diff --git a/www/addgrp.php3 b/www/addgrp.php3 index 5b38645cb4ef3fe63fe12b8826e86c727d12e304..c7791e3adb33ba67c7f96e2d757a1ca5316dbc7b 100755 --- a/www/addgrp.php3 +++ b/www/addgrp.php3 @@ -84,7 +84,7 @@ echo " if ($row) { echo " type=\"readonly\" value=\"$row[usr_name]\">"; } else { - echo " type=\"text\">"; + echo " type=\"text\" size=\"30\">"; } echo " \n"; @@ -99,7 +99,7 @@ echo " if ($row) { echo " type=\"readonly\" value=\"$row[usr_title]\">"; } else { - echo " type=\"text\" value=\"Professor Emeritus\">"; + echo " type=\"text\" value=\"Professor Emeritus\" size=\"30\">"; } echo " @@ -115,7 +115,7 @@ echo " if ($row) { echo " type=\"readonly\" value=\"$row[usr_affil]\">"; } else { - echo " type=\"text\" value=\"UCB Networks Group\">"; + echo " type=\"text\" value=\"UCB Networks Group\" size=\"40\">"; } echo " @@ -132,7 +132,7 @@ echo " if ($row) { echo " type=\"readonly\" value=\"$row[usr_email]\">"; } else { - echo " type=\"text\">"; + echo " type=\"text\" size=\"30\">"; } echo " @@ -148,7 +148,7 @@ echo " if ($row) { echo " type=\"readonly\" value=\"$row[usr_addr]\">"; } else { - echo " type=\"text\">"; + echo " type=\"text\" size=\"40\">"; } echo " \n"; @@ -162,7 +162,7 @@ echo " *Phone #: if ($row) { echo " type=\"readonly\" value=\"$row[usr_phone]\">"; } else { - echo " type=\"text\">"; + echo " type=\"text\" size=\"15\">"; } echo " \n"; @@ -172,7 +172,7 @@ echo " # echo " *Password: - + \n"; # @@ -183,7 +183,7 @@ if (! $row) { echo " *Retype
New Password: - + \n"; } @@ -214,7 +214,7 @@ echo " echo " *Long name: + value=\"UCB Overlay Multicast\" size=\"40\"> \n"; # @@ -222,7 +222,7 @@ echo " # echo " +URL: - \n"; @@ -231,12 +231,13 @@ echo " # echo " *Estimated #of PCs: - + \n"; echo " *Estimated #of Sharks: - + \n"; # diff --git a/www/defs.php3 b/www/defs.php3 index 6a7203d0d4dac0e65fc9ee7858378fd47f5659de..2655aa7fc0defa1fae592d318157dd876cdb0d66 100644 --- a/www/defs.php3 +++ b/www/defs.php3 @@ -19,6 +19,11 @@ $TBLIST_USERS = "$TBLIST_DIR"."/users.txt"; $TBUSER_DIR = "/users/"; $TBNSSUBDIR = "nsdir"; +$TBAUTHCOOKIE = "HashCookie"; +$TBAUTHTIMEOUT = 10800; +$TBAUTHDOMAIN = "emulab.net"; +#$TBAUTHDOMAIN = "C884963-A.crvlls1.or.home.com"; + # # Generate the KEY from a name # @@ -32,6 +37,8 @@ function GENKEY ($name) { # should then terminate if required to do so. # function TBERROR ($message, $death) { + global $TBMAIL_WWW; + if (0) { mail($TBMAIL_WWW, "TESTBED ERROR REPORT", @@ -65,6 +72,11 @@ function USERERROR($message, $death) {
"; + echo "

+ Please contact + Testbed Operations (testbed-ops@flux.cs.utah.edu) + if you feel this message is an error."; + if ($death) { echo " "; @@ -72,4 +84,8 @@ function USERERROR($message, $death) { } } +# +# Beware empty spaces (cookies)! +# +require("tbauth.php3"); ?> diff --git a/www/index.php3 b/www/index.php3 index cd49f0931b6de90d30816804812c03e04b7d13f8..2214bec3b3fae1eda197a8aa25ee967498a2ed16 100755 --- a/www/index.php3 +++ b/www/index.php3 @@ -1,3 +1,63 @@ + + Utah Network Testbed @@ -6,152 +66,91 @@

