Please create your initial project.
A good Project Name
for your first project is probably 'testbed', but you can
choose anything you like.
\n";
}
else {
echo "
If you are a student
(undergrad or graduate), please
do not try to start a project!
Your advisor must do it.
Read this for more info.
\n";
if (! $returning) {
echo "
If you already have an Emulab account,
please log on first!
\n";
}
}
if ($errors) {
echo "
|
Oops, please fix the following errors!
|
\n";
while (list ($name, $message) = each ($errors)) {
echo "
|
$name: |
$message |
\n";
}
echo "
\n";
}
echo "\n";
echo "
|
Fields marked with * are required.
|
\n
\n";
echo "
- Please consult our
security policies for information
regarding passwords and email addresses.\n";
if (! $returning) {
echo "
- If you want us to use your existing ssh public key,
then either paste it in or specify the path to your
your identity.pub file. NOTE:
We use the OpenSSH
key format,
which has a slightly different protocol 2 public key format
than some of the commercial vendors such as
SSH Communications. If you
use one of these commercial vendors, then please
upload the public key file and we will convert it
for you. Please do not paste it in.\n
- Note to Opera 5
users: The file upload mechanism is broken in Opera, so
you cannot specify a local file for upload. Instead,
please paste your public key in.\n";
}
echo "
\n";
}
#
# The conclusion of a newproject request. See below.
#
if (isset($_GET['finished'])) {
PAGEHEADER("Start a New Testbed Project");
echo "
Your project request has been successfully queued.
Testbed Operations has been notified of your application.
Most applications are reviewed within a day; some even within
the hour, but sometimes as long as a week (rarely). We will notify
you by e-mail when a decision has been made.\n";
if (! $returning) {
echo "
In the meantime, as a new user of the Testbed you will receive
a key via email.
When you receive the message, please follow the instructions
contained in the message on how to verify your account.\n";
}
PAGEFOOTER();
return;
}
#
# On first load, display a virgin form and exit.
#
if (! isset($_POST['submit'])) {
$defaults = array();
$defaults[proj_URL] = "$HTTPTAG";
$defaults[usr_URL] = "$HTTPTAG";
$defaults[usr_country] = "USA";
$defaults[proj_ronpcs] = "";
$defaults[proj_plabpcs] = "";
$defaults[proj_public] = "checked";
$defaults[proj_linked] = "checked";
if ($FirstInitState == "createproject") {
$defaults[pid] = "testbed";
$defaults[proj_pcs] = "256";
$defaults[proj_members] = "256";
$defaults[proj_funders] = "none";
$defaults[proj_name] = "Your Testbed Project";
$defaults[proj_why] = "This project is used for testbed ".
"administrators to develop and test new software. ";
}
SPITFORM($defaults, $returning, 0);
PAGEFOOTER();
return;
}
else {
# Form submitted. Make sure we have a formfields array and a target_uid.
if (!isset($_POST['formfields']) ||
!is_array($_POST['formfields'])) {
PAGEARGERROR("Invalid form arguments.");
}
$formfields = $_POST['formfields'];
}
#
# Otherwise, must validate and redisplay if errors
#
$errors = array();
#
# These fields are required!
#
if (! $returning) {
if ($USERSELECTUIDS || $FirstInitState == "createproject") {
if (!isset($formfields[proj_head_uid]) ||
strcmp($formfields[proj_head_uid], "") == 0) {
$errors["Username"] = "Missing Field";
}
elseif (!TBvalid_uid($formfields[proj_head_uid])) {
$errors["UserName"] = TBFieldErrorString();
}
elseif (TBCurrentUser($formfields[proj_head_uid]) ||
posix_getpwnam($formfields[proj_head_uid])) {
$errors["UserName"] = "Already in use. Pick another";
}
}
if (!isset($formfields[usr_title]) ||
strcmp($formfields[usr_title], "") == 0) {
$errors["Job Title/Position"] = "Missing Field";
}
elseif (! TBvalid_title($formfields[usr_title])) {
$errors["Job Title/Position"] = TBFieldErrorString();
}
if (!isset($formfields[usr_name]) ||
strcmp($formfields[usr_name], "") == 0) {
$errors["Full Name"] = "Missing Field";
}
elseif (! TBvalid_usrname($formfields[usr_name])) {
$errors["Full Name"] = TBFieldErrorString();
