newproject.php3 38.3 KB
Newer Older
1
<?php
Leigh Stoller's avatar
Leigh Stoller committed
2
#
3
# Copyright (c) 2000-2014 University of Utah and the Flux Group.
4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
# 
# {{{EMULAB-LICENSE
# 
# This file is part of the Emulab network testbed software.
# 
# This file is free software: you can redistribute it and/or modify it
# under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or (at
# your option) any later version.
# 
# This file is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public
# License for more details.
# 
# You should have received a copy of the GNU Affero General Public License
# along with this file.  If not, see <http://www.gnu.org/licenses/>.
# 
# }}}
Leigh Stoller's avatar
Leigh Stoller committed
23
#
24 25
include("defs.php3");

26
#
27 28 29
# No PAGEHEADER since we spit out a Location header later. See below.
# 

30
#
31
# Get current user.
32 33
#
$this_user = CheckLogin($check_status);
34

35 36 37 38
#
# Verify page arguments.
#
$optargs = OptionalPageArguments("submit",       PAGEARG_STRING,
39 40
				 "uid",          PAGEARG_STRING,
				 "email",        PAGEARG_STRING,
41 42 43
				 "finished",     PAGEARG_BOOLEAN,
				 "formfields",   PAGEARG_ARRAY);

44 45 46 47 48
#
# See if we are in an initial Emulab setup.
#
$FirstInitState = (TBGetFirstInitState() == "createproject");

49 50 51
# Need this below;
$show_sslcertbox = TBGetSiteVar("protogeni/show_sslcertbox");

52
#
53 54 55
# If a uid came in, then we check to see if the login is valid.
# If the login is not valid. We require that the user be logged in
# to start a second project.
56
#
57
if ($this_user && !$FirstInitState) {
58 59
    # Allow unapproved users to create multiple projects ...
    # Must be verified though.
60 61
    CheckLoginOrDie(CHECKLOGIN_UNAPPROVED|CHECKLOGIN_WEBONLY);
    $proj_head_uid = $this_user->uid();
62
    $returning = 1;
63
}
64 65 66 67 68
else {
    #
    # No uid, so must be new.
    #
    $returning = 0;
69
}
70
unset($addpubkeyargs);
71

Leigh Stoller's avatar
Leigh Stoller committed
72 73 74
$ACCOUNTWARNING =
    "Before continuing, please make sure your username " .
    "reflects your normal login name. ".
75
    "Emulab accounts are not to be shared amongst users!";
76

Leigh Stoller's avatar
Leigh Stoller committed
77 78 79
$EMAILWARNING =
    "Before continuing, please make sure the email address you have ".
    "provided is current and non-pseudonymic. Redirections and anonymous ".
80 81
    "email addresses are not allowed.";

82 83 84 85 86
#
# Spit the form out using the array of data. 
# 
function SPITFORM($formfields, $returning, $errors)
{
87
    global $TBDB_UIDLEN, $TBDB_PIDLEN, $TBDOCBASE, $WWWHOST;
88
    global $usr_keyfile, $FirstInitState;
89
    global $ACCOUNTWARNING, $EMAILWARNING;
90
    global $WIKISUPPORT, $WIKIHOME, $USERSELECTUIDS;
91
    global $WIKIDOCURL, $TBMAINSITE;
92
    global $PROTOGENI, $show_sslcertbox;
93
    
94
    PAGEHEADER("Start a New Testbed Project");
95

96 97 98
    #
    # First initialization gets different text
    #
99
    if ($FirstInitState) {
100 101 102
	echo "<center><font size=+1>
	      Please create your initial project.<br> A good Project Name
              for your first project is probably 'testbed', but you can
103
              choose anything you like. 
104 105 106
              </font></center><br>\n";
    }
    else {
107
	echo "<center><font size=+1>
108 109 110
                 If you are a <font color=red>student
                 (undergrad or graduate)</font>, please
                 do not try to start a project! <br>Your advisor must do it.
111
                 <a href='$WIKIDOCURL/Auth' target='_blank'>
112
                 Read this for more info.</a>
113
              </font></center><br>\n";
114 115 116 117 118 119 120 121

	if (! $returning) {
	    echo "<center><font size=+1>
                   If you already have an Emulab account,
                   <a href=login.php3?refer=1>
                   <font color=red>please log on first!</font></a>
                   </font></center><br>\n";
	}
122 123
    }

124
    if ($errors) {
125 126
	echo "<table class=nogrid
                     align=center border=0 cellpadding=6 cellspacing=0>
127
              <tr>
128
                 <th align=center colspan=2>
129
                   <font size=+1 color=red>
130
                      &nbsp;Oops, please fix the following errors!&nbsp;
131 132 133 134 135
                   </font>
                 </td>
              </tr>\n";

	while (list ($name, $message) = each ($errors)) {
136 137
            # XSS prevention.
	    $message = CleanString($message);
138
	    echo "<tr>
139 140 141 142
                     <td align=right>
                       <font color=red>$name:&nbsp;</font></td>
                     <td align=left>
                       <font color=red>$message</font></td>
143 144 145 146
                  </tr>\n";
	}
	echo "</table><br>\n";
    }
147 148 149 150
    # XSS prevention.
    while (list ($key, $val) = each ($formfields)) {
	$formfields[$key] = CleanString($val);
    }
151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178
    echo "<SCRIPT LANGUAGE=JavaScript>
              function SetWikiName(theform) 
              {
	          var validchars = 'abcdefghijklmnopqrstuvwxyz0123456789';
                  var usrname    = theform['formfields[usr_name]'].value;
                  var wikiname   = '';
                  var docap      = 1;

		  for (var i = 0; i < usrname.length; i++) {
                      var letter = usrname.charAt(i).toLowerCase();

                      if (validchars.indexOf(letter) == -1) {
                          if (letter == ' ') {
                              docap = 1;
                          }
                          continue;
                      }
                      else {
                          if (docap == 1) {
                              letter = usrname.charAt(i).toUpperCase()
                              docap  = 0;
                          }
                          wikiname = wikiname + letter;
                      }
                  }
                  theform['formfields[wikiname]'].value = wikiname;
              }
          </SCRIPT>\n";
179

