usradded.php3 9.69 KB
Newer Older
1
2
3
<?php
include("defs.php3");

4
5
6
7
8
#
# Standard Testbed Header
#
PAGEHEADER("Join a Project");

9
10
11
12
#
# First off, sanity check the form to make sure all the required fields
# were provided. I do this on a per field basis so that we can be
# informative. Be sure to correlate these checks with any changes made to
13
# the project form. 
14
#
15
16
if (!isset($joining_uid) ||
    strcmp($joining_uid, "") == 0) {
17
  FORMERROR("UserName");
18
19
20
}
if (!isset($usr_email) ||
    strcmp($usr_email, "") == 0) {
21
  FORMERROR("Email Address");
22
23
24
}
if (!isset($usr_name) ||
    strcmp($usr_name, "") == 0) {
25
  FORMERROR("Full Name");
26
} else if (! ereg("^[a-zA-Z0-9 .\-]+$", $usr_name)) {
Leigh B. Stoller's avatar
Leigh B. Stoller committed
27
28
    USERERROR("Your Full Name can only contain alphanumeric characters, ".
	      "'-', and '.'", 1);
29
}
30

31
32
if (!isset($pid) ||
    strcmp($pid, "") == 0) {
33
  FORMERROR("Project");
34
}
35
36
if (!isset($usr_affil) ||
    strcmp($usr_affil, "") == 0) {
37
  FORMERROR("Institutional Afilliation");
38
39
40
}
if (!isset($usr_title) ||
    strcmp($usr_title, "") == 0) {
41
  FORMERROR("Title/Position");
42
43
}

44
#
45
# Check joining_uid for sillyness.
46
#
47
48
49
50
if (! ereg("^[a-z][a-z0-9]+$", $joining_uid)) {
    USERERROR("Your username ($joining_uid) must be composed of ".
	      "lowercase alphanumeric characters only, and must begin ".
	      "with a lowercase alpha character!", 1);
51
52
}

53
#
54
# Database limits
55
#
56
57
if (strlen($joining_uid) > $TBDB_UIDLEN) {
    USERERROR("The name \"$joining_uid\" is too long! ".
58
              "Please select one that is shorter than $TBDB_UIDLEN.", 1);
59
60
}

61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
#
# Check that email address looks reasonable. We need the domain for
# below anyway.
#
$email_domain = strstr($usr_email, "@");
if (! $email_domain ||
    strcmp($usr_email, $email_domain) == 0 ||
    strlen($email_domain) <= 1 ||
    ! strstr($email_domain, ".")) {
    USERERROR("The email address `$usr_email' looks invalid!. Please ".
	      "go back and fix it up", 1);
}
$email_domain = substr($email_domain, 1);
$email_user   = substr($usr_email, 0, strpos($usr_email, "@", 0));

76
77
78
79
80
81
82
83
#
# Check URLs. 
#
if (strcmp($usr_url, $HTTPTAG) == 0) {
    $usr_url = "";
}
VERIFYURL($usr_url);

84
85
86
87
88
89
90
91
#
# Certain of these values must be escaped or otherwise sanitized.
#
$usr_name  = addslashes($usr_name);
$usr_affil = addslashes($usr_affil);
$usr_title = addslashes($usr_title);
$usr_addr  = addslashes($usr_addr);

92
#
93
# See if this is a new user or one returning.
94
#
95
$query_result = mysql_db_query($TBDBNAME,
96
	"SELECT usr_pswd FROM users WHERE uid=\"$joining_uid\"");
97
98
if (! $query_result) {
    $err = mysql_error();
99
    TBERROR("Database Error retrieving info for $joining_uid: $err\n", 1);
100
}
101
if (mysql_num_rows($query_result) > 0) {
102
103
    $returning = 1;
}
104
105
106
107
108
109
110
111
112
else {
    $returning = 0;
}

