function submitDeleteDoc() { global $viewmode; $item = getContinuationVar('item'); if ($viewmode != ADMIN_DEVELOPER && !in_array($user['id'], $doceditors)) { showDatabaseDoc($item); return; } $query = "SELECT title FROM documentation WHERE name = '{$item}'"; $qh = doQuery($query, 101); if (!($row = mysql_fetch_assoc($qh))) { print "<h2>Online Documentation</h2>\n"; print "Failed to retrieve documentation for \"{$item}\".<br>\n"; return; } $query = "DELETE FROM documentation WHERE name = '{$item}'"; doQuery($query, 101); print "The page titled <strong>{$row['title']}</strong> has been deleted."; print "<br>\n"; }
function AJsubmitSetImageProduction() { $requestid = getContinuationVar('requestid'); $data = getRequestInfo($requestid); foreach ($data["reservations"] as $res) { if ($res["forcheckout"]) { $prettyimage = $res["prettyimage"]; break; } } $query = "UPDATE request SET stateid = 17 WHERE id = {$requestid}"; doQuery($query, 101); $content = sprintf(i("%s is now in the process of being updated to use the newly created revision."), "<b>{$prettyimage}</b>") . "<br>"; $content = preg_replace("/(.{1,60}[ \n])/", '\\1<br>', $content); $a = "var dlg = new dijit.Dialog({" . "title: \"" . i("Change Test Image to Production") . "\"," . "id: \"toproddlg\"" . "});" . "var content = '{$content}" . "<div align=\"center\">" . "<button dojoType=\"dijit.form.Button\">" . i("Close") . "<script type=\"dojo/method\" event=\"onClick\">" . "dijit.byId(\"toproddlg\").destroy();" . "</script>" . "</button>" . "</div>';" . "dlg.set(\"content\", content);" . "dlg.show();" . "resRefresh();"; print $a; }
function processMgmtnodeInput($checks = 1) { global $submitErr, $submitErrMsg, $user, $mode; $return = array(); $mgmtnodes = getManagementNodes(); $return["mgmtnodeid"] = getContinuationVar("mgmtnodeid"); $return["hostname"] = getContinuationVar("hostname", processInputVar("hostname", ARG_STRING)); $return["IPaddress"] = getContinuationVar("IPaddress", processInputVar("IPaddress", ARG_STRING)); $return["owner"] = getContinuationVar("owner", processInputVar("owner", ARG_STRING, $user["unityid"])); $return["stateid"] = getContinuationVar("stateid", processInputVar("stateid", ARG_STRING)); $return["premoduleid"] = getContinuationVar("premoduleid", processInputVar("premoduleid", ARG_NUMERIC)); $return["checkininterval"] = getContinuationVar("checkininterval", processInputVar("checkininterval", ARG_NUMERIC)); $return["installpath"] = getContinuationVar("installpath", processInputVar("installpath", ARG_STRING)); $return["keys"] = getContinuationVar("keys", processInputVar("keys", ARG_STRING)); $return["sshport"] = getContinuationVar("sshport", processInputVar("sshport", ARG_NUMERIC)); $return["imagelibenable"] = getContinuationVar("imagelibenable", processInputVar("imagelibenable", ARG_NUMERIC)); $return["imagelibgroupid"] = getContinuationVar("imagelibgroupid", processInputVar("imagelibgroupid", ARG_NUMERIC)); $return["imagelibuser"] = getContinuationVar("imagelibuser", processInputVar("imagelibuser", ARG_STRING)); $return["imagelibkey"] = getContinuationVar("imagelibkey", processInputVar("imagelibkey", ARG_STRING)); if ($return['checkininterval'] < 5) { $return['checkininterval'] = 5; } if ($return['checkininterval'] > 30) { $return['checkininterval'] = 30; } if ($return['sshport'] < 1 || $return['sshport'] > 65535) { $return['sshport'] = 22; } if ($return['imagelibenable'] != '' && $return['imagelibenable'] != 1) { $return['imagelibenable'] = ''; } if ($return['imagelibenable'] != 1) { $return["imagelibgroupid"] = 'NULL'; $return["imagelibuser"] = '******'; $return["imagelibkey"] = 'NULL'; } if (!$checks) { return $return; } if (!ereg('^[a-zA-Z0-9_][-a-zA-Z0-9_\\.]{1,49}$', $return["hostname"])) { $submitErr |= MNHOSTNAMEERR; $submitErrMsg[MNHOSTNAMEERR] = "Hostname can only contain letters, numbers, dashes(-), periods(.), and underscores(_). It can be from 1 to 50 characters long"; } if (!($submitErr & MNHOSTNAMEERR) && $mode != "confirmEditMgmtnode" && checkForMgmtnodeHostname($return["hostname"])) { $submitErr |= MNHOSTNAMEERR; $submitErrMsg[MNHOSTNAMEERR] = "A node already exists with this hostname."; } $ipaddrArr = explode('.', $return["IPaddress"]); if (!ereg('^(([0-9]){1,3}\\.){3}([0-9]){1,3}$', $return["IPaddress"]) || $ipaddrArr[0] < 1 || $ipaddrArr[0] > 255 || $ipaddrArr[1] < 0 || $ipaddrArr[1] > 255 || $ipaddrArr[2] < 0 || $ipaddrArr[2] > 255 || $ipaddrArr[3] < 1 || $ipaddrArr[3] > 255) { $submitErr |= IPADDRESSERR; $submitErrMsg[IPADDRESSERR] = "Invalid IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)"; } if ($mode != "confirmEditMgmtnode" && !($submitErr & IPADDRESSERR) && checkForMgmtnodeIPaddress($return["IPaddress"])) { $submitErr |= IPADDRESSERR; $submitErrMsg[IPADDRESSERR] = "A node already exists with this IP address."; } if (!validateUserid($return["owner"])) { $submitErr |= MNOWNERERR; $submitErrMsg[MNOWNERERR] = "Submitted ID is not valid"; } if (!preg_match('/^([-a-zA-Z0-9_\\.\\/]){2,100}$/', $return["installpath"])) { $submitErr |= MNINSTPATHERR; $submitErrMsg[MNINSTPATHERR] = "This can only contain letters, numbers, dashes(-), periods(.), underscores(_), and forward slashes(/). It can be from 2 to 100 characters long"; } if (!empty($return['keys']) && !preg_match('/^([-a-zA-Z0-9_\\.\\/,]){2,1024}$/', $return["keys"])) { $submitErr |= MNSSHIDKEYSERR; $submitErrMsg[MNSSHIDKEYSERR] = "This can only contain letters, numbers, dashes(-), periods(.), underscores(_), forward slashes(/), and commas(,). It can be from 2 to 1024 characters long"; } if ($return['imagelibenable'] == 1) { $validgroups = getUserResources(array('mgmtNodeAdmin'), array("manageGroup"), 1); if (!in_array($return['imagelibgroupid'], array_keys($validgroups['managementnode']))) { $submitErr |= MNIMGLIBGRPIDERR; $submitErrMsg[MNIMGLIBGRPIDERR] = "The selected group was invalid"; } if (!preg_match('/^([-a-zA-Z0-9_\\.\\/,]){2,20}$/', $return["imagelibuser"])) { $submitErr |= MNIMGLIBUSERERR; $submitErrMsg[MNIMGLIBUSERERR] = "This can only contain letters, numbers, and dashes(-) and can be from 2 to 20 characters long"; } if (!preg_match('/^([-a-zA-Z0-9_\\.\\/,]){2,100}$/', $return["imagelibkey"])) { $submitErr |= MNIMGLIBKEYERR; $submitErrMsg[MNIMGLIBKEYERR] = "This can only contain letters, numbers, dashes(-), periods(.), underscores(_), and forward slashes(/). It can be from 2 to 100 characters long"; } } else { $return["imagelibgroupid"] = 'NULL'; $return["imagelibuser"] = '******'; $return["imagelibkey"] = 'NULL'; } return $return; }
function AJdeleteSiteMaintenance() { $id = getContinuationVar('id'); $start = getContinuationVar('start'); if (!deleteMaintenanceFile($start)) { print "alert('Failed to delete maintenance file on web server.\\n"; print "Please have sysadmin check permissions on maintenance directory.');\n"; print "dijit.byId('confirmDialog').hide();"; return; } $query = "DELETE FROM sitemaintenance WHERE id = {$id}"; doQuery($query, 101); $_SESSION['usersessiondata'] = array(); print "window.location.href = '" . BASEURL . SCRIPT . "?mode=siteMaintenance';"; #print "dijit.byId('confirmDialog').hide();"; #siteMaintenance(); }
function AJgetStatData() { $start = getContinuationVar("start"); $end = getContinuationVar("end"); $affilid = getContinuationVar("affilid"); $divid = getContinuationVar('divid'); $mode = getContinuationVar('mode'); $provid = getContinuationVar('provid'); if ($divid == 'resbyday') { $data = getStatGraphDayData($start, $end, $affilid, $mode, $provid); } elseif ($divid == 'maxconcurresday') { $data = getStatGraphDayConUsersData($start, $end, $affilid, $mode, $provid); } elseif ($divid == 'maxconcurbladeday') { $data = getStatGraphConBladeUserData($start, $end, $affilid, $mode, $provid); } elseif ($divid == 'maxconcurvmday') { $data = getStatGraphConVMUserData($start, $end, $affilid, $mode, $provid); } elseif ($divid == 'resbyhour') { $data = getStatGraphHourData($start, $end, $affilid, $mode, $provid); } elseif (preg_match('/^resbyday/', $divid)) { $data = getStatGraphDayData($start, $end, $affilid, $mode, $provid); } elseif (preg_match('/^maxconcurresday/', $divid)) { $data = getStatGraphDayConUsersData($start, $end, $affilid, $mode, $provid); } elseif (preg_match('/^maxconcurbladeday/', $divid)) { $data = getStatGraphConBladeUserData($start, $end, $affilid, $mode, $provid); } elseif (preg_match('/^maxconcurvmday/', $divid)) { $data = getStatGraphConVMUserData($start, $end, $affilid, $mode, $provid); } $data['id'] = $divid; sendJSON($data); }
