function processBlockAllocationInput() { global $user; $return = array(); $method = getContinuationVar('method'); $return['name'] = processInputVar('name', ARG_STRING); $return['owner'] = processInputVar('owner', ARG_STRING); $return['imageid'] = processInputVar('imageid', ARG_NUMERIC); $return['seats'] = processInputVar('seats', ARG_NUMERIC); $return['groupid'] = processInputVar('groupid', ARG_NUMERIC); $override = getContinuationVar('override', 0); $type = processInputVar('type', ARG_STRING); $err = 0; if ($method != 'request' && !preg_match('/^([-a-zA-Z0-9\\. \\(\\)]){3,80}$/', $return['name'])) { $errmsg = i("The name can only contain letters, numbers, spaces, dashes(-), and periods(.) and can be from 3 to 80 characters long"); $err = 1; } $resources = getUserResources(array("imageAdmin", "imageCheckOut")); $resources["image"] = removeNoCheckout($resources["image"]); if (!array_key_exists($return['imageid'], $resources['image'])) { $errmsg = i("The submitted image is invalid."); $err = 1; } if (!$err && $method != 'request' && !validateUserid($return['owner'])) { $errmsg = i("The submitted owner is invalid."); $err = 1; } else { $return['ownerid'] = getUserlistID($return['owner']); } $groups = getUserGroups(0, $user['affiliationid']); $extragroups = getContinuationVar('extragroups'); if (!$err && !array_key_exists($return['groupid'], $groups) && !array_key_exists($return['groupid'], $extragroups) && $return['groupid'] != 0) { $errmsg = i("The submitted user group is invalid."); $err = 1; } if (!$err && $return['groupid'] == 0) { $return['groupid'] = 'NULL'; } if (!$err && ($return['seats'] < MIN_BLOCK_MACHINES || $return['seats'] > MAX_BLOCK_MACHINES)) { $errmsg = sprintf(i("The submitted number of seats must be between %d and %d."), MIN_BLOCK_MACHINES, MAX_BLOCK_MACHINES); $err = 1; } if (!$err) { $imgdata = getImages(0, $return['imageid']); $concur = $imgdata[$return['imageid']]['maxconcurrent']; if (!is_null($concur) && $concur != 0 && $return['seats'] > $concur) { $errmsg = sprintf(i("The selected image can only have %d concurrent reservations. Please reduce the number of requested seats to %d or less."), $concur, $concur); $err = 1; } } $dooverride = 0; # check user group access to image if (($method == 'new' || $method == 'edit') && !$err && !$override) { $groupresources = getUserResources(array("imageAdmin", "imageCheckOut"), array("available"), 0, 0, 0, $return['groupid']); if (!array_key_exists($return['imageid'], $groupresources['image'])) { $dooverride = 1; $errmsg = i("WARNING - The selected user group does not currently have access to the selected environment. You can submit the Block Allocation again to ignore this warning."); $err = 1; } } if (!$err && $type != 'weekly' && $type != 'monthly' && $type != 'list') { $errmsg = i("You must select one of \"Repeating Weekly\", \"Repeating Monthly\", or \"List of Dates/Times\"."); $err = 1; } if (!$err) { if ($type == 'list') { $slots = processInputVar('slots', ARG_STRING); $return['slots'] = explode(',', $slots); $return['times'] = array(); $lastdate = array('day' => '', 'ts' => 0); foreach ($return['slots'] as $slot) { $tmp = explode('|', $slot); if (count($tmp) != 3) { $errmsg = i("Invalid date/time submitted."); $err = 1; break; } $date = $tmp[0]; if (!$err) { $datets = strtotime($date); if ($method != 'edit' && $datets < time() - SECINDAY) { $errmsg = i("The date must be today or later."); $err = 1; break; } } $return['times'][] = "{$tmp[1]}|{$tmp[2]}"; if ($datets > $lastdate['ts']) { $lastdate['ts'] = $datets; $lastdate['day'] = $date; } } if (!$err) { $expirets = strtotime("{$lastdate['day']} 23:59:59"); $return['expiretime'] = unixToDatetime($expirets); } } if ($type == 'weekly' || $type == 'monthly') { $return['startdate'] = processInputVar('startdate', ARG_NUMERIC); $return['enddate'] = processInputVar('enddate', ARG_NUMERIC); $times = processInputVar('times', ARG_STRING); $return['startts'] = strtotime($return['startdate']); $return['endts'] = strtotime($return['enddate']); if ($return['startts'] > $return['endts']) { $errmsg = i("The Last Date of Usage must be the same or later than the First Date of Usage."); $err = 1; } elseif ($method != 'edit' && $return['startts'] < time() - SECINDAY) { $errmsg = i("The start date must be today or later."); $err = 1; } $expirets = strtotime("{$return['enddate']} 23:59:59"); $return['expiretime'] = unixToDatetime($expirets); $return['times'] = explode(',', $times); } foreach ($return['times'] as $time) { $tmp = explode('|', $time); if (count($tmp) != 2) { $errmsg = i("Invalid start/end time submitted"); $err = 1; break; } $start = explode(':', $tmp[0]); if (count($start) != 2 || !is_numeric($start[0]) || !is_numeric($start[1]) || $start[0] < 0 || $start[0] > 23 || $start[1] < 0 || $start[1] > 59) { $errmsg = i("Invalid start