Leigh Stoller's avatar
Leigh Stoller committed
180
    echo "<div align=center>
181 182
             <font color=red size=-2>Fields marked with * are required</font>
          </div>\n";
183

184
    echo "<table align=center border=1> 
185
          <form enctype=multipart/form-data name=myform
186
                action=newproject.php3 method=post>\n";
187 188 189 190 191 192

    if (! $returning) {
        #
        # Start user information stuff. Presented for new users only.
        #
	echo "<tr>
193 194
                  <th colspan=3 class=center>
                      Project Head Information<br>
195 196
                      <font size=-2>
                       (Prospective project leaders please read our
197
                       <a href='$WIKIDOCURL/AdminPolicies' target='_blank'>
198
                       Administrative Policies</a>)</font>
199
                  </th>
200 201 202
              </tr>\n";

        #
203
        # UID:
204
        #
205
	if ($USERSELECTUIDS || $FirstInitState) {
206 207
	    echo "<tr>
                      <td colspan=2>*<a
208
                             href='$WIKIDOCURL/SecReqs'
209
                             target=_blank>Username</a>
210
                                (alphanumeric):</td>
211 212 213
                      <td class=left>
                          <input type=text
                                 name=\"formfields[proj_head_uid]\"
214
                                 value=\"" . $formfields["proj_head_uid"] . "\"
215 216 217 218 219 220
	                         size=$TBDB_UIDLEN
                                 onchange=\"alert('$ACCOUNTWARNING')\"
	                         maxlength=$TBDB_UIDLEN>
                      </td>
                  </tr>\n";
	}
221 222 223 224 225

	#
	# Full Name
	#
        echo "<tr>
226
                  <td colspan=2>*Full Name (first and last):</td>
227 228 229
                  <td class=left>
                      <input type=text
                             name=\"formfields[usr_name]\"
230
                             value=\"" . $formfields["usr_name"] . "\"
231
                             onchange=\"SetWikiName(myform);\"
232 233 234 235
	                     size=30>
                  </td>
              </tr>\n";

236 237 238 239 240 241
	#
	# WikiName
	#
	if ($WIKISUPPORT) {
	    echo "<tr>
                      <td colspan=2>*
242
                          <a href=${WIKIHOME}/bin/view/TWiki/WikiName
243 244 245
                            target=_blank>WikiName</a>:<td class=left>
                          <input type=text
                                 name=\"formfields[wikiname]\"
246
                                 value=\"" . $formfields["wikiname"] . "\"
247 248 249 250 251
	                         size=30>
                      </td>
                  </tr>\n";
	}

252 253 254 255
        #
	# Title/Position:
	# 
	echo "<tr>
256
                  <td colspan=2>*Job Title/Position:</td>
257 258 259
                  <td class=left>
                      <input type=text
                             name=\"formfields[usr_title]\"
260
                             value=\"" . $formfields["usr_title"] . "\"
261 262 263 264 265 266 267 268
	                     size=30>
                  </td>
              </tr>\n";

        #
	# Affiliation:
	# 
	echo "<tr>
269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286
                      <td colspan=2>*Institutional Affiliation:</td>
                      <td class=left>
			<table>
                          <tr>
                          <td>Name</td>
                          <td><input type=text
                                 name=\"formfields[usr_affil]\"
                                 value=\"" . $formfields["usr_affil"] . "\"
	                         size=40></td></tr>
			  <tr>
                          <td>Abbreviation:</td>
                          <td><input type=text
                                 name=\"formfields[usr_affil_abbrev]\"
                                 value=\"" . $formfields["usr_affil_abbrev"] . "\"
	                         size=16 maxlength=16> (e.g. MIT)</td>
			  </tr>
        		</table>
                      </td>
287 288 289 290 291 292
              </tr>\n";

	#
	# User URL
	#
	echo "<tr>
293
                  <td colspan=2>Home Page URL:</td>
294 295 296
                  <td class=left>
                      <input type=text
                             name=\"formfields[usr_URL]\"
297
                             value=\"" . $formfields["usr_URL"] . "\"
298 299 300 301 302 303 304 305
	                     size=45>
                  </td>
              </tr>\n";

	#
	# Email:
	#
	echo "<tr>
306
                  <td colspan=2>*Email Address[<b>1</b>]:</td>
307 308 309
                  <td class=left>
                      <input type=text
                             name=\"formfields[usr_email]\"
310
                             value=\"" . $formfields["usr_email"] . "\"
311
                             onchange=\"alert('$EMAILWARNING')\"
312 313 314 315 316
	                     size=30>
                  </td>
              </tr>\n";


317 318 319 320 321
	echo "<tr><td colspan=3>*Postal Address:<br /><center>
		<table>
		  <tr><td>Line 1</td><td colspan=3>
                    <input type=text
                           name=\"formfields[usr_addr]\"
322
                           value=\"" . $formfields["usr_addr"] . "\"
323 324 325 326
	                   size=45></td></tr>
		  <tr><td>Line 2</td><td colspan=3>
                    <input type=text
                           name=\"formfields[usr_addr2]\"
327
                           value=\"" . $formfields["usr_addr2"] . "\"
328 329 330 331
	                   size=45></td></tr>
		  <tr><td>City</td><td>
                    <input type=text
                           name=\"formfields[usr_city]\"
332
                           value=\"" . $formfields["usr_city"] . "\"
333 334 335 336
	                   size=25></td>
		      <td>State/Province</td><td>
                    <input type=text
                           name=\"formfields[usr_state]\"
337
                           value=\"" . $formfields["usr_state"] . "\"
338 339 340 341
	                   size=2></td></tr>
		  <tr><td>ZIP/Postal Code</td><td>
                    <input type=text
                           name=\"formfields[usr_zip]\"
342
                           value=\"" . $formfields["usr_zip"] . "\"
343 344 345 346
	                   size=10></td>
		      <td>Country</td><td>
                    <input type=text
                           name=\"formfields[usr_country]\"
347
                           value=\"" . $formfields["usr_country"] . "\"
348 349
	                   size=15></td></tr>
               </table></center></td></tr>";
350

