	</tr>
452	4362e48a	Scott Ullrich	<tr>
453	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("Maximum concurrent connections"); ?></td>
454	4362e48a	Scott Ullrich	<td class="vtable">
455			<table cellpadding="0" cellspacing="0">
456			<tr>
457	b4792bf8	Ermal	<td><input name="maxprocperip" type="text" class="formfld unknown" id="maxprocperip" size="5" value="<?=htmlspecialchars($pconfig['maxprocperip']);?>"> <?=gettext("per client IP address (0 = no limit)"); ?></td>
458	4362e48a	Scott Ullrich	</tr>
459			</table>
460	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("This setting limits the number of concurrent connections to the captive portal HTTP(S) server. This does not set how many users can be logged in " .
461			"to the captive portal, but rather how many users can load the portal page or authenticate at the same time! " .
462	16457bdd	Renato Botelho	"Default is 4 connections per client IP address, with a total maximum of 16 connections."); ?></td>
463	4362e48a	Scott Ullrich	</tr>
464	5b237745	Scott Ullrich	<tr>
465	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("Idle timeout"); ?></td>
466	5b237745	Scott Ullrich	<td class="vtable">
467	b5c78501	Seth Mos	<input name="idletimeout" type="text" class="formfld unknown" id="idletimeout" size="6" value="<?=htmlspecialchars($pconfig['idletimeout']);?>">
468	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("minutes"); ?><br>
469	16457bdd	Renato Botelho	<?=gettext("Clients will be disconnected after this amount of inactivity. They may log in again immediately, though. Leave this field blank for no idle timeout."); ?></td>
470	5b237745	Scott Ullrich	</tr>
471	a5c0b6c7	Scott Ullrich	<tr>
472	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Hard timeout"); ?></td>
473	a5c0b6c7	Scott Ullrich	<td width="78%" class="vtable">
474	b5c78501	Seth Mos	<input name="timeout" type="text" class="formfld unknown" id="timeout" size="6" value="<?=htmlspecialchars($pconfig['timeout']);?>">
475	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("minutes"); ?><br>
476	16457bdd	Renato Botelho	<?=gettext("Clients will be disconnected after this amount of time, regardless of activity. They may log in again immediately, though. Leave this field blank for no hard timeout (not recommended unless an idle timeout is set)."); ?></td>
477	5b237745	Scott Ullrich	</tr>
478	03552507	Erik Fonnesbeck	<tr>
479	49f61a1c	Erik Fonnesbeck	<td width="22%" valign="top" class="vncell"><?=gettext("Pass-through credits allowed per MAC address"); ?></td>
480	03552507	Erik Fonnesbeck	<td width="78%" class="vtable">
481			<input name="freelogins_count" type="text" class="formfld unknown" id="freelogins_count" size="6" value="<?=htmlspecialchars($pconfig['freelogins_count']);?>">
482			<?=gettext("per client MAC address (0 or blank = none)"); ?><br>
483			<?=gettext("This setting allows passing through the captive portal without authentication a limited number of times per MAC address. Once used up, the client can only log in with valid credentials until the waiting period specified below has expired. Recommended to set a hard timeout and/or idle timeout when using this for it to be effective."); ?></td>
484			</tr>
485			<tr>
486	49f61a1c	Erik Fonnesbeck	<td width="22%" valign="top" class="vncell"><?=gettext("Waiting period to restore pass-through credits"); ?></td>
487	03552507	Erik Fonnesbeck	<td width="78%" class="vtable">
488			<input name="freelogins_resettimeout" type="text" class="formfld unknown" id="freelogins_resettimeout" size="6" value="<?=htmlspecialchars($pconfig['freelogins_resettimeout']);?>">
489			<?=gettext("hours"); ?><br>
490	49f61a1c	Erik Fonnesbeck	<?=gettext("Clients will have their available pass-through credits restored to the original count after this amount of time since using the first one. This must be above 0 hours if pass-through credits are enabled."); ?></td>
491	03552507	Erik Fonnesbeck	</tr>
492			<tr>
493	49f61a1c	Erik Fonnesbeck	<td width="22%" valign="top" class="vncell"><?=gettext("Reset waiting period on attempted access"); ?></td>
494	03552507	Erik Fonnesbeck	<td width="78%" class="vtable">
495			<input name="freelogins_updatetimeouts" type="checkbox" class="formfld" id="freelogins_updatetimeouts" value="yes" <?php if($pconfig['freelogins_updatetimeouts']) echo "checked"; ?>>
496			<strong><?=gettext("Enable waiting period reset on attempted access"); ?></strong><br>