time submitted"); $err = 1; break; } $end = explode(':', $tmp[1]); if (count($end) != 2 || !is_numeric($end[0]) || !is_numeric($end[1]) || $end[0] < 0 || $end[0] > 23 || $end[1] < 0 || $end[1] > 59) { $errmsg = i("Invalid end time submitted"); $err = 1; break; } $start = minuteOfDay($start[0], $start[1]); $end = minuteOfDay($end[0], $end[1]); if ($start >= $end) { $errmsg = i("Each start time must be less than the corresponding end time."); $err = 1; break; } } if ($type == 'weekly') { $validdays = 0; $errmsg = ''; for ($day = $return['startts'], $i = 0; $i < 7, $day < $return['endts'] + SECINDAY; $i++, $day += SECINDAY) { $daynum = date('w', $day); $validdays |= 1 << $daynum; } $days = processInputVar('days', ARG_STRING); $dayscheck = processInputVar('days', ARG_NUMERIC); if ($days == '' && $dayscheck == '0') { $days = 0; } $return['daymask'] = 0; if (!$err) { foreach (explode(',', $days) as $day) { if ($day == '' || $day < 0 || $day > 6) { $errmsg = i("Invalid day submitted."); $err = 1; break; } $return['daymask'] |= 1 << $day; } } if (!$err && ($return['daymask'] & $validdays) == 0) { $errmsg = i("No valid days submitted for the specified date range."); $err = 1; } } if ($type == 'monthly') { $return['weeknum'] = processInputVar('weeknum', ARG_NUMERIC); $return['day'] = processInputVar('day', ARG_NUMERIC); if (!$err && ($return['weeknum'] < 1 || $return['weeknum'] > 5)) { $errmsg = i("Invalid week number submitted."); $err = 1; } if (!$err && ($return['day'] < 1 || $return['day'] > 7)) { $errmsg = i("Invalid day of week submitted."); $err = 1; } $times = getMonthlyBlockTimes('', $return['startts'], $return['endts'], $return['day'], $return['weeknum'], $return['times']); if (!$err && empty($times)) { $errmsg = i("Specified day of month not found in date range."); $err = 1; } } } if ($method == 'request') { $return['comments'] = processInputVar('comments', ARG_STRING); if (get_magic_quotes_gpc()) { $return['comments'] = stripslashes($return['comments']); } if (!$err && preg_match('/[<>]/', $return['comments'])) { $errmsg = i("<>\\'s are not allowed in the comments."); $err = 1; } } if ($err) { print "clearHideConfirmForm();"; print "alert('{$errmsg}');"; $data = array('extragroups' => $extragroups, 'method' => $method); if ($method == 'edit') { $data['blockid'] = getContinuationVar('blockid'); } $cont = addContinuationsEntry('AJblockAllocationSubmit', $data, SECINWEEK, 1, 0); print "dojo.byId('submitcont').value = '{$cont}';"; if ($dooverride) { $data['override'] = 1; $cont = addContinuationsEntry('AJblockAllocationSubmit', $data, SECINWEEK, 1, 0); print "dojo.byId('submitcont2').value = '{$cont}';"; } else { print "dojo.byId('submitcont2').value = '';"; } } $return['type'] = $type; $return['err'] = $err; return $return; }
function processRequestInput() { global $user; $baseaccess = getContinuationVar('baseaccess', 0); $imagingaccess = getContinuationVar('imagingaccess', 0); $serveraccess = getContinuationVar('serveraccess', 0); $openend = getContinuationVar('openend', 0); $nousercheck = getContinuationVar('nousercheck', 0); $return['imaging'] = getContinuationVar('imaging', 0); $maxinitial = getContinuationVar('maxinitial', 0); $noimaging = getContinuationVar('noimaging', array()); $return = array('err' => 0); # type $return['type'] = processInputVar('type', ARG_STRING); if (!preg_match('/^basic|imaging|server$/', $return['type'])) { $return['err'] = 1; $return['errmsg'] = i('Invalid data submitted'); return $return; } if ($return['type'] == 'basic' && !$baseaccess || $return['type'] == 'imaging' && !$imagingaccess || $return['type'] == 'server' && !$serveraccess) { $return['err'] = 1; $return['errmsg'] = i('No access to submitted reservation type'); return $return; } # ending $return['ending'] = processInputVar('ending', ARG_STRING); if (!preg_match('/^indefinite|endat|duration$/', $return['ending'])) { $return['err'] = 1; $return['errmsg'] = i('Invalid data submitted'); return $return; } if ($return['ending'] == 'duration' && !$baseaccess || $return['ending'] == 'indefinite' && !$serveraccess || $return['ending'] == 'endat' && !$openend && !$serveraccess) { $return['err'] = 1; $return['errmsg'] = i('No access to submitted end type'); return $return; } # imageid $return['imageid'] = processInputVar('imageid', ARG_NUMERIC); $resources = getUserResources(array("imageAdmin", "imageCheckOut")); $withnocheckout = $resources['image']; $images = removeNoCheckout($resources["image"]); $extraimages = getServerProfileImages($user['id']); if (!array_key_exists($return['imageid'], $images) && ($return['type'] != 'server' || !array_key_exists($return['imageid'], $extraimages)) && ($return['type'] != 'imaging' || !array_key_exists($return['imageid'], $withnocheckout)) || $return['type'] == 'imaging' && array_key_exists($return['imageid'], $noimaging)) { $return['err'] = 1; $return['errmsg'] = i('No access to submitted environment'); return $return; } # nousercheck $return['nousercheck'] = processInputVar('nousercheck', ARG_NUMERIC); if (!