newmmlist.php3 10.6 KB
Newer Older
1 2 3
<?php
#
# EMULAB-COPYRIGHT
4
# Copyright (c) 2000-2007 University of Utah and the Flux Group.
5 6 7 8 9 10 11 12 13 14 15
# All rights reserved.
#
include("defs.php3");

#
# No Standard Testbed Header; going to spit out a redirect later.
#

#
# Only known and logged in users.
#
16 17
$this_user = CheckLoginOrDie();
$uid       = $this_user->uid();
18
$dbid      = $this_user->dbid();
19
$isadmin   = ISADMIN();
20

21 22 23 24 25 26
#
# Verify page arguments.
#
$optargs = OptionalPageArguments("submit",       PAGEARG_STRING,
				 "formfields",   PAGEARG_ARRAY);

27 28 29
#
# See what projects the uid can do this in.
#
30
$projlist = $this_user->ProjectAccessList($TB_PROJECT_READINFO);
31 32 33 34 35 36

if (! count($projlist)) {
    USERERROR("You do not appear to be a member of any Projects in which ".
	      "you have permission to create new mailing lists", 1);
}

37 38 39 40 41
#
# Spit the form out using the array of data. 
# 
function SPITFORM($formfields, $errors)
{
42
    global $TBDB_MMLENGTH, $projlist, $OURDOMAIN;
43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66

    PAGEHEADER("Create a new MailMan list");
    
    if ($errors) {
	echo "<table class=nogrid
                     align=center border=0 cellpadding=6 cellspacing=0>
              <tr>
                 <th align=center colspan=2>
                   <font size=+1 color=red>
                      &nbsp;Oops, please fix the following errors!&nbsp;
                   </font>
                 </td>
              </tr>\n";

	while (list ($name, $message) = each ($errors)) {
	    echo "<tr>
                     <td align=right>
                       <font color=red>$name:&nbsp;</font></td>
                     <td align=left>
                       <font color=red>$message</font></td>
                  </tr>\n";
	}
	echo "</table><br>\n";
    }
67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103
    else {
	echo "<blockquote><blockquote>
              <center>
               <font size=+1>
                 Host your own project related mailing lists at $OURDOMAIN
               </font>
              </center><br>
              Use the form below to create a new mailing list. You will
              become the administrator for the new list, and are responsible
              for the list configuration and management, including user
              subscriptions, approval, etc. <b>Note that mailing lists
              should be related to your project in some manner; please,
              no lists discussing the latest episode of your favorite TV
              show.</b>
	      </blockquote></blockquote>\n";
    }

    echo "<SCRIPT LANGUAGE=JavaScript>
              function Changed(theform) 
              {
                  var pidx   = theform['formfields[pid]'].selectedIndex;
                  var pid    = theform['formfields[pid]'].options[pidx].value;
                  var list   = theform['formfields[listname]'].value;

                  if (pid == '') {
                      theform['formfields[fullname]'].value = '';
                  }
                  else if (list == '') {
                      theform['formfields[fullname]'].value = pid + '-';
                  }
                  else {
                      theform['formfields[fullname]'].value =
                        pid + '-' + theform['formfields[listname]'].value +
                        '@' + '$OURDOMAIN';
                  }
              }
          </SCRIPT>\n";
104 105 106 107 108 109 110 111

    echo "<br>
          <table align=center border=1> 
          <tr>
             <td align=center colspan=2>
                 <em>(Fields marked with * are required)</em>
             </td>
          </tr>
112 113 114 115 116 117 118 119 120 121 122 123 124 125
          <form action='newmmlist.php3' method=post name=myform>\n";

    #
    # Select Project
    #
    echo "<tr>
              <td>*Select Project:</td>
              <td><select name=\"formfields[pid]\"
                          onChange='Changed(myform);'>
                      <option value=''>Please Select &nbsp</option>\n";
    
    while (list($project) = each($projlist)) {
	$selected = "";