function AJdeleteRevisions() { $revids = getContinuationVar('revids'); $imageid = getContinuationVar('imageid'); $checkedids = processInputVar('checkedids', ARG_STRING); $ids = explode(',', $checkedids); if (empty($ids)) { sendJSON(array()); return; } foreach ($ids as $id) { if (!is_numeric($id) || !in_array($id, $revids)) { sendJSON(array()); return; } } $query = "SELECT DISTINCT ir.revision " . "FROM request rq, " . "reservation rs, " . "imagerevision ir " . "WHERE rs.requestid = rq.id AND " . "rs.imagerevisionid = ir.id AND " . "rs.imagerevisionid IN ({$checkedids}) AND " . "rq.stateid NOT IN (1, 5, 11, 12)"; $qh = doQuery($query); if (mysql_num_rows($qh)) { $inuseids = array(); while ($row = mysql_fetch_assoc($qh)) { $inuseids[] = $row['revision']; } $inuseids = implode(',', $inuseids); $rc = array('status' => 'error', 'msg' => i("The following revisions are in use and cannot be deleted at this time:") . " {$inuseids}"); sendJSON($rc); return; } $query = "UPDATE imagerevision " . "SET deleted = 1, " . "datedeleted = NOW() " . "WHERE id IN ({$checkedids}) " . "AND production != 1"; doQuery($query, 101); $html = $this->getRevisionHTML($imageid); $arr = array('html' => $html); sendJSON($arr); }
function deleteGroupUser() { $groupid = getContinuationVar("groupid"); $userid = getContinuationVar("userid"); $test = getUserUnityID($userid); if (!empty($test)) { deleteUserGroupMember($userid, $groupid); } editOrAddGroup(0); }
function submitGeneralPreferences() { global $user, $HTMLheader, $printedHTMLheader, $mode, $viewmode; $groupview = getContinuationVar('groupview', processInputVar('groupview', ARG_STRING)); $emailnotify = processInputVar('emailnotify', ARG_NUMERIC); if ($groupview != 'affiliation' && $groupview != 'allgroups') { $printedHTMLheader = 1; print $HTMLheader; userpreferences(); return; } if ($emailnotify != 1 && $emailnotify != 2) { $printedHTMLheader = 1; print $HTMLheader; userpreferences(); return; } if ($groupview == 'allgroups' && $user['showallgroups'] == 0 || $groupview == 'affiliation' && $user['showallgroups'] == 1) { if ($groupview == 'allgroups') { $value = 1; } else { $value = 0; } $query = "UPDATE user SET showallgroups = {$value} WHERE id = {$user['id']}"; doQuery($query, 101); $_SESSION['user']['showallgroups'] = $value; $user['showallgroups'] = $value; } if ($user['emailnotices'] == 1 && $emailnotify == 1 || $user['emailnotices'] == 0 && $emailnotify == 2) { $newval = $emailnotify - 1; $query = "UPDATE user SET emailnotices = {$newval} WHERE id = {$user['id']}"; doQuery($query, 101); $_SESSION['user']['emailnotices'] = $newval; $user['emailnotices'] = $newval; } print $HTMLheader; $printedHTMLheader = 1; $mode = 'submituserprefs'; # FIXME might need to clear some cache items for cached lists of groups userpreferences(); }
function submitHelpForm() { global $user, $submitErr, $submitErrMsg; $name = processInputVar("name", ARG_STRING); $email = processInputVar("email", ARG_STRING); $summary = processInputVar("summary", ARG_STRING); $text = processInputVar("comments", ARG_STRING); if (!ereg('^([A-Za-z]{1,}( )([A-Za-z]){2,})$', $name)) { $submitErr |= NAMEERR; $submitErrMsg[NAMEERR] = "You must submit your first and last name"; } if (!eregi('^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})$', $email)) { $submitErr |= EMAILERR; $submitErrMsg[EMAILERR] = "Invalid email address, please correct"; } if (empty($summary)) { $submitErr |= SUMMARYERR; $submitErrMsg[SUMMARYERR] = "Please fill in a very short summary of the " . "problem"; } if (empty($text)) { $submitErr |= TEXTERR; $submitErrMsg[TEXTERR] = "Please fill in your problem in the box below.<br>"; } if ($submitErr) { printHelpForm(); return; } $computers = getComputers(); $requests = getUserRequests("all"); $query = "SELECT l.start AS start, " . "l.finalend AS end, " . "l.computerid AS computerid, " . "i.prettyname AS prettyimage " . "FROM log l, " . "image i " . "WHERE l.userid = " . $user["id"] . " AND " . "i.id = l.imageid AND " . "(unix_timestamp(NOW()) - unix_timestamp(l.finalend)) < 14400"; $qh = doQuery($query, 290); while ($row = mysql_fetch_assoc($qh)) { array_push($requests, $row); } $from = $user["email"]; if (get_magic_quotes_gpc()) { $text = stripslashes($text); } $message = "Problem report submitted from VCL web form:\n\n" . "User: "******"unityid"] . "\n" . "Name: " . $name . "\n" . "Email: " . $email . "\n" . "Problem description:\n\n{$text}\n\n"; $end = time(); $start = $end - 14400; $recentrequests = ""; foreach ($requests as $request) { if (datetimeToUnix($request["end"]) > $start || datetimeToUnix($request["start"] < $end)) { $thisstart = str_replace(' ', ' ', prettyDatetime($request["start"])); $thisend = str_replace(' ', ' ', prettyDatetime($request["end"])); $recentrequests .= "Image: " . $request["prettyimage"] . "\n" . "Computer: " . $computers[$request["computerid"]]["hostname"] . "\n" . "Start: {$thisstart}\n" . "End: {$thisend}\n\n"; } } if (!empty($recentrequests)) { $message .= "-----------------------------------------------\n"; $message .= "User's recent reservations:\n\n" . $recentrequests . "\n"; } else { $message .= "User has no recent reservations\n"; } $indrupal = getContinuationVar('indrupal', 0); if (!$indrupal) { print "<H2>VCL Help</H2>\n"; } $mailParams = "-f" . ENVELOPESENDER; if (!mail(HELPEMAIL, "{$summary}", $message, "From: {$from}\r\nReply-To: {$email}\r\n", $mailParams)) { print "The Server was unable to send mail at this time. Please e-mail "; print "<a href=\"mailto:" . HELPEMAIL . "\">" . HELPEMAIL . "</a> for "; print "help with your problem."; } else { print "Your problem report has been submitted. Thank you for letting "; print "us know of your problem so that we can improve this site.<br>\n"; } }
function submitHelpForm() { global $user, $submitErr, $submitErrMsg; $name = processInputVar("name", ARG_STRING); $email = processInputVar("email", ARG_STRING); $summary = processInputVar("summary", ARG_STRING); $text = processInputVar("comments", ARG_STRING); $testname = $name; if (get_magic_quotes_gpc()) { $testname = stripslashes($name); } if (!preg_match('/^([-A-Za-z \']{1,} [-A-Za-z \']{2,})*$/', $testname)) { $submitErr |= NAMEERR; $submitErrMsg[NAMEERR] = "Name can only contain letters, spaces, apostrophes ('), and dashes (-)"; } if (!preg_match('/^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})$/i', $email)) { $submitErr |= EMAILERR; $submitErrMsg[EMAILERR] = "Invalid email address, please correct"; } if (empty($summary)) { $submitErr |= SUMMARYERR; $submitErrMsg[SUMMARYERR] = "Please fill in a very short summary of the " . "problem"; } if (empty($text)) { $submitErr |= TEXTERR; $submitErrMsg[TEXTERR] = "Please fill in your problem in the box below.<br>"; } if ($submitErr) { printHelpForm(); return; } $computers = getComputers(); $requests = array(); $query = "SELECT l.id, " . "l.start, " . "l.finalend AS end, " . "s.computerid, " . "i.prettyname AS prettyimage " . "FROM log l, " . "image i, " . "sublog s " . "WHERE l.userid = {$user["id"]} AND " . "i.id = l.imageid AND " . "s.logid = l.id AND " . "l.finalend < DATE_ADD(NOW(), INTERVAL 1 DAY) " . "ORDER BY l.finalend DESC " . "LIMIT 5"; $qh = doQuery($query, 290); while ($row = mysql_fetch_assoc($qh)) { # only include 1 computer from cluster reservations if (array_key_exists($row['id'], $requests)) { continue; } $requests[$row['id']] = $row; } $from = $user["email"]; if (get_magic_quotes_gpc()) { $text = stripslashes($text); } $message = "Problem report submitted from VCL web form:\n\n" . "User: "******"unityid"] . "\n" . "Name: " . $testname . "\n" . "Email: " . $email . "\n" . "Problem description:\n\n{$text}\n\n"; $recentrequests = ""; foreach ($requests as $request) { $thisstart = str_replace(' ', ' ', prettyDatetime($request["start"])); $thisend = str_replace(' ', ' ', prettyDatetime($request["end"])); $recentrequests .= "Image: {$request["prettyimage"]}\n" . "Computer: {$computers[$request["computerid"]]["hostname"]}\n" . "Start: {$thisstart}\n" . "End: {$thisend}\n\n"; } if (!empty($recentrequests)) { $message .= "-----------------------------------------------\n"; $message .= "User's recent reservations:\n\n" . $recentrequests . "\n"; } else { $message .= "User has no recent reservations\n"; } $indrupal = getContinuationVar('indrupal', 0); if (!$indrupal) { print "<H2>VCL Help</H2>\n"; } $mailParams = "-f" . ENVELOPESENDER; if (get_magic_quotes_gpc()) { $summary = stripslashes($summary); } if (!mail(HELPEMAIL, "{$summary}", $message, "From: {$from}\r\nReply-To: {$email}\r\n", $mailParams)) { print "The Server was unable to send mail at this time. Please e-mail "; print "<a href=\"mailto:" . HELPEMAIL . "\">" . HELPEMAIL . "</a> for "; print "help with your problem."; } else { print "Your problem report has been submitted. Thank you for letting "; print "us know of your problem so that we can improve this site.<br>\n"; } }
function AJvmFromHostDelayed() { $data = getContinuationVar(); $vclreloadid = getUserlistID('vclreload@Local'); $imageid = getImageId('noimage'); $imagerevisionid = getProductionRevisionid($imageid); $fails = array(); foreach ($data as $comp) { $end = datetimeToUnix($comp['end2']) + SECINMONTH; $end = unixToDatetime($end); if (!simpleAddRequest($comp['id'], $imageid, $imagerevisionid, $comp['end2'], $end, 18, $vclreloadid)) { $fails[] = array('name' => $comp['hostname'], 'reason' => 'nomgtnode'); } } $cont = addContinuationsEntry('vmhostdata'); $arr = array('msg' => 'SUCCESS', 'cont' => $cont, 'fails' => $fails); sendJSON($arr); }
