tags.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="pt" lang="pt">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" href="skin/normal/css/css.css" type="text/css" />
<title>Picomática Wireless - A sua ligação ao mundo - Bem Vindo(a)</title>
<script type="text/javascript" src="javascript/publicidade.js"></script>
</head>
<body>
<!-- Inicio do Wrapper -->
<!-- Inicio do Script -->
<div id="script" style="display:none">
$(if chap-id)
<form name="sendin" action="$(link-login-only)" method="post">
<input type="hidden" name="username">
<input type="hidden" name="password">
<input type="hidden" name="dst" value="$(link-orig)">
<input type="hidden" name="popup" value="true">
</form>
<script language="JavaScript" src="javascript/md5.js">
</script>
<script language="JavaScript">
<!--
function doLogin() {
document.sendin.username.value = document.login.username.value;
document.sendin.password.value = hexMD5('$(chap-id)' + document.login.password.value + '$(chap-challenge)');
document.sendin.submit();
return false;
}
//-->
</script>
$(endif)
</div>
<!-- Fim do Script -->
<!-- Inicio do Wrapper -->
<table id="wrapper" border="0" cellspacing="0" cellpadding="0">
<tr>
<td id="bordatopoleft" align="center" valign="top"></td>
<!-- Inicio do Site -->
<td id="site">
<!-- Inicio do Header -->
<table id="header" border="0" cellspacing="0" cellpadding="0">
<tr>
<td id="logo" valign="middle" class="semborda">
<a href=""><img src="skin/normal/imagens/logo.png" title="Picomatica Wireless" alt="Picomatica Wireless" class="semborda" /></a>
</td>
<td id="utilizador">
<div id="login">
<form name="login" action="$(link-login-only)" method="post" $(if chap-id) onSubmit="return doLogin()" $(endif)>
<table width="300" border="0">
<tr>
<td colspan="2"><label class="verde">Autenticação:</label></td>
</tr>
<tr>
<td width="150"><label>Nome de Utilizador:</label></td>
<td><label>Senha:</label></td>
</tr>
<tr>
<td width="150"><input name="username" value="$(username)" type="text" size="19" /></td>
<td><input name="password" value="" type="password" size="19" /></td>
</tr>
<tr>
<td width="150"><label>Endereço IP:</label></td>
<td><label>Endereço MAC:</label></td>
</tr>
<tr>
<td width="150">$(ip)</td>
<td>$(mac)</td>
</tr>
<tr>
<td colspan="2" class="direita">
<input type="hidden" name="dst" value="$(link-orig)">
<input type="hidden" name="popup" value="true">
<input class="botao" type="submit" value="Entrar"/>
</td>
</tr>
</table>
</form>
</div>
</td>
</tr>
<tr>
<td id="idioma" valign="bottom">
<table id="idiomadentro" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><a href="login.html"><img src="imagens/flags/pt.jpg" class="semborda" width="20" height="12" alt="Portugês" longdesc="Altera o idioma para Português" /></a> <a href="en/login.html" style="display:none"><img src="imagens/flags/en.jpg" class="semborda" width="20" height="12" alt="Inglês" longdesc="Altera i idioma para Inglês" /></a></td>
</tr>
</table>
</td>
<td id="navegacao" valign="bottom">
<ul class="navegacao">
<li><a href="registar.html" title="Registo de Utilizador" class="current">Registo de Utilizador</a></li>
<li><a href="login.html" title="Página Inicial" class="other">Autenticação</a></li>
</ul>
</td>
</tr>
</table>
<!-- Fim do Header -->
</td>
<td id="bordatoporight" align="center" valign="top"></td>
</tr>
<tr>
<td id="bordaleft" align="center" valign="top"></td>
<td>
<!-- Inicio do Corpo -->
<table id="corpo" border="0" cellspacing="0" cellpadding="0">
<tr>
<td>
<!-- Inicio da Esquerda -->
<table id="esquerda" border="0" cellpadding="0" cellspacing="0">
<tr>
<td>
<div class="justificadosite">
<h1>Publicidade:</h1>
<div align="center">
<script type="text/javascript">
show_banners('lateral');
</script><br />
