\n"; if ($forwikionly) { echo "Register for an Emulab Wiki account

\n"; } echo " If you already have an Emulab account, please log on first! \n"; if ($forwikionly) { echo "
(You will already have a wiki account)\n"; } echo "
\n"; } elseif ($forwikionly) { USERERROR("You already have a Wiki account!", 1); } if ($errors) { echo "\n"; while (list ($name, $message) = each ($errors)) { echo "\n"; } echo "

Oops, please fix the following errors!
$name:	$message

\n"; } echo "\n"; echo "\n \n"; if (! $returning) { if ($USERSELECTUIDS) { # # UID. # echo "\n"; } # # Full Name # echo "\n"; # # WikiName # if ($WIKISUPPORT) { echo "\n"; } if (! $forwikionly) { # # Title/Position: # echo "\n"; # # Affiliation: # echo "\n"; # # User URL # echo "\n"; } # # Email: # echo "\n"; if (! $forwikionly) { # # Postal Address # echo ""; # # Phone # echo "\n"; # # SSH public key # echo "\n"; } # # Password. Note that we do not resend the password. User # must retype on error. # echo "\n"; echo "\n"; } if (! $forwikionly) { # # Project Name: # echo "\n"; # # Group Name: # echo "\n"; } echo "\n"; echo "

Fields marked with * are required.

*Username (alphanumeric, lowercase):

*Full Name (first and last):

*WikiName:

*Job Title/Position:

*Institutional
Affiliation:

Home Page URL:

*Email Address[1]:

*Postal Address:

Line 1
Line 2
City		State/Province
ZIP/Postal Code		Country

*Phone #:

Your SSH Pub Key:
[2]

Upload (1K max)[3]
Or
Insert Key

*Password[1]:

*Retype Password:

*Project Name:

Group Name:
(Leave blank unless you know the group name)

\n"; echo "

Please consult our security policies for information regarding passwords and email addresses.\n"; if (!$returning && !$forwikionly) { echo "
If you want us to use your existing ssh public key, then either paste it in or specify the path to your your identity.pub file. NOTE: We use the OpenSSH key format, which has a slightly different protocol 2 public key format than some of the commercial vendors such as SSH Communications. If you use one of these commercial vendors, then please upload the public key file and we will convert it for you. Please do not paste it in.\n
Note to Opera 5 users: The file upload mechanism is broken in Opera, so you cannot specify a local file for upload. Instead, please paste your public key in.\n"; } echo "

\n"; } # # The conclusion of a join request. See below. # if (isset($_GET['finished'])) { if ($forwikionly) PAGEHEADER("Wiki Registration"); else PAGEHEADER("Apply for Project Membership"); # # Generate some warm fuzzies. # if ($forwikionly) { echo "An email message has been sent to your account so we may verify your email address. Please follow the instructions contained in that message, which will verify your account, and grant you access to the Wiki.\n"; } elseif (! $returning) { echo "

As a pending user of the Testbed you will receive a key via email. When you receive the message, please follow the instructions contained in the message, which will verify your identity.

When you have done that, the project leader will be notified of your application. "; } else { echo "

