radius rest, check pppoe_username and pppoe_password. allow empty password for voucher
This commit is contained in:
Ibnu Maksum
parent
5e080f18fe
commit
0fa78966ef
139
radius.php
139
radius.php
@ -40,23 +40,67 @@ try {
|
|||||||
$password = _req('password');
|
$password = _req('password');
|
||||||
$CHAPassword = _req('CHAPassword');
|
$CHAPassword = _req('CHAPassword');
|
||||||
$CHAPchallenge = _req('CHAPchallenge');
|
$CHAPchallenge = _req('CHAPchallenge');
|
||||||
|
$isCHAP = false;
|
||||||
if (!empty($CHAPassword)) {
|
if (!empty($CHAPassword)) {
|
||||||
$c = ORM::for_table('tbl_customers')->select('password')->whereRaw("BINARY `username` = '$username'")->find_one();
|
$c = ORM::for_table('tbl_customers')->select('password')->select('pppoe_password')->whereRaw("BINARY `username` = '$username'")->find_one();
|
||||||
//if verified
|
if ($c) {
|
||||||
if (Password::chap_verify($c['password'], $CHAPassword, $CHAPchallenge)) {
|
if (Password::chap_verify($c['password'], $CHAPassword, $CHAPchallenge)) {
|
||||||
$password = $c['password'];
|
$password = $c['password'];
|
||||||
$isVoucher = false;
|
$isVoucher = false;
|
||||||
}else{
|
$isCHAP = true;
|
||||||
|
} else if (!empty($c['pppoe_password']) && Password::chap_verify($c['pppoe_password'], $CHAPassword, $CHAPchallenge)) {
|
||||||
|
$password = $c['pppoe_password'];
|
||||||
|
$isVoucher = false;
|
||||||
|
$isCHAP = true;
|
||||||
|
} else {
|
||||||
// check if voucher
|
// check if voucher
|
||||||
if (Password::chap_verify($username, $CHAPassword, $CHAPchallenge)) {
|
if (Password::chap_verify($username, $CHAPassword, $CHAPchallenge)) {
|
||||||
$isVoucher = true;
|
$isVoucher = true;
|
||||||
$password = $username;
|
$password = $username;
|
||||||
|
} else {
|
||||||
|
// no password is voucher
|
||||||
|
if (Password::chap_verify('', $CHAPassword, $CHAPchallenge)) {
|
||||||
|
$isVoucher = true;
|
||||||
|
$password = $username;
|
||||||
} else {
|
} else {
|
||||||
show_radius_result(['Reply-Message' => 'Username or Password is wrong'], 401);
|
show_radius_result(['Reply-Message' => 'Username or Password is wrong'], 401);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
if (empty($username) || empty($password)) {
|
$c = ORM::for_table('tbl_customers')->select('password')->select('pppoe_password')->whereRaw("BINARY `pppoe_username` = '$username'")->find_one();
|
||||||
|
if ($c) {
|
||||||
|
if (Password::chap_verify($c['password'], $CHAPassword, $CHAPchallenge)) {
|
||||||
|
$password = $c['password'];
|
||||||
|
$isVoucher = false;
|
||||||
|
$isCHAP = true;
|
||||||
|
} else if (!empty($c['pppoe_password']) && Password::chap_verify($c['pppoe_password'], $CHAPassword, $CHAPchallenge)) {
|
||||||
|
$password = $c['pppoe_password'];
|
||||||
|
$isVoucher = false;
|
||||||
|
$isCHAP = true;
|
||||||
|
} else {
|
||||||
|
// check if voucher
|
||||||
|
if (Password::chap_verify($username, $CHAPassword, $CHAPchallenge)) {
|
||||||
|
$isVoucher = true;
|
||||||
|
$password = $username;
|
||||||
|
} else {
|
||||||
|
// no password is voucher
|
||||||
|
if (Password::chap_verify('', $CHAPassword, $CHAPchallenge)) {
|
||||||
|
$isVoucher = true;
|
||||||
|
$password = $username;
|
||||||
|
} else {
|
||||||
|
show_radius_result(['Reply-Message' => 'Username or Password is wrong'], 401);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if (!empty($username) && empty($password)) {
|
||||||
|
// Voucher with empty password
|
||||||
|
$isVoucher = true;
|
||||||
|
$password = $username;
|
||||||
|
} else if (empty($username) || empty($password)) {
|
||||||
show_radius_result([
|
show_radius_result([
|
||||||
"control:Auth-Type" => "Reject",
|
"control:Auth-Type" => "Reject",
|
||||||
"reply:Reply-Message" => 'Login invalid......'