351 352 353 354
	#
	# Phone
	#
	echo "<tr>
355
                  <td colspan=2>*Phone #:</td>
356 357 358
                  <td class=left>
                      <input type=text
                             name=\"formfields[usr_phone]\"
359
                             value=\"" . $formfields["usr_phone"] . "\"
360 361 362 363
	                     size=15>
                  </td>
              </tr>\n";

364 365 366 367
	#
	# SSH public key
	#
	echo "<tr>
368
                 <td colspan=2>Upload your SSH Pub Key[<b>3</b>]:<br>
369
                                   (4K max)</td>
370 371
   
                 <td>
372
                      <input type=hidden name=MAX_FILE_SIZE value=4096>
373 374
                      <input type=file
                             name=usr_keyfile
375 376 377
                             value=\"" .
	                           (isset($_FILES['usr_keyfile']) ?
				    $_FILES['usr_keyfile']['name'] : "") . "\"
378 379 380
	                     size=50>
                  </td>
              </tr>\n";
381
	
382 383 384 385 386
	#
	# Password. Note that we do not resend the password. User
	# must retype on error.
	#
	echo "<tr>
387
                  <td colspan=2>*Password[<b>1</b>]:</td>
388 389 390
                  <td class=left>
                      <input type=password
                             name=\"formfields[password1]\"
391
                             value=\"" . $formfields["password1"] . "\"
392 393 394 395
                             size=8></td>
              </tr>\n";

        echo "<tr>
396
                  <td colspan=2>*Retype Password:</td>
397 398 399
                  <td class=left>
                      <input type=password
                             name=\"formfields[password2]\"
400
                             value=\"" . $formfields["password2"] . "\"
401 402
                             size=8></td>
             </tr>\n";
403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431

	#
	# Geni Passphrase.
	#
	if ($PROTOGENI && $show_sslcertbox && !$FirstInitState) {
	    echo "<tr></tr><tr>
                   <th class=center colspan=3>Geni Account<br>
                 <a href='http://users.emulab.net/trac/emulab/wiki/GeniBlurb'
			target=_blank><font size=-2>what's this?</font></a></th>
                  </tr>\n";

	    echo "<tr>
                  <td colspan=2>Geni SSL Pass Phrase[<b>4</b>]:</td>
                  <td class=left>
                      <input type=password
                             name=\"formfields[passphrase1]\"
                             value=\"" . $formfields["passphrase1"] . "\"
                             size=32></td>
              </tr>\n";

	    echo "<tr>
                  <td colspan=2>Retype Geni Pass Phrase:</td>
                  <td class=left>
                      <input type=password
                             name=\"formfields[passphrase2]\"
                             value=\"" . $formfields["passphrase2"] . "\"
                             size=32></td>
             </tr>\n";
	}
432 433 434 435 436
    }

    #
    # Project information
    #
437
    echo "<tr></tr><tr><th colspan=3 class=center>
438 439 440
               Project Information: 
               <!-- <em>(replace the example entries)</em> -->
              </th>
441 442 443 444 445 446
          </tr>\n";

    #
    # Project Name:
    #
    echo "<tr>
447
              <td colspan=2>*Project Name (alphanumeric):</td>
448 449 450
              <td class=left>
                  <input type=text
                         name=\"formfields[pid]\"
451
                         value=\"" . $formfields["pid"] . "\"
452 453 454 455 456 457 458 459
	                 size=$TBDB_PIDLEN maxlength=$TBDB_PIDLEN>
              </td>
          </tr>\n";

    #
    # Project Description:
    #
    echo "<tr>
460
              <td colspan=2>*Project Description:</td>
461 462 463
              <td class=left>
                  <input type=text
                         name=\"formfields[proj_name]\"
464
                         value=\"" . $formfields["proj_name"] . "\"
465 466 467 468 469 470 471 472
	                 size=40>
              </td>
          </tr>\n";

    #
    # URL:
    #
    echo "<tr>
473
              <td colspan=2>*URL:</td>
474 475 476
              <td class=left>
                  <input type=text
                         name=\"formfields[proj_URL]\"
477
                         value=\"" . $formfields["proj_URL"] . "\"
478 479 480 481 482 483 484
                         size=45>
              </td>
          </tr>\n";

    #
    # Publicly visible.
    #
Leigh Stoller's avatar
Leigh Stoller committed
485 486 487
    if (!isset($formfields["proj_public"])) {
	$formfields["proj_public"] = "";
    }
488
    echo "<tr>
489 490
              <td colspan=2>*Can we list your project publicly as
                             an \"Emulab User?\":
491 492 493 494 495 496
                  <br>
                  (See our <a href=\"projectlist.php3\"
                              target=\"Users\">Users</a> page)
              </td>
              <td><input type=checkbox value=checked
                         name=\"formfields[proj_public]\"
497
                         " . $formfields["proj_public"] . ">
498 499 500 501 502
                         Yes &nbsp
 	          <br>
                  *If \"No\" please tell us why not:<br>
                  <input type=text
                         name=\"formfields[proj_whynotpublic]\"
503
                         value=\"" . $formfields["proj_whynotpublic"] . "\"
504 505 506 507
	                 size=45>
             </td>
      </tr>\n";

