Changeset 402
- Timestamp:
- 01/26/05 15:43:34 (8 years ago)
- Location:
- trunk/wifidog-auth/wifidog
- Files:
-
- 1 added
- 1 removed
- 21 modified
-
admin/hotspot.php (modified) (4 diffs)
-
admin/import_user_database.php (modified) (1 diff)
-
admin/templates/hotspot_edit.html (modified) (2 diffs)
-
change_password.php (modified) (1 diff)
-
classes/Node.php (modified) (4 diffs)
-
classes/SmartyWifidog.php (modified) (1 diff)
-
classes/User.php (added)
-
gw_message.php (modified) (1 diff)
-
hotspot_status.php (modified) (1 diff)
-
include/common.php (modified) (1 diff)
-
include/mgmt_helpers.php (deleted)
-
index.php (modified) (1 diff)
-
login/index.php (modified) (4 diffs)
-
lost_password.php (modified) (1 diff)
-
lost_username.php (modified) (1 diff)
-
node_list.php (modified) (1 diff)
-
portal/index.php (modified) (2 diffs)
-
resend_validation.php (modified) (2 diffs)
-
signup.php (modified) (1 diff)
-
templates/header.html (modified) (1 diff)
-
templates/user_management_menu.html (modified) (1 diff)
-
templates/validate.html (modified) (1 diff)
-
validate.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/wifidog-auth/wifidog/admin/hotspot.php
r401 r402 25 25 define('BASEPATH','../'); 26 26 require_once 'admin_common.php'; 27 require_once BASEPATH.'classes/Node.php'; 27 28 28 29 $user_id = $session->get(SESS_USERNAME_VAR); … … 35 36 $smarty->assign("title", _("Edit a hotspot with")); 36 37 37 $db->ExecSql("SELECT * FROM node_deployment_status", $node_deployment_status_results, false); 38 if ("$node_id" != "new") { // Node creation 39 $node = Node::GetObject($node_id); 40 } 38 41 39 if ("$node_id" != "new") { // Node creation 40 $db->ExecSqlUniqueRes("SELECT node_id, name, rss_url, home_page_url, description, map_url, street_address, public_phone_number, public_email, mass_transit_info, node_deployment_status FROM nodes WHERE node_id='$node_id'", $node_result, false); 41 } 42 43 $smarty->assign("node", $node_result); 42 $smarty->register_object("node", $node); 44 43 $smarty->assign("user_id", $user_id); 45 44 $smarty->assign("node_id", $node_id); 45 $smarty->assign('node_deployment_status', Node::GetAllDeploymentStatus()); 46 46 47 foreach($node_deployment_status_results as $status) {48 $smarty->append('node_deployment_status', "$status[node_deployment_status]");49 }50 47 $smarty->display("admin/templates/hotspot_edit.html"); 48 51 49 } elseif ($action=='add_node') { // Display hotspot creation form 52 $smarty->assign("title", _("Add a new hotspot with"));53 54 $db->ExecSql("SELECT * FROM node_deployment_status", $node_deployment_status_results, false);55 56 50 /* max() + 1 doesn't work well when max() returns a String 57 51 if ("$node_id" == "new") { // Allow user to get a valide node_id … … 63 57 */ 64 58 59 $smarty->assign("title", _("Add a new hotspot with")); 65 60 $smarty->assign("node_id", $node_id); 61 $smarty->assign('node_deployment_status', Node::GetAllDeploymentStatus()); 62 $smarty->display("admin/templates/hotspot_edit.html"); 66 63 67 foreach($node_deployment_status_results as $status) {68 $smarty->append('node_deployment_status', "$status[node_deployment_status]");69 }70 71 $smarty->display("admin/templates/hotspot_edit.html");72 64 } elseif ($action=='owner') { // Display hotspot owner list and add form 73 65 $smarty->assign("title", "Owner hotspot with"); … … 131 123 } 132 124 133 $db->ExecSql("SELECT node_id, name, creation_date from nodes", $node_results, false);125 //$db->ExecSql("SELECT node_id, name, creation_date from nodes", $node_results, false); 134 126 135 if (is_array($node_results)) { // If no row return, $node_results will be NULL 136 $smarty->assign('nodes', $node_results); 127 //$node = Node::GetObject('default'); 128 129 //if (is_array($node_results)) { // If no row return, $node_results will be NULL 130 $nodes = Node::GetAllNodes(); 131 if (is_array($nodes)) { 132 $smarty->assign('nodes', $nodes); 137 133 //foreach($node_results as $node_row) { 138 134 // $smarty->append("nodes", $node_row); -
trunk/wifidog-auth/wifidog/admin/import_user_database.php
r401 r402 169 169 { 170 170 $status = ACCOUNT_STATUS_ALLOWED; 171 $token = gentoken();171 $token = User::generateToken(); 172 172 $reg_date = iso8601_date(time()); 173 173 $password_hash = $db->EscapeString($user['passwd_hash']); -
trunk/wifidog-auth/wifidog/admin/templates/hotspot_edit.html
