This message is the same than :
http://forum.pfsense.org/index.php/topic,19926.0.html
Hi pfSense users!
I'm new to pfSense and want to customize the captive portal. I want it to do
a simple thing: users on the LAN are redirected to the captive portal which
ask them for their email address. If the address is valid, they are
logged-in, else a message warn them of invalid email address.
I created login.php, a simple form which auto-post $PORTAL_REDIRURL$ and
$PORTAL_ACTION$ (they are not replaced in another php-only page).
It seems that I cannot execute php script more than ~200 bytes long in
login.php: the start of them is interpreted, and after a certain point,
script content is outputed as-is in the html source. It's why it splitted
the code into 2 php files:
<form name="login_form" method="post" action="captiveportal-login.php">
<input type="hidden" name="portal_redirurl"
value="$PORTAL_REDIRURL$">
<input type="hidden" name="portal_action"
value="$PORTAL_ACTION$">
<input type=submit">
</form>
<script language="JavaScript">
login_form.submit();
</script>
I want the second file, *captiveportal-login.php* to ask for the email
address, and connect as a defined user (ie: guest). I think the better way
to do this is that the script itself check email address and post to
$PORTAL_ACTION$.
Here is the simplified code of *captiveportal-login.php*:
if (!isset($_POST["email"]))
{
showLoginForm($portal_action, $portal_redirurl);
die();
}
// Got a mail address
$email = trim($_POST["email"]);
// If email if invalid, shows a failure message
if (!validEmail($email))
{
showLoginForm($portal_action, $portal_redirurl, '<HTML>The mail you
entered is invalid!');
die();
}
// Got a valid email, post user and password to the portal login form
//*****************
echo "server respond: " . Post($portal_action ,
"auth_user=guest&auth_pass=passw0rd&redirurl=$portal_redirurl&accept=Continue");
//******************
/**
Validate an email address.
Provide email address (raw input)
Returns true if the email address has the email
address format and the domain exists.
*/
function validEmail($email)
{
[... check email and set result in $isValid]
return $isValid;
}
/**
* Shows the login form
*/
function showLoginForm($portal_action, $portal_redirurl, $message = "")
{
echo '
<h2>Login</h2>
<p>
Please enter your email address to log-in to the portal.<br />
<b>' . $message . '</b>
</p>
<p>
<form method="POST" action="captiveportal-login.php">
Email address:
<input type="text" name="email">
<input type="hidden" name="portal_action" value="' .
$portal_action . '">
<input type="hidden" name="portal_redirurl" value="' .
$portal_redirurl . '">
<input type="submit" value="Connect">
</form>
</p>';
}
/**
* POST content to a page
*/
function Post($url, $post)
{
$ch = curl_init($url);
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $post);
$result = curl_exec ($ch);
curl_close ($ch);
return $result;
}
?>
My problem come from the Post function: I tried curl, fopen, readfile,
exec(curl)... It can post to and get the response from an external page, but
when I try getting $PORTAL_ACTION$ (for me *http://1.2.3.4:8000*) I get an
error saying that the destination is unreacheable or a timeout, or simply
nothing (instead exec('ls') shows me a result).
Do you think this code is the best way to do email-authentification?
Do you know why curl sucks so much in local?
Thanks for your help !
