function checkExpiredDemoUser($userid, $groups = 0)
{
global $mode, $skin, $noHTMLwrappers;
if ($groups == 0) {
$groups = getUsersGroups($userid, 1);
}
if (count($groups) != 1) {
return;
}
$tmp = array_values($groups);
if ($tmp[0] != 'demo') {
return;
}
$query = "SELECT start " . "FROM log " . "WHERE userid = {$userid} " . "AND finalend < NOW() " . "ORDER BY start " . "LIMIT 3";
$qh = doQuery($query, 101);
$expire = time() - SECINDAY * 3;
$rows = mysql_num_rows($qh);
if ($row = mysql_fetch_assoc($qh)) {
if ($rows >= 3 || datetimeToUnix($row['start']) < $expire) {
if (in_array($mode, $noHTMLwrappers)) {
# do a redirect and handle removal on next page load so user can
# be notified - doesn't always work, but handles a few extra
# cases
header("Location: " . BASEURL . SCRIPT);
} else {
$nodemoid = getUserGroupID('nodemo', getAffiliationID('ITECS'));
$query = "DELETE FROM usergroupmembers " . "WHERE userid = {$userid}";
# because updateGroups doesn't
# delete from custom groups
doQuery($query, 101);
updateGroups(array($nodemoid), $userid);
checkUpdateServerRequestGroups($groupid);
if (empty($skin)) {
$skin = 'default';
require_once "themes/{$skin}/page.php";
}
$mode = 'expiredemouser';
printHTMLHeader();
print "<h2>Account Expired</h2>\n";
print "The account you are using is a demo account that has now expired. ";
print "You cannot make any more reservations. Please contact <a href=\"";
print "mailto:" . HELPEMAIL . "\">" . HELPEMAIL . "</a> if you need ";
print "further access to VCL.<br>\n";
}
cleanSemaphore();
# probably not needed but ensures we do not leave stale entries
printHTMLFooter();
dbDisconnect();
exit;
}
}
}
function updateEXAMPLE1Groups($user)
{
global $authMechs;
$auth = $authMechs['EXAMPLE1 LDAP'];
$ds = ldap_connect("ldaps://{$auth['server']}/");
if (!$ds) {
return 0;
}
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
$res = ldap_bind($ds, $auth['masterlogin'], $auth['masterpwd']);
if (!$res) {
return 0;
}
$search = ldap_search($ds, $auth['binddn'], "{$auth['unityid']}={$user['unityid']}", array('memberof'), 0, 10, 15);
if (!$search) {
return 0;
}
$data = ldap_get_entries($ds, $search);
$newusergroups = array();
if (!array_key_exists('memberof', $data[0])) {
return;
}
for ($i = 0; $i < $data[0]['memberof']['count']; $i++) {
if (preg_match('/^CN=(.+),OU=CourseRolls,DC=example1,DC=com/', $data[0]['memberof'][$i], $match) || preg_match('/^CN=(Students_Enrolled),OU=Students,DC=example1,DC=com$/', $data[0]['memberof'][$i], $match) || preg_match('/^CN=(Staff),OU=IT,DC=example1,DC=com$/', $data[0]['memberof'][$i], $match)) {
array_push($newusergroups, getUserGroupID($match[1], $user['affiliationid']));
}
}
$newusergroups = array_unique($newusergroups);
updateGroups($newusergroups, $user["id"]);
}
break;
case 'edit':
formFiles(1);
break;
case 'save':
saveFiles();
break;
case 'saveedit':
saveFiles(1);
break;
case 'savegroup':
saveGroups();
break;
case 'saveeditgr':
saveGroups(1);
break;
case 'updategroup':
updateGroups(1);
break;
case 'delete':
deleteFiles();
break;
case 'deletegroup':
deleteGroups();
break;
case 'default':
defaultFile();
break;
default:
showFiles();
}
function updateShibGroups($usernid, $groups)
{
$groups = explode(';', $groups);
$newusergroups = array();
foreach ($groups as $group) {
# make sure $group contains non-whitespace
if (!preg_match('/\\w/', $group)) {
continue;
}
list($name, $shibaffil) = explode('@', $group);
