Example #1
0
function processRequestInput()
{
    global $user;
    $baseaccess = getContinuationVar('baseaccess', 0);
    $imagingaccess = getContinuationVar('imagingaccess', 0);
    $serveraccess = getContinuationVar('serveraccess', 0);
    $openend = getContinuationVar('openend', 0);
    $nousercheck = getContinuationVar('nousercheck', 0);
    $return['imaging'] = getContinuationVar('imaging', 0);
    $maxinitial = getContinuationVar('maxinitial', 0);
    $noimaging = getContinuationVar('noimaging', array());
    $return = array('err' => 0);
    # type
    $return['type'] = processInputVar('type', ARG_STRING);
    if (!preg_match('/^basic|imaging|server$/', $return['type'])) {
        $return['err'] = 1;
        $return['errmsg'] = i('Invalid data submitted');
        return $return;
    }
    if ($return['type'] == 'basic' && !$baseaccess || $return['type'] == 'imaging' && !$imagingaccess || $return['type'] == 'server' && !$serveraccess) {
        $return['err'] = 1;
        $return['errmsg'] = i('No access to submitted reservation type');
        return $return;
    }
    # ending
    $return['ending'] = processInputVar('ending', ARG_STRING);
    if (!preg_match('/^indefinite|endat|duration$/', $return['ending'])) {
        $return['err'] = 1;
        $return['errmsg'] = i('Invalid data submitted');
        return $return;
    }
    if ($return['ending'] == 'duration' && !$baseaccess || $return['ending'] == 'indefinite' && !$serveraccess || $return['ending'] == 'endat' && !$openend && !$serveraccess) {
        $return['err'] = 1;
        $return['errmsg'] = i('No access to submitted end type');
        return $return;
    }
    # imageid
    $return['imageid'] = processInputVar('imageid', ARG_NUMERIC);
    $resources = getUserResources(array("imageAdmin", "imageCheckOut"));
    $withnocheckout = $resources['image'];
    $images = removeNoCheckout($resources["image"]);
    $extraimages = getServerProfileImages($user['id']);
    if (!array_key_exists($return['imageid'], $images) && ($return['type'] != 'server' || !array_key_exists($return['imageid'], $extraimages)) && ($return['type'] != 'imaging' || !array_key_exists($return['imageid'], $withnocheckout)) || $return['type'] == 'imaging' && array_key_exists($return['imageid'], $noimaging)) {
        $return['err'] = 1;
        $return['errmsg'] = i('No access to submitted environment');
        return $return;
    }
    # nousercheck
    $return['nousercheck'] = processInputVar('nousercheck', ARG_NUMERIC);
    if (!$nousercheck || $return['nousercheck'] != 1) {
        $return['nousercheck'] = 0;
    }
    # revisionid
    $revids = processInputVar("revisionid", ARG_STRING);
    $revids = explode(':', $revids);
    $images = getImages(0, $return['imageid']);
    $return['revisionids'] = array();
    if (array_key_exists('subimages', $images[$return['imageid']])) {
        $subimages = $images[$return['imageid']]['subimages'];
        array_unshift($subimages, $return['imageid']);
        foreach ($subimages as $key => $imgid) {
            $revisions = getImageRevisions($imgid);
            if (!array_key_exists($key, $revids) || !is_numeric($revids[$key]) || !array_key_exists($revids[$key], $revisions)) {
                $revid = getProductionRevisionid($imgid);
            } else {
                $revid = $revids[$key];
            }
            if (!array_key_exists($imgid, $return['revisionids'])) {
                $return['revisionids'][$imgid] = array();
            }
            $return['revisionids'][$imgid][] = $revid;
        }
    } elseif ($revids[0] != '' && is_numeric($revids[0])) {
        $return['revisionids'][$return['imageid']][] = $revids[0];
    } else {
        $return['revisionids'][$return['imageid']][] = getProductionRevisionid($return['imageid']);
    }
    # duration
    if ($return['ending'] == 'duration') {
        $return['duration'] = processInputVar('duration', ARG_NUMERIC, 0);
        if ($return['duration'] > $maxinitial) {
            $return['duration'] = $maxinitial;
        }
    }
    # start/end
    $return['start'] = processInputVar('start', ARG_NUMERIC);