}
# Make sure user name has at least two tokens!
$tokens = preg_split("/[\s]+/", $formfields[usr_name],
-1, PREG_SPLIT_NO_EMPTY);
if (count($tokens) < 2) {
$errors["Full Name"] = "Please provide a first and last name";
}
if ($WIKISUPPORT) {
if (!isset($formfields[wikiname]) ||
strcmp($formfields[wikiname], "") == 0) {
$errors["WikiName"] = "Missing Field";
}
elseif (! TBvalid_wikiname($formfields[wikiname])) {
$errors["WikiName"] = TBFieldErrorString();
}
elseif (TBCurrentWikiName($formfields[wikiname])) {
$errors["WikiName"] = "Already in use. Pick another";
}
}
if (!isset($formfields[usr_affil]) ||
strcmp($formfields[usr_affil], "") == 0) {
$errors["Affiliation"] = "Missing Field";
}
elseif (! TBvalid_affiliation($formfields[usr_affil])) {
$errors["Affiliation"] = TBFieldErrorString();
}
if (!isset($formfields[usr_email]) ||
strcmp($formfields[usr_email], "") == 0) {
$errors["Email Address"] = "Missing Field";
}
elseif (! TBvalid_email($formfields[usr_email])) {
$errors["Email Address"] = TBFieldErrorString();
}
elseif (TBCurrentEmail($formfields[usr_email])) {
#
# Treat this error separate. Not allowed.
#
$errors["Email Address"] =
"Already in use. Did you forget to login?";
}
if (isset($formfields[usr_URL]) &&
strcmp($formfields[usr_URL], "") &&
strcmp($formfields[usr_URL], $HTTPTAG) &&
! CHECKURL($formfields[usr_URL], $urlerror)) {
$errors["Home Page URL"] = $urlerror;
}
if (!isset($formfields[usr_addr]) ||
strcmp($formfields[usr_addr], "") == 0) {
$errors["Address 1"] = "Missing Field";
}
elseif (! TBvalid_addr($formfields[usr_addr])) {
$errors["Address 1"] = TBFieldErrorString();
}
# Optional
if (isset($formfields[usr_addr2]) &&
!TBvalid_addr($formfields[usr_addr2])) {
$errors["Address 2"] = TBFieldErrorString();
}
if (!isset($formfields[usr_city]) ||
strcmp($formfields[usr_city], "") == 0) {
$errors["City"] = "Missing Field";
}
elseif (! TBvalid_city($formfields[usr_city])) {
$errors["City"] = TBFieldErrorString();
}
if (!isset($formfields[usr_state]) ||
strcmp($formfields[usr_state], "") == 0) {
$errors["State"] = "Missing Field";
}
elseif (! TBvalid_state($formfields[usr_state])) {
$errors["State"] = TBFieldErrorString();
}
if (!isset($formfields[usr_zip]) ||
strcmp($formfields[usr_zip], "") == 0) {
$errors["ZIP/Postal Code"] = "Missing Field";
}
elseif (! TBvalid_zip($formfields[usr_zip])) {
$errors["Zip/Postal Code"] = TBFieldErrorString();
}
if (!isset($formfields[usr_country]) ||
strcmp($formfields[usr_country], "") == 0) {
$errors["Country"] = "Missing Field";
}
elseif (! TBvalid_country($formfields[usr_country])) {
$errors["Country"] = TBFieldErrorString();
}
if (!isset($formfields[usr_phone]) ||
strcmp($formfields[usr_phone], "") == 0) {
$errors["Phone #"] = "Missing Field";
}
elseif (!TBvalid_phone($formfields[usr_phone])) {
$errors["Phone #"] = TBFieldErrorString();
}
if (!isset($formfields[password1]) ||
strcmp($formfields[password1], "") == 0) {
$errors["Password"] = "Missing Field";
}
if (!isset($formfields[password2]) ||
strcmp($formfields[password2], "") == 0) {
$errors["Confirm Password"] = "Missing Field";
}
elseif (strcmp($formfields[password1], $formfields[password2])) {
$errors["Confirm Password"] = "Does not match Password";
}
elseif (! CHECKPASSWORD((($USERSELECTUIDS ||
$FirstInitState == "createproject") ?
