newproject.php3 38.4 KB
Newer Older
1
<?php
Leigh Stoller's avatar
Leigh Stoller committed
2
#
3
# Copyright (c) 2000-2014, 2018 University of Utah and the Flux Group.
4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
# 
# {{{EMULAB-LICENSE
# 
# This file is part of the Emulab network testbed software.
# 
# This file is free software: you can redistribute it and/or modify it
# under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or (at
# your option) any later version.
# 
# This file is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public
# License for more details.
# 
# You should have received a copy of the GNU Affero General Public License
# along with this file.  If not, see <http://www.gnu.org/licenses/>.
# 
# }}}
Leigh Stoller's avatar
Leigh Stoller committed
23
#
24 25
include("defs.php3");

26
#
27 28 29
# No PAGEHEADER since we spit out a Location header later. See below.
# 

30
#
31
# Get current user.
32 33
#
$this_user = CheckLogin($check_status);
34

35 36 37 38
#
# Verify page arguments.
#
$optargs = OptionalPageArguments("submit",       PAGEARG_STRING,
39 40
				 "uid",          PAGEARG_STRING,
				 "email",        PAGEARG_STRING,
41 42 43
				 "finished",     PAGEARG_BOOLEAN,
				 "formfields",   PAGEARG_ARRAY);

44 45 46 47 48
#
# See if we are in an initial Emulab setup.
#
$FirstInitState = (TBGetFirstInitState() == "createproject");

49 50 51
# Need this below;
$show_sslcertbox = TBGetSiteVar("protogeni/show_sslcertbox");

52
#
53 54 55
# If a uid came in, then we check to see if the login is valid.
# If the login is not valid. We require that the user be logged in
# to start a second project.
56
#
57
if ($this_user && !$FirstInitState) {
58 59
    # Allow unapproved users to create multiple projects ...
    # Must be verified though.
60 61
    CheckLoginOrDie(CHECKLOGIN_UNAPPROVED|CHECKLOGIN_WEBONLY);
    $proj_head_uid = $this_user->uid();
62
    $returning = 1;
63
}
64 65
elseif ($FirstInitState) {
    # Initial setup of new site.
66
    $returning = 0;
67
}
68 69 70 71
else {
    header("Location: portal/signup.php");
    
}
72
unset($addpubkeyargs);
73

Leigh Stoller's avatar
Leigh Stoller committed
74 75 76
$ACCOUNTWARNING =
    "Before continuing, please make sure your username " .
    "reflects your normal login name. ".
77
    "Emulab accounts are not to be shared amongst users!";
78

Leigh Stoller's avatar
Leigh Stoller committed
79 80 81
$EMAILWARNING =
    "Before continuing, please make sure the email address you have ".
    "provided is current and non-pseudonymic. Redirections and anonymous ".
82 83
    "email addresses are not allowed.";

84 85 86 87 88
#
# Spit the form out using the array of data. 
# 
function SPITFORM($formfields, $returning, $errors)
{
89
    global $TBDB_UIDLEN, $TBDB_PIDLEN, $TBDOCBASE, $WWWHOST;
90
    global $usr_keyfile, $FirstInitState;
91
    global $ACCOUNTWARNING, $EMAILWARNING;
92
    global $WIKISUPPORT, $WIKIHOME, $USERSELECTUIDS;
93
    global $WIKIDOCURL, $TBMAINSITE;
94
    global $PROTOGENI, $show_sslcertbox;
95
    
96
    PAGEHEADER("Start a New Testbed Project");
97

98 99 100
    #
    # First initialization gets different text
    #
101
    if ($FirstInitState) {
102 103 104
	echo "<center><font size=+1>
	      Please create your initial project.<br> A good Project Name
              for your first project is probably 'testbed', but you can
105
              choose anything you like. 
106 107 108
              </font></center><br>\n";
    }
    else {
109
	echo "<center><font size=+1>
110 111 112
                 If you are a <font color=red>student
                 (undergrad or graduate)</font>, please
                 do not try to start a project! <br>Your advisor must do it.
113
                 <a href='$WIKIDOCURL/Auth' target='_blank'>
114
                 Read this for more info.</a>
115
              </font></center><br>\n";
116 117 118 119 120 121 122 123

	if (! $returning) {
	    echo "<center><font size=+1>
                   If you already have an Emulab account,
                   <a href=login.php3?refer=1>
                   <font color=red>please log on first!</font></a>
                   </font></center><br>\n";
	}
124 125
    }

126
    if ($errors) {
127 128
	echo "<table class=nogrid
                     align=center border=0 cellpadding=6 cellspacing=0>
129
              <tr>
130
                 <th align=center colspan=2>
131
                   <font size=+1 color=red>
132
                      &nbsp;Oops, please fix the following errors!&nbsp;
133 134 135 136 137
                   </font>
                 </td>
              </tr>\n";

	while (list ($name, $message) = each ($errors)) {
138 139
            # XSS prevention.
	    $message = CleanString($message);
140
	    echo "<tr>
141 142 143 144
                     <td align=right>
                       <font color=red>$name:&nbsp;</font></td>
                     <td align=left>
                       <font color=red>$message</font></td>
145 146 147 148
                  </tr>\n";
	}
	echo "</table><br>\n";
    }
149 150 151 152
    # XSS prevention.
    while (list ($key, $val) = each ($formfields)) {
	$formfields[$key] = CleanString($val);
    }
153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180
    echo "<SCRIPT LANGUAGE=JavaScript>
              function SetWikiName(theform) 
              {
	          var validchars = 'abcdefghijklmnopqrstuvwxyz0123456789';
                  var usrname    = theform['formfields[usr_name]'].value;
                  var wikiname   = '';
                  var docap      = 1;

		  for (var i = 0; i < usrname.length; i++) {
                      var letter = usrname.charAt(i).toLowerCase();

                      if (validchars.indexOf(letter) == -1) {
                          if (letter == ' ') {
                              docap = 1;
                          }
                          continue;
                      }
                      else {
                          if (docap == 1) {
                              letter = usrname.charAt(i).toUpperCase()
                              docap  = 0;
                          }
                          wikiname = wikiname + letter;
                      }
                  }
                  theform['formfields[wikiname]'].value = wikiname;
              }
          </SCRIPT>\n";
181