126
	if ($formfields["pid"] == $project)
127 128 129 130 131 132 133
	    $selected = "selected";
	
	echo "        <option $selected value='$project'>$project </option>\n";
    }
    echo "       </select>";
    echo "    </td>
          </tr>\n";
134 135 136 137 138 139 140 141

    #
    # Select List Name
    #
    echo "<tr>
              <td>*List Name (no blanks):</td>
              <td class=left>
                  <input type=text
142
                         onChange='Changed(myform);'
143
                         name=\"formfields[listname]\"
144
                         value=\"" . $formfields["listname"] . "\"
145 146 147 148 149
	                 size=$TBDB_MMLENGTH
                         maxlength=$TBDB_MMLENGTH>
              </td>
          </tr>\n";

150 151 152 153 154 155 156 157 158
    #
    # This is auto filled in by the javascript above.
    # 
    echo "<tr>
              <td>EMail Address (will be):</td>
              <td class=left>
                  <input type=text
                         readonly 
                         name=\"formfields[fullname]\"
159
                         value=\"" . $formfields["fullname"] . "\"
160 161 162 163 164
	                 size=$TBDB_MMLENGTH
                         maxlength=$TBDB_MMLENGTH>
              </td>
          </tr>\n";

165 166 167 168 169 170 171 172 173
    #
    # Password. Note that we do not resend the password. User
    # must retype on error.
    #
    echo "<tr>
              <td colspan>*Admin Password:</td>
              <td class=left>
                  <input type=password
                         name=\"formfields[password1]\"
174
                         value=\"" . $formfields["password1"] . "\"
175 176 177 178 179 180 181 182
                         size=8></td>
          </tr>\n";

    echo "<tr>
              <td colspan>*Retype Password:</td>
              <td class=left>
                  <input type=password
                         name=\"formfields[password2]\"
183
                         value=\"" . $formfields["password2"] . "\"
184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200
                         size=8></td>
         </tr>\n";

    echo "<tr>
              <td align=center colspan=2>
                  <b><input type=submit name=submit value=Submit></b>
              </td>
          </tr>\n";

    echo "</form>
          </table>\n";

    echo "<br>
          <blockquote><blockquote>
          After you click submit, the mailing list will be created on our
          server, and you will be automatically redirected to the list
          configuration page. Feel free to edit the configuration as you like.
201 202 203 204 205 206 207 208 209 210
          <br><br>
          Emulab mailing lists are maintained using the open source
          <a href=http://www.gnu.org/software/mailman/index.html>Mailman</a>
          package. You can find documentation for
          <a href=http://www.gnu.org/software/mailman/users.html>Users</a>
          and documentation for 
          <a href=http://www.gnu.org/software/mailman/admins.html>
          List Managers</a> on the Mailman
          <a href=http://www.gnu.org/software/mailman/docs.html>
          documentation</a> page.
211 212 213 214 215 216
          </blockquote></blockquote>\n";
}

#
# On first load, display a virgin form and exit.
#
217
if (!isset($submit)) {
218
    $defaults = array();
219 220 221 222 223
    $defaults["pid"]  = "";
    $defaults["password1"]   = "";
    $defaults["password2"]   = "";
    $defaults["listname"]    = "";
    $defaults["fullname"]    = "";
224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241

    #
    # Allow formfields that are already set to override defaults
    #
    if (isset($formfields)) {
	while (list ($field, $value) = each ($formfields)) {
	    $defaults[$field] = $formfields[$field];
	}
    }
    
    SPITFORM($defaults, 0);
    PAGEFOOTER();
    return;
}

#
# Otherwise, must validate and redisplay if errors
#
242 243
$errors  = array();
$project = null;
244 245

#
246
# Project:
247 248 249
#
if (!isset($formfields["pid"]) ||
    strcmp($formfields["pid"], "") == 0) {
250 251
    $errors["Project"] = "Not Selected";
}
252 253
elseif (!TBvalid_pid($formfields["pid"])) {
    $errors["Project"] = "Invalid project name";
254
}
255 256
elseif (! ($project = Project::Lookup($formfields["pid"]))) {
    $errors["Project"] = "Invalid project name";
257
}
258
elseif (! $project->AccessCheck($this_user, $TB_PROJECT_READINFO)) {
259
    $errors["Project"] = "Not enough permission";
260
}
261 262 263 264 265 266 267