# get id for the group's affiliation
$query = "SELECT id FROM affiliation WHERE shibname = '{$shibaffil}'";
$qh = doQuery($query, 101);
$row = mysql_fetch_assoc($qh);
$affilid = $row['id'];
# prepend shib- and escape it for mysql
$grp = mysql_escape_string("shib-" . $name);
array_push($newusergroups, getUserGroupID($grp, $affilid));
}
$newusergroups = array_unique($newusergroups);
if (!empty($newusergroups)) {
updateGroups($newusergroups, $usernid);
}
}
function updateITECSUser($userid)
{
global $ENABLE_ITECSAUTH;
if (!$ENABLE_ITECSAUTH) {
return NULL;
}
$query = "SELECT id AS uid, " . "first, " . "last, " . "email, " . "created " . "FROM user " . "WHERE email = '{$userid}'";
$qh = doQuery($query, 101, "accounts");
if (!($userData = mysql_fetch_assoc($qh))) {
return NULL;
}
$now = unixToDatetime(time());
// select desired data from db
$query = "SELECT i.name AS IMtype, " . "u.IMid AS IMid, " . "u.affiliationid, " . "af.name AS affiliation, " . "a.name AS adminlevel, " . "a.id AS adminlevelid, " . "u.preferredname AS preferredname, " . "u.uid AS uid, " . "u.id AS id, " . "u.width AS width, " . "u.height AS height, " . "u.bpp AS bpp, " . "u.audiomode AS audiomode, " . "u.mapdrives AS mapdrives, " . "u.mapprinters AS mapprinters, " . "u.mapserial AS mapserial, " . "u.showallgroups " . "FROM user u, " . "IMtype i, " . "affiliation af, " . "adminlevel a " . "WHERE u.IMtypeid = i.id AND " . "u.adminlevelid = a.id AND " . "u.affiliationid = af.id AND " . "u.uid = " . $userData["uid"];
$qh = doQuery($query, 255);
// if get a row
// update db
// update results from select
$esc_userid = mysql_escape_string($userid);
$first = mysql_escape_string($userData['first']);
$last = mysql_escape_string($userData['last']);
$email = mysql_escape_string($userData['email']);
if ($user = mysql_fetch_assoc($qh)) {
$user["unityid"] = $userid;
$user["firstname"] = $userData['first'];
$user["lastname"] = $userData["last"];
$user["email"] = $userData["email"];
$user["lastupdated"] = $now;
$query = "UPDATE user " . "SET unityid = '{$esc_userid}', " . "firstname = '{$first}', " . "lastname = '{$last}', " . "email = '{$email}', " . "lastupdated = '{$now}' " . "WHERE uid = " . $userData["uid"];
doQuery($query, 256, 'vcl', 1);
} else {
// call addITECSUser
$id = addITECSUser($userid);
$query = "SELECT u.unityid AS unityid, " . "u.affiliationid, " . "af.name AS affiliation, " . "u.firstname AS firstname, " . "u.lastname AS lastname, " . "u.preferredname AS preferredname, " . "u.email AS email, " . "i.name AS IMtype, " . "u.IMid AS IMid, " . "u.uid AS uid, " . "u.id AS id, " . "a.name AS adminlevel, " . "a.id AS adminlevelid, " . "u.width AS width, " . "u.height AS height, " . "u.bpp AS bpp, " . "u.audiomode AS audiomode, " . "u.mapdrives AS mapdrives, " . "u.mapprinters AS mapprinters, " . "u.mapserial AS mapserial, " . "u.showallgroups, " . "u.lastupdated AS lastupdated " . "FROM user u, " . "IMtype i, " . "affiliation af, " . "adminlevel a " . "WHERE u.IMtypeid = i.id AND " . "u.adminlevelid = a.id AND " . "u.affiliationid = af.id AND " . "u.id = {$id}";
$qh = doQuery($query, 101);
$user = mysql_fetch_assoc($qh);
# add account to demo group
$demoid = getUserGroupID('demo', getAffiliationID('ITECS'));
updateGroups(array($demoid), $user['id']);
}
$user["groups"] = getUsersGroups($user["id"], 1);
checkExpiredDemoUser($user['id'], $user['groups']);
$user["privileges"] = getOverallUserPrivs($user["id"]);
$tmparr = explode('@', $user['unityid']);
$user['login'] = $tmparr[0];
return $user;
}