    $return['end'] = processInputVar('end', ARG_NUMERIC, 0);
    $now = time();
    if ($return['start'] == 0) {
        $start = $now;
    } else {
        $start = $return['start'];
    }
    if ($return['ending'] == 'endat') {
        $end = $return['end'];
    }
    if ($return['ending'] == 'indefinite') {
        $end = datetimeToUnix('2038-01-01 00:00:00');
    } elseif ($return['ending'] == 'duration') {
        $end = $start + $return['duration'] * 60;
    }
    if ($start < $now) {
        $return['err'] = 1;
        $return['errmsg'] = i('The submitted start time is in the past.');
        return $return;
    }
    if ($start + 900 > $end) {
        $return['err'] = 1;
        $return['errmsg'] = i('The end time must be at least 15 minutes later than the start time.');
        return $return;
    }
    $return['ipaddr'] = '';
    $return['macaddr'] = '';
    # server specific input
    if ($return['type'] == 'server') {
        # name
        $return['name'] = processInputVar('name', ARG_STRING);
        if (!preg_match('/^([-a-zA-Z0-9_\\. ]){0,255}$/', $return['name'])) {
            $return['err'] = 1;
            $return['errmsg'] = i('The reservation name can only contain letters, numbers, spaces, dashes(-), underscores(_), and periods(.) and can be up to 255 characters long');
            return $return;
        }
        # ipaddr
        $return['ipaddr'] = processInputVar('ipaddr', ARG_STRING);
        if ($return['ipaddr'] != '') {
            # validate fixed IP address
            if (!validateIPv4addr($return['ipaddr'])) {
                $return['err'] = 1;
                $return['errmsg'] = i('Invalid IP address. Must be w.x.y.z with each of w, x, y, and z being between 1 and 255 (inclusive)');
                return $return;
            }
            # validate netmask
            $return['netmask'] = processInputVar('netmask', ARG_STRING);
            $bnetmask = ip2long($return['netmask']);
            if (!preg_match('/^[1]+0[^1]+$/', sprintf('%032b', $bnetmask))) {
                $return['err'] = 1;
                $return['errmsg'] = i('Invalid netmask specified');
                return $return;
            }
            # validate router
            $return['router'] = processInputVar('router', ARG_STRING);
            if (!validateIPv4addr($return['router'])) {
                $return['err'] = 1;
                $return['errmsg'] = i('Invalid router address. Must be w.x.y.z with each of w, x, y, and z being between 1 and 255 (inclusive)');
                return $return;
            }
            $return['network'] = ip2long($return['ipaddr']) & $bnetmask;
            if ($return['network'] != (ip2long($return['router']) & $bnetmask)) {
                $return['err'] = 1;
                $return['errmsg'] = i('IP address and router are not on the same subnet based on the specified netmask.');
                return $return;
            }
            # validate dns server(s)
            $dns = processInputVar('dns', ARG_STRING);
            $tmp = explode(',', $dns);
            $cnt = 0;
            $return['dnsArr'] = array();
            foreach ($tmp as $dnsaddr) {
                if ($cnt && $dnsaddr == '') {
                    continue;
                }
                if ($cnt == 3) {
                    $return['err'] = 1;
                    $return['errmsg'] = i('Too many DNS servers specified - up to 3 are allowed.');
                    return $return;
                }
                if (!validateIPv4addr($dnsaddr)) {
                    $return['err'] = 1;
                    $return['errmsg'] = i('Invalid DNS server specified.');
                    return $return;
                }
                $return['dnsArr'][] = $dnsaddr;
                $cnt++;
            }
            # check that a management node can handle the network
            $mappedmns = getMnsFromImage($return['imageid']);
            $mnnets = checkAvailableNetworks($return['ipaddr']);
            $intersect = array_intersect($mappedmns, $mnnets);
            if (empty($intersect)) {
                $return['err'] = 1;