508 509 510
    #
    # Will you add a link?
    #
Leigh Stoller's avatar
Leigh Stoller committed
511 512 513
    if (!isset($formfields["proj_linked"])) {
	$formfields["proj_linked"] = "";
    }
514 515
    echo "<tr>
              <td colspan=2>*Will you add a link on your project page
516
                        to <a href=\"$TBDOCBASE\" target='_blank'>$WWWHOST</a>?
517 518 519
              </td>
              <td><input type=checkbox value=checked
                         name=\"formfields[proj_linked]\"
520
                         " . $formfields["proj_linked"] . ">
521 522 523 524
                         Yes &nbsp
              </td>
      </tr>\n";

525 526 527 528
    #
    # Funders/Grant numbers
    #
    echo "<tr>
529
              <td colspan=2>*Funding Sources and Grant Numbers:<br>
530 531 532 533
                  (Type \"none\" if not funded)</td>
              <td class=left>
                  <input type=text
                         name=\"formfields[proj_funders]\"
534
                         value=\"" . $formfields["proj_funders"] . "\"
535 536 537 538 539 540 541 542
	                 size=45>
              </td>
          </tr>\n";

    #
    # Nodes and PCs and Users
    #
    echo "<tr>
543
              <td colspan=2>*Estimated #of Project Members[<b>2</b>]:</td>
544 545 546
              <td class=left>
                  <input type=text
                         name=\"formfields[proj_members]\" 
547
                         value=\"" . $formfields["proj_members"] . "\"
548 549 550 551 552
                         size=4>
              </td>
          </tr>\n";

    echo "<tr>
553
              <td colspan=2>*Estimated #of
554
        <a href=\"$TBDOCBASE/hardware.php#tbpcs\" target='_blank'>
555
                             PCs</a>[<b>2</b>]:</td>
556 557 558
              <td class=left>
                  <input type=text
                         name=\"formfields[proj_pcs]\"
559
                         value=\"" . $formfields["proj_pcs"] . "\"
560 561 562 563
                         size=4>
              </td>
          </tr>\n";

564
    if (0) {
565
	echo "<tr>
566
              <td colspan=2>Request Access to 
567
                  <a href=\"$WIKIDOCURL/widearea\"
568
                      target='_blank'>Planetlab PCs</a>:</td>
569
              <td class=left>
570
                  <input type=checkbox value=checked
571 572 573
                         name=\"formfields[proj_plabpcs]\" " .
	                  (isset($formfields["proj_plabpcs"]) ?
			   $formfields["proj_plabpcs"] : "") . ">Yes &nbsp
574 575 576 577
              </td>
          </tr>\n";

    echo "<tr>
578
              <td colspan=2>Request Access to 
579
                 <a href=\"$WIKIDOCURL/widearea\"
580
                    target='_blank'>wide-area PCs</a>:</td>
581
              <td class=left>
582
                  <input type=checkbox value=checked
583 584 585
                         name=\"formfields[proj_ronpcs]\" " .
	                  (isset($formfields["proj_ronpcs"]) ?
			   $formfields["proj_ronpcs"] : "") . ">Yes &nbsp
586 587
              </td>
          </tr>\n";
588
    }
589 590 591 592 593

    #
    # Why!
    # 
    echo "<tr>
594
              <td colspan=3>
595 596 597 598
               *Please describe how and why you'd like to use the testbed.
              </td>
          </tr>
          <tr>
599
              <td colspan=3 align=center class=left>
600 601
                  <textarea name=\"formfields[proj_why]\"
                    rows=10 cols=60>" .
602
	            str_replace("\r", "", $formfields["proj_why"]) .
603 604 605 606 607
	            "</textarea>
              </td>
          </tr>\n";

    echo "<tr>
608
              <td colspan=3 align=center>
609 610 611 612 613 614 615
                 <b><input type=submit name=submit value=Submit></b>
              </td>
          </tr>\n";

    echo "</form>
          </table>\n";

616
    echo "<h4><blockquote><blockquote><blockquote>
617 618
          <ol>
            <li> Please consult our
619
                 <a href = '$WIKIDOCURL/SecReqs' target='_blank'>
620
                 security policies</a> for information
621 622 623
                 regarding passwords and email addresses.
            <li> These estimates are for site planning purposes only,
                 and are not actual limits on your project.\n";
624 625
    if (! $returning) {
	echo "<li> If you want us to use your existing ssh public key,
626
                   then please specify the path to your
627
                   your identity.pub file. <font color=red>NOTE:</font>
628
                   We use the <a href=http://www.openssh.org target='_blank'>OpenSSH</a>
629
                   key format,
630 631
                   which has a slightly different protocol 2 public key format
                   than some of the commercial vendors such as
632
                   <a href=http://www.ssh.com target='_blank'>SSH Communications</a>. If you
633
                   use one of these commercial vendors, then please
634 635
                   upload the public key file and we will convert it
                   for you.\n";
636 637 638 639 640 641
	if ($PROTOGENI && $show_sslcertbox && !$FirstInitState) {
	    echo "<li>";
	    echo "Pick a good pass phrase! They can be (much) longer than
                  Unix passwords; 10 to 30 character phrases are good,
                  and may include spaces and punctuation.";
	}
642 643
    }
    echo "</ol>
644
          </blockquote></blockquote></blockquote>
645
          </h4>\n";
646
}
647 648 649 650

