joinproject.php3 33.1 KB
Newer Older
1
<?php
Leigh Stoller's avatar
Leigh Stoller committed
2
#
3
# Copyright (c) 2000-2014, 2018 University of Utah and the Flux Group.
4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
# 
# {{{EMULAB-LICENSE
# 
# This file is part of the Emulab network testbed software.
# 
# This file is free software: you can redistribute it and/or modify it
# under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or (at
# your option) any later version.
# 
# This file is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public
# License for more details.
# 
# You should have received a copy of the GNU Affero General Public License
# along with this file.  If not, see <http://www.gnu.org/licenses/>.
# 
# }}}
Leigh Stoller's avatar
Leigh Stoller committed
23
#
24 25
include("defs.php3");

26 27 28 29 30 31 32 33 34 35
#
# This is a hack to support wikiregister.php3 - normally, this variable would
# be cleared by OptionalPageArguments()
#
if (isset($forwikionly) && $forwikionly == True) {
    $old_forwikionly = True;
} else {
    $old_forwikionly = False;
}

36 37 38
# Need this below;
$show_sslcertbox = TBGetSiteVar("protogeni/show_sslcertbox");

39 40
#
# No PAGEHEADER since we spit out a Location header later. See below.
41
#
42 43 44

#
# Get current user.
45 46
#
$this_user = CheckLogin($check_status);
47

48 49 50 51 52 53
#
# Verify page arguments.
#
$optargs = OptionalPageArguments("submit",       PAGEARG_STRING,
				 "forwikionly",  PAGEARG_BOOLEAN,
				 "finished",     PAGEARG_BOOLEAN,
54
				 "nopidokay",    PAGEARG_STRING,
55 56 57 58
				 "target_pid",   PAGEARG_STRING,
				 "target_gid",   PAGEARG_STRING,
				 "formfields",   PAGEARG_ARRAY);

59 60
#
# If a uid came in, then we check to see if the login is valid.
61
# We require that the user be logged in to start a second project.
62
#
63
if ($this_user) {
64 65
    # Allow unapproved users to join multiple groups ...
    # Must be verified though.
66 67 68
    CheckLoginOrDie(CHECKLOGIN_UNAPPROVED|
		    CHECKLOGIN_WEBONLY|CHECKLOGIN_WIKIONLY);
    $joining_uid = $this_user->uid();
69 70 71
    $returning = 1;
}
else {
72
    header("Location: portal/signup.php?joinproject=1");
73 74
}

75 76 77
if ($old_forwikionly == True) {
    $forwikionly = True;
}
78
if (!isset($forwikionly)) {
79
    $forwikionly = False;
80
}
81
$nopidconfirm = 0;
82
unset($addpubkeyargs);
83 84
unset($pid);
unset($gid);
85

Leigh Stoller's avatar
Leigh Stoller committed
86 87 88 89
$ACCOUNTWARNING =
    "Before continuing, please make sure your username " .
    "reflects your normal login name. ".
    "Emulab accounts are not to be shared amongst users!";
90

Leigh Stoller's avatar
Leigh Stoller committed
91 92 93
$EMAILWARNING =
    "Before continuing, please make sure the email address you have ".
    "provided is current and non-pseudonymic. Redirections and anonymous ".
94 95
    "email addresses are not allowed.";

96 97 98 99 100 101
#
# Spit the form out using the array of data. 
# 
function SPITFORM($formfields, $returning, $errors)
{
    global $TBDB_UIDLEN, $TBDB_PIDLEN, $TBDB_GIDLEN;
102
    global $ACCOUNTWARNING, $EMAILWARNING;
103
    global $WIKISUPPORT, $forwikionly, $WIKIHOME, $USERSELECTUIDS;
104
    global $WIKIDOCURL;
105
    global $PROTOGENI, $show_sslcertbox, $nopidokay;
106 107 108 109 110

    if ($forwikionly)
	PAGEHEADER("Wiki Registration");
    else
	PAGEHEADER("Apply for Project Membership");
111

112
    if (! $returning) {
113 114 115 116 117 118 119
	echo "<center>\n";

	if ($forwikionly) {
	    echo "<font size=+2>Register for an Emulab Wiki account</font>
                  <br><br>\n";
	}
        echo "<font size=+1>
120 121 122
               If you already have an Emulab account,
               <a href=login.php3?refer=1>
               <font color=red>please log on first!</font></a>
123 124 125 126 127 128 129 130
              </font>\n";
	if ($forwikionly) {
	    echo "<br>(You will already have a wiki account)\n";
	}
	echo "</center><br>\n";	
    }
    elseif ($forwikionly) {
	USERERROR("You already have a Wiki account!", 1);
131 132
    }