                $return['errmsg'] = i('There are no management nodes that can deploy the selected image with the specified IP address.');
                return $return;
            }
        }
        # macaddr
        $return['macaddr'] = processInputVar('macaddr', ARG_STRING);
        if ($return['macaddr'] != '' && !preg_match('/^(([A-Fa-f0-9]){2}:){5}([A-Fa-f0-9]){2}$/', $return['macaddr'])) {
            $return['err'] = 1;
            $return['errmsg'] = i('Invalid MAC address. Must be XX:XX:XX:XX:XX:XX with each pair of XX being from 00 to FF (inclusive)');
            return $return;
        }
        # profileid
        $return['profileid'] = processInputVar('profileid', ARG_NUMERIC, 0);
        $resources = getUserResources(array("serverCheckOut", "serverProfileAdmin"), array("available", "administer"));
        if (!array_key_exists($return['profileid'], $resources['serverprofile'])) {
            $return['profileid'] = 0;
        } elseif ($return['profileid'] != 0) {
            $tmp = getServerProfiles($return['profileid']);
            $tmp = $tmp[$return['profileid']];
            if ($tmp['imageid'] != $return['imageid'] && ($tmp['fixedIP'] != $return['ipaddr'] && $tmp['fixedMAC'] != $return['macaddr'] || $tmp['fixedIP'] == $return['ipaddr'] && $return['ipaddr'] == '' && $tmp['fixedMAC'] == $return['macaddr'] && $return['macaddr'] == '')) {
                $return['profileid'] = 0;
            }
        }
        # admingroupid
        $usergroups = getUserGroups();
        $return['admingroupid'] = processInputVar('admingroupid', ARG_NUMERIC);
        if ($return['admingroupid'] != 0 && !array_key_exists($return['admingroupid'], $usergroups)) {
            $return['err'] = 1;
            $return['errmsg'] = i('You do not have access to use the specified admin user group.');
            return $return;
        }
        # logingroupid
        $return['logingroupid'] = processInputVar('logingroupid', ARG_NUMERIC);
        if ($return['logingroupid'] != 0 && !array_key_exists($return['logingroupid'], $usergroups)) {
            $return['err'] = 1;
            $return['errmsg'] = i('You do not have access to use the specified access user group.');
            return $return;
        }
        # monitored
        $return['monitored'] = processInputVar('monitored', ARG_NUMERIC, 0);
        if ($return['monitored'] != 0 && $return['monitored'] != 1) {
            $return['monitored'] = 0;
        }
        # configs
        # TODO configs
        /*$tmp = getUserResources(array("configAdmin"));
        		$userconfigs = $tmp['config'];
        		$initconfigs = getMappedConfigs($return['imageid']);
        		if(array_key_exists('configdata', $_POST)) {
        			if(get_magic_quotes_gpc())
        				$_POST['configdata'] = stripslashes($_POST['configdata']);
        			$configdata = json_decode($_POST['configdata']);
        		}
        		if(array_key_exists('configdata', $_POST) &&
        			isset($configdata->configs))
        			$configs = $configdata->configs;
        		else
        			$configs = (object)array();
        		$return['configs'] = array();
        		foreach($initconfigs as $id => $config) {
        			if(isset($configs->{$id}) &&
        				isset($configs->{$id}->applied) &&
        			   $configs->{$config['id']}->applied != 'true' &&
        				$configs->{$config['id']}->applied != 'false')
        				unset($configs->{$config['id']});
        			if($config['optional'] &&
        			   (! isset($configs->{$id}) ||
        			   ! $configs->{$id}->applied))
        				continue;
        			$return['configs'][$id] = array('configid' => $config['configid'],
        			                                'configmapid' => $config['configmapid'],
        			                                'imageid' => $config['subimageid']);
        			if(isset($configs->{$id}))
        				unset($configs->{$id});
        		}
        		$rescfgmapids = array();
        		foreach($configs as $id => $config) {
        			if(! array_key_exists($config->configid, $userconfigs))
        				continue;
        			$return['configs'][$id] = array('configid' => $config->configid,