Utah Network Testbed

+ "; - $salt = substr($usr_pswd,0,2); - if ($salt[0] == $salt[1]) { $salt = $salt[0]; } - #print "Got $salt for salt\n
"; - $PSWD = crypt("$auth_passwd",$salt); - #echo "
GOT PWD $PSWD
"; - if ($PSWD == $usr_pswd) { - $query2 = "SELECT timeout FROM login WHERE uid=\"$auth_usr\""; - $result2 = mysql_db_query("tbdb", $query2); - $exists = mysql_num_rows($result2); - $timeout = time() + 86400; - if ($exists) { - $cmnd="update login set timeout='$timeout' where uid='$auth_usr'"; - mysql_db_query("tbdb", $cmnd); - } else { - $c="insert into login (uid,timeout) values ('$auth_usr','$timeout')"; - mysql_db_query("tbdb", $c); - } - $message="Welcome back, $auth_usr...
You are logged in.\n"; - #echo $message; - } else { - $message="Login Failed\n"; - #echo $message; - unset($auth_usr); +if (isset($uid)) { + echo "
"; + $query_result = mysql_db_query($TBDBNAME, + "SELECT status FROM users WHERE uid='$uid'"); + $row = mysql_fetch_row($query_result); + $status = $row[0]; + + $query_result = mysql_db_query($TBDBNAME, + "SELECT trust FROM grp_memb WHERE uid='$uid'"); + $row = mysql_fetch_row($query_result); + $trust = $row[0]; + + if ($status == "active") { + if ($trust == "group_root") { + # Only group leaders can do these options + echo "New User Approval\n"; + } + # Since a user can be a member of more than one project (grp), + # display this option, and let the form decide if the user is + # allowed to do this. + echo "

+ Begin an Experiment\n"; + echo "

+ End an Experiment\n"; + # Every active user can do these options. For + echo "

+ Show experiment information\n"; + echo "

+ Update user information\n"; + echo "

\n"; } - } else { - $message="Login Failed\n"; - #echo $message; - unset($auth_usr); - } -} elseif (isset($logout)) { # a logout clause - unset($logout); - addslashes($auth_usr); - $cmnd = "delete from login WHERE uid=\"$auth_usr\""; - $result = mysql_db_query("tbdb", $cmnd); - if (!$result) { - $err = mysql_error(); - $message="Logout failed: $err"; - #echo $message; - } else { - $message="

You have been logged out, $auth_usr.

"; - #echo $message; - unset($auth_usr); - } -} elseif (isset($auth_usr)) { - #Check login... - addslashes($auth_usr); - $query = "SELECT timeout FROM login WHERE uid=\"$auth_usr\""; - $result = mysql_db_query("tbdb", $query); - $n = mysql_num_rows($result); - if ($n == 0) { - $message="

You are not logged in. Please go back to the - Home Page and log in first.\n"; - #echo $message; - } else { - $row = mysql_fetch_row($result); - if ($row[0] < time()) { # if their login expired - $message= "

You have been logged out due to inactivity. -Please log in again.

\n"; - #echo $message; - $cmnd = "DELETE FROM login WHERE uid=\"$auth_usr\""; - mysql_db_query("tbdb", $cmnd); - } else { - $timeout = time() + 86400; - $cmnd = "UPDATE login SET timeout=\"$timeout\" where uid=\"$auth_usr\""; - mysql_db_query("tbdb", $cmnd); + elseif ($status == "unapproved") { + USERERROR("Your account has not been approved yet. ". + "Please try back later", 1); } - } -} -if (isset($auth_usr)) { - echo "
"; - $query="SELECT status FROM users WHERE uid='$auth_usr'"; - $result = mysql_db_query("tbdb", $query); - $status_row = mysql_fetch_row($result); - $status = $status_row[0]; - $query="SELECT trust FROM grp_memb WHERE uid='$auth_usr'"; - $result = mysql_db_query("tbdb", $query); - $row = mysql_fetch_row($result); - $trust = $row[0]; - if ($status == "active") { - if ($trust == "group_root") { - # Only group leaders can do these options - echo "New User Approval\n"; - #echo "

Add a New User"; - #echo "

Add a New User"; - #echo "

"; + elseif (($status == "newuser") || ($status == "unverified")) { + echo "New User Verification\n"; + } + elseif (($status == "frozen") || ($status == "other")) { + USERERROR("Your account has been changed to status $status, and is ". + "currently unusable. Please contact your project leader ". + "to find out why.", 1); } - # Since a user can be a member of more than one project (grp), - # display this option, and let the form decide if the user is - # allowed to do this. - echo "

