Skip to content

GitLab

Commit 4663d66d authored by Leigh B. Stoller's avatar Leigh B. Stoller
Browse files

Commit all the new cdrom pages!

parent 11327137
Hide whitespace changes
Inline Side-by-side
www/GNUmakefile.in
View file @ 4663d66d
......@@ -26,13 +26,14 @@ include $(TESTBED_SRCDIR)/GNUmakerules
# Generate a list of all the files we want to install from the current
# directory and the source directory.
#
FILES = $(wildcard *.css *.jpg *.gif *.png *.html *.php3)
FILES = $(wildcard *.css *.jpg *.gif *.png *.html *.php3 *.php)
FILES += $(wildcard $(SRCDIR)/*.css)
FILES += $(wildcard $(SRCDIR)/*.jpg)
FILES += $(wildcard $(SRCDIR)/*.png)
FILES += $(wildcard $(SRCDIR)/*.gif)
FILES += $(wildcard $(SRCDIR)/*.html)
FILES += $(wildcard $(SRCDIR)/*.php3)
FILES += $(wildcard $(SRCDIR)/*.php)
FILES += $(SRCDIR)/.htaccess $(SRCDIR)/error.shtml
AUTOICONS = $(wildcard $(SRCDIR)/autostatus-icons/*.gif)
......@@ -45,6 +46,7 @@ DOCFILES = $(wildcard $(SRCDIR)/doc/*.html)
DOCFILES += $(wildcard $(SRCDIR)/doc/*.jpg)
DOCFILES += $(wildcard $(SRCDIR)/doc/*.gif)
DOCFILES += $(wildcard $(SRCDIR)/doc/*.php3)
DOCFILES += $(wildcard $(SRCDIR)/doc/*.php)
DOCFILES += $(wildcard $(SRCDIR)/doc/*.ps)
DOCFILES += $(wildcard $(SRCDIR)/doc/*.pdf)
......@@ -53,6 +55,7 @@ TUTFILES += $(wildcard $(SRCDIR)/tutorial/*.jpg)
TUTFILES += $(wildcard $(SRCDIR)/tutorial/*.gif)
TUTFILES += $(wildcard $(SRCDIR)/tutorial/*.png)
TUTFILES += $(wildcard $(SRCDIR)/tutorial/*.php3)
TUTFILES += $(wildcard $(SRCDIR)/tutorial/*.php)
TUTFILES += $(wildcard $(SRCDIR)/tutorial/*.ns)
TUTFILES += $(SRCDIR)/tutorial/tb_compat.tcl
......@@ -60,9 +63,11 @@ BUIFILES = $(wildcard $(SRCDIR)/buildui/*.html)
BUIFILES += $(wildcard $(SRCDIR)/buildui/*.jpg)
BUIFILES += $(wildcard $(SRCDIR)/buildui/*.gif)
BUIFILES += $(wildcard $(SRCDIR)/buildui/*.php3)
BUIFILES += $(wildcard $(SRCDIR)/buildui/*.php)
BUIFILES += $(wildcard $(SRCDIR)/buildui/*.class)
WEBDBFILES = $(wildcard $(SRCDIR)/webdb/*.php3)
WEBDBFILES = $(wildcard $(SRCDIR)/webdb/*.php)
# need to make it *.gz; with simply "*",
# we end up sucking over "CVS"
......@@ -74,6 +79,7 @@ DOWNLOADFILES += $(wildcard $(SRCDIR)/downloads/*.zip)
#
ifeq ($(OURDOMAIN),$(MAINSITE))
CVSWEBFILES = $(wildcard $(SRCDIR)/cvsweb/*.php3)
CVSWEBFILES = $(wildcard $(SRCDIR)/cvsweb/*.php)
CVSWEBFILES += $(wildcard $(SRCDIR)/cvsweb/*.conf)
CVSWEBFILES += $(wildcard $(SRCDIR)/cvsweb/*.gif)
CVSWEBCGI = $(wildcard $(SRCDIR)/cvsweb/*.cgi)
......
www/cdromcheckin.php3 0 → 100644
View file @ 4663d66d
<?php
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2002 University of Utah and the Flux Group.