$formfields[proj_head_uid] : "ignored"),
$formfields[password1],
$formfields[usr_name],
$formfields[usr_email], $checkerror)) {
$errors["Password"] = "$checkerror";
}
}
if (!isset($formfields[pid]) ||
strcmp($formfields[pid], "") == 0) {
$errors["Project Name"] = "Missing Field";
}
else {
if (!TBvalid_newpid($formfields[pid])) {
$errors["Project Name"] = TBFieldErrorString();
}
elseif (TBValidProject($formfields[pid])) {
$errors["Project Name"] =
"Already in use. Select another";
}
}
if (!isset($formfields[proj_name]) ||
strcmp($formfields[proj_name], "") == 0) {
$errors["Project Description"] = "Missing Field";
}
elseif (! TBvalid_description($formfields[proj_name])) {
$errors["Project Description"] = TBFieldErrorString();
}
if (!isset($formfields[proj_URL]) ||
strcmp($formfields[proj_URL], "") == 0 ||
strcmp($formfields[proj_URL], $HTTPTAG) == 0) {
$errors["Project URL"] = "Missing Field";
}
elseif (! CHECKURL($formfields[proj_URL], $urlerror)) {
$errors["Project URL"] = $urlerror;
}
if (!isset($formfields[proj_funders]) ||
strcmp($formfields[proj_funders], "") == 0) {
$errors["Funding Sources"] = "Missing Field";
}
elseif (! TBvalid_description($formfields[proj_funders])) {
$errors["Funding Sources"] = TBFieldErrorString();
}
if (!isset($formfields[proj_members]) ||
strcmp($formfields[proj_members], "") == 0) {
$errors["#of Members"] = "Missing Field";
}
elseif (! TBvalid_num_members($formfields[proj_members])) {
$errors["#of Members"] = TBFieldErrorString();
}
if (!isset($formfields[proj_pcs]) ||
strcmp($formfields[proj_pcs], "") == 0) {
$errors["#of PCs"] = "Missing Field";
}
elseif (! TBvalid_num_pcs($formfields[proj_pcs])) {
$errors["#of PCs"] = TBFieldErrorString();
}
if (isset($formfields[proj_plabpcs]) &&
strcmp($formfields[proj_plabpcs], "") &&
strcmp($formfields[proj_plabpcs], "checked")) {
$errors["Planetlab Access"] = "Bad Value";
}
if (isset($formfields[proj_ronpcs]) &&
strcmp($formfields[proj_ronpcs], "") &&
strcmp($formfields[proj_ronpcs], "checked")) {
$errors["Ron Access"] = "Bad Value";
}
if (!isset($formfields[proj_why]) ||
strcmp($formfields[proj_why], "") == 0) {
$errors["How and Why?"] = "Missing Field";
}
elseif (! TBvalid_why($formfields[proj_why])) {
$errors["How and Why?"] = TBFieldErrorString();
}
if ((!isset($formfields[proj_public]) ||
strcmp($formfields[proj_public], "checked")) &&
(!isset($formfields[proj_whynotpublic]) ||
strcmp($formfields[proj_whynotpublic], "") == 0)) {
$errors["Why Not Public?"] = "Missing Field";
}
if (isset($formfields[proj_linked]) &&
strcmp($formfields[proj_linked], "") &&
strcmp($formfields[proj_linked], "checked")) {
$errors["Link to Us"] = "Bad Value";
}
# Present these errors before we call out to do pubkey stuff; saves work.
if (count($errors)) {
SPITFORM($formfields, $returning, $errors);
PAGEFOOTER();
return;
}
# Okay, do pubkey checks.
if (!$returning) {
#
# Pub Key.
#
if (isset($formfields[usr_key]) &&
strcmp($formfields[usr_key], "")) {
#
# This is passed off to the shell, so taint check it.
#
if (! preg_match("/^[-\w\s\.\@\+\/\=]*$/", $formfields[usr_key])) {
$errors["PubKey"] = "Invalid characters";
}
else {
#
# Replace any embedded newlines first.
#
$formfields[usr_key] =
ereg_replace("[\n]", "", $formfields[usr_key]);
$usr_key = $formfields[usr_key];
#
# Verify key format.
#
if (ADDPUBKEY(null, "webaddpubkey -n -k '$usr_key' ")) {
$errors["Pubkey Format"] =
"Could not be parsed. Is it a public key?";
}
else {
$addpubkeyargs = "-k '$usr_key' ";
}
}
}
#
# If usr provided a file for the key, it overrides the paste in text.
#
if (isset($_FILES['usr_keyfile']) &&
$_FILES['usr_keyfile']['name'] != "" &&
$_FILES['usr_keyfile']['name'] != "none") {
$localfile = $_FILES['usr_keyfile']['tmp_name'];
if (! stat($localfile)) {
$errors["PubKey File"] = "No such file";
}
# Taint check shell arguments always!
elseif (! preg_match("/^[-\w\.\/]*$/", $localfile)) {
$errors["PubKey File"] = "Invalid characters";
}
else {
chmod($localfile, 0644);
#
# Verify key format.
#
if (ADDPUBKEY(null, "webaddpubkey -n $localfile ")) {
$errors["Pubkey Format"] =
"Could not be parsed. Is it a public key?";
}
else {
$addpubkeyargs = "$localfile";
}
}
}
}
# Done with sanity checks!
if (count($errors)) {
SPITFORM($formfields, $returning, $errors);
PAGEFOOTER();
return;
}
#
# Certain of these values must be escaped or otherwise sanitized.
#
if (!$returning) {
$proj_head_uid = (($USERSELECTUIDS ||
$FirstInitState == "createproject") ?
