Commit b54fa6e2 authored by Mac Newbold's avatar Mac Newbold

Updated web interface. Major/incompatible changes since Logan's last update.

_*.php3 names are old versions that need to be updated.
parent 98e31231
<?php
if (!isset($PHP_AUTH_USER)) {
Header("WWW-Authenticate: Basic realm=\"testbed\"");
Header("HTTP/1.0 401 Unauthorized");
echo "User authenication is required to view these pages\n";
exit;
} else {
addslashes($PHP_AUTH_USER);
$PSWD = crypt("$PHP_AUTH_PW", strlen($PHP_AUTH_USER));
$query = "SELECT * FROM users WHERE uid=\"$PHP_AUTH_USER\" AND usr_pswd=\"$PSWD\"";
$result = mysql_db_query("tbdb", $query);
$numusers = mysql_num_rows($result);
$query2 = "SELECT timeout FROM login WHERE uid=\"$PHP_AUTH_USER\"";
$result2 = mysql_db_query("tbdb", $query2);
$n = mysql_num_rows($result2);
$row = mysql_fetch_row($result2);
if (($n == 0) || ($numusers == 0) || ($row[0] < time())) {
$cmnd = "DELETE FROM login WHERE uid=\"$PHP_AUTH_USER\"";
mysql_db_query("tbdb", $cmnd);
Header("WWW-Authenticate: Basic realm=\"testbed\"");
Header("HTTP/1.0 401 Unauthorized");
die ("Authorization Failed\n");
}
$timeout = time() + 1800;
$cmnd = "UPDATE login SET timeout=\"$timeout\" where uid=\"$PHP_AUTH_USER\"";
mysql_db_query("tbdb", $cmnd);
}
?>
<html>
<head>
<title>New Experiment</title>
<link rel="stylesheet" href="tbstyle.css" type="text/css">
</head>
<body>
<H1>Begin an experiment on the testbed</h1>
<table border="1" align="center">
<tr><td colspan="2">Only those fields in bold, red type are required.</td></tr>
<form action=added.php3 method="post">
<tr><th>Experiment Name:</th><td><input type="text" name="eid"></td></tr>
<?php
addslashes($PHP_AUTH_USER);
$query = "SELECT pid FROM proj_memb WHERE uid=\"$PHP_AUTH_USER\"";
$result = mysql_db_query("tbdb", $query);
$n = mysql_num_rows($result);
if ($n == 1) {
echo "<tr><th>Project ID:</th>";
$row = mysql_fetch_row($result);
echo "<td><input type=\"readonly\" value=\"$row[0]\" name=\"proj\"></td></tr>\n";
} elseif ($n > 1) {
echo "<tr><th>Project ID:</th><td><select name=\"proj\">\n";
while ($row = mysql_fetch_row($result)) {
echo "<option value=\"$row[0]\">$row[0]</option>\n";
}
echo "</select></td></tr>\n";
} else {
echo "<tr><th colspan=\"2\">You must be part of a project if you wan to run an experiment</th></tr>";
}
$utime = time();
$year = date("Y", $utime);
$month = date("m", $utime);
$thismonth = $month++;
if ($month > 12) {
$month -= 12;
$month = "0".$month;
}
$rest = date("d H:i:s", $utime);
echo "<tr><th>Expiration date:</th><td><input type=\"text\" value=\"$year:$month:$rest\" name=\"expt_expires\"></td></tr>
<tr><td>Experiment long name:</td><td><input type=\"text\" name=\"expt_name\"></td></tr>
<tr><td>Experiment starts:</td><td><input type=\"text\" value=\"$year:$thismonth:$rest\" name=\"expt_start\"></td></tr>
<tr><td>Experiment ends:</td><td><input type=\"text\" value=\"$year:$month:$rest\" name=\"expt_end\"></td></tr>
<tr><th colspan=\"2\"><input type=\"submit\" value=\"Submit\"></th></tr>\n";
?>
</form>
</table>
</body>
</html>