#
# If a user returning, then the login must be valid to continue any further.
# For a new user, the password must pass our tests.
#
if ($returning) {
113
114
    if (CHECKLOGIN($joining_uid) != 1) {
        USERERROR("The Username '$joining_uid' is in use. ".
115
116
117
118
119
		  "If you already have an Emulab account, please go back ".
		  "and login before trying to join a new project.<br><br>".
		  "If you are a <em>new</em> Emulab user trying to join ".
                  "your first project, please go back and select a different ".
		  "Username.", 1);
120
121
    }
}
122
else {
123
124
125
126
127
128
129
130
131
    #
    # Check new username against CS logins so that external people do
    # not pick names that overlap with CS names.
    #
    if (! strstr($email_domain, "cs.utah.edu")) {
	$dbm = dbmopen($TBCSLOGINS, "r");
	if (! $dbm) {
	    TBERROR("Could not dbmopen $TBCSLOGINS from usradded.php3\n", 1);
	}
132
	if (dbmexists($dbm, $joining_uid)) {
133
	    dbmclose($dbm);
134
	    USERERROR("The username '$joining_uid' is already in use. ".
135
136
137
138
139
		      "Please go back and choose another.", 1);
	}
	dbmclose($dbm);
    }
    
140
    if (strcmp($password1, $password2)) {
141
142
143
        USERERROR("You typed different passwords in each of the two password ".
                  "entry fields. <br> Please go back and correct them.",
                  1);
144
145
    }
    $mypipe = popen(escapeshellcmd(
146
    "$TBCHKPASS_PATH $password1 $joining_uid '$usr_name:$usr_email'"),
147
148
149
150
    "w+");
    if ($mypipe) { 
        $retval=fgets($mypipe, 1024);
        if (strcmp($retval,"ok\n") != 0) {
151
152
            USERERROR("The password you have chosen will not work: ".
                      "<br><br>$retval<br>", 1);
153
154
155
        } 
    }
    else {
156
        TBERROR("TESTBED: checkpass failure\n".
157
                "\n$usr_name ($joining_uid) just tried to set up a testbed ".
158
159
                "account,\n".
                "but checkpass pipe did not open (returned '$mypipe').", 1);
160
161
162
    }
}

163
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
164
165
166
167
168
# If no group name provided, then use the "default group." 
#
if (!isset($gid) ||
    strcmp($gid, "") == 0) {
    $gid = $pid;
169
}
Leigh B. Stoller's avatar
Leigh B. Stoller committed
170
171
172
173
174
175
176
177
178

#
# Lets verify the project/group and quit early if its bogus.
# We could let things continue, resulting in a valid account but no
# membership, but I don't like that.
#
if (! TBValidGroup($pid, $gid)) {
    USERERROR("No such project or group $pid/$gid. ".
              "Please go back and try again.", 1);
179
}
Leigh B. Stoller's avatar
Leigh B. Stoller committed
180

181
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
182
# Don't try to join twice!
183
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
184
185
if (TBGroupMember($joining_uid, $pid, $gid, $approved)) {
    USERERROR("You have already applied for membership in $pid/$gid!", 1);
186
}
187

188
189
190
191
192
193
194
195
196
197
198
#
# For a new user:
# * Create a new account in the database.
# * Add user email to the list of email address.
# * Generate a mail message to the user with the verification key.
#
if (! $returning) {
    $encoding = crypt("$password1");

    $newuser_command = "INSERT INTO users ".
	"(uid,usr_created,usr_expires,usr_name,usr_email,usr_addr,".
Leigh B. Stoller's avatar
Leigh B. Stoller committed
199
	"usr_URL,usr_phone,usr_title,usr_affil,usr_pswd,unix_uid,status) ".
200
201
202
203
	"VALUES ('$joining_uid', now(), '$usr_expires', '$usr_name', ".
        "'$usr_email', ".
	"'$usr_addr', '$usr_url', '$usr_phone', '$usr_title', '$usr_affil',".
        "'$encoding', NULL, 'newuser')";
204
205
206
    $newuser_result  = mysql_db_query($TBDBNAME, $newuser_command);
    if (! $newuser_result) {
        $err = mysql_error();
207
208
        TBERROR("Database Error adding adding new user $joining_uid: ".
                "$err\n", 1);
209
210
    }