r398 r402 1 1 {include file="templates/header.html" title="Hotspot administration"} 2 3 {node->GetID assign="node_id"} 4 {node->GetDeploymentStatus assign="deployment_status"} 2 5 3 6 <h3>{$title} {$smarty.const.HOTSPOT_NETWORK_NAME}</h3> … … 12 15 <!-- Tmp work around to disable the hotspot ID --> 13 16 {if $node_id == "new"} 14 <td><input type="text" name="new_node_id" value="{ $node.node_id}"> {* $javascript *}</td><tr>17 <td><input type="text" name="new_node_id" value="{node->GetID}"> {* $javascript *}</td><tr> 15 18 {else} 16 <td><input type="text" value="{ $node.node_id}" DISABLED><input type="hidden" name="new_node_id" value="{$node.node_id}"></td><tr>19 <td><input type="text" value="{node->GetID}" DISABLED><input type="hidden" name="new_node_id" value="{node->GetID}"></td><tr> 17 20 {/if} 18 21 <tr> 19 22 <td>{"Name"|_}:</td> 20 <td><input type="text" name="name" value="{$node.name}"></td><tr> 23 <td><input type="text" name="name" value="{node->GetName}"></td> 24 </tr> 21 25 <tr> 22 26 <td>{"RSS URL"|_}:</td> 23 <td><input type="text" name="rss_url" value="{$node.rss_url}"></td><tr> 27 <td><input type="text" name="rss_url" value="{node->GetRSSURL}"></td> 28 </tr> 24 29 <tr> 25 30 <td>{"Homepage URL"|_}</td> 26 <td><input type="text" name="home_page_url" value="{$node.home_page_url}"></td><tr> 31 <td><input type="text" name="home_page_url" value="{node->GetHomeURL}"></td> 32 </tr> 27 33 <tr> 28 34 <td>{"Description"|_}</td> 29 <td><input type="text" name="description" value="{$node.description}"></td><tr> 35 <td><input type="text" name="description" value="{node->GetDescription}"></td> 36 </tr> 30 37 <tr> 31 38 <td>{"Map URL"|_}</td> 32 <td><input type="text" name="map_url" value="{$node.map_url}"></td><tr> 39 <td><input type="text" name="map_url" value="{node->GetMapURL}"></td> 40 </tr> 33 41 <tr> 34 42 <td>{"Street address"|_}</td> 35 <td><input type="text" name="street_address" value="{$node.street_address}"></td><tr> 43 <td><input type="text" name="street_address" value="{node->GetStreetAddress}"></td> 44 </tr> 36 45 <tr> 37 46 <td>{"Public phone number"|_}</td> 38 <td><input type="text" name="public_phone_number" value="{$node.public_phone_number}"></td><tr> 47 <td><input type="text" name="public_phone_number" value="{node->GetPhoneNumber}"></td> 48 </tr> 39 49 <tr> 40 50 <td>{"Public email"|_}</td> 41 <td><input type="text" name="public_email" value="{$node.public_email}"></td><tr> 51 <td><input type="text" name="public_email" value="{node->GetEmail}"></td> 52 </tr> 42 53 <tr> 43 54 <td>{"Mass transit info"|_}</td> 44 <td><input type="text" name="mass_transit_info" value="{$node.mass_transit_info}"></td><tr> 55 <td><input type="text" name="mass_transit_info" value="{node->GetPublicTransit}"></td> 56 </tr> 45 57 <tr> 46 58 <td>{"Node deployment status"|_}</td> 47 <td><select name="node_deployment_status"> 48 {html_options values=$node_deployment_status output=$node_deployment_status selected=$node.node_deployment_status} 49 </select> 59 <td> 60 <select name="node_deployment_status"> 61 {html_options values=$node_deployment_status output=$node_deployment_status selected=$deployment_status} 62 </select> 50 63 </td> 51 64 </tr> -
trunk/wifidog-auth/wifidog/change_password.php
r347 r402 26 26 define('BASEPATH','./'); 27 27 require_once BASEPATH.'include/common.php'; 28 require_once BASEPATH.'classes/SmartyWifidog.php'; 29 require_once BASEPATH.'classes/Security.php'; 30 31 $smarty = new SmartyWifidog; 32 $session = new Session; 33 34 include BASEPATH.'include/language.php'; 35 include BASEPATH.'include/mgmt_helpers.php'; 28 require_once BASEPATH.'include/common_interface.php'; 29 require_once BASEPATH.'classes/User.php'; 36 30 37 31 isset($_REQUEST["username"]) && $smarty->assign("username", $_REQUEST["username"]); 38 32 39 33 if (isset($_REQUEST["submit"])) { 40 $user_info = null; 41 if ($_REQUEST["username"] && $_REQUEST["oldpassword"] && $_REQUEST["newpassword"] && $_REQUEST["newpassword_again"]) { 34 try { 35 if (!$_REQUEST["username"] || !$_REQUEST["oldpassword"] || !$_REQUEST["newpassword"] || !$_REQUEST["newpassword_again"]) 36 throw new Exception(_('You MUST fill in all the fields.')); 37 $username = $db->EscapeString(trim($_REQUEST['username'])); 42 38 $current_password = $db->EscapeString(trim($_REQUEST['oldpassword'])); 43 39 $new_password = $db->EscapeString(trim($_REQUEST['newpassword'])); 44 40 45 $user_info = null; 46 $db->ExecSqlUniqueRes("SELECT * FROM users WHERE user_id='{$_REQUEST["username"]}'", $user_info, false); 47 if ($user_info == null) { 48 $smarty->assign("error", _("Unable to find ") . $_REQUEST["username"] . _(" in the database.")); 49 } else { 50 $user_info = null; 51 $current_password_hash = get_password_hash($current_password); 52 $db->ExecSqlUniqueRes("SELECT * FROM users WHERE user_id='{$_REQUEST["username"]}' AND pass='$current_password_hash'", $user_info, false); 