\ No newline at end of file
<?php
if (!isset($PHP_AUTH_USER)) {
Header("WWW-Authenticate: Basic realm=\"testbed\"");
Header("HTTP/1.0 401 Unauthorized");
die("User authenication is required to view these pages\n");
} else {
addslashes($PHP_AUTH_USER);
$PSWD = crypt("$PHP_AUTH_PW", strlen($PHP_AUTH_USER));
$query = "SELECT * FROM users WHERE uid=\"$PHP_AUTH_USER\" AND usr_pswd=\"$PSWD\" AND trust_level > 0";
$result = mysql_db_query("tbdb", $query);
$numusers = mysql_num_rows($result);
$query2 = "SELECT timeout FROM login WHERE uid=\"$PHP_AUTH_USER\"";
$result2 = mysql_db_query("tbdb", $query2);
$n = mysql_num_rows($result2);
$row = mysql_fetch_row($result2);
if (($n == 0) || ($numusers == 0) || ($row[0] < time())) {
$cmnd = "DELETE FROM login WHERE uid=\"$PHP_AUTH_USER\"";
mysql_db_query("tbdb", $cmnd);
Header("WWW-Authenticate: Basic realm=\"testbed\"");
Header("HTTP/1.0 401 Unauthorized");
die ("Authorization Failed\n");
}
$timeout = time() + 1800;
$cmnd = "UPDATE login SET timeout=\"$timeout\" where uid=\"$PHP_AUTH_USER\"";
mysql_db_query("tbdb", $cmnd);
}
?>
<html>
<head>
<title>New Project</title>
<link rel="stylesheet" href="tbstyle.css" type="text/css">
</head>
<body>
<H1>Begin a project</h1>
<?php
addslashes($PHP_AUTH_USER);
$utime = time();
$year = date("Y", $utime);
$month = date("m", $utime);
$month += 6;
if ($month > 12) {
$month -= 12;
$month = "0".$month;
}
$rest = date("d H:i:s", $utime);
echo "<table border=\"1\" align=\"center\">
<form action=added.php3 method=\"post\">
<tr><td colspan=\"2\">Only fields in bold red are required</td></tr>
<tr><th>Project Name:</th><td><input type=\"text\" name=\"pid\"></td></tr>
<tr><th>Group association:</th>\n";
$query = "SELECT gid FROM grp_memb WHERE uid=\"$PHP_AUTH_USER\"";
$result = mysql_db_query("tbdb", $query);
$n = mysql_num_rows($result);
if ($n > 1) {
echo "<td><select name=\"grp_assoc\">\n";
while ($row = mysql_fetch_row($result)) {
echo "<option value=\"$row[0]\">$row[0]</option>\n";
}
echo "</select></td></tr>\n";
} else {
$row = mysql_fetch_row($result);
echo "<td><input type=\"readonly\" value=\"$row[0]\" name=\"grp_assoc\"></td></tr>\n";
}
echo "<tr><th>Expiration date:</th><td><input type=\"text\" value=\"$year:$month:$rest\" name=\"proj_expires\"></td></tr>\n";
?>
<tr><td>Project Long Name:</td><td><input type="text" name="proj_name"></td></tr>
<tr><td>Project Members:</td><td><textarea cols="20" rows="2" name="proj_memb"></textarea></td>
<tr><th colspan="2"><input type="submit" value="Submit"></th></tr>
</form>
</table>
</body>
</html>
\ No newline at end of file
<?php
if (!isset($PHP_AUTH_USER) || !empty($HTTP_GET_VARS)) {
Header("WWW-Authenticate: Basic realm=\"testbed\"");
Header("HTTP/1.0 401 Unauthorized");
echo ("User authentication is required to view these pages\n");
} else {
addslashes($PHP_AUTH_USER);
$PSWD = crypt("$PHP_AUTH_PW", strlen($PHP_AUTH_USER));
$query = "SELECT trust_level FROM users WHERE uid='$PHP_AUTH_USER' AND usr_pswd='$PSWD' AND trust_level > 0";
$result = mysql_db_query("tbdb", $query);
$valid = mysql_num_rows($result);