497	49f61a1c	Erik Fonnesbeck	<?=gettext("If enabled, the waiting period is reset to the original duration if access is attempted when all pass-through credits have already been exhausted."); ?></td>
498	03552507	Erik Fonnesbeck	</tr>
499	a5c0b6c7	Scott Ullrich	<tr>
500	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Logout popup window"); ?></td>
501	a5c0b6c7	Scott Ullrich	<td width="78%" class="vtable">
502	5b237745	Scott Ullrich	<input name="logoutwin_enable" type="checkbox" class="formfld" id="logoutwin_enable" value="yes" <?php if($pconfig['logoutwin_enable']) echo "checked"; ?>>
503	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable logout popup window"); ?></strong><br>
504	16457bdd	Renato Botelho	<?=gettext("If enabled, a popup window will appear when clients are allowed through the captive portal. This allows clients to explicitly disconnect themselves before the idle or hard timeout occurs."); ?></td>
505	5b237745	Scott Ullrich	</tr>
506	a00e1d89	Scott Ullrich	<tr>
507			<td valign="top" class="vncell"><?=gettext("Pre-authentication redirect URL"); ?> </td>
508			<td class="vtable">
509			<input name="preauthurl" type="text" class="formfld url" id="preauthurl" size="60" value="<?=htmlspecialchars($pconfig['preauthurl']);?>"><br>
510			<?php printf(gettext("Use this field to set \$PORTAL_REDIRURL\$ variable which can be accessed using your custom captive portal index.php page or error pages."));?>
511			</td>
512			</tr>
513	5b237745	Scott Ullrich	<tr>
514	ecc19349	Scott Ullrich	<td valign="top" class="vncell"><?=gettext("After authentication Redirection URL"); ?></td>
515	5b237745	Scott Ullrich	<td class="vtable">
516	b5c78501	Seth Mos	<input name="redirurl" type="text" class="formfld url" id="redirurl" size="60" value="<?=htmlspecialchars($pconfig['redirurl']);?>">
517	5b237745	Scott Ullrich	<br>
518	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("If you provide a URL here, clients will be redirected to that URL instead of the one they initially tried " .
519	16457bdd	Renato Botelho	"to access after they've authenticated."); ?></td>
520	5b237745	Scott Ullrich	</tr>
521			<tr>
522	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("Concurrent user logins"); ?></td>
523	0bd34ed6	Scott Ullrich	<td class="vtable">
524			<input name="noconcurrentlogins" type="checkbox" class="formfld" id="noconcurrentlogins" value="yes" <?php if ($pconfig['noconcurrentlogins']) echo "checked"; ?>>
525	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Disable concurrent logins"); ?></strong><br>
526	16457bdd	Renato Botelho	<?=gettext("If this option is set, only the most recent login per username will be active. Subsequent logins will cause machines previously logged in with the same username to be disconnected."); ?></td>
527	0bd34ed6	Scott Ullrich	</tr>
528			<tr>
529	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("MAC filtering"); ?> </td>
530	c980716e	Scott Ullrich	<td class="vtable">
531			<input name="nomacfilter" type="checkbox" class="formfld" id="nomacfilter" value="yes" <?php if ($pconfig['nomacfilter']) echo "checked"; ?>>
532	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Disable MAC filtering"); ?></strong><br>
533			<?=gettext("If this option is set, no attempts will be made to ensure that the MAC address of clients stays the same while they're logged in." .
534	16457bdd	Renato Botelho	"This is required when the MAC address of the client cannot be determined (usually because there are routers between"); ?> <?php echo $g['product_name'] ?> <?=gettext("and the clients)."); ?>
535			<?=gettext("If this is enabled, RADIUS MAC authentication cannot be used."); ?></td>
536	7e587bdb	Scott Ullrich	</tr>
537			<tr>
538	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("Pass-through MAC Auto Entry"); ?></td>
539	6ce61a8f	Ermal	<td class="vtable">
540			<input name="passthrumacadd" type="checkbox" class="formfld" id="passthrumacadd" value="yes" <?php if ($pconfig['passthrumacadd']) echo "checked"; ?>>
541	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable Pass-through MAC automatic additions"); ?></strong><br>
542	16457bdd	Renato Botelho	<?=gettext("If this option is set, a MAC passthrough entry is automatically added after the user has successfully authenticated. Users of that MAC address will never have to authenticate again."); ?>