133
    if ($errors) {
134 135
	echo "<table class=nogrid
                     align=center border=0 cellpadding=6 cellspacing=0>
136
              <tr>
137
                 <th align=center colspan=2>
138
                   <font size=+1 color=red>
139
                      &nbsp;Oops, please fix the following errors!&nbsp;
140 141 142 143 144
                   </font>
                 </td>
              </tr>\n";

	while (list ($name, $message) = each ($errors)) {
145 146
            # XSS prevention.
	    $message = CleanString($message);
147
	    echo "<tr>
148 149 150 151
                     <td align=right>
                       <font color=red>$name:&nbsp;</font></td>
                     <td align=left>
                       <font color=red>$message</font></td>
152 153 154 155
                  </tr>\n";
	}
	echo "</table><br>\n";
    }
156 157 158 159
    # XSS prevention.
    while (list ($key, $val) = each ($formfields)) {
	$formfields[$key] = CleanString($val);
    }
160 161 162 163
    if (isset($nopidokay)) {
        $nopidokay = CleanString($nopidokay);
        echo "<input type=hidden name=nopidokay value='$nopidokay'>\n";
    }
164
    
165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192
    echo "<SCRIPT LANGUAGE=JavaScript>
              function SetWikiName(theform) 
              {
	          var validchars = 'abcdefghijklmnopqrstuvwxyz0123456789';
                  var usrname    = theform['formfields[usr_name]'].value;
                  var wikiname   = '';
                  var docap      = 1;

		  for (var i = 0; i < usrname.length; i++) {
                      var letter = usrname.charAt(i).toLowerCase();

                      if (validchars.indexOf(letter) == -1) {
                          if (letter == ' ') {
                              docap = 1;
                          }
                          continue;
                      }
                      else {
                          if (docap == 1) {
                              letter = usrname.charAt(i).toUpperCase()
                              docap  = 0;
                          }
                          wikiname = wikiname + letter;
                      }
                  }
                  theform['formfields[wikiname]'].value = wikiname;
              }
          </SCRIPT>\n";
193 194 195

    echo "<table align=center border=1> 
          <tr>
196 197
            <td align=center colspan=3><font size=-1>
                Fields marked with * are required.</font>
198 199 200
            </td>
          </tr>\n

201 202 203 204
          <form name=myform enctype=multipart/form-data
                action=" . ($forwikionly ?
			    "wikiregister.php3" : "joinproject.php3") . " " .
	        "method=post>\n";
205 206

    if (! $returning) {
207 208 209 210 211 212
	if ($USERSELECTUIDS) {
            #
            # UID.
            #
	    echo "<tr>
                      <td colspan=2>*<a
213
                             href='$WIKIDOCURL/SecReqs'
214
                             target=_blank>Username</a>
215
                                (alphanumeric):</td>
216 217 218
                      <td class=left>
                          <input type=text
                                 name=\"formfields[joining_uid]\"
219
                                 value=\"" . $formfields["joining_uid"] . "\"
220 221 222 223 224 225
	                         size=$TBDB_UIDLEN
                                 onchange=\"alert('$ACCOUNTWARNING')\"
	                         maxlength=$TBDB_UIDLEN>
                      </td>
                  </tr>\n";
	}
226 227 228 229 230

	#
	# Full Name
	#
        echo "<tr>
231
                  <td colspan=2>*Full Name (first and last):</td>
232 233
                  <td class=left>
                      <input type=text
234 235 236 237 238
                             name=\"formfields[usr_name]\" ";
	if ($WIKISUPPORT) {
	    echo "           onchange=\"SetWikiName(myform);\" ";
	}
	echo "               value=\"" . $formfields["usr_name"] . "\"
239 240 241 242 243
	                     size=30>
                  </td>
              </tr>\n";

	#
244
	# WikiName
245
	#
246 247
	if ($WIKISUPPORT) {
	    echo "<tr>
248 249
                      <td colspan=2>*<a
                            href=${WIKIHOME}/bin/view/TWiki/WikiName
250 251 252
                            target=_blank>WikiName</a>:<td class=left>
                          <input type=text
                                 name=\"formfields[wikiname]\"
253
                                 value=\"" . $formfields["wikiname"] . "\"
254 255 256 257 258 259 260 261 262 263
	                         size=30>
                      </td>
                  </tr>\n";
	}

	if (! $forwikionly) {
            #
            # Title/Position:
	    #
	    echo "<tr>
264
                      <td colspan=2>*Job Title/Position:</td>
265 266 267
                      <td class=left>
                          <input type=text
                                 name=\"formfields[usr_title]\"
268
                                 value=\"" . $formfields["usr_title"] . "\"
269 270 271 272 273 274 275 276
  	                         size=30>
                      </td>
                  </tr>\n";

            #
            # Affiliation:
            # 
	    echo "<tr>
277
                      <td colspan=2>*Institutional Affiliation:</td>
278
                      <td class=left>
279 280 281 282
			<table>
                          <tr>
                          <td>Name</td>
                          <td><input type=text
283
                                 name=\"formfields[usr_affil]\"
284
                                 value=\"" . $formfields["usr_affil"] . "\"
285 286 287 288 289 290 291 292 293
	                         size=40></td></tr>
			  <tr>
                          <td>Abbreviation:</td>
                          <td><input type=text
                                 name=\"formfields[usr_affil_abbrev]\"
                                 value=\"" . $formfields["usr_affil_abbrev"] . "\"
	                         size=16 maxlength=16> (e.g. MIT)</td>
			  </tr>
        		</table>
294 295 296 297 298 299
                      </td>
                  </tr>\n";