$formfields[proj_head_uid] : null);
$usr_title = addslashes($formfields[usr_title]);
$usr_name = addslashes($formfields[usr_name]);
$usr_affil = addslashes($formfields[usr_affil]);
$usr_email = $formfields[usr_email];
$usr_addr = addslashes($formfields[usr_addr]);
$usr_city = addslashes($formfields[usr_city]);
$usr_state = addslashes($formfields[usr_state]);
$usr_zip = addslashes($formfields[usr_zip]);
$usr_country = addslashes($formfields[usr_country]);
$usr_phone = $formfields[usr_phone];
$password1 = $formfields[password1];
$password2 = $formfields[password2];
$wikiname = ($WIKISUPPORT ? $formfields[wikiname] : "");
$usr_returning = "No";
if (! isset($formfields[usr_URL]) ||
strcmp($formfields[usr_URL], "") == 0 ||
strcmp($formfields[usr_URL], $HTTPTAG) == 0) {
$usr_URL = "";
}
else {
$usr_URL = addslashes($formfields[usr_URL]);
}
if (! isset($formfields[usr_addr2])) {
$usr_addr2 = "";
}
else {
$usr_addr2 = addslashes($formfields[usr_addr2]);
}
$args = array();
$args["usr_expires"] = $proj_expires;
$args["usr_name"] = $usr_name;
$args["usr_email"] = $usr_email;
$args["usr_addr"] = $usr_addr;
$args["usr_addr2"] = $usr_addr2;
$args["usr_city"] = $usr_city;
$args["usr_state"] = $usr_state;
$args["usr_zip"] = $usr_zip;
$args["usr_country"] = $usr_country;
$args["usr_URL"] = $usr_URL;
$args["usr_phone"] = $usr_phone;
$args["usr_shell"] = 'tcsh';
$args["usr_title"] = $usr_title;
$args["usr_affil"] = $usr_affil;
$args["usr_pswd"] = crypt("$password1");
$args["wikiname"] = $wikiname;
if (! ($leader = User::NewUser($proj_head_uid, 1, 0, $args))) {
TBERROR("Could not create new user '$usr_email'!", 1);
}
# If null; used below
$proj_head_uid = $leader->uid();
if (isset($addpubkeyargs)) {
ADDPUBKEY($proj_head_uid,
"webaddpubkey -u $proj_head_uid $addpubkeyargs");
}
}
else {
if (! ($leader = User::LookupByUid($proj_head_uid))) {
TBERROR("Could not lookup project leader '$proj_head_uid'!", 1);
}
$usr_title = $leader->title();
$usr_name = $leader->name();
$usr_affil = $leader->affil();
$usr_email = $leader->email();
$usr_addr = $leader->addr();
$usr_addr2 = $leader->addr2();
$usr_city = $leader->city();
$usr_state = $leader->state();
$usr_zip = $leader->zip();
$usr_country = $leader->country();
$usr_phone = $leader->phone();
$usr_URL = $leader->URL();
$wikiname = $leader->wikiname();
$usr_returning = "Yes";