Leigh Stoller's avatar
Leigh Stoller committed
182
    echo "<div align=center>
183 184
             <font color=red size=-2>Fields marked with * are required</font>
          </div>\n";
185

186
    echo "<table align=center border=1> 
187
          <form enctype=multipart/form-data name=myform
188
                action=newproject.php3 method=post>\n";
189 190 191 192 193 194

    if (! $returning) {
        #
        # Start user information stuff. Presented for new users only.
        #
	echo "<tr>
195 196
                  <th colspan=3 class=center>
                      Project Head Information<br>
197 198
                      <font size=-2>
                       (Prospective project leaders please read our
199
                       <a href='$WIKIDOCURL/AdminPolicies' target='_blank'>
200
                       Administrative Policies</a>)</font>
201
                  </th>
202 203 204
              </tr>\n";

        #
205
        # UID:
206
        #
207
	if ($USERSELECTUIDS || $FirstInitState) {
208 209
	    echo "<tr>
                      <td colspan=2>*<a
210
                             href='$WIKIDOCURL/SecReqs'
211
                             target=_blank>Username</a>
212
                                (alphanumeric):</td>
213 214 215
                      <td class=left>
                          <input type=text
                                 name=\"formfields[proj_head_uid]\"
216
                                 value=\"" . $formfields["proj_head_uid"] . "\"
217 218 219 220 221 222
	                         size=$TBDB_UIDLEN
                                 onchange=\"alert('$ACCOUNTWARNING')\"
	                         maxlength=$TBDB_UIDLEN>
                      </td>
                  </tr>\n";
	}
223 224 225 226 227

	#
	# Full Name
	#
        echo "<tr>
228
                  <td colspan=2>*Full Name (first and last):</td>
229 230 231
                  <td class=left>
                      <input type=text
                             name=\"formfields[usr_name]\"
232
                             value=\"" . $formfields["usr_name"] . "\"
233
                             onchange=\"SetWikiName(myform);\"
234 235 236 237
	                     size=30>
                  </td>
              </tr>\n";

238 239 240 241 242 243
	#
	# WikiName
	#
	if ($WIKISUPPORT) {
	    echo "<tr>
                      <td colspan=2>*
244
                          <a href=${WIKIHOME}/bin/view/TWiki/WikiName
245 246 247
                            target=_blank>WikiName</a>:<td class=left>
                          <input type=text
                                 name=\"formfields[wikiname]\"
248
                                 value=\"" . $formfields["wikiname"] . "\"
249 250 251 252 253
	                         size=30>
                      </td>
                  </tr>\n";
	}

254 255 256 257
        #
	# Title/Position:
	# 
	echo "<tr>
258
                  <td colspan=2>*Job Title/Position:</td>
259 260 261
                  <td class=left>
                      <input type=text
                             name=\"formfields[usr_title]\"
262
                             value=\"" . $formfields["usr_title"] . "\"
263 264 265 266 267 268 269 270
	                     size=30>
                  </td>
              </tr>\n";

        #
	# Affiliation:
	# 
	echo "<tr>
271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288
                      <td colspan=2>*Institutional Affiliation:</td>
                      <td class=left>
			<table>
                          <tr>
                          <td>Name</td>
                          <td><input type=text
                                 name=\"formfields[usr_affil]\"
                                 value=\"" . $formfields["usr_affil"] . "\"
	                         size=40></td></tr>
			  <tr>
                          <td>Abbreviation:</td>
                          <td><input type=text
                                 name=\"formfields[usr_affil_abbrev]\"
                                 value=\"" . $formfields["usr_affil_abbrev"] . "\"
	                         size=16 maxlength=16> (e.g. MIT)</td>
			  </tr>
        		</table>
                      </td>
289 290 291 292 293 294
              </tr>\n";

	#
	# User URL
	#
	echo "<tr>
295
                  <td colspan=2>Home Page URL:</td>
296 297 298
                  <td class=left>
                      <input type=text
                             name=\"formfields[usr_URL]\"
299
                             value=\"" . $formfields["usr_URL"] . "\"
300 301 302 303 304 305 306 307
	                     size=45>
                  </td>
              </tr>\n";

	#
	# Email:
	#
	echo "<tr>
308
                  <td colspan=2>*Email Address[<b>1</b>]:</td>
309 310 311
                  <td class=left>
                      <input type=text
                             name=\"formfields[usr_email]\"
312
                             value=\"" . $formfields["usr_email"] . "\"
313
                             onchange=\"alert('$EMAILWARNING')\"
314 315 316 317 318
	                     size=30>
                  </td>
              </tr>\n";


319 320 321 322 323
	echo "<tr><td colspan=3>*Postal Address:<br /><center>
		<table>
		  <tr><td>Line 1</td><td colspan=3>
                    <input type=text
                           name=\"formfields[usr_addr]\"
324
                           value=\"" . $formfields["usr_addr"] . "\"
325 326 327 328
	                   size=45></td></tr>
		  <tr><td>Line 2</td><td colspan=3>
                    <input type=text
                           name=\"formfields[usr_addr2]\"
329
                           value=\"" . $formfields["usr_addr2"] . "\"
330 331 332 333
	                   size=45></td></tr>
		  <tr><td>City</td><td>
                    <input type=text
                           name=\"formfields[usr_city]\"
334
                           value=\"" . $formfields["usr_city"] . "\"
335 336 337 338
	                   size=25></td>
		      <td>State/Province</td><td>
                    <input type=text
                           name=\"formfields[usr_state]\"
339
                           value=\"" . $formfields["usr_state"] . "\"
340 341 342 343
	                   size=2></td></tr>
		  <tr><td>ZIP/Postal Code</td><td>
                    <input type=text
                           name=\"formfields[usr_zip]\"
344
                           value=\"" . $formfields["usr_zip"] . "\"
345 346 347 348
	                   size=10></td>
		      <td>Country</td><td>
                    <input type=text
                           name=\"formfields[usr_country]\"
349
                           value=\"" . $formfields["usr_country"] . "\"
350 351
	                   size=15></td></tr>
               </table></center></td></tr>";
352

