usradded.php3 9.9 KB
Newer Older
1
2
3
<?php
include("defs.php3");

4
5
6
7
8
#
# Standard Testbed Header
#
PAGEHEADER("Join a Project");

9
10
11
12
#
# First off, sanity check the form to make sure all the required fields
# were provided. I do this on a per field basis so that we can be
# informative. Be sure to correlate these checks with any changes made to
13
# the project form. 
14
#
15
16
if (!isset($joining_uid) ||
    strcmp($joining_uid, "") == 0) {
17
  FORMERROR("UserName");
18
19
20
}
if (!isset($usr_email) ||
    strcmp($usr_email, "") == 0) {
21
  FORMERROR("Email Address");
22
23
24
}
if (!isset($usr_name) ||
    strcmp($usr_name, "") == 0) {
25
  FORMERROR("Full Name");
26
} else if (! ereg("^[a-zA-Z0-9 .\-]+$", $usr_name)) {
Leigh B. Stoller's avatar
Leigh B. Stoller committed
27
28
    USERERROR("Your Full Name can only contain alphanumeric characters, ".
	      "'-', and '.'", 1);
29
}
30

31
32
if (!isset($pid) ||
    strcmp($pid, "") == 0) {
33
  FORMERROR("Project");
34
}
35
36
if (!isset($usr_affil) ||
    strcmp($usr_affil, "") == 0) {
37
  FORMERROR("Institutional Afilliation");
38
39
40
}
if (!isset($usr_title) ||
    strcmp($usr_title, "") == 0) {
41
  FORMERROR("Title/Position");
42
}
43
44
45
46
47
48
49
50
if (!isset($usr_addr) ||
    strcmp($usr_addr, "") == 0) {
  FORMERROR("Mailing Address");
}
if (!isset($usr_phone) ||
    strcmp($usr_phone, "") == 0) {
  FORMERROR("Phone #");
}
51

52
#
53
# Check joining_uid for sillyness.
54
#
55
56
57
58
if (! ereg("^[a-z][a-z0-9]+$", $joining_uid)) {
    USERERROR("Your username ($joining_uid) must be composed of ".
	      "lowercase alphanumeric characters only, and must begin ".
	      "with a lowercase alpha character!", 1);
59
60
}

61
#
62
# Database limits
63
#
64
65
if (strlen($joining_uid) > $TBDB_UIDLEN) {
    USERERROR("The name \"$joining_uid\" is too long! ".
66
              "Please select one that is shorter than $TBDB_UIDLEN.", 1);
67
68
}

69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
#
# Check that email address looks reasonable. We need the domain for
# below anyway.
#
$email_domain = strstr($usr_email, "@");
if (! $email_domain ||
    strcmp($usr_email, $email_domain) == 0 ||
    strlen($email_domain) <= 1 ||
    ! strstr($email_domain, ".")) {
    USERERROR("The email address `$usr_email' looks invalid!. Please ".
	      "go back and fix it up", 1);
}
$email_domain = substr($email_domain, 1);
$email_user   = substr($usr_email, 0, strpos($usr_email, "@", 0));

84
85
86
87
88
89
90
91
#
# Check URLs. 
#
if (strcmp($usr_url, $HTTPTAG) == 0) {
    $usr_url = "";
}
VERIFYURL($usr_url);

92
93
94
95
96
97
98
#
# Certain of these values must be escaped or otherwise sanitized.
#
$usr_name  = addslashes($usr_name);
$usr_affil = addslashes($usr_affil);
$usr_title = addslashes($usr_title);
$usr_addr  = addslashes($usr_addr);
99
$usr_phone = addslashes($usr_phone);
100

101
#
102
# See if this is a new user or one returning.
103
#
104
$query_result = mysql_db_query($TBDBNAME,
105
	"SELECT usr_pswd FROM users WHERE uid=\"$joining_uid\"");
106
107
if (! $query_result) {
    $err = mysql_error();
108
    TBERROR("Database Error retrieving info for $joining_uid: $err\n", 1);
109
}
110
if (mysql_num_rows($query_result) > 0) {
111
112
    $returning = 1;
}
113
114
115
116
117
118
119
120
121
else {
    $returning = 0;
}