53 if ($user_info == null) { 54 $smarty->assign("error", _("Wrong password.")); 55 } else { 56 if ($_REQUEST["newpassword"] != $_REQUEST["newpassword_again"]) { 57 $smarty->assign("error", _("Passwords do not match.")); 58 } else { 59 $new_password_hash = get_password_hash($new_password); 60 $update_successful = $db->ExecSqlUpdate("UPDATE users SET pass='$new_password_hash' WHERE user_id='{$user_info["user_id"]}'"); 61 if ($update_successful) { 62 $smarty->append("message", _("Your password has been changed succesfully.")); 63 $smarty->display("templates/validate.html"); 64 exit; 65 } else { 66 $smarty->assign("error", _("Could not change your password")); 67 } 68 } 69 } 70 } 71 } else { 72 $smarty->assign("error", _("Your MUST fill in all the fields")); 41 if ($_REQUEST["newpassword"] != $_REQUEST["newpassword_again"]) 42 throw new Exception(_("Passwords do not match.")); 43 44 $user = User::getUserById($username); 45 if ($user->getPasswordHash() != User::passwordHash($current_password)) 46 throw new Exception(_("Wrong password.")); 47 48 $user->SetPassword($new_password); 49 $smarty->assign("message", _("Your password has been changed succesfully.")); 50 $smarty->display("templates/validate.html"); 51 exit; 52 } catch (Exception $e) { 53 $smarty->assign("error", $e->getMessage()); 73 54 } 74 55 } 75 76 56 $smarty->display("templates/change_password.html"); 77 57 ?> -
trunk/wifidog-auth/wifidog/classes/Node.php
r400 r402 26 26 27 27 /** Abstract a Node. A Node is an actual physical transmitter. */ 28 class Node {28 class Node { 29 29 private $mRow; 30 30 private $mId; … … 34 34 * @return a Node object, or null if there was an error 35 35 */ 36 static function GetObject($id) 37 { 36 static function getObject($id) { 38 37 $object = null; 39 38 $object = new self($id); … … 45 44 * @return the newly created Node object, or null if there was an error 46 45 */ 47 static function CreateObject($id) 48 { 46 static function createObject($id) { 47 global $db; 48 49 49 $object = null; 50 50 $id_str = $db->EscapeString($id); … … 56 56 57 57 /** @param $node_id The id of the node */ 58 function __construct($node_id) 59 {58 function __construct($node_id) { 59 global $db; 60 60 $node_id_str = $db->EscapeString($node_id); 61 $sql = "SELECT * fromnodes WHERE node_id='$node_id_str'";61 $sql = "SELECT * FROM nodes WHERE node_id='$node_id_str'"; 62 62 $db->ExecSqlUniqueRes($sql, $row, false); 63 if ($row==null) 64 { 65 throw new Exception(_("The id $node_id_str could not be found in the database"), "EXCEPTION_CREATE_OBJECT_FAILED"); 66 } 67 $this -> mRow=$row; 68 $this -> mId=$row['node_id']; 63 if ($row == null) { 64 throw new Exception(_("The id $node_id_str could not be found in the database"), "EXCEPTION_CREATE_OBJECT_FAILED"); 65 } 66 $this->mRow = $row; 67 $this->mId = $row['node_id']; 69 68 }//End class 70 69 71 /** Return the name of the node 72 */ 73 function GetName() 74 { 75 return $this -> mRow['name']; 70 /** Return the name of the node 71 */ 72 function getName() { 73 return $this->mRow['name']; 76 74 } 75 76 function getID() { 77 return $this->mRow['node_id']; 78 } 79 80 function getRSSURL() { 81 return $this->mRow['rss_url']; 82 } 83 84 function getEmail() { 85 return $this->mRow['public_email']; 86 } 87 88 function getDeploymentStatus() { 89 return $this->mRow['node_deployment_status']; 90 } 91 92 /** Return all the nodes 93 */ 94 static function getAllNodes() { 95 global $db; 96 97 $db->ExecSql("SELECT * FROM nodes", $nodes, false); 98 if ($nodes == null) { 99 throw new Exception(_("No nodes could not be found in the database"), "EXCEPTION_NO_NODES"); 100 } 101 return $nodes; 102 } 103 104 static function getAllDeploymentStatus() { 105 global $db; 106 107 $db->ExecSql("SELECT * FROM node_deployment_status", $statuses, false); 108 if ($statuses == null) { 109 throw new Exception(_("No deployment statues could be found in the database"), "EXCEPTION_NO_STATUSES"); 110 } 111 $statuses_array = array(); 112 foreach ($statuses as $status) { 113 array_push($statuses_array, $status['node_deployment_status']); 114 } 115 return $statuses_array; 116 } 117 118 function getOnlineUsers() { 119 global $db; 120 $db->ExecSql("SELECT users.user_id FROM users,connections WHERE connections.token_status='" . TOKEN_INUSE . "' AND users.user_id=connections.user_id AND connections.node_id='{$this->mId}'", $users, false); 121 return $users; 122 } 123 77 124 }// End class 78 125 ?> -
trunk/wifidog-auth/wifidog/classes/SmartyWifidog.php