353 354 355 356
	#
	# Phone
	#
	echo "<tr>
357
                  <td colspan=2>*Phone #:</td>
358 359 360
                  <td class=left>
                      <input type=text
                             name=\"formfields[usr_phone]\"
361
                             value=\"" . $formfields["usr_phone"] . "\"
362 363 364 365
	                     size=15>
                  </td>
              </tr>\n";

366 367 368 369
	#
	# SSH public key
	#
	echo "<tr>
370
                 <td colspan=2>Upload your SSH Pub Key[<b>3</b>]:<br>
371
                                   (4K max)</td>
372 373
   
                 <td>
374
                      <input type=hidden name=MAX_FILE_SIZE value=4096>
375 376
                      <input type=file
                             name=usr_keyfile
377 378 379
                             value=\"" .
	                           (isset($_FILES['usr_keyfile']) ?
				    $_FILES['usr_keyfile']['name'] : "") . "\"
380 381 382
	                     size=50>
                  </td>
              </tr>\n";
383
	
384 385 386 387 388
	#
	# Password. Note that we do not resend the password. User
	# must retype on error.
	#
	echo "<tr>
389
                  <td colspan=2>*Password[<b>1</b>]:</td>
390 391 392
                  <td class=left>
                      <input type=password
                             name=\"formfields[password1]\"
393
                             value=\"" . $formfields["password1"] . "\"
394 395 396 397
                             size=8></td>
              </tr>\n";

        echo "<tr>
398
                  <td colspan=2>*Retype Password:</td>
399 400 401
                  <td class=left>
                      <input type=password
                             name=\"formfields[password2]\"
402
                             value=\"" . $formfields["password2"] . "\"
403 404
                             size=8></td>
             </tr>\n";
405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433

	#
	# Geni Passphrase.
	#
	if ($PROTOGENI && $show_sslcertbox && !$FirstInitState) {
	    echo "<tr></tr><tr>
                   <th class=center colspan=3>Geni Account<br>
                 <a href='http://users.emulab.net/trac/emulab/wiki/GeniBlurb'
			target=_blank><font size=-2>what's this?</font></a></th>
                  </tr>\n";

	    echo "<tr>
                  <td colspan=2>Geni SSL Pass Phrase[<b>4</b>]:</td>
                  <td class=left>
                      <input type=password
                             name=\"formfields[passphrase1]\"
                             value=\"" . $formfields["passphrase1"] . "\"
                             size=32></td>
              </tr>\n";

	    echo "<tr>
                  <td colspan=2>Retype Geni Pass Phrase:</td>
                  <td class=left>
                      <input type=password
                             name=\"formfields[passphrase2]\"
                             value=\"" . $formfields["passphrase2"] . "\"
                             size=32></td>
             </tr>\n";
	}
434 435 436 437 438
    }

    #
    # Project information
    #
439
    echo "<tr></tr><tr><th colspan=3 class=center>
440 441 442
               Project Information: 
               <!-- <em>(replace the example entries)</em> -->
              </th>
443 444 445 446 447 448
          </tr>\n";

    #
    # Project Name:
    #
    echo "<tr>
449
              <td colspan=2>*Project Name (alphanumeric):</td>
450 451 452
              <td class=left>
                  <input type=text
                         name=\"formfields[pid]\"
453
                         value=\"" . $formfields["pid"] . "\"
454 455 456 457 458 459 460 461
	                 size=$TBDB_PIDLEN maxlength=$TBDB_PIDLEN>
              </td>
          </tr>\n";

    #
    # Project Description:
    #
    echo "<tr>
462
              <td colspan=2>*Project Description:</td>
463 464 465
              <td class=left>
                  <input type=text
                         name=\"formfields[proj_name]\"
466
                         value=\"" . $formfields["proj_name"] . "\"
467 468 469 470 471 472 473 474
	                 size=40>
              </td>
          </tr>\n";

    #
    # URL:
    #
    echo "<tr>
475
              <td colspan=2>*URL:</td>
476 477 478
              <td class=left>
                  <input type=text
                         name=\"formfields[proj_URL]\"
479
                         value=\"" . $formfields["proj_URL"] . "\"
480 481 482 483 484 485 486
                         size=45>
              </td>
          </tr>\n";

    #
    # Publicly visible.
    #
Leigh Stoller's avatar
Leigh Stoller committed
487 488 489
    if (!isset($formfields["proj_public"])) {
	$formfields["proj_public"] = "";
    }
490
    echo "<tr>
491 492
              <td colspan=2>*Can we list your project publicly as
                             an \"Emulab User?\":
493 494 495 496 497 498
                  <br>
                  (See our <a href=\"projectlist.php3\"
                              target=\"Users\">Users</a> page)
              </td>
              <td><input type=checkbox value=checked
                         name=\"formfields[proj_public]\"
499
                         " . $formfields["proj_public"] . ">
500 501 502 503 504
                         Yes &nbsp
 	          <br>
                  *If \"No\" please tell us why not:<br>
                  <input type=text
                         name=\"formfields[proj_whynotpublic]\"
505
                         value=\"" . $formfields["proj_whynotpublic"] . "\"
506 507 508 509
	                 size=45>
             </td>
      </tr>\n";

