Commit b7afc2a5 authored by Leigh Stoller's avatar Leigh Stoller

Fixes to integer slots in new project page. Not sure, but some kind

of problem in PHP with the unsigned int value from the regex table
for default:int, which I need to look at, but in the meantime add
proper bounds checks for the numeric fields in the new project table.
parent a0e2c0d7
......@@ -428,6 +428,10 @@ REPLACE INTO table_regex VALUES ('nseconfigs','vname','text','redirect','virt_no
REPLACE INTO table_regex VALUES ('nseconfigs','nseconfig','text','regex','^[\\040-\\176\\012\\015]*$',0,65535,NULL);
REPLACE INTO table_regex VALUES ('os_info','osname','text','regex','^[-\\w\\.]+$',2,20,NULL);
REPLACE INTO table_regex VALUES ('projects','pid','text','regex','^[a-zA-Z][-\\w]+$',2,12,NULL);
REPLACE INTO table_regex VALUES ('projects','num_members','int','redirect','default:int',0,256,NULL);
REPLACE INTO table_regex VALUES ('projects','num_pcs','int','redirect','default:int',0,2048,NULL);
REPLACE INTO table_regex VALUES ('projects','num_pcplab','int','redirect','default:int',0,2048,NULL);
REPLACE INTO table_regex VALUES ('projects','num_ron','int','redirect','default:int',0,1024,NULL);
REPLACE INTO table_regex VALUES ('reserved','vname','text','redirect','virt_nodes:vname',1,32,NULL);
REPLACE INTO table_regex VALUES ('users','uid','text','regex','^[a-zA-Z][-\\w]+$',2,8,NULL);
REPLACE INTO table_regex VALUES ('users','usr_phone','text','regex','^[-\\d\\(\\)\\+\\.x ]+$',7,64,NULL);
......
......@@ -153,6 +153,7 @@ function TBcheck_dbslot($token, $table, $column, $flag = 0)
$DBFieldErrstr = "too small - $min minimum value";
else
$DBFieldErrstr = "too large - $max maximum value";
break;
default:
TBERROR("TBcheck_dbslot: Unrecognized column_type $column_type", 1);
......@@ -220,4 +221,20 @@ function TBvalid_description($token) {
function TBvalid_integer($token) {
return TBcheck_dbslot($token, "default", "int",
TBDB_CHECKDBSLOT_WARN|TBDB_CHECKDBSLOT_ERROR);
}
\ No newline at end of file
}
function TBvalid_num_members($token) {
return TBcheck_dbslot($token, "projects", "num_members",
TBDB_CHECKDBSLOT_WARN|TBDB_CHECKDBSLOT_ERROR);
}
function TBvalid_num_pcs($token) {
return TBcheck_dbslot($token, "projects", "num_pcs",
TBDB_CHECKDBSLOT_WARN|TBDB_CHECKDBSLOT_ERROR);
}
function TBvalid_num_pcplab($token) {
return TBcheck_dbslot($token, "projects", "num_pcplab",
TBDB_CHECKDBSLOT_WARN|TBDB_CHECKDBSLOT_ERROR);
}
function TBvalid_num_ron($token) {
return TBcheck_dbslot($token, "projects", "num_ron",
TBDB_CHECKDBSLOT_WARN|TBDB_CHECKDBSLOT_ERROR);
}
......@@ -721,29 +721,29 @@ if (!isset($formfields[proj_members]) ||
strcmp($formfields[proj_members], "") == 0) {
$errors["#of Members"] = "Missing Field";
}
elseif (! TBvalid_integer($formfields[proj_members])) {
$errors["#of Members"] = "Must be numeric";
elseif (! TBvalid_num_members($formfields[proj_members])) {
$errors["#of Members"] = TBFieldErrorString();
}
if (!isset($formfields[proj_pcs]) ||
strcmp($formfields[proj_pcs], "") == 0) {
$errors["#of PCs"] = "Missing Field";
}
elseif (! TBvalid_integer($formfields[proj_pcs])) {
$errors["#of PCs"] = "Must be numeric";
elseif (! TBvalid_num_pcs($formfields[proj_pcs])) {
$errors["#of PCs"] = TBFieldErrorString();
}
if (!isset($formfields[proj_plabpcs]) ||
strcmp($formfields[proj_plabpcs], "") == 0) {
$errors["#of Planetlab PCs"] = "Missing Field";
}
elseif (! TBvalid_integer($formfields[proj_plabpcs])) {
$errors["#of Planetlab PCs"] = "Must be numeric";
elseif (! TBvalid_num_pcplab($formfields[proj_plabpcs])) {
$errors["#of Planetlab PCs"] = TBFieldErrorString();
}
if (!isset($formfields[proj_ronpcs]) ||
strcmp($formfields[proj_ronpcs], "") == 0) {
$errors["#of RON PCs"] = "Missing Field";
}
elseif (! TBvalid_integer($formfields[proj_ronpcs])) {
$errors["#of RON PCs"] = "Must be numeric";
elseif (! TBvalid_num_ron($formfields[proj_ronpcs])) {
$errors["#of RON PCs"] = TBFieldErrorString();
}
if (!isset($formfields[proj_why]) ||
strcmp($formfields[proj_why], "") == 0) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment