usradded.php3 9.96 KB
Newer Older
1
2
3
<?php
include("defs.php3");

4
5
6
7
8
#
# Standard Testbed Header
#
PAGEHEADER("Join a Project");

9
10
11
12
#
# First off, sanity check the form to make sure all the required fields
# were provided. I do this on a per field basis so that we can be
# informative. Be sure to correlate these checks with any changes made to
13
# the project form. 
14
#
15
16
if (!isset($joining_uid) ||
    strcmp($joining_uid, "") == 0) {
17
  FORMERROR("UserName");
18
19
20
}
if (!isset($usr_email) ||
    strcmp($usr_email, "") == 0) {
21
  FORMERROR("Email Address");
22
23
24
}
if (!isset($usr_name) ||
    strcmp($usr_name, "") == 0) {
25
  FORMERROR("Full Name");
26
} else if (! ereg("^[a-zA-Z0-9 .\-]+$", $usr_name)) {
Leigh B. Stoller's avatar
Leigh B. Stoller committed
27
28
    USERERROR("Your Full Name can only contain alphanumeric characters, ".
	      "'-', and '.'", 1);
29
}
30

31
32
if (!isset($pid) ||
    strcmp($pid, "") == 0) {
33
  FORMERROR("Project");
34
}
35
36
if (!isset($usr_affil) ||
    strcmp($usr_affil, "") == 0) {
37
  FORMERROR("Institutional Afilliation");
38
39
40
}
if (!isset($usr_title) ||
    strcmp($usr_title, "") == 0) {
41
  FORMERROR("Title/Position");
42
}
43
44
45
46
47
48
49
50
if (!isset($usr_addr) ||
    strcmp($usr_addr, "") == 0) {
  FORMERROR("Mailing Address");
}
if (!isset($usr_phone) ||
    strcmp($usr_phone, "") == 0) {
  FORMERROR("Phone #");
}
51

52
#
53
# Check joining_uid for sillyness.
54
#
55
56
57
58
if (! ereg("^[a-z][a-z0-9]+$", $joining_uid)) {
    USERERROR("Your username ($joining_uid) must be composed of ".
	      "lowercase alphanumeric characters only, and must begin ".
	      "with a lowercase alpha character!", 1);
59
60
}

61
#
62
# Database limits
63
#
64
65
if (strlen($joining_uid) > $TBDB_UIDLEN) {
    USERERROR("The name \"$joining_uid\" is too long! ".
66
              "Please select one that is shorter than $TBDB_UIDLEN.", 1);
67
68
}

69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
#
# Check that email address looks reasonable. We need the domain for
# below anyway.
#
$email_domain = strstr($usr_email, "@");
if (! $email_domain ||
    strcmp($usr_email, $email_domain) == 0 ||
    strlen($email_domain) <= 1 ||
    ! strstr($email_domain, ".")) {
    USERERROR("The email address `$usr_email' looks invalid!. Please ".
	      "go back and fix it up", 1);
}
$email_domain = substr($email_domain, 1);
$email_user   = substr($usr_email, 0, strpos($usr_email, "@", 0));

84
85
86
87
88
89
90
91
#
# Check URLs. 
#
if (strcmp($usr_url, $HTTPTAG) == 0) {
    $usr_url = "";
}
VERIFYURL($usr_url);

92
93
94
95
96
97
98
#
# Certain of these values must be escaped or otherwise sanitized.
#
$usr_name  = addslashes($usr_name);
$usr_affil = addslashes($usr_affil);
$usr_title = addslashes($usr_title);
$usr_addr  = addslashes($usr_addr);
99
$usr_phone = addslashes($usr_phone);
100

101
#
102
# See if this is a new user or one returning.
103
#
104
$query_result = mysql_db_query($TBDBNAME,
105
	"SELECT usr_pswd FROM users WHERE uid=\"$joining_uid\"");
106
107
if (! $query_result) {
    $err = mysql_error();
108
    TBERROR("Database Error retrieving info for $joining_uid: $err\n", 1);
109
}
110
if (mysql_num_rows($query_result) > 0) {
111
112
    $returning = 1;
}
113
114
115
116
117
118
119
120
121
else {
    $returning = 0;
}

