pfSense

* html attributes should be using double-quoted attribute-values. This means your php-code should probably use single-quoted strings

* we use icons for status-indication and buttons for actions

* **do not** refactor any of the 'backend' code that is on top of each file. Only changes necessary after updating are acceptable; any other changes will be rejected (including changes that were done upstream)

If you feel adventurous you can sometimes rewrite some PHP & javascript code as well; but try to keep this to a minimum.

# Development setup

## Qemu

		return;

	}

	$oper_sep = "\|\|";

	// Encryption password

		}

		if (!is_ipaddr($nasip)) {

			$nasip = get_interface_ip($nasip);

			if (!is_ipaddr($nasip)) {

				$nasip = get_interface_ip();//We use wan interface IP as fallback for NAS-IP-Address

			}

		$rauth->putAttribute(RADIUS_NAS_IP_ADDRESS, $nasip, "addr");

		$rauth->putAttribute(RADIUS_NAS_IDENTIFIER, $nasid);

		if(!empty($attributes['calling_station_id'])) {

			$rauth->putAttribute(RADIUS_CALLING_STATION_ID, $attributes['calling_station_id']);

		}

		}

		if(!empty($attributes['nas_port_type'])) {

			$rauth->putAttribute(RADIUS_NAS_PORT_TYPE, $attributes['nas_port_type']);

		if(!empty($attributes['nas_port'])) {

			$rauth->putAttribute(RADIUS_NAS_PORT, intval($attributes['nas_port']), 'integer');

		}

		$ret = false;

	}

	// Get attributes, even if auth failed.

	if ($rauth->getAttributes()) {

	$attributes = array_merge($attributes,$rauth->listAttributes());

			$stt = strtotime(preg_replace("/\+(\d+):(\d+)$/", " +\${1}\${2}", preg_replace("/(\d+)T(\d+)/", "\${1} \${2}",$stt)));

		}

	}

	// close OO RADIUS_AUTHENTICATION

	$rauth->close();

}

/*

true : authentication worked

null : error during authentication process (unable to reach remote server, etc...)

*/

function authenticate_user($username, $password, $authcfg = NULL, &$attributes = array()) {

 * limitations under the License.

 */

/*

 * in cases where frequent automatic requests are made like graphs and widget pages.

 */

 */

/*

 * cmp_page_matches is used by both auth_check.inc and priv.inc which is used by guiconfig.inc

 */

	if ($attributes['voucher']) {

		$remaining_time = $attributes['session_timeout'];

		$context = "voucher";

	}

	$writecfg = false;

	if ((isset($config['captiveportal'][$cpzone]['noconcurrentlogins'])) && ($username != 'unauthenticated') && isset($config['captiveportal'][$cpzone]['passthrumacadd'])) {

		$mac = captiveportal_passthrumac_findbyname($username);

		if (!empty($mac)) {

 ******/

/* mount flash card read/write */

function conf_mount_rw() {

	return;

}

 *   null

 ******/

function conf_mount_ro() {

	return;

}

	global $config, $g;

	// Certain strings may be embedded in the $desc (reason) parameter to trigger certain behavior.

	$doacb = true;

	$manual_acb = false;

	$rcnt = 0;

##|*IDENT=page-system-copyright

##|*NAME=System: Copyright notice

##|*DESCR=Copyright and usage notice.

##|-PRIV

/*

 * The copyright text may have been downloaded from the Netgate server, but if not the default text defined here

 * is used

 */

	if (isset($wancfg['dhcp6withoutra'])) {

		/*

		 * Start dhcp6c here if we don't want to wait for ra - calls

		 *

		 * In this mode dhcp6c launches rtsold via its script. RTSOLD

		 * will then run the configure on receipt of the RA.

 * This part handles matching properly placed curly braces and semicolons.

 * If in doubt just do experiments! To achieve matching the curly braces we need

 * to check at all levels however we do just capture it all since matching the

 * regexes.

 * Same idea as with base_regex above, but not expanded to save space.

 */

 * #  Comment under Free-spacing mode.

 *    If free-spacing mode is not on one can use (?#Some comment)

 *

 *             Defines a subpattern that we intend to use

 *

 * (?'hexncolon'  A named group.

 *

 * (?>  Atomic (capturing) group.

 *      When it has a match it throws away all backtracking info it might have

 *

 * \G  We use \G once to alternate away from acceptable characters and instead

 *     match from the point where the last match ended. In our case below it is

 * Enumerated comments/documentation

 *

 * 1.

 * (remember we do not capture with negative lookahead).