$nousercheck || $return['nousercheck'] != 1) { $return['nousercheck'] = 0; } # revisionid $revids = processInputVar("revisionid", ARG_STRING); $revids = explode(':', $revids); $images = getImages(0, $return['imageid']); $return['revisionids'] = array(); if (array_key_exists('subimages', $images[$return['imageid']])) { $subimages = $images[$return['imageid']]['subimages']; array_unshift($subimages, $return['imageid']); foreach ($subimages as $key => $imgid) { $revisions = getImageRevisions($imgid); if (!array_key_exists($key, $revids) || !is_numeric($revids[$key]) || !array_key_exists($revids[$key], $revisions)) { $revid = getProductionRevisionid($imgid); } else { $revid = $revids[$key]; } if (!array_key_exists($imgid, $return['revisionids'])) { $return['revisionids'][$imgid] = array(); } $return['revisionids'][$imgid][] = $revid; } } elseif ($revids[0] != '' && is_numeric($revids[0])) { $return['revisionids'][$return['imageid']][] = $revids[0]; } else { $return['revisionids'][$return['imageid']][] = getProductionRevisionid($return['imageid']); } # duration if ($return['ending'] == 'duration') { $return['duration'] = processInputVar('duration', ARG_NUMERIC, 0); if ($return['duration'] > $maxinitial) { $return['duration'] = $maxinitial; } } # start/end $return['start'] = processInputVar('start', ARG_NUMERIC); $return['end'] = processInputVar('end', ARG_NUMERIC, 0); $now = time(); if ($return['start'] == 0) { $start = $now; } else { $start = $return['start']; } if ($return['ending'] == 'endat') { $end = $return['end']; } if ($return['ending'] == 'indefinite') { $end = datetimeToUnix('2038-01-01 00:00:00'); } elseif ($return['ending'] == 'duration') { $end = $start + $return['duration'] * 60; } if ($start < $now) { $return['err'] = 1; $return['errmsg'] = i('The submitted start time is in the past.'); return $return; } if ($start + 900 > $end) { $return['err'] = 1; $return['errmsg'] = i('The end time must be at least 15 minutes later than the start time.'); return $return; } $return['ipaddr'] = ''; $return['macaddr'] = ''; # server specific input if ($return['type'] == 'server') { # name $return['name'] = processInputVar('name', ARG_STRING); if (!preg_match('/^([-a-zA-Z0-9_\\. ]){0,255}$/', $return['name'])) { $return['err'] = 1; $return['errmsg'] = i('The reservation name can only contain letters, numbers, spaces, dashes(-), underscores(_), and periods(.) and can be up to 255 characters long'); return $return; } # ipaddr $return['ipaddr'] = processInputVar('ipaddr', ARG_STRING); if ($return['ipaddr'] != '') { # validate fixed IP address if (!validateIPv4addr($return['ipaddr'])) { $return['err'] = 1; $return['errmsg'] = i('Invalid IP address. Must be w.x.y.z with each of w, x, y, and z being between 1 and 255 (inclusive)'); return $return; } # validate netmask $return['netmask'] = processInputVar('netmask', ARG_STRING); $bnetmask = ip2long($return['netmask']); if (!preg_match('/^[1]+0[^1]+$/', sprintf('%032b', $bnetmask))) { $return['err'] = 1; $return['errmsg'] = i('Invalid netmask specified'); return $return; } # validate router $return['router'] = processInputVar('router', ARG_STRING); if (!validateIPv4addr($return['router'])) { $return['err'] = 1; $return['errmsg'] = i('Invalid router address. Must be w.x.y.z with each of w, x, y, and z being between 1 and 255 (inclusive)'); return $return; } $return['network'] = ip2long($return['ipaddr']) & $bnetmask; if ($return['network'] != (ip2long($return['router']) & $bnetmask)) { $return['err'] = 1; $return['errmsg'] = i('IP address and router are not on the same subnet based on the specified netmask.'); return $return; } # validate dns server(s) $dns = processInputVar('dns', ARG_STRING); $tmp = explode(',', $dns); $cnt = 0; $return['dnsArr'] = array(); foreach ($tmp as $dnsaddr) { if ($cnt && $dnsaddr == '') { continue; } if ($cnt == 3) { $return['err'] = 1; $return['errmsg'] = i('Too many DNS servers specified - up to 3 are allowed.'); return $return; } if (!validateIPv4addr($dnsaddr)) { $return['err'] = 1; $return['errmsg'] = i('Invalid DNS server specified.'); return $return; } $return['dnsArr'][] = $dnsaddr; $cnt++; } # check that a management node can handle the network $mappedmns = getMnsFromImage($return['imageid']); $mnnets = checkAvailableNetworks($return['ipaddr']); $intersect = array_intersect($mappedmns, $mnnets); if (empty($intersect)) { $return['err'] = 1; $return['errmsg'] = i('There are no management nodes that can deploy the selected image with the specified IP address.'); return $return; } } # macaddr $return['macaddr'] = processInputVar('macaddr', ARG_STRING); if ($return['macaddr'] != '' && !preg_match('/^(([A-Fa-f0-9]){2}:){5}([A-Fa-f0-9]){2}$/', $return['macaddr'])) { $return['err'] = 1; $return['errmsg'] = i('Invalid MAC address. Must be XX:XX:XX:XX:XX:XX with each pair of XX being from 00 to FF (inclusive)'); return $return; } # profileid $return['profileid'] = processInputVar('profileid', ARG_NUMERIC, 0); $resources = getUserResources(array("serverCheckOut", "serverProfileAdmin"), array("available", "administer")); if (!array_key_exists($return['profileid'], $resources['serverprofile'])) { $return['profileid'] = 0; } elseif ($return['profileid'] != 0) { $tmp = getServerProfiles($return['profileid']); $tmp = $tmp[$return['profileid']]; if ($tmp['imageid'] != $return['imageid'] && ($tmp['fixedIP'] != $return['ipaddr'] && $tmp['fixedMAC'] != $return['macaddr'] || $tmp['fixedIP'] == $return['ipaddr'] && $return['ipaddr'] == '' && $tmp['fixedMAC'] == $return['macaddr'] && $return['macaddr'] == '')) { $return['profileid'] = 0; } } # admingroupid $usergroups = getUserGroups(); $return['admingroupid'] = processInputVar('admingroupid', ARG_NUMERIC); if ($return['admingroupid'] != 0 && !array_key_exists($return['admingroupid'], $usergroups)) { $return['err'] = 1; $return['errmsg'] = i('You do not have access to use the specified admin user group.'); return $return; } # logingroupid $return['logingroupid'] = processInputVar('logingroupid', ARG_NUMERIC); if ($return['logingroupid'] != 0 && !array_key_exists($return['logingroupid'], $usergroups)) { $return['err'] = 1; $return['errmsg'] = i('You do not have access to use the specified access user group.'); return $return; } # monitored $return['monitored'] = processInputVar('monitored', ARG_NUMERIC, 0); if ($return['monitored'] != 0 && $return['monitored'] != 1) { $return['monitored'] = 0; } # configs # TODO configs /*$tmp = getUserResources(array("configAdmin")); $userconfigs = $tmp['config']; $initconfigs = getMappedConfigs($return['imageid']); if(array_key_exists('configdata', $_POST)) { if(get_magic_quotes_gpc()) $_POST['configdata'] = stripslashes($_POST['configdata']); $configdata = json_decode($_POST['configdata']); } if(array_key_exists('configdata', $_POST) && isset($configdata->configs)) $configs = $configdata->configs; else $configs = (object)array(); $return['configs'] = array(); foreach($initconfigs as $id => $config) { if(isset($configs->{$id}) && isset($configs->{$id}->applied) && $configs->{$config['id']}->applied != 'true' && $configs->{$config['id']}->applied != 'false') unset($configs->{$config['id']}); if($config['optional'] && (! isset($configs->{$id}) || ! $configs->{$id}->applied)) continue; $return['configs'][$id] = array('configid' => $config['configid'], 'configmapid' => $config['configmapid'], 'imageid' => $config['subimageid']); if(isset($configs->{$id})) unset($configs->{$id}); } $rescfgmapids = array(); foreach($configs as $id => $config) { if(! array_key_exists($config->configid, $userconfigs)) continue; $return['configs'][$id] = array('configid' => $config->configid, 'configstageid' => $config->configstageid, 'imageid' => $config->imageid); $tmp = explode('/', $id); $rescfgmapids[$tmp[1]] = 1; } # configvars $tmp = array_splice($initconfigs, 0); $initconfigvars = getImageConfigVariables($tmp); if(array_key_exists('configdata', $_POST) && isset($configdata->configvars)) $configvars = $configdata->configvars; else $configvars = (object)array(); #print "/*"; #printArray($initconfigvars); #printArray($configvars); #print "*" . "/"; $return['configvars'] = array(); foreach($initconfigvars as $id => $configvar) { $tmp = explode('/', $id); $cfgid = "{$tmp[0]}/{$tmp[1]}"; $varid = $tmp[2]; if($configvar['ask'] == 0 || ! isset($configvars->{$id}) || ! isset($configvars->{$id}->value)) { $return['configvars'][$cfgid][$varid] = array('value' => $configvar['defaultvalue']); } else { switch($configvar['datatype']) { case 'bool': case 'int': case 'float': $value = processInputData($configvars->{$id}->value, ARG_NUMERIC); break; default: $value = processInputData($configvars->{$id}->value, ARG_STRING); break; } $return['configvars'][$cfgid][$varid] = array('value' => $value); } if(isset($configvars->{$id})) unset($configvars->{$id}); }*/ /*print "/*"; printArray($rescfgmapids); foreach($configvars as $id => $var) { $cfgid = explode('/', $id); print "cfgid: {$cfgid[1]}\n"; if(! array_key_exists($cfgid[1], $rescfgmapids)) continue; // TODO validate based on var type $value = processInputData($configvars->{$id}->value, ARG_STRING); $return['configvars']["{$cfgid[0]}/{$cfgid[1]}"][$cfgid[2]] = array('value' => $value); } printArray($configvars);*/ #print "*/"; } return $return; }
