Commit 600d2083 authored by Leigh Stoller's avatar Leigh Stoller

Lots of changes.

parent 359a6a55
......@@ -155,7 +155,7 @@ echo " </td>
</tr>\n";
#
# PawwordL and Postal Address:
# Password and Postal Address:
#
echo "<tr>
<td>*Password:</td>
......
<html>
<head>
<title>New Users Approved</title>
<link rel='stylesheet' href='tbstyle.css' type='text/css'>
<title>Start a New Project</title>
<link rel="stylesheet" href="tbstyle.css" type="text/css">
</head>
<body>
<?php
include("defs.php3");
$auth_usr = "";
if ( ereg("php3\?([[:alnum:]]+)",$REQUEST_URI,$Vals) ) {
$auth_usr=$Vals[1];
addslashes($auth_usr);
$query = "SELECT timeout FROM login WHERE uid=\"$auth_usr\"";
$result = mysql_db_query("tbdb", $query);
$n = mysql_num_rows($result);
if ($n == 0) {
echo "<h3>You are not logged in. Please go back to the ";
echo "<a href=\"tbdb.html\" target=\"_top\"> Home Page </a> ";
echo "and log in first.</h3></body></html>";
exit;
} else {
$row = mysql_fetch_row($result);
if ($row[0] < time()) { # if their login expired
echo "<h3>You have been logged out due to inactivity.
Please log in again.</h3>\n</body></html>";
$cmnd = "DELETE FROM login WHERE uid=\"$auth_usr\"";
mysql_db_query("tbdb", $cmnd);
exit;
} else {
$timeout = time() + 86400;
$cmnd = "UPDATE login SET timeout=\"$timeout\" where uid=\"$auth_usr\"";
mysql_db_query("tbdb", $cmnd);
}
}
} else {
unset($auth_usr);
}
echo "
<h1>Approving new users...</h1>
";
$query="SELECT gid FROM grp_memb WHERE uid='$auth_usr' and trust='group_root'";
$result = mysql_db_query("tbdb", $query);
$select = "SELECT";
$group[0]="";
$n=0;
while ($row = mysql_fetch_row($result)) {
$gid = $row[0];
$group[$n]=$gid;
$n = $n + 1;
if ($select == "SELECT") {
$select .= " DISTINCT uid FROM grp_memb WHERE gid='$gid'";
} else {
$select .= " OR gid='$gid'";
}
$row = 0;
if (isset($auth_usr)) {
$uid = addslashes($auth_usr);
$query_result = mysql_db_query($TBDBNAME,
"SELECT * FROM users WHERE uid=\"$uid\"");
if (! $query_result) {
$err = mysql_error();
TBERROR("Database Error getting info for $uid: $err\n", 1);
}
$row = mysql_fetch_array($query_result);
}
$selected = mysql_db_query("tbdb", $select);
$find = "SELECT";
while ($row = mysql_fetch_row($selected)) {
$uid = $row[0];
if ($find == "SELECT") {
$find .= " DISTINCT uid,status,usr_email FROM users WHERE (status='newuser' OR status='unapproved') AND (uid='$uid'";
} else {
$find .= " OR uid='$uid'";
}
$expiretime = date("m/d/Y", time() + (86400 * 90));
?>
<table align="center" border="1">
<tr>
<td colspan="4">
<h1 align="center">Apply to Use the Utah Network Testbed</h1>
</td>
</tr>
<tr>
<td align="center" colspan="4">
Fields marked with * are required;
those marked + are highly recommended.
</td>
</tr>
<form action=grpadded.php3 method="post">
<tr>
<td colspan=2>
Project Information <em>(replace the example entries)</em>
</td>
<td colspan=2>
Project Head Information
</td>
</tr>
<?php
#
# Name: and Username:
#
echo "<tr>
<td>*Name (no blanks):</td>
<td><input type=\"text\" name=\"gid\" value=\"ucb-omcast\"></td>
<td>*Username:</td>
<td class=\"left\">
<input name=\"grp_head_uid\"";
if ($row) {
echo "type=\"readonly\" value=\"$row[uid]\">";
}
$find .= ")";
$found = mysql_db_query("tbdb", $find);
while ($row = mysql_fetch_row($found)) {
$uid = $row[0];
$status=$row[1];
$email=$row[2];
$cmd = "select gid from grp_memb where uid='$uid' and trust='none' and (";
$cmd .= "gid='$group[0]'";
$n=1;
while ( isset($group[$n]) ) { $cmd .= " or gid='$group[$n]'"; $n++; }
$cmd .=")";
$result = mysql_db_query("tbdb",$cmd);
$row=mysql_fetch_row($result);
$gid=$row[0];
if (isset($$uid)) {
if ( $$uid == "approve") {
$trust=${"$uid-trust"};
if ($status=="newuser") {
$newstatus='unverified';
} else { #Status is 'unapproved'
$newstatus='active';
}
$cmd = "update users set status='$newstatus' where uid='$uid'";
$cmd .= "and status='$status'";
$result = mysql_db_query("tbdb",$cmd);
$cmd = "update grp_memb set trust='$trust' where uid='$uid'";
$cmd .= "and trust='none' and gid='$gid'";
$result = mysql_db_query("tbdb",$cmd);
mail("$email","TESTBED: Group Approval",
"\nThis message is to notify you that you have been approved ".