The project leader has been notified of your application. "; } echo "He/She will make a decision and either approve or deny your application, and you will be notified via email as soon as that happens.\n"; PAGEFOOTER(); return; } # # On first load, display a virgin form and exit. # if (! isset($_POST['submit'])) { $defaults = array(); $defaults[usr_URL] = "$HTTPTAG"; $defaults[usr_country] = "USA"; # # These two allow presetting the pid/gid. # if (isset($target_pid) && strcmp($target_pid, "")) { $defaults[pid] = $target_pid; } if (isset($target_gid) && strcmp($target_gid, "")) { $defaults[gid] = $target_gid; } SPITFORM($defaults, $returning, 0); PAGEFOOTER(); return; } else { # Form submitted. Make sure we have a formfields array and a target_uid. if (!isset($_POST['formfields']) || !is_array($_POST['formfields'])) { PAGEARGERROR("Invalid form arguments."); } $formfields = $_POST['formfields']; } # # Otherwise, must validate and redisplay if errors # $errors = array(); # # These fields are required! # if (! $returning) { if ($USERSELECTUIDS) { if (!isset($formfields[joining_uid]) || strcmp($formfields[joining_uid], "") == 0) { $errors["Username"] = "Missing Field"; } elseif (!TBvalid_uid($formfields[joining_uid])) { $errors["UserName"] = TBFieldErrorString(); } elseif (TBCurrentUser($formfields[joining_uid]) || posix_getpwnam($formfields[joining_uid])) { $errors["UserName"] = "Already in use. Pick another"; } } if (!isset($formfields[usr_name]) || strcmp($formfields[usr_name], "") == 0) { $errors["Full Name"] = "Missing Field"; } elseif (! TBvalid_usrname($formfields[usr_name])) { $errors["Full Name"] = TBFieldErrorString(); } # Make sure user name has at least two tokens! $tokens = preg_split("/[\s]+/", $formfields[usr_name], -1, PREG_SPLIT_NO_EMPTY); if (count($tokens) < 2) { $errors["Full Name"] = "Please provide a first and last name"; } if ($WIKISUPPORT) { if (!isset($formfields[wikiname]) || strcmp($formfields[wikiname], "") == 0) { $errors["WikiName"] = "Missing Field"; } elseif (! TBvalid_wikiname($formfields[wikiname])) { $errors["WikiName"] = TBFieldErrorString(); } elseif (TBCurrentWikiName($formfields[wikiname])) { $errors["WikiName"] = "Already in use. Pick another"; } } if (!$forwikionly) { if (!isset($formfields[usr_title]) || strcmp($formfields[usr_title], "") == 0) { $errors["Job Title/Position"] = "Missing Field"; } elseif (! TBvalid_title($formfields[usr_title])) { $errors["Job Title/Position"] = TBFieldErrorString(); } if (!isset($formfields[usr_affil]) || strcmp($formfields[usr_affil], "") == 0) { $errors["Affiliation"] = "Missing Field"; } elseif (! TBvalid_affiliation($formfields[usr_affil])) { $errors["Affiliation"] = TBFieldErrorString(); } } if (!isset($formfields[usr_email]) || strcmp($formfields[usr_email], "") == 0) { $errors["Email Address"] = "Missing Field"; } elseif (! TBvalid_email($formfields[usr_email])) { $errors["Email Address"] = TBFieldErrorString(); } elseif (TBCurrentEmail($formfields[usr_email])) { $errors["Email Address"] = "Already in use. Did you forget to login?"; } if (! $forwikionly) { if (isset($formfields[usr_URL]) && strcmp($formfields[usr_URL], "") && strcmp($formfields[usr_URL], $HTTPTAG) && ! CHECKURL($formfields[usr_URL], $urlerror)) { $errors["Home Page URL"] = $urlerror; } if (!isset($formfields[usr_addr]) || strcmp($formfields[usr_addr], "") == 0) { $errors["Address 1"] = "Missing Field"; } elseif (! TBvalid_addr($formfields[usr_addr])) { $errors["Address 1"] = TBFieldErrorString(); } # Optional if (isset($formfields[usr_addr2]) && !TBvalid_addr($formfields[usr_addr2])) { $errors["Address 2"] = TBFieldErrorString(); } if (!isset($formfields[usr_city]) || strcmp($formfields[usr_city], "") == 0) { $errors["City"] = "Missing Field"; } elseif (! TBvalid_city($formfields[usr_city])) { $errors["City"] = TBFieldErrorString(); } if (!isset($formfields[usr_state]) || strcmp($formfields[usr_state], "") == 0) { $errors["State"] = "Missing Field"; } elseif (! TBvalid_state($formfields[usr_state])) { $errors["State"] = TBFieldErrorString(); } if (!isset($formfields[usr_zip]) || strcmp($formfields[usr_zip], "") == 0) { $errors["ZIP/Postal Code"] = "Missing Field"; } elseif (! TBvalid_zip($formfields[usr_zip])) { $errors["Zip/Postal Code"] = TBFieldErrorString(); } if (!isset($formfields[usr_country]) || strcmp($formfields[usr_country], "") == 0) { $errors["Country"] = "Missing Field"; } elseif (! TBvalid_country($formfields[usr_country])) { $errors["Country"] = TBFieldErrorString(); } if (!isset($formfields[usr_phone]) || strcmp($formfields[usr_phone], "") == 0) { $errors["Phone #"] = "Missing Field"; } elseif (!TBvalid_phone($formfields[usr_phone])) { $errors["Phone #"] = TBFieldErrorString(); } } if (!isset($formfields[password1]) || strcmp($formfields[password1], "") == 0) { $errors["Password"] = "Missing Field"; } if (!isset($formfields[password2]) || strcmp($formfields[password2], "") == 0) { $errors["Confirm Password"] = "Missing Field"; } elseif (strcmp($formfields[password1], $formfields[password2])) { $errors["Confirm Password"] = "Does not match Password"; } elseif (! CHECKPASSWORD(($USERSELECTUIDS ? $formfields[joining_uid] : "ignored"), $formfields[password1], $formfields[usr_name], $formfields[usr_email], $checkerror)) { $errors["Password"] = "$checkerror"; } } if (!$forwikionly) { if (!isset($formfields[pid]) || $formfields[pid] == "") { $errors["Project Name"] = "Missing Field"; } else { # Confirm pid/gid early to avoid spamming the page. $pid = $formfields[pid]; if (isset($formfields[gid]) && $formfields[gid] != "") { $gid = $formfields[gid]; } else { $gid = $pid; } if (!TBvalid_pid($pid) || !TBValidProject($pid)) { $errors["Project Name"] = "Invalid Project Name"; } elseif (!TBvalid_gid($gid) || !TBValidGroup($pid, $gid)) { $errors["Group Name"] = "Invalid Group Name"; } } } # Present these errors before we call out to do pubkey stuff; saves work. if (count($errors)) { SPITFORM($formfields, $returning, $errors); PAGEFOOTER(); return; } # Okay, do pubkey checks. if (!$returning && !$forwikionly) { # # Pub key provided in form (paste in). # if (isset($formfields[usr_key]) && strcmp($formfields[usr_key], "")) { # # This is passed off to the shell, so taint check it. # if (! preg_match("/^[-\w\s\.\@\+\/\=]*$/", $formfields[usr_key])) { $errors["PubKey"] = "Invalid characters"; } else { # # Replace any embedded newlines first. # $formfields[usr_key] = ereg_replace("[\n]", "", $formfields[usr_key]); $usr_key = $formfields[usr_key]; # # Verify key format. # if (ADDPUBKEY(null, "webaddpubkey -n -k '$usr_key' ")) { $errors["Pubkey Format"] = "Could not be parsed. Is it a public key?"; } else { $addpubkeyargs = "-k '$usr_key' "; } } } # # If usr provided a file for the key, it overrides the paste in text. # if (isset($_FILES['usr_keyfile']) && $_FILES['usr_keyfile']['name'] != "" && $_FILES['usr_keyfile']['name'] != "none") { $localfile = $_FILES['usr_keyfile']['tmp_name']; if (! stat($localfile)) { $errors["PubKey File"] = "No such file"; } # Taint check shell arguments always! elseif (! preg_match("/^[-\w\.\/]*$/", $localfile)) { $errors["PubKey File"] = "Invalid characters"; } else { chmod($localfile, 0644); # # Verify key format. # if (ADDPUBKEY(null, "webaddpubkey -n $localfile ")) { $errors["Pubkey Format"] = "Could not be parsed. Is it a public key?"; } else { $addpubkeyargs = "$localfile"; } } } } # # Need the user, project and group objects for the rest of this. # if (!