	    #
	    # User URL
	    #
300
	    echo "<tr>
301 302 303 304
                      <td colspan=2>Home Page URL:</td>
                      <td class=left>
                          <input type=text
                                 name=\"formfields[usr_URL]\"
305
                                 value=\"" . $formfields["usr_URL"] . "\"
306 307 308 309
	                         size=45>
                      </td>
                  </tr>\n";
	}
310 311 312 313 314

	#
	# Email:
	#
	echo "<tr>
315
                  <td colspan=2>*Email Address[<b>1</b>]:</td>
316 317 318
                  <td class=left>
                      <input type=text
                             name=\"formfields[usr_email]\"
319
                             value=\"" . $formfields["usr_email"] . "\"
320
                             onchange=\"alert('$EMAILWARNING')\"
321 322 323 324
	                     size=30>
                  </td>
              </tr>\n";

325 326 327 328 329 330 331 332 333
	if (! $forwikionly) {
	    #
	    # Postal Address
	    #
	    echo "<tr><td colspan=3>*Postal Address:<br /><center>
		    <table>
		      <tr><td>Line 1</td><td colspan=3>
                        <input type=text
                               name=\"formfields[usr_addr]\"
334
                               value=\"" . $formfields["usr_addr"] . "\"
335 336 337 338
	                       size=45></td></tr>
		      <tr><td>Line 2</td><td colspan=3>
                        <input type=text
                               name=\"formfields[usr_addr2]\"
339
                               value=\"" . $formfields["usr_addr2"] . "\"
340 341 342 343
	                       size=45></td></tr>
		      <tr><td>City</td><td>
                        <input type=text
                               name=\"formfields[usr_city]\"
344
                               value=\"" . $formfields["usr_city"] . "\"
345 346 347 348
	                       size=25></td>
		          <td>State/Province</td><td>
                        <input type=text
                               name=\"formfields[usr_state]\"
349
                               value=\"" . $formfields["usr_state"] . "\"
350 351 352 353
	                       size=2></td></tr>
		      <tr><td>ZIP/Postal Code</td><td>
                        <input type=text
                               name=\"formfields[usr_zip]\"
354
                               value=\"" . $formfields["usr_zip"] . "\"
355 356 357 358
	                       size=10></td>
		          <td>Country</td><td>
                        <input type=text
                               name=\"formfields[usr_country]\"
359
                               value=\"" . $formfields["usr_country"] . "\"
360 361 362 363 364 365 366 367 368 369 370
	                       size=15></td></tr>
                   </table></center></td></tr>";

	    #
	    # Phone
	    #
	    echo "<tr>
                      <td colspan=2>*Phone #:</td>
                      <td class=left>
                          <input type=text
                                 name=\"formfields[usr_phone]\"
371
                                 value=\"" . $formfields["usr_phone"] . "\"
372 373 374
	                         size=15>
                      </td>
                  </tr>\n";
375

376 377 378 379
	    #
	    # SSH public key
	    #
	    echo "<tr>
380
                     <td colspan=2>Upload your SSH Pub Key[<b>2</b>]:<br>
381
                                       (4K max)</td>
382 383
   
                     <td>
384
                          <input type=hidden name=MAX_FILE_SIZE value=4096>
385
                          <input type=file
386 387 388 389 390 391
                                 size=50
                                 name=usr_keyfile ";
	    if (isset($_FILES['usr_keyfile'])) {
		echo "        value=\"" .
		    $_FILES['usr_keyfile']['name'] . "\"";
	    }
Russ Fish's avatar
Russ Fish committed
392
	    echo         "> </td>
393 394
                  </tr>\n";
	}
395

396 397 398 399 400
	#
	# Password. Note that we do not resend the password. User
	# must retype on error.
	#
	echo "<tr>
401
                  <td colspan=2>*Password[<b>1</b>]:</td>
402 403 404
                  <td class=left>
                      <input type=password
                             name=\"formfields[password1]\"
405
                             value=\"" . $formfields["password1"] . "\"
406 407 408 409
                             size=8></td>
              </tr>\n";

        echo "<tr>
410
                  <td colspan=2>*Retype Password:</td>
411 412 413
                  <td class=left>
                      <input type=password
                             name=\"formfields[password2]\"
414
                             value=\"" . $formfields["password2"] . "\"
415 416
                             size=8></td>
             </tr>\n";
417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445