510 511 512
    #
    # Will you add a link?
    #
Leigh Stoller's avatar
Leigh Stoller committed
513 514 515
    if (!isset($formfields["proj_linked"])) {
	$formfields["proj_linked"] = "";
    }
516 517
    echo "<tr>
              <td colspan=2>*Will you add a link on your project page
518
                        to <a href=\"$TBDOCBASE\" target='_blank'>$WWWHOST</a>?
519 520 521
              </td>
              <td><input type=checkbox value=checked
                         name=\"formfields[proj_linked]\"
522
                         " . $formfields["proj_linked"] . ">
523 524 525 526
                         Yes &nbsp
              </td>
      </tr>\n";

527 528 529 530
    #
    # Funders/Grant numbers
    #
    echo "<tr>
531
              <td colspan=2>*Funding Sources and Grant Numbers:<br>
532 533 534 535
                  (Type \"none\" if not funded)</td>
              <td class=left>
                  <input type=text
                         name=\"formfields[proj_funders]\"
536
                         value=\"" . $formfields["proj_funders"] . "\"
537 538 539 540 541 542 543 544
	                 size=45>
              </td>
          </tr>\n";

    #
    # Nodes and PCs and Users
    #
    echo "<tr>
545
              <td colspan=2>*Estimated #of Project Members[<b>2</b>]:</td>
546 547 548
              <td class=left>
                  <input type=text
                         name=\"formfields[proj_members]\" 
549
                         value=\"" . $formfields["proj_members"] . "\"
550 551 552 553 554
                         size=4>
              </td>
          </tr>\n";

    echo "<tr>
555
              <td colspan=2>*Estimated #of
556
        <a href=\"$TBDOCBASE/hardware.php#tbpcs\" target='_blank'>
557
                             PCs</a>[<b>2</b>]:</td>
558 559 560
              <td class=left>
                  <input type=text
                         name=\"formfields[proj_pcs]\"
561
                         value=\"" . $formfields["proj_pcs"] . "\"
562 563 564 565
                         size=4>
              </td>
          </tr>\n";

566
    if (0) {
567
	echo "<tr>
568
              <td colspan=2>Request Access to 
569
                  <a href=\"$WIKIDOCURL/widearea\"
570
                      target='_blank'>Planetlab PCs</a>:</td>
571
              <td class=left>
572
                  <input type=checkbox value=checked
573 574 575
                         name=\"formfields[proj_plabpcs]\" " .
	                  (isset($formfields["proj_plabpcs"]) ?
			   $formfields["proj_plabpcs"] : "") . ">Yes &nbsp
576 577 578 579
              </td>
          </tr>\n";

    echo "<tr>
580
              <td colspan=2>Request Access to 
581
                 <a href=\"$WIKIDOCURL/widearea\"
582
                    target='_blank'>wide-area PCs</a>:</td>
583
              <td class=left>
584
                  <input type=checkbox value=checked
585 586 587
                         name=\"formfields[proj_ronpcs]\" " .
	                  (isset($formfields["proj_ronpcs"]) ?
			   $formfields["proj_ronpcs"] : "") . ">Yes &nbsp
588 589
              </td>
          </tr>\n";
590
    }
591 592 593 594 595

    #
    # Why!
    # 
    echo "<tr>
596
              <td colspan=3>
597 598 599 600
               *Please describe how and why you'd like to use the testbed.
              </td>
          </tr>
          <tr>
601
              <td colspan=3 align=center class=left>
602 603
                  <textarea name=\"formfields[proj_why]\"
                    rows=10 cols=60>" .
604
	            str_replace("\r", "", $formfields["proj_why"]) .
605 606 607 608 609
	            "</textarea>
              </td>
          </tr>\n";

    echo "<tr>
610
              <td colspan=3 align=center>
611 612 613 614 615 616 617
                 <b><input type=submit name=submit value=Submit></b>
              </td>
          </tr>\n";

    echo "</form>
          </table>\n";

618
    echo "<h4><blockquote><blockquote><blockquote>
619 620
          <ol>
            <li> Please consult our
621
                 <a href = '$WIKIDOCURL/SecReqs' target='_blank'>
622
                 security policies</a> for information
623 624 625
                 regarding passwords and email addresses.
            <li> These estimates are for site planning purposes only,
                 and are not actual limits on your project.\n";
626 627
    if (! $returning) {
	echo "<li> If you want us to use your existing ssh public key,
628
                   then please specify the path to your
629
                   your identity.pub file. <font color=red>NOTE:</font>
630
                   We use the <a href=http://www.openssh.org target='_blank'>OpenSSH</a>
631
                   key format,
632 633
                   which has a slightly different protocol 2 public key format
                   than some of the commercial vendors such as
634
                   <a href=http://www.ssh.com target='_blank'>SSH Communications</a>. If you
635
                   use one of these commercial vendors, then please
636 637
                   upload the public key file and we will convert it
                   for you.\n";
638 639 640 641 642 643
	if ($PROTOGENI && $show_sslcertbox && !$FirstInitState) {
	    echo "<li>";
	    echo "Pick a good pass phrase! They can be (much) longer than
                  Unix passwords; 10 to 30 character phrases are good,
                  and may include spaces and punctuation.";
	}
644 645
    }
    echo "</ol>
646
          </blockquote></blockquote></blockquote>
647
          </h4>\n";
648
}
649 650 651 652