$tlrow = mysql_fetch_row($result);
$trust = $tlrow[0];
$query2 = "SELECT timeout FROM login WHERE uid=\"$PHP_AUTH_USER\"";
$result2 = mysql_db_query("tbdb", $query2);
$n = mysql_num_rows($result2);
$row = mysql_fetch_row($result2);
if (($n == 0) || ($valid == 0) || ($row[0] < time())) {
$cmnd = "DELETE FROM login WHERE uid=\"$PHP_AUTH_USER\"";
mysql_db_query("tbdb", $cmnd);
Header("WWW-Authenticate: Basic realm=\"testbed\"");
Header("HTTP/1.0 401 Unauthorized");
die ("Authorization Failed\n");
}
$timeout = time() + 1800;
$cmnd = "UPDATE login SET timeout=\"$timeout\" where uid=\"$PHP_AUTH_USER\"";
mysql_db_query("tbdb", $cmnd);
}
echo "
<html>
<head>
<title>Modify $uid</title>
<link rel='stylesheet' href='tbstyle.css' type='text/css'>
</head>
<body>
";
if (isset($HTTP_POST_VARS)) {
array_walk($HTTP_POST_VARS, "addslashes");
}
if (isset($update)) { #if the form was submitted with the update button, update the database
echo "<H1>Updating the Database...</h1>\n";
$cmnd = "UPDATE users SET usr_expires=\"$usr_expires\",
usr_name=\"$usr_name\",
usr_email=\"$usr_email\",
usr_addr=\"$usr_addr\",
usr_phones=\"$usr_phones\",
trust_level=\"$trust_level\" WHERE uid=\"$uid\"";
$result = mysql_db_query("tbdb", $cmnd);
$succ = mysql_affected_rows($result);
if ($succ == 0) {
$err = mysql_error();
echo "<H3>Could not query database: $err</h3>\n";
exit;
} elseif (($old_pw != $new_pw) && ($new_pw == $new_pw2)) {
$enc = crypt("$new_pw", strlen($uid));
$pwcom = "UPDATE users SET usr_pswd=\"$enc\" WHERE uid=\"$uid\"";
$pres = mysql_db_query("tbdb", $pwcom);
if (!$pres) {
$err = mysql_error();
die ("<H3>Failed to change password: $err</h3>");
}
}
echo "<H3>$uid UPDATED</h3>";
} elseif (isset($delete)) { #if the form was submitted with the delete button, delete the user
$cmnd = "DELETE FROM users WHERE uid=\"$uid\"";
$result = mysql_db_query("tbdb", $cmnd);
$succ = mysql_affected_rows($result);
if ($succ == 0) {
$err = mysql_error();
die ("<H3 color=red>Could not query database: $err</h3>\n");
}
$cmnd2 = "DELETE FROM grp_memb WHERE uid=\"$uid\"";
mysql_db_query("tbdb", $cmnd2);
$cmnd3 = "DELETE FROM proj_memb WHERE uid=\"$uid\"";
mysql_db_query("tbdb", $cmnd3);
echo "<H3>$uid DELETED</h3>";
} elseif (isset($uid)) { #when coming from usrs.php3, display user info in a form to be altered
echo "<H3>Modify only those entries you wish to change</h3>
<table border = \"1\" summary=\"Modify entries in the table and submit it to change the databse\">
<form action=\"usrmod.php3\" method=\"post\">\n";
$cmnd = "SELECT * FROM users WHERE uid=\"$uid\"";
$result = mysql_db_query("tbdb", $cmnd);
$row = mysql_fetch_array($result);
print "<tr><th>Username</th>
<td><input type=\"text\" name=\"uid\" value=$uid></td></tr>\n";
print "<tr><th>Full Name</th>
<td><input type=\"text\" name=\"usr_name\" value=\"$row[usr_name]\"></td></tr>\n";
print "<tr><th>Email</th>
<td><input type=\"text\" name=\"usr_email\" value=$row[usr_email]></td></tr>\n";
print "<tr><th>Mailing Address</th>
<td><input type=\"text\" name=\"usr_addr\" value=\"$row[usr_addr]\"></td></tr>\n";
