Community.ubnt.com

External Portal Auth Loop

2016-02-22

Can anyone give me a hand with this external portal.

Controller version is 4.8.10

Once user connects, enters details, hits submit, goes to authorized.php, says all ok, then redirects back to the index.php, to get the user to get enter details again. Just keeps looping.

Below are index.php, and authorized.php

Thanks in Advanced

Index.php

<?php

$id = $_GET['id'];
$url = $_GET['url'];
$ap = $_GET['ap'];

session_start();

$_SESSION['id'] = $_GET['id']; //user's mac address
$_SESSION['ap'] = $_GET['ap']; //AP mac
$_SESSION['ssid'] = $_GET['ssid']; //ssid the user is on (POST 2.3.2)
$_SESSION['time'] = $_GET['t']; //time the user attempted a request of the portal
$_SESSION['refURL'] = $_GET['url']; //url the user attempted to reach
$_SESSION['loggingin'] = "unique key"; //key to use to check if the user used this form or not
// -- prevents them from simply going to /authorized.php on their own

?>

<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0">
<title>Guest WiFi</title>
<meta name="author" content="panos">

<link rel="stylesheet" type="text/css" media="all" href="style.css">

<style>.error {color: #FF0000;}</style>
<script type="text/javascript" src="js/jquery.min.js"></script>
<script type="text/javascript" src="js/guest.js"></script><script>
function validateForm()
{
var x=document.forms["login"]["firstname"].value;
if (x==null || x=="")
{
alert("First name must be filled out");
return false;
}

var x=document.forms["login"]["lastname"].value;
if (x==null || x=="")
{
alert("Last name must be filled out");
return false;
}
var x=document.forms["login"]["emailaddress"].value;
var atpos=x.indexOf("@");
var dotpos=x.lastIndexOf(".");
if (atpos<1 || dotpos<atpos+2 || dotpos+2>=x.length)
{
alert("Please enter a valid e-mail address");
return false;
}
}
</script>
</head>

<body>
<div class="login-content content-box">
<div class="tou-box">
<form name="login" method="post" action="authorized.php" onsubmit="return validateForm()">
<section id="container">
<div class="logo">
<h2 id="top">Guest WiFi</h2>
</div>

<p class="info">Welcome to our Guest WiFi.<br />
Please enter the User Information and read the Terms of Use before continuing.</p>
<br /><hr>
<p class="info">Required User Information: <br />

Firstname: <input type="text" name="PatronName"><br />
Lastname: <input type="text" name="PatronSurname"><br />
Email:<input type="text" name="PatronEmail" size="25"><br />
Mobile Number: <input type="text" name="PatronMobile"><br />
Postcode: <input type="text" name="PostCode"><br />
</p>