	#
	# Geni Passphrase.
	#
	if ($PROTOGENI && $show_sslcertbox) {
	    echo "<tr></tr><tr>
                   <th class=center colspan=3>Geni Account<br>
                 <a href='http://users.emulab.net/trac/emulab/wiki/GeniBlurb'
			target=_blank><font size=-2>what's this?</font></a></td>
                  </tr>\n";

	    echo "<tr>
                  <td colspan=2>Geni SSL Pass Phrase[<b>3</b>]:</td>
                  <td class=left>
                      <input type=password
                             name=\"formfields[passphrase1]\"
                             value=\"" . $formfields["passphrase1"] . "\"
                             size=32></td>
              </tr>\n";

	    echo "<tr>
                  <td colspan=2>Retype Geni Pass Phrase:</td>
                  <td class=left>
                      <input type=password
                             name=\"formfields[passphrase2]\"
                             value=\"" . $formfields["passphrase2"] . "\"
                             size=32></td>
             </tr>\n";
	}
446
    }
447 448 449
    echo "<tr></tr><tr>
              <th class=center colspan=3>Project Info</td>
          </tr>\n";
450

451 452 453 454 455 456 457 458 459
    if (! $forwikionly) {
        #
        # Project Name:
        #
	echo "<tr>
                  <td colspan=2>*Project Name:</td>
                  <td class=left>
                      <input type=text
                             name=\"formfields[pid]\"
460
                             value=\"" . $formfields["pid"] . "\"
461 462 463
	                     size=$TBDB_PIDLEN maxlength=$TBDB_PIDLEN>
                  </td>
              </tr>\n";
464

465 466 467 468 469 470 471 472 473
        #
        # Group Name:
        #
	echo "<tr>
                  <td colspan=2>Group Name:<br>
                  (Leave blank unless you <em>know</em> the group name)</td>
                  <td class=left>
                      <input type=text
                             name=\"formfields[gid]\"
474
                             value=\"" . $formfields["gid"] . "\"
475 476 477 478
	                     size=$TBDB_GIDLEN maxlength=$TBDB_GIDLEN>
                  </td>
              </tr>\n";
    }
479 480

    echo "<tr>
481
              <td colspan=3 align=center>
482 483 484 485 486 487 488 489 490 491
                 <b><input type=submit name=submit value=Submit></b>
              </td>
          </tr>\n";

    echo "</form>
          </table>\n";

    echo "<h4><blockquote><blockquote>
          <ol>
            <li> Please consult our
492
                 <a href = '$WIKIDOCURL/SecReqs' target='_blank'>
493
                 security policies</a> for information
494
                 regarding passwords and email addresses.\n";
495
    if (!$returning && !$forwikionly) {
496
	echo "<li> If you want us to use your existing ssh public key,
497
                   then please specify the path to your
498
                   identity.pub file.  <font color=red>NOTE:</font>
499
                   We use the <a href=http://www.openssh.org target='_blank'>OpenSSH</a>
500
                   key format,
501 502
                   which has a slightly different protocol 2 public key format
                   than some of the commercial vendors such as
503
                   <a href=http://www.ssh.com target='_blank'>SSH Communications</a>. If you
504
                   use one of these commercial vendors, then please
505 506
                   upload the public key file and we will convert it
                   for you.";
507 508 509 510 511 512
	if ($PROTOGENI && $show_sslcertbox) {
	    echo "<li>";
	    echo "Pick a good pass phrase! They can be (much) longer than
                  Unix passwords; 10 to 30 character phrases are good,
                  and may include spaces and punctuation.";
	}
513 514
    }
    echo "</ol>
515 516 517 518 519 520 521
          </blockquote></blockquote>
          </h4>\n";
}

#
# The conclusion of a join request. See below.
# 
522
if (isset($finished)) {
523 524 525 526
    if ($forwikionly) 
	PAGEHEADER("Wiki Registration");
    else
	PAGEHEADER("Apply for Project Membership");
527 528 529 530

    #
    # Generate some warm fuzzies.
    #
531 532 533 534 535 536 537
    if ($forwikionly) {
	echo "An email message has been sent to your account so we may verify
              your email address. Please follow the instructions contained in
              that message, which will verify your account, and grant you
              access to the Wiki.\n";
    }
    elseif (! $returning) {
538 539
	echo "<p>
              As a pending user of the Testbed you will receive a key via email.
540
              When you receive the message, please follow the instructions
541 542 543 544 545
              contained in the message, which will verify your identity.
	      <br>
	      <p>
	      When you have done that, the project leader will be
	      notified of your application. ";
546 547
    }
    else {
548 549
          echo "<p>
	  	The project leader has been notified of your application. ";
550 551
    }

552 553 554 555
    echo "He/She will make a decision and either approve or deny your
          application, and you will be notified via email as soon as
	  that happens.\n";

