moduserinfo.php3 18.9 KB
Newer Older
1
<?php
Leigh Stoller's avatar
Leigh Stoller committed
2 3
#
# EMULAB-COPYRIGHT
Mike Hibler's avatar
Mike Hibler committed
4
# Copyright (c) 2000-2008 University of Utah and the Flux Group.
Leigh Stoller's avatar
Leigh Stoller committed
5 6
# All rights reserved.
#
7 8 9
include("defs.php3");

#
10
# No PAGEHEADER here since we spit out a Location header later. See below.
11
# 
12
# We want to allow logged in users with expired passwords to change them.
13
#
14 15 16 17
$this_user = CheckLoginOrDie(CHECKLOGIN_USERSTATUS|CHECKLOGIN_PSWDEXPIRED|
			     CHECKLOGIN_WEBONLY|CHECKLOGIN_WIKIONLY);
$uid       = $this_user->uid();
$isadmin   = ISADMIN();
18

Leigh Stoller's avatar
Leigh Stoller committed
19
# Shell options we support. Maybe stick in DB someday.
Mike Hibler's avatar
Mike Hibler committed
20
$shelllist = array( 'tcsh', 'bash', 'csh', 'sh', 'zsh' );
21

22
# Used if db slot for user is NULL (should not happen.)
23 24
$defaultshell = 'tcsh';

25 26 27
# See below.
$wikionly = 0;

28 29 30 31 32 33 34
#
# Verify page arguments.
#
$optargs = OptionalPageArguments("target_user", PAGEARG_USER,
				 "submit",      PAGEARG_STRING,
				 "formfields",  PAGEARG_ARRAY);

35 36 37 38 39 40
#
# Spit the form out using the array of data and error strings (if any).
# 
function SPITFORM($formfields, $errors)
{
    global $TBDB_UIDLEN, $TBDB_PIDLEN, $TBDB_GIDLEN, $isadmin;
41
    global $target_user, $wikionly;
42
    global $shelllist, $defaultshell;
43 44 45 46

    $username = $target_user->uid();
    $uid_idx  = $target_user->uid_idx();
    $webid    = $target_user->webid();
47 48 49 50 51 52
    
    #
    # Standard Testbed Header. Written late cause of password
    # expiration interaction. See below.
    #
    PAGEHEADER("Modify User Information");
53
    ###STARTBUSY("Making user profile changes");
54 55

    if ($errors) {
56 57
	echo "<table class=nogrid
                     align=center border=0 cellpadding=6 cellspacing=0>
58
              <tr>
59
                 <th align=center colspan=2>
60
                   <font size=+1 color=red>
61
                      &nbsp;Oops, please fix the following errors!&nbsp;
62 63 64 65 66 67
                   </font>
                 </td>
              </tr>\n";

	while (list ($name, $message) = each ($errors)) {
	    echo "<tr>
68 69 70 71
                     <td align=right>
                       <font color=red>$name:&nbsp;</font></td>
                     <td align=left>
                       <font color=red>$message</font></td>
72 73 74 75 76
                  </tr>\n";
	}
	echo "</table><br>\n";
    }

77 78
    # For indicating that fields are optional or not.
    $optfield = ($wikionly ? "" : "*");
79
    $url      = CreateURL("moduserinfo", $target_user);
80

81 82
    echo "<table align=center border=1> 
          <tr>
83 84 85 86
             <td align=center colspan=3>
                 <em>(Fields marked with * are required)</em>
             </td>
          </tr>
87
          <form action='$url' method=post>\n";
88 89 90 91 92

        #
        # UserName. This is a constant field. 
        #
        echo "<tr>
93
                  <td colspan=2>Username:</td>
94
                  <td class=left>$username ($uid_idx)
95 96 97 98 99 100 101
              </td>
             </tr>\n";

	#
	# Full Name
	#
        echo "<tr>
102
                  <td colspan=2>*Full Name:</td>
103 104 105
                  <td class=left>
                      <input type=text
                             name=\"formfields[usr_name]\"
106
                             value=\"" . $formfields["usr_name"] . "\"
107 108 109 110 111 112 113 114
	                     size=30>
                  </td>
              </tr>\n";

        #
	# Title/Position:
	# 
	echo "<tr>
115
                  <td colspan=2>${optfield}Job Title/Position:</td>
116 117 118
                  <td class=left>
                      <input type=text
                             name=\"formfields[usr_title]\"
119
                             value=\"" . $formfields["usr_title"] . "\"
120 121
	                     size=30>
                  </td>
122
               </tr>\n";
123 124