543			<?=gettext("To remove the passthrough MAC entry you either have to log in and remove it manually from the"); ?> <a href="services_captiveportal_mac.php"><?=gettext("Pass-through MAC tab"); ?></a> <?=gettext("or send a POST from another system to remove it."); ?>
544			<?=gettext("If this is enabled, RADIUS MAC authentication cannot be used. Also, the logout window will not be shown."); ?>
545	1c291e64	Ermal	<br/><br/>
546			<input name="passthrumacaddusername" type="checkbox" class="formfld" id="passthrumacaddusername" value="yes" <?php if ($pconfig['passthrumacaddusername']) echo "checked"; ?>>
547	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable Pass-through MAC automatic addition with username"); ?></strong><br>
548	16457bdd	Renato Botelho	<?=gettext("If this option is set, with the automatically MAC passthrough entry created the username, used during authentication, will be saved."); ?>
549			<?=gettext("To remove the passthrough MAC entry you either have to log in and remove it manually from the"); ?> <a href="services_captiveportal_mac.php"><?=gettext("Pass-through MAC tab"); ?></a> <?=gettext("or send a POST from another system to remove it."); ?>
550	1c291e64	Ermal	</td>
551	6ce61a8f	Ermal	</tr>
552			<tr>
553	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("Per-user bandwidth restriction"); ?></td>
554	7e587bdb	Scott Ullrich	<td class="vtable">
555			<input name="peruserbw" type="checkbox" class="formfld" id="peruserbw" value="yes" <?php if ($pconfig['peruserbw']) echo "checked"; ?>>
556	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable per-user bandwidth restriction"); ?></strong><br><br>
557	7e587bdb	Scott Ullrich	<table cellpadding="0" cellspacing="0">
558			<tr>
559	6fde5a1e	Carlos Eduardo Ramos	<td><?=gettext("Default download"); ?></td>
560			<td><input type="text" class="formfld unknown" name="bwdefaultdn" id="bwdefaultdn" size="10" value="<?=htmlspecialchars($pconfig['bwdefaultdn']);?>"> <?=gettext("Kbit/s"); ?></td>
561	7e587bdb	Scott Ullrich	</tr>
562			<tr>
563	6fde5a1e	Carlos Eduardo Ramos	<td><?=gettext("Default upload"); ?></td>
564			<td><input type="text" class="formfld unknown" name="bwdefaultup" id="bwdefaultup" size="10" value="<?=htmlspecialchars($pconfig['bwdefaultup']);?>"> <?=gettext("Kbit/s"); ?></td>
565	7e587bdb	Scott Ullrich	</tr></table>
566			<br>
567	16457bdd	Renato Botelho	<?=gettext("If this option is set, the captive portal will restrict each user who logs in to the specified default bandwidth. RADIUS can override the default settings. Leave empty or set to 0 for no limit."); ?> </td>
568	7e587bdb	Scott Ullrich	</tr>
569	b4792bf8	Ermal	<tr>
570			<td valign="top" class="vncell"><?=gettext("PMS authentication"); ?> </td>
571			<td class="vtable">
572			<input name="pms_enabled" type="checkbox" class="formfld" id="pms_enabled" value="yes" <?php if ($pconfig['pms_enabled']) echo "checked"; ?>>
573			<strong><?=gettext("Enable PMS authentication"); ?></strong><br>
574			<?=gettext("If this option is set, users will be authenticated through the PMS backend if they fill the necessary information in the login page.");?>
575			</td>
576			</tr>
577	a5c0b6c7	Scott Ullrich	<tr>
578	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Authentication"); ?></td>
579	a5c0b6c7	Scott Ullrich	<td width="78%" class="vtable">
580	c980716e	Scott Ullrich	<table cellpadding="0" cellspacing="0">
581			<tr>
582	0bd34ed6	Scott Ullrich	<td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="none" onClick="enable_change(false)" <?php if($pconfig['auth_method']!="local" && $pconfig['auth_method']!="radius") echo "checked"; ?>>
583	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("No Authentication"); ?></td>
584	c980716e	Scott Ullrich	</tr>
585			<tr>
586	0bd34ed6	Scott Ullrich	<td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="local" onClick="enable_change(false)" <?php if($pconfig['auth_method']=="local") echo "checked"; ?>>
587	58f963d0	Scott Ullrich	<?=gettext("Local"); ?> <a href="system_usermanager.php"><?=gettext("User Manager"); ?></a> / <?=gettext("Vouchers"); ?></td>
588	c980716e	Scott Ullrich	</tr>
589			<tr>
590	0bd34ed6	Scott Ullrich	<td colspan="2"><input name="auth_method" type="radio" id="auth_method" value="radius" onClick="enable_change(false)" <?php if($pconfig['auth_method']=="radius") echo "checked"; ?>>
591	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("RADIUS Authentication"); ?></td>
592	c980716e	Scott Ullrich	</tr><tr>
593			<td> </td>