"as a member of \nthe $gid group with $trust permissions.\n".
"\nYour status as a Testbed user is now $newstatus.".
"\n\nThanks,\nTestbed Ops\nUtah Network Testbed\n",
"From: Testbed Ops <testbed-ops@flux.cs.utah.edu>\n".
"Cc: Testbed WWW <testbed-www@flux.cs.utah.edu>\n".
"Errors-To: Testbed WWW <testbed-www@flux.cs.utah.edu>");
echo "<h3><p>User $uid was changed to status $newstatus and ";
echo "granted $trust permissions for group $gid.</p></h3>\n";
} elseif ( $$uid == "deny") {
# Delete all rows from grp memb that are for that person, no privs
# and one of the groups that the user is a leader of
$cmd = "delete from grp_memb where uid='$uid' and trust='none' and (";
$cmd .= "gid='$group[0]'";
$n=1;
while ( isset($group[$n]) ) { $cmd .= " or gid='$group[$n]'"; $n++; }
$cmd .=")";
$result = mysql_db_query("tbdb",$cmd);
mail("$email","TESTBED: Group Membership Denied",
"\nThis message is to notify you that you have been denied ".
"as a member of \nthe $gid group.\n".
"\nYour status as a Testbed user is still $status.".
"\n\nThanks,\nTestbed Ops\nUtah Network Testbed\n",
"From: Testbed Ops <testbed-ops@flux.cs.utah.edu>\n".
"Cc: Testbed WWW <testbed-www@flux.cs.utah.edu>\n".
"Errors-To: Testbed WWW <testbed-www@flux.cs.utah.edu>");
echo "<h3><p>User $uid was denied membership in your group.</p></h3>\n";
} else {
echo "<h3><p>User $uid was postponed for later decision.</p></h3>\n";
}
}
else {
echo "type=\"text\">";
}
echo "
</body>
</html>";
echo " </td>
</tr>\n";
#
# Long Name: and Full Name:
#
echo "<tr>
<td>*Long name:</td>
<td><input type=\"text\" name=\"grp_name\"
value=\"UCB Overlay Multicast\"></td>
<td>*Full Name:</td>
<td class=\"left\">
<input name=\"usr_name\"";
if ($row) {
echo " type=\"readonly\" value=\"$row[usr_name]\">";
} else {
echo " type=\"text\">";
}
echo " </td>
</tr>\n";
#
# URL: and Title/Position:
#
echo "<tr>
<td>+URL:</td>
<td><input type=\"text\" name=\"grp_URL\"
value=\"http://www.cs.berkeley.edu/netgrp/omcast/\"></td>
<td>*Title/Position:</td>
<td class=\"left\">
<input name=\"usr_title\"";
if ($row) {
echo " type=\"readonly\" value=\"$row[usr_title]\">";
} else {
echo " type=\"text\" value=\"Professor Emeritus\">";
}
echo " </td>
</tr>\n";
#
# Expires: and Affiliation:
#
echo "<tr>
<td>When do&nbsp;you<br>
expect&nbsp;to&nbsp;be&nbsp;done<br>
using&nbsp;the&nbsp;testbed?</td>
<td><input type=\"text\" name=\"grp_expires\"
value=\"$expiretime\"></td>
<td>*Institutional<br>Affiliation:</td>
<td class=\"left\">
<input name=\"usr_affil\"";
if ($row) {
echo " type=\"readonly\" value=\"$row[usr_affil]\">";
} else {
echo " type=\"text\" value=\"UCB Networks Group\">";
}
echo " </td>
</tr>\n";
#
# Blank and Email:
#
echo "<tr>
<td></td>
<td></td>
<td>*Email<br>Address:</td>
<td class=\"left\">
<input name=\"email\"";
if ($row) {
echo " type=\"readonly\" value=\"$row[usr_email]\">";
} else {
echo " type=\"text\">";
}
echo " </td>
</tr>\n";
#
# Password and Postal Address:
#
echo "<tr>
<td>*Password:</td>
<td><input type=\"password\" name=\"password1\"></td>
<td>*Postal<br>Address:</td>
<td class=\"left\">
<input name=\"usr_addr\"";
if ($row) {
echo " type=\"readonly\" value=\"$row[usr_addr]\">";
} else {
echo " type=\"text\">";
}
echo " </td>
</tr>\n";