#
# If a user returning, then the login must be valid to continue any further.
# For a new user, the password must pass our tests.
#
if ($returning) {
122
123
    if (CHECKLOGIN($joining_uid) != 1) {
        USERERROR("The Username '$joining_uid' is in use. ".
124
125
126
127
128
		  "If you already have an Emulab account, please go back ".
		  "and login before trying to join a new project.<br><br>".
		  "If you are a <em>new</em> Emulab user trying to join ".
                  "your first project, please go back and select a different ".
		  "Username.", 1);
129
130
    }
}
131
else {
132
133
134
135
136
137
138
139
140
    #
    # Check new username against CS logins so that external people do
    # not pick names that overlap with CS names.
    #
    if (! strstr($email_domain, "cs.utah.edu")) {
	$dbm = dbmopen($TBCSLOGINS, "r");
	if (! $dbm) {
	    TBERROR("Could not dbmopen $TBCSLOGINS from usradded.php3\n", 1);
	}
141
	if (dbmexists($dbm, $joining_uid)) {
142
	    dbmclose($dbm);
143
	    USERERROR("The username '$joining_uid' is already in use. ".
144
145
146
147
148
		      "Please go back and choose another.", 1);
	}
	dbmclose($dbm);
    }
    
149
    if (strcmp($password1, $password2)) {
150
151
152
        USERERROR("You typed different passwords in each of the two password ".
                  "entry fields. <br> Please go back and correct them.",
                  1);
153
154
    }
    $mypipe = popen(escapeshellcmd(
155
    "$TBCHKPASS_PATH $password1 $joining_uid '$usr_name:$usr_email'"),
156
157
158
159
    "w+");
    if ($mypipe) { 
        $retval=fgets($mypipe, 1024);
        if (strcmp($retval,"ok\n") != 0) {
160
161
            USERERROR("The password you have chosen will not work: ".
                      "<br><br>$retval<br>", 1);
162
163
164
        } 
    }
    else {
165
        TBERROR("TESTBED: checkpass failure\n".
166
                "\n$usr_name ($joining_uid) just tried to set up a testbed ".
167
168
                "account,\n".
                "but checkpass pipe did not open (returned '$mypipe').", 1);
169
170
171
    }
}

172
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
173
174
175
176
177
# If no group name provided, then use the "default group." 
#
if (!isset($gid) ||
    strcmp($gid, "") == 0) {
    $gid = $pid;
178
}
Leigh B. Stoller's avatar
Leigh B. Stoller committed
179
180
181
182
183
184
185
186
187

#
# Lets verify the project/group and quit early if its bogus.
# We could let things continue, resulting in a valid account but no
# membership, but I don't like that.
#
if (! TBValidGroup($pid, $gid)) {
    USERERROR("No such project or group $pid/$gid. ".
              "Please go back and try again.", 1);
188
}
Leigh B. Stoller's avatar
Leigh B. Stoller committed
189

190
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
191
# Don't try to join twice!
192
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
193
194
if (TBGroupMember($joining_uid, $pid, $gid, $approved)) {
    USERERROR("You have already applied for membership in $pid/$gid!", 1);
195
}
196

197
198
199
200
201
202
203
204
205
206
207
#
# For a new user:
# * Create a new account in the database.
# * Add user email to the list of email address.
# * Generate a mail message to the user with the verification key.
#
if (! $returning) {
    $encoding = crypt("$password1");

    $newuser_command = "INSERT INTO users ".
	"(uid,usr_created,usr_expires,usr_name,usr_email,usr_addr,".
Leigh B. Stoller's avatar
Leigh B. Stoller committed
208
	"usr_URL,usr_phone,usr_title,usr_affil,usr_pswd,unix_uid,status) ".
209
210
211
212
	"VALUES ('$joining_uid', now(), '$usr_expires', '$usr_name', ".
        "'$usr_email', ".
	"'$usr_addr', '$usr_url', '$usr_phone', '$usr_title', '$usr_affil',".
        "'$encoding', NULL, 'newuser')";
213
214
215
    $newuser_result  = mysql_db_query($TBDBNAME, $newuser_command);
    if (! $newuser_result) {
        $err = mysql_error();
216
217
        TBERROR("Database Error adding adding new user $joining_uid: ".
                "$err\n", 1);
218
219
    }

