[SOLVED] PHP API to disconnect a user

RouterOS Scripting
21



I tried like this too

$var="someuser";
$BRIDGEINFO = $API->comm('/ip/hotspot/user/active/print', array(
            ".proplist" => ".id",
            "?name" => "$var"
            ));
 $API->comm('/ip/hotspot/user/active/remove', array(
            ".id"=>$BRIDGEINFO[0]['.id'],
             ));

$API->disconnect();

and it gives me this resut

Connection attempt #1 to 192.168.x.x:xxxx... <<< [6] /login >>> [5/5] bytes read. >>> [5, 39]!done >>> [37/37] bytes read. >>> [37, 1]=ret=eaaf47c3a811cc80f0304e21067abbc9 <<< [6] /login <<< [11] =name=admin <<< [44] =response=00c8e509faa8f3f9d11b621eddaaa0cc9e >>> [5/5] bytes read. >>> [5, 1]!done Connected... <<< [29] /ip/hotspot/user/active/print <<< [14] =.proplist=.id <<< [14] ?name=myuser >>> [5/5] bytes read. >>> [5, 40]!trap >>> [31/31] bytes read. >>> [31, 8]=message=no such command prefix >>> [5/5] bytes read. >>> [5, 1]!done <<< [30] /ip/hotspot/user/active/remove <<< [5] =.id= >>> [5/5] bytes read. >>> [5, 40]!trap >>> [31/31] bytes read. >>> [31, 8]=message=no such command prefix >>> [5/5] bytes read. >>> [5, 1]!done Disconnected... .id

but still remains active, some Idea why doesn’t work thanks anyway

22

From the portion

[29] /ip/hotspot/user/active/print <<< [14] =.proplist=.id <<< [14] ?name=myuser >>> [5/5] bytes read. >>> [5, 40]!trap >>> [31/31] bytes read. >>> [31, 8]=message=no such command prefix

we can see the print failed, hence the removal.

What RouterOS version are you using? Try this with 5.22.

23

as far as I can see in CLI, there’s no “/ip hotspot user active print” command. but there’s “/ip hotspot active print” one :wink:

24

Why did you tell me that the print failed?, in the result I can see the correct name from my user and user id

but I can’t remove it :confused:

the version is v5.6 on RB493AH

25

it’s not the result, it’s request :slight_smile: result is “no such command prefix” trap :slight_smile:

26

ok help me with this, when I put on mk’s terminal the instruction,

/ip hotspot active print

it’s gave me the list of my active users like this

Flags: R - radius, B - blocked                                                    
 #    USER            ADDRESS         UPTIME       SESSION-TIME-LEFT IDLE-TIMEOUT
 0    migue        192.168.x.x       5h51m12s            4w1d18h8m48s     
 1    kai              192.168.x.x     7h51m6s               6d16h8m54s       
 2    se12a       192.168.x.x       6h26m36s              4w1d17h33m24s

but on this list every user has a number then I wrote this on the terminal

/ip hotspot active remove numbers=0

this in order to delete the user 0=migue

and with this I can delete the user that I want only with number of flag, I tried to delete with these instructions from php but I couldn’t :open_mouth: because with php I can’t obtain the list from my active users

27

The PHP codes you’ve shown above use “/hotspot/user/active/print” or “/hotspot/user/print”. Neither is correct.

Change that to “/hotspot/active/print”. And the “…/remove” too.

28

I said that exactly a month ago xD

29

I did it but It didn’t work :open_mouth: then I try to find other way from the terminal and after that prove the same syntax with php :frowning: :astonished:

30

Can you please show us ALL of your involved PHP code then? The one after these changes (the ones above are all without them).

31

the best is the output after your changes :slight_smile:

32

this is my result

Connection attempt #1 to 192.168.x.x:xx... <<< [6] /login >>> [5/5] bytes read. >>> [5, 39]!done >>> [37/37] bytes read. >>> [37, 1]=ret=cfe976394cc6a955a584319c924dcf79 <<< [6] /login <<< [11] =name=admin <<< [44] =response=002ffcaa2c3e7a971062be5b7f4edbbda6 >>> [5/5] bytes read. >>> [5, 1]!done Connected... <<< [24] /ip/hotspot/active/print <<< [14] =.proplist=.id <<< [10] ?name=demo >>> [5/5] bytes read. >>> [5, 1]!done <<< [25] /ip/hotspot/active/remove <<< [5] =.id= >>> [5/5] bytes read. >>> [5, 1]!done Disconnected...

which are my mistakes here :open_mouth:



whit this I can delete the user if I know de user id
first print my users

 $API->comm('/ip/hotspot/active/print);

then I know the correct id for each one an after that with this

	$API->write("/ip/hotspot/active/remove", false);
$API->write("=.id=*C0A80FF9");
$API->read();

and It works :astonished: 'cause delete my active user

but my idea is only give the name user with this catch the user id and after that delete

33

Looking at the log, you can see there’s no entries matching your query.