#
# If a new usr, then provide a second password confirmation field.
# Otherwise, a blank spot.
#
echo "<tr>";
if (! $row) {
echo "<td>*Retype<br>New Password:</td>
<td class=\"left\">
<input type=\"password\" name=\"password2\"></td>";
}
else {
echo "<td></td>
<td></td>";
}
echo " <td>*Phone #:</td>
<td class=\"left\">
<input name=\"usr_phones\"";
if ($row) {
echo " type=\"readonly\" value=\"$row[usr_phone]\">";
} else {
echo " type=\"text\">";
}
echo " </td>
</tr>\n";
?>
<tr>
<td colspan="4">
*Please describe how and why you'd like
to use the testbed, including an estimate of the number of nodes
and their type.<br> If the research is sponsored (funded),
list the sponsors.</td>
</tr>
<tr>
<td colspan="4" align="center" class="left">
<textarea name="why" rows="10" cols="70"></textarea></td>
</tr>
<tr>
<td colspan="4" align="center">
<b><input type="submit" value="Submit"></b></td>
</tr>
</form>
</table>
</body>
</html>
<html>
<head>
<title>Begin an Experiment</title>
<link rel="stylesheet" href="tbstyle.css" type="text/css">
</head>
<body>
<?php
include("defs.php3");
$uid = "";
if ( ereg("php3\?([[:alnum:]]+)",$REQUEST_URI,$Vals) ) {
$uid=$Vals[1];
addslashes($uid);
} else {
unset($uid);
}
#
# Only known and logged in users can modify info.
#
if (!isset($uid)) {
USERERROR("You must be logged in begin an experiment!", 1);
}
#
# Verify that the uid is known in the database.
#
$query_result = mysql_db_query($TBDBNAME,
"SELECT usr_pswd FROM users WHERE uid='$uid'");
if (! $query_result) {
$err = mysql_error();
TBERROR("Database Error confirming user $uid: $err\n", 1);
}
if (($row = mysql_fetch_row($query_result)) == 0) {
USERERROR("You do not appear to have an account!", 1);
}
#
# See what projects the uid is a member of. Must be at least one!
#
$query_result = mysql_db_query($TBDBNAME,
"SELECT gid FROM grp_memb WHERE uid=\"$uid\"");
if (! $query_result) {
$err = mysql_error();
TBERROR("Database Error finding project membership: $uid: $err\n", 1);
}
if (mysql_num_rows($query_result) == 0) {
USERERROR("You do not appear to be a member of an Projects!", 1);
}
?>
<br><br><center><h3>Still under Construction!</h3></center>
<table align="center" border="1">
<tr>
<td align="center" colspan="2">
<h1>Begin a new Experiment on the Testbed</h1>
</td>
</tr>
<tr>
<td align="center" colspan="3">
<em>(Fields marked with * are required)</em>
</td>
</tr>
<?php
echo "<form enctype=\"multipart/form-data\"
action=\"beginexp_process.php3\" method=\"post\">\n";
#
# UID to feed back.
#
echo "<tr>
<td>*Username:</td>
<td class=\"left\">
<input type=\"readonly\" name=\"uid\" value=\"$uid\"></td>
</tr>\n";
#
# Password until we do authentication.
#
echo "<tr>
<td>*Password:</td>
<td><input type=\"password\" name=\"password\"></td>
</tr>\n";
#
# Select Project
#
echo "<tr>
<td>*Select Project:</td>";
echo " <td><select name=\"exp_pid\">";
while ($row = mysql_fetch_array($query_result)) {
$project = $row[gid];
echo "<option value=\"$project\">$project</option>\n";
}
echo " </select>";
echo " </td>
</tr>\n";
#
# Experiment ID and Long Name:
#
echo "<tr>
<td>*Experiment Name:</td>
<td><input type=\"text\" name=\"exp_id\">
</td>
</tr>\n";
echo "<tr>
<td>*Experiment Long Name:</td>
<td><input type=\"text\" name=\"exp_name\">
</td>
</tr>\n";
