• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Scripting and using auth.inc functions

Scheduled Pinned Locked Moved Development
4 Posts 2 Posters 1.7k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • B
    BBQigniter
    last edited by Jan 13, 2014, 1:31 PM

    I want to create a script that looks for expired users and deletes them automatically. I stumbled over the function is_account_expired($username) . But somehow it's not working when I try it in the php-Shell. I followed the problem back to the function getUserEntry($username) and somehow the returned array is always empty. Is the result even an array or did I completely understand something wrong?

    What am I doing wrong?

    pfSense shell: require_once("auth.inc");
    pfSense shell: $user = getUserEntry(blubtest);  <- I tried it with " or ', there is just no result 
    pfSense shell: print_r($user);
    pfSense shell: exec
    pfSense shell:
    
    1 Reply Last reply Reply Quote 0
    • P
      phil.davis
      last edited by Jan 14, 2014, 3:39 AM

      $name = "user.name";
      $user = getUserEntry($name);
      var_dump($user);
      

      This returns me an array with lots of user details when I put a valid user name string in "user.name".

      As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
      If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

      1 Reply Last reply Reply Quote 0
      • B
        BBQigniter
        last edited by Jan 14, 2014, 7:55 AM

        Really strange. It's not working here, I always get result NULL even if I search for the user admin.

        I now tried a workaround that seems to be working. I took the needed functions, altered them and saved them as auth_addon.inc in /etc/inc so I later can include them in my script.

        
        function & getUserEntryByName($name) {
                global $debug, $config;
        
                $userindex_ff = index_users();
        
                if (isset($userindex_ff[$name]))
                        return $config['system']['user'][$userindex_ff[$name]];
        }
        
        function getUserExpirationDate($username) {
                $user = getUserEntryByName($username);
                if ($user['expires'])
                        return $user['expires'];
        }
        
        function isAccountExpired($username) {
                $expirydate = getUserExpirationDate($username);
                if ($expirydate) {
                        if (strtotime("-1 day") > strtotime(date("m/d/Y",strtotime($expirydate))))
                                return true;
                }
        
                return false;
        }
        ?>
        
        

        Normally $userindex in the getUserEntry-function is a global variable but somehow it's not set. My PHP-Skills are not very good but as I understand, it's definitely defined in auth.inc on linenumber 196.
        So I changed that in "my" getUserEntryByName-function and now I have the features I need.

        Anyway it really would interest me what I am doing wrong on my pfSense - I also tried the commands on a nearly fresh installed pfSense with the same result - NULL. It's the 2.1 version.

        1 Reply Last reply Reply Quote 0
        • B
          BBQigniter
          last edited by Jan 15, 2014, 8:32 AM

          I have finished my script for the autoremoval of expired users and it seems to work  :)
          I created the file delete_expired_users.php in /usr/local/bin and set the needed permission (chmod 755) and added a cronjob running once a day, the auth_addon.inc from above is placed in /etc/inc

          Use at your own risk!

          
          #!/usr/local/bin/php -f
          
          require_once("auth.inc");
          require_once("auth_addon.inc");
          
          // How many users are there?
          $id = count($config['system']['user']);
          
          // We must begin our search for expired users with the last useable ID
          // Else strange things happen to the config.xml :)
          $check_id = $id - 1;
          
          // Check all found users except ID 0 - it's the admin, no need to check him
          while ($check_id != 0) {
           // Get the username
           $uname = $config['system']['user'][$check_id]['name'];
          
           // Get the user's expirydate
           $uexpirydate = $config['system']['user'][$check_id]['expires'];
          
           echo "USER: ".$uname."\n";
           echo "EXPIRES: ".$uexpirydate."\n";
          
           // Check if the user is expired - function of auth_addon.inc
           if ( isAccountExpired($uname) ) {
            echo "EXPIRED: YES \n";
          
            // Delete user locally - function of auth.inc
            local_user_del($config['system']['user'][$check_id]);
          
            // Delete user in config - function of auth.inc
            unset($config['system']['user'][$check_id]);
            echo "USER DELETED! \n";
          
           } else {
            // User isn't expired or has no expirydate set
            echo "EXPIRED: NO \n";
           }
           echo "### \n";
          
           // Next ID
           $check_id = $check_id - 1;
          }
          
          // Write the new config
          write_config();
          
          ?>
          
          
          1 Reply Last reply Reply Quote 0
          1 out of 4
          • First post
            1/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received