r323 r402 114 114 115 115 $this->assign('hotspot_id', CURRENT_NODE_ID); 116 global $db;117 $db->ExecSqlUniqueRes("SELECT * FROM nodes WHERE node_id='". $db->EscapeString(CURRENT_NODE_ID)."'", $node_info);118 if($node_info==null)119 {120 $this->assign('hotspot_name', UNKNOWN_HOSTPOT_NAME);121 }122 else123 {124 $this->assign('hotspot_name', $node_info['name']);125 }126 116 } 127 117 -
trunk/wifidog-auth/wifidog/gw_message.php
r390 r402 26 26 define('BASEPATH','./'); 27 27 require_once BASEPATH.'include/common.php'; 28 require_once BASEPATH.'classes/SmartyWifidog.php'; 29 require_once BASEPATH.'classes/Security.php'; 30 31 $smarty = new SmartyWifidog; 32 $session = new Session; 33 34 include BASEPATH.'include/language.php'; 28 require_once BASEPATH.'include/common_interface.php'; 35 29 36 30 if (isset($_REQUEST["message"]) { -
trunk/wifidog-auth/wifidog/hotspot_status.php
r341 r402 26 26 define('BASEPATH','./'); 27 27 require_once BASEPATH.'include/common.php'; 28 require_once BASEPATH.'classes/Statistics.php'; 29 require_once BASEPATH.'classes/SmartyWifidog.php'; 30 31 $smarty = new SmartyWifidog; 32 $session = new Session(); 33 $stats = new Statistics(); 34 35 include BASEPATH.'include/language.php'; 28 require_once BASEPATH.'include/common_interface.php'; 36 29 37 30 if(!empty($_REQUEST['format'])) { -
trunk/wifidog-auth/wifidog/include/common.php
r352 r402 115 115 define('COMMON_CONTENT_URL', BASE_URL_PATH.LOCAL_CONTENT_REL_PATH.'common/'); 116 116 117 function gentoken()118 {119 return md5(uniqid(rand(),1));120 }121 122 /** Returns the hash of the password suitable for storing or comparing in the database.123 * @return The 32 character hash.124 */125 function get_password_hash($password)126 {127 return base64_encode(pack("H*", md5($password)));128 }129 130 117 /** Convert a password hash form a NoCat passwd file into the same format as get_password_hash(). 131 118 * @return The 32 character hash. -
trunk/wifidog-auth/wifidog/index.php
r316 r402 25 25 define('BASEPATH', './'); 26 26 require_once BASEPATH.'include/common.php'; 27 require_once BASEPATH.'classes/Statistics.php'; 28 require_once BASEPATH.'classes/SmartyWifidog.php'; 27 require_once BASEPATH.'include/common_interface.php'; 29 28 30 $smarty = new SmartyWifidog; 31 $session = new Session(); 32 $stats = new Statistics(); 33 34 include BASEPATH.'include/language.php'; 29 require_once BASEPATH.'classes/Node.php'; 35 30 36 31 $smarty->assign("num_valid_users", $stats->getNumValidUsers()); 37 32 $smarty->assign("num_online_users", $stats->getNumOnlineUsers($node_id = null)); 38 33 39 $smarty->assign("title", "authentication server");34 $smarty->assign("title", _("authentication server")); 40 35 $smarty->display("templates/main.html"); 41 36 ?> -
trunk/wifidog-auth/wifidog/login/index.php
r364 r402 26 26 define('BASEPATH','../'); 27 27 require_once BASEPATH.'include/common.php'; 28 require_once BASEPATH.' classes/SmartyWifidog.php';28 require_once BASEPATH.'include/common_interface.php'; 29 29 require_once BASEPATH.'classes/Security.php'; 30 31 $smarty = new SmartyWifidog; 32 $session = new Session; 33 34 include BASEPATH.'include/language.php'; 35 36 $login_successful = false; 37 $login_failed_message = ''; 30 require_once BASEPATH.'classes/Node.php'; 31 require_once BASEPATH.'classes/User.php'; 38 32 39 33 if (!empty($_REQUEST['url'])) { … … 44 38 $security = new Security(); 45 39 $username = $db->EscapeString($_REQUEST['username']); 46 $password_hash = get_password_hash($_REQUEST['password']);40 $password_hash = User::passwordHash($_REQUEST['password']); 47 41 $db->ExecSqlUniqueRes("SELECT *, CASE WHEN ((NOW() - reg_date) > interval '".VALIDATION_GRACE_TIME." minutes') THEN true ELSE false END AS validation_grace_time_expired FROM users WHERE (user_id='$username' OR email='$username') AND pass='$password_hash'", $user_info, false); 48 42 … … 52 46 $smarty->assign("error", _("Sorry, your $validation_grace_time minutes grace period to retrieve your email and validate your account has now expired. ($validation_grace_time min grace period started on $user_info[reg_date]). You will have to connect to the internet and validate your account from another location.")); 53 47 } else { 54 $token = gentoken(); 55 if ($_REQUEST['gw_id']) { 56 $node_id = $db->EscapeString($_REQUEST['gw_id']); 57 } 48 $token = User::generateToken(); 58 49 if ($_SERVER['REMOTE_ADDR']) { 59 50 $node_ip = $db->EscapeString($_SERVER['REMOTE_ADDR']); 60 51 } 61 $db->ExecSqlUpdate("INSERT INTO connections (user_id, token, token_status, timestamp_in, node_id, node_ip, last_updated) VALUES ('{$user_info['user_id']}', '$token', '" . TOKEN_UNUSED . "', NOW(), '$node_id', '$node_ip', NOW())"); 62 63 $login_successful = true; 52 if (isset($_REQUEST['gw_id']) && $_REQUEST['gw_id']) { 53 $node_id = $db->EscapeString($_REQUEST['gw_id']); 54 $db->ExecSqlUpdate("INSERT INTO connections (user_id, token, token_status, timestamp_in, node_id, node_ip, last_updated) VALUES ('{$user_info['user_id']}', '$token', '" . TOKEN_UNUSED . "', NOW(), '$node_id', '$node_ip', NOW())"); 55 } 56 64 57 $security->login($username, $password_hash); 65 header("Location: http://" . $_REQUEST['gw_address'] . ":" . $_REQUEST['gw_port'] . "/wifidog/auth?token=$token"); 58 if (isset($_REQUEST['gw_address']) && isset($_REQUEST['gw_port'])) { 59 header("Location: http://" . $_REQUEST['gw_address'] . ":" . $_REQUEST['gw_port'] . "/wifidog/auth?token=$token"); 60 } else { 61 /* Virtual login */ 62 header("Location: ".BASE_NON_SSL_PATH); 63 } 66 64 exit; 67 65 } … … 78 76 } 79 77 78 if (isset($_REQUEST['gw_id'])) { 79 $smarty->assign("gw_id", $_REQUEST['gw_id']); 80 81 $node = Node::getObject($db->EscapeString(CURRENT_NODE_ID)); 82 if ($node == null) { 83 $smarty->display("templates/message_unknown_hotspot.html"); 84 exit; 85 } else { 86 $smarty->assign('hotspot_name', $node->getName()); 87 } 88 } else { 89 /* Gateway ID is not set... Virtual login */ 90 $smarty->display("templates/login_virtual.html"); 91 exit; 92 } 93 80 94 isset($_REQUEST["username"]) && $smarty->assign('username', $_REQUEST["username"]); 81 95 isset($_REQUEST["gw_address"]) && $smarty->assign('gw_address', $_REQUEST['gw_address']); 82 96 isset($_REQUEST["gw_port"]) && $smarty->assign('gw_port', $_REQUEST['gw_port']); 83 97 isset($_REQUEST["gw_id"]) && $smarty->assign('gw_id', $_REQUEST['gw_id']); 84 98 85 99 $smarty->display("templates/".LOGIN_PAGE_NAME); 86 100 ?> -
trunk/wifidog-auth/wifidog/lost_password.php
r347 r402 26 26 define('BASEPATH','./'); 27 27 require_once BASEPATH.'include/common.php'; 28 require_once BASEPATH.' classes/SmartyWifidog.php';29 require_once BASEPATH.'classes/ Security.php';28 require_once BASEPATH.'include/common_interface.php'; 29 require_once BASEPATH.'classes/User.php'; 30 30 31 $smarty = new SmartyWifidog; 32 $session = new Session; 31 if (isset($_REQUEST['submit'])) { 32 if (!$_REQUEST['username'] && !$_REQUEST['email']) { 33 $smarty->assign("error", _("Please specify a username or email address")); 34 } else { 35 $username = $db->EscapeString($_REQUEST['username']); 36 $email = $db->EscapeString($_REQUEST['email']); 33 37 34 include BASEPATH.'include/language.php'; 35 include BASEPATH.'include/mgmt_helpers.php'; 36 37 if (isset($_REQUEST["submit"])) { 38 $user_info = null; 39 if ($_REQUEST["username"]) { 40 $db->ExecSqlUniqueRes("SELECT * FROM users WHERE user_id='$username'", $user_info, false); 41 if ($user_info == null) { 42 $smarty->assign("error", _("Unable to find ") . $_REQUEST["username"] . _(" in the database.")); 43 } else { 44 send_lost_password_email($user_info["email"]); 38 try { 39 $username && $user = User::getUserByID($username); 40 $email && $user = User::getUserByEmail($email); 41 $user->sendLostPasswordEmail(); 42 $smarty->assign('message', _('A new password has been emailed to you.')); 43 $smarty->display('templates/validate.html'); 44 exit; 45 } catch (Exception $e) { 46 $smarty->assign("error", $e->getMessage()); 45 47 } 46 } else if ($_REQUEST["email"]) {47 $db->ExecSqlUniqueRes("SELECT * FROM users WHERE email='$email'", $user_info, false);48 if ($user_info == null) {49 $smarty->assign("error", _("Unable to find ") . $_REQUEST["email"] . _(" in the database."));50 } else {51 send_lost_password_email($user_info["email"]);52 }53 } else {54 $smarty->assign("error", _("Please specify a username or email address"));55 48 } 56 49 } -
trunk/wifidog-auth/wifidog/lost_username.php
r347 r402 26 26 define('BASEPATH','./'); 27 27 require_once BASEPATH.'include/common.php'; 28 require_once BASEPATH.'classes/SmartyWifidog.php'; 29 require_once BASEPATH.'classes/Security.php'; 30 31 $smarty = new SmartyWifidog; 32 $session = new Session; 33 34 include BASEPATH.'include/language.php'; 35 include BASEPATH.'include/mgmt_helpers.php'; 28 require_once BASEPATH.'include/common_interface.php'; 29 require_once BASEPATH.'classes/User.php'; 36 30 37 31 if (isset($_REQUEST["submit"])) { 38 if (!$_REQUEST["email"]) { 39 $smarty->assign("error", _("Please specify an email address")); 40 } else { 41 send_lost_username_email($_REQUEST["email"]); 32 try { 33 if (!$_REQUEST["email"]) 34 throw new Exception(_("Please specify an email address")); 35 36 $user = User::getUserByEmail($_REQUEST['email']); 37 $user->sendLostUsername(); 38 $smarty->assign("message", _("Your username has been emailed to you.")); 39 $smarty->display("templates/validate.html"); 40 exit; 41 } catch (Exception $e) { 42 $smarty->assign("error", $e->getMessage()); 42 43 } 43 44 } -