        #
125
   	# Affiliation:
126 127
	# 
	echo "<tr>
128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145
                      <td colspan=2>*Institutional Affiliation:</td>
                      <td class=left>
			<table>
                          <tr>
                          <td>Name</td>
                          <td><input type=text
                                 name=\"formfields[usr_affil]\"
                                 value=\"" . $formfields["usr_affil"] . "\"
	                         size=40></td></tr>
			  <tr>
                          <td>Abbreviation:</td>
                          <td><input type=text
                                 name=\"formfields[usr_affil_abbrev]\"
                                 value=\"" . $formfields["usr_affil_abbrev"] . "\"
	                         size=16 maxlength=16> (e.g. MIT)</td>
			  </tr>
        		</table>
                      </td>
146 147 148 149 150 151
              </tr>\n";

	#
	# User URL
	#
	echo "<tr>
152
                  <td colspan=2>Home Page URL:</td>
153 154 155
                  <td class=left>
                      <input type=text
                             name=\"formfields[usr_URL]\"
156
                             value=\"" . $formfields["usr_URL"] . "\"
157 158 159 160 161 162 163 164
	                     size=45>
                  </td>
              </tr>\n";

	#
	# Email:
	#
	echo "<tr>
165
                  <td colspan=2>Email Address[<b>1</b>]:</td>
166 167 168 169 170 171 172 173
                  <td class=left> ";
	if ($isadmin)
	    echo "    <input type=text ";
	else
	    echo "    $formfields[usr_email]
                      <input type=hidden ";

	echo "               name=\"formfields[usr_email]\"
174
                             value=\"" . $formfields["usr_email"] . "\"
175 176 177 178
	                     size=30>";
        echo "    </td>
              </tr>\n";

179 180 181
        #
        # Country needs a default for older users.
        #
Leigh Stoller's avatar
Leigh Stoller committed
182 183 184
	if (!isset($formfields["usr_country"]) ||
	    $formfields["usr_country"] == "") {
	    $formfields["usr_country"] = "USA";
185
	}
186

187 188 189 190 191
	#
	# Postal Address
        #
	echo "<tr><td colspan=3>${optfield}Address:<br /><center>
	      <table>
192 193 194
		  <tr><td>Line 1</td><td colspan=3>
                    <input type=text
                           name=\"formfields[usr_addr]\"
195
                           value=\"" . $formfields["usr_addr"] . "\"
196 197 198 199
	                   size=45></td></tr>
		  <tr><td>Line 2</td><td colspan=3>
                    <input type=text
                           name=\"formfields[usr_addr2]\"
200
                           value=\"" . $formfields["usr_addr2"] . "\"
201 202 203 204
	                   size=45></td></tr>
		  <tr><td>City</td><td>
                    <input type=text
                           name=\"formfields[usr_city]\"
205
                           value=\"" . $formfields["usr_city"] . "\"
206 207 208 209
	                   size=25></td>
		      <td>State/Province</td><td>
                    <input type=text
                           name=\"formfields[usr_state]\"
210
                           value=\"" . $formfields["usr_state"] . "\"
211 212 213 214
	                   size=2></td></tr>
		  <tr><td>ZIP/Postal Code</td><td>
                    <input type=text
                           name=\"formfields[usr_zip]\"
215
                           value=\"" . $formfields["usr_zip"] . "\"
216 217 218 219
	                   size=10></td>
		      <td>Country</td><td>
                    <input type=text
                           name=\"formfields[usr_country]\"
220
                           value=\"" . $formfields["usr_country"] . "\"
221 222
	                   size=15></td></tr>
               </table></center></td></tr>";
223

224 225
        # Default Shell
	echo "<tr><td colspan=2>Shell:</td>
226
                  <td class=left>";
227
	echo "<select name=\"formfields[usr_shell]\">";
228
	foreach ($shelllist as $s) {
229 230
	    $selected = "";

231
	    if ((!isset($formfields["usr_shell"]) &&
232 233 234
		 strcmp($defaultshell, $s) == 0) ||
		strcmp($formfields["usr_shell"],$s) == 0) {
		$selected = "selected";
235
	    }
236
	    echo "<option $selected value='$s'>$s</option>";
237
	}	
238
	echo "</select></td></tr>";
239

240 241 242 243
	#
	# Phone
	#
	echo "<tr>
244
                  <td colspan=2>${optfield}Phone #:</td>
245 246 247
                  <td class=left>
                      <input type=text
                             name=\"formfields[usr_phone]\"
248
                             value=\"" . $formfields["usr_phone"] . "\"
249 250 251 252 253 254 255 256
	                     size=15>
                  </td>
              </tr>\n";