#
# The conclusion of a newproject request. See below.
# 
651
if (isset($finished)) {
652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671
    PAGEHEADER("Start a New Testbed Project");

    echo "<center><h2>
           Your project request has been successfully queued.
          </h2></center>
          Testbed Operations has been notified of your application.
          Most applications are reviewed within a day; some even within
          the hour, but sometimes as long as a week (rarely). We will notify
          you by e-mail when a decision has been made.\n";

    if (! $returning) {
	echo "<br>
              <p>
              In the meantime, as a new user of the Testbed you will receive
              a key via email.
              When you receive the message, please follow the instructions
              contained in the message on how to verify your account.\n";
    }
    PAGEFOOTER();
    return;
672
}
673 674 675 676

#
# On first load, display a virgin form and exit.
#
677
if (! isset($submit)) {
678
    $defaults = array();
679
    $defaults["proj_head_uid"]  = (isset($uid) ? $uid : "");
680 681 682 683
    $defaults["usr_name"]       = "";
    $defaults["wikiname"]       = "";
    $defaults["usr_title"]      = "";
    $defaults["usr_affil"]      = "";
684
    $defaults["usr_affil_abbrev"] = "";
685
    $defaults["usr_URL"]        = "$HTTPTAG";
686
    $defaults["usr_email"]      = (isset($email) ? $email : "");
687 688 689 690 691 692 693 694 695
    $defaults["usr_addr"]       = "";
    $defaults["usr_addr2"]      = "";
    $defaults["usr_city"]       = "";
    $defaults["usr_state"]      = "";
    $defaults["usr_zip"]        = "";
    $defaults["usr_country"]    = "USA";
    $defaults["usr_phone"]      = "";
    $defaults["password1"]      = "";
    $defaults["password2"]      = "";
696 697
    $defaults["passphrase1"]    = "";
    $defaults["passphrase2"]    = "";
698 699 700 701 702 703 704 705 706 707 708 709 710
    
    $defaults["pid"]            = "";
    $defaults["proj_name"]      = "";
    $defaults["proj_URL"]       = "$HTTPTAG";
    $defaults["proj_public"]    = "checked";
    $defaults["proj_whynotpublic"] = "";
    $defaults["proj_linked"]    = "checked";
    $defaults["proj_funders"]   = "";
    $defaults["proj_members"]   = "";
    $defaults["proj_pcs"]       = "";
    $defaults["proj_ronpcs"]    = "";
    $defaults["proj_plabpcs"]   = "";
    $defaults["proj_why"]       = "";
711

712
    if ($FirstInitState) {
713 714 715 716 717 718
	$defaults["pid"]          = "testbed";
	$defaults["proj_pcs"]     = "256";
	$defaults["proj_members"] = "256";
	$defaults["proj_funders"] = "none";
	$defaults["proj_name"]    = "Your Testbed Project";
	$defaults["proj_why"]     = "This project is used for testbed ".
719 720
	    "administrators to develop and test new software. ";
    }
721 722 723 724
    
    SPITFORM($defaults, $returning, 0);
    PAGEFOOTER();
    return;
725
}
726 727 728 729

# Form submitted. Make sure we have a formfields array.
if (!isset($formfields)) {
    PAGEARGERROR("Invalid form arguments.");
730
}
731

Leigh Stoller's avatar
Leigh Stoller committed
732
#TBERROR("A\n\n" . print_r($formfields, TRUE), 0);
Leigh Stoller's avatar
Leigh Stoller committed
733

734 735 736 737 738 739 740 741 742
#
# Otherwise, must validate and redisplay if errors
#
$errors = array();