function processScheduleInput($checks = 1) { global $submitErr, $submitErrMsg; $return = array(); $return["start"] = array(); $return["end"] = array(); $return["scheduleid"] = getContinuationVar("scheduleid", processInputVar("scheduleid", ARG_NUMERIC)); $return["name"] = getContinuationVar("name", processInputVar("name", ARG_STRING)); $return["owner"] = getContinuationVar("owner", processInputVar("owner", ARG_STRING)); $return["submode"] = processInputVar("submode", ARG_STRING); $return["selrow"] = processInputVar("selrow", ARG_NUMERIC); $return["count"] = getContinuationVar("count", processInputVar("count", ARG_NUMERIC, 0)); $return["startDay"] = processInputVar("startDay", ARG_MULTINUMERIC); $return["startTime"] = processInputVar("startTime", ARG_MULTISTRING); $return["endDay"] = processInputVar("endDay", ARG_MULTINUMERIC); $return["endTime"] = processInputVar("endTime", ARG_MULTISTRING); if (!$checks) { return $return; } if (strlen($return["name"]) > 25 || strlen($return["name"]) < 2) { $submitErr |= SCHNAMEERR; $submitErrMsg[SCHNAMEERR] = "Name must be from 2 to 30 characters"; } if (!($submitErr & SCHNAMEERR) && checkForScheduleName($return["name"], $return["scheduleid"])) { $submitErr |= SCHNAMEERR; $submitErrMsg[SCHNAMEERR] = "A schedule already exists with this name."; } if (!validateUserid($return["owner"])) { $submitErr |= SCHOWNERERR; $submitErrMsg[SCHOWNERERR] = "The submitted unity ID is invalid."; } for ($i = 0; $i < $return["count"]; $i++) { if (!ereg('^((0?[1-9])|(1[0-2])):([0-5][0-9]) (am|pm)$', $return["startTime"][$i]) || !ereg('^((0?[1-9])|(1[0-2])):([0-5][0-9]) (am|pm)$', $return["endTime"][$i])) { $submitErr |= 1 << $i; $submitErrMsg[1 << $i] = "Time must be of the form [H]H:MM am/pm"; } elseif (daytimeToMin($return["startDay"][$i], $return["startTime"][$i], "start") >= daytimeToMin($return["endDay"][$i], $return["endTime"][$i], "end")) { $submitErr |= 1 << $i; $submitErrMsg[1 << $i] = "The start day/time must be before the end day/time"; } } for ($i = 0; $i < $return["count"] - 1; $i++) { for ($j = $i + 1; $j < $return["count"]; $j++) { if (daytimeToMin($return["startDay"][$i], $return["startTime"][$i], "start") < daytimeToMin($return["endDay"][$j], $return["endTime"][$j], "end") && daytimeToMin($return["endDay"][$i], $return["endTime"][$i], "end") > daytimeToMin($return["startDay"][$j], $return["startTime"][$j], "start")) { $submitErr |= OVERLAPERR; $submitErrMsg[OVERLAPERR] = "At least 2 of the time periods overlap. Please combine them into a single entry."; break 2; } } } return $return; }
function AJserverProfileData() { $profileid = processInputVar('id', ARG_NUMERIC); $mode = getContinuationVar('mode'); if ($mode == 'admin') { $resources = getUserResources(array("serverProfileAdmin"), array("administer")); } else { $resources = getUserResources(array("serverCheckOut", "serverProfileAdmin"), array("available", "administer")); } if (!array_key_exists($profileid, $resources['serverprofile'])) { sendJSON(array('error' => 1, 'msg' => 'noaccess')); return; } $data = getServerProfiles($profileid); $data = $data[$profileid]; unset($data['image']); unset($data['ownerid']); unset($data['owner']); unset($data['admingroup']); unset($data['logingroup']); if ($data['fixedIP'] == 'NULL') { $data['fixedIP'] = ''; $data['netmask'] = ''; $data['router'] = ''; $data['dns'] = ''; } if ($data['fixedMAC'] == 'NULL') { $data['fixedMAC'] = ''; } if (is_null($data['admingroupid'])) { $data['admingroupid'] = 0; } if (is_null($data['logingroupid'])) { $data['logingroupid'] = 0; } sendJSON($data); }
function processBulkComputerInput($checks = 1) { global $submitErr, $submitErrMsg, $viewmode; $return = processComputerInput2(); $ipaddress = getContinuationVar("ipaddress", processInputVar("ipaddress", ARG_STRING)); if (!empty($ipaddress)) { $return["startipaddress"] = $ipaddress; $tmp = $ipaddress; $tmpArr = explode('.', $tmp); array_pop($tmpArr); $return["endipaddress"] = implode('.', $tmpArr); $return["starthostval"] = ""; $return["endhostval"] = ""; } else { $return["startipaddress"] = getContinuationVar("startipaddress", processInputVar("startipaddress", ARG_STRING)); $return["endipaddress"] = getContinuationVar("endipaddress", processInputVar("endipaddress", ARG_STRING)); $return["starthostval"] = getContinuationVar("starthostval", processInputVar("starthostval", ARG_NUMERIC)); $return["endhostval"] = getContinuationVar("endhostval", processInputVar("endhostval", ARG_NUMERIC)); } $return["startpripaddress"] = getContinuationVar("startpripaddress", processInputVar("startpripaddress", ARG_STRING)); $return["endpripaddress"] = getContinuationVar("endpripaddress", processInputVar("endpripaddress", ARG_STRING)); $return["startmac"] = getContinuationVar("startmac", processInputVar("startmac", ARG_STRING)); $return["stateid"] = getContinuationVar("stateid", processInputVar("stateid", ARG_NUMERIC)); $return["owner"] = getContinuationVar("owner", processInputVar("owner", ARG_STRING)); $return["platformid"] = getContinuationVar("platformid", processInputVar("platformid", ARG_NUMERIC)); $return["scheduleid"] = getContinuationVar("scheduleid", processInputVar("scheduleid", ARG_NUMERIC)); $return["ram"] = getContinuationVar("ram", processInputVar("ram", ARG_NUMERIC)); $return["numprocs"] = getContinuationVar("numprocs", processInputVar("numprocs", ARG_NUMERIC)); $return["procspeed"] = getContinuationVar("procspeed", processInputVar("procspeed", ARG_NUMERIC)); $return["network"] = getContinuationVar("network", processInputVar("network", ARG_NUMERIC)); $return["hostname"] = getContinuationVar("hostname", processInputVar("hostname", ARG_STRING)); $return["type"] = getContinuationVar("type", processInputVar("type", ARG_STRING)); $return["provisioningid"] = getContinuationVar("provisioningid", processInputVar("provisioningid", ARG_NUMERIC)); $return["computergroup"] = getContinuationVar("computergroup", processInputVar("computergroup", ARG_MULTINUMERIC)); $return['macs'] = getContinuationVar('macs', array()); if (!$checks) { return $return; } $startaddrArr = explode('.', $return["startipaddress"]); if (!ereg('^(([0-9]){1,3}\\.){3}([0-9]){1,3}$', $return["startipaddress"]) || $startaddrArr[0] < 1 || $startaddrArr[0] > 255 || $startaddrArr[1] < 0 || $startaddrArr[1] > 255 || $startaddrArr[2] < 0 || $startaddrArr[2] > 255 || $startaddrArr[3] < 1 || $startaddrArr[3] > 255) { $submitErr |= IPADDRERR; $submitErrMsg[IPADDRERR] = "Invalid IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)"; } $endaddrArr = explode('.', $return["endipaddress"]); if (!ereg('^(([0-9]){1,3}\\.){3}([0-9]){1,3}$', $return["endipaddress"]) || $endaddrArr[0] < 1 || $endaddrArr[0] > 255 || $endaddrArr[1] < 0 || $endaddrArr[1] > 255 || $endaddrArr[2] < 0 || $endaddrArr[2] > 255 || $endaddrArr[3] < 1 || $endaddrArr[3] > 255) { $submitErr |= IPADDRERR2; $submitErrMsg[IPADDRERR2] = "Invalid IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)"; } $endpraddrArr = array(); if ($viewmode == ADMIN_DEVELOPER) { if (!empty($return['startpripaddress']) || !empty($return['endpripaddress'])) { $startpraddrArr = explode('.', $return["startpripaddress"]); if (!ereg('^(([0-9]){1,3}\\.){3}([0-9]){1,3}$', $return["startpripaddress"]) || $startpraddrArr[0] < 1 || $startpraddrArr[0] > 255 || $startpraddrArr[1] < 0 || $startpraddrArr[1] > 255 || $startpraddrArr[2] < 0 || $startpraddrArr[2] > 255 || $startpraddrArr[3] < 1 || $startpraddrArr[3] > 255) { $submitErr |= IPADDRERR3; $submitErrMsg[IPADDRERR3] = "Invalid IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)"; } $endpraddrArr = explode('.', $return["endpripaddress"]); if (!ereg('^(([0-9]){1,3}\\.){3}([0-9]){1,3}$', $return["endpripaddress"]) || $endpraddrArr[0] < 1 || $endpraddrArr[0] > 255 || $endpraddrArr[1] < 0 || $endpraddrArr[1] > 255 || $endpraddrArr[2] < 0 || $endpraddrArr[2] > 255 || $endpraddrArr[3] < 1 || $endpraddrArr[3] > 255) { $submitErr |= IPADDRERR4; $submitErrMsg[IPADDRERR4] = "Invalid IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)"; } } if (!empty($return['startmac'])) { if (!ereg('^(([A-Fa-f0-9]){2}:){5}([A-Fa-f0-9]){2}$', $return["startmac"])) { $submitErr |= MACADDRERR; $submitErrMsg[MACADDRERR] = "Invalid MAC address. Must be XX:XX:XX:XX:XX:XX " . "with each pair of XX being from 00 to FF (inclusive)"; } elseif (!