approveproject.php3 7.45 KB
Newer Older
1 2 3 4 5 6 7 8 9 10
<html>
<head>
<title>New Users Approved</title>
<link rel='stylesheet' href='tbstyle.css' type='text/css'>
</head>
<body>
<?php
include("defs.php3");

#
11
# Only known and logged in users can do this.
12 13 14 15 16 17
#
LOGGEDINORDIE($uid);

#
# Of course verify that this uid has admin privs!
#
18 19
$isadmin = ISADMIN($uid);
if (! $isadmin) {
20 21 22 23
    USERERROR("You do not have admin privledges to approve projects!", 1);
}

echo "<center><h1>
24
      Approving Project '$pid' ...
25 26 27
      </h1></center>";

#
28
# Grab the head_uid for this project. This verifies it is a valid project.
29
#
30 31 32 33 34 35 36 37 38
$query_result = mysql_db_query($TBDBNAME,
	"SELECT head_uid from projects where pid='$pid'");
if (! $query_result) {
    TBERROR("Database Error restrieving project leader for $pid", 1);
}
if (($row = mysql_fetch_row($query_result)) == 0) {
    TBERROR("Unknown project $pid", 1);
}
$headuid = $row[0];
39

40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61
#
# Get the current status for the headuid, which we might need to change
# anyway, and to verify that the user is a valid user. We also need
# the email address to let the user know what happened.
#
# We change the status only if this person is starting his first project.
# In this case, the status will be either "newuser" or "unapproved",
# and we will change it to "unapproved" or "active", respectively.
# If the status is "active", we leave it alone. 
#
$query_result = mysql_db_query($TBDBNAME,
	"SELECT status,usr_email from users where uid='$headuid'");
if (! $query_result) {
    TBERROR("Database Error restrieving user status for $headuid", 1);
}
if (mysql_num_rows($query_result) == 0) {
    TBERROR("Unknown user $headuid", 1);
}
$row = mysql_fetch_row($query_result);
$curstatus     = $row[0];
$headuid_email = $row[1];
#echo "Status = $curstatus, Email = $headuid_email<br>\n";
62

63 64 65 66 67 68 69 70 71 72 73 74
#
# Then we check that the headuid is really listed in the proj_memb
# table, just to be sure.
#
$query_result = mysql_db_query($TBDBNAME,
	"SELECT trust from proj_memb where uid='$headuid' and pid='$pid'");
if (! $query_result) {
    TBERROR("Database Error retrieving trust for $headuid in $pid", 1);
}
if (mysql_num_rows($query_result) == 0) {
    USERERROR("User $headuid is not the leader of project $pid.", 1);
}
75

76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91
#
# Well, looks like everything is okay. Change the project approval
# value appropriately.
#
if (strcmp($approval, "postpone") == 0) {
    echo "<p><h3>
             Project approval for project $pid (User: $headuid) was
             postponed for later decision.
          </h3>\n";
}
elseif (strcmp($approval, "moreinfo") == 0) {
    mail("$headuid_email",
         "TESTBED: Project Approval Postponed",
         "\n".
         "This message is to notify you that your project application\n".
         "for $pid has been postponed until we have more information\n".
92
         "You can just reply to this message to provide more information\n".
93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108
         "\n$message".
         "\n\n".
         "Thanks,\n".
         "Testbed Ops\n".
         "Utah Network Testbed\n",
         "From: $TBMAIL_CONTROL\n".
         "Cc: $TBMAIL_CONTROL\n".
         "Errors-To: $TBMAIL_WWW");

    echo "<p><h3>
             Project approval for project $pid (User: $headuid) was
             postponed pending the reception of more information.
          </h3>\n";
}
elseif ((strcmp($approval, "deny") == 0) ||
	(strcmp($approval, "destroy") == 0)) {
109
    #
110 111
    # Must delete the proj_memb and project records since we require a
    # new application once denied. Send the luser email to let him know. 
112 113
    #
    $query_result = mysql_db_query($TBDBNAME,
114
	    "delete from proj_memb where uid='$headuid' and pid='$pid'");
115
    if (! $query_result) {
116 117 118
        TBERROR("Database Error removing project membership record for ".
                "project $pid (user: $headuid) after being denied.",
                1);
119 120
    }
    $query_result = mysql_db_query($TBDBNAME,
121
	    "delete from projects where pid='$pid'");
122
    if (! $query_result) {
123 124 125
        TBERROR("Database Error removing project record for project ".
                "project $pid (user: $headuid) after being denied.",
                1);
126 127
    }