#
# These fields are required!
#
if (! $returning) {
743
    if ($USERSELECTUIDS || $FirstInitState) {
744 745
	if (!isset($formfields["proj_head_uid"]) ||
	    strcmp($formfields["proj_head_uid"], "") == 0) {
746 747
	    $errors["Username"] = "Missing Field";
	}
748
	elseif (!TBvalid_uid($formfields["proj_head_uid"])) {
749 750
	    $errors["UserName"] = TBFieldErrorString();
	}
751 752
	elseif (User::Lookup($formfields["proj_head_uid"]) ||
		posix_getpwnam($formfields["proj_head_uid"])) {
753 754
	    $errors["UserName"] = "Already in use. Pick another";
	}
755
    }
756 757
    if (!isset($formfields["usr_title"]) ||
	strcmp($formfields["usr_title"], "") == 0) {
758
	$errors["Job Title/Position"] = "Missing Field";
759
    }
760
    elseif (! TBvalid_title($formfields["usr_title"])) {
761
	$errors["Job Title/Position"] = TBFieldErrorString();
762
    }
763 764
    if (!isset($formfields["usr_name"]) ||
	strcmp($formfields["usr_name"], "") == 0) {
765 766
	$errors["Full Name"] = "Missing Field";
    }
767
    elseif (! TBvalid_usrname($formfields["usr_name"])) {
768
	$errors["Full Name"] = TBFieldErrorString();
769
    }
770
    # Make sure user name has at least two tokens!
771
    $tokens = preg_split("/[\s]+/", $formfields["usr_name"],
772 773 774 775
			 -1, PREG_SPLIT_NO_EMPTY);
    if (count($tokens) < 2) {
	$errors["Full Name"] = "Please provide a first and last name";
    }
776
    if ($WIKISUPPORT) {
777 778
	if (!isset($formfields["wikiname"]) ||
	    strcmp($formfields["wikiname"], "") == 0) {
779 780
	    $errors["WikiName"] = "Missing Field";
	}
781
	elseif (! TBvalid_wikiname($formfields["wikiname"])) {
782 783
	    $errors["WikiName"] = TBFieldErrorString();
	}
784
	elseif (User::LookupByWikiName($formfields["wikiname"])) {
785 786 787
	    $errors["WikiName"] = "Already in use. Pick another";
	}
    }
788 789
    if (!isset($formfields["usr_affil"]) ||
	strcmp($formfields["usr_affil"], "") == 0) {
790
	$errors["Affiliation Name"] = "Missing Field";
791
    }
792
    elseif (! TBvalid_affiliation($formfields["usr_affil"])) {
793 794 795 796 797 798
	$errors["Affiliation Name"] = TBFieldErrorString();
    }
    if (!isset($formfields["usr_affil_abbrev"]) ||
	strcmp($formfields["usr_affil_abbrev"], "") == 0) {
	$errors["Affiliation Abbreviation"] = "Missing Field";
    }
799
    elseif (! TBvalid_affiliation_abbreviation($formfields["usr_affil_abbrev"])) {
800
	$errors["Affiliation Name"] = TBFieldErrorString();
801
    }
802 803
    if (!isset($formfields["usr_email"]) ||
	strcmp($formfields["usr_email"], "") == 0) {
804 805
	$errors["Email Address"] = "Missing Field";
    }
806
    elseif (! TBvalid_email($formfields["usr_email"])) {
807
	$errors["Email Address"] = TBFieldErrorString();
808
    }
809
    elseif (User::LookupByEmail($formfields["usr_email"])) {
810 811 812
        #
        # Treat this error separate. Not allowed.
        #
813 814
	$errors["Email Address"] =
	    "Already in use. <b>Did you forget to login?</b>";
815
    }
816 817 818
    if (isset($formfields["usr_URL"]) &&
	strcmp($formfields["usr_URL"], "") &&
	strcmp($formfields["usr_URL"], $HTTPTAG) &&
819 820 821 822 823 824 825 826 827 828
	! $FirstInitState) {
	if (strcmp($HTTPTAG,
		   substr($formfields["usr_URL"], 0, strlen($HTTPTAG))) &&
	    strcmp($HTTPSTAG,
		   substr($formfields["usr_URL"], 0, strlen($HTTPSTAG)))) {
	    $formfields["usr_URL"] = "${HTTPTAG}" . $formfields["usr_URL"];
	}
	if (! CHECKURL($formfields["usr_URL"], $urlerror)) {
	    $errors["Home Page URL"] = $urlerror;
	}
829
    }
830 831
    if (!isset($formfields["usr_addr"]) ||
	strcmp($formfields["usr_addr"], "") == 0) {
832 833
	$errors["Address 1"] = "Missing Field";
    }
834
    elseif (! TBvalid_addr($formfields["usr_addr"])) {
835 836 837
	$errors["Address 1"] = TBFieldErrorString();
    }
    # Optional
838 839
    if (isset($formfields["usr_addr2"]) &&
	!TBvalid_addr($formfields["usr_addr2"])) {
840
	$errors["Address 2"] = TBFieldErrorString();
841
    }
842 843
    if (!isset($formfields["usr_city"]) ||
	strcmp($formfields["usr_city"], "") == 0) {
844 845
	$errors["City"] = "Missing Field";
    }
846
    elseif (! TBvalid_city($formfields["usr_city"])) {
847 848
	$errors["City"] = TBFieldErrorString();
    }
849 850
    if (!isset($formfields["usr_state"]) ||
	strcmp($formfields["usr_state"], "") == 0) {
851 852
	$errors["State"] = "Missing Field";
    }
853
    elseif (! TBvalid_state($formfields["usr_state"])) {
854 855
	$errors["State"] = TBFieldErrorString();
    }
856 857
    if (!isset($formfields["usr_zip"]) ||
	strcmp($formfields["usr_zip"], "") == 0) {
858 859
	$errors["ZIP/Postal Code"] = "Missing Field";
    }
860
    elseif (! TBvalid_zip($formfields["usr_zip"])) {
861 862
	$errors["Zip/Postal Code"] = TBFieldErrorString();
    }
863 864
    if (!isset($formfields["usr_country"]) ||
	strcmp($formfields["usr_country"], "") == 0) {
865
	$errors["Country"] = "Missing Field";
866
    }
867
    elseif (! TBvalid_country($formfields["usr_country"])) {
868 869
	$errors["Country"] = TBFieldErrorString();
    }
870 871
    if (!isset($formfields["usr_phone"]) ||
	strcmp($formfields["usr_phone"], "") == 0) {
872 873
	$errors["Phone #"] = "Missing Field";
    }
874
    elseif (!TBvalid_phone($formfields["usr_phone"])) {
875
	$errors["Phone #"] = TBFieldErrorString();
876
    }
877 878
    if (!isset($formfields["password1"]) ||
	strcmp($formfields["password1"], "") == 0) {
879 880
	$errors["Password"] = "Missing Field";
    }
881 882
    if (!isset($formfields["password2"]) ||
	strcmp($formfields["password2"], "") == 0) {
883 884
	$errors["Confirm Password"] = "Missing Field";
    }
885
    elseif (strcmp($formfields["password1"], $formfields["password2"])) {
886 887
	$errors["Confirm Password"] = "Does not match Password";
    }
888
    elseif (! CHECKPASSWORD((($USERSELECTUIDS || $FirstInitState) ?
889 890 891 892
			     $formfields["proj_head_uid"] : "ignored"),
			    $formfields["password1"],
			    $formfields["usr_name"],
			    $formfields["usr_email"], $checkerror)) {
893 894
	$errors["Password"] = "$checkerror";
    }
895 896 897 898 899 900 901 902 903
    if ($PROTOGENI && $show_sslcertbox &&
	isset($formfields["passphrase1"]) && $formfields["passphrase1"] != "") {
	if (!isset($formfields["passphrase2"]) ||
	    $formfields["passphrase2"] == "") {
	    $errors["Confirm Pass Phrase"] = "Missing Field";
	}
	elseif ($formfields["passphrase1"] != $formfields["passphrase2"]) {
	    $errors["Confirm Pass Phrase"] = "Does not match Pass Phrase";
	}
904 905 906 907
	elseif (strlen($formfields["passphrase1"]) < $TBDB_MINPASSPHRASE) {
	    $errors["Pass Phrase"] =
		"Too short; $TBDB_MINPASSPHRASE char minimum";
	}
908 909 910 911 912 913 914 915
	elseif (! CHECKPASSWORD(($USERSELECTUIDS ?
				 $formfields["proj_head_uid"] : "ignored"),
				$formfields["passphrase1"],
				$formfields["usr_name"],
				$formfields["usr_email"], $checkerror)) {
	    $errors["Pass Phrase"] = "$checkerror";
	}
    }
916
}
917