594			<td> </td>
595			</tr>
596			</table>
597	0bd34ed6	Scott Ullrich	<table width="100%" border="0" cellpadding="6" cellspacing="0">
598	a5c0b6c7	Scott Ullrich	<tr>
599	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("Primary RADIUS server"); ?></td>
600	0bd34ed6	Scott Ullrich	</tr>
601			<tr>
602	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("IP address"); ?></td>
603	b5c78501	Seth Mos	<td class="vtable"><input name="radiusip" type="text" class="formfld unknown" id="radiusip" size="20" value="<?=htmlspecialchars($pconfig['radiusip']);?>"><br>
604	16457bdd	Renato Botelho	<?=gettext("Enter the IP address of the RADIUS server which users of the captive portal have to authenticate against."); ?></td>
605	0bd34ed6	Scott Ullrich	</tr>
606			<tr>
607	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Port"); ?></td>
608	b5c78501	Seth Mos	<td class="vtable"><input name="radiusport" type="text" class="formfld unknown" id="radiusport" size="5" value="<?=htmlspecialchars($pconfig['radiusport']);?>"><br>
609	16457bdd	Renato Botelho	<?=gettext("Leave this field blank to use the default port (1812)."); ?></td>
610	0bd34ed6	Scott Ullrich	</tr>
611			<tr>
612	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Shared secret"); ?>  </td>
613	b5c78501	Seth Mos	<td class="vtable"><input name="radiuskey" type="text" class="formfld unknown" id="radiuskey" size="16" value="<?=htmlspecialchars($pconfig['radiuskey']);?>"><br>
614	16457bdd	Renato Botelho	<?=gettext("Leave this field blank to not use a RADIUS shared secret (not recommended)."); ?></td>
615	0bd34ed6	Scott Ullrich	</tr>
616	a5c0b6c7	Scott Ullrich	<tr>
617	0bd34ed6	Scott Ullrich	<td colspan="2" class="list" height="12"></td>
618			</tr>
619			<tr>
620	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("Secondary RADIUS server"); ?></td>
621	0bd34ed6	Scott Ullrich	</tr>
622			<tr>
623	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("IP address"); ?></td>
624	b5c78501	Seth Mos	<td class="vtable"><input name="radiusip2" type="text" class="formfld unknown" id="radiusip2" size="20" value="<?=htmlspecialchars($pconfig['radiusip2']);?>"><br>
625	16457bdd	Renato Botelho	<?=gettext("If you have a second RADIUS server, you can activate it by entering its IP address here."); ?></td>
626	0bd34ed6	Scott Ullrich	</tr>
627			<tr>
628	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Port"); ?></td>
629	b5c78501	Seth Mos	<td class="vtable"><input name="radiusport2" type="text" class="formfld unknown" id="radiusport2" size="5" value="<?=htmlspecialchars($pconfig['radiusport2']);?>"></td>
630	0bd34ed6	Scott Ullrich	</tr>
631			<tr>
632	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Shared secret"); ?>  </td>
633	0b704a40	Ermal	<td class="vtable"><input name="radiuskey2" type="text" class="formfld unknown" id="radiuskey2" size="16" value="<?=htmlspecialchars($pconfig['radiuskey2']);?>"></td>
634	0bd34ed6	Scott Ullrich	</tr>
635			<tr>
636			<td colspan="2" class="list" height="12"></td>
637			</tr>
638	ebc0e4b6	Ermal	<tr>
639	164a1525	Scott Ullrich	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("Tertiary RADIUS server"); ?></td>
640	ebc0e4b6	Ermal	</tr>
641			<tr>
642			<td class="vncell" valign="top"><?=gettext("IP address"); ?></td>
643			<td class="vtable"><input name="radiusip3" type="text" class="formfld unknown" id="radiusip3" size="20" value="<?=htmlspecialchars($pconfig['radiusip3']);?>"><br>
644	d568e38d	Scott Ullrich	<?=gettext("If you have a third RADIUS server, you can activate it by entering its IP address here."); ?></td>
645	ebc0e4b6	Ermal	</tr>
646			<tr>
647			<td class="vncell" valign="top"><?=gettext("Port"); ?></td>
648			<td class="vtable"><input name="radiusport3" type="text" class="formfld unknown" id="radiusport3" size="5" value="<?=htmlspecialchars($pconfig['radiusport3']);?>"></td>
649			</tr>
650			<tr>
651			<td class="vncell" valign="top"><?=gettext("Shared secret"); ?>  </td>
652			<td class="vtable"><input name="radiuskey3" type="text" class="formfld unknown" id="radiuskey3" size="16" value="<?=htmlspecialchars($pconfig['radiuskey3']);?>"></td>
653			</tr>
654			<tr>
655			<td colspan="2" class="list" height="12"></td>
656			</tr>
657			<tr>
658	164a1525	Scott Ullrich	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("Quaternary RADIUS server"); ?></td>
659	ebc0e4b6	Ermal	</tr>
660			<tr>
661			<td class="vncell" valign="top"><?=gettext("IP address"); ?></td>