#
# The conclusion of a newproject request. See below.
# 
653
if (isset($finished)) {
654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673
    PAGEHEADER("Start a New Testbed Project");

    echo "<center><h2>
           Your project request has been successfully queued.
          </h2></center>
          Testbed Operations has been notified of your application.
          Most applications are reviewed within a day; some even within
          the hour, but sometimes as long as a week (rarely). We will notify
          you by e-mail when a decision has been made.\n";

    if (! $returning) {
	echo "<br>
              <p>
              In the meantime, as a new user of the Testbed you will receive
              a key via email.
              When you receive the message, please follow the instructions
              contained in the message on how to verify your account.\n";
    }
    PAGEFOOTER();
    return;
674
}
675 676 677 678

#
# On first load, display a virgin form and exit.
#
679
if (! isset($submit)) {
680
    $defaults = array();
681
    $defaults["proj_head_uid"]  = (isset($uid) ? $uid : "");
682 683 684 685
    $defaults["usr_name"]       = "";
    $defaults["wikiname"]       = "";
    $defaults["usr_title"]      = "";
    $defaults["usr_affil"]      = "";
686
    $defaults["usr_affil_abbrev"] = "";
687
    $defaults["usr_URL"]        = "$HTTPTAG";
688
    $defaults["usr_email"]      = (isset($email) ? $email : "");
689 690 691 692 693 694 695 696 697
    $defaults["usr_addr"]       = "";
    $defaults["usr_addr2"]      = "";
    $defaults["usr_city"]       = "";
    $defaults["usr_state"]      = "";
    $defaults["usr_zip"]        = "";
    $defaults["usr_country"]    = "USA";
    $defaults["usr_phone"]      = "";
    $defaults["password1"]      = "";
    $defaults["password2"]      = "";
698 699
    $defaults["passphrase1"]    = "";
    $defaults["passphrase2"]    = "";
700 701 702 703 704 705 706 707 708 709 710 711 712
    
    $defaults["pid"]            = "";
    $defaults["proj_name"]      = "";
    $defaults["proj_URL"]       = "$HTTPTAG";
    $defaults["proj_public"]    = "checked";
    $defaults["proj_whynotpublic"] = "";
    $defaults["proj_linked"]    = "checked";
    $defaults["proj_funders"]   = "";
    $defaults["proj_members"]   = "";
    $defaults["proj_pcs"]       = "";
    $defaults["proj_ronpcs"]    = "";
    $defaults["proj_plabpcs"]   = "";
    $defaults["proj_why"]       = "";
713

714
    if ($FirstInitState) {
715 716 717 718 719 720
	$defaults["pid"]          = "testbed";
	$defaults["proj_pcs"]     = "256";
	$defaults["proj_members"] = "256";
	$defaults["proj_funders"] = "none";
	$defaults["proj_name"]    = "Your Testbed Project";
	$defaults["proj_why"]     = "This project is used for testbed ".
721 722
	    "administrators to develop and test new software. ";
    }
723 724 725 726
    
    SPITFORM($defaults, $returning, 0);
    PAGEFOOTER();
    return;
727
}
728 729 730 731

# Form submitted. Make sure we have a formfields array.
if (!isset($formfields)) {
    PAGEARGERROR("Invalid form arguments.");
732
}
733

Leigh Stoller's avatar
Leigh Stoller committed
734
#TBERROR("A\n\n" . print_r($formfields, TRUE), 0);
Leigh Stoller's avatar
Leigh Stoller committed
735

736 737 738 739 740 741 742 743 744
#
# Otherwise, must validate and redisplay if errors
#
$errors = array();