<script type="text/javascript">
show_banners('lateral');
</script><br />
<script type="text/javascript">
show_banners('lateral');
</script><br />
<script type="text/javascript">
show_banners('lateral');
</script><br />
<script type="text/javascript">
show_banners('lateral');
</script><br />
<script type="text/javascript">
show_banners('lateral');
</script><br />
</div>
</div>
</td>
</tr>
</table>
<!-- Fim da Esquerda -->
<!-- Inicio dos Conteúdos -->
<table id="principal" border="0" cellpadding="0" cellspacing="0">
<tr>
<td>
<div class="justificadosite">
<br />
<div align="center">
<script type="text/javascript">
show_banners('fundo');
</script><br />
</div>
<div class="separador"></div>
<p align="center">
Página de registo desactivada por motivos de segurança
</p>
<div class="separador"></div>
<br />
<div align="center">
<script type="text/javascript">
show_banners('fundo');
</script><br />
</div>
</div>
</td>
</tr>
</table>
<!-- Fim dos Conteúdos -->
<!-- Inicio da Direita -->
<table id="direita" border="0" cellpadding="0" cellspacing="0">
<tr>
<td>
<div class="justificadosite">
<h1>Colaboradores:</h1>
<div align="center">
<img src="imagens/logojunta.png" alt="Junta de Freguesia das Lajes do Pico" title="Junta de Freguesia das Lajes do Pico" width="150" height="157" border="0" class="semborda" /><br /><br />
<a href="http://www.redespt.com/" target="_blank"><img src="imagens/logoofficelan.png" alt="Officelan,LDA" title="Officelan,LDA" width="150" height="61" border="0" /></a>
</div>
</div>
</td>
</tr>
</table>
<!-- Fim da Direita -->
</td>
</tr>
<!-- Fim do Corpo -->
<!-- Inicio do Fundo -->
<tr>
<td>
<table id="fundo" border="0" cellspacing="0" cellpadding="0">
<tr>
<td id="fundodentro">
<p><strong>Picomática Wireless - A sua ligação ao mundo </strong>© 2009 - Todos os direitos reservados.</p>
</td>
</tr>
</table>
</td>
</tr>
<!-- Fim do Fundo -->
</table>
<!-- Fim do Corpo -->
</td>
<td id="bordaright" align="center" valign="top"></td>
</tr>
</table>
<!-- Fim do Site -->
</body>
</html>
I recommend 7zip. It reads all archive formats and it's free and stable software with no ads. And RAR is a good format, better than ZIP. I think 7zip's own format could be even better than RAR but not sure.I don't have anything on this machine that can read RAR files.
In this case, the md5.js file should be in the /hotspot/javascript/ directory. If it is in the same directory as the login.html doc (like on the router in the /hotspot directory), it should be<script language="JavaScript" src="javascript/md5.js">
</script>
<!-- Inicio do Script -->
<div id="script" style="display:none">
<form name="sendin" action="http://hotspot.picomatica.dom/login" method="post">
<input type="hidden" name="username">
<input type="hidden" name="password">
<input type="hidden" name="dst" value="">
<input type="hidden" name="popup" value="true">
</form>
<script language="JavaScript" src="javascript/md5.js">
</script>
<script language="JavaScript">
<!--
function doLogin() {
document.sendin.username.value = document.login.username.value;
document.sendin.password.value = hexMD5('\075' + document.login.password.value + '\143\273\017\226\171\317\337\325\301\362\230\110\174\130\360\321');
document.sendin.submit();
return false;
}
//-->
</script>
</div>
<!-- Fim do Script -->
<!-- Inicio do Script -->
<div id="script" style="display:none">
</div>
<!-- Fim do Script -->
I don't know if it makes a difference, but i have my own RadiusManager license from DMASoftLAB.That means there's either a problem how you're integrating the md5.js, or the $(chap-id) variables aren't getting populated as Tim hinted towards. Look at the page in source view on the test client and see if the variable is filled out - if it's not, CHAP can't work.