662			<td class="vtable"><input name="radiusip4" type="text" class="formfld unknown" id="radiusip4" size="20" value="<?=htmlspecialchars($pconfig['radiusip4']);?>"><br>
663	d568e38d	Scott Ullrich	<?=gettext("If you have a fourth RADIUS server, you can activate it by entering its IP address here."); ?></td>
664	ebc0e4b6	Ermal	</tr>
665			<tr>
666			<td class="vncell" valign="top"><?=gettext("Port"); ?></td>
667			<td class="vtable"><input name="radiusport4" type="text" class="formfld unknown" id="radiusport4" size="5" value="<?=htmlspecialchars($pconfig['radiusport4']);?>"></td>
668			</tr>
669			<tr>
670			<td class="vncell" valign="top"><?=gettext("Shared secret"); ?>  </td>
671			<td class="vtable"><input name="radiuskey4" type="text" class="formfld unknown" id="radiuskey4" size="16" value="<?=htmlspecialchars($pconfig['radiuskey4']);?>"></td>
672			</tr>
673			<tr>
674			<td colspan="2" class="list" height="12"></td>
675			</tr>
676	856e58a6	Scott Ullrich	<tr>
677	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("Accounting"); ?></td>
678	856e58a6	Scott Ullrich	</tr>
679			<tr>
680			<td class="vncell"> </td>
681			<td class="vtable"><input name="radacct_enable" type="checkbox" id="radacct_enable" value="yes" onClick="enable_change(false)" <?php if($pconfig['radacct_enable']) echo "checked"; ?>>
682	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("send RADIUS accounting packets"); ?></strong><br>
683	16457bdd	Renato Botelho	<?=gettext("If this is enabled, RADIUS accounting packets will be sent to the primary RADIUS server."); ?></td>
684	856e58a6	Scott Ullrich	</tr>
685			<tr>
686	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Accounting port"); ?></td>
687	b5c78501	Seth Mos	<td class="vtable"><input name="radiusacctport" type="text" class="formfld unknown" id="radiusacctport" size="5" value="<?=htmlspecialchars($pconfig['radiusacctport']);?>"><br>
688	16457bdd	Renato Botelho	<?=gettext("Leave blank to use the default port (1813)."); ?></td>
689	856e58a6	Scott Ullrich	</tr>
690			<tr>
691			<td colspan="2" class="list" height="12"></td>
692			</tr>
693			<tr>
694	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("Reauthentication"); ?></td>
695	856e58a6	Scott Ullrich	</tr>
696			<tr>
697			<td class="vncell"> </td>
698			<td class="vtable"><input name="reauthenticate" type="checkbox" id="reauthenticate" value="yes" onClick="enable_change(false)" <?php if($pconfig['reauthenticate']) echo "checked"; ?>>
699	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Reauthenticate connected users every minute"); ?></strong><br>
700			<?=gettext("If reauthentication is enabled, Access-Requests will be sent to the RADIUS server for each user that is " .
701	16457bdd	Renato Botelho	"logged in every minute. If an Access-Reject is received for a user, that user is disconnected from the captive portal immediately."); ?></td>
702	856e58a6	Scott Ullrich	</tr>
703			<tr>
704	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Accounting updates"); ?></td>
705	856e58a6	Scott Ullrich	<td class="vtable">
706	6fde5a1e	Carlos Eduardo Ramos	<input name="reauthenticateacct" type="radio" value="" <?php if(!$pconfig['reauthenticateacct']) echo "checked"; ?>> <?=gettext("no accounting updates"); ?><br>
707			<input name="reauthenticateacct" type="radio" value="stopstart" <?php if($pconfig['reauthenticateacct'] == "stopstart") echo "checked"; ?>> <?=gettext("stop/start accounting"); ?><br>
708			<input name="reauthenticateacct" type="radio" value="interimupdate" <?php if($pconfig['reauthenticateacct'] == "interimupdate") echo "checked"; ?>> <?=gettext("interim update"); ?>
709	856e58a6	Scott Ullrich	</td>
710			</tr>
711			<tr>
712			<td colspan="2" class="list" height="12"></td>
713			</tr>
714	0bd34ed6	Scott Ullrich	<tr>
715	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("RADIUS MAC authentication"); ?></td>
716	0bd34ed6	Scott Ullrich	</tr>
717			<tr>
718			<td class="vncell"> </td>
719			<td class="vtable">
720	6fde5a1e	Carlos Eduardo Ramos	<input name="radmac_enable" type="checkbox" id="radmac_enable" value="yes" onClick="enable_change(false)" <?php if ($pconfig['radmac_enable']) echo "checked"; ?>><strong><?=gettext("Enable RADIUS MAC authentication"); ?></strong><br>
721			<?=gettext("If this option is enabled, the captive portal will try to authenticate users by sending their MAC address as the username and the password " .