trunk/wifidog-auth/wifidog/node_list.php
r316 r402 26 26 define('BASEPATH','./'); 27 27 require_once BASEPATH.'include/common.php'; 28 require_once BASEPATH.'classes/Statistics.php'; 29 require_once BASEPATH.'classes/SmartyWifidog.php'; 30 31 $smarty = new SmartyWifidog; 32 $session = new Session(); 33 $stats = new Statistics(); 34 35 include BASEPATH.'include/language.php'; 28 require_once BASEPATH.'include/common_interface.php'; 36 29 37 30 $db->ExecSql("SELECT node_id, name, last_heartbeat_user_agent, (NOW()-last_heartbeat_timestamp) AS since_last_heartbeat, last_heartbeat_ip, CASE WHEN ((NOW()-last_heartbeat_timestamp) < interval '5 minutes') THEN true ELSE false END AS is_up, creation_date FROM nodes ORDER BY node_id", $node_results, false); -
trunk/wifidog-auth/wifidog/portal/index.php
r368 r402 26 26 define('BASEPATH','../'); 27 27 require_once BASEPATH.'include/common.php'; 28 require_once BASEPATH.' classes/SmartyWifidog.php';29 require_once BASEPATH.'classes/ Session.php';28 require_once BASEPATH.'include/common_interface.php'; 29 require_once BASEPATH.'classes/Node.php'; 30 30 31 31 if (CONF_USE_CRON_FOR_DB_CLEANUP == false) { … … 33 33 } 34 34 35 $smarty = new SmartyWifidog; 36 $session = new Session;37 38 include BASEPATH.'include/language.php'; 35 if (!isset($_REQUEST['gw_id'])) { 36 $smarty->display("templates/message_unknown_hotspot.html"); 37 exit; 38 } 39 39 40 40 $portal_template = $_REQUEST['gw_id'] . ".html"; 41 41 $node_id = $db->EscapeString($_REQUEST['gw_id']); 42 $db->ExecSqlUniqueRes("SELECT * FROM nodes WHERE node_id='$node_id'", $node_info); 43 if ($node_info == null) { 44 $smarty->assign('hotspot_name', UNKNOWN_HOSTPOT_NAME); 45 $hotspot_rss_url = UNKNOWN_HOTSPOT_RSS_URL; 46 } else { 47 $smarty->assign('hotspot_name', $node_info['name']); 48 $hotspot_rss_url = $node_info['rss_url']; 42 43 $node = Node::getObject($node_id); 44 if ($node == null) { 45 $smarty->assign("gw_id", $_REQUEST['gw_id']); 46 $smarty->display("templates/message_unknown_hotspot.html"); 47 exit; 49 48 } 50 49 50 $smarty->assign('hotspot_name', $node->getName()); 51 $hotspot_rss_url = $node->getRSSURL(); 52 51 53 /* Find out who is online */ 52 $db->ExecSql("SELECT users.user_id FROM users,connections WHERE connections.token_status='" . TOKEN_INUSE . "' AND users.user_id=connections.user_id AND connections.node_id='$node_id'", $users, false); 53 if ($users != null) { 54 $smarty->assign("online_users", $users); 55 } 54 $smarty->assign("online_users", $node->getOnlineUsers()); 56 55 57 56 if (RSS_SUPPORT) { -
trunk/wifidog-auth/wifidog/resend_validation.php
r347 r402 26 26 define('BASEPATH','./'); 27 27 require_once BASEPATH.'include/common.php'; 28 require_once BASEPATH.'classes/SmartyWifidog.php'; 29 require_once BASEPATH.'classes/Security.php'; 30 31 $smarty = new SmartyWifidog; 32 $session = new Session; 33 34 include BASEPATH.'include/language.php'; 35 include BASEPATH.'include/mgmt_helpers.php'; 28 require_once BASEPATH.'include/common_interface.php'; 29 require_once BASEPATH.'classes/User.php'; 36 30 37 31 if (isset($_REQUEST["submit"])) { … … 39 33 $smarty->assign("error", _("Please specify a username")); 40 34 } else { 41 $user_info = null; 42 $db->ExecSqlUniqueRes("SELECT * FROM users WHERE user_id='{$_REQUEST["username"]}'", $user_info, false); 43 if ($user_info == null) { 44 $smarty->assign("error", _("Unable to find ") . $_REQUEST["username"] . _(" in the database") . "."); 45 } else { 46 send_validation_email($user_info["email"]); 35 try { 36 $user = User::getUserById($_REQUEST['username']); 37 $user->sendValidationEmail(); 38 $smarty->assign('message', _("An email with confirmation instructions was sent to your email address.")); 39 $smarty->display("templates/validate.html"); 40 exit; 41 } catch (Exception $e) { 42 $smarty->assign('error', $e->getMessage()); 47 43 } 48 44 } -
trunk/wifidog-auth/wifidog/signup.php