A simple "no worries" workaround would be if you had an SSL certificate you can use on the Hotspot. PAP is perfectly safe over SSL/TLS, and pages for PAP are much easier to write and debug than CHAP ones.
/system logging
add topics=hotspot action=memory
add topics=radius action=memory
There is a "function doLogin" script, the page's HTML is a few posts above.If there was no "function doLogin" script
This is what you posted from registrar.html. Where is the function doLogin? It isn't there because $(chap-id) is blank or not defined. That is what these two lines of code do. If $(chap-id) is blank or not defined, nothing is displayed between these two lines:and the code view of the registar.html shows this:
Code:
<!-- Inicio do Script -->
<div id="script" style="display:none">
</div>
<!-- Fim do Script -->
$(if chap-id)
(javascript routine here)
$(endif)
Sorry, i thought that you meant that there was no function doLogin inside the registar.html original code, not on the resulting html from the users point of view.This is what you posted from registrar.html. Where is the function doLogin?
$(if error)
(page code that is displayed after login fail)
$(else)
(page code displayed initially)
$(endif)
We can use the chat system that is on the hotspot page, it's not just a demo, it's working...Right now i have a machine set up for testing, when i try to login from the "registar.html" on the browser i get the error:
web browser did not send challenge response (try again, enable JavaScript)
And on the Mikrotik Log i get the error:
begreat (192.168.12.136):login failed: no chap for http-chap login method
Using witch file? login.html or registar.html ?OK. I downloaded your code, installed it on my router, changed ONLY the location of md5.js, and I logged in. No problem!
<script language="JavaScript" src="/md5.js">
The html file will POST the variables like this:No php on the hotspot web server. It must be an external php web server.
<html>
<head><title>...</title></head>
<body>
$(if chap-id)
<noscript>
<center><b>JavaScript required. Enable JavaScript to continue.</b></center>
</noscript>
$(endif)
<center>If you are not redirected in a few seconds, click 'continue' below<br>
<form name="redirect" action="http://xx.xx.xx.xx/logintest.php" method="post">
<input type="hidden" name="mac" value="$(mac)">
<input type="hidden" name="ip" value="$(ip)">
<input type="hidden" name="username" value="$(username)">
<input type="hidden" name="link-login" value="$(link-login)">
<input type="hidden" name="link-orig" value="$(link-orig)">
<input type="hidden" name="error" value="$(error)">
<input type="hidden" name="chap-id" value="$(chap-id)">
<input type="hidden" name="chap-challenge" value="$(chap-challenge)">
<input type="hidden" name="link-login-only" value="$(link-login-only)">
<input type="hidden" name="link-orig-esc" value="$(link-orig-esc)">
<input type="hidden" name="mac-esc" value="$(mac-esc)">
<input type="submit" value="continue">
</form>
<script language="JavaScript">
<!--
document.redirect.submit();
//-->
</script></center>
</body>
</html>
<?php
$mac=$_POST['mac'];
$ip=$_POST['ip'];
$username=$_POST['username'];
$linklogin=$_POST['link-login'];
$linkorig=$_POST['link-orig'];
$error=$_POST['error'];
?>
<html>
<body>
<h2>Logintest.php Test</h2>
Mac: <?php echo $mac ?><br>
IP: <?php echo $ip ?><br>
Username: <?php echo $username ?><br>
Link-login: <?php echo $linklogin ?><br>
Link-orig: <?php echo $linkorig ?><br>
Error: <?php echo $error ?><br>
</body>
</html>
