function VerifyPageArguments($argspec, $required) { global $drewheader; if ($drewheader) { trigger_error("PAGEHEADER called before VerifyPageArguments " . "(called by RequiredPageArguments or OptionalPageArguments). " . "Won't be able to return proper HTTP status code on Error " . "in " . $_SERVER['SCRIPT_FILENAME'] . ",", E_USER_WARNING); } $result = array(); while ($argspec and count($argspec) > 1) { $name = array_shift($argspec); $type = array_shift($argspec); $yep = 0; unset($object); switch ($type) { case PAGEARG_EXPERIMENT: if (isset($_REQUEST[URL_EXPERIMENT])) { $idx = $_REQUEST[URL_EXPERIMENT]; $yep = 1; if (ValidateArgument(PAGEARG_EXPERIMENT, $idx)) { $object = Experiment::Lookup($idx); } } elseif (isset($_REQUEST[URL_EXPTIDX])) { $idx = $_REQUEST[URL_EXPTIDX]; $yep = 1; if (ValidateArgument(PAGEARG_EXPERIMENT, $idx)) { $object = Experiment::Lookup($idx); } } elseif (isset($_REQUEST[URL_PID]) && isset($_REQUEST[URL_EID])) { $pid = $_REQUEST[URL_PID]; $eid = $_REQUEST[URL_EID]; $yep = 1; if (ValidateArgument(PAGEARG_PID, $pid) && ValidateArgument(PAGEARG_EID, $eid)) { $object = Experiment::LookupByPidEid($pid, $eid); } } break; case PAGEARG_TEMPLATE: if (isset($_REQUEST[URL_GUID]) && isset($_REQUEST[URL_VERS])) { $guid = $_REQUEST[URL_GUID]; $vers = $_REQUEST[URL_VERS]; $yep = 1; if (ValidateArgument(PAGEARG_GUID, $guid) && ValidateArgument(PAGEARG_VERS, $vers)) { $object = Template::Lookup($guid, $vers); } } elseif (isset($_REQUEST[URL_TEMPLATE])) { $guidvers = $_REQUEST[URL_TEMPLATE]; $yep = 1; if (preg_match("/^([\\d]+)\\/([\\d]+)\$/", $guidvers, $matches)) { $guid = $matches[1]; $vers = $matches[2]; $object = Template::Lookup($guid, $vers); } else { PAGEARGERROR("Invalid argument for '{$type}': {$guidvers}"); } } break; case PAGEARG_INSTANCE: if (isset($_REQUEST[URL_INSTANCE])) { $idx = $_REQUEST[URL_INSTANCE]; $yep = 1; if (ValidateArgument(PAGEARG_INSTANCE, $idx)) { $object = TemplateInstance::LookupByExptidx($idx); } } break; case PAGEARG_METADATA: if (isset($_REQUEST[URL_METADATA])) { $guidvers = $_REQUEST[URL_METADATA]; $yep = 1; if (preg_match("/^([\\d]+)\\/([\\d]+)\$/", $guidvers, $matches)) { $guid = $matches[1]; $vers = $matches[2]; $object = TemplateMetadata::Lookup($guid, $vers); } else { PAGEARGERROR("Invalid argument for '{$type}': {$guidvers}"); } } break; case PAGEARG_PROJECT: if (isset($_REQUEST[URL_PROJECT])) { $idx = $_REQUEST[URL_PROJECT]; $yep = 1; if (ValidateArgument(PAGEARG_PROJECT, $idx)) { $object = Project::Lookup($idx); } } elseif (isset($_REQUEST[URL_PID])) { $pid = $_REQUEST[URL_PID]; $yep = 1; if (ValidateArgument(PAGEARG_PID, $pid)) { $object = Project::Lookup($pid); } } break; case PAGEARG_GROUP: if (isset($_REQUEST[URL_GROUP])) { $idx = $_REQUEST[URL_GROUP]; $yep = 1; if (ValidateArgument(PAGEARG_GROUP, $idx)) { $object = Group::Lookup($idx); } } elseif (isset($_REQUEST[URL_PID]) && isset($_REQUEST[URL_GID])) { $pid = $_REQUEST[URL_PID]; $gid = $_REQUEST[URL_GID]; $yep = 1; if (ValidateArgument(PAGEARG_PID, $pid) && ValidateArgument(PAGEARG_GID, $gid)) { $object = Group::LookupByPidGid($pid, $gid); } } break; case PAGEARG_NODE: if (isset($_REQUEST[URL_NODE])) { $idx = $_REQUEST[URL_NODE]; $yep = 1; if (ValidateArgument(PAGEARG_NODE, $idx)) { $object = Node::Lookup($idx); } } elseif (isset($_REQUEST[URL_NODEID])) { $nodeid = $_REQUEST[URL_NODEID]; $yep = 1; if (ValidateArgument(PAGEARG_NODEID, $nodeid)) { $object = Node::Lookup($nodeid); } } elseif (isset($_REQUEST[URL_NODEID_ALT])) { $nodeid = $_REQUEST[URL_NODEID_ALT]; $yep = 1; if (ValidateArgument(PAGEARG_NODEID, $nodeid)) { $object = Node::Lookup($nodeid); } } break; case PAGEARG_USER: if (isset($_REQUEST[URL_USER])) { $idx = $_REQUEST[URL_USER]; $yep = 1; if (ValidateArgument(PAGEARG_USER, $idx)) { $object = User::Lookup($idx); } } elseif (isset($_REQUEST[URL_UID])) { $uid = $_REQUEST[URL_UID]; $yep = 1; if (ValidateArgument(PAGEARG_UID, $uid)) { $object = User::Lookup($uid); } } break; case PAGEARG_IMAGE: if (isset($_REQUEST[URL_IMAGEID])) { $imageid = $_REQUEST[URL_IMAGEID]; $yep = 1; if (ValidateArgument(PAGEARG_IMAGE, $imageid)) { $object = Image::Lookup($imageid); } } elseif (isset($_REQUEST[$name]) && $_REQUEST[$name] != "") { $imageid = $_REQUEST[$name]; $yep = 1; if (ValidateArgument(PAGEARG_IMAGE, $imageid)) { $object = Image::Lookup($imageid); } } break; case PAGEARG_OSINFO: if (isset($_REQUEST[URL_OSID])) { $osid = $_REQUEST[URL_OSID]; $yep = 1; if (ValidateArgument(PAGEARG_OSINFO, $osid)) { $object = OSinfo::Lookup($osid); } } break; case PAGEARG_BOOLEAN: if (isset($_REQUEST[$name]) && $_REQUEST[$name] != "") { $object = $_REQUEST[$name]; $yep = 1; if (strcasecmp("{$object}", "yes") == 0 || strcasecmp("{$object}", "1") == 0 || strcasecmp("{$object}", "true") == 0 || strcasecmp("{$object}", "on") == 0) { $object = True; } elseif (strcasecmp("{$object}", "no") == 0 || strcasecmp("{$object}", "0") == 0 || strcasecmp("{$object}", "false") == 0 || strcasecmp("{$object}", "off") == 0) { $object = False; } } break; case PAGEARG_INTEGER: case PAGEARG_NUMERIC: case PAGEARG_ARRAY: if (isset($_REQUEST[$name]) && $_REQUEST[$name] != "") { $object = $_REQUEST[$name]; $yep = 1; if (!ValidateArgument($type, $object)) { unset($object); } } break; case PAGEARG_ANYTHING: if (isset($_REQUEST[$name])) { $object = $_REQUEST[$name]; $yep = 1; # Anything allowed, caller BETTER check it. } break; case PAGEARG_ALPHALIST: if (isset($_REQUEST[$name])) { $object = $_REQUEST[$name]; if (!preg_match("/^[\\d\\w\\-\\ \\,]+\$/", $object)) { unset($object); } else { $object = preg_split("/[\\,\\;]+\\s*/", $_REQUEST[$name]); } } break; case PAGEARG_STRING: default: if (isset($_REQUEST[$name])) { $object = $_REQUEST[$name]; $yep = 1; # Pages never get arguments with special chars. Check. if (preg_match("/[\\'\"]/", $object)) { $object = htmlspecialchars($object); PAGEARGERROR("Invalid characters in '{$name}': {$object}"); } } break; case PAGEARG_PASSWORD: default: if (isset($_REQUEST[$name])) { $object = $_REQUEST[$name]; $yep = 1; # Only printable chars. if (!preg_match("/^[ -~]+\$/", $object)) { PAGEARGERROR("Invalid characters in '{$name}'"); } } break; case PAGEARG_LOGFILE: if (isset($_REQUEST[URL_LOGFILE])) { $logid = $_REQUEST[URL_LOGFILE]; $yep = 1; if (ValidateArgument(PAGEARG_LOGFILE, $logid)) { $object = Logfile::Lookup($logid); } } break; } if (isset($object)) { $result[$name] = $object; $GLOBALS[$name] = $object; } elseif ($yep) { # # Value supplied but could not be mapped to object. # Lets make that clear in the error message. # USERERROR("Could not map page arguments to '{$name}'", 1); } elseif ($required) { PAGEARGERROR("Must provide '{$name}' page argument"); } else { unset($GLOBALS[$name]); } } return $result; }
# Fatal Error. Report to the user, even though there is not much he can # do with the error. Also reports to tbops. # if ($retval < 0) { SUEXECERROR(SUEXEC_ACTION_CONTINUE); } # User error. Tell user and exit. SUEXECERROR(SUEXEC_ACTION_USERERROR); return; } # # Parse the last line of output. Ick. # if (preg_match("/^Template\\s+(\\w+)\\/(\\w+)\\s+is being/", $suexec_output_array[count($suexec_output_array) - 1], $matches)) { $guid = $matches[1]; $vers = $matches[2]; $template = Template::Lookup($guid, $vers); if (!$template) { TBERROR("Could not lookup template object for {$guid}/{$vers}", 1); return; } echo $template->PageHeader(); echo "<br><br>\n"; STARTLOG($template); } else { SUEXECERROR(SUEXEC_ACTION_DIE); } # # Standard Testbed Footer # PAGEFOOTER();
if (!isset($submit)) { # # In show mode, we can show any metadata entry, but it cannot be modified # unless its in the context of a template. That might change later? # if ($action == "show") { if (!isset($metadata)) { PAGEARGERROR("Must provide a metadata guid"); } $metadata_guid = $metadata->guid(); $metadata_vers = $metadata->vers(); # # Verify Permission. Need permission for the template, any version. # if (!isset($template)) { $template = Template::Lookup($metadata->template_guid(), 1); } if (!$template || !$template->AccessCheck($this_user, $TB_EXPT_READINFO)) { USERERROR("You do not have permission to view metadata in " . " template {$template_guid}!", 1); } PAGEHEADER("Show Metadata"); $metadata->Show(); PAGEFOOTER(); return; } elseif ($action == "modify" || $action == "delete") { if (!isset($template)) { PAGEARGERROR("Must provide a template guid"); } $template_guid = $template->guid(); $template_vers = $template->vers(); if (!isset($metadata)) {