r349 r402 26 26 define('BASEPATH','./'); 27 27 require_once BASEPATH.'include/common.php'; 28 require_once BASEPATH.' classes/SmartyWifidog.php';29 require_once BASEPATH.'classes/ Security.php';28 require_once BASEPATH.'include/common_interface.php'; 29 require_once BASEPATH.'classes/User.php'; 30 30 31 $smarty = new SmartyWifidog; 32 $session = new Session; 31 function validate_username($username) { 32 if (!isset($username) || !$username) 33 throw new Exception(_('Username is required.')); 33 34 34 include BASEPATH.'include/language.php'; 35 include BASEPATH.'include/mgmt_helpers.php'; 35 if (!ereg("^[0-9a-zA-Z_]*$", $username)) 36 throw new Exception(_('Username contains invalid characters.')); 37 } 38 39 function validate_email($email) { 40 if (!isset($email) || !$email) 41 throw new Exception(_("A valid email address is required.")); 42 43 if (!ereg("^.*@.*\..*$", $email)) 44 throw new Exception(_("The email address must be of the form user@domain.com.")); 45 } 46 47 function validate_passwords($password, $password_again) { 48 if (!isset($password) || !$password) 49 throw new Exception(_("A password of at least 6 characters is required.")); 50 51 if (!ereg("^[0-9a-zA-Z]*$", $password)) 52 throw new Exception(_("Password contains invalid characters.")); 53 54 if (!isset($password_again)) 55 throw new Exception(_("You must type your password twice.")); 56 57 if ($password != $password_again) 58 throw new Exception(_("Passwords do not match.")); 59 60 if (strlen($password) < 6) 61 throw new Exception(_("Password is too short, it must be 6 characters minimum.")); 62 } 36 63 37 64 if (isset($_REQUEST["submit"])) { 65 $username = trim($_REQUEST['username']); 66 $email = trim($_REQUEST['email']); 67 $password = trim($_REQUEST['password']); 68 $password_again = trim($_REQUEST['password_again']); 69 $smarty->assign('username', $username); 70 $smarty->assign('email', $email); 38 71 39 isset($_REQUEST["username"]) && $smarty->assign("username", $_REQUEST["username"]); 40 isset($_REQUEST["email"]) && $smarty->assign("email", $_REQUEST["email"]); 72 try { 73 validate_username($username); 74 validate_email($email); 75 validate_passwords($password, $password_again); 41 76 42 if (!isset($_REQUEST["username"]) || !$_REQUEST["username"]) { 43 $smarty->assign("error", _("Username is required.")); 44 } else if (!ereg("^[0-9a-zA-Z]*$", $_REQUEST["username"])) { 45 $smarty->assign("error", _("Username contains invalid characters.")); 46 } else if (!isset($_REQUEST["email"]) || !$_REQUEST["email"]) { 47 $smarty->assign("error", _("A valid email address is required.")); 48 } else if (!ereg("^.*@.*\..*$", $_REQUEST["email"])) { 49 $smarty->assign("error", _("The email address must be of the form user@domain.com.")); 50 } else if (!isset($_REQUEST["password"]) || !$_REQUEST["password"]) { 51 $smarty->assign("error", _("A password of at least 6 characters is required.")); 52 } else if (!ereg("^[0-9a-zA-Z]*$", $_REQUEST["password"])) { 53 $smarty->assign("error", _("Password contains invalid characters.")); 54 } else if (!isset($_REQUEST["password_again"])) { 55 $smarty->assign("error", _("You must type your password twice.")); 56 } else if ($_REQUEST["password"] != $_REQUEST["password_again"]) { 57 $smarty->assign("error", _("Passwords do not match.")); 58 } else if (strlen($_REQUEST["password"]) < 6) { 59 $smarty->assign("error", _("Password is too short, it must be 6 characters minimum.")); 60 } else { 61 /* Everything is ok */ 62 $_REQUEST["username"] = trim($_REQUEST["username"]); 63 $_REQUEST["email"] = trim($_REQUEST["email"]); 64 $password = $db->EscapeString($_REQUEST['password']); 65 $db->ExecSqlUniqueRes("SELECT * FROM users WHERE user_id='{$_REQUEST["username"]}'", $user_info_username, false); 66 $db->ExecSqlUniqueRes("SELECT * FROM users WHERE email='{$_REQUEST["email"]}'", $user_info_email, false); 67 if ($user_info_username != null) { 68 $smarty->assign("error", _("Sorry, a user account is already associated to this username. Pick another one.")); 69 } else if ($user_info_email) { 70 $smarty->assign("error", _("Sorry, this email address is already registered.")); 71 $smarty->append("choice", array( 72 "description" => _("Email me my username"), 73 "link" => "mail_username.php", 74 ) 75 ); 76 } else { 77 $status = ACCOUNT_STATUS_VALIDATION; 78 $token = gentoken(); 79 $password_hash = get_password_hash($_REQUEST["password"]); 80 $update_successful = $db->ExecSqlUpdate("INSERT INTO users (user_id,email,pass,account_status,validation_token,reg_date) VALUES ('{$_REQUEST["username"]}','{$_REQUEST["email"]}','$password_hash','{$status}','{$token}',NOW())"); 81 if ($update_successful) { 82 send_validation_email($_REQUEST["email"]); 83 } else { 84 $smarty->assign("error", _("An internal error occured, please contact us.")); 85 } 86 } 77 if (User::UserExists($username)) 78 throw new Exception(_("Sorry, a user account is already associated to this username. Pick another one.")); 79 80 if (User::EmailExists($email)) 81 throw new Exception(_("Sorry, a user account is already associated to this email address.")); 82 83 $user = User::CreateUser($username, $email, $password); 84 $user->sendValidationEmail(); 85 $smarty->assign('message', _('An email with confirmation instructions was sent to your email address. Your account has been granted 15 minutes of access to retrieve your email and validate your account. You may now open a browser window and go to any remote Internet address to obtain the login page.')); 86 $smarty->display("templates/validate.html"); 87 exit; 88 } catch (Exception $e) { 89 $smarty->assign('error', $e->getMessage()); 87 90 } 88 91 } -