$submitErr) { $tmp = explode(':', $return['startmac']); $topdec = hexdec($tmp[0] . $tmp[1] . $tmp[2]); $botdec = hexdec($tmp[3] . $tmp[4] . $tmp[5]); $topmac = "{$tmp[0]}:{$tmp[1]}:{$tmp[2]}"; $topplus = implode(':', str_split(dechex($topdec + 1), 2)); $start = $botdec; $return['macs'] = array(); $end = $start + ($endaddrArr[3] - $startaddrArr[3] + 1) * 2; for ($i = $start; $i < $end; $i++) { if ($i > 16777215) { $val = $i - 16777216; $tmp = sprintf('%06x', $val); $tmp2 = str_split($tmp, 2); $return['macs'][] = $topplus . ':' . implode(':', $tmp2); } else { $tmp = sprintf('%06x', $i); $tmp2 = str_split($tmp, 2); $return['macs'][] = $topmac . ':' . implode(':', $tmp2); } } if ($i > 16777215 && $topdec == 16777215) { $submitErr |= MACADDRERR; $submitErrMsg[MACADDRERR] = "Starting MAC address too large for given " . "given number of machines"; } } } } if ($return["ram"] < 32 || $return["ram"] > 20480) { $submitErr |= RAMERR; $submitErrMsg[RAMERR] = "RAM must be between 32 and 20480"; } if ($return["procspeed"] < 500 || $return["procspeed"] > 20000) { $submitErr |= PROCSPEEDERR; $submitErrMsg[PROCSPEEDERR] = "Processor Speed must be between 500 and 20000"; } if (!ereg('^[a-zA-Z0-9_%][-a-zA-Z0-9_.%]{1,35}$', $return["hostname"])) { $submitErr |= HOSTNAMEERR; $submitErrMsg[HOSTNAMEERR] = "Hostname must be <= 36 characters"; } if (empty($return["starthostval"]) && $return["starthostval"] != 0) { $submitErr |= STARTHOSTVALERR; $submitErrMsg[STARTHOSTVALERR] = "Start value can only be numeric."; } if (empty($return["endhostval"]) && $return["endhostval"] != 0) { $submitErr |= ENDHOSTVALERR; $submitErrMsg[ENDHOSTVALERR] = "End value can only be numeric."; } if (!($submitErr & IPADDRERR2 || $submitErr & ENDHOSTVALERR) && $endaddrArr[3] - $startaddrArr[3] != $return["endhostval"] - $return["starthostval"]) { $numipaddrs = $endaddrArr[3] - $startaddrArr[3] + 1; $numhostnames = $return["endhostval"] - $return["starthostval"] + 1; $submitErr |= IPADDRERR2; $submitErrMsg[IPADDRERR2] = "The number of IP addresses ({$numipaddrs}) " . "does not match the number of hostnames ({$numhostnames})."; $submitErr |= ENDHOSTVALERR; $submitErrMsg[ENDHOSTVALERR] = "The number of IP addresses ({$numipaddrs}) " . "does not match the number of hostnames ({$numhostnames})."; } if ($viewmode == ADMIN_DEVELOPER && !empty($return['startpripaddress']) && !empty($return['endpripaddress']) && (!($submitErr & IPADDRERR2 || $submitErr & IPADDRERR4) && !empty($endpraddrArr) && $endaddrArr[3] - $startaddrArr[3] != $endpraddrArr[3] - $startpraddrArr[3])) { $numpubaddrs = $endaddrArr[3] - $startaddrArr[3] + 1; $numpraddrs = $endpraddrArr[3] - $startpraddrArr[3] + 1; $submitErr |= IPADDRERR2; $submitErrMsg[IPADDRERR2] = "The number of public IP addresses ({$numpubaddrs}) " . "does not match the number of private IP addresses ({$numpraddrs})."; $submitErr |= IPADDRERR4; $submitErrMsg[IPADDRERR4] = $submitErrMsg[IPADDRERR2]; } if (!validateUserid($return["owner"])) { $submitErr |= OWNERERR; $submitErrMsg[OWNERERR] = "Submitted ID is not valid"; } $return['count'] = 0; if (!$submitErr) { $return['count'] = $endaddrArr[3] - $startaddrArr[3] + 1; } return $return; }
function sendRDPfile() { global $user; # for more info on this file, see # http://dev.remotenetworktechnology.com/ts/rdpfile.htm $requestid = getContinuationVar("requestid"); $request = getRequestInfo("{$requestid}"); foreach ($request["reservations"] as $res) { if ($res["forcheckout"]) { $ipaddress = $res["reservedIP"]; $passwd = $res["password"]; break; } } if (empty($ipaddress)) { return; } $width = $user["width"]; $height = $user["height"]; if ($width == 0) { $screenmode = 2; $width = 1024; $height = 768; } else { $screenmode = 1; } $bpp = $user["bpp"]; if ($user["audiomode"] == "none") { $audiomode = 2; } else { $audiomode = 0; } $redirectdrives = $user["mapdrives"]; $redirectprinters = $user["mapprinters"]; $redirectcomports = $user["mapserial"]; header("Content-type: application/rdp"); header("Content-Disposition: inline; filename=\"{$res['prettyimage']}.rdp\""); print "screen mode id:i:{$screenmode}\r\n"; print "desktopwidth:i:{$width}\r\n"; print "desktopheight:i:{$height}\r\n"; print "session bpp:i:{$bpp}\r\n"; print "winposstr:s:0,1,382,71,1182,671\r\n"; print "full address:s:{$ipaddress}\r\n"; print "compression:i:1\r\n"; print "keyboardhook:i:2\r\n"; print "audiomode:i:{$audiomode}\r\n"; print "redirectdrives:i:{$redirectdrives}\r\n"; print "redirectprinters:i:{$redirectprinters}\r\n"; print "redirectcomports:i:{$redirectcomports}\r\n"; print "redirectsmartcards:i:1\r\n"; print "displayconnectionbar:i:1\r\n"; print "autoreconnection enabled:i:1\r\n"; if ($request["forimaging"]) { print "username:s:Administrator\r\n"; } else { if (preg_match('/(.*)@(.*)/', $user['unityid'], $matches)) { print "username:s:" . $matches[1] . "\r\n"; } else { print "username:s:" . $user["unityid"] . "\r\n"; } } print "clear password:s:{$passwd}\r\n"; print "domain:s:\r\n"; print "alternate shell:s:\r\n"; print "shell working directory:s:\r\n"; print "disable wallpaper:i:1\r\n"; print "disable full window drag:i:1\r\n"; print "disable menu anims:i:1\r\n"; print "disable themes:i:0\r\n"; print "disable cursor setting:i:0\r\n"; print "bitmapcachepersistenable:i:1\r\n"; //print "connect to console:i:1\r\n"; exit(0); }
function submitGeneralPreferences() { global $user, $HTMLheader, $printedHTMLheader, $mode; $groupview = getContinuationVar('groupview', processInputVar('groupview', ARG_STRING)); $emailnotify = processInputVar('emailnotify', ARG_NUMERIC); $pubkeyauth = processInputVar('pubkeyauth', ARG_NUMERIC); $pubkeys = processInputVar('pubkeys', ARG_STRING); if ($groupview != 'affiliation' && $groupview != 'allgroups') { $printedHTMLheader = 1; print $HTMLheader; userpreferences(); return; } if ($emailnotify != 1 && $emailnotify != 2) { $printedHTMLheader = 1; print $HTMLheader; userpreferences(); return; } if ($pubkeyauth != 1 && $pubkeyauth != 2) { $printedHTMLheader = 1; print $HTMLheader; userpreferences(); return; } if ($groupview == 'allgroups' && $user['showallgroups'] == 0 || $groupview == 'affiliation' && $user['showallgroups'] == 1) { if ($groupview == 'allgroups') { $value = 1; } else { $value = 0; } $query = "UPDATE user SET showallgroups = {$value} WHERE id = {$user['id']}"; doQuery($query, 101); $_SESSION['user']['showallgroups'] = $value; $user['showallgroups'] = $value; } if ($user['emailnotices'] == 1 && $emailnotify == 1 || $user['emailnotices'] == 0 && $emailnotify == 2) { $newval = $emailnotify - 1; $query = "UPDATE user SET emailnotices = {$newval} WHERE id = {$user['id']}"; doQuery($query, 101); $_SESSION['user']['emailnotices'] = $newval; $user['emailnotices'] = $newval; } if ($user['usepublickeys'] == 1 && $pubkeyauth == 1 || $user['usepublickeys'] == 0 && $pubkeyauth == 2) { $newval = $pubkeyauth - 1; $query = "UPDATE user SET usepublickeys = {$newval} WHERE id = {$user['id']}"; doQuery($query); $_SESSION['user']['usepublickeys'] = $newval; $user['usepublickeys'] = $newval; } if ($pubkeyauth == 2 && preg_match('|^[-a-zA-Z0-9\\+/ @=\\.\\n\\r]*$|', $pubkeys)) { if (get_magic_quotes_gpc()) { $pubkeys = stripslashes($pubkeys); } $_pubkeys = mysql_real_escape_string($pubkeys); $query = "UPDATE user SET sshpublickeys = '{$_pubkeys}' WHERE id = {$user['id']}"; doQuery($query); $_SESSION['user']['sshpublickeys'] = htmlspecialchars($pubkeys); $user['sshpublickeys'] = htmlspecialchars($pubkeys); } print $HTMLheader; $printedHTMLheader = 1; $mode = 'submituserprefs'; # FIXME might need to clear some cache items for cached lists of groups userpreferences(); }
function processBlockRequestInput($checks = 1) { global $submitErr, $submitErrMsg, $mode, $user, $days; $return = array(); $return['blockname'] = getContinuationVar("blockname", processInputVar("blockname", ARG_STRING)); $return['imageid'] = getContinuationVar("imageid", processInputVar("imageid", ARG_NUMERIC)); $return['machinecnt'] = getContinuationVar("machinecnt", processInputVar("machinecnt", ARG_NUMERIC, 0)); $return['swhour'] = getContinuationVar("swhour", processInputVar("swhour", ARG_MULTINUMERIC)); $return['swminute'] = getContinuationVar("swminute", processInputVar("swminute", ARG_MULTINUMERIC)); $return['swmeridian'] = getContinuationVar("swmeridian", processInputVar("swmeridian", ARG_MULTISTRING)); $return['ewhour'] = getContinuationVar("ewhour", processInputVar("ewhour", ARG_MULTINUMERIC)); $return['ewminute'] = getContinuationVar("ewminute", processInputVar("ewminute", ARG_MULTINUMERIC)); $return['ewmeridian'] = getContinuationVar("ewmeridian", processInputVar("ewmeridian", ARG_MULTISTRING)); $return['smhour'] = getContinuationVar("smhour", processInputVar("smhour", ARG_MULTINUMERIC)); $return['smminute'] = getContinuationVar("smminute", processInputVar("smminute", ARG_MULTINUMERIC)); $return['smmeridian'] = getContinuationVar("smmeridian", processInputVar("smmeridian", ARG_MULTISTRING)); $return['emhour'] = getContinuationVar("emhour", processInputVar("emhour", ARG_MULTINUMERIC)); $return['emminute'] = getContinuationVar("emminute", processInputVar("emminute", ARG_MULTINUMERIC)); $return['emmeridian'] = getContinuationVar("emmeridian", processInputVar("emmeridian", ARG_MULTISTRING)); $return['slhour'] = getContinuationVar("slhour", processInputVar("slhour", ARG_MULTINUMERIC)); $return['slminute'] = getContinuationVar("slminute", processInputVar("slminute", ARG_MULTINUMERIC)); $return['slmeridian'] = getContinuationVar("slmeridian", processInputVar("slmeridian", ARG_MULTISTRING)); $return['elhour'] = getContinuationVar("elhour", processInputVar("elhour", ARG_MULTINUMERIC)); $return['elminute'] = getContinuationVar("elminute", processInputVar("elminute", ARG_MULTINUMERIC)); $return['elmeridian'] = getContinuationVar("elmeridian", processInputVar("elmeridian", ARG_MULTISTRING)); $return['weeknum'] = getContinuationVar("weeknum", processInputVar("weeknum", ARG_NUMERIC)); $return['day'] = getContinuationVar("day", processInputVar("day", ARG_NUMERIC)); $return['date'] = getContinuationVar("date", processInputVar("date", ARG_MULTISTRING)); $return['available'] = getContinuationVar("available", processInputVar("available", ARG_STRING, 