918 919
if (!isset($formfields["pid"]) ||
    strcmp($formfields["pid"], "") == 0) {
920
    $errors["Project Name"] = "Missing Field";
921
}
922
else {
923 924 925 926 927 928
    # Lets not allow pids that are too long, via this interface.
    if (strlen($formfields["pid"]) > $TBDB_PIDLEN) {
	$errors["Project Name"] =
	    "too long - $TBDB_PIDLEN chars maximum";
    }
    elseif (!TBvalid_newpid($formfields["pid"])) {
929
	$errors["Project Name"] = TBFieldErrorString();
930
    }
931
    elseif (Project::LookupByPid($formfields["pid"])) {
932 933 934
	$errors["Project Name"] =
	    "Already in use. Select another";
    }
935
}
936

937 938
if (!isset($formfields["proj_name"]) ||
    strcmp($formfields["proj_name"], "") == 0) {
939
    $errors["Project Description"] = "Missing Field";
940
}
941
elseif (! TBvalid_description($formfields["proj_name"])) {
942 943
    $errors["Project Description"] = TBFieldErrorString();
}
944 945 946
if (!isset($formfields["proj_URL"]) ||
    strcmp($formfields["proj_URL"], "") == 0 ||
    strcmp($formfields["proj_URL"], $HTTPTAG) == 0) {    
947
    $errors["Project URL"] = "Missing Field";
948
}
949 950 951 952 953 954 955 956 957 958
elseif (! $FirstInitState) {
    if (strcmp($HTTPTAG,
	       substr($formfields["proj_URL"], 0, strlen($HTTPTAG))) &&
	strcmp($HTTPSTAG,
	       substr($formfields["proj_URL"], 0, strlen($HTTPSTAG)))) {
	$formfields["proj_URL"] = "${HTTPTAG}" . $formfields["proj_URL"];
    }
    if (!CHECKURL($formfields["proj_URL"], $urlerror)) {
	$errors["Project URL"] = $urlerror;
    }
959
}
960 961
if (!isset($formfields["proj_funders"]) ||
    strcmp($formfields["proj_funders"], "") == 0) {
962
    $errors["Funding Sources"] = "Missing Field";
963
}
964
elseif (! TBvalid_description($formfields["proj_funders"])) {
965 966
    $errors["Funding Sources"] = TBFieldErrorString();
}
967 968
if (!isset($formfields["proj_members"]) ||
    strcmp($formfields["proj_members"], "") == 0) {
969
    $errors["#of Members"] = "Missing Field";
970
}
971
elseif (! TBvalid_num_members($formfields["proj_members"])) {
972
    $errors["#of Members"] = TBFieldErrorString();
973
}
974 975
if (!isset($formfields["proj_pcs"]) ||
    strcmp($formfields["proj_pcs"], "") == 0) {
976
    $errors["#of PCs"] = "Missing Field";
977
}
978
elseif (! TBvalid_num_pcs($formfields["proj_pcs"])) {
979
    $errors["#of PCs"] = TBFieldErrorString();
980
}
981

982 983 984
if (isset($formfields["proj_plabpcs"]) &&
    strcmp($formfields["proj_plabpcs"], "") &&
    strcmp($formfields["proj_plabpcs"], "checked")) {
985
    $errors["Planetlab Access"] = "Bad Value";
986
}
987 988 989
if (isset($formfields["proj_ronpcs"]) &&
    strcmp($formfields["proj_ronpcs"], "") &&
    strcmp($formfields["proj_ronpcs"], "checked")) {
990
    $errors["Ron Access"] = "Bad Value";
991
}
992 993
if (!isset($formfields["proj_why"]) ||
    strcmp($formfields["proj_why"], "") == 0) {
994
    $errors["How and Why?"] = "Missing Field";
995
}
996
elseif (! TBvalid_why($formfields["proj_why"])) {
997
    $errors["How and Why?"] = TBFieldErrorString();
998
}
999 1000 1001 1002
if ((!isset($formfields["proj_public"]) ||
     strcmp($formfields["proj_public"], "checked")) &&
    (!isset($formfields["proj_whynotpublic"]) ||
     strcmp($formfields["proj_whynotpublic"], "") == 0)) {
1003
    $errors["Why Not Public?"] = "Missing Field";
1004
}
1005 1006 1007
if (isset($formfields["proj_linked"]) &&
    strcmp($formfields["proj_linked"], "") &&
    strcmp($formfields["proj_linked"], "checked")) {
1008 1009
    $errors["Link to Us"] = "Bad Value";
}
1010

Leigh Stoller's avatar
Leigh Stoller committed
1011
# Present these errors before we call out to do anything else.
1012 1013 1014 1015 1016 1017 1018
if (count($errors)) {
    SPITFORM($formfields, $returning, $errors);
    PAGEFOOTER();
    return;
}