<<< [24] /ip/hotspot/active/print
<<< [14] =.proplist=.id
<<< [10] ?name=demo
>>> [5/5] bytes read.
>>> [5, 1]!done

If you execute the print command from terminal, you can see there’s no “name” property on active users, but only “user” instead, which also explains why your query doesn’t match.

So, replace

$BRIDGEINFO = $API->comm('/ip/hotspot/active/print', array(
            ".proplist" => ".id",
            "?name" => "$var"
            ));

with

$BRIDGEINFO = $API->comm('/ip/hotspot/active/print', array(
            ".proplist" => ".id",
            "?user" => $var
            ));
34

thanks it works :slight_smile:

35

can you help me?
I need this, I have my wifi and my users can access with hotspot
but now I need to send the username and password to other page in my external server, how can I do it with javascript?

My idea is send them from my redirect page, just when my user has been logged correctly

my hotspot use md5.js

36

You can’t do that with JavaScript due to the same origin policy.

The best way is to make the external server available from a subdomain of the router’s domain name (e.g. portal.example.com being the external server for the login page, available from example.com). When you have that, you’ll be able to read the cookie the router set, and then use the API to figure out the user this cookie is supposed to belong to (by using “/ip hotspot cookie print” with an according query).

A slightly less secure way, available when the server is within your network, is to redirect to it with its local IP. The server can then figure out if the user has logged in, and who they are, by connecting to the router with the API and looking up their IP address.

37

ok :open_mouth:
exist a hotspot with php?

I just need the information from my form1 it will be sending to my other page that I have in my server online
how can I do in order to integrate php to my hotspot in html? 'cause I can’t integrate a mysql server in mikrotik my server has to be online or not?

:confused:

38

exist a hotspot with php?

No.

It sounds to me like you’re misunderstanding how DNS works… a subdomain doesn’t need to point to the same IP as the main domain.

Your hotspot login page can be located on the router, and let’s say that it’s the private IP 192.168.0.1. At the router, and the hotspot server profile in particular, you can adjust the hotspot to respond to the DNS name “example.com”. You may have to also add the name and IP in “/ip dns”, but still, the point is you can make it so that when users type (or are redirected to) “http://example.com”, they get the login page from 192.168.0.1.

At the same time, you can have your web server, and let’s say that it’s at the public IP 10.10.10.1. In the “/ip dns” menu, you can add “portal.example.com” (or whatever name you like that ends with “.example.com”) and make it point to that IP. That way, you’re making it so that when users type (or are redirected to) “http://portal.example.com”, they’ll get content from 10.10.10.1.


And THAT is where it gets interesting… cookies do NOT care about the IP of the other end - they care of the domain name the other end is accessed with. So a cookie set by “example.com” is available to not only the server responding to “example.com” (i.e. the router), but they’re also available to any server that responds to a domain name ending in “.example.com” (in this case, the server, responding to “portal.example.com”.

my server has to be online or not?

Your server would have to always be online, yes. Just as your router. Without it, users can still login and access the internet, but they won’t be able to access whatever you’re trying to provide with PHP (and I’m only guessing you’re making a way for them to edit their credentials and more, right?).

39

I think you don’t understand me what I want to do or maybe I don’t know to explain :confused: my problem is this
http://forum.mikrotik.com/t/i-need-to-save-the-log-from-hotspot/66729/1

I just need only catch the username and password from the user that is logged in and send them to my page in php that I have in my online server

just that, why?, :astonished: because I try to save the hour and date that someone is logged in and save that information in my data base are you gett it? :frowning:

40

why?, > :astonished: > because I try to save the hour and date that someone is logged in and save that information in my data base are you gett it? > :frowning:

You should’ve started with that.

There’s a lot easier way to do it. At the user profile, add the following script to be executed “on-login”:
/tool fetch url=“http://example.com/tracker.php?user=$user”(the variable $user is available to on-login scripts to tell you which user has just logged in)

Assuming your server is at example.com and a file dedicated to keeping track of logins is at tracker.php, in it, you can access the username there with $_GET[‘user’]. To prevent arbitrary people from triggering this script, you may want to check $_SERVER[‘REMOTE_ADDR’] to ensure the IP is (one of?) your routers’.


This approach doesn’t force users to go to your tracking web page, while at the same time allowing you to save them in the DB. I previously assumed you’re making some kind of an editing utility, because that’s pretty much the only reason (I can think of) why anyone would want to redirect users to (and show them!) a page on a server they control, while having their hotspot credentials carried.