'weekly')); $return['usergroupid'] = getContinuationVar("usergroupid", processInputVar("usergroupid", ARG_NUMERIC)); $return['admingroupid'] = getContinuationVar("admingroupid", processInputVar("admingroupid", ARG_NUMERIC)); $return['swdate'] = getContinuationVar("swdate", processInputVar("swdate", ARG_STRING)); $return['ewdate'] = getContinuationVar("ewdate", processInputVar("ewdate", ARG_STRING)); $return['smdate'] = getContinuationVar("smdate", processInputVar("smdate", ARG_STRING)); $return['emdate'] = getContinuationVar("emdate", processInputVar("emdate", ARG_STRING)); $return['wdays'] = getContinuationVar("wdays", processInputVar("wdays", ARG_MULTISTRING)); $return['state'] = getContinuationVar("state", 0); $return['blockRequestid'] = getContinuationVar("blockRequestid", processInputVar("blockRequestid", ARG_NUMERIC)); $return['wdayschecked'] = array(); foreach ($days as $day) { if (in_array($day, $return['wdays'])) { $return['wdayschecked'][$day] = 'checked'; } else { $return['wdayschecked'][$day] = ''; } } if (!$checks) { return $return; } if (!preg_match('/^([-a-zA-Z0-9\\. ]){3,80}$/', $return["blockname"])) { $submitErr |= BLOCKNAMEERR; $submitErrMsg[BLOCKNAMEERR] = "Name can only contain letters, numbers, spaces, dashes(-),<br>and periods(.) and can be from 3 to 80 characters long"; } $resources = getUserResources(array("imageAdmin", "imageCheckOut")); $resources["image"] = removeNoCheckout($resources["image"]); if (!in_array($return['imageid'], array_keys($resources['image']))) { $submitErr |= IMAGEIDERR; $submitErrMsg[IMAGEIDERR] = "The submitted image is invalid."; } if ($return['machinecnt'] < MIN_BLOCK_MACHINES) { $submitErr |= BLOCKCNTERR; $submitErrMsg[BLOCKCNTERR] = "You must request at least " . MIN_BLOCK_MACHINES . " machines"; } elseif ($return['machinecnt'] > MAX_BLOCK_MACHINES) { $submitErr |= BLOCKCNTERR; $submitErrMsg[BLOCKCNTERR] = "You cannot request more than " . MAX_BLOCK_MACHINES . " machines"; } // FIXME should we limit the course groups that show up? $groups = getUserGroups(); if (!array_key_exists($return['usergroupid'], $groups)) { $submitErr |= USERGROUPIDERR; $submitErrMsg[USERGROUPIDERR] = "The submitted user group is invalid."; } if (!array_key_exists($return['admingroupid'], $groups) && $return['admingroupid'] != 0) { $submitErr |= ADMINGROUPIDERR; $submitErrMsg[ADMINGROUPIDERR] = "The submitted user group is invalid."; } if ($return['available'] == 'weekly') { $keys = array('1' => 'swhour', '2' => 'ewhour', '3' => 'swminute', '4' => 'ewminute', '5' => 'swmeridian', '6' => 'ewmeridian', '7' => 'swdate', '8' => 'ewdate'); // check days of week foreach ($return['wdays'] as $index => $day) { if (!in_array($day, $days)) { unset($return['wdays'][$index]); } } /*foreach($days as $day) { if(in_array($day, $return['wdays'])) $return['wdayschecked'][$day] = 'checked'; }*/ if (!count($return['wdays'])) { $submitErr |= STARTDAYERR; $submitErrMsg[STARTDAYERR] = "You must select at least one day of the week"; } } elseif ($return['available'] == 'monthly') { $keys = array('1' => 'smhour', '2' => 'emhour', '3' => 'smminute', '4' => 'emminute', '5' => 'smmeridian', '6' => 'emmeridian', '7' => 'smdate', '8' => 'emdate'); // check weeknum if ($return['weeknum'] < 1 || $return['weeknum'] > 5) { $submitErr |= WEEKNUMERR; $submitErrMsg[WEEKNUMERR] = "Invalid week of the month submitted"; } // check day if ($return['day'] < 1 || $return['day'] > 7) { $submitErr |= DAYERR; $submitErrMsg[DAYERR] = "Invalid day of the week submitted"; } } elseif ($return['available'] == 'list') { $keys = array('1' => 'slhour', '2' => 'elhour', '3' => 'slminute', '4' => 'elminute', '5' => 'slmeridian', '6' => 'elmeridian'); } // check each timeslot for ($i = 0; $i < 4; $i++) { $submitErrMsg[STARTHOURERR][$i] = ""; $submitErrMsg[ENDHOURERR][$i] = ""; // start hour if ($return[$keys[1]][$i] < 1 || $return[$keys[1]][$i] > 12) { $submitErr |= STARTHOURERR; $submitErrMsg[STARTHOURERR][$i] = "The start hour must be between 1 and 12."; } // end hour if ($return[$keys[2]][$i] < 1 || $return[$keys[2]][$i] > 12) { $submitErr |= ENDHOURERR; $submitErrMsg[ENDHOURERR][$i] = " The end hour must be between 1 and 12."; } // start minute if ($return[$keys[3]][$i] < 0 || $return[$keys[3]][$i] > 59) { $submitErr |= STARTHOURERR; // we reuse STARTHOURERR here, it overwrites the last one, but oh well $submitErrMsg[STARTHOURERR][$i] = "The start minute must be between 0 and 59."; } // end minute if ($return[$keys[4]][$i] < 0 || $return[$keys[4]][$i] > 59) { $submitErr |= ENDHOURERR; $submitErrMsg[ENDHOURERR][$i] = " The end minute must be between 0 and 59."; } // start meridian if ($return[$keys[5]][$i] != 'am' && $return[$keys[5]][$i] != 'pm') { $return[$keys[5]][$i] = 'pm'; // just set it to one of them } // end meridian if ($return[$keys[6]][$i] != 'am' && $return[$keys[6]][$i] != 'pm') { $return[$keys[6]][$i] = 'am'; // just set it to one of them } // check that start is before end $return['stime'][$i] = minuteOfDay2("{$return[$keys[1]][$i]}:{$return[$keys[3]][$i]} {$return[$keys[5]][$i]}"); $return['etime'][$i] = minuteOfDay2("{$return[$keys[2]][$i]}:{$return[$keys[4]][$i]} {$return[$keys[6]][$i]}"); if ($return['stime'][$i] > $return['etime'][$i]) { $submitErr |= STARTHOURERR; // we reuse STARTHOURERR here, it overwrites the last one, but oh well $submitErrMsg[STARTHOURERR][$i] = "The start time must be before the end time (or be equal to ignore this slot)"; } } if ($return['available'] == 'weekly' || $return['available'] == 'monthly') { // check that timeslots do not overlap if (!($submitErr & STARTHOURERR) && !($submitErr & ENDHOURERR)) { for ($i = 0; $i < 4; $i++) { for ($j = $i + 1; $j < 4; $j++) { if ($return['etime'][$i] > $return['stime'][$j] && $return['stime'][$i] < $return['etime'][$j]) { $submitErr |= STARTHOURERR; $submitErrMsg[STARTHOURERR][$i] = "This timeslot overlaps with Slot" . ($j + 1); } } } } // check that start date is valid $startarr = split('/', $return[$keys[7]]); if (!preg_match('/^((\\d){1,2})\\/((\\d){1,2})\\/(\\d){2}$/', $return[$keys[7]])) { $submitErr |= STARTDATEERR; $submitErrMsg[STARTDATEERR] = "The start date must be in the form mm/dd/yy."; } elseif (!checkdate($startarr[0], $startarr[1], $startarr[2])) { $submitErr |= STARTDATEERR; $submitErrMsg[STARTDATEERR] = "This is an invalid date."; } elseif (datetimeToUnix("{$startarr[2]}-{$startarr[0]}-{$startarr[1]} 23:59:59") < time()) { $submitErr |= STARTDATEERR; $submitErrMsg[STARTDATEERR] = "The start date must be today or later."; } // check that end date is valid $endarr = split('/', $return[$keys[8]]); if (!preg_match('/^((\\d){1,2})\\/((\\d){1,2})\\/(\\d){2}$/', $return[$keys[8]])) { $submitErr |= ENDDATEERR; $submitErrMsg[ENDDATEERR] = "The end date must be in the form mm/dd/yy."; } elseif (!checkdate($endarr[0], $endarr[1], $endarr[2])) { $submitErr |= ENDDATEERR; $submitErrMsg[ENDDATEERR] = "This is an invalid date."; } elseif (datetimeToUnix("{$startarr[2]}-{$startarr[0]}-{$startarr[1]} 00:00:00") > datetimeToUnix("{$endarr[2]}-{$endarr[0]}-{$endarr[1]} 00:00:00")) { $submitErr |= ENDDATEERR; $submitErrMsg[ENDDATEERR] = "The end date must be later than the start date."; } } elseif ($return['available'] == 'list') { if (!($submitErr & STARTHOURERR) && !($submitErr & ENDHOURERR)) { // check date[1-n] for ($i = 0; $i < 4; $i++) { $submitErrMsg[STARTDATEERR][$i] = ""; if ($return['stime'][$i] == $return['etime'][$i]) { continue; } $submitErrMsg[STARTDATEERR][$i] = ""; $datearr = split('/', $return['date'][$i]); if (!preg_match('/^((\\d){1,2})\\/((\\d){1,2})\\/(\\d){2}$/', $return['date'][$i])) { $submitErr |= STARTDATEERR; $submitErrMsg[STARTDATEERR][$i] = "The date must be in the form mm/dd/yy."; } elseif (!checkdate($datearr[0], $datearr[1], $datearr[2])) { $submitErr |= STARTDATEERR; $submitErrMsg[STARTDATEERR][$i] = "Invalid date submitted."; } elseif (datetimeToUnix("{$datearr[2]}-{$datearr[0]}-{$datearr[1]} 23:59:59") < time()) { $submitErr |= STARTDATEERR; $submitErrMsg[STARTDATEERR][$i] = "The date must be today or later."; } } } } if (0) { # FIXME $submitErr |= AVAILABLEERR; $submitErrMsg[AVAILABLEERR] = "The submitted availability selection is invalid."; } return $return; }