556 557 558 559 560 561 562
    PAGEFOOTER();
    return;
}

#
# On first load, display a virgin form and exit.
#
563
if (! isset($submit)) {
564
    $defaults = array();
565 566 567 568 569 570 571 572 573 574 575 576 577 578
    $defaults["pid"]         = "";
    $defaults["gid"]         = "";
    $defaults["joining_uid"] = "";
    $defaults["usr_name"]    = "";
    $defaults["usr_email"]   = "";
    $defaults["usr_addr"]    = "";
    $defaults["usr_addr2"]   = "";
    $defaults["usr_city"]    = "";
    $defaults["usr_state"]   = "";
    $defaults["usr_zip"]     = "";
    $defaults["usr_country"] = "";
    $defaults["usr_phone"]   = "";
    $defaults["usr_title"]   = "";
    $defaults["usr_affil"]   = "";
579
    $defaults["usr_affil_abbrev"] = "";
580 581
    $defaults["password1"]   = "";
    $defaults["password2"]   = "";
582 583
    $defaults["passphrase1"] = "";
    $defaults["passphrase2"] = "";
584 585 586
    $defaults["wikiname"]    = "";
    $defaults["usr_URL"]     = "$HTTPTAG";
    $defaults["usr_country"] = "USA";
587 588 589 590 591

    #
    # These two allow presetting the pid/gid.
    # 
    if (isset($target_pid) && strcmp($target_pid, "")) {
592
	$defaults["pid"] = $target_pid;
593 594
    }
    if (isset($target_gid) && strcmp($target_gid, "")) {
595
	$defaults["gid"] = $target_gid;
596
    }
597 598 599 600 601
    
    SPITFORM($defaults, $returning, 0);
    PAGEFOOTER();
    return;
}
602 603 604
# Form submitted. Make sure we have a formfields array.
if (!isset($formfields)) {
    PAGEARGERROR("Invalid form arguments.");
605
}
606 607 608 609 610 611 612 613 614 615

