1. 20 Jan, 2004 1 commit
    • Robert Ricci's avatar
      Check for an account on boss with the submitted username - this will · e48dc6ba
      Robert Ricci authored
      prevent people from asking for 'root', 'toor', etc. as usernames, and
      will hopefully help with new installations, which may have created
      accounts by hand. Note that this checks boss only, not ops.
      
      Also fixed a bug in newproject.php3 that was incorrectly letting
      through duplicate usernames.
      e48dc6ba
  2. 22 Dec, 2003 2 commits
  3. 19 Dec, 2003 1 commit
  4. 18 Dec, 2003 2 commits
    • Leigh B. Stoller's avatar
      Added check to make sure that uid does not already exist. This is · 7e50b223
      Leigh B. Stoller authored
      usually handled via uid cookie we get back from the browser, but if
      the user Clicks stop or maybe has cookies off, we don't that info.
      7e50b223
    • Leigh B. Stoller's avatar
      First try at solving the problem of validating user input for the · 8dbead16
      Leigh B. Stoller authored
      zillions of DB fields that we have to set. My solution was to add a
      meta table that describes what is a legal value for each table/slot
      for which we take from user input. The table looks like this right
      now, but is likely to adapt as we get more experience with this
      approach (or it might get tossed if it turns out to be a pain in the
      ass!).
      
      	CREATE TABLE table_regex (
      	  table_name varchar(64) NOT NULL default '',
      	  column_name varchar(64) NOT NULL default '',
      	  column_type enum('text','int','float') default NULL,
      	  check_type enum('regex','function','redirect') default NULL,
      	  check tinytext NOT NULL,
      	  min int(11) NOT NULL default '0',
      	  max int(11) NOT NULL default '0',
      	  comment tinytext,
      	  UNIQUE KEY table_name (table_name,column_name)
      	) TYPE=MyISAM;
      
      Entries in this table look like this:
      
      	('virt_nodes','vname','text','regex','^[-\\w]+$',1,32,NULL);
      
      Which says that the vname slot of the virt_nodes table (which we trust the
      user to give us in some form) is a text field to be checked with the given
      regex (perlre of course), and that the min/max length of the text field is
      1 and 32 chars respectively.
      
      Now, you wouldn't want to write the same regex over and over, and since we
      use the same fields in many tables (like pid, eid, vname, etc) there is an
      option to redirect to another entry (recursively). So, for "PID" I do this:
      
              ('eventlist','pid','text','redirect','projects:pid',0,0,NULL);
      
      which redirects to:
      
      	('projects','pid','text','regex','^[a-zA-Z][-\\w]+$',2,12,NULL);
      
      And, for many fields you just want to describe generically what could go
      into it. For that I have defined some default fields. For example, a user
      description:
      
              ('experiment,'usr_name','text','redirect','default:tinytext',0,0,NULL);
      
      which redirects to:
      
      	('default','tinytext','text','regex','^[\\040-\\176]*$',0,256,NULL);
      
      and this says that a tinytext (in our little corner of the database
      universe) field can have printable characters (but not a newline), and
      since its a tinytext field, its maxlen is 256 chars.
      
      You also have integer fields, but these are little more irksome in the
      details.
      
      	('default','tinyint,'int,'regex','^[\\d]+$',-128,127,NULL);
      
      and you would use this anyplace you do not care about the min/max values
      being something specific in the tinyint range. The range for a float is of
      course stated as an integer, and thats kinda bogus, but we do not have many
      floats, and they generally do not take on specific values anyway.
      
      A note about the min/max fields and redirecting. If the initial entry has
      non-zero min/max fields, those are the min mac fields used. Otherwise they
      come from the default. So for example, you can do this:
      
          ('experiments','mem_usage','int','redirect','default:tinyint',0,5,NULL);
      
      So, you can redirect to the standard "tinyint" regular expression, but you
      still get to define min/max for the specific field.
      
      Isn't this is really neat and really obtuse too? Sure, you can say it.
      
      Anyway, xmlconvert now sends all of its input through these checks (its
      all wrapped up in library calls), and if a slot does not have an entry, it
      throws an error so that we are forced to define entries for new slots as we
      add them.
      
      In the web page, I have changed all of the public pages (login, join
      project, new project, and a couple of others) to also use these checks.
      As with the perl code, its all wrapped up in a library. Lots more code
      needs to be changed of course, but this is a start.
      8dbead16
  5. 10 Dec, 2003 1 commit
  6. 01 Dec, 2003 1 commit
  7. 14 Nov, 2003 1 commit
  8. 11 Nov, 2003 1 commit
  9. 12 Sep, 2003 1 commit
  10. 09 Sep, 2003 1 commit
  11. 20 May, 2003 1 commit
    • Chad Barb's avatar
      · 4df405d6
      Chad Barb authored
      Users can, via, moduserinfo, set a preferred shell.
      One of {tcsh, bash, csh, sh}.
      When users are created, they are given tcsh.
      All users which already exist have been given tcsh.
      4df405d6
  12. 28 Apr, 2003 1 commit
    • Leigh B. Stoller's avatar
      Add support for new {user,group,project,experiment}_stats tables. · 5e5508bf
      Leigh B. Stoller authored
      The first three are aggregate tables, while the experiment stats table
      gets a record for each new experiment, and is updated when an
      experiment is swapped in/out/modify or terminated. Look at the table
      to see what is tracked. Once the experiment_stats record is updated,
      the aggregate tables are updated as necessary. There are a bunch of
      ugly changes to assign_wrapper to get the stats. Note that pnodes is
      not incremented until an experiment sucessfully swaps in. This is in
      leu of getting status codes; I'm not tracking failed operations yet,
      nor creating the log file that Jay wants. I'll do that in the next
      round of changes when we see how useful these numbers are.
      