	#
	# Password. Note that we do not resend the password. User
	# must retype on error.
	#
257
	echo "<tr></tr>\n";
258
	echo "<tr>
259
                  <td colspan=2>Password[<b>1</b>]:</td>
260 261 262
                  <td class=left>
                      <input type=password
                             name=\"formfields[password1]\"
263
                             value=\"" . $formfields["password1"] . "\"
264 265 266 267
                             size=8></td>
              </tr>\n";

        echo "<tr>
268
                  <td colspan=2>Retype Password:</td>
269 270 271
                  <td class=left>
                      <input type=password
                             name=\"formfields[password2]\"
272
                             value=\"" . $formfields["password2"] . "\"
273 274 275
                             size=8></td>
             </tr>\n";

276 277 278 279 280 281 282
	if (!$wikionly) {
	    #
            # Windows Password.  Initial random default is based on the Unix
	    # password hash.
	    #   
	    # A separate password is kept for experiment nodes running Windows.
	    # It is presented behind-the-scenes to rdesktop and Samba by our
283
	    # Web interface, but you may still need to type it.
284 285 286 287 288 289 290 291
	    # The default password is randomly generated.
	    # You may change it to something easier to remember.
	    #
	    echo "<tr>
                      <td colspan=2>Windows Password[<b>1,4</b>]:</td>
                      <td class=left>
                          <input type=text
                                 name=\"formfields[w_password1]\"
292
                                 value=\"" . $formfields["w_password1"] . "\"
293 294
                                 size=8></td>
                  </tr>\n";
Russ Fish's avatar
Russ Fish committed
295

296 297 298 299 300 301 302 303 304 305 306 307
	    echo "<tr>
                      <td colspan=2>Retype Windows Password:</td>
                      <td class=left>
                          <input type=text
                                 name=\"formfields[w_password2]\"
                                 size=8></td>
                 </tr>\n";

            #
	    # Planetlab bit. This should really be a drop down menu of the
	    #                choices.
            #
Leigh Stoller's avatar
Leigh Stoller committed
308 309
	    if (isset($formfields["user_interface"]) &&
		$formfields["user_interface"] == TBDB_USER_INTERFACE_PLAB) {
310 311 312 313
		$checked = "checked";
	    } else {
		$checked = "";
	    }
Russ Fish's avatar
Russ Fish committed
314

315 316 317 318 319 320 321 322 323
	    echo "<tr>
		      <td colspan=2>Use simplified PlanetLab view:</td>
		      <td class=left>
		         <input type='checkbox'
                                name=\"formfields[user_interface]\"
                                value=\"" . TBDB_USER_INTERFACE_PLAB . "\"
			        $checked>
		      </td>
	          </tr>\n";
324 325
	}

326 327 328 329 330 331 332 333 334
        #
	# Notes
	#
	if ($isadmin) {
	    echo "<tr>
                      <td colspan=2>Admin Notes:</td>
                      <td class=left>
                         <textarea name=\"formfields[notes]\"
                                   rows=2 cols=40>" .
335 336
		                   ereg_replace("\r", "",
						$formfields["notes"]) .
337 338 339 340 341
		        "</textarea>
                      </td>
                  </tr>\n";
	}

342
    echo "<tr>
343 344
              <td align=center colspan=3>
                  <b><input type=submit name=submit value=Submit></b>
345 346 347 348 349 350 351 352 353 354 355
              </td>
          </tr>\n";

    echo "</form>
          </table>\n";

    echo "<h4><blockquote><blockquote>
          <ol>
            <li> Please consult our
                 <a href = 'docwrapper.php3?docname=security.html'>
                 security policies</a> for information
356 357
                 regarding passwords and email addresses.\n";
    if (!$wikionly) {
358 359
	$pubkey_url = CreateURL("showpubkeys", $target_user);
	
360
	echo "<li> You can also
361
                 <a href='$pubkey_url'>edit your ssh public keys</a>.
362
		 sfs public keys</a>.
363 364
            <li> The City, State, ZIP/Postal Code, and Country fields 
                 were added later, so
365 366
                 some early users will be forced to adjust their addresses
                 before they can proceed. Sorry for the inconvenience.
Russ Fish's avatar
Russ Fish committed
367 368 369 370
            <li> A separate password is kept for experiment nodes running
                 Windows.  It is presented behind-the-scenes to rdesktop and
                 Samba by our Web interface, but you may still need to type
                 it.  The default password is randomly generated.  You may
371 372 373
                 change it to something easier to remember.\n";
    }
    echo "</ol>
374 375 376 377
          </blockquote></blockquote>
          </h4>\n";
}