Assuming the hotspot files will be here: http://www.picomatica.info/hotspot/ip hotspot walled-garden ip
add action=accept disabled=no dst-host=www.picomatica.info/
function clear($code) { return str_replace('\\\\', '\\', $code); }
$chapid=clear($_POST['chap-id']);
$chapchallenge=clear($_POST['chap-challenge']);
Are the extra backslashes added when the form on login.html is sent to the login.php page?document.sendin.password.value = hexMD5('\075' + document.login.password.value + '\143\273\017\226\171\317\337\325\301\362\230\110\174\130\360\321');
Exactly, it creates a duplicated backslash at the login.phpAre the extra backslashes added when the form on login.html is sent to the login.php page?.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="pt" lang="pt">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Picomática Wireless - A sua ligação ao mundo - Bem Vindo(a)</title>
</head>
<body>
$(if chap-id)
<noscript>
<center><b>É necessário o JavaScript. Active-o para continuar.</b></center>
</noscript>
$(endif)
<center>Hotspot em fase de teste, pedimos desculpa pelo incomodo.<br />Se nada acontecer nos próximos segundos clique em "continuar"<br />
<form name="redirect" action="http://www.picomatica.info/hotspot/login.php" method="post">
<input type="hidden" name="mac" value="$(mac)">
<input type="hidden" name="ip" value="$(ip)">
<input type="hidden" name="username" value="$(username)">
<input type="hidden" name="link-login" value="$(link-login)">
<input type="hidden" name="link-orig" value="$(link-orig)">
<input type="hidden" name="error" value="$(error)">
<input type="hidden" name="chap-id" value="$(chap-id)">
<input type="hidden" name="chap-challenge" value="$(chap-challenge)">
<input type="hidden" name="link-login-only" value="$(link-login-only)">
<input type="hidden" name="link-orig-esc" value="$(link-orig-esc)">
<input type="hidden" name="mac-esc" value="$(mac-esc)">
<input type="submit" value="Continuar">
</form>
<script language="JavaScript">
<!--
document.redirect.submit();
//-->
</script></center>
</body>
</html>
</form>
<br>
id: $(chap-id)<br>
challenge: $(chap-challenge)<br>
<script language="JavaScript">
<!--
setTimeout("document.redirect.submit();",5000);
//-->
</script></center>
$(if link-orig == http://www.google.com/)
<form name="redirect" action="http://xx.xx.xx.xx/google.php" method="post">
$(else)
<form name="redirect" action="http://xx.xx.xx.xx/login.php" method="post">
$(endif)
<?php
$mac=$_POST['mac'];
$ip=$_POST['ip'];
$username=$_POST['username'];
$linklogin=$_POST['link-login'];
$linkorig=$_POST['link-orig'];
$error=$_POST['error'];
$chapid=$_POST['chap-id'];
$chapchallenge=$_POST['chap-challenge'];
$linkloginonly=$_POST['link-login-only'];
$linkorigesc=$_POST['link-orig-esc'];
$macesc=$_POST['mac-esc'];
?>
<?php
session_start();
$ipcheck =$_SERVER['REMOTE_ADDR'];
$ipinicio = "192.168.11.1";
$ipfim = "192.168.12.254";
$verificarorigem =$_POST['link-login-only'];
$loginurl ='http://hotspot.picomatica.dom/login';
if ($verificarorigem == 'http://hotspot.picomatica.dom/login') {
function limpa($code) { return str_replace('\\\\', '\\', $code); };
$_SESSION['mac'] =$_POST['mac'];
$_SESSION['ip'] =$_POST['ip'];
$_SESSION['username'] =$_POST['username'];
$_SESSION['linklogin'] =$_POST['link-login'];
$_SESSION['linkorig'] =$_POST['link-orig'];
$_SESSION['error'] =$_POST['error'];
$_SESSION['chapid'] =limpa($_POST['chap-id']);
$_SESSION['chapchallenge'] =limpa($_POST['chap-challenge']);
$_SESSION['linkorigesc'] =$_POST['link-orig-esc'];
$_SESSION['macesc'] =$_POST['mac-esc'];
}
else { }
?>