diff options
Diffstat (limited to 'ng_selfservice')
-rw-r--r-- | ng_selfservice/elements/header.php | 18 | ||||
-rw-r--r-- | ng_selfservice/index.php | 8 | ||||
-rw-r--r-- | ng_selfservice/ip_login.php | 105 | ||||
-rw-r--r-- | ng_selfservice/no_access.php | 34 | ||||
-rw-r--r-- | ng_selfservice/process_login.php | 19 |
5 files changed, 176 insertions, 8 deletions
diff --git a/ng_selfservice/elements/header.php b/ng_selfservice/elements/header.php index 633996515..3ef5c6e12 100644 --- a/ng_selfservice/elements/header.php +++ b/ng_selfservice/elements/header.php @@ -1,3 +1,21 @@ +<? + +require_once('session.php'); + +$page = basename($_SERVER['SCRIPT_FILENAME']); + +$access = $freeside->check_access( array( + 'session_id' => $_COOKIE['session_id'], + 'page' => $page, +) ); + +if ($access['error']) { + header('Location:no_access.php?error='. urlencode($access['error'])); + die(); +} + +?> + <!DOCTYPE html> <HTML> <HEAD> diff --git a/ng_selfservice/index.php b/ng_selfservice/index.php index 62b6562c8..06e8fc13b 100644 --- a/ng_selfservice/index.php +++ b/ng_selfservice/index.php @@ -3,7 +3,7 @@ require('freeside.class.php'); $freeside = new FreesideSelfService(); -$login_info = $freeside->login_info(); +$login_info = $freeside->login_info( array('session_id' => $_COOKIE['session_id'],)); extract($login_info); @@ -60,7 +60,7 @@ if ( $error ) { <? if ( $phone_login ) { ?> <B>OR</B><BR><BR> - + <FORM ACTION="process_login.php" METHOD=POST> <INPUT TYPE="hidden" NAME="session" VALUE="login"> <TABLE BGCOLOR="#c0c0c0" BORDER=0 CELLSPACING=2 CELLPADDING=0> @@ -85,6 +85,10 @@ if ( $error ) { <? } ?> +<!-- +<BR><BR><A HREF="ip_login.php">Login by IP (<? echo $_SERVER['REMOTE_ADDR']; ?>) to make a payment.</A> +--> + <? include('elements/footer.php'); ?> diff --git a/ng_selfservice/ip_login.php b/ng_selfservice/ip_login.php new file mode 100644 index 000000000..153065767 --- /dev/null +++ b/ng_selfservice/ip_login.php @@ -0,0 +1,105 @@ +<? + +require('freeside.class.php'); +$freeside = new FreesideSelfService(); + +$ip = $_SERVER['REMOTE_ADDR']; + +$mac = $freeside->get_mac_address( array('ip' => $ip, ) ); + +$response = $freeside->login( array( + 'username' => $mac['mac_address'], + 'domain' => 'ip_mac', +) ); + +$error = $response['error']; + +if ( $error ) { + + $title ='Login'; include('elements/header.php'); + include('elements/error.php'); + echo "Sorry "+$error; + + // header('Location:index.php?username='. urlencode($mac). + // '&domain='. urlencode($domain). + // '&email='. urlencode($email). + // '&error='. urlencode($error) + // ); + +} +else { +// sucessful login + +$session_id = $response['session_id']; + +error_log("[login] logged into freeside with session_id=$session_id, setting cookie"); + +// now what? for now, always redirect to the main page (or the select a +// customer diversion). +// eventually, other options? + +setcookie('session_id', $session_id); + +if ( $response['custnum'] || $response['svcnum'] ) { + + header("Location:main.php"); + die(); + //1; + +} elseif ( $response['customers'] ) { + //var_dump($response['customers']); +?> + + <? $title ='Select customer'; include('elements/header.php'); ?> + <? include('elements/error.php'); ?