function processBlockRequestInput($checks = 1) { global $submitErr, $submitErrMsg, $mode, $user, $days; $return = array(); $return['blockname'] = getContinuationVar("blockname", processInputVar("blockname", ARG_STRING)); $return['imageid'] = getContinuationVar("imageid", processInputVar("imageid", ARG_NUMERIC)); $return['machinecnt'] = getContinuationVar("machinecnt", processInputVar("machinecnt", ARG_NUMERIC, 0)); $return['swhour'] = getContinuationVar("swhour", processInputVar("swhour", ARG_MULTINUMERIC)); $return['swminute'] = getContinuationVar("swminute", processInputVar("swminute", ARG_MULTINUMERIC)); $return['swmeridian'] = getContinuationVar("swmeridian", processInputVar("swmeridian", ARG_MULTISTRING)); $return['ewhour'] = getContinuationVar("ewhour", processInputVar("ewhour", ARG_MULTINUMERIC)); $return['ewminute'] = getContinuationVar("ewminute", processInputVar("ewminute", ARG_MULTINUMERIC)); $return['ewmeridian'] = getContinuationVar("ewmeridian", processInputVar("ewmeridian", ARG_MULTISTRING)); $return['smhour'] = getContinuationVar("smhour", processInputVar("smhour", ARG_MULTINUMERIC)); $return['smminute'] = getContinuationVar("smminute", processInputVar("smminute", ARG_MULTINUMERIC)); $return['smmeridian'] = getContinuationVar("smmeridian", processInputVar("smmeridian", ARG_MULTISTRING)); $return['emhour'] = getContinuationVar("emhour", processInputVar("emhour", ARG_MULTINUMERIC)); $return['emminute'] = getContinuationVar("emminute", processInputVar("emminute", ARG_MULTINUMERIC)); $return['emmeridian'] = getContinuationVar("emmeridian", processInputVar("emmeridian", ARG_MULTISTRING)); $return['slhour'] = getContinuationVar("slhour", processInputVar("slhour", ARG_MULTINUMERIC)); $return['slminute'] = getContinuationVar("slminute", processInputVar("slminute", ARG_MULTINUMERIC)); $return['slmeridian'] = getContinuationVar("slmeridian", processInputVar("slmeridian", ARG_MULTISTRING)); $return['elhour'] = getContinuationVar("elhour", processInputVar("elhour", ARG_MULTINUMERIC)); $return['elminute'] = getContinuationVar("elminute", processInputVar("elminute", ARG_MULTINUMERIC)); $return['elmeridian'] = getContinuationVar("elmeridian", processInputVar("elmeridian", ARG_MULTISTRING)); $return['weeknum'] = getContinuationVar("weeknum", processInputVar("weeknum", ARG_NUMERIC)); $return['day'] = getContinuationVar("day", processInputVar("day", ARG_NUMERIC)); $return['date'] = getContinuationVar("date", processInputVar("date", ARG_MULTISTRING)); $return['available'] = getContinuationVar("available", processInputVar("available", ARG_STRING, 'weekly')); $return['usergroupid'] = getContinuationVar("usergroupid", processInputVar("usergroupid", ARG_NUMERIC)); $return['admingroupid'] = getContinuationVar("admingroupid", processInputVar("admingroupid", ARG_NUMERIC)); $return['swdate'] = getContinuationVar("swdate", processInputVar("swdate", ARG_STRING)); $return['ewdate'] = getContinuationVar("ewdate", processInputVar("ewdate", ARG_STRING)); $return['smdate'] = getContinuationVar("smdate", processInputVar("smdate", ARG_STRING)); $return['emdate'] = getContinuationVar("emdate", processInputVar("emdate", ARG_STRING)); $return['wdays'] = getContinuationVar("wdays", processInputVar("wdays", ARG_MULTISTRING)); $return['state'] = getContinuationVar("state", 0); $return['blockRequestid'] = getContinuationVar("blockRequestid", processInputVar("blockRequestid", ARG_NUMERIC)); $return['wdayschecked'] = array(); foreach ($days as $day) { if (in_array($day, $return['wdays'])) { $return['wdayschecked'][$day] = 'checked'; } else { $return['wdayschecked'][$day] = ''; } } if (!$checks) { return $return; } if (!preg_match('/^([-a-zA-Z0-9\\. ]){3,80}$/', $return["blockname"])) { $submitErr |= BLOCKNAMEERR; $submitErrMsg[BLOCKNAMEERR] = "Name can only contain letters, numbers, spaces, dashes(-),<br>and periods(.) and can be from 3 to 80 characters long"; } $resources = getUserResources(array("imageAdmin", "imageCheckOut")); $resources["image"] = removeNoCheckout($resources["image"]); if (!in_array($return['imageid'], array_keys($resources['image']))) { $submitErr |= IMAGEIDERR; $submitErrMsg[IMAGEIDERR] = "The submitted image is invalid."; } if ($return['machinecnt'] < MIN_BLOCK_MACHINES) { $submitErr |= BLOCKCNTERR; $submitErrMsg[BLOCKCNTERR] = "You must request at least " . MIN_BLOCK_MACHINES . " machines"; } elseif ($return['machinecnt'] > MAX_BLOCK_MACHINES) { $submitErr |= BLOCKCNTERR; $submitErrMsg[BLOCKCNTERR] = "You cannot request more than " . MAX_BLOCK_MACHINES . " machines"; } // FIXME should we limit the course groups that show up? $groups = getUserGroups(); if (!array_key_exists($return['usergroupid'], $groups)) { $submitErr |= USERGROUPIDERR; $submitErrMsg[USERGROUPIDERR] = "The submitted user group is invalid."; } if (!array_key_exists($return['admingroupid'], $groups) && $return['admingroupid'] != 0) { $submitErr |= ADMINGROUPIDERR; $submitErrMsg[ADMINGROUPIDERR] = "The submitted user group is invalid."; } if ($return['available'] == 