print "<tr><th>Phone Number</th>
<td><input type=\"text\" name=\"usr_phones\" value=$row[usr_phones]></td></tr>\n";
print "<tr><th>User Expires</th>
<td><input type=\"text\" name=\"usr_expires\" value=\"$row[usr_expires]\"></td></tr>\n";
if ($trust == 1) {
$type = "readonly";
} else {
$type = "text";
}
print "<tr><th>Trust Level</th>
<td><input type='$type' name=\"trust_level\" value=$row[trust_level]></td></tr>
<tr><th>Old Password</th><td><input type=\"password\" name=\"old_pw\"></td></tr>
<tr><th>New Password</th><td><input type=\"password\" name=\"new_pw\"></td></tr>
<tr><th>Retype New Password</th><td><input type=\"password\" name=\"new_pw2\"></td></tr>
</table>
<p>
<input type=\"submit\" value=\"Update\" name=\"update\">
<input type=\"submit\" value=\"Delete User\" name=\"delete\">
</p>
</form>
<form action=usrmod.php3 method=\"post\">
<input type=\"submit\" value=\"Cancel\">
</form>\n";
} else { #when no variable are passed to the form, ask for some
echo "<H1>Please provide a testbed username</h1>";
}
echo "
</body>
</html>
";
?>
<?php
if (!isset($PHP_AUTH_USER)) {
Header("WWW-Authenticate: Basic realm=\"testbed\"");
Header("HTTP/1.0 401 Unauthorized");
die("User authentication is required to view these pages\n");
} else {
addslashes($PHP_AUTH_USER);
$PSWD = crypt("$PHP_AUTH_PW", strlen($PHP_AUTH_USER));
$query = "SELECT * FROM users WHERE uid=\"$PHP_AUTH_USER\" AND usr_pswd=\"$PSWD\" AND trust_level > 0";
$result = mysql_db_query("tbdb", $query);
$valid = mysql_num_rows($result);
$query2 = "SELECT timeout FROM login WHERE uid=\"$PHP_AUTH_USER\"";
$result2 = mysql_db_query("tbdb", $query2);
$n = mysql_num_rows($result2);
$row = mysql_fetch_row($result2);
if (($n == 0) || ($valid == 0) || ($row[0] < time())) {
$cmnd = "DELETE FROM login WHERE uid=\"$PHP_AUTH_USER\"";
mysql_db_query("tbdb", $cmnd);
Header("WWW-Authenticate: Basic realm=\"testbed\"");
Header("HTTP/1.0 401 Unauthorized");
die ("Authorization Failed\n");
}
$timeout = time() + 1800;
$cmnd = "UPDATE login SET timeout=\"$timeout\" where uid=\"$PHP_AUTH_USER\"";
mysql_db_query("tbdb", $cmnd);
}
echo "
<html>
<head>
<title>Users</title>
</head>
<body>
<form action=\"usrmod.php3\" target=\"modify\" method=\"post\">
<table border=\"1\"><tr><th>Select the user to be modified</th></tr>
<tr><td>\n";
$query = "SELECT gid FROM grp_memb where uid=\"$PHP_AUTH_USER\"";
$response = mysql_db_query("tbdb", $query);
$select = "SELECT";
while ($row = mysql_fetch_row($response)) {
$gid = $row[0];
if ($select == "SELECT") {
$select .= " DISTINCT uid FROM grp_memb WHERE gid='$gid'";
} else {
$select .= " OR gid='$gid'";
}
}
$selected = mysql_db_query("tbdb", $select);
if (!$selected) die("Failure in execution of database query</td></tr></table></body></html>");
$n = mysql_num_rows($selected);
if ($n == 1) {
$uid_row = mysql_fetch_row($selected);
echo "<input type='readonly' value='$uid_row[0]' name='uid'>\n";
} else {
echo "<select name='uid'>\n";
while ($uid_row = mysql_fetch_row($selected)) {