722	16457bdd	Renato Botelho	"entered below to the RADIUS server."); ?></td>
723	0bd34ed6	Scott Ullrich	</tr>
724			<tr>
725	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell"><?=gettext("Shared secret"); ?></td>
726	b5c78501	Seth Mos	<td class="vtable"><input name="radmac_secret" type="text" class="formfld unknown" id="radmac_secret" size="16" value="<?=htmlspecialchars($pconfig['radmac_secret']);?>"></td>
727	0bd34ed6	Scott Ullrich	</tr>
728			<tr>
729			<td colspan="2" class="list" height="12"></td>
730			</tr>
731			<tr>
732	6fde5a1e	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="optsect_t2"><?=gettext("RADIUS options"); ?></td>
733	0bd34ed6	Scott Ullrich	</tr>
734	cf0542ac	Scott Ullrich
735	822b687b	Ermal	<tr>
736	d440e668	Chris Buechler	<td class="vncell" valign="top"><?=gettext("RADIUS NAS IP attribute"); ?></td>
737	822b687b	Ermal	<td>
738			<select name="radiussrcip_attribute" id="radiussrcip_attribute">
739			<?php $iflist = get_configured_interface_with_descr();
740			foreach ($iflist as $ifdesc => $ifdescr) {
741			$ipaddr = get_interface_ip($ifdesc);
742			if (is_ipaddr($ipaddr)) {
743			$selected = "";
744	50779708	Ermal	if ($ifdesc == $pconfig['radiussrcip_attribute'])
745	ebc0e4b6	Ermal	$selected= "selected";
746	822b687b	Ermal	echo "<option value='{$ifdesc}' {$selected}>{$ifdescr} - {$ipaddr}</option>\n";
747			}
748			}
749	34e9ca60	Ermal	if (is_array($config['virtualip']['vip'])) {
750			foreach ($config['virtualip']['vip'] as $sn) {
751			if ($sn['mode'] == "proxyarp" && $sn['type'] == "network") {
752			$start = ip2long32(gen_subnet($sn['subnet'], $sn['subnet_bits']));
753			$end = ip2long32(gen_subnet_max($sn['subnet'], $sn['subnet_bits']));
754			$len = $end - $start;
755
756			for ($i = 0; $i <= $len; $i++) {
757			$snip = long2ip32($start+$i);
758			echo "<option value='{$snip}' {$selected}>" . htmlspecialchars("{$sn['descr']} - {$snip}") . "></option>\n";
759			}
760			} else
761			echo "<option value='{$sn['subnet']}' {$selected}>" . htmlspecialchars("{$sn['descr']} - {$sn['subnet']}") . "></option>\n";
762			}
763			}
764	822b687b	Ermal	?>
765			</select><br/>
766	375828d9	Chris Buechler	<?=gettext("Choose the IP to use for calling station attribute."); ?>
767	822b687b	Ermal	</td>
768			</tr>
769
770	0bd34ed6	Scott Ullrich	<tr>
771	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Session-Timeout"); ?></td>
772			<td class="vtable"><input name="radiussession_timeout" type="checkbox" id="radiussession_timeout" value="yes" <?php if ($pconfig['radiussession_timeout']) echo "checked"; ?>><strong><?=gettext("Use RADIUS Session-Timeout attributes"); ?></strong><br>
773	16457bdd	Renato Botelho	<?=gettext("When this is enabled, clients will be disconnected after the amount of time retrieved from the RADIUS Session-Timeout attribute."); ?></td>
774	0bd34ed6	Scott Ullrich	</tr>
775	cf0542ac	Scott Ullrich
776	0bd34ed6	Scott Ullrich	<tr>
777	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("Type"); ?></td>
778	0bd34ed6	Scott Ullrich	<td class="vtable"><select name="radiusvendor" id="radiusvendor">
779	6fde5a1e	Carlos Eduardo Ramos	<option><?=gettext("default"); ?></option>
780	a5c0b6c7	Scott Ullrich	<?php
781	0bd34ed6	Scott Ullrich	$radiusvendors = array("cisco");
782			foreach ($radiusvendors as $radiusvendor){
783			if ($pconfig['radiusvendor'] == $radiusvendor)
784			echo "<option selected value=\"$radiusvendor\">$radiusvendor</option>\n";
785			else
786			echo "<option value=\"$radiusvendor\">$radiusvendor</option>\n";
787			}
788			?></select><br>
789	3b7f0f53	Erik Fonnesbeck	<?php printf(gettext("If RADIUS type is set to Cisco, in Access-Requests the value of Calling-Station-Id will be set to the client's IP address and " .
790			"the Called-Station-Id to the client's MAC address. Default behavior is Calling-Station-Id = client's MAC address and Called-Station-Id = %s's WAN IP address."),
791	16457bdd	Renato Botelho	$g['product_name']);?></td>
792	0bd34ed6	Scott Ullrich	</tr>
793			</table>
794	5b237745	Scott Ullrich	</tr>
795	d11c1f93	sullrich	<tr>
796	6fde5a1e	Carlos Eduardo Ramos	<td class="vncell" valign="top"><?=gettext("MAC address format"); ?></td>
797	d11c1f93	sullrich	<td class="vtable">
798			<select name="radmac_format" id="radmac_format">
799	6fde5a1e	Carlos Eduardo Ramos	<option><?=gettext("default"); ?></option>
800	d11c1f93	sullrich	<?php
801	6fde5a1e	Carlos Eduardo Ramos	$macformats = array(gettext("singledash"),gettext("ietf"),gettext("cisco"),gettext("unformatted"));
802	d11c1f93	sullrich	foreach ($macformats as $macformat) {
803			if ($pconfig['radmac_format'] == $macformat)