#
1019
# Create the User first, then the Project/Group.
1020 1021 1022
# Certain of these values must be escaped or otherwise sanitized.
#
if (!$returning) {
1023
    $args = array();
1024 1025 1026 1027 1028 1029 1030 1031 1032
    $args["name"]	   = $formfields["usr_name"];
    $args["email"]         = $formfields["usr_email"];
    $args["address"]       = $formfields["usr_addr"];
    $args["address2"]      = $formfields["usr_addr2"];
    $args["city"]          = $formfields["usr_city"];
    $args["state"]         = $formfields["usr_state"];
    $args["zip"]           = $formfields["usr_zip"];
    $args["country"]       = $formfields["usr_country"];
    $args["phone"]         = $formfields["usr_phone"];
1033
    $args["shell"]         = 'tcsh';
1034 1035
    $args["title"]         = $formfields["usr_title"];
    $args["affiliation"]   = $formfields["usr_affil"];
1036
    $args["affiliation_abbreviation"] = $formfields["usr_affil_abbrev"];
1037
    $args["password"]      = $formfields["password1"];
1038 1039 1040 1041
    if ($WIKISUPPORT) {
        $args["wikiname"] = $formfields["wikiname"];
    }

1042 1043 1044
    if (isset($formfields["usr_URL"]) &&
	$formfields["usr_URL"] != $HTTPTAG && $formfields["usr_URL"] != "") {
	$args["URL"] = $formfields["usr_URL"];
1045
    }
1046
    if ($USERSELECTUIDS || $FirstInitState) {
1047
	$args["uid"] = $formfields["proj_head_uid"];
1048
    }
1049 1050 1051 1052 1053 1054 1055 1056

    # Backend verifies pubkey and returns error.
    if (isset($_FILES['usr_keyfile']) &&
	$_FILES['usr_keyfile']['name'] != "" &&
	$_FILES['usr_keyfile']['name'] != "none") {

	$localfile = $_FILES['usr_keyfile']['tmp_name'];
	$args["pubkey"] = file_get_contents($localfile);
1057
    }
1058 1059 1060 1061
    if ($PROTOGENI && $show_sslcertbox &&
	isset($formfields["passphrase1"]) && $formfields["passphrase1"] != "") {
	$args["passphrase"] = $formfields["passphrase1"];
    }
1062

1063 1064 1065 1066 1067 1068 1069 1070 1071
    # Just collect the user XML args here and pass the file to NewNewProject.
    # Underneath, newproj calls newuser with the XML file.
    #
    # Calling newuser down in Perl land makes creation of the leader account
    # and the project "atomic" from the user's point of view.  This avoids a
    # problem when the DB is locked for daily backup: in newproject, the call
    # on NewNewUser would block and then unblock and get done; meanwhile the
    # PHP thread went away so we never returned here to call NewNewProject.
    #
1072
    if (! ($newuser_xml = User::NewNewUserXML($args, $error)) != 0) {
1073
	$errors["Error Creating User XML"] = $error;
Leigh Stoller's avatar
Leigh Stoller committed
1074
	TBERROR("B\n${error}\n\n" . print_r($args, TRUE), 0);
1075 1076 1077
	SPITFORM($formfields, $returning, $errors);
	PAGEFOOTER();
	return;
1078
    }
1079
}
1080

1081 1082 1083 1084
#
# Now for the new Project
#
$args = array();
1085 1086 1087 1088 1089 1090 1091 1092
if (isset($newuser_xml)) {
    $args["newuser_xml"]   = $newuser_xml;
}
if ($returning) {
    # An existing, logged-in user is starting the project.
    $args["leader"]	   = $this_user->uid();
}
$args["name"]		   = $formfields["pid"];
1093 1094 1095 1096 1097 1098 1099
$args["short description"] = $formfields["proj_name"];
$args["URL"]               = $formfields["proj_URL"];
$args["members"]           = $formfields["proj_members"];
$args["num_pcs"]           = $formfields["proj_pcs"];
$args["long description"]  = $formfields["proj_why"];
$args["funders"]           = $formfields["proj_funders"];
$args["whynotpublic"]      = $formfields["proj_whynotpublic"];
1100

1101 1102
if (!isset($formfields["proj_public"]) ||
    $formfields["proj_public"] != "checked") {
1103
    $args["public"] = 0;
1104 1105
}
else {
1106
    $args["public"] = 1;
1107
}
1108 1109
if (!isset($formfields["proj_linked"]) ||
    $formfields["proj_linked"] != "checked") {
1110
    $args["linkedtous"] = 0;
1111 1112
}
else {
1113
    $args["linkedtous"] = 1;
1114
}
1115 1116
if (isset($formfields["proj_plabpcs"]) &&
    $formfields["proj_plabpcs"] == "checked") {
1117
    $args["plab"] = 1;
1118
}
1119 1120
if (isset($formfields["proj_ronpcs"]) &&
    $formfields["proj_ronpcs"] == "checked") {
1121
    $args["ron"] = 1;
1122
}
1123

1124
if (! ($project = Project::NewNewProject($args, $error))) {
1125
    $errors["Error Creating Project"] = $error;
Leigh Stoller's avatar
Leigh Stoller committed
1126
    TBERROR("C\n${error}\n\n" . print_r($args, TRUE), 0);
1127 1128 1129
    SPITFORM($formfields, $returning, $errors);
    PAGEFOOTER();
    return;
1130
}
1131

1132
#
1133 1134
# Need to do some extra work for the first project; eventually move to backend
# 
1135
if ($FirstInitState) {
1136 1137
    $leader = $project->GetLeader();
    $proj_head_uid = $leader->uid();
1138 1139
    # Set up the management group (emulab-ops).
    Group::Initialize($proj_head_uid);
1140
    
1141 1142 1143
    #
    # Move to next phase. 
    # 
1144
    $pid = $formfields["pid"];
1145 1146 1147 1148 1149 1150
    TBSetFirstInitPid($pid);
    TBSetFirstInitState("approveproject");
    header("Location: approveproject.php3?pid=$pid&approval=approve");
    return;
}

1151
#
1152 1153 1154
# Spit out a redirect so that the history does not include a post
# in it. The back button skips over the post and to the form.
# See above for conclusion.
1155
# 
1156 1157
header("Location: newproject.php3?finished=1");

1158
?>