|
"reply:Reply-Message" => 'Login invalid......'
|
||||||
@ -90,25 +134,67 @@ try {
|
|||||||
$isVoucher = ($username == $password);
|
$isVoucher = ($username == $password);
|
||||||
$CHAPassword = _req('CHAPassword');
|
$CHAPassword = _req('CHAPassword');
|
||||||
$CHAPchallenge = _req('CHAPchallenge');
|
$CHAPchallenge = _req('CHAPchallenge');
|
||||||
|
$isCHAP = false;
|
||||||
if (!empty($CHAPassword)) {
|
if (!empty($CHAPassword)) {
|
||||||
$c = ORM::for_table('tbl_customers')->select('password')->whereRaw("BINARY `username` = '$username'")->find_one();
|
$c = ORM::for_table('tbl_customers')->select('password')->select('pppoe_password')->whereRaw("BINARY `username` = '$username'")->find_one();
|
||||||
//if verified
|
if ($c) {
|
||||||
if (Password::chap_verify($c['password'], $CHAPassword, $CHAPchallenge)) {
|
if (Password::chap_verify($c['password'], $CHAPassword, $CHAPchallenge)) {
|
||||||
$password = $c['password'];
|
$password = $c['password'];
|
||||||
$isVoucher = false;
|
$isVoucher = false;
|
||||||
}else{
|
$isCHAP = true;
|
||||||
|
} else if (!empty($c['pppoe_password']) && Password::chap_verify($c['pppoe_password'], $CHAPassword, $CHAPchallenge)) {
|
||||||
|
$password = $c['pppoe_password'];
|
||||||
|
$isVoucher = false;
|
||||||
|
$isCHAP = true;
|
||||||
|
} else {
|
||||||
// check if voucher
|
// check if voucher
|
||||||
if (Password::chap_verify($username, $CHAPassword, $CHAPchallenge)) {
|
if (Password::chap_verify($username, $CHAPassword, $CHAPchallenge)) {
|
||||||
$isVoucher = true;
|
$isVoucher = true;
|
||||||
$password = $username;
|
$password = $username;
|
||||||
|
} else {
|
||||||
|
// no password is voucher
|
||||||
|
if (Password::chap_verify('', $CHAPassword, $CHAPchallenge)) {
|
||||||
|
$isVoucher = true;
|
||||||
|
$password = $username;
|
||||||
} else {
|
} else {
|
||||||
show_radius_result(['Reply-Message' => 'Username or Password is wrong'], 401);
|
show_radius_result(['Reply-Message' => 'Username or Password is wrong'], 401);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
//if ($response == $CHAPr) { echo 'ok betul 100'; }else{ echo 'salah'; } // untuk keperluan debug
|
}
|
||||||
} else { //kalo chappassword kosong brrti eksekusi yg ini
|
} else {
|
||||||
|
$c = ORM::for_table('tbl_customers')->select('password')->select('pppoe_password')->whereRaw("BINARY `pppoe_username` = '$username'")->find_one();
|
||||||
if (empty($username) || empty($password)) {
|
if ($c) {
|
||||||
|
if (Password::chap_verify($c['password'], $CHAPassword, $CHAPchallenge)) {
|
||||||
|
$password = $c['password'];
|
||||||
|
$isVoucher = false;
|
||||||
|
$isCHAP = true;
|
||||||
|
} else if (!empty($c['pppoe_password']) && Password::chap_verify($c['pppoe_password'], $CHAPassword, $CHAPchallenge)) {
|
||||||
|
$password = $c['pppoe_password'];
|
||||||
|
$isVoucher = false;
|
||||||
|
$isCHAP = true;
|
||||||
|
} else {
|
||||||
|
// check if voucher
|
||||||
|
if (Password::chap_verify($username, $CHAPassword, $CHAPchallenge)) {
|
||||||
|
$isVoucher = true;
|
||||||
|
$password = $username;
|
||||||
|
} else {
|
||||||
|
// no password is voucher
|
||||||
|
if (Password::chap_verify('', $CHAPassword, $CHAPchallenge)) {
|
||||||
|
$isVoucher = true;
|
||||||
|
$password = $username;
|
||||||
|
} else {
|
||||||
|
show_radius_result(['Reply-Message' => 'Username or Password is wrong'], 401);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if (!empty($username) && empty($password)) {
|
||||||
|
// Voucher with empty password
|
||||||
|
$isVoucher = true;
|
||||||
|
$password = $username;
|
||||||
|
} else if (empty($username) || empty($password)) {
|
||||||
show_radius_result([
|
show_radius_result([
|
||||||
"control:Auth-Type" => "Reject",
|
"control:Auth-Type" => "Reject",
|
||||||
"reply:Reply-Message" => 'Login invalid......'