<div class="tou-box">

<div class="tou-wrapper" id="tou">
<div class="tou">
<p>Terms of Agreement</p>
<br>
<ul>
<p>By accessing the wireless network, you acknowledge that you're of legal age, you have read and understood and agree to be bound by this agreement
This is an agreement between you and Us and its affiliates ("US", "we", or "us") for 802.11b/g/n wireless and broadband communications services and related services and features (the "Service").</p>
<li><b>Service Availability:</b> An 802.11b/g/n and/or Ethernet-compatible computer, card, and/or device ("Unit") are required to enable the Service to operate. You are responsible for ensuring the compatibility of your Unit with the Service. The availability and performance of the Service is subject to all memory, storage and other limitations in the Unit. Service is available to your Unit only when it is within the operating range of our system and/or directly connected. Service is subject to unavailability, including unavailability due to emergencies, collocation failures, transmission and equipment limitations, or maintenance and repair, and may be interrupted, refused, limited or curtailed. We are not responsible for data, messages or pages that you may lose or that become misdirected because of interruptions or performance issues with the Service or wireless communications networks generally. We may impose usage or Service limits, Suspend Service, or block certain kinds of usage in our sole discretion to protection users or our business. Network speed is no indication of the speed at which your Unit or the Service sends or receives data. Actual network speed will vary based on unit configuration, compression and network congestion.
</li>
<li><b>Use of Service:</b> You agree not to resell any aspect of the Service, whether for profit or otherwise, or to authorize any other individual or entity to use the Service. You agree not to use the Service or your Unit for any fraudulent, unlawful, harassing or abusive purposes, or in such a way as to create damage or risk to our business, reputation, employees, subscribers, facilities, and third parties or the public generally. You agree that sharing the Service with another party breaches the Agreement and may constitute fraud or theft, for which LeGrove Apartments Watford reserves the rights set forth herein and all other legal and equitable remedies. You agree that you will not use the Service or your Unit to send any illegal, harassing, threatening, obscene, offensive or unsolicited commercial text or e-mail messages or to intentionally transmit any computer viruses.
</li>
<li><b>Content Disclaimer:</b> Cautions or Restrictions. We do not control, nor is it in any way liable for, data or content that you can access or receive via the Service. The Internet contains unedited materials, some of which are sexually explicit or may be offensive to you. LeGrove Apartments Watford has no control over and accepts no responsibility for such materials. LeGrove Apartments Watford is not a publisher or third-party content that can be accessed through the Service, and is not responsible for any opinions, advice, statements, services or other information provided by third parties and accessible through the Service. You are responsible for evaluating such content. You are responsible for paying all fees and charges from third party vendors whose sites, products or services you access, buy or use via the Service. LeGrove Apartments Watford does not guarantee the accuracy, completeness or usefulness of information that is obtained through the Service, and delays or omissions may occur. If you choose to use the Service to access web sites or content provided by third parties or purchase products from third parties, then your personal information may be available to the third-party provider. The way third parties handle and use your personal information related to the use of their service is governed by their policies and has no responsibility for their policies, or third parties' compliance with them
</li>
<li><b>Privacy and Security:</b> Wireless/Wired systems use radio channels or local area networks to transmit voice and data communication information. Privacy cannot be guaranteed, and we shall not be liable to you for any lack of privacy you experience while using the Service. You agree to protect your password and you are responsible for any usage of your account. Although we support customer-initiated security solutions such as virtual private networks, encryption and personal firewalls, we do not provide these solutions for our customers' use and are not responsible for their effectiveness.
</li>
<li><b>Marketing:</b> We value your privacy. Your personal information will be kept confidential and will never be sold to third parties. It will only be used for communications & marketing from LeGrove Apartments and any associated companies. An opt-out option is available on the final page where you agree to these terms & conditions.
</ul>

</div>
</div>
<fieldset class="accept-tou">
<input id="accept-tou" type="checkbox" checked="checked" name="accept-tou" value="yes" />
<label class="normal" ><a href="javascript&colon;void(0)" id="show-tou">I accept the Terms of Use</a></label>
</fieldset>
<hr>
<div class="form-controls">


<unifi if="auth_none">

<input id="submit" type="submit" name="submit" value="Connect" onClick="this.form.submit(); this.disabled=true; this.value='Sending…'; "/>
</unifi>
</div>

</div>
</form>
</div>

</form>

<script type="text/javascript">
$(function() {
$('#tou').hide();
$('#show-tou').click(function() {
$('#tou').show();
});
$('#accept-tou').click(function() {
if (!$('#accept-tou').checked()) {
$('input.requires-tou').disable();
}
else {
$('input.requires-tou').enable();
}
})
});
</script>
<div id="footer">
<font color="white" size="2">
<b>Wifi Powered By US</b>
</font>
</footer>
</body>
</html>

Authorized.php:

<?php
//Detect users browser and OS version for logging
$user_agent = $_SERVER['HTTP_USER_AGENT'];

session_start();

$allowtime = 2;

$PatronName = mysqli_real_escape_string($_POST['PatronName']);
$PatronSurname = mysqli_real_escape_string($_POST['PatronSurname']);
$PatronEmail = mysqli_real_escape_string($_POST['PatronEmail']);
$PatronMobile = mysqli_real_escape_string($_POST['PatronMobile']);
$PostCode = mysqli_real_escape_string($_POST['PostCode']);