        			                                'configstageid' => $config->configstageid,
        			                                'imageid' => $config->imageid);
        			$tmp = explode('/', $id);
        			$rescfgmapids[$tmp[1]] = 1;
        		}
        
        		# configvars
        		$tmp = array_splice($initconfigs, 0);
        		$initconfigvars = getImageConfigVariables($tmp);
        		if(array_key_exists('configdata', $_POST) &&
        			isset($configdata->configvars))
        			$configvars = $configdata->configvars;
        		else
        			$configvars = (object)array();
        		#print "/*";
        		#printArray($initconfigvars);
        		#printArray($configvars);
        		#print "*" . "/";
        		$return['configvars'] = array();
        		foreach($initconfigvars as $id => $configvar) {
        			$tmp = explode('/', $id);
        			$cfgid = "{$tmp[0]}/{$tmp[1]}";
        			$varid = $tmp[2];
        			if($configvar['ask'] == 0 ||
        			   ! isset($configvars->{$id}) ||
        			   ! isset($configvars->{$id}->value)) {
        				$return['configvars'][$cfgid][$varid] =
        				         array('value' => $configvar['defaultvalue']);
        			}
        			else {
        				switch($configvar['datatype']) {
        					case 'bool':
        					case 'int':
        					case 'float':
        						$value = processInputData($configvars->{$id}->value, ARG_NUMERIC);
        						break;
        					default:
        						$value = processInputData($configvars->{$id}->value, ARG_STRING);
        						break;
        				}
        				$return['configvars'][$cfgid][$varid] = array('value' => $value);
        			}
        			if(isset($configvars->{$id}))
        				unset($configvars->{$id});
        		}*/
        /*print "/*";
        		printArray($rescfgmapids);
        		foreach($configvars as $id => $var) {
        			$cfgid = explode('/', $id);
        			print "cfgid: {$cfgid[1]}\n";
        			if(! array_key_exists($cfgid[1], $rescfgmapids))
        				continue;
        			// TODO validate based on var type
        			$value = processInputData($configvars->{$id}->value, ARG_STRING);
        			$return['configvars']["{$cfgid[0]}/{$cfgid[1]}"][$cfgid[2]] = array('value' => $value);
        		}
        		printArray($configvars);*/
        #print "*/";
    }
    return $return;
}
Example #2
0
function AJfetchRouterDNS()
{
    $data = array('status' => 'none');
    $page = processInputVar('page', ARG_STRING);
    if ($page != 'deploy' && $page != 'profile') {
        sendJSON($data);
        return;
    }
    $ipaddr = processInputVar('ipaddr', ARG_STRING);
    # validate fixed IP address
    if (!validateIPv4addr($ipaddr)) {
        sendJSON($data);
        return;
    }
    # validate netmask
    $netmask = processInputVar('netmask', ARG_STRING);
    $bnetmask = ip2long($netmask);
    if (!preg_match('/^[1]+0[^1]+$/', sprintf('%032b', $bnetmask))) {
        sendJSON($data);
        return;
    }
    $network = ip2long($ipaddr) & $bnetmask;
    $availnets = getVariable('fixedIPavailnetworks', array());
    $key = long2ip($network) . "/{$netmask}";
    if (array_key_exists($key, $availnets)) {
        $data = array('status' => 'success', 'page' => $page, 'router' => $availnets[$key]['router'], 'dns' => implode(',', $availnets[$key]['dns']));
    }
    sendJSON($data);
}
Example #3
0
 function AJgenerateDHCPdata()
 {
     $type = processInputVar('type', ARG_STRING);
     if ($type != 'public' && $type != 'private') {
         $ret = array('status' => 'noaction');
         sendJSON($ret);
         return;
     }
     if ($type == 'private') {
         $mnip = processInputVar('mnip', ARG_STRING);
         if (!validateIPv4addr($mnip)) {
             sendJSON(array('status' => 'error', 'errmsg' => 'invalid IP address submitted'));
             return;
         }
         $ipprefix = 'private';
     } else {
         $ipprefix = '';
     }
     $nic = processInputVar('nic', ARG_STRING);
     if ($nic != 'eth0' && $nic != 'eth1') {
         $nic = 'eth0';
     }
     $compids = $this->validateCompIDs();
     if (array_key_exists('error', $compids)) {