- Begin an Experiment\n"; - echo "

- End an Experiment\n"; - # Every active user can do these options. For - echo "

- Show experiment information\n"; - echo "

- Update user information\n"; - echo "

\n"; - } elseif ($status == "unapproved") { - echo "Your account has not been approved yet. Please try back "; - echo "later. Contact "; - echo ""; - echo "Testbed ops (testbed-ops@flux.cs.utah.edu)"; - echo " for further assistance.\n"; - } elseif (($status == "newuser") || ($status == "unverified")) { - echo "New User Verification\n"; - } elseif (($status == "frozen") || ($status == "other")) { - echo "Your account has been changed to status $status, and is "; - echo "currently unusable. Please contact your project leader to find out "; - echo "why. If you need further help, contact "; - echo ""; - echo "Testbed Ops (testbed-ops@flux.cs.utah.edu)."; - } } -?> -
-Start a Project\n"; -echo "

Join a Project"; -?> -


- - -$message"; + +# +# Standard options for anyone. +# +if (isset($uid)) { + echo "

Start a Project\n"; + echo "

Join a Project\n"; +} +else { + echo "

Start a Project\n"; + echo "

Join a Project\n"; +} +echo "


"; +echo "
"; +echo ""; + +echo "$login_status"; +# +# Present either a login box, or a logout box +# +if (isset($uid)) { + echo " + + \n"; } -if (!isset($auth_usr)) { - echo ""; -} else { - echo ""; +else { + echo " + + + + + + + + \n"; } ?> diff --git a/www/modusr_form.php3 b/www/modusr_form.php3 index 56e113f50b1991bd6fafe1cd8441abaafea3dfec..adc645c62c7c02d543e48262a4aeb1a2830d5ad9 100644 --- a/www/modusr_form.php3 +++ b/www/modusr_form.php3 @@ -7,33 +7,19 @@
@@ -74,63 +60,67 @@ echo "
+ \n"; - +echo " + + \n"; echo " + \n"; - +echo " + + \n"; echo " - + + + \n"; +echo "\n"; echo " - - - \n"; echo " - + + + \n"; - +echo " + + \n"; echo " + \n"; ?>
+ + +
Username:
Password:
Username:
Password:
+
Username:
Expiration date:
*Full Name: -
*Email Address: -
*Mailing Address:
Expiration date: -
*Full Name:*Mailing Address: -
*Phone #: -
*Old Password: - *Title/Position: -
New Password:*Institutional Affiliation: -
*Institutional
Affiliation:
New Password: -
Retype
New Password:
-
diff --git a/www/modusr_process.php3 b/www/modusr_process.php3 index cf272a4e0bf57af244bae38bdfd2e8cc14b35ded..921af3dff3d53804c676741547c6111bf101364d 100644 --- a/www/modusr_process.php3 +++ b/www/modusr_process.php3 @@ -44,9 +44,6 @@ if (!isset($usr_affil) || strcmp($usr_affil, "") == 0) { $formerror = "Institutional Affiliation"; } -if (!isset($old_password) || strcmp($old_password, "") == 0) { - $formerror = "Old Password"; -} if ($formerror != "No Error") { USERERROR("Missing field; Please go back and fill out ". @@ -54,23 +51,9 @@ if ($formerror != "No Error") { } # -# Verify the old password. +# Only known and logged in users can modify info. # -$pswd_result = mysql_db_query($TBDBNAME, - "SELECT usr_pswd FROM users WHERE uid=\"$uid\""); -if (!$pswd_result) { - TBERROR("Database Error retrieving password for $uid: $err\n", 1); -} -if ($row = mysql_fetch_row($pswd_result)) { - $db_encoding = $row[0]; - $salt = substr($db_encoding,0,2); - if ($salt[0] == $salt[1]) { $salt = $salt[0]; } - $encoding = crypt("$old_password", $salt); - if (strcmp($encoding, $db_encoding)) { - USERERROR("The password provided was incorrect. ". - "Please go back and retype the password.", 1); - } -} +LOGGEDINORDIE($uid); # # Now see if the user is requesting to change the password. We do the usual diff --git a/www/tbauth.php3 b/www/tbauth.php3 new file mode 100644 index 