804			echo "<option selected value=\"$macformat\">$macformat</option>\n";
805			else
806			echo "<option value=\"$macformat\">$macformat</option>\n";
807			}
808			?>
809			</select></br>
810	60f13e63	Carlos Eduardo Ramos	<?=gettext("This option changes the MAC address format used in the whole RADIUS system. Change this if you also"); ?>
811	16457bdd	Renato Botelho	<?=gettext("need to change the username format for RADIUS MAC authentication."); ?><br>
812			<?=gettext("default:"); ?> 00:11:22:33:44:55<br>
813			<?=gettext("singledash:"); ?> 001122-334455<br>
814			<?=gettext("ietf:"); ?> 00-11-22-33-44-55<br>
815			<?=gettext("cisco:"); ?> 0011.2233.4455<br>
816			<?=gettext("unformatted:"); ?> 001122334455
817	d11c1f93	sullrich	</tr>
818	5b237745	Scott Ullrich	<tr>
819	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("HTTPS login"); ?></td>
820	5b237745	Scott Ullrich	<td class="vtable">
821	c980716e	Scott Ullrich	<input name="httpslogin_enable" type="checkbox" class="formfld" id="httpslogin_enable" value="yes" <?php if($pconfig['httpslogin_enable']) echo "checked"; ?>>
822	6fde5a1e	Carlos Eduardo Ramos	<strong><?=gettext("Enable HTTPS login"); ?></strong><br>
823	16457bdd	Renato Botelho	<?=gettext("If enabled, the username and password will be transmitted over an HTTPS connection to protect against eavesdroppers. A server name, certificate and matching private key must also be specified below."); ?></td>
824	5b237745	Scott Ullrich	</tr>
825			<tr>
826	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("HTTPS server name"); ?> </td>
827	5b237745	Scott Ullrich	<td class="vtable">
828	b5c78501	Seth Mos	<input name="httpsname" type="text" class="formfld unknown" id="httpsname" size="30" value="<?=htmlspecialchars($pconfig['httpsname']);?>"><br>
829	3b7f0f53	Erik Fonnesbeck	<?php printf(gettext("This name will be used in the form action for the HTTPS POST and should match the Common Name (CN) in your certificate (otherwise, the client browser will most likely display a security warning). Make sure captive portal clients can resolve this name in DNS and verify on the client that the IP resolves to the correct interface IP on %s."), $g['product_name']);?> </td>
830	5b237745	Scott Ullrich	</tr>
831			<tr>
832	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("HTTPS certificate"); ?></td>
833	5b237745	Scott Ullrich	<td class="vtable">
834			<textarea name="cert" cols="65" rows="7" id="cert" class="formpre"><?=htmlspecialchars($pconfig['cert']);?></textarea>
835			<br>
836	16457bdd	Renato Botelho	<?=gettext("Paste a signed certificate in X.509 PEM format here."); ?></td>
837	5b237745	Scott Ullrich	</tr>
838			<tr>
839	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("HTTPS private key"); ?></td>
840	5b237745	Scott Ullrich	<td class="vtable">
841			<textarea name="key" cols="65" rows="7" id="key" class="formpre"><?=htmlspecialchars($pconfig['key']);?></textarea>
842			<br>
843	16457bdd	Renato Botelho	<?=gettext("Paste an RSA private key in PEM format here."); ?></td>
844	5b237745	Scott Ullrich	</tr>
845	c6e1b0f5	Ermal Lu?i	<tr>
846	6fde5a1e	Carlos Eduardo Ramos	<td valign="top" class="vncell"><?=gettext("HTTPS intermediate certificate"); ?></td>
847	c6e1b0f5	Ermal Lu?i	<td class="vtable">
848			<textarea name="cacert" cols="65" rows="7" id="cacert" class="formpre"><?=htmlspecialchars($pconfig['cacert']);?></textarea>
849			<br>
850	16457bdd	Renato Botelho	<?=gettext("Paste a certificate in X.509 PEM format here."); ?></td>
851	c6e1b0f5	Ermal Lu?i	</tr>
852	a5c0b6c7	Scott Ullrich	<tr>
853	b4792bf8	Ermal	<td width="22%" valign="top" class="vncell"><?=gettext("Portal page contents"); ?></td>
854	a5c0b6c7	Scott Ullrich	<td width="78%" class="vtable">
855	b5c78501	Seth Mos	<?=$mandfldhtml;?><input type="file" name="htmlfile" class="formfld file" id="htmlfile"><br>
856	16f5fe76	Scott Ullrich	<?php
857			list($host) = explode(":", $_SERVER['HTTP_HOST']);
858	b4792bf8	Ermal	if($pconfig['zoneid']) {
859			$href = "https://{$host}:{$pconfig['zoneid']}";
860	16f5fe76	Scott Ullrich	} else {
861	b4792bf8	Ermal	$href = "http://{$host}:8000";
862	a5c0b6c7	Scott Ullrich	}
863	16f5fe76	Scott Ullrich	?>
864	b4792bf8	Ermal	<?php if ($pconfig['page']['htmltext']): ?>
865	6fde5a1e	Carlos Eduardo Ramos	<a href="<?=$href?>" target="_new"><?=gettext("View current page"); ?></a>
866	5b237745	Scott Ullrich	<br>
867			<br>
868			<?php endif; ?>
869	3b7f0f53	Erik Fonnesbeck	<?php
870	16457bdd	Renato Botelho	printf(
871	3b7f0f53	Erik Fonnesbeck	gettext('Upload an HTML/PHP file for the portal page here (leave blank to keep the current one). ' .
