[people/pmueller/ipfire-2.x.git] / html / cgi-bin / captive / index.cgi

#!/usr/bin/perl
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2016  Alexander Marx alexander.marx@ipfire.org                #
#                                                                             #
# This program is free software you can redistribute it and/or modify         #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

use strict;
use CGI ':standard';
use URI::Escape;
use HTML::Entities();
use HTML::Template;

# enable only the following on debugging purpose
#use warnings;
#use CGI::Carp 'fatalsToBrowser';

require '/var/ipfire/general-functions.pl';
require "${General::swroot}/lang.pl";

# Load the most appropriate language from the browser configuration
my @langs = &Lang::DetectBrowserLanguages();
&Lang::reload(@langs);

my $coupons = "${General::swroot}/captive/coupons";
my %couponhash = ();

my %clientshash=();
my %cgiparams=();
my %settings=();
my $clients="${General::swroot}/captive/clients";
my $settingsfile="${General::swroot}/captive/settings";
my $errormessage;
my $url=param('redirect');

#Create /var/ipfire/captive/clients if not exist
unless (-f $clients){ system("touch $clients"); }

#Get GUI variables
&getcgihash(\%cgiparams);

#Read settings
&General::readhash("$settingsfile", \%settings) if(-f $settingsfile);

# Actions
if ($cgiparams{'ACTION'} eq "SUBMIT") {
	# Get client IP address
	my $ip_address = $ENV{X_FORWARDED_FOR} || $ENV{REMOTE_ADDR};

	# Retrieve the MAC address from the ARP table
	my $mac_address = &Network::get_hardware_address($ip_address);

	&General::readhasharray("$clients", \%clientshash);
	my $key = &General::findhasharraykey(\%clientshash);

	# Create a new client line
	foreach my $i (0 .. 5) { $clientshash{$key}[$i] = ""; }

	# MAC address of the client
	$clientshash{$key}[0] = $mac_address;

	# IP address of the client
	$clientshash{$key}[1] = $ip_address;

	# Current time
	$clientshash{$key}[2] = time();

	if ($settings{"AUTH"} eq "COUPON") {
		&General::readhasharray($coupons, \%couponhash);

		if ($cgiparams{'COUPON'}) {
			# Convert coupon input to uppercase
			$cgiparams{'COUPON'} = uc $cgiparams{'COUPON'};

			# Walk through all valid coupons and find the right one
			my $found = 0;
			foreach my $coupon (keys %couponhash) {
				if ($couponhash{$coupon}[1] eq $cgiparams{'COUPON'}) {
					$found = 1;

					# Copy expiry time
					$clientshash{$key}[3] = $couponhash{$coupon}[2];

					# Save coupon code
					$clientshash{$key}[4] = $cgiparams{'COUPON'};

					# Copy coupon remark
					$clientshash{$key}[5] = $couponhash{$coupon}[3];

					# Delete used coupon
					delete $couponhash{$coupon};
					&General::writehasharray($coupons, \%couponhash);

					last;
				}
			}

			if ($found == 1) {
				&General::log("Captive", "Internet access granted via coupon ($clientshash{$key}[4]) for $ip_address until $clientshash{$key}[3]");
			} else {
				$errormessage = $Lang::tr{"Captive invalid coupon"};
			}

		# No coupon given
		} else {
			$errormessage = $Lang::tr{"Captive please enter a coupon code"};
		}

	# Terms
	} else {
		# Make sure that they have been accepted
		if ($cgiparams{'TERMS'} eq "on") {
			# Copy session expiry time
			$clientshash{$key}[3] = $settings{'SESSION_TIME'} || "0";

			# No coupon code
			$clientshash{$key}[4] = "TERMS";

			&General::log("Captive", "Internet access granted via license agreement for $ip_address until $clientshash{$key}[3]");

		# The terms have not been accepted
		} else {
			$errormessage = $Lang::tr{'Captive please accept the terms and conditions'};
		}
	}