trunk/wifidog-auth/wifidog/templates/header.html
r316 r402 15 15 16 16 <div id='navLeft'> 17 {if $auth_user} 18 <p style="font-size: 75%;">{"Logged in as:"|_} <b>{$auth_user}</b></p> 19 {else} 20 <p style="font-size: 75%;">{"NOT logged in."|_} <b><a href="{$smarty.const.BASE_NON_SSL_PATH}login/">{"Login?"|_}</a></b></p> 21 {/if} 17 22 {include file="templates/lang_menu.html"} 18 23 {include file="templates/user_management_menu.html"} -
trunk/wifidog-auth/wifidog/templates/user_management_menu.html
r383 r402 6 6 <h4>{"User management"|_}</h4> 7 7 <ul> 8 {if !$auth_user} 8 9 <li><a href='{$smarty.const.BASE_SSL_PATH}signup.php'>{"Create new account"|_}</a></li> 9 10 <li><a href='{$smarty.const.BASE_SSL_PATH}resend_validation.php'>{"Re-send validation email"|_}</a></li> 10 11 <li><a href='{$smarty.const.BASE_SSL_PATH}lost_username.php'>{"Lost username"|_}</a></li> 11 12 <li><a href='{$smarty.const.BASE_SSL_PATH}lost_password.php'>{"Lost password"|_}</a></li> 13 {/if} 12 14 <li><a href='{$smarty.const.BASE_SSL_PATH}change_password.php'>{"Change password"|_}</a></li> 13 15 </ul> -
trunk/wifidog-auth/wifidog/templates/validate.html
r366 r402 1 1 {include file="templates/header_small.html"} 2 2 <div id="sent_validation"> 3 {section name=i loop=$message} 4 <p>{$message[i]}</p> 5 {/section} 3 <p>{$message|nl2br}</p> 6 4 </div> 7 5 {include file="templates/footer.html"} -
trunk/wifidog-auth/wifidog/validate.php
r344 r402 24 24 define('BASEPATH','./'); 25 25 require_once (BASEPATH.'/include/common.php'); 26 require_once BASEPATH.'classes/SmartyWifidog.php';27 require_once BASEPATH.'classes/Security.php';26 require_once (BASEPATH.'/include/common_interface.php'); 27 require_once (BASEPATH.'/classes/User.php'); 28 28 29 $smarty = new SmartyWifidog; 30 $session = new Session; 29 try { 30 if (!isset($_REQUEST["token"])) 31 throw new Exception(_('No token specified!')); 31 32 32 include BASEPATH.'include/language.php'; 33 34 if (!isset($_REQUEST["token"])) { 35 $smarty->append("message", _("No token specified!")); 36 } else if (!isset($_REQUEST["username"])) { 37 $smarty->append("message", _("No username specified!")); 38 } else { 39 $validation_token = $db->EscapeString($_REQUEST['token']); 40 $db->ExecSqlUniqueRes("SELECT * FROM users WHERE user_id='{$_REQUEST["username"]}' AND validation_token='{$validation_token}'", $user_info); 41 if ($user_info != null) { 42 if ($user_info['account_status'] == ACCOUNT_STATUS_ALLOWED) { 43 $smarty->append("message", _("Your account has already been activated.")); 44 } else { 45 $status = $db->EscapeString(ACCOUNT_STATUS_ALLOWED); 46 $update_successful = null; 47 $update_successful = $db->ExecSqlUpdate("UPDATE users SET account_status='{$status}' WHERE user_id='{$_REQUEST["username"]}' AND validation_token='$validation_token'"); 48 if ($update_successful) { 49 $smarty->append("message", _("Your account has been succesfully activated!")); 50 $smarty->append("message", _("You may now browse to a remote Internet address and take advantage of the free Internet access!")); 51 $smarty->append("message", _("If you get prompted for a login, enter the username and password you have just created.")); 52 } else { 53 $smarty->append("message", _("Internal Error")); 54 } 55 } 56 } else { 57 $smarty->append("message", _("Sorry, your validation token is not valid!")); 58 } 33 if (!isset($_REQUEST["username"])) 34 throw new Exception(_('No username specified!')); 35 36 $user = User::getUserById($_REQUEST['username']); 37 38 if ($db->EscapeString($_REQUEST['token']) != $user->getValidationToken()) 39 throw new Exception(_('The validation token does not match the one in the database.')); 40 41 if ($user->getAccountStatus() == ACCOUNT_STATUS_ALLOWED) 42 throw new Exception(_('Your account has already been activated.')); 43 44 $user->SetAccountStatus(ACCOUNT_STATUS_ALLOWED); 45 $smarty->assign('message', _("Your account has been succesfully activated!\n\nYou may now browse to a remote Internet address and take advantage of the free Internet access!\n\nIf you get prompted for a login, enter the username and password you have just created.")); 46 } catch (Exception $e) { 47 $smarty->assign('message', $e->getMessage()); 59 48 } 60 49