872			'Make sure to include a form (POST to %1$s) with a submit button (%2$s) and a hidden field with %3$s and %4$s. ' .
873			'Include the %5$s and %6$s and/or %7$s input fields if authentication is enabled, otherwise it will always fail.'),
874	16457bdd	Renato Botelho	""{$PORTAL_ACTION}"",
875			"name="accept"",
876			"name="redirurl"",
877			"value="{$PORTAL_REDIRURL}"",
878			""auth_user"",
879			""auth_pass"",
880			""auth_voucher"");
881			?>
882			<?=gettext("Example code for the form:"); ?><br>
883	5b237745	Scott Ullrich	<br>
884			<tt><form method="post" action="$PORTAL_ACTION$"><br>
885			<input name="auth_user" type="text"><br>
886			<input name="auth_pass" type="password"><br>
887	336e3c1c	Charlie	<input name="auth_voucher" type="text"><br>
888	5b237745	Scott Ullrich	<input name="redirurl" type="hidden" value="$PORTAL_REDIRURL$"><br>
889			<input name="accept" type="submit" value="Continue"><br>
890			</form></tt></td>
891			</tr>
892			<tr>
893	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Authentication"); ?><br>
894			<?=gettext("error page"); ?><br>
895			<?=gettext("contents"); ?></td>
896	5b237745	Scott Ullrich	<td class="vtable">
897	b5c78501	Seth Mos	<input name="errfile" type="file" class="formfld file" id="errfile"><br>
898	b4792bf8	Ermal	<?php if ($pconfig['page']['errtext']): ?>
899	6fde5a1e	Carlos Eduardo Ramos	<a href="?act=viewerrhtml" target="_blank"><?=gettext("View current page"); ?></a>
900	5b237745	Scott Ullrich	<br>
901			<br>
902			<?php endif; ?>
903	6fde5a1e	Carlos Eduardo Ramos	<?=gettext("The contents of the HTML/PHP file that you upload here are displayed when an authentication error occurs. " .
904	16457bdd	Renato Botelho	"You may include"); ?> "$PORTAL_MESSAGE$", <?=gettext("which will be replaced by the error or reply messages from the RADIUS server, if any."); ?></td>
905	5b87b24e	Ermal	</tr>
906			<tr>
907	6fde5a1e	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Logout"); ?><br>
908			<?=gettext("page"); ?><br>
909			<?=gettext("contents"); ?></td>
910	5b87b24e	Ermal	<td class="vtable">
911			<input name="logoutfile" type="file" class="formfld file" id="logoutfile"><br>
912	b4792bf8	Ermal	<?php if ($pconfig['page']['logouttext']): ?>
913	6fde5a1e	Carlos Eduardo Ramos	<a href="?act=viewlogouthtml" target="_blank"><?=gettext("View current page"); ?></a>
914	5b87b24e	Ermal	<br>
915			<br>
916			<?php endif; ?>
917	a36e98ff	Erik Fonnesbeck	<?=gettext("The contents of the HTML/PHP file that you upload here are displayed on authentication success when the logout popup is enabled."); ?></td>
918	5b237745	Scott Ullrich	</tr>
919	a5c0b6c7	Scott Ullrich	<tr>
920	5b237745	Scott Ullrich	<td width="22%" valign="top"> </td>
921	a5c0b6c7	Scott Ullrich	<td width="78%">
922	b4792bf8	Ermal	<?php echo "<input name='zone' id='zone' type='hidden' value='{$cpzone}'/>"; ?>
923	6fde5a1e	Carlos Eduardo Ramos	<input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" onClick="enable_change(true)">
924	b4792bf8	Ermal	<a href="services_captiveportal_zones.php"><input name="Cancel" type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" onClick="enable_change(true)"></a>
925	5b237745	Scott Ullrich	</td>
926			</tr>
927	a5c0b6c7	Scott Ullrich	<tr>
928	5b237745	Scott Ullrich	<td width="22%" valign="top"> </td>
929	16457bdd	Renato Botelho	<td width="78%"><span class="vexpl"><span class="red"><strong><?=gettext("Note:"); ?><br>
930			</strong></span><?=gettext("Changing any settings on this page will disconnect all clients! Don't forget to enable the DHCP server on your captive portal interface! Make sure that the default/maximum DHCP lease time is higher than the timeout entered on this page. Also, the DNS forwarder needs to be enabled for DNS lookups by unauthenticated clients to work."); ?> </span></td>
931	5b237745	Scott Ullrich	</tr>
932			</table>
933			</td>
934			</tr>
935			</table>
936			</form>
937			<script language="JavaScript">
938			<!--
939			enable_change(false);
940			//-->
941			</script>
942			<?php include("fend.inc"); ?>
943	93588e1a	Scott Dale	</body>
944			</html>

Project

General

Profile

pfSense