#
# NS file upload.
#
echo "<tr>
<td>*Your NS file (20K max):</td>
<td><input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"20000\">
<input type=\"file\" name=\"exp_nsfile\">
</td>
</tr>\n";
#
# Expires, Starts, Ends. Also the hidden Created field.
#
$utime = time();
$year = date("Y", $utime);
$month = date("m", $utime);
$thismonth = $month++;
if ($month > 12) {
$month -= 12;
$month = "0".$month;
}
$rest = date("d H:i:s", $utime);
echo "<tr>
<td>Expiration date:</td>
<td><input type=\"text\" value=\"$year:$month:$rest\"
name=\"exp_expires\"></td>
</tr>\n";
echo "<tr>
<td>Experiment starts:</td>
<td><input type=\"text\" value=\"$year:$thismonth:$rest\"
name=\"exp_start\"></td>
<td><input type=\"hidden\" value=\"$year:$thismonth:$rest\"
name=\"exp_created\"></td>
</tr>\n";
echo "<tr>
<td>Experiment ends:</td>
<td><input type=\"text\" value=\"$year:$month:$rest\"
name=\"exp_end\"></td>
</tr>\n";
?>
<tr>
<td align="center" colspan="2">
<b><input type="submit" value="Submit"></b></td>
</tr>
</form>
</table>
</body>
</html>
<html>
<head>
<title>Utah Testbed Begin Experiment</title>
<link rel='stylesheet' href='tbstyle.css' type='text/css'>
</head>
<body>
<?php
include("defs.php3");
#
# Only known and logged in users can begin experiments.
#
if (!isset($uid)) {
USERERROR("You must be logged in to change your user information!", 1);
}
#
# Verify that the uid is known in the database.
#
$query_result = mysql_db_query($TBDBNAME,
"SELECT usr_pswd FROM users WHERE uid='$uid'");
if (! $query_result) {
$err = mysql_error();
TBERROR("Database Error confirming user $uid: $err\n", 1);
}
if (($row = mysql_fetch_row($query_result)) == 0) {
USERERROR("You do not appear to have an account!", 1);
}
#
# First off, sanity check the form to make sure all the required fields
# were provided. I do this on a per field basis so that we can be
# informative. Be sure to correlate these checks with any changes made to
# the project form. Note that this sequence of statements results in
# only the last bad field being displayed, but thats okay. The user will
# eventually figure out that fields marked with * mean something!
#
$formerror="No Error";
if (!isset($uid) ||
strcmp($uid, "") == 0) {
$formerror = "Username";
}
if (!isset($password) ||
strcmp($password, "") == 0) {
$formerror = "Password";
}
if (!isset($exp_pid) ||
strcmp($exp_pid, "") == 0) {
$formerror = "Select Project";
}
if (!isset($exp_id) ||
strcmp($exp_id, "") == 0) {
$formerror = "Experiment Name (short)";
}
if (!isset($exp_name) ||
strcmp($exp_name, "") == 0) {
$formerror = "Experiment Name (long)";
}
if (!isset($exp_created) ||
strcmp($exp_created, "") == 0) {
$formerror = "Experiment Created";
}
if (!isset($exp_nsfile) ||
strcmp($exp_nsfile, "") == 0 ||
strcmp($exp_nsfile, "none") == 0) {
$formerror = "Your NS file";
}
if ($formerror != "No Error") {
USERERROR("Missing field; Please go back and fill out ".
"the \"$formerror\" field!", 1);
}
#
# Verify the password.
#
$pswd_result = mysql_db_query($TBDBNAME,
"SELECT usr_pswd FROM users WHERE uid=\"$uid\"");
if (!$pswd_result) {
TBERROR("Database Error retrieving password for $uid: $err\n", 1);
}
if ($row = mysql_fetch_row($pswd_result)) {
$db_encoding = $row[0];
$salt = substr($db_encoding,0,2);
if ($salt[0] == $salt[1]) { $salt = $salt[0]; }
$encoding = crypt("$password", $salt);
if (strcmp($encoding, $db_encoding)) {
USERERROR("The password provided was incorrect. ".