function AJdeleteAffiliationSetting() { if (!checkUserHasPerm('Site Configuration (global)')) { $arr = array('status' => 'noaccess', 'msg' => i('You do not have access to delete the submitted setting.')); sendJSON($arr); return; } $key = processInputVar('key', ARG_STRING); $origvals = getContinuationVar('origvals'); if (!array_key_exists($key, $origvals)) { $arr = array('status' => 'failed', 'msgid' => "{$this->domidbase}msg", 'msg' => i('Invalid data submitted.')); sendJSON($arr); return; } $tmp = explode('|', $origvals[$key]['key']); $affil = $tmp[1]; $affilid = getAffiliationID($affil); deleteVariable($origvals[$key]['key']); # recreate update continuation $data = getVariablesRegex("^{$this->key}.*"); $origvals = array(); $origvals[$this->key] = array('key' => $this->key, 'val' => $data[$this->key]); foreach ($data as $prekey => $val) { $okey = str_replace('|', '_', $prekey); $origvals[$okey] = array('key' => $prekey, 'val' => $val); } $cdata = $this->basecdata; $cdata['origvals'] = $origvals; $savecont = addContinuationsEntry('AJupdateAllSettings', $cdata); $arr = array('status' => 'success', 'msgid' => "{$this->domidbase}msg", 'delid' => $key, 'affil' => $affil, 'affilid' => $affilid, 'savecont' => $savecont, 'extrafunc' => "{$this->jsname}.deleteAffiliationSettingCBextra", 'msg' => sprintf($this->delmsg, $affil)); sendJSON($arr); }
function sendStatGraphConBladeUser() { global $xaxislabels, $inContinuation; if (!$inContinuation) { return; } $start = getContinuationVar("start"); $end = getContinuationVar("end"); $affilid = getContinuationVar("affilid"); $graphdata = getStatGraphConBladeUserData($start, $end, $affilid); $count = count($graphdata["labels"]); if ($count < 8) { $labelinterval = 1; } else { $labelinterval = $count / 7; } $xaxislabels = $graphdata["labels"]; $graph = new Graph(300, 300, "auto"); $graph->SetScale("textlin"); $plot = new BarPlot($graphdata["points"]); $graph->Add($plot); $graph->xaxis->SetLabelFormatCallback('statXaxisDayConUsersCallback'); $graph->xaxis->SetLabelAngle(90); $graph->xaxis->SetTextLabelInterval($labelinterval); $graph->yaxis->SetTitle('Maximum concurrent reservations per day', 'high'); $graph->SetMargin(40, 40, 20, 80); $graph->Stroke(); }
function AJdeleteRevisions() { $revids = getContinuationVar('revids'); $imageid = getContinuationVar('imageid'); $checkedids = processInputVar('checkedids', ARG_STRING); $ids = explode(',', $checkedids); foreach ($ids as $id) { if (!is_numeric($id) || !in_array($id, $revids)) { header('Content-Type: text/json-comment-filtered; charset=utf-8'); print '/*{"items":' . json_encode(array()) . '}*/'; return; } } $query = "UPDATE imagerevision " . "SET deleted = 1 " . "WHERE id IN ({$checkedids}) " . "AND production != 1"; doQuery($query, 101); $html = getRevisionHTML($imageid); $arr = array('html' => $html); header('Content-Type: text/json-comment-filtered; charset=utf-8'); print '/*{"items":' . json_encode($arr) . '}*/'; }
function AJaddRemGroupResource() { $newids = getContinuationVar('newids'); if (is_null($newids)) { $rscid = processInputVar('id', ARG_NUMERIC); $resources = getUserResources(array($this->restype . "Admin"), array("manageGroup")); if (!array_key_exists($rscid, $resources[$this->restype])) { $arr = array('status' => 'noaccess'); sendJSON($arr); return; } } $groups = getUserResources(array($this->restype . "Admin"), array("manageGroup"), 1); $tmp = processInputVar('listids', ARG_STRING); $tmp = explode(',', $tmp); $groupids = array(); foreach ($tmp as $id) { if (!is_numeric($id)) { continue; } if (!array_key_exists($id, $groups[$this->restype])) { $arr = array('status' => 'noaccess'); sendJSON($arr); return; } $groupids[] = $id; } $args = $this->defaultGetDataArgs; if (is_null($newids)) { $args['rscid'] = $rscid; } $resdata = $this->getData($args); $mode = getContinuationVar('mode'); if ($mode == 'add') { $adds = array(); if (is_null($newids)) { foreach ($groupids as $id) { $adds[] = "({$resdata[$rscid]['resourceid']}, {$id})"; } } else { foreach ($newids as $newrscid) { foreach ($groupids as $id) { $adds[] = "({$resdata[$newrscid]['resourceid']}, {$id})"; } } } $query = "INSERT IGNORE INTO resourcegroupmembers " . "(resourceid, resourcegroupid) VALUES "; $query .= implode(',', $adds); doQuery($query); } else { $rems = implode(',', $groupids); if (is_null($newids)) { $query = "DELETE FROM resourcegroupmembers " . "WHERE resourceid = {$resdata[$rscid]['resourceid']} AND " . "resourcegroupid IN ({$rems})"; } else { $allrscids = array(); foreach ($newids as $newrscid) { $allrscids[] = $resdata[$newrscid]['resourceid']; } $allrscids = implode(',', $allrscids); $query = "DELETE FROM resourcegroupmembers " . "WHERE resourceid IN ({$allrscids}) AND " . "resourcegroupid IN ({$rems})"; } doQuery($query); } $_SESSION['userresources'] = array(); $regids = "^" . implode('$|^', $groupids) . "\$"; $arr = array('status' => 'success', 'regids' => $regids, 'inselobj' => 'ingroups', 'outselobj' => 'outgroups'); sendJSON($arr); }
function AJvmFromHostDelayed() { $data = getContinuationVar(); $vclreloadid = getUserlistID('vclreload@Local'); foreach ($data as $comp) { $end = datetimeToUnix($comp['end2']) + SECINMONTH; $end = unixToDatetime($end); simpleAddRequest($comp['id'], 4, 3, $comp['end2'], $end, 18, $vclreloadid); } header('Content-Type: text/json-comment-filtered; charset=utf-8'); $cont = addContinuationsEntry('vmhostdata'); $arr = array('msg' => 'SUCCESS', 'cont' => $cont); print '/*{"items":' . json_encode($arr) . '}*/'; }
sendHeaders(); printHTMLHeader(); if (checkUserHasPerm('View Debug Information')) { set_error_handler("errorHandler"); } if ($hasArg) { if (function_exists($actionFunction)) { $actionFunction($arg); } else { $obj = getContinuationVar('obj'); if (!is_null($obj) && method_exists($obj, $actionFunction)) { $obj->{$actionFunction}($arg); } else { main(); } } } else { if (function_exists($actionFunction)) { $actionFunction(); } else { $obj = getContinuationVar('obj'); if (!is_null($obj) && method_exists($obj, $actionFunction)) { $obj->{$actionFunction}(); } else { main(); } } } printHTMLFooter(); cleanSemaphore(); dbDisconnect();
function AJrestartImageCapture() { $requestid = getContinuationVar('requestid'); if (!checkUserHasPerm('View Dashboard (global)')) { sendJSON(array('status' => 'noaccess')); return; } $request = getRequestInfo($requestid); if ($request['stateid'] != 10 || $request['laststateid'] != 16 && $request['laststateid'] != 24 || count($request['reservations']) > 1) { sendJSON(array('status' => 'wrongstate')); return; } $compid = $request['reservations'][0]['computerid']; $query = "UPDATE computer c, " . "request rq " . "SET c.stateid = 8, " . "rq.stateid = {$request['laststateid']}, " . "rq.laststateid = 10 " . "WHERE c.id = {$compid} AND " . "rq.id = {$requestid}"; doQuery($query); sendJSON(array('status' => 'success')); }
function processMappingInput($maptypes) { # configid $return['configid'] = processInputVar('configid', ARG_NUMERIC); $tmp = getUserResources(array("configAdmin"), array("administer")); # TODO is this the criteria we want for which configs can be selected? if (!array_key_exists($return['configid'], $tmp['config'])) { $this->errmsg = "Invalid config submitted"; return 0; } # maptypeid $return['maptypeid'] = processInputVar('maptypeid', ARG_NUMERIC); if (!array_key_exists($return['maptypeid'], $maptypes)) { $this->errmsg = "Invalid map type submitted"; return 0; } # subid $return['subid'] = processInputVar('subid', ARG_NUMERIC); if ($maptypes[$return['maptypeid']] == 'Image') { $tmp = getUserResources(array("imageAdmin"), array("administer")); # TODO is this the criteria we want for which images can be selected? if (!array_key_exists($return['subid'], $tmp['image'])) { $this->errmsg = "Invalid image submitted"; return 0; } $return['mapto'] = $tmp['image'][$return['subid']]; } elseif ($maptypes[$return['maptypeid']] == 'OS Type') { $ostypes = getOStypes(); if (!array_key_exists($return['subid'], $ostypes)) { $this->errmsg = "Invalid os type submitted"; return 0; } $return['mapto'] = $ostypes[$return['subid']]; } elseif ($maptypes[$return['maptypeid']] == 'OS') { $oses = getOSList(); if (!array_key_exists($return['subid'], $oses)) { $this->errmsg = "Invalid OS submitted"; return 0; } $return['mapto'] = $oses[$return['subid']]['prettyname']; } elseif ($maptypes[$return['maptypeid']] == 'Config') { $tmp = getUserResources(array("configAdmin"), array("administer")); # TODO is this the criteria we want for which configs can be selected? $configs = $this->getUserConfigsNoCluster($tmp['config']); if (!array_key_exists($return['subid'], $configs)) { $this->errmsg = "Invalid config submitted"; return 0; } $return['mapto'] = $configs[$return['subid']]; } elseif ($maptypes[$return['maptypeid']] == 'Subimage') { $configsubimages = getConfigSubimages($tmp['config']); if (!array_key_exists($return['subid'], $configsubimages)) { $this->errmsg = "Invalid cluster submitted"; return 0; } $return['mapto'] = $configsubimages[$return['subid']]; } elseif ($maptypes[$return['maptypeid']] == 'Management Node') { $managementnodes = getManagementNodes(); if (!array_key_exists($return['subid'], $managementnodes)) { $this->errmsg = "Invalid managementnode submitted"; return 0; } $return['mapto'] = $managementnodes[$return['subid']]['hostname']; } # check for creating a loop - cannot have a parent that maps to # submitted config if ($maptypes[$return['maptypeid']] == 'Config' || $maptypes[$return['maptypeid']] == 'Subimage') { $rc = $this->mappingLoopCheck($maptypes[$return['maptypeid']], $return['configid'], $return['subid']); if ($rc != '') { $this->errmsg = "This mapping would create a loop. {$rc} is a<br>" . "parent/grandparent and is mapped to the selected config."; return 0; } } # affiliationid $return['affiliationid'] = processInputVar('affiliationid', ARG_NUMERIC); $affils = getAffiliations(); if (!array_key_exists($return['affiliationid'], $affils)) { $this->errmsg = "Invalid affiliation submitted"; return 0; } # stageid $return['stageid'] = processInputVar('stageid', ARG_NUMERIC); $stages = $this->getConfigMapStages(); if (!array_key_exists($return['stageid'], $stages)) { $this->errmsg = "Invalid stage submitted"; return 0; } # duplicate check # TODO do we also need to check the disabled field? $configmapid = getContinuationVar('configmapid', 0); $query = "SELECT id " . "FROM configmap " . "WHERE configid = {$return['configid']} AND " . "configmaptypeid = {$return['maptypeid']} AND " . "subid = {$return['subid']} AND " . "affiliationid = {$return['affiliationid']} AND " . "configstageid = {$return['stageid']} AND " . "id != {$configmapid}"; $qh = doQuery($query); if (mysql_num_rows($qh)) { $this->errmsg = "The specified mapping already exists."; return 0; } return $return; }
function AJaddRemGroupMapTo() { $mapgroupid = processInputVar('id', ARG_NUMERIC); $mapgroups = getUserResources(array($this->maptype . "Admin"), array("manageMapping"), 1); if (!array_key_exists($mapgroupid, $mapgroups[$this->maptype])) { $arr = array('status' => 'noaccess'); sendJSON($arr); return; } $groups = getUserResources(array($this->restype . "Admin"), array("manageMapping"), 1); $tmp = processInputVar('listids', ARG_STRING); $tmp = explode(',', $tmp); $groupids = array(); foreach ($tmp as $id) { if (!is_numeric($id)) { continue; } if (!array_key_exists($id, $groups[$this->restype])) { $arr = array('status' => 'noaccess'); sendJSON($arr); return; } $groupids[] = $id; } $mytypeid = getResourceTypeID($this->restype); $maptypeid = getResourceTypeID($this->maptype); $mode = getContinuationVar('mode'); if ($mode == 'add') { $adds = array(); foreach ($groupids as $id) { $adds[] = "({$id}, {$mytypeid}, {$mapgroupid}, {$maptypeid})"; } $query = "INSERT IGNORE INTO resourcemap " . "(resourcegroupid1, resourcetypeid1, " . "resourcegroupid2, resourcetypeid2) " . "VALUES "; $query .= implode(',', $adds); doQuery($query); } else { foreach ($groupids as $id) { $query = "DELETE FROM resourcemap " . "WHERE resourcegroupid1 = {$id} AND " . "resourcetypeid1 = {$mytypeid} AND " . "resourcegroupid2 = {$mapgroupid} AND " . "resourcetypeid2 = {$maptypeid}"; doQuery($query); } } $regids = "^" . implode('$|^', $groupids) . "\$"; $arr = array('status' => 'success', 'regids' => $regids, 'inselobj' => 'inmaptogroups', 'outselobj' => 'outmaptogroups'); sendJSON($arr); }
function AJviewBlockAllocationUsage() { $blockid = processInputVar('blockid', ARG_NUMERIC); $allowedblockids = getContinuationVar('blockids'); if (!in_array($blockid, $allowedblockids)) { sendJSON(array('status' => 'failed', 'message' => 'noaccess')); return; } $query = "SELECT COUNT(s.computerid) AS used, " . "br.numMachines AS allocated, " . "s.blockStart " . "FROM blockRequest br " . "LEFT JOIN sublog s ON (s.blockRequestid = br.id) " . "WHERE br.id = {$blockid} " . "GROUP BY s.blockRequestid, s.blockStart, s.blockEnd " . "ORDER BY s.blockStart"; $qh = doQuery($query); $usage = array(); $first = 1; $firststart = ''; $laststart = ''; while ($row = mysql_fetch_assoc($qh)) { if ($first && !is_null($row['blockStart'])) { $firststart = datetimeToUnix($row['blockStart']); $first = 0; } elseif (!is_null($row['blockStart'])) { $laststart = datetimeToUnix($row['blockStart']); } if (is_null($row['blockStart'])) { continue; } $percent = (int) ($row['used'] / $row['allocated'] * 100); $startts = datetimeToUnix($row['blockStart']); $usage[$startts] = array('percent' => $percent, 'label' => $row['blockStart']); } if ($firststart == '') { sendJSON(array('status' => 'empty', 'message' => 'nousage')); return; } $data = array('points' => array(), 'xlabels' => array()); $cnt = 0; $tmp = localtime($firststart, 1); $firstisdst = 0; if ($tmp['tm_isdst']) { $firstisdst = 1; } for ($i = $firststart; $i <= $laststart + 3600; $i += SECINDAY) { $tmp = localtime($i, 1); $time = $i; if ($firstisdst && !$tmp['tm_isdst']) { $time += 3600; } if (!$firstisdst && $tmp['tm_isdst']) { $time -= 3600; } $cnt++; $label = date('m/d g:i a', $time); if (array_key_exists($time, $usage)) { $data['points'][] = array('y' => $usage[$time]['percent'], 'tooltip' => "{$label}: " . $usage[$time]['percent'] . " %"); } else { $data['points'][] = array('y' => 0, 'tooltip' => "{$label}: 0"); } $data['xlabels'][] = array('value' => $cnt, 'text' => $label); } sendJSON(array('status' => 'success', 'usage' => $data)); }
function changeLocale() { global $locale; $newlocale = getContinuationVar('locale'); $oldmode = getContinuationVar('oldmode'); $authtype = getContinuationVar('authtype', ''); $locale = $newlocale; setcookie("VCLLOCALE", $locale, time() + 86400 * 31, "/", COOKIEDOMAIN); $extra = ''; if ($oldmode == 'selectauth' && !empty($authtype)) { $extra = "&authtype={$authtype}"; } header("Location: " . BASEURL . SCRIPT . "?mode={$oldmode}{$extra}"); dbDisconnect(); exit; }
function submitLogin() { global $authMechs; $authtype = getContinuationVar("authtype", processInputVar('authtype', ARG_STRING)); if (!array_key_exists($authtype, $authMechs)) { // FIXME - hackerish dbDisconnect(); exit; } if (isset($_GET['userid'])) { unset($_GET['userid']); } $userid = processInputVar('userid', ARG_STRING, ''); $passwd = $_POST['password']; if (empty($userid) || empty($passwd)) { selectAuth(); return; } if (get_magic_quotes_gpc()) { $userid = stripslashes($userid); $passwd = stripslashes($passwd); } if ($authMechs[$authtype]['type'] == 'ldap') { ldapLogin($authtype, $userid, $passwd); } elseif ($authMechs[$authtype]['type'] == 'local') { localLogin($userid, $passwd, $authtype); } else { selectAuth(); } }
function validateResourceData() { global $user; $return = array('error' => 0); $return['rscid'] = getContinuationVar('rscid', 0); $return['name'] = processInputVar('name', ARG_STRING); $return['owner'] = processInputVar('owner', ARG_STRING, "{$user['unityid']}@{$user['affiliation']}"); $return['ipaddress'] = processInputVar('ipaddress', ARG_STRING); $return['stateid'] = processInputVar('stateid', ARG_NUMERIC); $return['sysadminemail'] = processInputVar('sysadminemail', ARG_STRING); $return['sharedmailbox'] = processInputVar('sharedmailbox', ARG_STRING); $return['installpath'] = processInputVar('installpath', ARG_STRING); $return['timeservers'] = processInputVar('timeservers', ARG_STRING); $return['keys'] = processInputVar('keys', ARG_STRING); $return['sshport'] = processInputVar('sshport', ARG_NUMERIC); $return['imagelibenable'] = processInputVar('imagelibenable', ARG_NUMERIC); $return['imagelibgroupid'] = processInputVar('imagelibgroupid', ARG_NUMERIC); $return['imagelibuser'] = processInputVar('imagelibuser', ARG_STRING); $return['imagelibkey'] = processInputVar('imagelibkey', ARG_STRING); $return['publicIPconfig'] = processInputVar('publicIPconfig', ARG_STRING); $return['publicnetmask'] = processInputVar('publicnetmask', ARG_STRING); $return['publicgateway'] = processInputVar('publicgateway', ARG_STRING); $return['publicdnsserver'] = processInputVar('publicdnsserver', ARG_STRING); $return['checkininterval'] = processInputVar('checkininterval', ARG_NUMERIC); $return['availablenetworks'] = processInputVar('availablenetworks', ARG_STRING); $return['federatedauth'] = processInputVar('federatedauth', ARG_STRING); $return['nathostenabled'] = processInputVar('nathostenabled', ARG_NUMERIC); $return['natpublicIPaddress'] = processInputVar('natpublicipaddress', ARG_STRING); $return['natinternalIPaddress'] = processInputVar('natinternalipaddress', ARG_STRING); if (get_magic_quotes_gpc()) { $return['sysadminemail'] = stripslashes($return['sysadminemail']); $return['sharedmailbox'] = stripslashes($return['sharedmailbox']); } $olddata = getContinuationVar('olddata'); if ($return['rscid'] == 0) { $return['mode'] = 'add'; } else { $return['mode'] = 'edit'; } $errormsg = array(); # hostname if (!preg_match('/^[a-zA-Z0-9_][-a-zA-Z0-9_\\.]