|
"reply:Reply-Message" => 'Login invalid......'
|
||||||
@ -117,13 +203,24 @@ try {
|
|||||||
}
|
}
|
||||||
$tur = ORM::for_table('tbl_user_recharges')->whereRaw("BINARY `username` = '$username'")->find_one();
|
$tur = ORM::for_table('tbl_user_recharges')->whereRaw("BINARY `username` = '$username'")->find_one();
|
||||||
if ($tur) {
|
if ($tur) {
|
||||||
if (!$isVoucher && empty($CHAPassword)) {
|
if (!$isVoucher && !$isCHAP) {
|
||||||
$d = ORM::for_table('tbl_customers')->select('password')->whereRaw("BINARY `username` = '$username'")->find_one();
|
$d = ORM::for_table('tbl_customers')->select('password')->select('pppoe_password')->whereRaw("BINARY `username` = '$username'")->find_one();
|
||||||
|
if ($d) {
|
||||||
if ($d['password'] != $password) {
|
if ($d['password'] != $password) {
|
||||||
if ($d['pppoe_password'] != $password) {
|
if ($d['pppoe_password'] != $password) {
|
||||||
show_radius_result(['Reply-Message' => 'Username or Password is wrong'], 401);
|
show_radius_result(['Reply-Message' => 'Username or Password is wrong'], 401);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
$d = ORM::for_table('tbl_customers')->select('password')->select('pppoe_password')->whereRaw("BINARY `pppoe_username` = '$username'")->find_one();
|
||||||
|
if ($d) {
|
||||||
|
if ($d['password'] != $password) {
|
||||||
|
if ($d['pppoe_password'] != $password) {
|
||||||
|
show_radius_result(['Reply-Message' => 'Username or Password is wrong'], 401);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
process_radiust_rest($tur, $code);
|
process_radiust_rest($tur, $code);
|
||||||
} else {
|
} else {
|
||||||
@ -136,7 +233,7 @@ try {
|
|||||||
$v->status = "1";
|
$v->status = "1";
|
||||||
$v->used_date = date('Y-m-d H:i:s');
|
$v->used_date = date('Y-m-d H:i:s');
|
||||||
$v->save();
|
$v->save();
|
||||||
$tur = ORM::for_table('tbl_user_recharges')->where('username', $username)->find_one();
|
$tur = ORM::for_table('tbl_user_recharges')->whereRaw("BINARY `code` = '$username'")->find_one();
|
||||||
if ($tur) {
|
if ($tur) {
|
||||||
process_radiust_rest($tur, $code);
|
process_radiust_rest($tur, $code);
|
||||||
} else {
|
} else {
|
||||||
@ -167,7 +264,7 @@ try {
|
|||||||
}
|
}
|
||||||
header("HTTP/1.1 200 ok");
|
header("HTTP/1.1 200 ok");
|
||||||
$d = ORM::for_table('rad_acct')
|
$d = ORM::for_table('rad_acct')
|
||||||
->where('username', $username)
|
->whereRaw("BINARY `code` = '$username'")
|
||||||
->where('acctstatustype', _post('acctStatusType'))
|
->where('acctstatustype', _post('acctStatusType'))
|
||||||
->findOne();
|
->findOne();
|
||||||
if (!$d) {
|
if (!$d) {
|
||||||
@ -175,10 +272,10 @@ try {
|
|||||||
}
|
}
|
||||||
$acctOutputOctets = _post('acctOutputOctets', 0);
|
$acctOutputOctets = _post('acctOutputOctets', 0);
|
||||||
$acctInputOctets = _post('acctInputOctets', 0);
|
$acctInputOctets = _post('acctInputOctets', 0);
|
||||||
if(_post('acctStatusType')=='Stop'){
|
if (_post('acctStatusType') == 'Stop') {
|
||||||
// log in the Start only
|
// log in the Start only
|
||||||
$start = ORM::for_table('rad_acct')
|
$start = ORM::for_table('rad_acct')
