Unable to create account via a php page since the update to 2.0.1
-
Hello everyone!
Until last week, we used pfSense 1.2.3 under VMware that acted essentially as a captive portal to allow guests to connect to WiFi. When I set up pfSense 3 years ago, and in order not to create every account at the hand, I found a php script that was allowing the user to create his account himself in the local database through a webpage. That way :
- The user is connecting to the unsecured WiFi network
- He is redirected to the authentication page
- On that custom page, we are asking the user to click on a link to create his account
- He is redirected to another page where he is entering his personal informations to create his account
- He is redirected to the auth page where he can now authenticate himself with the newly created account.
All of that was working very well, but when we upgraded to vSphere 4+, the VMware Tools didn't work anymore. For that reason, I decided to update pfSense to 2.0.1, thinking it could resolve the problem, but I forgot to test the "create account" page… Presently, I've got two functions, config_lock and write_config, and some invalids args in a foreach, and frankly, I don't know what to do as I don't know php enough.
Does someone knows what changed in version 2 and if I can just replace those two functions ?
Thank you for any help you could give me.
Here is the create account page :
<title>Create Account Page</title>
require_once("functions.inc");
if ($_POST) {
config_lock();
$a_user = &$config['captiveportal']['user'];
unset($input_errors);
$pconfig = $_POST;
if ($_POST['username'] == "") $input_errors[] = "ID is required.";
if ($_POST['password'] == "") $input_errors[] = "Password is required.";
if ($_POST['fullname'] == "") $input_errors[] = "Name is required.";
if (($_POST['password']) && ($_POST['password'] != $_POST['password2'])) $input_errors[] = "Passwords are not matching.";
if (!$input_errors) {
foreach ($a_user as $userent) {
if ($userent['name'] == $_POST['username']) {
$input_errors[] = "This account already exists.";
break;
}
}
}if (!$input_errors) {
$userent['name'] = $_POST['username'];
$userent['fullname'] = $_POST['fullname'];
$userent['expirationdate'] = "";//$_POST['expirationdate'];
if ($_POST['password']) $userent['password'] = md5($_POST['password']);
$a_user[] = $userent;
write_config();
$done =1;
}}
?>if (isset($done)) {
?>ACCOUNT CREATION IS OVER
You successfully created your account.
You can now connect by clicking here.
[} else {
if ($input_errors) {
echo "ERROR : ";
foreach ($input_errors as $input_error) {
echo $input_error . "
";
} //end foreach
} // end if
?>ACCOUNT CREATION
<form method="post">
ID:
Password:
Password check :
Full name:}
?>
</form>](/)