$forwikionly) { if (! ($project = Project::LookupByPid($pid))) { TBERROR("Could not lookup object for $pid!", 1); } if (! ($group = Group::LookupByPidGid($pid, $gid))) { TBERROR("Could not lookup object for $pid/$gid!", 1); } if ($returning) { if (! ($user = User::LookupByUid($joining_uid))) { TBERROR("Could not lookup user '$joining_uid'!", 1); } if ($group->IsMember($user)) { $errors["Membership"] = "You are already a member"; } } } # Done with sanity checks! if (count($errors)) { SPITFORM($formfields, $returning, $errors); PAGEFOOTER(); return; } # # Create a new user. # if (! $returning) { # # Certain of these values must be escaped or otherwise sanitized. # $joining_uid = ($USERSELECTUIDS ? $formfields[joining_uid] : null); $usr_name = addslashes($formfields[usr_name]); $usr_email = $formfields[usr_email]; $password1 = $formfields[password1]; $password2 = $formfields[password2]; $wikiname = ($WIKISUPPORT ? $formfields[wikiname] : ""); if (!$forwikionly) { $usr_affil = addslashes($formfields[usr_affil]); $usr_title = addslashes($formfields[usr_title]); $usr_addr = addslashes($formfields[usr_addr]); $usr_city = addslashes($formfields[usr_city]); $usr_state = addslashes($formfields[usr_state]); $usr_zip = addslashes($formfields[usr_zip]); $usr_country = addslashes($formfields[usr_country]); $usr_phone = $formfields[usr_phone]; } else { $usr_affil = ""; $usr_title = ""; $usr_addr = ""; $usr_city = ""; $usr_state = ""; $usr_zip = ""; $usr_country = ""; $usr_phone = ""; } if (! isset($formfields[usr_URL]) || strcmp($formfields[usr_URL], "") == 0 || strcmp($formfields[usr_URL], $HTTPTAG) == 0) { $usr_URL = ""; } else { $usr_URL = addslashes($formfields[usr_URL]); } if (! isset($formfields[usr_addr2])) { $usr_addr2 = ""; } else { $usr_addr2 = addslashes($formfields[usr_addr2]); } $args = array(); $args["usr_expires"] = date("Y:m:d", time() + (86400 * 120)); $args["usr_name"] = $usr_name; $args["usr_email"] = $usr_email; $args["usr_addr"] = $usr_addr; $args["usr_addr2"] = $usr_addr2; $args["usr_city"] = $usr_city; $args["usr_state"] = $usr_state; $args["usr_zip"] = $usr_zip; $args["usr_country"] = $usr_country; $args["usr_URL"] = $usr_URL; $args["usr_phone"] = $usr_phone; $args["usr_shell"] = 'tcsh'; $args["usr_title"] = $usr_title; $args["usr_affil"] = $usr_affil; $args["usr_pswd"] = crypt("$password1"); $args["wikiname"] = $wikiname; if (! ($user = User::NewUser($joining_uid, 0, $forwikionly, $args))) { TBERROR("Could not create new user '$usr_email'!", 1); } $joining_uid = $user->uid(); if (!$forwikionly && isset($addpubkeyargs)) { ADDPUBKEY($joining_uid, "webaddpubkey -u $joining_uid $addpubkeyargs"); } } # # For wikionly registration, we are done. # if ($forwikionly) { header("Location: wikiregister.php3?finished=1"); exit(); } # # If joining a subgroup, also add to project group. # if ($pid != $gid && ! $project->IsMember($user)) { if ($project->AddNewMember($user) < 0) { TBERROR("Could not add user $joining_uid to project group $pid", 1); } } # # Add to the group, but with trust=none. The project/group leader will have # to upgrade the trust level, making the new user real. # if ($group->AddNewMember($user) < 0) { TBERROR("Could not add user $joining_uid to group $pid/$gid", 1); } # # Generate an email message to the proj/group leaders. # if ($returning) { $group->NewMemberNotify($user); } # # Spit out a redirect so that the history does not include a post # in it. The back button skips over the post and to the form. # See above for conclusion. # header("Location: joinproject.php3?finished=1");