#
# These fields are required!
#
if (! $returning) {
745
    if ($USERSELECTUIDS || $FirstInitState) {
746 747
	if (!isset($formfields["proj_head_uid"]) ||
	    strcmp($formfields["proj_head_uid"], "") == 0) {
748 749
	    $errors["Username"] = "Missing Field";
	}
750
	elseif (!TBvalid_uid($formfields["proj_head_uid"])) {
751 752
	    $errors["UserName"] = TBFieldErrorString();
	}
753 754
	elseif (User::Lookup($formfields["proj_head_uid"]) ||
		posix_getpwnam($formfields["proj_head_uid"])) {
755 756
	    $errors["UserName"] = "Already in use. Pick another";
	}
757
    }
758 759
    if (!isset($formfields["usr_title"]) ||
	strcmp($formfields["usr_title"], "") == 0) {
760
	$errors["Job Title/Position"] = "Missing Field";
761
    }
762
    elseif (! TBvalid_title($formfields["usr_title"])) {
763
	$errors["Job Title/Position"] = TBFieldErrorString();
764
    }
765 766
    if (!isset($formfields["usr_name"]) ||
	strcmp($formfields["usr_name"], "") == 0) {
767 768
	$errors["Full Name"] = "Missing Field";
    }
769
    elseif (! TBvalid_usrname($formfields["usr_name"])) {
770
	$errors["Full Name"] = TBFieldErrorString();
771
    }
772
    # Make sure user name has at least two tokens!
773
    $tokens = preg_split("/[\s]+/", $formfields["usr_name"],
774 775 776 777
			 -1, PREG_SPLIT_NO_EMPTY);
    if (count($tokens) < 2) {
	$errors["Full Name"] = "Please provide a first and last name";
    }
778
    if ($WIKISUPPORT) {
779 780
	if (!isset($formfields["wikiname"]) ||
	    strcmp($formfields["wikiname"], "") == 0) {
781 782
	    $errors["WikiName"] = "Missing Field";
	}
783
	elseif (! TBvalid_wikiname($formfields["wikiname"])) {
784 785
	    $errors["WikiName"] = TBFieldErrorString();
	}
786
	elseif (User::LookupByWikiName($formfields["wikiname"])) {
787 788 789
	    $errors["WikiName"] = "Already in use. Pick another";
	}
    }
790 791
    if (!isset($formfields["usr_affil"]) ||
	strcmp($formfields["usr_affil"], "") == 0) {
792
	$errors["Affiliation Name"] = "Missing Field";
793
    }
794
    elseif (! TBvalid_affiliation($formfields["usr_affil"])) {
795 796 797 798 799 800
	$errors["Affiliation Name"] = TBFieldErrorString();
    }
    if (!isset($formfields["usr_affil_abbrev"]) ||
	strcmp($formfields["usr_affil_abbrev"], "") == 0) {
	$errors["Affiliation Abbreviation"] = "Missing Field";
    }
801
    elseif (! TBvalid_affiliation_abbreviation($formfields["usr_affil_abbrev"])) {
802
	$errors["Affiliation Name"] = TBFieldErrorString();
803
    }
804 805
    if (!isset($formfields["usr_email"]) ||
	strcmp($formfields["usr_email"], "") == 0) {
806 807
	$errors["Email Address"] = "Missing Field";
    }
808
    elseif (! TBvalid_email($formfields["usr_email"])) {
809
	$errors["Email Address"] = TBFieldErrorString();
810
    }
811
    elseif (User::LookupByEmail($formfields["usr_email"])) {
812 813 814
        #
        # Treat this error separate. Not allowed.
        #
815 816
	$errors["Email Address"] =
	    "Already in use. <b>Did you forget to login?</b>";
817
    }
818 819 820
    if (isset($formfields["usr_URL"]) &&
	strcmp($formfields["usr_URL"], "") &&
	strcmp($formfields["usr_URL"], $HTTPTAG) &&
821 822 823 824 825 826 827 828 829 830
	! $FirstInitState) {
	if (strcmp($HTTPTAG,
		   substr($formfields["usr_URL"], 0, strlen($HTTPTAG))) &&
	    strcmp($HTTPSTAG,
		   substr($formfields["usr_URL"], 0, strlen($HTTPSTAG)))) {
	    $formfields["usr_URL"] = "${HTTPTAG}" . $formfields["usr_URL"];
	}
	if (! CHECKURL($formfields["usr_URL"], $urlerror)) {
	    $errors["Home Page URL"] = $urlerror;
	}
831
    }
832 833
    if (!isset($formfields["usr_addr"]) ||
	strcmp($formfields["usr_addr"], "") == 0) {
834 835
	$errors["Address 1"] = "Missing Field";
    }
836
    elseif (! TBvalid_addr($formfields["usr_addr"])) {
837 838 839
	$errors["Address 1"] = TBFieldErrorString();
    }
    # Optional
840 841
    if (isset($formfields["usr_addr2"]) &&
	!TBvalid_addr($formfields["usr_addr2"])) {
842
	$errors["Address 2"] = TBFieldErrorString();
843
    }
844 845
    if (!isset($formfields["usr_city"]) ||
	strcmp($formfields["usr_city"], "") == 0) {
846 847
	$errors["City"] = "Missing Field";
    }
848
    elseif (! TBvalid_city($formfields["usr_city"])) {
849 850
	$errors["City"] = TBFieldErrorString();
    }
851 852
    if (!isset($formfields["usr_state"]) ||
	strcmp($formfields["usr_state"], "") == 0) {
853 854
	$errors["State"] = "Missing Field";
    }
855
    elseif (! TBvalid_state($formfields["usr_state"])) {
856 857
	$errors["State"] = TBFieldErrorString();
    }
858 859
    if (!isset($formfields["usr_zip"]) ||
	strcmp($formfields["usr_zip"], "") == 0) {
860 861
	$errors["ZIP/Postal Code"] = "Missing Field";
    }
862
    elseif (! TBvalid_zip($formfields["usr_zip"])) {
863 864
	$errors["Zip/Postal Code"] = TBFieldErrorString();
    }
865 866
    if (!isset($formfields["usr_country"]) ||
	strcmp($formfields["usr_country"], "") == 0) {
867
	$errors["Country"] = "Missing Field";
868
    }
869
    elseif (! TBvalid_country($formfields["usr_country"])) {
870 871
	$errors["Country"] = TBFieldErrorString();
    }
872 873
    if (!isset($formfields["usr_phone"]) ||
	strcmp($formfields["usr_phone"], "") == 0) {
874 875
	$errors["Phone #"] = "Missing Field";
    }
876
    elseif (!TBvalid_phone($formfields["usr_phone"])) {
877
	$errors["Phone #"] = TBFieldErrorString();
878
    }
879 880
    if (!isset($formfields["password1"]) ||
	strcmp($formfields["password1"], "") == 0) {
881 882
	$errors["Password"] = "Missing Field";
    }
883 884
    if (!isset($formfields["password2"]) ||
	strcmp($formfields["password2"], "") == 0) {
885 886
	$errors["Confirm Password"] = "Missing Field";
    }
887
    elseif (strcmp($formfields["password1"], $formfields["password2"])) {
888 889
	$errors["Confirm Password"] = "Does not match Password";
    }
890
    elseif (! CHECKPASSWORD((($USERSELECTUIDS || $FirstInitState) ?
891 892 893 894
			     $formfields["proj_head_uid"] : "ignored"),
			    $formfields["password1"],
			    $formfields["usr_name"],
			    $formfields["usr_email"], $checkerror)) {
895 896
	$errors["Password"] = "$checkerror";
    }
897 898 899 900 901 902 903 904 905
    if ($PROTOGENI && $show_sslcertbox &&
	isset($formfields["passphrase1"]) && $formfields["passphrase1"] != "") {
	if (!isset($formfields["passphrase2"]) ||
	    $formfields["passphrase2"] == "") {
	    $errors["Confirm Pass Phrase"] = "Missing Field";
	}
	elseif ($formfields["passphrase1"] != $formfields["passphrase2"]) {
	    $errors["Confirm Pass Phrase"] = "Does not match Pass Phrase";
	}
906 907 908 909
	elseif (strlen($formfields["passphrase1"]) < $TBDB_MINPASSPHRASE) {
	    $errors["Pass Phrase"] =
		"Too short; $TBDB_MINPASSPHRASE char minimum";
	}
910 911 912 913 914 915 916 917
	elseif (! CHECKPASSWORD(($USERSELECTUIDS ?
				 $formfields["proj_head_uid"] : "ignored"),
				$formfields["passphrase1"],
				$formfields["usr_name"],
				$formfields["usr_email"], $checkerror)) {
	    $errors["Pass Phrase"] = "$checkerror";
	}
    }
918
}
919

