changeuid.php 3.79 KB
Newer Older
1 2
<?php
#
3
# Copyright (c) 2000-2007, 2012 University of Utah and the Flux Group.
4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
# 
# {{{EMULAB-LICENSE
# 
# This file is part of the Emulab network testbed software.
# 
# This file is free software: you can redistribute it and/or modify it
# under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or (at
# your option) any later version.
# 
# This file is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public
# License for more details.
# 
# You should have received a copy of the GNU Affero General Public License
# along with this file.  If not, see <http://www.gnu.org/licenses/>.
# 
# }}}
23 24 25 26 27 28
#
include("defs.php3");

#
# Only admin users ...
#
29 30 31
$this_user = CheckLoginOrDie();
$uid       = $this_user->uid();
$isadmin   = ISADMIN();
32 33

if (!$isadmin) {
34
    USERERROR("You do not have permission to change login names!", 1);
35 36 37
}

#
38
# Verify page/form arguments.
39
#
40 41 42
$reqargs = RequiredPageArguments("target_user", PAGEARG_USER);
$optargs = OptionalPageArguments("submit",      PAGEARG_STRING,
				 "new_uid",     PAGEARG_STRING);
43

44
$target_uid = $target_user->uid();
45
$target_idx = $target_user->uid_idx();
46 47

if ($target_user->status() != TBDB_USERSTATUS_UNAPPROVED) {
48 49 50 51
    USERERROR("The user $target_uid must be ".
	      "unapproved (but verified) to change!", 1);
}

52
function SPITFORM($target_user, $new_uid, $error)
53 54 55
{
    global $TBDB_UIDLEN;
    
56 57
    $target_uid   = $target_user->uid();
    $target_webid = $target_user->webid();
58
    $new_uid      = CleanString($new_uid);
59 60 61 62 63 64 65
    
    #
    # Standard Testbed Header.
    #
    PAGEHEADER("Change login UID for user");

    if ($error) {
66 67 68
        # XSS prevention.
	$error = CleanString($error);
	
69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96
	echo "<center>
              <font size=+1 color=red>$error</font>
              </center><br>\n";
    }
    else {
	echo "<center>
              <font size=+1>
              Please enter the new UID for user '$target_uid'<br><br>
              </font>
              </center>\n";
    }

    echo "<table align=center border=1>
          <form action=changeuid.php method=post>
          <tr>
              <td>New UID:</td>
              <td><input type=text
                         name=\"new_uid\"
                         value=\"$new_uid\"
	                 size=$TBDB_UIDLEN
	                 maxlength=$TBDB_UIDLEN></td>
          </tr>
          <tr>
             <td align=center colspan=2>
                 <b><input type=submit value=\"Change UID\"
                           name=submit></b>
             </td>
          </tr>
97
	  <input type=hidden name=user value=$target_webid>
98 99 100 101 102
          </form>
          </table>\n";

    echo "<br><br>\n";
    echo "<center>\n";
103
    $target_user->Show();
104 105 106 107 108 109 110 111 112
    echo "</center>\n";

    PAGEFOOTER();
    return;
}

#
# If not clicked, then put up a form.
#
113
if (! isset($submit)) {
114
    SPITFORM($target_user, "", null);
115 116 117 118 119 120
    return;
}

# Sanity checks
$error = null;

121 122 123 124
if (! isset($new_uid) || $new_uid == "") {
    $error = "UID: Must supply a new UID";
}
elseif (!TBvalid_uid($new_uid)) {
125 126
    $error = "UID: " . TBFieldErrorString();
}
127
elseif (User::Lookup($new_uid) || posix_getpwnam($new_uid)) {
128 129 130 131
    $error = "UID: Already in use. Pick another";
}

if ($error) {
132
    SPITFORM($target_user, $new_uid, $error);
133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148
    return;
}

#
# Standard Testbed Header.
#
PAGEHEADER("Change login UID for user");

# Okay, call out to backend to change.

STARTBUSY("Changing UID");

#
# Run the backend script.
#
SUEXEC($uid, $TBADMINGROUP,
149
       "webchangeuid $target_idx $new_uid", SUEXEC_ACTION_USERERROR);
150 151 152

# Stop the busy indicator and zap to user page.
STOPBUSY();
153
PAGEREPLACE(CreateURL("showuser", $target_user));
154 155 156 157 158 159 160 161

#
# Standard Testbed Footer
# 
PAGEFOOTER();
?>