         $ret = array('status' => 'error', 'errormsg' => $compids['msg']);
         sendJSON($ret);
         return;
     }
     if (count($compids) == 0) {
         $ret = array('status' => 'noaction');
         sendJSON($ret);
         return;
     }
     $comps = $this->getData($this->defaultGetDataArgs);
     if ($type == 'private') {
         $octets = explode('.', $mnip);
         $hexmnip = sprintf('%02x:%02x:%02x:%02x', $octets[0], $octets[1], $octets[2], $octets[3]);
     }
     $noips = array();
     $dhcpd = '';
     $leases = '';
     foreach ($compids as $id) {
         if (empty($comps[$id]["{$ipprefix}IPaddress"]) || empty($comps[$id]["{$nic}macaddress"])) {
             $noips[] = $comps[$id]['hostname'];
             continue;
         }
         $tmp = explode('.', $comps[$id]['hostname']);
         $dhcpd .= "\t\thost {$tmp[0]} {\n";
         $dhcpd .= "\t\t\toption host-name \"{$tmp[0]}\";\n";
         $dhcpd .= "\t\t\thardware ethernet {$comps[$id]["{$nic}macaddress"]};\n";
         $dhcpd .= "\t\t\tfixed-address {$comps[$id]["{$ipprefix}IPaddress"]};\n";
         if ($type == 'private') {
             $dhcpd .= "\t\t\tfilename \"/tftpboot/pxelinux.0\";\n";
             $dhcpd .= "\t\t\toption dhcp-server-identifier {$mnip};\n";
             $dhcpd .= "\t\t\tnext-server {$mnip};\n";
         }
         $dhcpd .= "\t\t}\n\n";
         $leases .= "host {$tmp[0]} {\n";
         $leases .= "\tdynamic;\n";
         $leases .= "\thardware ethernet {$comps[$id]["{$nic}macaddress"]};\n";
         $leases .= "\tfixed-address {$comps[$id]["{$ipprefix}IPaddress"]};\n";
         $leases .= "\tsupersede server.ddns-hostname = \"{$tmp[0]}\";\n";
         $leases .= "\tsupersede host-name = \"{$tmp[0]}\";\n";
         if ($type == 'private') {
             $leases .= "\tif option vendor-class-identifier = \"ScaleMP\" {\n";
             $leases .= "\t\tsupersede server.filename = \"vsmp/pxelinux.0\";\n";
             $leases .= "\t} else {\n";
             $leases .= "\t\tsupersede server.filename = \"pxelinux.0\";\n";
             $leases .= "\t}\n";
             $leases .= "\tsupersede server.next-server = {$hexmnip};\n";
         }
         $leases .= "}\n";
     }
     $msg = '';
     if (!empty($noips)) {
         $msg .= "<span class=\"rederrormsg\">The following computers did not have ";
         $msg .= "a {$type} IP address or an {$nic} MAC address entry and therefore ";
         $msg .= "could not be included in the data below:</span><br><br>\n";
         $msg .= implode("<br>\n", $noips);
         $msg .= "<br><br>\n";
     }
     if (!empty($dhcpd)) {
         $msg .= "Data to be added to dhcpd.conf:<br>";
         $msg .= "<pre>{$dhcpd}</pre>";
         $msg .= "<br><hr><br>\n";
         $msg .= "Data to be added to dhcpd.leases:<br>";
         $msg .= "<pre>{$leases}</pre>";
     }
     $ret = array('status' => 'onestep', 'title' => ucfirst($type) . " dhcpd Data", 'actionmsg' => $msg);
     sendJSON($ret);
 }
Example #4
0
 function validateResourceData()
 {
     global $user;
     $return = array('error' => 0);
     $return['rscid'] = getContinuationVar('rscid', 0);
     $return['name'] = processInputVar('name', ARG_STRING);
     $return['owner'] = processInputVar('owner', ARG_STRING, "{$user['unityid']}@{$user['affiliation']}");
     $return['ipaddress'] = processInputVar('ipaddress', ARG_STRING);
     $return['stateid'] = processInputVar('stateid', ARG_NUMERIC);
     $return['sysadminemail'] = processInputVar('sysadminemail', ARG_STRING);
     $return['sharedmailbox'] = processInputVar('sharedmailbox', ARG_STRING);
     $return['installpath'] = processInputVar('installpath', ARG_STRING);
     $return['timeservers'] = processInputVar('timeservers', ARG_STRING);
     $return['keys'] = processInputVar('keys', ARG_STRING);
     $return['sshport'] = processInputVar('sshport', ARG_NUMERIC);
     $return['imagelibenable'] = processInputVar('imagelibenable', ARG_NUMERIC);
     $return['imagelibgroupid'] = processInputVar('imagelibgroupid', ARG_NUMERIC);
     $return['imagelibuser'] = processInputVar('imagelibuser', ARG_STRING);