}
# And the project details.
$pid = $formfields[pid];
$proj_name = addslashes($formfields[proj_name]);
$proj_URL = addslashes($formfields[proj_URL]);
$proj_funders = addslashes($formfields[proj_funders]);
$proj_whynotpublic = addslashes($formfields[proj_whynotpublic]);
$proj_members = $formfields[proj_members];
$proj_pcs = $formfields[proj_pcs];
$proj_why = addslashes($formfields[proj_why]);
$proj_expires = date("Y:m:d", time() + (86400 * 120));
if (!isset($formfields[proj_public]) ||
strcmp($formfields[proj_public], "checked")) {
$proj_public = "No";
$public = 0;
}
else {
$proj_public = "Yes";
$public = 1;
}
if (!isset($formfields[proj_linked]) ||
strcmp($formfields[proj_linked], "checked")) {
$proj_linked = "No";
$linked = 0;
}
else {
$proj_linked = "Yes";
$linked = 1;
}
if (isset($formfields[proj_plabpcs]) &&
$formfields[proj_plabpcs] == "checked") {
$proj_plabpcs = "Yes";
$plabpcs = 1;
}
else {
$proj_plabpcs = "No";
$plabpcs = 0;
}
if (isset($formfields[proj_ronpcs]) &&
$formfields[proj_ronpcs] == "checked") {
$proj_ronpcs = "Yes";
$ronpcs = 1;
}
else {
$proj_ronpcs = "No";
$ronpcs = 0;
}
#
# Now for the new Project
#
$args = array();
$args["expires"] = $proj_expires;
$args["name"] = $proj_name;
$args["URL"] = $proj_URL;
$args["num_members"] = $proj_members;
$args["num_pcs"] = $proj_pcs;
$args["why"] = $proj_why;
$args["funders"] = $proj_funders;
$args["num_pcplab"] = $plabpcs;
$args["num_ron"] = $ronpcs;
$args["public"] = $public;
$args["public_whynot"] = $proj_whynotpublic;
$args["linked_to_us"] = $linked;
if (! ($project = Project::NewProject($pid, $leader, $args))) {
TBERROR("Could not create new project '$pid'!", 1);
}
#
# If a new user, do not send the full blown message until verified.
#
if ($returning || $FirstInitState) {
$unix_gid = $project->unix_gid();
$unix_name = $project->unix_name();
#
# The mail message to the approval list.
#
TBMAIL($TBMAIL_APPROVAL,
"New Project '$pid' ($proj_head_uid)",
"'$usr_name' wants to start project '$pid'.\n".
"\n".
"Name: $usr_name ($proj_head_uid)\n".
"Returning User?: $usr_returning\n".
"Email: $usr_email\n".
"User URL: $usr_URL\n".
"Project: $proj_name\n".
"Expires: $proj_expires\n".
"Project URL: $proj_URL\n".
"Public URL: $proj_public\n".
"Why Not Public: $proj_whynotpublic\n".
"Link to Us?: $proj_linked\n".
"Funders: $proj_funders\n".
"Job Title: $usr_title\n".
"Affiliation: $usr_affil\n".
"Address 1: $usr_addr\n".
"Address 2: $usr_addr2\n".
"City: $usr_city\n".
"State: $usr_state\n".
"ZIP/Postal Code: $usr_zip\n".
"Country: $usr_country\n".
"Phone: $usr_phone\n".
"Members: $proj_members\n".
"PCs: $proj_pcs\n".
"Planetlab PCs: $proj_plabpcs\n".
"RON PCs: $proj_ronpcs\n".
"Unix GID: $unix_name ($unix_gid)\n".
"Reasons:\n$proj_why\n\n".
"Please review the application and when you have made a \n".
"decision, go to $TBWWW and\n".
"select the 'Project Approval' page.\n\n".
"They are expecting a result within 72 hours.\n",
"From: $usr_name '$proj_head_uid' <$usr_email>\n".
"Reply-To: $TBMAIL_APPROVAL\n".
"Errors-To: $TBMAIL_WWW");
}
else {
TBMAIL($TBMAIL_APPROVAL,
"New Project '$pid' ($proj_head_uid)",
"'$usr_name' wants to start project '$pid'.\n".
"\n".
"Name: $usr_name ($proj_head_uid)\n".
"Email: $usr_email\n".
"Returning User?: No\n".
"\n".
"No action is necessary until the user has verified the account.\n",
"From: $usr_name '$proj_head_uid' <$usr_email>\n".
"Reply-To: $TBMAIL_APPROVAL\n".
"Errors-To: $TBMAIL_WWW");
}
if ($FirstInitState) {
#
# The first user gets admin status and some extra groups, etc.
#
DBQueryFatal("update users set ".
" admin=1,status='". TBDB_USERSTATUS_UNAPPROVED . "' " .
"where uid='$proj_head_uid'");
DBQueryFatal("insert into unixgroup_membership set ".
"uid='$proj_head_uid', gid='wheel'");
DBQueryFatal("insert into unixgroup_membership set ".
"uid='$proj_head_uid', gid='$TBADMINGROUP'");
Group::Initialize($proj_head_uid, $pid);
#
# Move to next phase.
#
TBSetFirstInitPid($pid);
TBSetFirstInitState("approveproject");
header("Location: approveproject.php3?pid=$pid&approval=approve");
return;
}
#
# Spit out a redirect so that the history does not include a post
# in it. The back button skips over the post and to the form.
# See above for conclusion.
#
header("Location: newproject.php3?finished=1");
?>