echo "<option value='$uid_row[0]'>$uid_row[0]</option>\n";
}
echo "</select>\n";
}
?>
<input type="submit" value="Okay">
</td></tr>
</table>
</form>
</body>
</html>
<?php
if (!isset($PHP_AUTH_USER) || !empty($HTTP_GET_VARS)) {
Header("WWW-Authenticate: Basic realm=\"testbed\"");
Header("HTTP/1.0 401 Unauthorized");
die ("User authentication is required to view these pages\n");
} else {
addslashes($PHP_AUTH_USER);
$PSWD = crypt("$PHP_AUTH_PW", strlen($PHP_AUTH_USER));
$query = "SELECT * FROM users WHERE uid=\"$PHP_AUTH_USER\" AND usr_pswd=\"$PSWD\" AND trust_level!=\"0\"";
$result = mysql_db_query("tbdb", $query);
$valid = mysql_num_rows($result);
$query2 = "SELECT timeout FROM login WHERE uid=\"$PHP_AUTH_USER\"";
$result2 = mysql_db_query("tbdb", $query2);
$n = mysql_num_rows($result2);
if (($n == 0) && ($valid != 0)) {
$cmnd = "INSERT INTO login VALUES ('$PHP_AUTH_USER', '0')";
mysql_db_query("tbdb", $cmnd);
} else {
$row = mysql_fetch_row($result2);
if (($valid == 0) || ($row[0] < time())) {
$cmnd = "DELETE FROM login WHERE uid=\"$PHP_AUTH_USER\"";
mysql_db_query("tbdb", $cmnd);
Header("WWW-Authenticate: Basic realm=\"testbed\"");
Header("HTTP/1.0 401 Unauthorized");
die ("Authorization Failed\n");
}
}
$timeout = time() + 1800;
$cmnd = "UPDATE login SET timeout=\"$timeout\" where uid=\"$PHP_AUTH_USER\"";
mysql_db_query("tbdb", $cmnd);
}
echo "
<html>
<head>
<title>Altering TBDB</title>
<title>Adding to the database</title>
<link rel='stylesheet' href='tbstyle.css' type='text/css'>
</head>
<body>
<h1>Adding information to the testbed database...</h1>\n";
<h1>Adding information to the Testbed Database</h1>\n";
$my_passwd=$pswd;
$enc = crypt("$my_passwd", strlen($uid));
array_walk($HTTP_POST_VARS, 'addslashes');
if (isset($pid)) { #add a project to the database
$cmnd = "INSERT INTO projects VALUES ('$pid',
now(),
'$proj_expires',
'$proj_name',
'$PHP_AUTH_USER')";
$result = mysql_db_query("tbdb", $cmnd);
if (!$result) {
$err = mysql_error();
echo "<H3>Couldn't add project to the database: $err</h3>\n";
exit;
}
$cmnd2 = "INSERT INTO proj_grps VALUES ('$pid', '$grp_assoc')";
mysql_db_query("tbdb", $cmnd2);
$cmnd3 = "INSERT INTO proj_memb VALUES ('$PHP_AUTH_USER', '$pid')";
mysql_db_query("tbdb", $cmnd3);
if ($proj_memb != "") {
$memb = preg_split("/\s/", "$proj_memb");
function add_memb ($item) {
global $pid;
trim($item);
$insert = "INSERT INTO proj_memb VALUES ('$item', '$pid')";
mysql_db_query("tbdb", $insert);
}
array_walk ($memb, "add_memb");
}
echo "<h1>Success</h1>";
} elseif (!empty($uid) && ($pswd == $pswd2)) { #add a user to the database
$query = "SELECT unix_uid FROM users ORDER BY unix_uid DESC";
$res = mysql_db_query("tbdb", $query);
$row = mysql_fetch_row($res);
$unix_uid = $row[0];
++$unix_uid;
$enc = crypt("$pswd", strlen($uid));
$cmnd = "INSERT INTO users VALUES (
'$uid',
now(),
'$usr_expires',
'$usr_name',
'$usr_email',
'$usr_addr',
'$usr_phones',
'1',
'$enc',
'$unix_uid')";
$result = mysql_db_query("tbdb", $cmnd); #put the user into users
if (!$result) {
$err = mysql_error();
