Patch for m0n0wall 1.2 Written by Tom Clegg 2006-01-24 Public domain Adds two features to captive portal service: 1. Optionally store expiry time in local user database. 2. Terminate sessions belonging to expired and deleted local users. diff --exclude=dev -ur orig.m0n0/etc/inc/captiveportal.inc m0n0/etc/inc/captiveportal.inc --- orig.m0n0/etc/inc/captiveportal.inc Sun Oct 9 09:58:05 2005 +++ m0n0/etc/inc/captiveportal.inc Tue Jan 24 15:34:06 2006 @@ -343,9 +343,6 @@ else $idletimeout = 0; - if (!$timeout && !$idletimeout && !isset($config['captiveportal']['reauthenticate'])) - return; - captiveportal_lock(); /* read database */ @@ -362,6 +359,22 @@ if ((time() - $cpdb[$i][0]) >= $timeout) $timedout = true; } + + /* username expired or deleted? */ + $foundtheuser = false; + $users = &$config['captiveportal']['user']; + for ($u = 0; $u < count($users); $u++) + if ($users[$u]['name'] == $cpdb[$i][4]) { + $foundtheuser = true; + if ($users[$u]['expirationdate'] + && (time() > strtotime($users[$u]['expirationdate'] . " " . + ($users[$u]['expirationtime'] + ? $users[$u]['expirationtime'] + : "23:59")))) + $timedout = true; + } + if (!$foundtheuser) + $timedout = true; /* if an idle timeout is specified, get last activity timestamp from ipfw */ if (!$timedout && $idletimeout) { diff --exclude=dev -ur orig.m0n0/etc/version m0n0/etc/version --- orig.m0n0/etc/version Sun Oct 9 09:58:05 2005 +++ m0n0/etc/version Tue Jan 24 15:34:18 2006 @@ -1 +1 @@ -1.2 +1.2-dhc20060124 diff --exclude=dev -ur orig.m0n0/etc/version.buildtime m0n0/etc/version.buildtime --- orig.m0n0/etc/version.buildtime Sun Oct 9 09:58:29 2005 +++ m0n0/etc/version.buildtime Tue Jan 24 15:34:18 2006 @@ -1 +1 @@ -Sun Oct 9 18:58:29 CEST 2005 +Tue Jan 24 15:34:18 PST 2006 diff --exclude=dev -ur orig.m0n0/usr/local/captiveportal/index.php m0n0/usr/local/captiveportal/index.php --- orig.m0n0/usr/local/captiveportal/index.php Sun Oct 9 09:58:05 2005 +++ m0n0/usr/local/captiveportal/index.php Tue Jan 24 11:46:44 2006 @@ -102,7 +102,7 @@ if (is_array($userdb)) { $moddb = false; for ($i = 0; $i < count($userdb); $i++) { - if ($userdb[$i]['expirationdate'] && (strtotime("-1 day") > strtotime($userdb[$i]['expirationdate']))) { + if ($userdb[$i]['expirationdate'] && (time() > strtotime($userdb[$i]['expirationdate'] . " " . ($userdb[$i]['expirationtime'] ? $userdb[$i]['expirationtime'] : "23:59")))) { unset($userdb[$i]); $moddb = true; } diff --exclude=dev -ur orig.m0n0/usr/local/www/services_captiveportal_users.php m0n0/usr/local/www/services_captiveportal_users.php --- orig.m0n0/usr/local/www/services_captiveportal_users.php Sun Oct 9 09:58:04 2005 +++ m0n0/usr/local/www/services_captiveportal_users.php Tue Jan 24 11:45:27 2006 @@ -52,7 +52,7 @@ //erase expired accounts $changed = false; for ($i = 0; $i < count($a_user); $i++) { - if ($a_user[$i]['expirationdate'] && (strtotime("-1 day") > strtotime($a_user[$i]['expirationdate']))) { + if ($a_user[$i]['expirationdate'] && (time() > strtotime($a_user[$i]['expirationdate'] . " " . ($a_user[$i]['expirationtime'] ? $a_user[$i]['expirationtime'] : "23:59")))) { unset($a_user[$i]); $changed = true; } @@ -92,7 +92,7 @@   -   +     diff --exclude=dev -ur orig.m0n0/usr/local/www/services_captiveportal_users_edit.php m0n0/usr/local/www/services_captiveportal_users_edit.php --- orig.m0n0/usr/local/www/services_captiveportal_users_edit.php Sun Oct 9 09:58:04 2005 +++ m0n0/usr/local/www/services_captiveportal_users_edit.php Tue Jan 24 14:19:11 2006 @@ -48,6 +48,7 @@ $pconfig['username'] = $a_user[$id]['name']; $pconfig['fullname'] = $a_user[$id]['fullname']; $pconfig['expirationdate'] = $a_user[$id]['expirationdate']; + $pconfig['expirationtime'] = $a_user[$id]['expirationtime']; } if ($_POST) { @@ -72,13 +73,30 @@ if (($_POST['password']) && ($_POST['password'] != $_POST['password2'])) $input_errors[] = "The passwords do not match."; + //check for valid (or blank) expiration time + if ($_POST['expirationtime']){ + $exptime = $_POST['expirationtime']; + if (strtotime($exptime) > 0 && + eregi("^ *[012]?[0-9](:[0-9][0-9])? *([ap](m?))? *$", $exptime)){ + //convert from any strtotime compatible time to H:MM pm + $exptime = ereg_replace("^0","",strtolower(strftime("%I:%M %p",strtotime($exptime)))); + $_POST['expirationtime'] = $exptime; + } else { + $input_errors[] = "Invalid expiration time format; use 'HH:MM' or 'HH:MM pm'."; + $exptime = "11:59 pm"; + } + } + else { + $exptime = "11:59 pm"; + } + //check for a valid expirationdate if one is set at all (valid means, strtotime() puts out a time stamp //so any strtotime compatible time format may be used. to keep it simple for the enduser, we only claim //to accept MM/DD/YYYY as inputs. advanced users may use inputs like "+1 day", which will be converted to //MM/DD/YYYY based on "now" since otherwhise such an entry would lead to a never expiring expirationdate if ($_POST['expirationdate']){ if(strtotime($_POST['expirationdate']) > 0){ - if (strtotime("-1 day") > strtotime(date("m/d/Y",strtotime($_POST['expirationdate'])))){ + if (time() > strtotime($_POST['expirationdate'] . " " . $exptime)){ $input_errors[] = "The expiration date lies in the past."; } else { //convert from any strtotime compatible date to MM/DD/YYYY @@ -108,6 +126,7 @@ $userent['name'] = $_POST['username']; $userent['fullname'] = $_POST['fullname']; $userent['expirationdate'] = $_POST['expirationdate']; + $userent['expirationtime'] = $_POST['expirationtime']; if ($_POST['password']) $userent['password'] = md5($_POST['password']); @@ -166,6 +185,13 @@ Pick a date
Leave blank if the account shouldn't expire, otherwise enter the expiration date in the following format: mm/dd/yyyy + + + Expiration time + + +
+ Leave blank for 11:59 pm