     $return['imagelibkey'] = processInputVar('imagelibkey', ARG_STRING);
     $return['publicIPconfig'] = processInputVar('publicIPconfig', ARG_STRING);
     $return['publicnetmask'] = processInputVar('publicnetmask', ARG_STRING);
     $return['publicgateway'] = processInputVar('publicgateway', ARG_STRING);
     $return['publicdnsserver'] = processInputVar('publicdnsserver', ARG_STRING);
     $return['checkininterval'] = processInputVar('checkininterval', ARG_NUMERIC);
     $return['availablenetworks'] = processInputVar('availablenetworks', ARG_STRING);
     $return['federatedauth'] = processInputVar('federatedauth', ARG_STRING);
     $return['nathostenabled'] = processInputVar('nathostenabled', ARG_NUMERIC);
     $return['natpublicIPaddress'] = processInputVar('natpublicipaddress', ARG_STRING);
     $return['natinternalIPaddress'] = processInputVar('natinternalipaddress', ARG_STRING);
     if (get_magic_quotes_gpc()) {
         $return['sysadminemail'] = stripslashes($return['sysadminemail']);
         $return['sharedmailbox'] = stripslashes($return['sharedmailbox']);
     }
     $olddata = getContinuationVar('olddata');
     if ($return['rscid'] == 0) {
         $return['mode'] = 'add';
     } else {
         $return['mode'] = 'edit';
     }
     $errormsg = array();
     # hostname
     if (!preg_match('/^[a-zA-Z0-9_][-a-zA-Z0-9_\\.]{1,49}$/', $return['name'])) {
         $return['error'] = 1;
         $errormsg[] = "Hostname can only contain letters, numbers, dashes(-), periods(.), and underscores(_). It can be from 1 to 50 characters long";
     } elseif ($this->checkForMgmtnodeHostname($return['name'], $return['rscid'])) {
         $return['error'] = 1;
         $errormsg[] = "A node already exists with this hostname.";
     }
     # owner
     if (!validateUserid($return['owner'])) {
         $return['error'] = 1;
         $errormsg[] = "Submitted owner is not valid";
     }
     # ipaddress
     if (!validateIPv4addr($return['ipaddress'])) {
         $return['error'] = 1;
         $errormsg[] = "Invalid IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
     }
     # sysadminemail
     if ($return['sysadminemail'] != '') {
         $addrs = explode(',', $return['sysadminemail']);
         foreach ($addrs as $addr) {
             if (!validateEmailAddress($addr)) {
                 $return['error'] = 1;
                 $errormsg[] = "Invalid email address entered for SysAdmin Email Address(es)";
                 break;
             }
         }
     }
     # sharedmailbox
     if ($return['sharedmailbox'] != '' && !validateEmailAddress($return['sharedmailbox'])) {
         $return['error'] = 1;
         $errormsg[] = "Invalid email address entered for Shadow Emails";
     }
     # installpath
     if ($return['installpath'] != '' && !preg_match('/^([-a-zA-Z0-9_\\.\\/]){2,100}$/', $return['installpath'])) {
         $return['error'] = 1;
         $errormsg[] = "Install Path must be empty or only contain letters, numbers, dashes(-), periods(.), underscores(_), and forward slashes(/) and be from 2 to 100 characters long";
     }
     # timeservers
     if ($return['timeservers'] != '') {
         if (strlen($return['timeservers']) > 1000) {
             $return['error'] = 1;
             $errormsg[] = "Too much data entered for Time Server(s)";
         } else {
             $hosts = explode(',', $return['timeservers']);
             foreach ($hosts as $host) {
                 if (preg_match('/^([0-9]{1,3}(\\.?))+$/', $host) && !validateIPv4addr($host) || !preg_match('/^[a-zA-Z0-9_][-a-zA-Z0-9_\\.]{1,50}$/', $host)) {
                     $return['error'] = 1;
                     $errormsg[] = "Time servers must be an IP address or a hostname containing only letters, numbers, dashes(-), periods(.), and underscores(_). Each host can be up to 50 characters long";
                     break;
                 }
             }
         }
     }
     # keys
     if ($return['keys'] != '' && !preg_match('/^([-a-zA-Z0-9_\\.\\/,]){2,1024}$/', $return['keys'])) {
         $return['error'] = 1;