#
# If a user returning, then the login must be valid to continue any further.
# For a new user, the password must pass our tests.
#
if ($returning) {
122
123
    if (CHECKLOGIN($joining_uid) != 1) {
        USERERROR("The Username '$joining_uid' is in use. ".
124
125
126
127
128
		  "If you already have an Emulab account, please go back ".
		  "and login before trying to join a new project.<br><br>".
		  "If you are a <em>new</em> Emulab user trying to join ".
                  "your first project, please go back and select a different ".
		  "Username.", 1);
129
130
    }
}
131
else {
132
133
134
135
136
137
138
139
140
    #
    # Check new username against CS logins so that external people do
    # not pick names that overlap with CS names.
    #
    if (! strstr($email_domain, "cs.utah.edu")) {
	$dbm = dbmopen($TBCSLOGINS, "r");
	if (! $dbm) {
	    TBERROR("Could not dbmopen $TBCSLOGINS from usradded.php3\n", 1);
	}
141
	if (dbmexists($dbm, $joining_uid)) {
142
	    dbmclose($dbm);
143
	    USERERROR("The username '$joining_uid' is already in use. ".
144
145
146
147
148
		      "Please go back and choose another.", 1);
	}
	dbmclose($dbm);
    }
    
149
    if (strcmp($password1, $password2)) {
150
151
152
        USERERROR("You typed different passwords in each of the two password ".
                  "entry fields. <br> Please go back and correct them.",
                  1);
153
154
    }
    $mypipe = popen(escapeshellcmd(
155
    "$TBCHKPASS_PATH $password1 $joining_uid '$usr_name:$usr_email'"),
156
157
158
159
    "w+");
    if ($mypipe) { 
        $retval=fgets($mypipe, 1024);
        if (strcmp($retval,"ok\n") != 0) {
160
161
            USERERROR("The password you have chosen will not work: ".
                      "<br><br>$retval<br>", 1);
162
163
164
        } 
    }
    else {
165
        TBERROR("TESTBED: checkpass failure\n".
166
                "\n$usr_name ($joining_uid) just tried to set up a testbed ".
167
168
                "account,\n".
                "but checkpass pipe did not open (returned '$mypipe').", 1);
169
170
171
    }
}

172
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
173
174
175
176
177
# If no group name provided, then use the "default group." 
#
if (!isset($gid) ||
    strcmp($gid, "") == 0) {
    $gid = $pid;
178
}
Leigh B. Stoller's avatar
Leigh B. Stoller committed
179
180
181
182
183
184
185
186
187

#
# Lets verify the project/group and quit early if its bogus.
# We could let things continue, resulting in a valid account but no
# membership, but I don't like that.
#
if (! TBValidGroup($pid, $gid)) {
    USERERROR("No such project or group $pid/$gid. ".
              "Please go back and try again.", 1);
188
}
Leigh B. Stoller's avatar
Leigh B. Stoller committed
189

190
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
191
# Don't try to join twice!
192
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
193
194
if (TBGroupMember($joining_uid, $pid, $gid, $approved)) {
    USERERROR("You have already applied for membership in $pid/$gid!", 1);
195
}
196

197
198
199
200
201
202
203
204
205
206
207
#
# For a new user:
# * Create a new account in the database.
# * Add user email to the list of email address.
# * Generate a mail message to the user with the verification key.
#
if (! $returning) {
    $encoding = crypt("$password1");

    $newuser_command = "INSERT INTO users ".
	"(uid,usr_created,usr_expires,usr_name,usr_email,usr_addr,".
208
209
	" usr_URL,usr_phone,usr_title,usr_affil,usr_pswd,unix_uid,".
	" status,pswd_expires) ".
210
211
	"VALUES ('$joining_uid', now(), '$usr_expires', '$usr_name', ".
        "'$usr_email', ".
212
213
214
	"'$usr_addr', '$usr_url', '$usr_phone', '$usr_title', '$usr_affil', ".
        "'$encoding', NULL, 'newuser', ".
	"date_add(now(), interval 1 year))";
215
216
217
    $newuser_result  = mysql_db_query($TBDBNAME, $newuser_command);
    if (! $newuser_result) {
        $err = mysql_error();
218
219
        TBERROR("Database Error adding adding new user $joining_uid: ".
                "$err\n", 1);
220
221
    }

