";
$TBMAIL_WWW = "Testbed WWW <$TBMAILADDR_WWW>";
$TBMAIL_APPROVAL = "Testbed Approval <$TBMAILADDR_APPROVAL>";
$TBMAIL_LOGS = "Testbed Logs <$TBMAILADDR_LOGS>";
$TBMAIL_AUDIT = "Testbed Audit <$TBMAILADDR_AUDIT>";
#
# This just spits out an email address in a page, so it does not need
# to be configured per development tree. It could be though ...
#
$TBMAILADDR = "
Testbed Operations ($TBMAILADDR_OPS)";
# So subscripts always know ...
putenv("HTTP_SCRIPT=1");
#
# Database constants and the like.
#
include("dbdefs.php3");
#
# Control how error messages are returned to the user. If the session is
# not actually "interactive" then do not send any output to the browser.
# Just save it up and let the page deal with it.
#
$session_interactive = 1;
$session_errorhandler = 0;
#
# Wrap up the mail function so we can prepend a tag to the subject
# line that indicates what testbed. Useful when multiple testbed
# email to the same list.
#
#
function TBMAIL($to, $subject, $message, $headers = 0)
{
global $THISHOMEBASE;
global $SCRIPT_NAME;
$subject = strtoupper($THISHOMEBASE) . ": $subject";
$tag = "X-NetBed: " . basename($SCRIPT_NAME);
if ($headers) {
$headers = "$headers\n" . $tag;
}
else {
$headers = $tag;
}
return mail($to, $subject, $message, $headers);
}
#
# Internal errors should be reported back to the user simply. The actual
# error information should be emailed to the list for action. The script
# should then terminate if required to do so.
#
function TBERROR ($message, $death, $xmp = 0) {
global $TBMAIL_WWW, $TBMAIL_OPS, $TBMAILADDR, $TBMAILADDR_OPS;
global $session_interactive, $session_errorhandler;
$script = urldecode($_SERVER['REQUEST_URI']);
TBMAIL($TBMAIL_OPS,
"WEB ERROR REPORT",
"\n".
"In $script\n\n".
"$message\n\n".
"Thanks,\n".
"Testbed WWW\n",
"From: $TBMAIL_OPS\n".
"Errors-To: $TBMAIL_WWW");
if ($death) {
if ($session_interactive)
PAGEERROR("Could not continue. Please contact $TBMAILADDR");
elseif ($session_errorhandler) {
$session_errorhandler("Could not continue. ".
"Please contact $TBMAILADDR_OPS", $death);
}
exit(1);
}
return 0;
}
#
# General user errors should print something warm and fuzzy
#
function USERERROR($message, $death) {
global $TBMAILADDR;
global $session_interactive, $session_errorhandler;
if (! $session_interactive) {
if ($session_errorhandler)
$session_errorhandler($message, $death);
else
echo "$message";
if ($death)
exit(1);
return;
}
$msg = "
$message
Please contact $TBMAILADDR if you feel this message is an error.
\n";
if ($death) {
PAGEERROR($msg);
}
else
echo "$msg\n";
}
#
# A form error.
#
function FORMERROR($field) {
USERERROR("Missing field; ".
"Please go back and fill out the \"$field\" field!", 1);
}
#
# A page argument error.
#
function PAGEARGERROR($msg = 0) {
$default = "Invalid page arguments: " . $_SERVER['REQUEST_URI'];
if ($msg) {
$default = "$default
$msg";
}
USERERROR($default, 1);
}
#
# SUEXEC stuff.
#
# Save this stuff so we can generate better error messages and such.
#
$suexec_cmdandargs = "";
$suexec_retval = 0;
$suexec_output = "";
$suexec_output_array;
#
# Actions for suexec.
#
define("SUEXEC_ACTION_CONTINUE", 0);
define("SUEXEC_ACTION_DIE", 1);
define("SUEXEC_ACTION_USERERROR", 2);
define("SUEXEC_ACTION_IGNORE", 3);
define("SUEXEC_ACTION_DUPDIE", 4);