#
# Otherwise, must validate and redisplay if errors
#
$errors = array();

#
# These fields are required!
#
if (! $returning) {
616
    if ($USERSELECTUIDS) {
617 618
	if (!isset($formfields["joining_uid"]) ||
	    strcmp($formfields["joining_uid"], "") == 0) {
619 620
	    $errors["Username"] = "Missing Field";
	}
621
	elseif (!TBvalid_uid($formfields["joining_uid"])) {
622 623
	    $errors["UserName"] = TBFieldErrorString();
	}
624 625
	elseif (User::Lookup($formfields["joining_uid"]) ||
		posix_getpwnam($formfields["joining_uid"])) {
626 627
	    $errors["UserName"] = "Already in use. Pick another";
	}
628
    }
629 630
    if (!isset($formfields["usr_name"]) ||
	strcmp($formfields["usr_name"], "") == 0) {
631 632
	$errors["Full Name"] = "Missing Field";
    }
633
    elseif (! TBvalid_usrname($formfields["usr_name"])) {
634
	$errors["Full Name"] = TBFieldErrorString();
635
    }
636
    # Make sure user name has at least two tokens!
637
    $tokens = preg_split("/[\s]+/", $formfields["usr_name"],
638 639 640 641
			 -1, PREG_SPLIT_NO_EMPTY);
    if (count($tokens) < 2) {
	$errors["Full Name"] = "Please provide a first and last name";
    }
642
    if ($WIKISUPPORT) {
643 644
	if (!isset($formfields["wikiname"]) ||
	    strcmp($formfields["wikiname"], "") == 0) {
645 646
	    $errors["WikiName"] = "Missing Field";
	}
647
	elseif (! TBvalid_wikiname($formfields["wikiname"])) {
648 649
	    $errors["WikiName"] = TBFieldErrorString();
	}
650
	elseif (User::LookupByWikiName($formfields["wikiname"])) {
651 652
	    $errors["WikiName"] = "Already in use. Pick another";
	}
653
    }
654
    if (!$forwikionly) {
655 656
	if (!isset($formfields["usr_title"]) ||
	    strcmp($formfields["usr_title"], "") == 0) {
657
	    $errors["Job Title/Position"] = "Missing Field";
658
	}
659
	elseif (! TBvalid_title($formfields["usr_title"])) {
660
	    $errors["Job Title/Position"] = TBFieldErrorString();
661
	}
662 663
	if (!isset($formfields["usr_affil"]) ||
	    strcmp($formfields["usr_affil"], "") == 0) {
664
	    $errors["Affiliation Name"] = "Missing Field";
665
	}
666
	elseif (! TBvalid_affiliation($formfields["usr_affil"])) {
667 668 669 670 671 672
	    $errors["Affiliation Name"] = TBFieldErrorString();
	}
	if (!isset($formfields["usr_affil_abbrev"]) ||
	    strcmp($formfields["usr_affil_abbrev"], "") == 0) {
	    $errors["Affiliation Abbreviation"] = "Missing Field";
	}
673
	elseif (! TBvalid_affiliation_abbreviation($formfields["usr_affil_abbrev"])) {
674
	    $errors["Affiliation Name"] = TBFieldErrorString();
675 676
	}
    }	
677 678
    if (!isset($formfields["usr_email"]) ||
	strcmp($formfields["usr_email"], "") == 0) {
679 680
	$errors["Email Address"] = "Missing Field";
    }
681
    elseif (! TBvalid_email($formfields["usr_email"])) {
682
	$errors["Email Address"] = TBFieldErrorString();
683
    }
684
    elseif (User::LookupByEmail($formfields["usr_email"])) {
685 686
	$errors["Email Address"] =
	    "Already in use. <b>Did you forget to login?</b>";
687
    }
688
    if (! $forwikionly) {
689 690
	if (isset($formfields["usr_URL"]) &&
	    strcmp($formfields["usr_URL"], "") &&
691 692 693 694 695 696 697 698 699 700
	    strcmp($formfields["usr_URL"], $HTTPTAG)) {
	    if (strcmp($HTTPTAG,
		       substr($formfields["usr_URL"], 0, strlen($HTTPTAG))) &&
		strcmp($HTTPSTAG,
		       substr($formfields["usr_URL"], 0, strlen($HTTPSTAG)))) {
		$formfields["usr_URL"] = "${HTTPTAG}" . $formfields["usr_URL"];
	    }
	    if (! CHECKURL($formfields["usr_URL"], $urlerror)) {
		$errors["Home Page URL"] = $urlerror;
	    }
701
	}
702 703
	if (!isset($formfields["usr_addr"]) ||
	    strcmp($formfields["usr_addr"], "") == 0) {
704 705
	    $errors["Address 1"] = "Missing Field";
	}
706
	elseif (! TBvalid_addr($formfields["usr_addr"])) {
707 708 709
	    $errors["Address 1"] = TBFieldErrorString();
	}
        # Optional
710 711
	if (isset($formfields["usr_addr2"]) &&
	    !TBvalid_addr($formfields["usr_addr2"])) {
712 713
	    $errors["Address 2"] = TBFieldErrorString();
	}
714 715
	if (!isset($formfields["usr_city"]) ||
	    strcmp($formfields["usr_city"], "") == 0) {
716 717
	    $errors["City"] = "Missing Field";
	}
718
	elseif (! TBvalid_city($formfields["usr_city"])) {
719 720
	    $errors["City"] = TBFieldErrorString();
	}
721 722
	if (!isset($formfields["usr_state"]) ||
	    strcmp($formfields["usr_state"], "") == 0) {
723 724
	    $errors["State"] = "Missing Field";
	}
725
	elseif (! TBvalid_state($formfields["usr_state"])) {
726 727
	    $errors["State"] = TBFieldErrorString();
	}
728 729
	if (!isset($formfields["usr_zip"]) ||
	    strcmp($formfields["usr_zip"], "") == 0) {
730 731
	    $errors["ZIP/Postal Code"] = "Missing Field";
	}
732
	elseif (! TBvalid_zip($formfields["usr_zip"])) {
733 734
	    $errors["Zip/Postal Code"] = TBFieldErrorString();
	}
735 736
	if (!isset($formfields["usr_country"]) ||
	    strcmp($formfields["usr_country"], "") == 0) {
737 738
	    $errors["Country"] = "Missing Field";
	}
739
	elseif (! TBvalid_country($formfields["usr_country"])) {
740 741
	    $errors["Country"] = TBFieldErrorString();
	}
742 743
	if (!isset($formfields["usr_phone"]) ||
	    strcmp($formfields["usr_phone"], "") == 0) {
744 745
	    $errors["Phone #"] = "Missing Field";
	}
746
	elseif (!TBvalid_phone($formfields["usr_phone"])) {
747 748
	    $errors["Phone #"] = TBFieldErrorString();
	}
749
    }
750 751
    if (!isset($formfields["password1"]) ||
	strcmp($formfields["password1"], "") == 0) {
752 753
	$errors["Password"] = "Missing Field";
    }
754 755
    if (!isset($formfields["password2"]) ||
	strcmp($formfields["password2"], "") == 0) {
756 757
	$errors["Confirm Password"] = "Missing Field";
    }
758
    elseif (strcmp($formfields["password1"], $formfields["password2"])) {
759 760
	$errors["Confirm Password"] = "Does not match Password";
    }
761
    elseif (! CHECKPASSWORD(($USERSELECTUIDS ?
762 763 764 765
			     $formfields["joining_uid"] : "ignored"),
			    $formfields["password1"],
			    $formfields["usr_name"],
			    $formfields["usr_email"], $checkerror)) {
766 767
	$errors["Password"] = "$checkerror";
    }
768 769 770 771 772 773 774 775 776
    if ($PROTOGENI && $show_sslcertbox &&
	isset($formfields["passphrase1"]) && $formfields["passphrase1"] != "") {
	if (!isset($formfields["passphrase2"]) ||
	    $formfields["passphrase2"] == "") {
	    $errors["Confirm Pass Phrase"] = "Missing Field";
	}
	elseif ($formfields["passphrase1"] != $formfields["passphrase2"]) {
	    $errors["Confirm Pass Phrase"] = "Does not match Pass Phrase";
	}
777 778 779 780
	elseif (strlen($formfields["passphrase1"]) < $TBDB_MINPASSPHRASE) {
	    $errors["Pass Phrase"] =
		"Too short; $TBDB_MINPASSPHRASE char minimum";
	}
781 782 783 784 785 786 787 788
	elseif (! CHECKPASSWORD(($USERSELECTUIDS ?
				 $formfields["joining_uid"] : "ignored"),
				$formfields["passphrase1"],
				$formfields["usr_name"],
				$formfields["usr_email"], $checkerror)) {
	    $errors["Pass Phrase"] = "$checkerror";
	}
    }
789
}
790
if (!$forwikionly) {
791
    if (!isset($formfields["pid"]) || $formfields["pid"] == "") {
792 793 794
	if ($returning) {
	    $errors["Project Name"] = "Missing Field";
	}
795 796 797 798 799 800 801
	elseif (!isset($nopidokay)) {
	    # 
	    # Sigh, no one reads or follows simple instructions.
	    #
	    $errors["Project Name"] = "Missing Field";
	}
	elseif (isset($nopidokay) && $nopidokay != "1") {
802 803 804 805 806 807 808
	    if ($nopidokay != "Confirm") {
		$errors["Project Name"] = "Please tell us the Project";
	    }
	}
	else {
	    $nopidconfirm = 1;
	}
809 810 811
    }
    else {
        # Confirm pid/gid early to avoid spamming the page.
812
	$pid = $formfields["pid"];
813