 * check_noclosingsinglecolon defines inside (the inner check) the opposite of

 * what we match. Therefore 'anti' match.

	stream_set_blocking($pipes[1], 0);

	stream_set_blocking($pipes[2], 0);

	$timeout = 60; // seconds

	$error_log = '';

	pkg_debug("Installing package {$shortname}\n");

	if ($force || !is_pkg_installed($pkg_name)) {

		$result = pkg_call("install -y " . $pkg_force . $pkg_name);

		pkg_call("clean -y");

	}

	pkg_debug("Removing package {$shortname}\n");

	if (is_pkg_installed($pkg_name)) {

		pkg_call("delete -y " . $pkg_name);

		pkg_call("autoremove -y");

	}

}

}

/*

 * packages installed in config.xml and install pkg accordingly

 */

function package_reinstall_all() {

	$rrdinterval = 60;

	$valid = $rrdinterval * 2;

	$downstream = 125000000;

	$upstream = 125000000;

	$rrdinterval = 60;

	$valid = $rrdinterval * 2;

	$downstream = 125000000;

	$upstream = 125000000;

function generate_usermanager_radius_config($cpzone, $counter, $protocol, $ip, $key, $port, $radiussrcip_attribute, $is_accounting=false, $accounting_port=false) {

	global $config;

	$pconfig = array();

	if (!is_array($config['system']['authserver'])) {

		$config['system']['authserver'] = array();

	}

	$pconfig['name'] = "Auto generated from Captive Portal {$cpzone}";

	if ($counter != 1) {

		$pconfig['name'] .= " {$counter}";

	$pconfig['radius_timeout'] = 3;

	$pconfig['radius_auth_port'] = $port;

	$pconfig['radius_nasip_attribute'] = $radiussrcip_attribute;

	if($is_accounting) {

		$pconfig['radius_srvcs'] = "both";

		$pconfig['radius_acct_port'] = $accounting_port;

	}

	$config['system']['authserver'][] = $pconfig;

	return 'radius - '.$pconfig['name'];

}

	if (is_array($config['captiveportal'])) {

		foreach ($config['captiveportal'] as $cpzone => $cp) {

			// It will be automatically re-generated on next captiveportal_readdb()/captiveportal_writedb()

			$db_path = "{$g['vardb_path']}/captiveportal{$cpzone}.db";

			unlink_if_exists($db_path);

				$auth_servers = array();

				$auth_servers2 = array();

				$radiuscounter = 1;

				if (intval($cp['radiusport']) == 0) {

					$cp['radiusport'] = 1812;

				}

					$cp['radiussrcip_attribute'] = 'wan';

				}

				$auth_servers[] = generate_usermanager_radius_config($cpzone, $radiuscounter, $cp['radius_protocol'], $cp['radiusip'], $cp['radiuskey'], $cp['radiusport'], $cp['radiussrcip_attribute'], isset($cp['radacct_enable']), $cp['radiusacctport']);

				if (!empty($cp['radiusip2'])) {

					$radiuscounter++;

					if (intval($cp['radiusport2']) == 0) {

						$cp['radiusport2'] = 1812;

				}

				if (!empty($cp['radiusip3'])) {

					$radiuscounter++;

					if (intval($cp['radiusport3']) == 0) {

						$cp['radiusport3'] = 1812;

					}

				}

				if (!empty($cp['radiusip4'])) {

					$radiuscounter++;

					if (intval($cp['radiusport4']) == 0) {

						$cp['radiusport4'] = 1812;

					}

				}

				$cp['auth_method'] = 'authserver';

				$cp['auth_server'] = implode(",", $auth_servers);

				$cp['auth_server2'] = implode(",", $auth_servers2);

			} elseif ($cp['auth_method'] === 'local') { // Local Auth

				$cp['auth_method'] = 'authserver';

				$cp['auth_server'] = "Local Auth - Local Database";

			// we don't need to update anything when "none" auth method is selected

			$config['captiveportal'][$cpzone] = $cp;

		}

	}

	    isset($config['hasync']['synchronizelb'])) {

		unset($config['hasync']['synchronizelb']);

	}

	/* If the LB widget is present, remove it*/

	if (isset($config['widgets']) &&

	    isset($config['widgets']['sequence']) &&

	if (is_array($a_client) && isset($a_client['enable'])) {

		$strongswan .= "\t\tattr {\n";

		$cfgservers = array();

		if (!empty($a_client['wins_server1'])) {

			$cfgservers[] = $a_client['wins_server1'];

				if (!empty($a_client['dns_server4'])) {

					$rightdnsservers[] = $a_client['dns_server4'];

				}

				if (count($rightdnsservers)) {

					$rightdnsserver = "\trightdns = " . implode(',', $rightdnsservers) . "\n";

				}

					// supported: ipv4, ipv6, rfc822, email, userfqdn, fqdn, dns, asn1dn, asn1gn, keyid

					// example: $ipsecfin = "\trightid = email:your@email.address\n";

					// example: $ipsecfin = "\tleftsubnet = 1.1.1.1/32,1.1.1.2/32,2.2.2.0/24\n";

					$mobilekey_counter++;

if (platform_booting() && !in_array(substr($interface_real, 0, 3), array("ppp", "ppt", "l2t"))) {

	// unlike dhcp interfaces which wait until they get an ip, a ppp connection lets the boot continue while 

	// route would not be set, this script must continue to use the new assigned ip even while booting

	// https://redmine.pfsense.org/issues/8561

	file_notice("SSH", "{$g['product_name']} has completed creating your SSH keys.  SSH is now started.", "SSH Startup", "");

}

$sshd_pid = exec("ps ax | egrep '/usr/sbin/[s]shd' | awk '{print $1}'");

if ($sshd_pid <> "") {

	echo "stopping ssh process $sshd_pid \n";

 * Tests the content for valid IPv6 addresses and compares the matches against

 * a checklist. Each checklist entry is also separately matched and compared

 * against itself. The order of the resulting matches must be identical to the

 *

 * Amount of matches should always equal amount of list entries in the

 * checklist.