         $errormsg[] = "End Node SSH Identity Key Files can only contain letters, numbers, dashes(-), periods(.), underscores(_), forward slashes(/), and commas(,). It can be from 2 to 1024 characters long";
     }
     # imagelibenable
     if ($return['imagelibenable'] == 1) {
         # imagelibgroupid
         $validgroups = getUserResources(array('mgmtNodeAdmin'), array('manageGroup'), 1);
         if (!array_key_exists($return['imagelibgroupid'], $validgroups['managementnode'])) {
             $return['error'] = 1;
             $errormsg[] = "The group selected for Image Library Management Node Group is not valid";
         }
         # imagelibuser
         if (!preg_match('/^([-a-zA-Z0-9_\\.\\/,]){2,20}$/', $return['imagelibuser'])) {
             $return['error'] = 1;
             $errormsg[] = "Image Library User can only contain letters, numbers, and dashes(-) and can be from 2 to 20 characters long";
         }
         # imagelibkey
         if (!preg_match('/^([-a-zA-Z0-9_\\.\\/,]){2,100}$/', $return['imagelibkey'])) {
             $return['error'] = 1;
             $errormsg[] = "Image Library SSH Identity Key File can only contain letters, numbers, dashes(-), periods(.), underscores(_), and forward slashes(/). It can be from 2 to 100 characters long";
         }
     } else {
         $return['imagelibenable'] = 0;
         if ($return['mode'] == 'edit') {
             $return['imagelibgroupid'] = $olddata['imagelibgroupid'];
             $return['imagelibuser'] = $olddata['imagelibuser'];
             $return['imagelibkey'] = $olddata['imagelibkey'];
         } else {
             $return['imagelibgroupid'] = '';
             $return['imagelibuser'] = '';
             $return['imagelibkey'] = '';
         }
     }
     # publicIPconfig
     if (!preg_match('/^(dynamicDHCP|manualDHCP|static)$/', $return['publicIPconfig'])) {
         $return['publicIPconfig'] = 'dynamicDHCP';
     }
     if ($return['publicIPconfig'] == 'static') {
         # publicnetmask
         $bnetmask = ip2long($return['publicnetmask']);
         if (!preg_match('/^[1]+0[^1]+$/', sprintf('%032b', $bnetmask))) {
             $return['error'] = 1;
             $errormsg[] = "Invalid value specified for Public Netmask";
         }
         # publicgateway
         if (preg_match('/^([0-9]{1,3}(\\.?))+$/', $return['publicgateway']) && !validateIPv4addr($return['publicgateway'])) {
             $return['error'] = 1;
             $errormsg[] = "Invalid value specified for Public Gateway";
         } elseif (!preg_match('/^[a-zA-Z0-9_][-a-zA-Z0-9_\\.]{1,56}$/', $return["publicgateway"])) {
             $return['error'] = 1;
             $errormsg[] = "Public gateway must be an IP address or a hostname containing only letters, numbers, dashes(-), periods(.), and underscores(_). It can be up to 56 characters long";
         }
         # publicdnsserver
         $servers = explode(',', $return['publicdnsserver']);
         if (empty($servers)) {
             $return['error'] = 1;
             $errormsg[] = "Please enter at least one Public DNS server";
         } else {
             foreach ($servers as $server) {
                 if (!validateIPv4addr($server)) {
                     $return['error'] = 1;
                     $errormsg[] = "Invalid IP address entered for Public DNS Server";
                     break;
                 }
             }
         }
     } else {
         $return['publicnetmask'] = $olddata['publicnetmask'];
         $return['publicgateway'] = $olddata['publicgateway'];
     }
     # stateid  2 - available, 5 - failed, 10 - maintenance
     if (!preg_match('/^(2|5|10)$/', $return['stateid'])) {
         $return['error'] = 1;
         $errormsg[] = "Invalid value submitted for State";
     }
     # checkininterval
     if ($return['checkininterval'] < 5) {
         $return['checkininterval'] = 5;
     } elseif ($return['checkininterval'] > 30) {
         $return['checkininterval'] = 30;
     }
     # sshport
     if ($return['sshport'] < 1 || $return['sshport'] > 65535) {
         $return['sshport'] = 22;
     }
     # availablenetworks
     if ($return['availablenetworks'] != '') {