{1,49}$/', $return['name'])) { $return['error'] = 1; $errormsg[] = "Hostname can only contain letters, numbers, dashes(-), periods(.), and underscores(_). It can be from 1 to 50 characters long"; } elseif ($this->checkForMgmtnodeHostname($return['name'], $return['rscid'])) { $return['error'] = 1; $errormsg[] = "A node already exists with this hostname."; } # owner if (!validateUserid($return['owner'])) { $return['error'] = 1; $errormsg[] = "Submitted owner is not valid"; } # ipaddress if (!validateIPv4addr($return['ipaddress'])) { $return['error'] = 1; $errormsg[] = "Invalid IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)"; } # sysadminemail if ($return['sysadminemail'] != '') { $addrs = explode(',', $return['sysadminemail']); foreach ($addrs as $addr) { if (!validateEmailAddress($addr)) { $return['error'] = 1; $errormsg[] = "Invalid email address entered for SysAdmin Email Address(es)"; break; } } } # sharedmailbox if ($return['sharedmailbox'] != '' && !validateEmailAddress($return['sharedmailbox'])) { $return['error'] = 1; $errormsg[] = "Invalid email address entered for Shadow Emails"; } # installpath if ($return['installpath'] != '' && !preg_match('/^([-a-zA-Z0-9_\\.\\/]){2,100}$/', $return['installpath'])) { $return['error'] = 1; $errormsg[] = "Install Path must be empty or only contain letters, numbers, dashes(-), periods(.), underscores(_), and forward slashes(/) and be from 2 to 100 characters long"; } # timeservers if ($return['timeservers'] != '') { if (strlen($return['timeservers']) > 1000) { $return['error'] = 1; $errormsg[] = "Too much data entered for Time Server(s)"; } else { $hosts = explode(',', $return['timeservers']); foreach ($hosts as $host) { if (preg_match('/^([0-9]{1,3}(\\.?))+$/', $host) && !validateIPv4addr($host) || !preg_match('/^[a-zA-Z0-9_][-a-zA-Z0-9_\\.]{1,50}$/', $host)) { $return['error'] = 1; $errormsg[] = "Time servers must be an IP address or a hostname containing only letters, numbers, dashes(-), periods(.), and underscores(_). Each host can be up to 50 characters long"; break; } } } } # keys if ($return['keys'] != '' && !preg_match('/^([-a-zA-Z0-9_\\.\\/,]){2,1024}$/', $return['keys'])) { $return['error'] = 1; $errormsg[] = "End Node SSH Identity Key Files can only contain letters, numbers, dashes(-), periods(.), underscores(_), forward slashes(/), and commas(,). It can be from 2 to 1024 characters long"; } # imagelibenable if ($return['imagelibenable'] == 1) { # imagelibgroupid $validgroups = getUserResources(array('mgmtNodeAdmin'), array('manageGroup'), 1); if (!array_key_exists($return['imagelibgroupid'], $validgroups['managementnode'])) { $return['error'] = 1; $errormsg[] = "The group selected for Image Library Management Node Group is not valid"; } # imagelibuser if (!preg_match('/^([-a-zA-Z0-9_\\.\\/,]){2,20}$/', $return['imagelibuser'])) { $return['error'] = 1; $errormsg[] = "Image Library User can only contain letters, numbers, and dashes(-) and can be from 2 to 20 characters long"; } # imagelibkey if (!preg_match('/^([-a-zA-Z0-9_\\.\\/,]){2,100}$/', $return['imagelibkey'])) { $return['error'] = 1; $errormsg[] = "Image Library SSH Identity Key File can only contain letters, numbers, dashes(-), periods(.), underscores(_), and forward slashes(/). It can be from 2 to 100 characters long"; } } else { $return['imagelibenable'] = 0; if ($return['mode'] == 'edit') { $return['imagelibgroupid'] = $olddata['imagelibgroupid']; $return['imagelibuser'] = $olddata['imagelibuser']; $return['imagelibkey'] = $olddata['imagelibkey']; } else { $return['imagelibgroupid'] = ''; $return['imagelibuser'] = ''; $return['imagelibkey'] = ''; } } # publicIPconfig if (!preg_match('/^(dynamicDHCP|manualDHCP|static)$/', $return['publicIPconfig'])) { $return['publicIPconfig'] = 'dynamicDHCP'; } if ($return['publicIPconfig'] == 'static') { # publicnetmask $bnetmask = ip2long($return['publicnetmask']); if (!preg_match('/^[1]+0[^1]+$/', sprintf('%032b', $bnetmask))) { $return['error'] = 1; $errormsg[] = "Invalid value specified for Public Netmask"; } # publicgateway if (preg_match('/^([0-9]{1,3}(\\.?))+$/', $return['publicgateway']) && !validateIPv4addr($return['publicgateway'])) { $return['error'] = 1; $errormsg[] = "Invalid value specified for Public Gateway"; } elseif (!preg_match('/^[a-zA-Z0-9_][-a-zA-Z0-9_\\.]{1,56}$/', $return["publicgateway"])) { $return['error'] = 1; $errormsg[] = "Public gateway must be an IP address or a hostname containing only letters, numbers, dashes(-), periods(.), and underscores(_). It can be up to 56 characters long"; } # publicdnsserver $servers = explode(',', $return['publicdnsserver']); if (empty($servers)) { $return['error'] = 1; $errormsg[] = "Please enter at least one Public DNS server"; } else { foreach ($servers as $server) { if (!validateIPv4addr($server)) { $return['error'] = 1; $errormsg[] = "Invalid IP address entered for Public DNS Server"; break; } } } } else { $return['publicnetmask'] = $olddata['publicnetmask']; $return['publicgateway'] = $olddata['publicgateway']; } # stateid 2 - available, 5 - failed, 10 - maintenance if (!preg_match('/^(2|5|10)$/', $return['stateid'])) { $return['error'] = 1; $errormsg[] = "Invalid value submitted for State"; } # checkininterval if ($return['checkininterval'] < 5) { $return['checkininterval'] = 5; } elseif ($return['checkininterval'] > 30) { $return['checkininterval'] = 30; } # sshport if ($return['sshport'] < 1 || $return['sshport'] > 65535) { $return['sshport'] = 22; } # availablenetworks if ($return['availablenetworks'] != '') { if (strpos("\n", $return['availablenetworks'])) { $return['availablenetworks'] = preg_replace("/(\r)?\n/", ',', $return['availablenetworks']); } $return['availablenetworks2'] = explode(',', $return['availablenetworks']); foreach ($return['availablenetworks2'] as $key => $net) { $net = trim($net); if ($net == '') { unset($return['availablenetworks2'][$key]); $return['availablenetworks'] = implode("\n", $return['availablenetworks2']); continue; } $return['availablenetworks2'][$key] = $net; if (!preg_match('/^([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\/([0-9]{2})$/', $net, $matches) || $matches[1] < 0 || $matches[1] > 255 || $matches[2] < 0 || $matches[2] > 255 || $matches[3] < 0 || $matches[3] > 255 || $matches[4] < 0 || $matches[4] > 255 || $matches[5] < 1 || $matches[5] > 32) { $return['error'] = 1; $errormsg[] = "Invalid network entered for Available Public Networks; must be comma delimited list of valid networks in the form of x.x.x.x/yy"; } } } # federatedauth if ($return['federatedauth'] != '') { $affils = getAffiliations(); $fedarr = explode(',', $return['federatedauth']); $test = array_udiff($fedarr, $affils, 'strcasecmp'); if (!empty($test)) { $new = array(); foreach ($test as $affil) { if (preg_match('/^[-0-9a-zA-Z_\\.:;,]*$/', $affil)) { $new[] = $affil; } } if (count($test) == count($new)) { $errormsg[] = "These affiliations do not exist: " . implode(', ', $new); } else { $errormsg[] = "Invalid data entered for Affiliations using Federated Authentication for Linux Images"; } $return['error'] = 1; } } $nathosterror = 0; # nathostenabled if ($return['nathostenabled'] != 0 && $return['nathostenabled'] != 1) { $return['error'] = 1; $errormsg[] = "Invalid value for Use as NAT Host"; $nathosterror = 1; } # natpublicIPaddress if ($return['nathostenabled']) { if (!validateIPv4addr($return['natpublicIPaddress'])) { $return['error'] = 1; $errormsg[] = "Invalid NAT Public IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)"; $nathosterror = 1; } # natinternalIPaddress if (!validateIPv4addr($return['natinternalIPaddress'])) { $return['error'] = 1; $errormsg[] = "Invalid NAT Internal IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)"; $nathosterror = 1; } } # nat host change - check for active reservations if (!$nathosterror && $return['mode'] == 'edit') { if ($olddata['nathostenabled'] != $return['nathostenabled'] || $olddata['natpublicIPaddress'] != $return['natpublicIPaddress'] || $olddata['natinternalIPaddress'] != $return['natinternalIPaddress']) { $vclreloadid = getUserlistID('vclreload@Local'); $query = "SELECT rq.id " . "FROM request rq, " . "reservation rs, " . "nathostcomputermap nhcm, " . "nathost nh " . "WHERE rs.requestid = rq.id AND " . "rs.computerid = nhcm.computerid AND " . "nhcm.nathostid = nh.id AND " . "nh.resourceid = {$olddata['resourceid']} AND " . "rq.start <= NOW() AND " . "rq.end > NOW() AND " . "rq.stateid NOT IN (1,5,11,12) AND " . "rq.laststateid NOT IN (1,5,11,12) AND " . "rq.userid != {$vclreloadid}"; $qh = doQuery($query); if (mysql_num_rows($qh)) { $return['error'] = 1; $errormsg[] = "This management node is the NAT host for computers that have active reservations. NAT host<br>settings cannot be changed while providing NAT for active reservations."; } } } if ($return['error']) { $return['errormsg'] = implode('<br>', $errormsg); } return $return; }