378 379 380
# Early error checking on $target_user.
$errors  = array();

381
#
Leigh Stoller's avatar
Leigh Stoller committed
382 383
# The target uid and the current uid will be the same, unless its a priv user
# (admin,PI) modifying someone elses data. Must verify this case. Note that
384
# the target uid comes initially as a page arg, but later as a form argument
385
#
386
if (!isset($submit)) {
387 388 389
    if (!isset($target_user)) {
	$target_user = $this_user;
    }
390 391
}
else {
392
    if (!isset($target_user) || !isset($formfields)) {
393
	$errors["Args"] = "Invalid form arguments!";
Leigh Stoller's avatar
Leigh Stoller committed
394 395 396
    }
}

397
# Need this below.
398
$target_uid = $target_user->uid();
399 400

#
401
# Admin types can change anyone. 
402
#
403 404
if (!$isadmin && 
    !$target_user->AccessCheck($this_user, $TB_USERINFO_MODIFYINFO)) {
405 406 407
    $errors["Project"] = 
	"You do not have permission to modify information for ".
	    "user: $target_uid!";
408 409
}

410
#
411
# On first load, display a form consisting of current user values, and exit.
412
#
413 414 415 416 417 418 419 420 421 422 423 424 425 426 427
if (!isset($submit)) {
    $defaults = array();
    $defaults["user"]        = $target_user->webid();
    $defaults["usr_email"]   = $target_user->email();
    $defaults["usr_URL"]     = $target_user->URL();
    $defaults["usr_addr"]    = $target_user->addr();
    $defaults["usr_addr2"]   = $target_user->addr2();
    $defaults["usr_city"]    = $target_user->city();
    $defaults["usr_state"]   = $target_user->state();
    $defaults["usr_zip"]     = $target_user->zip();
    $defaults["usr_country"] = $target_user->country();
    $defaults["usr_name"]    = $target_user->name();
    $defaults["usr_phone"]   = $target_user->phone();
    $defaults["usr_title"]   = $target_user->title();
    $defaults["usr_affil"]   = $target_user->affil();
428
    $defaults["usr_affil_abbrev"] = $target_user->affil_abbrev();
429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461
    $defaults["usr_shell"]   = $target_user->shell();
    $defaults["notes"]       = $target_user->notes();
    $defaults["password1"]   = "";
    $defaults["password2"]   = "";
    $defaults["user_interface"] = $target_user->user_interface();

    $wikionly                = $target_user->wikionly();

    # Show and keep the Windows password if user-set, otherwise fill in the
    # random one.
    if ($target_user->w_pswd() != "") {
	$defaults["w_password1"] =
	    $defaults["w_password2"] = $target_user->w_pswd();
    }
    else {
	#
	# The initial random default for the Windows Password is based on the
	# Unix encrypted password, in particular the random salt if it's an
	# MD5 crypt, consisting of the 8 chars after an initial "$1$" and
	# followed by "$".
	#
	$unixpwd = explode('$', $target_user->pswd());
	if (strlen($unixpwd[0]) > 0)
	    # When there's no $ at the beginning, its not an MD5 hash.
	    $randpwd = substr($unixpwd[0],0,8);
	else
	    $randpwd = substr($unixpwd[2],0,8); # The MD5 salt string.
	$defaults["w_password1"] = $defaults["w_password2"] = $randpwd;
    }

    SPITFORM($defaults, $errors);
    PAGEFOOTER();
    return;
Russ Fish's avatar
Russ Fish committed
462 463
}

464
#
465 466 467 468 469
# If any errors, respit the form with the current values and the
# error messages displayed. Iterate until happy.
# 
if (count($errors)) {
    SPITFORM($formfields, $errors);
470 471 472 473 474
    PAGEFOOTER();
    return;
}

#
475
# Build up argument array to pass along.
476
#
477
$args = array();
478

479 480 481
# Always pass the password fields if specified.
if (isset($formfields["password1"]) && $formfields["password1"] != "") {
    $args["password1"] = $formfields["password1"];
482
}
483 484
if (isset($formfields["password2"]) && $formfields["password2"] != "") {
    $args["password2"] = $formfields["password2"];
485
}
486 487
if (isset($formfields["w_password1"]) && $formfields["w_password1"] != "") {
    $args["w_password1"] = $formfields["w_password1"];
488
}
489 490
if (isset($formfields["w_password2"]) && $formfields["w_password2"] != "") {
    $args["w_password2"] = $formfields["w_password2"];
491
}
492 493 494 495 496