      Most of the changes are to create/delete table entries where
      appropriate, and to display the records. Display is only under admin
      mode, and the display is raw; just a dump of the assoc tables in php.
      The last 100 experiment stats records are available via the Experiment
      List page, using the "Stats" show option at the top. Bad place, but
      will do for now.
      5e5508bf
  13. 24 Apr, 2003 1 commit
  14. 22 Apr, 2003 1 commit
  15. 15 Apr, 2003 1 commit
    • Chad Barb's avatar
      · ccefbf0e
      Chad Barb authored
      Nit; remove legend for "+" (recommended) on fields,
      since there are no recommended fields!
      ccefbf0e
  16. 14 Apr, 2003 1 commit
    • Chad Barb's avatar
      · 67a08472
      Chad Barb authored
      - Added 'Country' to users table
      - Changed "Zip" to "ZIP/Postal Code"
      - Reformatted Postal Address Forms
      67a08472
  17. 04 Apr, 2003 1 commit
    • Leigh B. Stoller's avatar
      Add "Address Line 2", City, State, and Zip as independent entities, · 5e38412f
      Leigh B. Stoller authored
      finally! These have been in the DB for a long time, but never used.
      As Eric pointed out, its easier to get realistic address info from
      people if we provide the right forms. The downside is that all current
      users will have to adjust their info the next time they edit their
      info. Thats okay. I thought about forcing all users to do it the next
      time they log in, but I figured people would scream.
      5e38412f
  18. 29 Mar, 2003 1 commit
    • Leigh B. Stoller's avatar
      Add target_pid,target_gid arguments to joinproject page so that · 26bccd9e
      Leigh B. Stoller authored
      we can send links that cause those fields to be filled in for people.
      Add those links to email generated by newproject and newgroup pages
      so that they can be saved by the leaders.
      
      Add a bit of referrer magic to login page. When clicked from the join
      or new project pages, tell login page to pass along the referrer page
      so that when login is complete, user is zapped back to the original
      page. This is especially nice when combined with the above change to
      joinproject, whereby we send along the target pid/gid, but the user
      has not yet logged in and remembers to do so via the link at the top
      of the page.
      26bccd9e
  19. 25 Mar, 2003 1 commit
  20. 06 Mar, 2003 3 commits
  21. 10 Dec, 2002 2 commits
  22. 09 Dec, 2002 2 commits
  23. 05 Dec, 2002 1 commit
    • Mac Newbold's avatar
      First set of changes for proj head and all group roots in the group to get · 0c8a345c
      Mac Newbold authored
      mail instead of just the proj head. So far, the only mail that really does
      it is the swap requests, but others are coming soon, especially new user
      application mail and the like.
      
      Also clarified some of the documentation about students starting projects.
      New project page says they can't, and that their advisor has to do it,
      then links to auth.html, which says they can with prior special
      permission. Hopefully we won't get too many more students making project
      apps and messing things up.
      0c8a345c
  24. 24 Oct, 2002 1 commit
  25. 01 Oct, 2002 1 commit
    • Robert Ricci's avatar
      Change user verification keys. Verification key is now an md5 hash · a4e8ca5b
      Robert Ricci authored
      of a random number, as suggested in the php manual. This number
      is stashed in the database, in the new verify_key column in the
      users table.
      
      Rename the functions that generate and get the keys, and move from
      defs.php3 to dbdefs.php3, since they're now DB operations.
      a4e8ca5b
  26. 20 Sep, 2002 1 commit
  27. 16 Sep, 2002 1 commit
  28. 10 Sep, 2002 2 commits
    • Chad Barb's avatar
      · 7b685a09
      Chad Barb authored
      Fixed this up a bit.. commented out "change default values"
      since there _are no_ default values.
      7b685a09
    • Chad Barb's avatar
      · 35a9c90c
      Chad Barb authored
      Improved error reporting style.. also added image for uky,
      though right now it is the same as the standard image
      (will edit it soon.)
      35a9c90c
  29. 26 Aug, 2002 2 commits
  30. 20 Aug, 2002 1 commit
  31. 29 Jul, 2002 1 commit
    • Leigh B. Stoller's avatar
      Widearea permission changes: · d3c6f9c8
      Leigh B. Stoller authored
      * Two new fields on the new project page that ask the project leader to
        specify how many ron and pcplab nodes they need. There is a link to a
        page that should describe these nodes, but thats blank.
      
      * The project approval page will add a couple of checkboxes for ron and
        pcplab nodes. This will allow the project to be approved independent of
        the ron/pcplab usage. So, you can approve the project but decline the
        request to use those nodes types (or just one of them).
      
      * The project table in the DB has a "list" of remote node types for which
        accounts should be built. Its implemented as a set and it can contain
        just two node types (pcron, pcplab) right now. The set is created in
        the approval page, and someday we can add a page to operate on that
        set directly if we need it.
      d3c6f9c8
  32. 07 Jul, 2002 1 commit