Scripting and using functions

  • I want to create a script that looks for expired users and deletes them automatically. I stumbled over the function is_account_expired($username) . But somehow it's not working when I try it in the php-Shell. I followed the problem back to the function getUserEntry($username) and somehow the returned array is always empty. Is the result even an array or did I completely understand something wrong?

    What am I doing wrong?

    pfSense shell: require_once("");
    pfSense shell: $user = getUserEntry(blubtest);  <- I tried it with " or ', there is just no result 
    pfSense shell: print_r($user);
    pfSense shell: exec
    pfSense shell:

  • $name = "";
    $user = getUserEntry($name);

    This returns me an array with lots of user details when I put a valid user name string in "".

  • Really strange. It's not working here, I always get result NULL even if I search for the user admin.

    I now tried a workaround that seems to be working. I took the needed functions, altered them and saved them as in /etc/inc so I later can include them in my script.

    function & getUserEntryByName($name) {
            global $debug, $config;
            $userindex_ff = index_users();
            if (isset($userindex_ff[$name]))
                    return $config['system']['user'][$userindex_ff[$name]];
    function getUserExpirationDate($username) {
            $user = getUserEntryByName($username);
            if ($user['expires'])
                    return $user['expires'];
    function isAccountExpired($username) {
            $expirydate = getUserExpirationDate($username);
            if ($expirydate) {
                    if (strtotime("-1 day") > strtotime(date("m/d/Y",strtotime($expirydate))))
                            return true;
            return false;

    Normally $userindex in the getUserEntry-function is a global variable but somehow it's not set. My PHP-Skills are not very good but as I understand, it's definitely defined in on linenumber 196.
    So I changed that in "my" getUserEntryByName-function and now I have the features I need.

    Anyway it really would interest me what I am doing wrong on my pfSense - I also tried the commands on a nearly fresh installed pfSense with the same result - NULL. It's the 2.1 version.

  • I have finished my script for the autoremoval of expired users and it seems to work  :)
    I created the file delete_expired_users.php in /usr/local/bin and set the needed permission (chmod 755) and added a cronjob running once a day, the from above is placed in /etc/inc

    Use at your own risk!

    #!/usr/local/bin/php -f
    // How many users are there?
    $id = count($config['system']['user']);
    // We must begin our search for expired users with the last useable ID
    // Else strange things happen to the config.xml :)
    $check_id = $id - 1;
    // Check all found users except ID 0 - it's the admin, no need to check him
    while ($check_id != 0) {
     // Get the username
     $uname = $config['system']['user'][$check_id]['name'];
     // Get the user's expirydate
     $uexpirydate = $config['system']['user'][$check_id]['expires'];
     echo "USER: ".$uname."\n";
     echo "EXPIRES: ".$uexpirydate."\n";
     // Check if the user is expired - function of
     if ( isAccountExpired($uname) ) {
      echo "EXPIRED: YES \n";
      // Delete user locally - function of
      // Delete user in config - function of
      echo "USER DELETED! \n";
     } else {
      // User isn't expired or has no expirydate set
      echo "EXPIRED: NO \n";
     echo "### \n";
     // Next ID
     $check_id = $check_id - 1;
    // Write the new config

Log in to reply