920 921
if (!isset($formfields["pid"]) ||
    strcmp($formfields["pid"], "") == 0) {
922
    $errors["Project Name"] = "Missing Field";
923
}
924
else {
925 926 927 928 929 930
    # Lets not allow pids that are too long, via this interface.
    if (strlen($formfields["pid"]) > $TBDB_PIDLEN) {
	$errors["Project Name"] =
	    "too long - $TBDB_PIDLEN chars maximum";
    }
    elseif (!TBvalid_newpid($formfields["pid"])) {
931
	$errors["Project Name"] = TBFieldErrorString();
932
    }
933
    elseif (Project::LookupByPid($formfields["pid"])) {
934 935 936
	$errors["Project Name"] =
	    "Already in use. Select another";
    }
937
}
938

939 940
if (!isset($formfields["proj_name"]) ||
    strcmp($formfields["proj_name"], "") == 0) {
941
    $errors["Project Description"] = "Missing Field";
942
}
943
elseif (! TBvalid_description($formfields["proj_name"])) {
944 945
    $errors["Project Description"] = TBFieldErrorString();
}
946 947 948
if (!isset($formfields["proj_URL"]) ||
    strcmp($formfields["proj_URL"], "") == 0 ||
    strcmp($formfields["proj_URL"], $HTTPTAG) == 0) {    
949
    $errors["Project URL"] = "Missing Field";
950
}
951 952 953 954 955 956 957 958 959 960
elseif (! $FirstInitState) {
    if (strcmp($HTTPTAG,
	       substr($formfields["proj_URL"], 0, strlen($HTTPTAG))) &&
	strcmp($HTTPSTAG,
	       substr($formfields["proj_URL"], 0, strlen($HTTPSTAG)))) {
	$formfields["proj_URL"] = "${HTTPTAG}" . $formfields["proj_URL"];
    }
    if (!CHECKURL($formfields["proj_URL"], $urlerror)) {
	$errors["Project URL"] = $urlerror;
    }
961
}
962 963
if (!isset($formfields["proj_funders"]) ||
    strcmp($formfields["proj_funders"], "") == 0) {
964
    $errors["Funding Sources"] = "Missing Field";
965
}
966
elseif (! TBvalid_description($formfields["proj_funders"])) {
967 968
    $errors["Funding Sources"] = TBFieldErrorString();
}
969 970
if (!isset($formfields["proj_members"]) ||
    strcmp($formfields["proj_members"], "") == 0) {
971
    $errors["#of Members"] = "Missing Field";
972
}
973
elseif (! TBvalid_num_members($formfields["proj_members"])) {
974
    $errors["#of Members"] = TBFieldErrorString();
975
}
976 977
if (!isset($formfields["proj_pcs"]) ||
    strcmp($formfields["proj_pcs"], "") == 0) {
978
    $errors["#of PCs"] = "Missing Field";
979
}
980
elseif (! TBvalid_num_pcs($formfields["proj_pcs"])) {
981
    $errors["#of PCs"] = TBFieldErrorString();
982
}
983

984 985 986
if (isset($formfields["proj_plabpcs"]) &&
    strcmp($formfields["proj_plabpcs"], "") &&
    strcmp($formfields["proj_plabpcs"], "checked")) {
987
    $errors["Planetlab Access"] = "Bad Value";
988
}
989 990 991
if (isset($formfields["proj_ronpcs"]) &&
    strcmp($formfields["proj_ronpcs"], "") &&
    strcmp($formfields["proj_ronpcs"], "checked")) {
992
    $errors["Ron Access"] = "Bad Value";
993
}
994 995
if (!isset($formfields["proj_why"]) ||
    strcmp($formfields["proj_why"], "") == 0) {
996
    $errors["How and Why?"] = "Missing Field";
997
}
998
elseif (! TBvalid_why($formfields["proj_why"])) {
999
    $errors["How and Why?"] = TBFieldErrorString();
1000
}
1001 1002 1003 1004
if ((!isset($formfields["proj_public"]) ||
     strcmp($formfields["proj_public"], "checked")) &&
    (!isset($formfields["proj_whynotpublic"]) ||
     strcmp($formfields["proj_whynotpublic"], "") == 0)) {
1005
    $errors["Why Not Public?"] = "Missing Field";
1006
}
1007 1008 1009
if (isset($formfields["proj_linked"]) &&
    strcmp($formfields["proj_linked"], "") &&
    strcmp($formfields["proj_linked"], "checked")) {
1010 1011
    $errors["Link to Us"] = "Bad Value";
}
1012

Leigh Stoller's avatar
Leigh Stoller committed
1013
# Present these errors before we call out to do anything else.
1014 1015 1016 1017 1018 1019 1020
if (count($errors)) {
    SPITFORM($formfields, $returning, $errors);
    PAGEFOOTER();
    return;
}