# All rights reserved.
#
require("defs.php3");
# These error codes must match whats in register.pl on the cd.
define("CDROMSTATUS_OKAY" , 0);
define("CDROMSTATUS_MISSINGARGS", 100);
define("CDROMSTATUS_INVALIDARGS", 101);
define("CDROMSTATUS_BADCDKEY", 102);
define("CDROMSTATUS_BADPRIVKEY", 103);
define("CDROMSTATUS_BADIPADDR", 104);
define("CDROMSTATUS_BADREMOTEIP", 105);
define("CDROMSTATUS_IPADDRINUSE", 106);
define("CDROMSTATUS_OTHER", 199);
#
# Spit back a text message we can display to the user on the console
# of the node running the checkin. We could return an http error, but
# that would be of no help to the user on the other side.
#
function SPITSTATUS($status)
{
header("Content-Type: text/plain");
echo "emulab_status=$status\n";
}
#
# This page is not intended to be invoked by humans!
#
if ((!isset($cdkey) || !strcmp($cdkey, "")) ||
(!isset($privkey) || !strcmp($privkey, "")) ||
(!isset($IP) || !strcmp($IP, ""))) {
SPITSTATUS(CDROMSTATUS_MISSINGARGS);
return;
}
if (!ereg("[0-9a-zA-Z]+", $cdkey) ||
!ereg("[0-9a-zA-Z]+", $privkey) ||
!ereg("[0-9\.]+", $IP)) {
SPITSTATUS(CDROMSTATUS_INVALIDARGS);
return;
}
#
# Make sure this is a valid CDkey.
#
$query_result =
DBQueryFatal("select * from cdroms where cdkey='$cdkey'");
if (! mysql_num_rows($query_result)) {
SPITSTATUS(CDROMSTATUS_BADCDKEY);
return;
}
$row = mysql_fetch_array($query_result);
#
# Grab the privkey record.
#
$query_result =
DBQueryFatal("select * from widearea_privkeys where privkey='$privkey'");
if (!mysql_num_rows($query_result)) {
SPITSTATUS(CDROMSTATUS_BADPRIVKEY);
return;
}
$warow = mysql_fetch_array($query_result);
$privIP = $warow[IP];
#
# If the node is reporting that its finished updating, then make its
# current privkey its nextprivkey.
#
if (isset($updated) && $updated == 1) {
if (! strcmp($privIP, "1.1.1.1")) {
#
# If the node is brand new, then need to create several records.
# Pass it off to a perl script.
#
DBQueryFatal("update widearea_privkeys ".
"set IP='$IP' ".
"where privkey='$privkey'");
SUEXEC("nobody", $TBADMINGROUP, "webnewwanode -w -t pcwa -i $IP", 0);
}
DBQueryFatal("update widearea_privkeys ".
"set privkey=nextprivkey,updated=now(),nextprivkey=NULL ".
"where privkey='$privkey'");
SPITSTATUS(CDROMSTATUS_OKAY);
return;
}
#
# If the record has a valid IP address and matches the node connecting
# then all we do is return a new private key.
#
if (strcmp($privIP, "1.1.1.1")) {
if (strcmp($privIP, $IP)) {
SPITSTATUS(CDROMSTATUS_BADIPADDR);
return;
}
if (strcmp($REMOTE_ADDR, $IP)) {
SPITSTATUS(CDROMSTATUS_BADREMOTEIP);
return;
}
#
# For now we just give them a new privkey. There is no image upgrade
# path in place yet.
#
$newkey = GENHASH();
DBQueryFatal("update widearea_privkeys ".
"set nextprivkey='$newkey',updated=now() ".
