Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Login with email address + curl don't work in local

    Scheduled Pinned Locked Moved
    Captive Portal
    1
    1
    3.7k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      thegigistouch
      last edited by

      Hi pfSense users!

      I'm new to pfSense and want to customize the captive portal. I want it to do a simple thing: users on the LAN are redirected to the captive portal which ask them for their email address. If the address is valid, they are logged-in, else a message warn them of invalid email address.

      I created login.php, a simple form which auto-post $PORTAL_REDIRURL$ and  $PORTAL_ACTION$ (they are not replaced in another php-only page).

      It seems that I cannot execute php script more than ~200 bytes long in login.php: the start of them is interpreted, and after a certain point, script content is outputed as-is in the html source. It's why it splitted the code into 2 php files:

      login.php

      I want the second file, captiveportal-login.php to ask for the email address, and connect as a defined user (ie: guest). I think the better way to do this is that the script itself check email address and post to $PORTAL_ACTION$.

      Here is the simplified code of captiveportal-login.php:

      
/**
 * http_build_query don't exists in PHP4
 */
if (!function_exists('http_build_query')) {
	[... simulatre http_build_query ...]
}

// Page not called by login.php, redirect to login.php
if (!isset($_POST["portal_action"]) || !isset($_POST["portal_redirurl"])) {
	header('Location: login.php');
	die();
}

// Redirection from login.php, get portal addresses
$portal_action = $_POST["portal_action"];
$portal_redirurl = $_POST["portal_redirurl"];

// Checks if email address have been post, else show login form
if (!isset($_POST["email"]))
{
	showLoginForm($portal_action, $portal_redirurl);
	die();
}

// Got a mail address
$email = trim($_POST["email"]);

// If email if invalid, shows a failure message
if (!validEmail($email))
{
	showLoginForm($portal_action, $portal_redirurl, 'The mail you entered is invalid!');
	die();
}

// Got a valid email, post user and password to the portal login form
//*****************
echo "server respond: " . Post($portal_action , "auth_user=guest&auth_pass=passw0rd&redirurl=$portal_redirurl&accept=Continue");
//******************

/**
Validate an email address.
Provide email address (raw input)
Returns true if the email address has the email 
address format and the domain exists.
*/
function validEmail($email)
{
    [... check email and set result in $isValid]
   return $isValid;
}

/**
 * Shows the login form
 */
function showLoginForm($portal_action, $portal_redirurl, $message = "")
{

echo '

## Login

		Please enter your email address to log-in to the portal.

		**' .  $message . '**

<form method="POST" action="captiveportal-login.php">
			Email address: 

		</form>

	';
}

/**
 * POST content to a page
 */
function Post($url, $post)
{
	$ch = curl_init($url);
	curl_setopt ($ch, CURLOPT_POST, 1);
	curl_setopt ($ch, CURLOPT_POSTFIELDS,  $post);
	$result =  curl_exec ($ch);
	curl_close ($ch);

	return $result;
}
?>

      My problem come from the Post function: I tried curl, fopen, readfile, exec(curl)… It can post to and get the response from an external page, but when I try getting $PORTAL_ACTION$ (for me http://1.2.3.4:8000) I get an error saying that the destination is unreacheable or a timeout, or simply nothing (instead exec('ls') shows me a result).

      Do you think this code is the best way to do email-authentification?
      Do you know why curl sucks so much in local?

      Regards,
      thegigistouch

      1 Reply Last reply Reply Quote 0
      • First post
        Last post