0000000000000000000000000000000000000000..c5a05e30ec2945b90d70ce824eb648cf5726dd27 --- /dev/null +++ b/www/tbauth.php3 @@ -0,0 +1,195 @@ + time() && + strcmp($curhash, $hashkey) == 0) { + return 1; + } + + # + # Clear out the database entry for completeness. + # + $query_result = mysql_db_query($TBDBNAME, + "DELETE FROM login WHERE uid=\"$uid\""); + if (! $query_result) { + $err = mysql_error(); + TBERROR("Database Error deleting login info for $uid: $err\n", 1); + } + + return -1; +} + +# +# This one checks for login, but then dies with an appropriate error +# message. +# +function LOGGEDINORDIE($uid) { + global $TBDBNAME, $TBAUTHCOOKIE, $TBAUTHDOMAIN, $TBAUTHTIMEOUT; + global $HTTP_COOKIE_VARS; + + $curhash = $HTTP_COOKIE_VARS[$TBAUTHCOOKIE]; + + $status = CHECKLOGIN($uid, $curhash); + switch ($status) { + case 0: + USERERROR("You do not appear to be logged in!", 1); + break; + case 1: + return $uid; + break; + case -1: + USERERROR("Your login has timed out! Please log in again.", 1); + break; + } + TBERROR("LOGGEDINORDIE failed mysteriously", 1); +} + +# +# Attempt a login. +# +function DOLOGIN($uid, $password) { + global $TBDBNAME, $TBAUTHCOOKIE, $TBAUTHDOMAIN, $TBAUTHTIMEOUT; + + $query_result = mysql_db_query($TBDBNAME, + "SELECT usr_pswd FROM users WHERE uid=\"$uid\""); + if (! $query_result) { + $err = mysql_error(); + TBERROR("Database Error retrieving password for $uid: $err\n", 1); + } + + # + # Check password in the database against provided. + # + if ($row = mysql_fetch_row($query_result)) { + $db_encoding = $row[0]; + $salt = substr($db_encoding, 0, 2); + if ($salt[0] == $salt[1]) { $salt = $salt[0]; } + $encoding = crypt("$password", $salt); + if (strcmp($encoding, $db_encoding)) { + return -1; + } + # + # Pass! Insert a record in the login table for this uid with + # the new hash value. If the user is already logged in, thats + # okay; just update it in place with a new hash and timeout. + # + $timeout = time() + 10800; + $hashkey = GENHASH(); + $query_result = mysql_db_query($TBDBNAME, + "SELECT timeout FROM login WHERE uid=\"$uid\""); + if (mysql_num_rows($query_result)) { + $query_result = mysql_db_query($TBDBNAME, + "UPDATE login set ". + "timeout='$timeout', hashkey='$hashkey' ". + "WHERE uid=\"$uid\""); + } + else { + $query_result = mysql_db_query($TBDBNAME, + "INSERT into login (uid, hashkey, timeout) ". + "VALUES ('$uid', '$hashkey', '$timeout')"); + } + if (! $query_result) { + $err = mysql_error(); + TBERROR("Database Error logging in $uid: $err\n", 1); + } + + # + # Issue the cookie request so that subsequent pages come back + # with the hash value embedded. + # + setcookie($TBAUTHCOOKIE, $hashkey, $timeout, "/", $TBAUTHDOMAIN, 0); + + return 0; + } + # + # No such user + # + return -1; +} + +# +# Log out a UID. Simply clear the entry from the login table. +# +# Should we kill the cookie? +# +function DOLOGOUT($uid) { + global $TBDBNAME; + + $query_result = mysql_db_query($TBDBNAME, + "SELECT hashkey timeout FROM login WHERE uid=\"$uid\""); + if (! $query_result) { + $err = mysql_error(); + TBERROR("Database Error retrieving login info for $uid: $err\n", 1); + } + + # Not logged in. + if (($row = mysql_fetch_array($query_result)) == 0) { + return 0; + } + + $hashkey = $row[hashkey]; + $timeout = time() - 3600; + + $query_result = mysql_db_query($TBDBNAME, + "DELETE FROM login WHERE uid=\"$uid\""); + + # + # Issue a cookie request to delete the cookie. + # + setcookie($TBAUTHCOOKIE, $hashkey, $timeout, "/", $TBAUTHDOMAIN, 0); + + return 0; +} + +# +# Beware empty spaces (cookies)! +# +?>