Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Login with email address + curl don't work in local

    Scheduled Pinned Locked Moved Captive Portal
    1 Posts 1 Posters 3.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      thegigistouch
      last edited by

      Hi pfSense users!

      I'm new to pfSense and want to customize the captive portal. I want it to do a simple thing: users on the LAN are redirected to the captive portal which ask them for their email address. If the address is valid, they are logged-in, else a message warn them of invalid email address.

      I created login.php, a simple form which auto-post $PORTAL_REDIRURL$ and  $PORTAL_ACTION$ (they are not replaced in another php-only page).

      It seems that I cannot execute php script more than ~200 bytes long in login.php: the start of them is interpreted, and after a certain point, script content is outputed as-is in the html source. It's why it splitted the code into 2 php files:

      login.php

      I want the second file, captiveportal-login.php to ask for the email address, and connect as a defined user (ie: guest). I think the better way to do this is that the script itself check email address and post to $PORTAL_ACTION$.

      Here is the simplified code of captiveportal-login.php:

      
      /**
       * http_build_query don't exists in PHP4
       */
      if (!function_exists('http_build_query')) {
      	[... simulatre http_build_query ...]
      }
      
      // Page not called by login.php, redirect to login.php
      if (!isset($_POST["portal_action"]) || !isset($_POST["portal_redirurl"])) {
      	header('Location: login.php');
      	die();
      }
      
      // Redirection from login.php, get portal addresses
      $portal_action = $_POST["portal_action"];
      $portal_redirurl = $_POST["portal_redirurl"];
      
      // Checks if email address have been post, else show login form
      if (!isset($_POST["email"]))
      {
      	showLoginForm($portal_action, $portal_redirurl);
      	die();
      }
      
      // Got a mail address
      $email = trim($_POST["email"]);
      
      // If email if invalid, shows a failure message
      if (!validEmail($email))
      {
      	showLoginForm($portal_action, $portal_redirurl, 'The mail you entered is invalid!');
      	die();
      }
      
      // Got a valid email, post user and password to the portal login form
      //*****************
      echo "server respond: " . Post($portal_action , "auth_user=guest&auth_pass=passw0rd&redirurl=$portal_redirurl&accept=Continue");
      //******************
      
      /**
      Validate an email address.
      Provide email address (raw input)
      Returns true if the email address has the email 
      address format and the domain exists.
      */
      function validEmail($email)
      {
          [... check email and set result in $isValid]
         return $isValid;
      }
      
      /**
       * Shows the login form
       */
      function showLoginForm($portal_action, $portal_redirurl, $message = "")
      {
      
      echo '
      
      ## Login
      
      		Please enter your email address to log-in to the portal.
      
      		**' .  $message . '**
      
      <form method="POST" action="captiveportal-login.php">
      			Email address: 
      
      		</form>
      
      	';
      }
      
      /**
       * POST content to a page
       */
      function Post($url, $post)
      {
      	$ch = curl_init($url);
      	curl_setopt ($ch, CURLOPT_POST, 1);
      	curl_setopt ($ch, CURLOPT_POSTFIELDS,  $post);
      	$result =  curl_exec ($ch);
      	curl_close ($ch);
      
      	return $result;
      }
      ?>
      
      

      My problem come from the Post function: I tried curl, fopen, readfile, exec(curl)… It can post to and get the response from an external page, but when I try getting $PORTAL_ACTION$ (for me http://1.2.3.4:8000) I get an error saying that the destination is unreacheable or a timeout, or simply nothing (instead exec('ls') shows me a result).

      Do you think this code is the best way to do email-authentification?
      Do you know why curl sucks so much in local?

      Regards,
      thegigistouch

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.