814 815
	if (isset($formfields["gid"]) && $formfields["gid"] != "") {
	    $gid = $formfields["gid"];
816 817 818 819 820
	}
	else {
	    $gid = $pid;
	}

821
	if (!TBvalid_pid($pid) || !Project::Lookup($pid)) {
822 823
	    $errors["Project Name"] = "Invalid Project Name";
	}
824
	elseif (!TBvalid_gid($gid) || !Group::LookupByPidGid($pid, $gid)) {
825 826 827
	    $errors["Group Name"] = "Invalid Group Name";
	}
    }
828 829
}

830
# Present these errors before we call out to do pubkey stuff; saves work.
831 832 833 834 835 836
if (count($errors)) {
    SPITFORM($formfields, $returning, $errors);
    PAGEFOOTER();
    return;
}

837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857
#
# No project, lets confirm. 
#
if ($nopidconfirm) {
    PAGEHEADER("Apply for Project Membership");
    
    echo "<blockquote>\n";
    echo "You did not specify a project to join. If you do not join a project ";
    echo "you will not be able to use the testbed. ";
    echo "But if you are sure, click on <b>Confirm</b>. ";
    echo "Else click <b>Back</b> and ";
    echo "enter the name of the project you want to join.\n";
    echo "<br>\n";
    
    echo "<form enctype=\"multipart/form-data\" action='joinproject.php3'
            method=post name=idform>";
    #
    # Send all of their stuff along.
    #
    reset($formfields);
    while (list($key, $value) = each($formfields)) {
858 859 860 861
	if ($key != "nopidokay") {
	    echo "<input type=hidden name=\"formfields[$key]\" ".
		"value=\"$value\"></input>\n";
	}
862 863 864 865 866 867 868 869 870 871 872
    }
    echo "<input type=hidden name='submit' value='Submit'>\n";
    echo "<center><br>\n";
    echo "<input type=submit name=nopidokay value=Confirm>&nbsp;";
    echo "<input type=submit name=nopidokay value=Back>\n";
    echo "</center></form>";

    PAGEFOOTER();
    return;
}

873 874 875
#
# Need the user, project and group objects for the rest of this.
#
876
if (!$forwikionly && isset($pid)) {
877
    if (! ($project = Project::Lookup($pid))) {
878
	TBERROR("Could not lookup object for $pid!", 1);
879
    }
880 881
    if (! ($group = Group::LookupByPidGid($pid, $gid))) {
	TBERROR("Could not lookup object for $pid/$gid!", 1);
882
    }
883
    if ($returning) {
884 885
	$user = $this_user;
	if ($group->IsMember($user, $ignore)) {
886 887
	    $errors["Membership"] = "You are already a member";
	}
888
    }
889 890
}

891 892 893 894 895
#
# If this is a new user, only allow the user creation to proceed if 
# doing so would not add a non-admin (default for new users) to a 
# project with admins.
#
896 897
if ($ISOLATEADMINS && !$returning &&
    isset($project) && count($project->GetAdmins())) {
898
    $errors["Joining Project"] =
899
	"You cannot join this project due to security restrictions!"
900 901 902 903 904 905 906 907
	. "  If you were told to join this project specifically, email"
	. " either the project leader OR $TBMAILADDR_OPS.";
    TBERROR("New user '".$formfields["joining_uid"]."' attempted to join project ".
	    "'$pid'\n".
	    "which would create a mix of admin and non-admin ".
	    "users\n\n--- so the user creation was NOT allowed to occur!\n", 0);
}

908
# Done with sanity checks!
909 910 911 912 913 914 915
if (count($errors)) {
    SPITFORM($formfields, $returning, $errors);
    PAGEFOOTER();
    return;
}