211
    $key = GENKEY($joining_uid);
212

213
    mail("$usr_name '$joining_uid' <$usr_email>", "TESTBED: Your New User Key",
214
	 "\n".
215
         "Dear $usr_name ($joining_uid):\n\n".
Leigh B. Stoller's avatar
Leigh B. Stoller committed
216
         "\tHere is your key to verify your account on the ".
217
         "Utah Network Testbed:\n\n".
218
219
220
221
         "\t\t$key\n\n".
         "Please return to $TBWWW and log in using\n".
	 "the user name and password you gave us when you applied. You will\n".
	 "then find an option on the menu called 'New User Verification'.\n".
222
	 "Select that option, and on that page enter your key.\n".
223
224
225
226
227
	 "You will then be verified as a user. When you have been both\n".
         "verified and approved by the head of the project, you will\n".
	 "be marked as an active user, and will be granted full access to\n".
  	 "your user account.\n\n".
         "Thanks,\n".
228
         "Testbed Ops\n".
229
         "Utah Network Testbed\n",
230
231
         "From: $TBMAIL_APPROVAL\n".
         "Bcc: $TBMAIL_APPROVAL\n".
232
233
234
235
236
         "Errors-To: $TBMAIL_WWW");

    #
    # Generate some warm fuzzies.
    #
237
238
239
    echo "<center><h1>Adding new Testbed User!</h1></center>";

    echo "<p>As a new user of the Testbed, for
240
241
242
          security purposes, you will receive by e-mail a key. When you
          receive it, come back to the site, and log in. When you do, you
          will see a new menu option called 'New User Verification'. On
243
          that page, enter in your key
244
          exactly as you received it in your e-mail. You will then be
245
246
          marked as a verified user.
          <p>Once you have been both verified
247
          and approved, you will be classified as an active user, and will 
248
          be granted full access to your user account.";
249
250
251
}

#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
252
# Add to the group, but with trust=none. The project/group leader will have
253
254
# to upgrade the trust level, making the new user real.
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
255
256
257
258
$query_result =
    DBQueryFatal("insert into group_membership ".
		 "(uid,gid,pid,trust,date_applied) ".
		 "values ('$joining_uid','$gid','$pid','none', now())");
259
260

#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
261
262
263
# This could be a new user or an old user trying to join a specific group
# in a project. If the user is new to the project too, then must insert
# a group_membership in the default group for the project. 
264
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
265
266
267
268
if (! TBGroupMember($joining_uid, $pid, $pid, $approved)) {
    DBQueryFatal("insert into group_membership ".
		 "(uid,gid,pid,trust,date_applied) ".
		 "values ('$joining_uid','$pid','$pid','none', now())");
269
270
}

Leigh B. Stoller's avatar
Leigh B. Stoller committed
271
272
273
274
275
276
277
#
# Generate an email message to the group leader.
#
$query_result =
    DBQueryFatal("select usr_name,usr_email,leader from users as u ".
		 "left join groups as g on u.uid=g.leader ".
		 "where g.pid='$pid' and g.gid='$gid'");
278
if (($row = mysql_fetch_row($query_result)) == 0) {
Leigh B. Stoller's avatar
Leigh B. Stoller committed
279
    TBERROR("DB Error getting email address for group leader $leader!", 1);
280
}
281
282
$leader_name = $row[0];
$leader_email = $row[1];
Leigh B. Stoller's avatar
Leigh B. Stoller committed
283
$leader_uid = $row[2];
284

285
mail("$leader_name '$leader_uid' <$leader_email>",
286
     "TESTBED: $joining_uid $pid Project Join Request",
Leigh B. Stoller's avatar
Leigh B. Stoller committed
287
288
     "\n$usr_name ($joining_uid) is trying to join your group $gid\n".
     "in project $pid\n".
289
     "$usr_name has the\n".
290
291
     "Testbed username $joining_uid and email address $usr_email.\n".
     "$usr_name's phone number is $usr_phone and address $usr_addr.\n\n".
292
293
294
295
     "Please return to $TBWWW\n".
     "log in, and select the 'New User Approval' page to enter your\n".
     "decision regarding $usr_name's membership in your project\n\n".
     "Thanks,\n".
296
     "Testbed Ops\n".
297
     "Utah Network Testbed\n",
298
299
     "From: $TBMAIL_APPROVAL\n".
     "Bcc: $TBMAIL_APPROVAL\n".
300
301
302
303
304
     "Errors-To: $TBMAIL_WWW");

#
# Generate some warm fuzzies.
#
305
echo "<br>
306
      <p>The leader of project '$pid' has been notified of your application.
307
      He/She will make a decision and either approve or deny your application,
308
      and you will be notified as soon as a decision has been made.";
309
310
311
312
313

#
# Standard Testbed Footer
# 
PAGEFOOTER();
314
?>