#
# List Name, but only if pid was okay.
#
if ($project) {
    if (!isset($formfields["listname"]) ||
	strcmp($formfields["listname"], "") == 0) {
268
	$errors["List Name"] = "Missing Field";
269 270
    }
    else {
271
	$listname = $project->pid() . "-" . $formfields["listname"];
272
	
273 274 275 276 277 278 279 280 281 282 283 284 285
	if (! TBvalid_mailman_listname($listname)) {
	    $errors["List Name"] =
		"Must be alphanumeric and must begin with an alphanumeric";
	}
	elseif (strlen($listname) > $TBDB_MMLENGTH) {
	    $errors["List Name"] =
		"Too long! ".
		"Must be less than or equal to $TBDB_MMLENGTH";
	}
	else {
            #
            # Before we proceed, lets see if the list already exists.
            #
286 287
	    $safe_name = addslashes($listname);
	    
288 289
	    $query_result =
		DBQueryFatal("select * from mailman_listnames ".
290
			     "where listname='$safe_name'");
291
	
292 293 294
	    if (mysql_num_rows($query_result)) {
		$errors["List Name"] = "Name already in use; pick another";
	    }
295 296 297 298 299 300 301
	}
    }
}

#
# Password
#
302 303
if (!isset($formfields["password1"]) ||
    strcmp($formfields["password1"], "") == 0) {
304 305
    $errors["Password"] = "Missing Field";
}
306 307
if (!isset($formfields["password2"]) ||
    strcmp($formfields["password2"], "") == 0) {
308 309
    $errors["Confirm Password"] = "Missing Field";
}
310
elseif (strcmp($formfields["password1"], $formfields["password2"])) {
311 312
    $errors["Confirm Password"] = "Does not match Password";
}
313
elseif (! TBvalid_userdata($formfields["password1"])) {
314 315 316 317 318 319 320 321 322 323 324 325 326
    $errors["Password"] = "Invalid Characters";
}

#
# If any errors, respit the form with the current values and the
# error messages displayed. Iterate until happy.
# 
if (count($errors)) {
    SPITFORM($formfields, $errors);
    PAGEFOOTER();
    return;
}

327 328 329
$listname = $project->pid() . "-" . $formfields["listname"];
$safename = addslashes($listname);
$password = $formfields["password1"];
330 331 332 333 334 335 336 337

#
# Need to lock the table for this. 
# 
DBQueryFatal("lock tables mailman_listnames write");

$query_result =
    DBQueryFatal("select * from mailman_listnames ".
338
		 "where listname='$safename'");
339 340 341 342 343 344 345 346
if (mysql_num_rows($query_result)) {
    DBQueryFatal("unlock tables");
    $errors["List Name"] = "Name already in use; pick another";
    SPITFORM($formfields, $errors);
    PAGEFOOTER();
    return;
}

347 348
DBQueryFatal("insert into mailman_listnames ".
	     " (listname, owner_uid, owner_idx, created) ".
349
	     "values ('$safename', '$uid', '$dbid', now())");
350 351 352 353 354 355
DBQueryFatal("unlock tables");

#
# Okay, call out to the backend to create the actual list. 
#
$retval = SUEXEC($uid, $TBADMINGROUP,
356 357
		 "webaddmmlist -u " . escapeshellarg($listname) . " $uid " .
		           escapeshellarg($password),
358 359 360 361 362
		 SUEXEC_ACTION_IGNORE);

# Failed? Remove the DB entry.
if ($retval != 0) {
    DBQueryFatal("delete from mailman_listnames ".
363
		 "where listname='$safename'");
364 365 366 367 368 369 370 371
    SUEXECERROR(SUEXEC_ACTION_DIE);
}

#
# Okay, redirect the user over to the listadmin page to finish configuring.
#
header("Location: ${MAILMANURL}/admin/${listname}/?adminpw=${password}");
?>