'weekly') { $keys = array('1' => 'swhour', '2' => 'ewhour', '3' => 'swminute', '4' => 'ewminute', '5' => 'swmeridian', '6' => 'ewmeridian', '7' => 'swdate', '8' => 'ewdate'); // check days of week foreach ($return['wdays'] as $index => $day) { if (!in_array($day, $days)) { unset($return['wdays'][$index]); } } /*foreach($days as $day) { if(in_array($day, $return['wdays'])) $return['wdayschecked'][$day] = 'checked'; }*/ if (!count($return['wdays'])) { $submitErr |= STARTDAYERR; $submitErrMsg[STARTDAYERR] = "You must select at least one day of the week"; } } elseif ($return['available'] == 'monthly') { $keys = array('1' => 'smhour', '2' => 'emhour', '3' => 'smminute', '4' => 'emminute', '5' => 'smmeridian', '6' => 'emmeridian', '7' => 'smdate', '8' => 'emdate'); // check weeknum if ($return['weeknum'] < 1 || $return['weeknum'] > 5) { $submitErr |= WEEKNUMERR; $submitErrMsg[WEEKNUMERR] = "Invalid week of the month submitted"; } // check day if ($return['day'] < 1 || $return['day'] > 7) { $submitErr |= DAYERR; $submitErrMsg[DAYERR] = "Invalid day of the week submitted"; } } elseif ($return['available'] == 'list') { $keys = array('1' => 'slhour', '2' => 'elhour', '3' => 'slminute', '4' => 'elminute', '5' => 'slmeridian', '6' => 'elmeridian'); } // check each timeslot for ($i = 0; $i < 4; $i++) { $submitErrMsg[STARTHOURERR][$i] = ""; $submitErrMsg[ENDHOURERR][$i] = ""; // start hour if ($return[$keys[1]][$i] < 1 || $return[$keys[1]][$i] > 12) { $submitErr |= STARTHOURERR; $submitErrMsg[STARTHOURERR][$i] = "The start hour must be between 1 and 12."; } // end hour if ($return[$keys[2]][$i] < 1 || $return[$keys[2]][$i] > 12) { $submitErr |= ENDHOURERR; $submitErrMsg[ENDHOURERR][$i] = " The end hour must be between 1 and 12."; } // start minute if ($return[$keys[3]][$i] < 0 || $return[$keys[3]][$i] > 59) { $submitErr |= STARTHOURERR; // we reuse STARTHOURERR here, it overwrites the last one, but oh well $submitErrMsg[STARTHOURERR][$i] = "The start minute must be between 0 and 59."; } // end minute if ($return[$keys[4]][$i] < 0 || $return[$keys[4]][$i] > 59) { $submitErr |= ENDHOURERR; $submitErrMsg[ENDHOURERR][$i] = " The end minute must be between 0 and 59."; } // start meridian if ($return[$keys[5]][$i] != 'am' && $return[$keys[5]][$i] != 'pm') { $return[$keys[5]][$i] = 'pm'; // just set it to one of them } // end meridian if ($return[$keys[6]][$i] != 'am' && $return[$keys[6]][$i] != 'pm') { $return[$keys[6]][$i] = 'am'; // just set it to one of them } // check that start is before end $return['stime'][$i] = minuteOfDay2("{$return[$keys[1]][$i]}:{$return[$keys[3]][$i]} {$return[$keys[5]][$i]}"); $return['etime'][$i] = minuteOfDay2("{$return[$keys[2]][$i]}:{$return[$keys[4]][$i]} {$return[$keys[6]][$i]}"); if ($return['stime'][$i] > $return['etime'][$i]) { $submitErr |= STARTHOURERR; // we reuse STARTHOURERR here, it overwrites the last one, but oh well $submitErrMsg[STARTHOURERR][$i] = "The start time must be before the end time (or be equal to ignore this slot)"; } } if ($return['available'] == 'weekly' || $return['available'] == 'monthly') { // check that timeslots do not overlap if (!($submitErr & STARTHOURERR) && !($submitErr & ENDHOURERR)) { for ($i = 0; $i < 4; $i++) { for ($j = $i + 1; $j < 4; $j++) { if ($return['etime'][$i] > $return['stime'][$j] && $return['stime'][$i] < $return['etime'][$j]) { $submitErr |= STARTHOURERR; $submitErrMsg[STARTHOURERR][$i] = "This timeslot overlaps with Slot" . ($j + 1); } } } } // check that start date is valid $startarr = split('/', $return[$keys[7]]); if (!preg_match('/^((\\d){1,2})\\/((\\d){1,2})\\/(\\d){2}$/', $return[$keys[7]])) { $submitErr |= STARTDATEERR; $submitErrMsg[STARTDATEERR] = "The start date must be in the form mm/dd/yy."; } elseif (!checkdate($startarr[0], $startarr[1], $startarr[2])) { $submitErr |= STARTDATEERR; $submitErrMsg[STARTDATEERR] = "This is an invalid date."; } elseif (datetimeToUnix("{$startarr[2]}-{$startarr[0]}-{$startarr[1]} 23:59:59") < time()) { $submitErr |= STARTDATEERR; $submitErrMsg[STARTDATEERR] = "The start date must be today or later."; } // check that end date is valid $endarr = split('/', $return[$keys[8]]); if (!preg_match('/^((\\d){1,2})\\/((\\d){1,2})\\/(\\d){2}$/', $return[$keys[8]])) { $submitErr |= ENDDATEERR; $submitErrMsg[ENDDATEERR] = "The end date must be in the form mm/dd/yy."; } elseif (!checkdate($endarr[0], $endarr[1], $endarr[2])) { $submitErr |= ENDDATEERR; $submitErrMsg[ENDDATEERR] = "This is an invalid date."; } elseif (datetimeToUnix("{$startarr[2]}-{$startarr[0]}-{$startarr[1]} 00:00:00") > datetimeToUnix("{$endarr[2]}-{$endarr[0]}-{$endarr[1]} 00:00:00")) { $submitErr |= ENDDATEERR; $submitErrMsg[ENDDATEERR] = "The end date must be later than the start date."; } } elseif ($return['available'] == 'list') { if (!($submitErr & STARTHOURERR) && !