	# If no errors were found, save configruation and reload
	if (!$errormessage) {
		&General::writehasharray("$clients", \%clientshash);

		system("/usr/local/bin/captivectrl");

		# Redirect client to the original URL
		print "Status: 302 Moved Temporarily\n";
		print "Location: $url\n";
		print "Connection: close\n\n";
		exit 0;
	}
}

my $tmpl = HTML::Template->new(
	filename => "/srv/web/ipfire/html/captive/template.html",
	die_on_bad_params => 0
);

$tmpl->param(REDIRECT => $url);

# Coupon
if ($settings{'AUTH'} eq "COUPON") {
	$tmpl->param(COUPON => 1);
	$tmpl->param(L_HEADING => $Lang::tr{'Captive coupon'});
} else {
	$tmpl->param(L_HEADING => $Lang::tr{'Captive terms'});
}

$tmpl->param(TITLE => $settings{'TITLE'});
$tmpl->param(COLOR => $settings{'COLOR'});
$tmpl->param(ERROR => $errormessage);

$tmpl->param(TERMS => &getterms());

# Some translated strings
$tmpl->param(L_ACTIVATE        => $Lang::tr{'Captive ACTIVATE'});
$tmpl->param(L_GAIN_ACCESS     => $Lang::tr{'Captive GAIN ACCESS'});
$tmpl->param(L_AGREE_TERMS     => $Lang::tr{'Captive agree tac'});

# Print header
print "Pragma: no-cache\n";
print "Cache-control: no-cache\n";
print "Connection: close\n";
print "Content-type: text/html\n\n";

# Print rendered template
print $tmpl->output();

sub getcgihash {
	my ($hash, $params) = @_;
	my $cgi = CGI->new ();
	$hash->{'__CGI__'} = $cgi;
	return if ($ENV{'REQUEST_METHOD'} ne 'POST');
	if (!$params->{'wantfile'}) {
		$CGI::DISABLE_UPLOADS = 1;
		$CGI::POST_MAX        = 1024 * 1024;
	} else {
		$CGI::POST_MAX = 10 * 1024 * 1024;
	}
	$cgi->referer() =~ m/^http?\:\/\/([^\/]+)/;
	my $referer = $1;
	$cgi->url() =~ m/^http?\:\/\/([^\/]+)/;
	my $servername = $1;
	return if ($referer ne $servername);

	### Modified for getting multi-vars, split by |
	my %temp = $cgi->Vars();
        foreach my $key (keys %temp) {
		$hash->{$key} = $temp{$key};
		$hash->{$key} =~ s/\0/|/g;
		$hash->{$key} =~ s/^\s*(.*?)\s*$/$1/;
        }

	if (($params->{'wantfile'})&&($params->{'filevar'})) {
		$hash->{$params->{'filevar'}} = $cgi->upload
						($params->{'filevar'});
	}
	return;
}

sub getterms() {
	my @terms = ();

	open(my $handle, "<:utf8", "/var/ipfire/captive/terms.txt");
	while(<$handle>) {
		$_ = HTML::Entities::decode_entities($_);
		push(@terms, $_);
	}
	close($handle);

	my $terms = join("\n", @terms);

