Community discussions

MikroTik App
  4. RouterOS
  5. Scripting

Hotspot Password Change Form

Post Reply
 
cicserver
Member
Member
Topic Author
Posts: 303
Joined: Sun Jul 24, 2011 12:04 pm

Hotspot Password Change Form

Sat Feb 08, 2014 2:09 pm

I am trying to provide a simple password change option to hotspot users. After user is logged in to hotspot system using there credentials & when they try to access the password change page, they always get following error ...

We're sorry, but we can't change your password right now. Please try again later

I am using following code from following wiki link ...
http://wiki.mikrotik.com/wiki/API_PHP_package
Code: Select all
<?php
use PEAR2\Net\RouterOS;
require_once 'PEAR2/Autoload.php';

$errors = array();

try {
    //Adjust RouterOS IP, username and password accordingly.
    $client = new RouterOS\Client('10.0.0.1', 'admin', 'password');

    $printRequest = new RouterOS\Request(
        '/ip hotspot active print',
        RouterOS\Query::where('address', $_SERVER['REMOTE_ADDR'])
    );
    $hotspotUsername = $client->sendSync($printRequest)->getArgument('user');
} catch(Exception $e) {
    $errors[] = $e->getMessage();
}

if (isset($_POST['password']) && isset($_POST['password2'])) {
    if ($_POST['password'] !== $_POST['password2']) {
        $errors[] = 'Passwords do not match.';
    } elseif (empty($errors)) {
        //Here's the fun part - actually changing the password
        $setRequest = new RouterOS\Request('/ip hotspot user set');
        $client($setRequest
            ->setArgument('numbers', $hotspotUsername)
            ->setArgument('password', $_POST['password'])
        );
    }
}

?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <title>Change your hotspot password</title>
        <style type="text/css">
            #errors {background-color:darkred;color:white;}
            #success {background-color:darkgreen:color:white;}
        </style>
    </head>
    <body>
        <div>
            <?php if (!isset($hotspotUsername)) { ?>
                <h1>We're sorry, but we can't change your password right now.
                Please try again later</h1>
            <?php } else { ?>
            <h1>You are currently logged in as "<?php
                    echo $hotspotUsername;
                ?>"</h1>

            <?php if(!empty($errors)) { ?>
            <div id="errors"><ul>
                <?php foreach ($errors as $error) { ?>
                <li><?php echo $error; ?></li>
                <?php } ?>
            </ul></div>
            <?php } elseif (isset($_POST['password'])) { ?>
            <div id="success">Your password has been changed.</div>
            <?php } ?>

            <form action="" method="post">
                <ul>
                    <li>
                        <label for="password">New password:</label>
                        <input type="password" id="password" name="password" value="" />
                    </li>
                    <li>
                        <label for="password2">Confirm new password:</label>
                        <input type="password" id="password2" name="password2" value="" />
                    </li>
                    <li>
                        <input type="submit" id="act" name="act" value="Change password" />
                    </li>
                </ul>
            </form>
            <?php } ?>
        </div>
    </body>
</html>
I have tried other codes like "Print router logs" - "Ping from router" - "MAC finder" and all of them working except this password change option.

Help please :shock:
Top
 
User avatar
boen_robot
Forum Guru
Forum Guru
Posts: 2400
Joined: Thu Aug 31, 2006 4:43 pm
Location: europe://Bulgaria/Plovdiv

Re: Hotspot Password Change Form

Sat Feb 08, 2014 2:40 pm

If you're not seeing any other error messages along with that, this can mean only one of two things - you aren't logged into the hotspot upon accessing the page, or your web server is at a different subnet from your users.

You MUST first log in to the hotspot, and only THEN access that page. The PHP code infers the user you've logged in with based on the user's IP address, which should be the same IF the user is accessing the page from the same subnet.

Try to add
Code: Select all
var_dump($_SERVER['REMOTE_ADDR']);
anywhere in the code, and see if it's the same IP you see in Winbox after you've logged in.

EDIT: Actually, on a closer look, it seems a connection error could also cause this... change
Code: Select all
<?php if (!isset($hotspotUsername)) { ?>
to
Code: Select all
<?php if (!isset($hotspotUsername)) {
file_put_contents('error.txt', print_r($errors, true)); ?>
then run the file, and check to see if 'error.txt' exists in the same folder. If it does, open it, and see what it says.

(NOTE: If you want to keep this debugging information available "for real", be sure to change the path to "error.txt" to be one outside of the web server root; otherwise you may be giving away vital info to attackers)
Top
Post Reply

Who is online

Users browsing this forum: No registered users and 4 guests
  4. RouterOS
  5. Scripting