($submitErr & ENDHOURERR)) { // check date[1-n] for ($i = 0; $i < 4; $i++) { $submitErrMsg[STARTDATEERR][$i] = ""; if ($return['stime'][$i] == $return['etime'][$i]) { continue; } $submitErrMsg[STARTDATEERR][$i] = ""; $datearr = split('/', $return['date'][$i]); if (!preg_match('/^((\\d){1,2})\\/((\\d){1,2})\\/(\\d){2}$/', $return['date'][$i])) { $submitErr |= STARTDATEERR; $submitErrMsg[STARTDATEERR][$i] = "The date must be in the form mm/dd/yy."; } elseif (!checkdate($datearr[0], $datearr[1], $datearr[2])) { $submitErr |= STARTDATEERR; $submitErrMsg[STARTDATEERR][$i] = "Invalid date submitted."; } elseif (datetimeToUnix("{$datearr[2]}-{$datearr[0]}-{$datearr[1]} 23:59:59") < time()) { $submitErr |= STARTDATEERR; $submitErrMsg[STARTDATEERR][$i] = "The date must be today or later."; } } } } if (0) { # FIXME $submitErr |= AVAILABLEERR; $submitErrMsg[AVAILABLEERR] = "The submitted availability selection is invalid."; } return $return; }
function XMLRPCgetImages() { $resources = getUserResources(array("imageAdmin", "imageCheckOut")); $resources["image"] = removeNoCheckout($resources["image"]); $return = array(); foreach ($resources['image'] as $key => $val) { $tmp = array('id' => $key, 'name' => $val); array_push($return, $tmp); } return $return; }
function processProfileInput() { global $user; $ret = array(); $ret['profileid'] = processInputVar('id', ARG_NUMERIC); $ret['name'] = processInputVar('name', ARG_STRING); $ret['desc'] = processInputVar('desc', ARG_STRING); $ret['imageid'] = processInputVar('imageid', ARG_NUMERIC); $ret['fixedMAC'] = processInputVar('fixedMAC', ARG_STRING); $ret['admingroupid'] = processInputVar('admingroupid', ARG_NUMERIC); $ret['logingroupid'] = processInputVar('logingroupid', ARG_NUMERIC); $monitored = processInputVar('monitored', ARG_STRING); $ret['fixedIP'] = processInputVar('fixedIP', ARG_STRING); $ret['netmask'] = processInputVar('netmask', ARG_STRING); $ret['router'] = processInputVar('router', ARG_STRING); $ret['dns'] = processInputVar('dns', ARG_STRING); $ret['dnsArr'] = array(); $err = array(); # validate access to this profile $resources = getUserResources(array("serverProfileAdmin"), array("administer")); if ($ret['profileid'] != 70000 && !array_key_exists($ret['profileid'], $resources['serverprofile'])) { $err['msg'] = "You do not have access to administer this server profile."; $err['field'] = 'profileid'; $err['error'] = 1; return $err; } if (!preg_match('/^([-a-zA-Z0-9_\\. ]){3,255}$/', $ret['name'])) { $err['msg'] = "The name can only contain letters, numbers, spaces, dashes(-), " . "underscores(_), and periods(.) and can be from 3 to 255 characters long"; $err['field'] = 'name'; $err['error'] = 1; return $err; } if (!preg_match("/^([-a-zA-Z0-9\\. ,;:@#&\\(\\)_+\\/?\n]){0,1000}\$/", $ret['desc'])) { $err['msg'] = "The description can only contain letters, numbers, spaces, and " . "these characters: - , ; . : @ # & ( ) _ + / ? and can be from " . "3 to 1000 characters long"; $err['field'] = 'desc'; $err['error'] = 1; return $err; } $resources = getUserResources(array("imageAdmin", "imageCheckOut")); $images = removeNoCheckout($resources['image']); if (!array_key_exists($ret['imageid'], $images)) { $err['msg'] = "Invalid image selected"; $err['field'] = 'imageid'; $err['error'] = 1; return $err; } $addrArr = explode('.', $ret['fixedIP']); if ($ret['fixedIP'] == '') { $ret['fixedIP'] = 'NULL'; } elseif (!validateIPv4addr($ret['fixedIP'])) { $err['msg'] = "Invalid value for Fixed IP Address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)"; $err['field'] = 'fixedIP'; $err['error'] = 1; return $err; } elseif (!preg_match('/^[1]+0[^1]+$/', sprintf('%032b', ip2long($ret['netmask'])))) { $err['msg'] = "Invalid netmask specified"; $err['field'] = 'netmask'; $err['error'] = 1; return $err; } elseif (!validateIPv4addr($ret['router'])) { $err['msg'] = "Invalid value for Router. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)"; $err['field'] = 'router'; $err['error'] = 1; return $err; } elseif ((ip2long($ret['fixedIP']) & ip2long($ret['netmask'])) != (ip2long($ret['router']) & ip2long($ret['netmask']))) { $err['msg'] = "IP address and router are not on the same subnet " . "based on the specified netmask."; $err['field'] = 'router'; $err['error'] = 1; return $err; } if ($ret['fixedIP'] != 'NULL') { $tmp = explode(',', $ret['dns']); $cnt = 0; foreach ($tmp as $dnsaddr) { if ($cnt && $dnsaddr == '') { continue; } if ($cnt == 3) { $err['msg'] = "Too many DNS servers specified - up to 3 are allowed."; $err['field'] = 'dns'; $err['error'] = 1; return $err; } if (!validateIPv4addr($dnsaddr)) { $err['msg'] = "Invalid DNS server specified"; $err['field'] = 'dns'; $err['error'] = 1; return $err; } $ret['dnsArr'][] = $dnsaddr; $cnt++; } } if ($ret['fixedMAC'] == '') { $ret['fixedMAC'] = 'NULL'; } elseif (!preg_match('/^(([A-Fa-f0-9]){2}:){5}([A-Fa-f0-9]){2}$/', $ret['fixedMAC'])) { $err['msg'] = "Invalid MAC address. Must be XX:XX:XX:XX:XX:XX with each pair of " . "XX being from 00 to FF (inclusive)"; $err['field'] = 'fixedMAC'; $err['error'] = 1; return $err; } $usergroups = getUserGroups(); /*$usergroups = getUserEditGroups($user['id']); $extraadmingroups = getServerProfileGroups($user['id'], 'admin');*/ if ($ret['admingroupid'] == 0) { $ret['admingroupid'] = 'NULL'; } elseif (!array_key_exists($ret['admingroupid'], $usergroups)) { $err['msg'] = "Invalid Admin User Group selected"; $err['field'] = 'admingroupid'; $err['error'] = 1; return $err; } #$extralogingroups = getServerProfileGroups($user['id'], 'login'); if ($ret['logingroupid'] == 0) { $ret['logingroupid'] = 'NULL'; } elseif (!array_key_exists($ret['logingroupid'], $usergroups)) { $err['msg'] = "Invalid Access User Group selected"; $err['field'] = 'logingroupid'; $err['error'] = 1; return $err; } if (!preg_match('/^(false|on)$/', $monitored)) { $err['msg'] = "Invalid value submitted for Monitored"; $err['field'] = 'monitored'; $err['error'] = 1; return $err; } if ($monitored == 'on') { $ret['monitored'] = 1; } else { $ret['monitored'] = 0; } return $ret; }
function XMLRPCblockAllocation($imageid, $start, $end, $numMachines, $usergroupid, $ignoreprivileges = 0) { global $user, $xmlrpcBlockAPIUsers; if (!in_array($user['id'], $xmlrpcBlockAPIUsers)) { return array('status' => 'error', 'errorcode' => 34, 'errormsg' => 'access denied for managing block allocations'); } # valid $imageid $resources = getUserResources(array("imageAdmin", "imageCheckOut")); $resources["image"] = removeNoCheckout($resources["image"]); if (!array_key_exists($imageid, $resources['image'])) { return array('status' => 'error', 'errorcode' => 3, 'errormsg' => "access denied to {$imageid}"); } # validate $start and $end $dtreg = '([0-9]{4})-([0-9]{2})-([0-9]{2}) ([0-9]{2}):([0-9]{2}):([0-9]{2})'; $startts = datetimeToUnix($start); $endts = datetimeToUnix($end); $maxend = datetimeToUnix("2038-01-01 00:00:00"); if (!preg_match("/^{$dtreg}\$/", $start) || $startts < 0 || $startts > $maxend) { return array('status' => 'error', 'errorcode' => 4, 'errormsg' => "received invalid input for start"); } if (!preg_match("/^{$dtreg}\$/", $end) || $endts < 0 || $endts > $maxend) { return array('status' => 'error', 'errorcode' => 36, 'errormsg' => "received invalid input for end"); } # validate $numMachines if (!is_numeric($numMachines) || $numMachines < MIN_BLOCK_MACHINES || $numMachines > MAX_BLOCK_MACHINES) { return array('status' => 'error', 'errorcode' => 64, 'errormsg' => 'The submitted number of seats must be between ' . MIN_BLOCK_MACHINES . ' and ' . MAX_BLOCK_MACHINES . '.'); } # validate $usergroupid $groups = getUserGroups(); if (!array_key_exists($usergroupid, $groups)) { return array('status' => 'error', 'errorcode' => 67, 'errormsg' => 'Submitted user group does not exist'); } # validate ignoreprivileges if (!is_numeric($ignoreprivileges) || $ignoreprivileges < 0 || $ignoreprivileges > 1) { return array('status' => 'error', 'errorcode' => 86, 'errormsg' => 'ignoreprivileges must be 0 or 1'); } $ownerid = getUserlistID('vclreload@Local'); $name = "API:{$start}"; $managementnodes = getManagementNodes('future'); if (empty($managementnodes)) { return array('status' => 'error', 'errorcode' => 12, 'errormsg' => 'could not allocate a management node to handle block allocation'); } $mnid = array_rand($managementnodes); $query = "INSERT INTO blockRequest " . "(name, " . "imageid, " . "numMachines, " . "groupid, " . "repeating, " . "ownerid, " . "managementnodeid, " . "expireTime, " . "status) " . "VALUES " . "('{$name}', " . "{$imageid}, " . "{$numMachines}, " . "{$usergroupid}, " . "'list', " . "{$ownerid}, " . "{$mnid}, " . "'{$end}', " . "'accepted')"; doQuery($query, 101); $brid = dbLastInsertID(); $query = "INSERT INTO blockTimes " . "(blockRequestid, " . "start, " . "end) " . "VALUES " . "({$brid}, " . "'{$start}', " . "'{$end}')"; doQuery($query, 101); $btid = dbLastInsertID(); $query = "INSERT INTO blockWebDate " . "(blockRequestid, " . "start, " . "end, " . "days) " . "VALUES " . "({$brid}, " . "'{$start}', " . "'{$end}', " . "0)"; doQuery($query); $sh = date('g', $startts); $smi = date('i', $startts); $sme = date('a', $startts); $eh = date('g', $startts); $emi = date('i', $startts); $eme = date('a', $startts); $query = "INSERT INTO blockWebTime " . "(blockRequestid, " . "starthour, " . "startminute, " . "startmeridian, " . "endhour, " . "endminute, " . "endmeridian, " . "`order`) " . "VALUES " . "({$brid}, " . "{$sh}," . "{$smi}," . "'{$sme}'," . "{$eh}," . "{$emi}," . "'{$eme}'," . "0)"; doQuery($query); $return = XMLRPCprocessBlockTime($btid, $ignoreprivileges); $return['blockTimesid'] = $btid; return $return; }