echo "<H3>Could not add user to the database: $err</h3>\n";
exit;
}
$cmnd2 = "INSERT INTO grp_memb VALUES ('$uid', '$grp')";
mysql_db_query("tbdb", $cmnd2); #put the user and group into grp_memb
$fp = fopen("/usr/local/share/apache/htdocs/testbed/maillist/users.txt", "a");
fwrite($fp, "$usr_email\n"); #write the user's email to the mail list
} elseif ($filename != "" && isset($filename) && ($pswd == $pswd2)) {
/* if a file of user information is specified, load the file into the database. Then update all the entries just made, and add them to grp_memb. */
$cmnd = "LOAD DATA LOCAL INFILE '$filename' INTO TABLE users";
$result = mysql_db_query("tbdb", $cmnd);
if (!$result) {
$err = mysql_error();
echo "<H3>Could not query database: $err</h3>\n";
exit;
}
$time = mysql_db_query("tbdb", "SELECT now()");
$row = mysql_fetch_row($time);
$now = $row[0]; #get the current time in mysql format
$query = "UPDATE users SET usr_created='$now' where usr_created=\"0000-00-00 00:00:00\"";
mysql_db_query("tbdb", $query); #set the time of creation of the users to now
$query2 = "SELECT uid, usr_email FROM users WHERE usr_created=\"$now\"";
$result2 = mysql_db_query("tbdb", $query2); #get all the users just added
$query3 = "SELECT unix_uid FROM users ORDER BY unix_uid DESC";
$result3 = mysql_db_query("tbdb", $query3);
$row3 = mysql_fetch_row($result3);
$unix_uid = $row3[0];
while ($row = mysql_fetch_array($result2)) {
++$unix_uid;
$uid = $row[uid];
$enc = crypt("$pswd", strlen($uid));
$email = $row[usr_email];
$cmnd2 = "INSERT INTO grp_memb VALUES ('$uid', '$grp')";
mysql_db_query("tbdb", $cmnd2); #add users to grp_memb
$cmnd3 = "UPDATE users SET usr_pswd='$enc', unix_uid='$unix_uid' where uid='$uid'";
mysql_db_query('tbdb', $cmnd3); #give users unix_uids
$fp = fopen("/usr/local/share/apache/htdocs/testbed/maillist/users.txt", "a");
fwrite($fp, "$email\n"); #write email addresses to the mail list
}
if ($trust == 2) {
$cmnd = "INSERT INTO projects VALUES ".
"('$pid',now(),'$proj_expires','$proj_name','$PHP_AUTH_USER')";
$result = mysql_db_query("tbdb", $cmnd);
if (!$result) {
$err = mysql_error();
echo "<H3>Couldn't add project to the database: $err</h3>\n";
exit;
}
$cmnd2 = "INSERT INTO proj_grps VALUES ('$pid', '$grp_assoc')";
mysql_db_query("tbdb", $cmnd2);
$cmnd3 = "INSERT INTO proj_memb VALUES ('$PHP_AUTH_USER', '$pid')";
mysql_db_query("tbdb", $cmnd3);
if ($proj_memb != "") {
$memb = preg_split("/\s/", "$proj_memb");
function add_memb ($item) {
global $pid;
trim($item);
$insert = "INSERT INTO proj_memb VALUES ('$item', '$pid')";
mysql_db_query("tbdb", $insert);
}
array_walk ($memb, "add_memb");
}
echo "<h1>Success</h1>";
} else {
mysql_db_query("tbdb","select usr_name,usr_email from groups as g ".
"left join users as u on g.grp_head_uid=u.uid ".
"where g.gid = '$grp_assoc'");
$row = mysql_fetch_row($head);
$grp_head = $row[0];
$email = $row[1];
echo "<h1>Add Project Failed:</h1>\n<h3>You are not authorized to add ".
"projects in group '$grp_assoc'. If you feel you have reached this ".
"message in error, please contact the group head, ".