	# Format paragraphs
	$terms =~ s/\n\n/<\/p>\n<p>/g;

	return $terms;
}
Commit	Line	Data
	1	#!/usr/bin/perl
	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
	5	# Copyright (C) 2016 Alexander Marx alexander.marx@ipfire.org #
	6	# #
	7	# This program is free software you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
	22	use strict;
	23	use CGI ':standard';
	24	use URI::Escape;
	25	use HTML::Entities();
	26	use HTML::Template;
	27
	28	# enable only the following on debugging purpose
	29	#use warnings;
	30	#use CGI::Carp 'fatalsToBrowser';
	31
	32	require '/var/ipfire/general-functions.pl';
	33	require "${General::swroot}/lang.pl";
	34
	35	# Load the most appropriate language from the browser configuration
	36	my @langs = &Lang::DetectBrowserLanguages();
	37	&Lang::reload(@langs);
	38
	39	my $coupons = "${General::swroot}/captive/coupons";
	40	my %couponhash = ();
	41
	42	my %clientshash=();
	43	my %cgiparams=();
	44	my %settings=();
	45	my $clients="${General::swroot}/captive/clients";
	46	my $settingsfile="${General::swroot}/captive/settings";
	47	my $errormessage;
	48	my $url=param('redirect');
	49
	50	#Create /var/ipfire/captive/clients if not exist
	51	unless (-f $clients){ system("touch $clients"); }
	52
	53	#Get GUI variables
	54	&getcgihash(\%cgiparams);
	55
	56	#Read settings
	57	&General::readhash("$settingsfile", \%settings) if(-f $settingsfile);
	58
	59	# Actions
	60	if ($cgiparams{'ACTION'} eq "SUBMIT") {
	61	# Get client IP address
	62	my $ip_address = $ENV{X_FORWARDED_FOR} \|\| $ENV{REMOTE_ADDR};
	63
	64	# Retrieve the MAC address from the ARP table
	65	my $mac_address = &Network::get_hardware_address($ip_address);
	66
	67	&General::readhasharray("$clients", \%clientshash);
	68	my $key = &General::findhasharraykey(\%clientshash);
	69
	70	# Create a new client line
	71	foreach my $i (0 .. 5) { $clientshash{$key}[$i] = ""; }
	72
	73	# MAC address of the client
	74	$clientshash{$key}[0] = $mac_address;
	75
	76	# IP address of the client
	77	$clientshash{$key}[1] = $ip_address;
	78
	79	# Current time
	80	$clientshash{$key}[2] = time();
	81
	82	if ($settings{"AUTH"} eq "COUPON") {
	83	&General::readhasharray($coupons, \%couponhash);
	84
	85	if ($cgiparams{'COUPON'}) {
	86	# Convert coupon input to uppercase
	87	$cgiparams{'COUPON'} = uc $cgiparams{'COUPON'};
	88
	89	# Walk through all valid coupons and find the right one
	90	my $found = 0;
	91	foreach my $coupon (keys %couponhash) {
	92	if ($couponhash{$coupon}[1] eq $cgiparams{'COUPON'}) {
	93	$found = 1;
	94
	95	# Copy expiry time
	96	$clientshash{$key}[3] = $couponhash{$coupon}[2];
	97
	98	# Save coupon code
	99	$clientshash{$key}[4] = $cgiparams{'COUPON'};
	100
	101	# Copy coupon remark
	102	$clientshash{$key}[5] = $couponhash{$coupon}[3];
	103
	104	# Delete used coupon
	105	delete $couponhash{$coupon};
	106	&General::writehasharray($coupons, \%couponhash);
	107
	108	last;
	109	}
	110	}
	111
	112	if ($found == 1) {
	113	&General::log("Captive", "Internet access granted via coupon ($clientshash{$key}[4]) for $ip_address until $clientshash{$key}[3]");
	114	} else {
	115	$errormessage = $Lang::tr{"Captive invalid coupon"};
	116	}
	117
	118	# No coupon given
	119	} else {
	120	$errormessage = $Lang::tr{"Captive please enter a coupon code"};
	121	}
	122
	123	# Terms
	124	} else {