         if (strpos("\n", $return['availablenetworks'])) {
             $return['availablenetworks'] = preg_replace("/(\r)?\n/", ',', $return['availablenetworks']);
         }
         $return['availablenetworks2'] = explode(',', $return['availablenetworks']);
         foreach ($return['availablenetworks2'] as $key => $net) {
             $net = trim($net);
             if ($net == '') {
                 unset($return['availablenetworks2'][$key]);
                 $return['availablenetworks'] = implode("\n", $return['availablenetworks2']);
                 continue;
             }
             $return['availablenetworks2'][$key] = $net;
             if (!preg_match('/^([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\/([0-9]{2})$/', $net, $matches) || $matches[1] < 0 || $matches[1] > 255 || $matches[2] < 0 || $matches[2] > 255 || $matches[3] < 0 || $matches[3] > 255 || $matches[4] < 0 || $matches[4] > 255 || $matches[5] < 1 || $matches[5] > 32) {
                 $return['error'] = 1;
                 $errormsg[] = "Invalid network entered for Available Public Networks; must be comma delimited list of valid networks in the form of x.x.x.x/yy";
             }
         }
     }
     # federatedauth
     if ($return['federatedauth'] != '') {
         $affils = getAffiliations();
         $fedarr = explode(',', $return['federatedauth']);
         $test = array_udiff($fedarr, $affils, 'strcasecmp');
         if (!empty($test)) {
             $new = array();
             foreach ($test as $affil) {
                 if (preg_match('/^[-0-9a-zA-Z_\\.:;,]*$/', $affil)) {
                     $new[] = $affil;
                 }
             }
             if (count($test) == count($new)) {
                 $errormsg[] = "These affiliations do not exist: " . implode(', ', $new);
             } else {
                 $errormsg[] = "Invalid data entered for Affiliations using Federated Authentication for Linux Images";
             }
             $return['error'] = 1;
         }
     }
     $nathosterror = 0;
     # nathostenabled
     if ($return['nathostenabled'] != 0 && $return['nathostenabled'] != 1) {
         $return['error'] = 1;
         $errormsg[] = "Invalid value for Use as NAT Host";
         $nathosterror = 1;
     }
     # natpublicIPaddress
     if ($return['nathostenabled']) {
         if (!validateIPv4addr($return['natpublicIPaddress'])) {
             $return['error'] = 1;
             $errormsg[] = "Invalid NAT Public IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
             $nathosterror = 1;
         }
         # natinternalIPaddress
         if (!validateIPv4addr($return['natinternalIPaddress'])) {
             $return['error'] = 1;
             $errormsg[] = "Invalid NAT Internal IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
             $nathosterror = 1;
         }
     }
     # nat host change - check for active reservations
     if (!$nathosterror && $return['mode'] == 'edit') {
         if ($olddata['nathostenabled'] != $return['nathostenabled'] || $olddata['natpublicIPaddress'] != $return['natpublicIPaddress'] || $olddata['natinternalIPaddress'] != $return['natinternalIPaddress']) {
             $vclreloadid = getUserlistID('vclreload@Local');
             $query = "SELECT rq.id " . "FROM request rq, " . "reservation rs, " . "nathostcomputermap nhcm, " . "nathost nh " . "WHERE rs.requestid = rq.id AND " . "rs.computerid = nhcm.computerid AND " . "nhcm.nathostid = nh.id AND " . "nh.resourceid = {$olddata['resourceid']} AND " . "rq.start <= NOW() AND " . "rq.end > NOW() AND " . "rq.stateid NOT IN (1,5,11,12) AND " . "rq.laststateid NOT IN (1,5,11,12) AND " . "rq.userid != {$vclreloadid}";
             $qh = doQuery($query);
             if (mysql_num_rows($qh)) {
                 $return['error'] = 1;
                 $errormsg[] = "This management node is the NAT host for computers that have active reservations. NAT host<br>settings cannot be changed while providing NAT for active reservations.";
             }
         }
     }
     if ($return['error']) {
         $return['errormsg'] = implode('<br>', $errormsg);
     }
     return $return;
 }