222
    $key = GENKEY($joining_uid);
223

224
    mail("$usr_name '$joining_uid' <$usr_email>", "TESTBED: Your New User Key",
225
	 "\n".
226
         "Dear $usr_name ($joining_uid):\n\n".
Leigh B. Stoller's avatar
Leigh B. Stoller committed
227
         "\tHere is your key to verify your account on the ".
228
         "Utah Network Testbed:\n\n".
229
230
231
232
         "\t\t$key\n\n".
         "Please return to $TBWWW and log in using\n".
	 "the user name and password you gave us when you applied. You will\n".
	 "then find an option on the menu called 'New User Verification'.\n".
233
	 "Select that option, and on that page enter your key.\n".
234
235
236
237
238
	 "You will then be verified as a user. When you have been both\n".
         "verified and approved by the head of the project, you will\n".
	 "be marked as an active user, and will be granted full access to\n".
  	 "your user account.\n\n".
         "Thanks,\n".
239
         "Testbed Ops\n".
240
         "Utah Network Testbed\n",
241
         "From: $TBMAIL_APPROVAL\n".
242
         "Bcc: $TBMAIL_AUDIT\n".
243
244
245
246
247
         "Errors-To: $TBMAIL_WWW");

    #
    # Generate some warm fuzzies.
    #
248
249
250
    echo "<center><h1>Adding new Testbed User!</h1></center>";

    echo "<p>As a new user of the Testbed, for
251
252
253
          security purposes, you will receive by e-mail a key. When you
          receive it, come back to the site, and log in. When you do, you
          will see a new menu option called 'New User Verification'. On
254
          that page, enter in your key
255
          exactly as you received it in your e-mail. You will then be
256
257
          marked as a verified user.
          <p>Once you have been both verified
258
          and approved, you will be classified as an active user, and will 
259
          be granted full access to your user account.";
260
261
262
}

#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
263
# Add to the group, but with trust=none. The project/group leader will have
264
265
# to upgrade the trust level, making the new user real.
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
266
267
268
269
$query_result =
    DBQueryFatal("insert into group_membership ".
		 "(uid,gid,pid,trust,date_applied) ".
		 "values ('$joining_uid','$gid','$pid','none', now())");
270
271

#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
272
273
274
# This could be a new user or an old user trying to join a specific group
# in a project. If the user is new to the project too, then must insert
# a group_membership in the default group for the project. 
275
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
276
277
278
279
if (! TBGroupMember($joining_uid, $pid, $pid, $approved)) {
    DBQueryFatal("insert into group_membership ".
		 "(uid,gid,pid,trust,date_applied) ".
		 "values ('$joining_uid','$pid','$pid','none', now())");
280
281
}

Leigh B. Stoller's avatar
Leigh B. Stoller committed
282
283
284
285
286
287
288
#
# Generate an email message to the group leader.
#
$query_result =
    DBQueryFatal("select usr_name,usr_email,leader from users as u ".
		 "left join groups as g on u.uid=g.leader ".
		 "where g.pid='$pid' and g.gid='$gid'");
289
if (($row = mysql_fetch_row($query_result)) == 0) {
Leigh B. Stoller's avatar
Leigh B. Stoller committed
290
    TBERROR("DB Error getting email address for group leader $leader!", 1);
291
}
292
293
$leader_name = $row[0];
$leader_email = $row[1];
Leigh B. Stoller's avatar
Leigh B. Stoller committed
294
$leader_uid = $row[2];
295

296
mail("$leader_name '$leader_uid' <$leader_email>",
297
     "TESTBED: $joining_uid $pid Project Join Request",
Leigh B. Stoller's avatar
Leigh B. Stoller committed
298
299
     "\n$usr_name ($joining_uid) is trying to join your group $gid\n".
     "in project $pid\n".
300
     "$usr_name has the\n".
301
302
     "Testbed username $joining_uid and email address $usr_email.\n".
     "$usr_name's phone number is $usr_phone and address $usr_addr.\n\n".
303
304
305
306
     "Please return to $TBWWW\n".
     "log in, and select the 'New User Approval' page to enter your\n".
     "decision regarding $usr_name's membership in your project\n\n".
     "Thanks,\n".
307
     "Testbed Ops\n".
308
     "Utah Network Testbed\n",
309
     "From: $TBMAIL_APPROVAL\n".
310
     "Bcc: $TBMAIL_AUDIT\n".
311
312
313
314
315
     "Errors-To: $TBMAIL_WWW");

#
# Generate some warm fuzzies.
#
316
echo "<br>
317
      <p>The leader of project '$pid' has been notified of your application.
318
      He/She will make a decision and either approve or deny your application,
319
      and you will be notified as soon as a decision has been made.";
320
321
322
323
324

#
# Standard Testbed Footer
# 
PAGEFOOTER();
325
?>