128 129 130 131 132 133 134 135 136 137 138 139 140
    mail("$headuid_email",
         "TESTBED: Project Denied",
         "\n".
         "This message is to notify you that your project application\n".
         "for $pid has been denied\n".
         "\n$message".
         "\n\n".
         "Thanks,\n".
         "Testbed Ops\n".
         "Utah Network Testbed\n",
         "From: $TBMAIL_CONTROL\n".
         "Cc: $TBMAIL_CONTROL\n".
         "Errors-To: $TBMAIL_WWW");
141 142

    #
143 144
    # Well, if the "destroy" option was given, kill the users account
    # from the database.
145
    #
146
    if (strcmp($approval, "destroy") == 0) {
147
        $query_result = mysql_db_query($TBDBNAME,
148
	    "delete from users where uid='$headuid'");
149
        if (! $query_result) {
150 151
	    TBERROR("Database Error removing user record for $headuid ".
                    "after project $pid was denied(destroyed).", 
152 153 154 155
                    1);
        }

        mail("$headuid_email",
156 157 158 159
             "TESTBED: Account Terminated",
    	     "\n".
             "This message is to notify you that your account has been \n".
             "terminated because your project $pid was denied\n".
160 161 162 163 164 165 166
             "\n\n".
             "Thanks,\n".
             "Testbed Ops\n".
             "Utah Network Testbed\n",
             "From: $TBMAIL_CONTROL\n".
             "Cc: $TBMAIL_CONTROL\n".
             "Errors-To: $TBMAIL_WWW");
167
    }
168

169 170 171 172 173 174 175 176 177 178 179 180 181 182 183
    echo "<h3><p>
              Project $pid (User: $headuid) has been denied.
          </h3>\n";
}
elseif (strcmp($approval, "approve") == 0) {
    #
    # Change the trust value in proj_memb to group_root, and set the
    # project "approved" field to true. 
    #
    $query_result = mysql_db_query($TBDBNAME,
	    "UPDATE proj_memb set trust='group_root' ".
            "WHERE uid='$headuid' and pid='$pid'");
    if (! $query_result) {
        TBERROR("Database Error adding $headuid to project $pid.", 1);
    }
184

185 186 187 188 189
    $query_result = mysql_db_query($TBDBNAME,
        "UPDATE projects set approved='1' WHERE pid='$pid'");
    if (! $query_result) {
        TBERROR("Database Error setting approved field for ".
                "project $pid.", 1);
190 191
    }

192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207
    #
    # Change the status if necessary. This only happens for new users
    # being approved in their first project. After this, the status is
    # going to be "active", and we just leave it that way.
    #
    if (strcmp($curstatus, "active")) {
        if (strcmp($curstatus, "newuser") == 0) {
	    $newstatus = "unverified";
        }
        elseif (strcmp($curstatus, "unapproved") == 0) {
	    $newstatus = "active";
        }
        else {
	    TBERROR("Invalid $headuid status $curstatus in ".
                    "approveproject.php3", 1);
        }
208
        $query_result = mysql_db_query($TBDBNAME,
209
	    "UPDATE users set status='$newstatus' WHERE uid='$headuid'");
210
        if (! $query_result) {
211 212 213
            TBERROR("Database Error changing $headuid status to ".
                    "$newstatus.",
                    1);
214
        }
215
    }
216

217 218 219 220 221 222 223 224 225 226 227 228 229
    mail("$headuid_email",
         "TESTBED: Project Approval",
         "\n".
	 "This message is to notify you that your project $pid\n".
	 "has been approved.\n".
         "\n$message".
         "\n\n".
         "Thanks,\n".
         "Testbed Ops\n".
         "Utah Network Testbed\n",
         "From: $TBMAIL_CONTROL\n".
         "Cc: $TBMAIL_CONTROL\n".
         "Errors-To: $TBMAIL_WWW");
230
	
231 232 233 234 235
    echo "<h3><p>
              Project $pid (User: $headuid) has been approved.
          </h3>\n";
}
else {
236 237 238 239 240 241 242
    TBERROR("Invalid approval value $approval in approveproject.php3.", 1);
}

?>
</body>
</html>