	125	# Make sure that they have been accepted
	126	if ($cgiparams{'TERMS'} eq "on") {
	127	# Copy session expiry time
	128	$clientshash{$key}[3] = $settings{'SESSION_TIME'} \|\| "0";
	129
	130	# No coupon code
	131	$clientshash{$key}[4] = "TERMS";
	132
	133	&General::log("Captive", "Internet access granted via license agreement for $ip_address until $clientshash{$key}[3]");
	134
	135	# The terms have not been accepted
	136	} else {
	137	$errormessage = $Lang::tr{'Captive please accept the terms and conditions'};
	138	}
	139	}
	140
	141	# If no errors were found, save configruation and reload
	142	if (!$errormessage) {
	143	&General::writehasharray("$clients", \%clientshash);
	144
	145	system("/usr/local/bin/captivectrl");
	146
	147	# Redirect client to the original URL
	148	print "Status: 302 Moved Temporarily\n";
	149	print "Location: $url\n";
	150	print "Connection: close\n\n";
	151	exit 0;
	152	}
	153	}
	154
	155	my $tmpl = HTML::Template->new(
	156	filename => "/srv/web/ipfire/html/captive/template.html",
	157	die_on_bad_params => 0
	158	);
	159
	160	$tmpl->param(REDIRECT => $url);
	161
	162	# Coupon
	163	if ($settings{'AUTH'} eq "COUPON") {
	164	$tmpl->param(COUPON => 1);
	165	$tmpl->param(L_HEADING => $Lang::tr{'Captive coupon'});
	166	} else {
	167	$tmpl->param(L_HEADING => $Lang::tr{'Captive terms'});
	168	}
	169
	170	$tmpl->param(TITLE => $settings{'TITLE'});
	171	$tmpl->param(COLOR => $settings{'COLOR'});
	172	$tmpl->param(ERROR => $errormessage);
	173
	174	$tmpl->param(TERMS => &getterms());
	175
	176	# Some translated strings
	177	$tmpl->param(L_ACTIVATE => $Lang::tr{'Captive ACTIVATE'});
	178	$tmpl->param(L_GAIN_ACCESS => $Lang::tr{'Captive GAIN ACCESS'});
	179	$tmpl->param(L_AGREE_TERMS => $Lang::tr{'Captive agree tac'});
	180
	181	# Print header
	182	print "Pragma: no-cache\n";
	183	print "Cache-control: no-cache\n";
	184	print "Connection: close\n";
	185	print "Content-type: text/html\n\n";
	186
	187	# Print rendered template
	188	print $tmpl->output();
	189
	190	sub getcgihash {
	191	my ($hash, $params) = @_;
	192	my $cgi = CGI->new ();
	193	$hash->{'__CGI__'} = $cgi;
	194	return if ($ENV{'REQUEST_METHOD'} ne 'POST');
	195	if (!$params->{'wantfile'}) {
	196	$CGI::DISABLE_UPLOADS = 1;
	197	$CGI::POST_MAX = 1024 * 1024;
	198	} else {
	199	$CGI::POST_MAX = 10 * 1024 * 1024;
	200	}
	201	$cgi->referer() =~ m/^http?\:\/\/([^\/]+)/;
	202	my $referer = $1;
	203	$cgi->url() =~ m/^http?\:\/\/([^\/]+)/;
	204	my $servername = $1;
	205	return if ($referer ne $servername);
	206
	207	### Modified for getting multi-vars, split by \|
	208	my %temp = $cgi->Vars();
	209	foreach my $key (keys %temp) {
	210	$hash->{$key} = $temp{$key};
	211	$hash->{$key} =~ s/\0/\|/g;
	212	$hash->{$key} =~ s/^\s(.?)\s*$/$1/;
	213	}
	214
	215	if (($params->{'wantfile'})&&($params->{'filevar'})) {
	216	$hash->{$params->{'filevar'}} = $cgi->upload
	217	($params->{'filevar'});
	218	}
	219	return;
	220	}
	221
	222	sub getterms() {
	223	my @terms = ();
	224
	225	open(my $handle, "<:utf8", "/var/ipfire/captive/terms.txt");
	226	while(<$handle>) {
	227	$_ = HTML::Entities::decode_entities($_);
	228	push(@terms, $_);
	229	}
	230	close($handle);
	231
	232	my $terms = join("\n", @terms);
	233
	234	# Format paragraphs
	235	$terms =~ s/\n\n/<\/p>\n<p>/g;
	236
	237	return $terms;
	238	}