"where IP='$IP' and privkey='$privkey'");
header("Content-Type: text/plain");
echo "privkey=$newkey\n";
return;
}
#
# We need to check for duplicate IPs.
#
$query_result =
DBQueryFatal("select * from widearea_privkeys where IP='$IP'");
if (mysql_num_rows($query_result)) {
SPITSTATUS(CDROMSTATUS_IPADDRINUSE);
return;
}
#
# Generate a new privkey and return the info. The DB is updated with the
# next key, but it does not become effective until it responds that it
# finished okay. This leaves a window open, but the eventual plan it to
# get rid of these priv keys anyway and go to per-node cert files we update
# on the fly.
#
$newkey = GENHASH();
DBQueryFatal("update widearea_privkeys ".
"set nextprivkey='$newkey',updated=now()".
"where privkey='$privkey'");
if (0) {
header("Content-Type: text/plain");
echo "privkey=$newkey\n";
echo "fdisk=http://${WWWHOST}/images/image.fdisk\n";
echo "slice1_image=http://${WWWHOST}/images/slice1.ndz\n";
echo "slice1_md5=cb810b43f49d15b3ac4122ff42f8925d\n";
echo "slicex_mount=/users\n";
echo "slicex_tarball=http://${WWWHOST}/images/slicex.tar.gz\n";
echo "slicex_md5=1f84fbc3434d174151ac3a2b8389799a\n";
echo "emulab_status=0\n";
}
else {
}
www/cdromnewkey.php 0 → 100644
View file @ 4663d66d
<?php
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2002 University of Utah and the Flux Group.
# All rights reserved.
#
require("defs.php3");
#
# Anyone can run this page. No login is needed.
#
#
# Spit the form out using the array of data.
#
function SPITFORM($formfields, $errors)
{
PAGEHEADER("Request a CDROM password");
echo "<blockquote>
Please enter your name and email address. We will send you a
password via email that you can use when installing the CD
on your machine. This password is good for one installation;
if you want to install the CD on multiple machines, you will
need a separate password for each install.
</blockquote>\n";
if ($errors) {
echo "<table align=center border=0 cellpadding=0 cellspacing=2>
<tr>
<td nowrap align=center colspan=3>
<font size=+1 color=red>
Oops, please fix the following errors!
</font>
</td>
</tr>\n";
while (list ($name, $message) = each ($errors)) {
echo "<tr>
<td align=right><font color=red>$name:</font></td>
<td>&nbsp &nbsp</td>
<td align=left><font color=red>$message</font></td>
</tr>\n";
}
echo "</table><br>\n";
}
echo "<table align=center border=1>
<tr>
<td align=center colspan=2>
Fields marked with * are required
</td>
</tr>\n
<form action=cdromnewkey.php method=post>\n";
#
# Full Name
#
echo "<tr>
<td colspan=1>*Full Name:</td>
<td class=left>
<input type=text
name=\"formfields[user_name]\"
value=\"" . $formfields[user_name] . "\"
size=30>
</td>
</tr>\n";
#
# Email:
#
echo "<tr>
<td colspan=1>*Email Address[<b>1</b>]:</td>
<td class=left>
<input type=text
name=\"formfields[user_email]\"
value=\"" . $formfields[user_email] . "\"
size=30>
</td>
</tr>\n";
echo "<tr>
<td colspan=2 align=center>
<b><input type=submit name=submit value=Submit></b>
</td>
</tr>\n";
echo "</form>
</table>\n";
echo "<h4><blockquote><blockquote>
<ol>
<li> Please consult our
<a href = 'docwrapper.php3?docname=security.html'>
security policies</a> for information
regarding passwords and email addresses.
</ol>
</blockquote></blockquote>
</h4>\n";
}
#
# The conclusion of a join request. See below.
#
if (isset($finished)) {
PAGEHEADER("Request a CDROM Password");
#
# Generate some warm fuzzies.
#
echo "<p>
Your request is being processed. You will receive email
with your new passowrd in a few moments.