"Please go back and retype the password.", 1);
}
}
#
# Make sure the experiment ID does not already exist.
#
$query_result = mysql_db_query($TBDBNAME,
"SELECT eid FROM experiments WHERE eid=\"$exp_id\"");
if ($row = mysql_fetch_row($query_result)) {
USERERROR("The experiment name \"$exp_id\" you have chosen is already ".
"in use. Please select another.", 1);
}
#
# Next, is this person a member of the project specified, and is the trust
# equal to group or local root?
#
# XXX Split across grp_memb and proj_memb. grp_memb needs to be flushed, but
# right now that has all the info we need.
#
$query_result = mysql_db_query($TBDBNAME,
"SELECT * FROM grp_memb WHERE gid=\"$exp_pid\" and uid=\"$uid\"");
if (($row = mysql_fetch_array($query_result)) == 0) {
USERERROR("You are not a member of Project $exp_pid, so you cannot begin ".
"an experiment in that project.", 1);
}
$trust = $row[trust];
if (strcmp($trust, "group_root") && strcmp($trust, "local_root")) {
USERERROR("You are not group or local root in Project $exp_pid, so you ".
"cannot begin an experiment in that project.", 1);
}
#
# We are going to write out the NS file to a subdir in the users
# home directory.
#
echo "$exp_nsfile<p>";
echo "$exp_nsfile_name<p>";
echo "$exp_nsfile_size<p>";
echo "$exp_nsfile_type<p>";
copy($exp_nsfile, "/tmp/foo.ns");
?>
</body>
</html>
......@@ -7,11 +7,14 @@ $TBMAIL_CONTROL = "Testbed Ops <testbed-ops@flux.cs.utah.edu>";
$TBMAIL_WWW = "Testbed WWW <testbed-www@flux.cs.utah.edu>";
$TBMAIL_APPROVE = "Testbed Approval <testbed-approval@flux.cs.utah.edu>";
$TBDBNAME = "tbdb";
$TBDIR = "/usr/testbed/www/";
$TBLIST_DIR = "/usr/testbed/www/maillist";
$TBLIST_LEADERS = "$TBLIST_DIR"."/leaders.txt";
$TBLIST_USERS = "$TBLIST_DIR"."/users.txt";
$TBUSER_DIR = "/users/";
#
# Generate the KEY from a name
#
......@@ -37,7 +40,9 @@ function TBERROR ($message, $death) {
if ($death) {
die("<br><br><h3>".
"$message <p>".
"Could not continue. Please contact $TBMAIL_WWW".
"Could not continue. Please contact ".
"<a href=\"mailto:testbed-www@flux.cs.utah.edu\">".
"Testbed WWW (testbed-www@flux.cs.utah.edu)</a>.".
"</h3><p>");
}
return 0;
......
<html>
<head>
<title>Terminate Experiment</title>
<link rel="stylesheet" href="tbstyle.css" type="text/css">
</head>
<body>
<?php
include("defs.php3");
$uid = "";
if ( ereg("php3\?([[:alnum:]]+)",$REQUEST_URI,$Vals) ) {
$uid=$Vals[1];
addslashes($uid);
} else {
unset($uid);
}
#
# Only known and logged in users can do this.
#
if (!isset($uid)) {
USERERROR("You must be logged in to sho experiment information!", 1);
}
#
# Verify that the uid is known in the database.
#
$query_result = mysql_db_query($TBDBNAME,
"SELECT usr_pswd FROM users WHERE uid='$uid'");
if (! $query_result) {
$err = mysql_error();
TBERROR("Database Error confirming user $uid: $err\n", 1);
}
if (($row = mysql_fetch_row($query_result)) == 0) {
USERERROR("You do not appear to have an account!", 1);
}
#
# Verify that this uid is a member of the project for the experiment.
#
# First get the project (PID) for the experiment (EID) requested.
# Then check to see if the user (UID) is a member of that PID.
#
$query_result = mysql_db_query($TBDBNAME,
"SELECT * FROM experiments WHERE eid=\"$exp_eid\"");
if (($exprow = mysql_fetch_array($query_result)) == 0) {
USERERROR("The experiment $exp_eid is not a valid experiment.", 1);
}
$pid = $exprow[pid];
$query_result = mysql_db_query($TBDBNAME,
"SELECT pid FROM proj_memb WHERE uid=\"$uid\" and pid=\"$pid\"");
if (mysql_num_rows($query_result) == 0) {
USERERROR("You are not a member of the Project for Experiment: $exp_id.", 1);
}
?>
<center>
</center>
</body>
</html>