$url = 'http://api.guestlist.com.au/add_db.php';
$data = array(
'apikey' => 'APIKEY',
'category' => 'CATKEY',
'PatronName' => $_POST['PatronName'],
'PatronSurname' => $_POST['PatronSurname'],
'PatronEmail' => $_POST['PatronEmail'],
'PatronMobile' => $_POST['PatronMobile'],
'PostCode' => $_POST['PostCode'],
);

$result = file_get_contents($url . '?' . http_build_query($data));
if($result == 'OK')
echo 'User Added';
else
echo 'Failed. Reason: ' . $result;

//UNIFI
function sendAuthorization($id, $minutes)
{
$unifiServer = "https://127.0.0.1:8443";
$unifiUser = "admin";
$unifiPass = "Password";

// Start Curl for login
$ch = curl_init();
// We are posting data
curl_setopt($ch, CURLOPT_POST, TRUE);
// Set up cookies
$cookie_file = "/tmp/unifi_cookie";
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file);
// Allow Self Signed Certs
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
// Force SSL3 only
curl_setopt($ch, CURLOPT_SSLVERSION, 1);
// Login to the UniFi controller
curl_setopt($ch, CURLOPT_URL, "$unifiServer/api/login");
//curl_setopt($ch, CURLOPT_POSTFIELDS,
// "login=login&username=$unifiUser&password=$unifiPass");
$data = json_encode(array("username" => $unifiUser,"password" => $unifiPass));
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
// send login command
curl_exec ($ch);
echo "Checkpoint 1";
// Send user to authorize and the time allowed
$data = json_encode(array(
'cmd'=>'authorize-guest',
'mac'=>$id,
'minutes'=>$minutes));

// Send the command to the API
curl_setopt($ch, CURLOPT_URL, $unifiServer . "/api/s/default/cmd/stamgr");
curl_setopt($ch, CURLOPT_POSTFIELDS, 'json='.$data);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
curl_exec ($ch);

// Logout of the UniFi Controller
curl_setopt($ch, CURLOPT_URL, $unifiServer.'/logout');
curl_exec ($ch);
curl_close ($ch);
unset($ch);
}

if ($_SESSION['loggingin'] == "unique key") // Check to see if the form has been posted to
{
ob_start();
sendAuthorization($_SESSION['id'], (2*60)); //authorizing user for 2 hours
ob_end_clean();
unset($_SESSION['loggingin']);
}

?>

<script>
//allow time for the authorization to go through
setTimeout("location.href='http://www.Google.com'",5000);
</script>

<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0">
<title>Guest WiFi</title>
<meta name="author" content="panos">
<link rel="stylesheet" type="text/css" media="all" href="style.css">
<script type="text/javascript" src="js/jquery.min.js"></script>
<script type="text/javascript" src="js/guest.js"></script>
</head>
<body>
<div class="login-content content-box">
<div class="tou-box">
<form name="login" action="authorized.php" method="post">
<section id="container">
<div class="logo">
<h2 id="top">Connected to Guest Wifi</h2>
</div>
<p class="info">Hi <?php echo $_POST['PatronName']; ?>, you are now connected to the Guest WiFi. <br /><br />
Your session is valid for 2 hours. If you wish to use WiFi beyond this point please re-authenticate.<br /><br />
<div class="text">
<script type="text/javascript">

(function () {
var timeLeft = 5,
cinterval;

var timeDec = function (){
timeLeft--;
document.getElementById('countdown').innerHTML = timeLeft;
if(timeLeft === 0){
clearInterval(cinterval);
}
};

cinterval = setInterval(timeDec, 1000);
})();

</script>
<center>You Will Be Redirected...<br />
Please wait ! <span id="countdown">5</span></center>
</div>
</p>
<hr>

</div>

</form>
</div>

</form>
<div id="footer">
<font color="white" size="2">
<b>Wifi Powered By US</b>
</font>
</footer>
</body>
</html>