If you do not receive email notification within a reasonable amount
of time, please contact $TBMAILADDR.\n";
PAGEFOOTER();
return;
}
#
# On first load, display a virgin form and exit.
#
if (! isset($submit)) {
$defaults = array();
SPITFORM($defaults, 0);
PAGEFOOTER();
return;
}
#
# Otherwise, must validate and redisplay if errors
#
$errors = array();
# Name
if (!isset($formfields[user_name]) ||
strcmp($formfields[user_name], "") == 0) {
$errors["Full Name"] = "Missing Field";
}
# Email
if (!isset($formfields[user_email]) ||
strcmp($formfields[user_email], "") == 0) {
$errors["Email Address"] = "Missing Field";
}
else {
$user_email = $formfields[user_email];
$email_domain = strstr($user_email, "@");
if (! $email_domain ||
strcmp($user_email, $email_domain) == 0 ||
strlen($email_domain) <= 1 ||
! strstr($email_domain, ".")) {
$errors["Email Address"] = "Looks invalid!";
}
}
# Dump errors.
if (count($errors)) {
SPITFORM($formfields, $errors);
PAGEFOOTER();
return;
}
$user_name = addslashes($formfields[user_name]);
$user_mail = $formfields[user_email];
$newkey = substr(GENHASH(), 0, 16);
$query_result =
DBQueryFatal("insert into widearea_privkeys ".
" (privkey, user_name, user_email, requested) ".
" values ('$newkey', '$user_name', '$user_email', now())");
TBMAIL("$user_name <$user_email>",
"Your CD password",
"\n".
"Dear $user_name:\n\n".
"This is your password to unlock your CD:\n\n".
" $newkey\n\n".
"Please enter this password when installing your CD.\n\n".
"Thanks,\n".
"Testbed Ops\n".
"Utah Network Testbed\n",
"From: $TBMAIL_OPS\n".
"Bcc: $TBMAIL_AUDIT\n".
"Errors-To: $TBMAIL_WWW");
#
# Spit out a redirect so that the history does not include a post
# in it. The back button skips over the post and to the form.
# See above for conclusion.
#
header("Location: cdromnewkey.php?finished=1");
?>
www/cdromprivkeys.php 0 → 100644
View file @ 4663d66d
<?php
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2002 University of Utah and the Flux Group.
# All rights reserved.
#
include("defs.php3");
include("showstuff.php3");
#
# Only known and logged in users can do this.
#
$uid = GETLOGIN();
LOGGEDINORDIE($uid);
$isadmin = ISADMIN($uid);
if (!$isadmin) {
USERERROR("You do not have permission to view this page!", 1);
}
if (isset($deletekey)) {
#
# Get the actual key.
#
$query_result =
DBQueryFatal("select * from widearea_privkeys ".
"where privkey='$deletekey'");
if (! mysql_num_rows($query_result)) {
USERERROR("No such widearea private key!", 1);
}
$row = mysql_fetch_array($query_result);
$name = $row[user_name];
$email = $row[user_email];
$when = $row[requested];
$IP = $row[IP];
#
# We run this twice. The first time we are checking for a confirmation
# by putting up a form. The next time through the confirmation will be
# set. Or, the user can hit the cancel button, in which case we should
# Probably redirect the browser back up a level.
#
if ($canceled) {
PAGEHEADER("Widearea Private Key Deletion Request");
echo "<center><h2><br>
Widearea Private Key deletion has been canceled!
</h2></center>\n";
echo "<br>
Back to <a href=cdromprivkeys.php>Back to Widearea Keys.</a>\n";
PAGEFOOTER();
return;
}
if (!$confirmed) {
PAGEHEADER("Widearea Private Key Deletion Request");
echo "<center><h2><br>
Are you <b>REALLY</b> sure you want to delete this Key?<br>
Deleting a key that has a widearea node attached is a bad
thing!