> + + <FORM NAME="SelectCustomerForm" ACTION="process_select_cust.php" METHOD=POST> + <INPUT TYPE="hidden" NAME="action" VALUE="switch_cust"> + + <TABLE BGCOLOR="#c0c0c0" BORDER=0 CELLSPACING=2 CELLPADDING=0> + + <TR> + <TH ALIGN="right">Customer </TH> + <TD> + <SELECT NAME="custnum" ID="custnum" onChange="custnum_changed()"> + <OPTION VALUE="">Select a customer + <? foreach ( $response['customers'] AS $custnum => $customer ) { ?> + <OPTION VALUE="<? echo $custnum ?>"><? echo htmlspecialchars( $customer ) ?> + <? } ?> + </SELECT> + </TD> + </TR> + + <TR> + <TD COLSPAN=2 ALIGN="center"><INPUT TYPE="submit" ID="submit" VALUE="Select customer" DISABLED></TD> + </TR> + + </TABLE> + </FORM> + + <SCRIPT TYPE="text/javascript"> + + function custnum_changed () { + var form = document.SelectCustomerForm; + if ( form.custnum.selectedIndex > 0 ) { + form.submit.disabled = false; + } else { + form.submit.disabled = true; + } + } + + </SCRIPT> + +<? + +// } else { +// +// die 'login successful, but unrecognized info (no custnum, svcnum or customers)'; + +} // multiple customers found + +} //successfull login + +?> + + <? include('elements/footer.php'); ?> diff --git a/ng_selfservice/no_access.php b/ng_selfservice/no_access.php new file mode 100644 index 000000000..b13cca93c --- /dev/null +++ b/ng_selfservice/no_access.php @@ -0,0 +1,34 @@ +<!DOCTYPE html> +<HTML> + <HEAD> + <TITLE> + Access Denied + </TITLE> + <link href="css/default.css" rel="stylesheet" type="text/css"/> + <script type="text/javascript" src="js/jquery.js"></script> + <script type="text/javascript" src="js/menu.js"></script> + </HEAD> + <BODY> + <FONT SIZE=5>Access Denied</FONT> + <BR><BR> +<? $current_menu = 'no_access.php'; include('elements/menu.php'); ?> +<? + +$customer_info = $freeside->customer_info_short( array( + 'session_id' => $_COOKIE['session_id'], +) ); + +if ( isset($customer_info['error']) && $customer_info['error'] ) { + $error = $customer_info['error']; + header('Location:index.php?error='. urlencode($error)); + die(); +} + +extract($customer_info); + +?> + +<P>Sorry you do not have access to the page you are trying to reach.</P> + +<? include('elements/menu_footer.php'); ?> +<? include('elements/footer.php'); ?>
\ No newline at end of file diff --git a/ng_selfservice/process_login.php b/ng_selfservice/process_login.php index 4212a261a..22e2c7169 100644 --- a/ng_selfservice/process_login.php +++ b/ng_selfservice/process_login.php @@ -3,7 +3,14 @@ require('freeside.class.php'); $freeside = new FreesideSelfService(); -$response = $freeside->login( array( +$ip = $_SERVER['REMOTE_ADDR']; + +if ($_POST['domain'] == "ip_mac") { + $mac_addr = $freeside->get_mac_address( array('ip' => $ip, ) ); + $_POST['username'] = $mac_addr['mac_address']; +} + +$response = $freeside->login( array( 'email' => strtolower($_POST['email']), 'username' => strtolower($_POST['username']), 'domain' => strtolower($_POST['domain']), @@ -16,9 +23,9 @@ $error = $response['error']; if ( $error ) { - header('Location:index.php?username='. urlencode($username). - '&domain='. urlencode($domain). - '&email='. urlencode($email). + header('Location:index.php?username='. urlencode($_POST['username']). + '&domain='. urlencode($_POST['domain']). + '&email='. urlencode($_POST['email']). '&error='. urlencode($error) ); die(); @@ -36,7 +43,7 @@ error_log("[login] logged into freeside with session_id=$session_id, setting coo setcookie('session_id', $session_id); -header("Location:main.php") +header("Location:main.php"); #die(); -?> +?>
\ No newline at end of file |