220
    $key = GENKEY($joining_uid);
221

222
    mail("$usr_name '$joining_uid' <$usr_email>", "TESTBED: Your New User Key",
223
	 "\n".
224
         "Dear $usr_name ($joining_uid):\n\n".
Leigh B. Stoller's avatar
Leigh B. Stoller committed
225
         "\tHere is your key to verify your account on the ".
226
         "Utah Network Testbed:\n\n".
227
228
229
230
         "\t\t$key\n\n".
         "Please return to $TBWWW and log in using\n".
	 "the user name and password you gave us when you applied. You will\n".
	 "then find an option on the menu called 'New User Verification'.\n".
231
	 "Select that option, and on that page enter your key.\n".
232
233
234
235
236
	 "You will then be verified as a user. When you have been both\n".
         "verified and approved by the head of the project, you will\n".
	 "be marked as an active user, and will be granted full access to\n".
  	 "your user account.\n\n".
         "Thanks,\n".
237
         "Testbed Ops\n".
238
         "Utah Network Testbed\n",
239
         "From: $TBMAIL_APPROVAL\n".
240
         "Bcc: $TBMAIL_AUDIT\n".
241
242
243
244
245
         "Errors-To: $TBMAIL_WWW");

    #
    # Generate some warm fuzzies.
    #
246
247
248
    echo "<center><h1>Adding new Testbed User!</h1></center>";

    echo "<p>As a new user of the Testbed, for
249
250
251
          security purposes, you will receive by e-mail a key. When you
          receive it, come back to the site, and log in. When you do, you
          will see a new menu option called 'New User Verification'. On
252
          that page, enter in your key
253
          exactly as you received it in your e-mail. You will then be
254
255
          marked as a verified user.
          <p>Once you have been both verified
256
          and approved, you will be classified as an active user, and will 
257
          be granted full access to your user account.";
258
259
260
}

#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
261
# Add to the group, but with trust=none. The project/group leader will have
262
263
# to upgrade the trust level, making the new user real.
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
264
265
266
267
$query_result =
    DBQueryFatal("insert into group_membership ".
		 "(uid,gid,pid,trust,date_applied) ".
		 "values ('$joining_uid','$gid','$pid','none', now())");
268
269

#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
270
271
272
# This could be a new user or an old user trying to join a specific group
# in a project. If the user is new to the project too, then must insert
# a group_membership in the default group for the project. 
273
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
274
275
276
277
if (! TBGroupMember($joining_uid, $pid, $pid, $approved)) {
    DBQueryFatal("insert into group_membership ".
		 "(uid,gid,pid,trust,date_applied) ".
		 "values ('$joining_uid','$pid','$pid','none', now())");
278
279
}

Leigh B. Stoller's avatar
Leigh B. Stoller committed
280
281
282
283
284
285
286
#
# Generate an email message to the group leader.
#
$query_result =
    DBQueryFatal("select usr_name,usr_email,leader from users as u ".
		 "left join groups as g on u.uid=g.leader ".
		 "where g.pid='$pid' and g.gid='$gid'");
287
if (($row = mysql_fetch_row($query_result)) == 0) {
Leigh B. Stoller's avatar
Leigh B. Stoller committed
288
    TBERROR("DB Error getting email address for group leader $leader!", 1);
289
}
290
291
$leader_name = $row[0];
$leader_email = $row[1];
Leigh B. Stoller's avatar
Leigh B. Stoller committed
292
$leader_uid = $row[2];
293

294
mail("$leader_name '$leader_uid' <$leader_email>",
295
     "TESTBED: $joining_uid $pid Project Join Request",
Leigh B. Stoller's avatar
Leigh B. Stoller committed
296
297
     "\n$usr_name ($joining_uid) is trying to join your group $gid\n".
     "in project $pid\n".
298
     "$usr_name has the\n".
299
300
     "Testbed username $joining_uid and email address $usr_email.\n".
     "$usr_name's phone number is $usr_phone and address $usr_addr.\n\n".
301
302
303
304
     "Please return to $TBWWW\n".
     "log in, and select the 'New User Approval' page to enter your\n".
     "decision regarding $usr_name's membership in your project\n\n".
     "Thanks,\n".
305
     "Testbed Ops\n".
306
     "Utah Network Testbed\n",
307
     "From: $TBMAIL_APPROVAL\n".
308
     "Bcc: $TBMAIL_AUDIT\n".
309
310
311
312
313
     "Errors-To: $TBMAIL_WWW");

#
# Generate some warm fuzzies.
#
314
echo "<br>
315
      <p>The leader of project '$pid' has been notified of your application.
316
      He/She will make a decision and either approve or deny your application,
317
      and you will be notified as soon as a decision has been made.";
318
319
320
321
322

#
# Standard Testbed Footer
# 
PAGEFOOTER();
323
?>