#
1021
# Create the User first, then the Project/Group.
1022 1023 1024
# Certain of these values must be escaped or otherwise sanitized.
#
if (!$returning) {
1025
    $args = array();
1026 1027 1028 1029 1030 1031 1032 1033 1034
    $args["name"]	   = $formfields["usr_name"];
    $args["email"]         = $formfields["usr_email"];
    $args["address"]       = $formfields["usr_addr"];
    $args["address2"]      = $formfields["usr_addr2"];
    $args["city"]          = $formfields["usr_city"];
    $args["state"]         = $formfields["usr_state"];
    $args["zip"]           = $formfields["usr_zip"];
    $args["country"]       = $formfields["usr_country"];
    $args["phone"]         = $formfields["usr_phone"];
1035
    $args["shell"]         = 'tcsh';
1036 1037
    $args["title"]         = $formfields["usr_title"];
    $args["affiliation"]   = $formfields["usr_affil"];
1038
    $args["affiliation_abbreviation"] = $formfields["usr_affil_abbrev"];
1039
    $args["password"]      = $formfields["password1"];
1040 1041 1042 1043
    if ($WIKISUPPORT) {
        $args["wikiname"] = $formfields["wikiname"];
    }

1044 1045 1046
    if (isset($formfields["usr_URL"]) &&
	$formfields["usr_URL"] != $HTTPTAG && $formfields["usr_URL"] != "") {
	$args["URL"] = $formfields["usr_URL"];
1047
    }
1048
    if ($USERSELECTUIDS || $FirstInitState) {
1049
	$args["uid"] = $formfields["proj_head_uid"];
1050
    }
1051 1052 1053 1054 1055 1056 1057 1058

    # Backend verifies pubkey and returns error.
    if (isset($_FILES['usr_keyfile']) &&
	$_FILES['usr_keyfile']['name'] != "" &&
	$_FILES['usr_keyfile']['name'] != "none") {

	$localfile = $_FILES['usr_keyfile']['tmp_name'];
	$args["pubkey"] = file_get_contents($localfile);
1059
    }
1060 1061 1062 1063
    if ($PROTOGENI && $show_sslcertbox &&
	isset($formfields["passphrase1"]) && $formfields["passphrase1"] != "") {
	$args["passphrase"] = $formfields["passphrase1"];
    }
1064

1065 1066 1067 1068 1069 1070 1071 1072 1073
    # Just collect the user XML args here and pass the file to NewNewProject.
    # Underneath, newproj calls newuser with the XML file.
    #
    # Calling newuser down in Perl land makes creation of the leader account
    # and the project "atomic" from the user's point of view.  This avoids a
    # problem when the DB is locked for daily backup: in newproject, the call
    # on NewNewUser would block and then unblock and get done; meanwhile the
    # PHP thread went away so we never returned here to call NewNewProject.
    #
1074
    if (! ($newuser_xml = User::NewNewUserXML($args, $error)) != 0) {
1075
	$errors["Error Creating User XML"] = $error;
Leigh Stoller's avatar
Leigh Stoller committed
1076
	TBERROR("B\n${error}\n\n" . print_r($args, TRUE), 0);
1077 1078 1079
	SPITFORM($formfields, $returning, $errors);
	PAGEFOOTER();
	return;
1080
    }
1081
}
1082

1083 1084 1085 1086
#
# Now for the new Project
#
$args = array();
1087 1088 1089 1090 1091 1092 1093 1094
if (isset($newuser_xml)) {
    $args["newuser_xml"]   = $newuser_xml;
}
if ($returning) {
    # An existing, logged-in user is starting the project.
    $args["leader"]	   = $this_user->uid();
}
$args["name"]		   = $formfields["pid"];
1095 1096 1097 1098 1099 1100 1101
$args["short description"] = $formfields["proj_name"];
$args["URL"]               = $formfields["proj_URL"];
$args["members"]           = $formfields["proj_members"];
$args["num_pcs"]           = $formfields["proj_pcs"];
$args["long description"]  = $formfields["proj_why"];
$args["funders"]           = $formfields["proj_funders"];
$args["whynotpublic"]      = $formfields["proj_whynotpublic"];
1102

1103 1104
if (!isset($formfields["proj_public"]) ||
    $formfields["proj_public"] != "checked") {
1105
    $args["public"] = 0;
1106 1107
}
else {
1108
    $args["public"] = 1;
1109
}
1110 1111
if (!isset($formfields["proj_linked"]) ||
    $formfields["proj_linked"] != "checked") {
1112
    $args["linkedtous"] = 0;
1113 1114
}
else {
1115
    $args["linkedtous"] = 1;
1116
}
1117 1118
if (isset($formfields["proj_plabpcs"]) &&
    $formfields["proj_plabpcs"] == "checked") {
1119
    $args["plab"] = 1;
1120
}
1121 1122
if (isset($formfields["proj_ronpcs"]) &&
    $formfields["proj_ronpcs"] == "checked") {
1123
    $args["ron"] = 1;
1124
}
1125

1126
if (! ($project = Project::NewNewProject($args, $error))) {
1127
    $errors["Error Creating Project"] = $error;
Leigh Stoller's avatar
Leigh Stoller committed
1128
    TBERROR("C\n${error}\n\n" . print_r($args, TRUE), 0);
1129 1130 1131
    SPITFORM($formfields, $returning, $errors);
    PAGEFOOTER();
    return;
1132
}
1133

1134
#
1135 1136
# Need to do some extra work for the first project; eventually move to backend
# 
1137
if ($FirstInitState) {
1138 1139
    $leader = $project->GetLeader();
    $proj_head_uid = $leader->uid();
1140 1141
    # Set up the management group (emulab-ops).
    Group::Initialize($proj_head_uid);
1142
    
1143 1144 1145
    #
    # Move to next phase. 
    # 
1146
    $pid = $formfields["pid"];
1147 1148 1149 1150 1151 1152
    TBSetFirstInitPid($pid);
    TBSetFirstInitState("approveproject");
    header("Location: approveproject.php3?pid=$pid&approval=approve");
    return;
}

1153
#
1154 1155 1156
# Spit out a redirect so that the history does not include a post
# in it. The back button skips over the post and to the form.
# See above for conclusion.
1157
# 
1158 1159
header("Location: newproject.php3?finished=1");

1160
?>