"'$grp_head <$email>'.</h3>";
}
} elseif ( !empty($uid) && !empty($usr_email) &&
(($pswd == $pswd2) || ($enc == $pswd2)) ) {
$query = "SELECT unix_uid FROM users ORDER BY unix_uid DESC";
$res = mysql_db_query("tbdb", $query);
$row = mysql_fetch_row($res);
$unix_uid = $row[0];
++$unix_uid;
$query = "SELECT usr_pswd FROM users WHERE uid=\"$uid\"";
$result = mysql_db_query("tbdb", $query);
if ($row = mysql_fetch_row($result)) {
# returning user, joining new group
$usr_pswd = $row[0];
if ($usr_pswd != $enc) {
die("<H3>The username that you have chosen is already in use. ".
"Please select another.</h3>\n");
}
} else { # new user
$newuser=1;
$cmnd = "INSERT INTO users ".
"(uid,usr_created,usr_expires,usr_name,usr_email,usr_addr,".
"usr_phone,usr_pswd,unix_uid,status) ".
"VALUES ('$uid',now(),'$usr_expires','$usr_name','$usr_email',".
"'$usr_addr','$usr_phone','$enc','$unix_uid','newuser')";
$result = mysql_db_query("tbdb", $cmnd);
if (!$result) {
$err = mysql_error();
echo "<H3>Could not add user to the database: $err</h3>\n";
exit;
}
$fp = fopen("/usr/testbed/www/maillist/users.txt","a");
fwrite($fp, "$usr_email\n");
}
$result=mysql_db_query("tbdb","select * from grp_memb where ".
"uid='$uid' and gid='$grp'");
if (mysql_num_rows($result) > 0) {
# Already in that group (or applied)
echo "<h3>You have already applied for membership in that group.</h3>\n";
echo "</body></html>\n";
exit;
}
mysql_db_query("tbdb","insert into grp_memb (uid,gid,trust)".
"values ('$uid','$grp','none');");
$que = "SELECT grp_head_uid FROM groups WHERE gid='$grp'";
$res = mysql_db_query("tbdb", $que);
$resrow = mysql_fetch_row($res);
$ghid = $resrow[0];
$mque = "SELECT usr_email FROM users WHERE uid='$ghid'";
$mres = mysql_db_query("tbdb", $mque);
$mresrow = mysql_fetch_row($mres);
$grp_email = $mresrow[0];
mail("$grp_email", "TESTBED: New Group Member",
"\n$usr_name ($uid) is trying to join your group. $usr_name has the\n".
"Testbed username $uid and email address $usr_email.\n$usr_name's ".
"phone number is $usr_phone and address $usr_addr.\n".
"\nPlease return ".
"to <https://plastic.cs.utah.edu/tbdb.html>, log in,\nand select the ".
"'New User Approval' page to enter your decision regarding\n".
"$usr_name's membership in your group.".
"\n\nThanks,\nMac Newbold\nUtah Network Testbed\n",
"From: Mac Newbold <newbold@cs.utah.edu>\nCc: newbold@cs.utah.edu\n".
"Errors-To: newbold@cs.utah.edu");
if ($newuser==1) {
mail("$usr_email","TESTBED: Your New User Key",
"\nDear $usr_name:\n\n\tThank you for applying to use the Utah ".
"Network Testbed. As promised,\nhere is your key to verify your ".
"account. Your key is:\n\n".
crypt("TB_".$uid."_USR",strlen($uid)+13)."\n\n\t Please ".
"return to <https://plastic.cs.utah.edu/tbdb.html> and log in,\n".
"using the user name and password you gave us when you applied. ".
"You will\nthen find an option on the menu called ".
"'New User Verification'. Select it,\nand on that page enter in ".
"your user name, password, and your key,\nand you will be ".
"verified as a user. When you have been ".
"both verified and\napproved by the head of your group, you will be ".
"marked as an active user,\nand will be granted full access to your ".
"user account.\n\nThanks,\nMac Newbold\nUtah Network Testbed\n",
"From: Mac Newbold <newbold@cs.utah.edu>\nCc: newbold@cs.utah.edu\n".
"Errors-To: newbold@cs.utah.edu");
echo "
<h3> As a new user of the Testbed, for
security purposes, you will receive by e-mail a key. When you
receive it, come back to the site, and log in. When you do, you
will see a new menu option called 'New User Verification'. On
that page, enter in your username, password, and the key,