#
# An suexec error.
#
function SUEXECERROR($action)
{
global $suexec_cmdandargs, $suexec_retval;
global $suexec_output, $suexec_output_array;
$foo = "Shell Program Error. Exit status: $suexec_retval\n";
$foo .= " '$suexec_cmdandargs'\n";
$foo .= "\n";
$foo .= $suexec_output;
switch ($action) {
case SUEXEC_ACTION_CONTINUE:
TBERROR($foo, 0, 1);
break;
case SUEXEC_ACTION_DIE:
TBERROR($foo, 1, 1);
break;
case SUEXEC_ACTION_USERERROR:
USERERROR("<![CDATA[$foo]]>", 1);
break;
case SUEXEC_ACTION_IGNORE:
break;
case SUEXEC_ACTION_DUPDIE:
TBERROR($foo, 0, 1);
USERERROR("<![CDATA[$foo]]>", 1);
break;
default:
TBERROR($foo, 1, 1);
}
}
#
# Run a program as a user.
#
function SUEXEC($uid, $gid, $cmdandargs, $action) {
global $TBSUEXEC_PATH;
global $suexec_cmdandargs, $suexec_retval;
global $suexec_output, $suexec_output_array;
ignore_user_abort(1);
$suexec_cmdandargs = "$uid $gid $cmdandargs";
$suexec_output_array = array();
$suexec_output = "";
$suexec_retval = 0;
exec("$TBSUEXEC_PATH $suexec_cmdandargs",
$suexec_output_array, $suexec_retval);
# Yikes! Something is not doing integer conversion properly!
if ($suexec_retval == 255) {
$suexec_retval = -1;
}
if (count($suexec_output_array)) {
for ($i = 0; $i < count($suexec_output_array); $i++) {
$suexec_output .= "$suexec_output_array[$i]\n";
}
}
#
# The output is still available of course, via $suexec_output.
#
if ($suexec_retval == 0 || $action == SUEXEC_ACTION_IGNORE) {
return $suexec_retval;
}
SUEXECERROR($action);
# Must return the shell value!
return $suexec_retval;
}
function ADDPUBKEY($uid, $cmdandargs) {
global $TBSUEXEC_PATH;
#
# Complication. User might not have an actual account if setting or
# changing his own pubkeys. webonly, unapproved, and unverified users
# can still muck with their personal info. So, just invoke as user
# nobody. We will get audit email in case we need to track what has
# happened.
#
if (! HASREALACCOUNT($uid)) {
$uid = "nobody";
}
return SUEXEC($uid, "nobody", $cmdandargs, 0);
}
#
# Verify a URL.
#
function CHECKURL($url, &$error) {
global $HTTPTAG;
if (strlen($url)) {
if (strstr($url, " ")) {
$error = "URL is malformed; spaces are not allowed!";
return 0;
}
if (strcmp($HTTPTAG, substr($url, 0, strlen($HTTPTAG)))) {
$error = "URL is malformed; must begin with $HTTPTAG!";
return 0;
}
$fp = @fopen($url, "r");
if (! $fp) {
# Check to see if it was a redirect, in which case its OK
for ($i = 0; $i < count($http_response_header); $i++) {
if (!strcmp("Location:", substr($http_response_header[$i],0,9))) {
$is_redirect = 1;
}
}
if (!$is_redirect) {
$error = "URL is not valid; Cannot be accessed!";
return 0;
}
} else {
fclose($fp);
}
}
return 1;
}
#
# Check a password.
#
function CHECKPASSWORD($uid, $password, $name, $email, &$error)
{
global $TBCHKPASS_PATH;
$mypipe =
popen(escapeshellcmd("$TBCHKPASS_PATH $password $uid '$name:$email'"),
"w+");
if ($mypipe) {
$retval=fgets($mypipe, 1024);
if (strcmp($retval,"ok\n") != 0) {
$error = "$retval";
return 0;
}
return 1;
}
TBERROR("Checkpass Failure! Returned '$mypipe'.\n\n".
"$TBCHKPASS_PATH $password $uid '$name:$email'", 1);
}
function LASTNODELOGIN($node)
{
}
#
# A function to print the contents of an array (recursively).
# Mostly useful for debugging.
#
function ARRAY_PRINT($arr) {
if (!is_array($arr)) { echo "non-array '$arr'\n"; }
foreach ($arr as $i => $val) {
echo("'$i' - '$val'\n");
if (is_array($val)) {
echo "Sub-array $i:\n";
array_print($val);
echo "End Sub-array $i.\n";
}
}
}
#
# Beware empty spaces (cookies)!
#
require("tbauth.php3");
#
# Okay, this is what checks the login and spits out the menu.
#
require("menu.php3");
?>