 * Fails should always stay 0.

 * Fails are for iterations where:

 * * comparison between a current match of text and a current list entry are

    height: 100%;

}

@-webkit-keyframes autofill {

    to {

        color: white;

    content: normal;

}

.diff-text {

    color: #000000;

}

	// Remove focus on page load

	document.activeElement.blur()

	function show_advopts(ispageload) {

		var text;

		// On page load decide the initial state based on the data.

		setHelpText(target, dispstr);

	}

	// fields are disabled

	function disable_most(disable) {

		var elementsToDisable = [

include("head.inc");

function build_date_table() {

	$tblstr = "";

}

// ---------------------Centralized widget refresh system -------------------------------------------

var ajaxspecs = new Array();	// Array to hold widget refresh specifications (objects )

var ajaxidx = 0;

var ajaxmutex = false;

$a_gateways = &$config['gateways']['gateway_item'];

$interfaces = get_configured_interface_with_descr();

 * configured here. See https://redmine.pfsense.org/issues/8687 */

$no_address_interfaces = array("ovpn", "ipsec", "gif", "gre");

$show_address_controls = true;

			/* If we are in firewall/routing mode (not single interface)

			 * then ensure that we are not running DHCP on the wan which

			 */

			if ($config['interfaces']['lan'] && $config['dhcpd']['wan']) {

				unset($config['dhcpd']['wan']);

	if ($firmwareupdate):

		// Check to see if any new repositories have become available. This data is cached and

		update_repos();

		$repopath = "/usr/local/share/{$g['product_name']}/pkg/repos";

		$helpfilename = "{$repopath}/{$g['product_name']}-repo-custom.help";

		}

	}

	if (curl_errno($curl_session)) {

		$fd = fopen("/tmp/acb_restoredebug.txt", "w");

		fwrite($fd, $get_url . "" . "action=restore&hostname={$hostname}&revision=" . urlencode($_REQUEST['newver']) . "\n\n");

		fwrite($fd, $data);

<?php endif; ?>

	   </nav>

<?php

// is provided so that you only see the notes if you ask for them

?>

<div class="infoblock panel panel-default">

			$config['voucher'][$cpzone] = $newvoucher;

			write_config();

			voucher_configure_zone();

			captiveportal_configure_zone($config['captiveportal'][$cpzone]);

		} else {

			$newvoucher['vouchersyncdbip'] = $_POST['vouchersyncdbip'];

						$config['voucher'][$cpzone] = $newvoucher;

						write_config();

						voucher_configure_zone(true);

						captiveportal_configure_zone($config['captiveportal'][$cpzone]);

					}

				}

				}

			}

		}

		if (graphstatmax < statmax) {

			// peek value + 10% keeps a little room for it to increase

			graphstatmax = statmax * 1.1;

display_top_tabs($tab_array);

// Check to see if any new repositories have become available. This data is cached and

update_repos();

$repopath = "/usr/local/share/{$g['product_name']}/pkg/repos";

$helpfilename = "{$repopath}/{$g['product_name']}-repo-custom.help";

	});

	function copyselect(selected) {

		$('.multiselect').html($('.shadowselect').html());

		if (selected) {

		ealgosel_change(id, 0);

	});

	myidsel_change();

	peeridsel_change();

	iketype_change();

		foreach ($a_phase2 as $key => $name) {

			if (isset($name['mobile']) && $name['uniqid'] != $pconfig['uniqid']) {

				$localid_data = ipsec_idinfo_to_cidr($name['localid'], false, $name['mode']);

				$entered = array();

				$entered['type'] = $pconfig['localid_type'];

<?php if ($widget_first_instance): ?>

<script type="text/javascript">

//<![CDATA[

function convertDateToUTC(date,offset) {

	var hours_offset = offset/3600;

	var minute_offset = (offset % 3600)/60;

//save widget config settings on POST

if ($_POST['widgetkey']) {

	if (isset($_POST["thermal_sensors_widget_show_fahrenheit"])) {

		$_POST["thermal_sensors_widget_zone_warning_threshold"] = floor(($_POST["thermal_sensors_widget_zone_warning_threshold"] - 32) / 1.8);

		$_POST["thermal_sensors_widget_zone_critical_threshold"] = floor(($_POST["thermal_sensors_widget_zone_critical_threshold"] - 32) / 1.8);

		$_POST["thermal_sensors_widget_core_warning_threshold"] = floor(($_POST["thermal_sensors_widget_core_warning_threshold"] - 32) / 1.8);

}

// Convert a string containing a text version of a PHP array into a real $config array

function config_array_from_str( $text) {

	$t = str_replace("[", "", $text);	// Remove '['

	$t = str_replace("'", "", $t);		// Remove '

	}

}

ignore_user_abort(true);

set_time_limit(0);