|
||||||
->where('username', $username)
|
->whereRaw("BINARY `code` = '$username'")
|
||||||
->where('acctstatustype', 'Start')
|
->where('acctstatustype', 'Start')
|
||||||
->findOne();
|
->findOne();
|
||||||
if (!$start) {
|
if (!$start) {
|
||||||
@ -194,7 +291,7 @@ try {
|
|||||||
$start->save();
|
$start->save();
|
||||||
$d->acctOutputOctets = 0;
|
$d->acctOutputOctets = 0;
|
||||||
$d->acctInputOctets = 0;
|
$d->acctInputOctets = 0;
|
||||||
}else{
|
} else {
|
||||||
if ($acctOutputOctets !== false && $acctInputOctets !== false) {
|
if ($acctOutputOctets !== false && $acctInputOctets !== false) {
|
||||||
$d->acctOutputOctets += intval($acctOutputOctets);
|
$d->acctOutputOctets += intval($acctOutputOctets);
|
||||||
$d->acctInputOctets += intval($acctInputOctets);
|
$d->acctInputOctets += intval($acctInputOctets);
|
||||||
@ -215,8 +312,8 @@ try {
|
|||||||
$d->macaddr = _post('macAddr');
|
$d->macaddr = _post('macAddr');
|
||||||
$d->dateAdded = date('Y-m-d H:i:s');
|
$d->dateAdded = date('Y-m-d H:i:s');
|
||||||
$d->save();
|
$d->save();
|
||||||
if($d->acctstatustype == 'Start'){
|
if ($d->acctstatustype == 'Start') {
|
||||||
$tur = ORM::for_table('tbl_user_recharges')->where('username', $username)->where('status', 'on')->where('routers', 'radius')->find_one();
|
$tur = ORM::for_table('tbl_user_recharges')->whereRaw("BINARY `code` = '$username'")->where('status', 'on')->where('routers', 'radius')->find_one();
|
||||||
$plan = ORM::for_table('tbl_plans')->where('id', $tur['plan_id'])->find_one();
|
$plan = ORM::for_table('tbl_plans')->where('id', $tur['plan_id'])->find_one();
|
||||||
if ($plan['limit_type'] == "Data_Limit" || $plan['limit_type'] == "Both_Limit") {
|
if ($plan['limit_type'] == "Data_Limit" || $plan['limit_type'] == "Both_Limit") {
|
||||||
$totalUsage = $d['acctOutputOctets'] + $d['acctInputOctets'];
|
$totalUsage = $d['acctOutputOctets'] + $d['acctInputOctets'];
|
||||||
@ -295,7 +392,7 @@ function process_radiust_rest($tur, $code)
|
|||||||
|
|
||||||
if ($plan['typebp'] == "Limited") {
|
if ($plan['typebp'] == "Limited") {
|
||||||
if ($plan['limit_type'] == "Data_Limit" || $plan['limit_type'] == "Both_Limit") {
|
if ($plan['limit_type'] == "Data_Limit" || $plan['limit_type'] == "Both_Limit") {
|
||||||
$raddact = ORM::for_table('rad_acct')->where('username', $tur['username'])->where('acctstatustype', 'Start')->find_one();
|
$raddact = ORM::for_table('rad_acct')->whereRaw("BINARY `code` = '$tur[username]'")->where('acctstatustype', 'Start')->find_one();
|
||||||
$totalUsage = intval($raddact['acctOutputOctets']) + intval($raddact['acctInputOctets']);
|
$totalUsage = intval($raddact['acctOutputOctets']) + intval($raddact['acctInputOctets']);
|
||||||
$attrs['reply:Mikrotik-Total-Limit'] = Text::convertDataUnit($plan['data_limit'], $plan['data_unit']) - $totalUsage;
|
$attrs['reply:Mikrotik-Total-Limit'] = Text::convertDataUnit($plan['data_limit'], $plan['data_unit']) - $totalUsage;
|
||||||
if ($attrs['reply:Mikrotik-Total-Limit'] < 0) {
|
if ($attrs['reply:Mikrotik-Total-Limit'] < 0) {
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user