#
916 917
# Create a new user. We do this by creating a little XML file to pass to
# the newuser script.
918 919
#
if (! $returning) {
920
    $args = array();
921 922 923 924 925 926 927 928 929
    $args["name"]	   = $formfields["usr_name"];
    $args["email"]         = $formfields["usr_email"];
    $args["address"]       = $formfields["usr_addr"];
    $args["address2"]      = $formfields["usr_addr2"];
    $args["city"]          = $formfields["usr_city"];
    $args["state"]         = $formfields["usr_state"];
    $args["zip"]           = $formfields["usr_zip"];
    $args["country"]       = $formfields["usr_country"];
    $args["phone"]         = $formfields["usr_phone"];
930
    $args["shell"]         = 'tcsh';
931 932
    $args["title"]         = $formfields["usr_title"];
    $args["affiliation"]   = $formfields["usr_affil"];
933
    $args["affiliation_abbreviation"] = $formfields["usr_affil_abbrev"];
934
    $args["password"]      = $formfields["password1"];
935 936 937
    if ($WIKISUPPORT) {
        $args["wikiname"] = $formfields["wikiname"];
    }
938

939 940
    if (isset($formfields["usr_URL"]) &&
	$formfields["usr_URL"] != $HTTPTAG && $formfields["usr_URL"] != "") {
Russ Fish's avatar
Russ Fish committed
941
	$args["URL"] = $formfields["usr_URL"];
942
    }
943
    if ($USERSELECTUIDS) {
944
	$args["uid"] = $formfields["joining_uid"];
945 946
    }

947 948 949 950 951
    # Backend verifies pubkey and returns error.
    if (!$forwikionly) {
	if (isset($_FILES['usr_keyfile']) &&
	    $_FILES['usr_keyfile']['name'] != "" &&
	    $_FILES['usr_keyfile']['name'] != "none") {
952

953 954 955
	    $localfile = $_FILES['usr_keyfile']['tmp_name'];
	    $args["pubkey"] = file_get_contents($localfile);
	}
956
    }
957 958 959 960
    if ($PROTOGENI && $show_sslcertbox &&
	isset($formfields["passphrase1"]) && $formfields["passphrase1"] != "") {
	$args["passphrase"] = $formfields["passphrase1"];
    }
961 962
    if (! ($user = User::NewNewUser(($forwikionly ?
				     TBDB_NEWACCOUNT_WIKIONLY : 0),
963 964 965 966 967 968
				    $args,
				    $error)) != 0) {
	$errors["Error Creating User"] = $error;
	SPITFORM($formfields, $returning, $errors);
	PAGEFOOTER();
	return;
969
    }
970
    $joining_uid = $user->uid();
971 972
}

973 974 975 976 977 978 979 980
#
# For wikionly registration, we are done.
# 
if ($forwikionly) {
    header("Location: wikiregister.php3?finished=1");
    exit();
}

981 982 983 984
#
# If this sitevar is set, check to see if this addition will create a
# mix of admin and non-admin people in the group. 
#
985
if ($ISOLATEADMINS && isset($project) &&
986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016
    !$project->IsMember($user, $ignore)) {
    $members = $project->MemberList();

    foreach ($members as $other_user) {
	if ($user->admin() != $other_user->admin()) {
	    if ($returning) {
		$errors["Joining Project"] =
		    "Improper mix of admin and non-admin users";
		SPITFORM($formfields, $returning, $errors);
		PAGEFOOTER();
		return;
	    }
	    else {
		#
		# The user creation still succeeds, which is good. Do not
		# want the effort to be wasted. But need to indicate that
		# something went wrong. Lets send email to tbops since this
		# should be an uncommon problem.
		#
		TBERROR("New user '$joining_uid' attempted to join project ".
			"'$pid'\n".
			"which would create a mix of admin and non-admin ".
			"users\n", 0);
		
		header("Location: joinproject.php3?finished=1");
		return;
	    }
	}
    }
}

1017 1018 1019 1020 1021 1022
# Done if no project to join
if (!isset($project)) {
    header("Location: joinproject.php3?finished=1");
    exit();
}

1023
#
1024
# If joining a subgroup, also add to project group.
1025
#
1026
if ($pid != $gid && ! $project->IsMember($user, $ignore)) {
1027 1028 1029
    if ($project->AddNewMember($user) < 0) {
	TBERROR("Could not add user $joining_uid to project group $pid", 1);
    }
1030 1031 1032
}

#
1033 1034
# Add to the group, but with trust=none. The project/group leader will have
# to upgrade the trust level, making the new user real.
1035
#
1036 1037
if ($group->AddNewMember($user) < 0) {
    TBERROR("Could not add user $joining_uid to group $pid/$gid", 1);
1038 1039
}

1040 1041 1042
#
# Generate an email message to the proj/group leaders.
#
1043
if ($returning) {
1044
    $group->NewMemberNotify($user);
1045
}
1046 1047 1048 1049 1050 1051 1052

#
# Spit out a redirect so that the history does not include a post
# in it. The back button skips over the post and to the form.
# See above for conclusion.
# 
header("Location: joinproject.php3?finished=1");
Russ Fish's avatar
Russ Fish committed
1053
?>