# Skip passing ones that are not changing from the default (DB state.)
if (isset($formfields["usr_name"]) && $formfields["usr_name"] != "" &&
    ($formfields["usr_name"] != $target_user->name())) {
    $args["usr_name"]	= $formfields["usr_name"];
497
}
498 499 500
if (isset($formfields["usr_email"]) && $formfields["usr_email"] != "" &&
    ($formfields["usr_email"] != $target_user->email())) {
    $args["usr_email"]	= $formfields["usr_email"];
501
}
502 503 504
if (isset($formfields["usr_title"]) && $formfields["usr_title"] != "" &&
    $formfields["usr_title"] != $target_user->title()) {
    $args["usr_title"]	= $formfields["usr_title"];
505
}
506 507 508
if (isset($formfields["usr_affil"]) && $formfields["usr_affil"] != "" &&
    $formfields["usr_affil"] != $target_user->affil()) {
    $args["usr_affil"]	= $formfields["usr_affil"];
509
}
510 511 512 513
if (isset($formfields["usr_affil_abbrev"]) && $formfields["usr_affil_abbrev"] != "" &&
    $formfields["usr_affil"] != $target_user->affil_abbrev()) {
    $args["usr_affil_abbrev"]	= $formfields["usr_affil_abbrev"];
}
514 515 516
if (isset($formfields["usr_shell"]) && $formfields["usr_shell"] != "" &&
    $formfields["usr_shell"] != $target_user->shell()) {
    $args["usr_shell"]	= $formfields["usr_shell"];
517
}
518 519 520
if (isset($formfields["usr_URL"]) && $formfields["usr_URL"] != "" &&
    $formfields["usr_URL"] != $target_user->URL()) {
    $args["usr_URL"]	= $formfields["usr_URL"];
521
}
522 523 524
if (isset($formfields["usr_addr"]) && $formfields["usr_addr"] != "" &&
    $formfields["usr_addr"] != $target_user->addr()) {
    $args["usr_addr"]	= $formfields["usr_addr"];
525
}
526
if (isset($formfields["usr_addr2"]) &&
527
    $formfields["usr_addr2"] != $target_user->addr2()) {
528
    $args["usr_addr2"]	= $formfields["usr_addr2"];
Leigh Stoller's avatar
Leigh Stoller committed
529
}
530 531 532
if (isset($formfields["usr_city"]) && $formfields["usr_city"] != "" &&
    $formfields["usr_city"] != $target_user->city()) {
    $args["usr_city"]	= $formfields["usr_city"];
533
}
534 535 536
if (isset($formfields["usr_state"]) && $formfields["usr_state"] != "" &&
    $formfields["usr_state"] != $target_user->state()) {
    $args["usr_state"]	= $formfields["usr_state"];
537
}
538 539 540
if (isset($formfields["usr_zip"]) && $formfields["usr_zip"] != "" &&
    $formfields["usr_zip"] != $target_user->zip()) {
    $args["usr_zip"]	= $formfields["usr_zip"];
541
}
542 543 544
if (isset($formfields["usr_country"]) && $formfields["usr_country"] != "" &&
    $formfields["usr_country"] != $target_user->country()) {
    $args["usr_country"]	= $formfields["usr_country"];
545
}
546
if (isset($formfields["usr_phone"]) && $formfields["usr_phone"] != "" &&
547 548
    $formfields["usr_phone"] != $target_user->phone()) {
    $args["usr_phone"]	= $formfields["usr_phone"];
549
}
550 551 552
if (isset($formfields["user_interface"]) && $formfields["user_interface"] != "" &&
    $formfields["user_interface"] != $target_user->user_interface()) {
    $args["user_interface"]	= $formfields["user_interface"];
553
}
554
if (isset($formfields["notes"]) &&
555 556
    $formfields["notes"] != $target_user->notes()) {
    $args["notes"]	= $formfields["notes"];
Russ Fish's avatar
Russ Fish committed
557
}
558

559
if (! ($result = User::ModUserInfo($target_user, $uid, $args, $errors))) {
560 561
    # Always respit the form so that the form fields are not lost.
    # I just hate it when that happens so lets not be guilty of it ourselves.
562 563 564 565 566
    SPITFORM($formfields, $errors);
    PAGEFOOTER();
    return;
}

567
PAGEHEADER("Modify User Information");
568

569 570
###STOPBUSY();

571
echo "<center><h3>Done!</h3></center>\n";
572
PAGEREPLACE(CreateURL("showuser", $target_user) . "#PROFILE");
573

574 575 576 577
#
# Standard Testbed Footer
# 
PAGEFOOTER();
578
?>