</h2>\n";
echo "<form action=cdromprivkeys.php method=post>";
echo "<input type=hidden name=deletekey value=$deletekey>\n";
echo "<b><input type=submit name=confirmed value=Confirm></b>\n";
echo "<b><input type=submit name=canceled value=Cancel></b>\n";
echo "</form>\n";
echo "</center>\n";
echo "<table align=center border=1 cellpadding=2 cellspacing=2>\n";
echo "<tr>
<td>$name</td>
<td>$email</td>
<td>$IP</td>
<td>$when</td>
</tr>\n";
echo "</table>\n";
PAGEFOOTER();
return;
}
DBQueryFatal("delete from widearea_privkeys where privkey='$deletekey'");
header("Location: cdromprivkeys.php");
}
#
# Get the list and show it.
#
#
# Standard Testbed Header, now that we know what we want to say.
#
PAGEHEADER("Widearea Private Keys");
$query_result =
DBQueryFatal("select wa.*,i.node_id from widearea_privkeys as wa ".
"left join interfaces as i on wa.IP=i.IP ".
"order by requested DESC");
if (! mysql_num_rows($query_result)) {
USERERROR("There are no widearea private keys!\n", 1);
}
echo "<table align=center border=1 cellpadding=2 cellspacing=2>\n";
echo "<tr>
<td>Delete?</td>
<td>Name</td>
<td>Email</td>
<td>IP</td>
<td>Node</td>
<td>Key</td>
<td>Requested</td>
<td>Updated</td>
</tr>\n";
while ($row = mysql_fetch_array($query_result)) {
$name = $row[user_name];
$email = $row[user_email];
$requested = $row[requested];
$updated = $row[updated];
$privkey = $row[privkey];
$IP = $row[IP];
$nodeid = $row[node_id];
echo "<tr>
<td align=center>
<A href='cdromprivkeys.php?deletekey=$privkey'>
<img alt=X src=redball.gif></A></td>
<td>$name</td>
<td>$email</td>
<td>$IP</td>\n";
if (isset($nodeid)) {
echo "<td><A href='shownode.php3?node_id=$nodeid'>$nodeid</a></td>\n";
}
else {
echo "<td>&nbsp</td>\n";
}
echo " <td>$privkey</td>
<td>$requested</td>
<td>$updated</td>
</tr>\n";
}
echo "</table>\n";
#
# Standard Testbed Footer
#
PAGEFOOTER();
?>
www/cdromqueue.php3 0 → 100644
View file @ 4663d66d
<?php
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2002 University of Utah and the Flux Group.
# All rights reserved.
#
include("defs.php3");
include("showstuff.php3");
#
# Only known and logged in users can do this.
#
$uid = GETLOGIN();
LOGGEDINORDIE($uid);
$isadmin = ISADMIN($uid);
if (!$isadmin) {
USERERROR("You do not have permission to view this page!", 1);
}
if (isset($deletekey)) {
#
# Get the actual key.
#
$query_result =
DBQueryFatal("select * from cdroms where cdkey='$deletekey'");
if (! mysql_num_rows($query_result)) {
USERERROR("No such CDROM request!", 1);
}
$row = mysql_fetch_array($query_result);
$name = $row[user_name];
$email = $row[user_email];
$when = $row[requested];
#
# We run this twice. The first time we are checking for a confirmation
# by putting up a form. The next time through the confirmation will be
# set. Or, the user can hit the cancel button, in which case we should
# Probably redirect the browser back up a level.
#
if ($canceled) {
PAGEHEADER("CDROM Deletion Request");
echo "<center><h2><br>
CDROM Request deletion has been canceled!
</h2></center>\n";
echo "<br>
Back to <a href=cdromqueue.php3>CDROM request queue.</a>\n";
PAGEFOOTER();
return;
}
if (!$confirmed) {
PAGEHEADER("CDROM Deletion Request");
echo "<center><h2><br>
Are you <b>REALLY</b> sure you want to delete this CDROM request?
</h2>\n";
echo "<form action=cdromqueue.php3 method=post>";
echo "<input type=hidden name=deletekey value=$deletekey>\n";
echo "<b><input type=submit name=confirmed value=Confirm></b>\n";
echo "<b><input type=submit name=canceled value=Cancel></b>\n";
echo "</form>\n";
echo "</center>\n";
echo "<table align=center border=1 cellpadding=2 cellspacing=2>\n";
echo "<tr>