function processBlockAllocationInput()
{
global $user;
$return = array();
$method = getContinuationVar('method');
$return['name'] = processInputVar('name', ARG_STRING);
$return['owner'] = processInputVar('owner', ARG_STRING);
$return['imageid'] = processInputVar('imageid', ARG_NUMERIC);
$return['seats'] = processInputVar('seats', ARG_NUMERIC);
$return['groupid'] = processInputVar('groupid', ARG_NUMERIC);
$override = getContinuationVar('override', 0);
$type = processInputVar('type', ARG_STRING);
$err = 0;
if ($method != 'request' && !preg_match('/^([-a-zA-Z0-9\\. \\(\\)]){3,80}$/', $return['name'])) {
$errmsg = i("The name can only contain letters, numbers, spaces, dashes(-), and periods(.) and can be from 3 to 80 characters long");
$err = 1;
}
$resources = getUserResources(array("imageAdmin", "imageCheckOut"));
$resources["image"] = removeNoCheckout($resources["image"]);
if (!array_key_exists($return['imageid'], $resources['image'])) {
$errmsg = i("The submitted image is invalid.");
$err = 1;
}
if (!$err && $method != 'request' && !validateUserid($return['owner'])) {
$errmsg = i("The submitted owner is invalid.");
$err = 1;
} else {
$return['ownerid'] = getUserlistID($return['owner']);
}
$groups = getUserGroups(0, $user['affiliationid']);
$extragroups = getContinuationVar('extragroups');
if (!$err && !array_key_exists($return['groupid'], $groups) && !array_key_exists($return['groupid'], $extragroups) && $return['groupid'] != 0) {
$errmsg = i("The submitted user group is invalid.");
$err = 1;
}
if (!$err && $return['groupid'] == 0) {
$return['groupid'] = 'NULL';
}
if (!$err && ($return['seats'] < MIN_BLOCK_MACHINES || $return['seats'] > MAX_BLOCK_MACHINES)) {
$errmsg = sprintf(i("The submitted number of seats must be between %d and %d."), MIN_BLOCK_MACHINES, MAX_BLOCK_MACHINES);
$err = 1;
}
if (!$err) {
$imgdata = getImages(0, $return['imageid']);
$concur = $imgdata[$return['imageid']]['maxconcurrent'];
if (!is_null($concur) && $concur != 0 && $return['seats'] > $concur) {
$errmsg = sprintf(i("The selected image can only have %d concurrent reservations. Please reduce the number of requested seats to %d or less."), $concur, $concur);
$err = 1;
}
}
$dooverride = 0;
# check user group access to image
if (($method == 'new' || $method == 'edit') && !$err && !$override) {
$groupresources = getUserResources(array("imageAdmin", "imageCheckOut"), array("available"), 0, 0, 0, $return['groupid']);
if (!array_key_exists($return['imageid'], $groupresources['image'])) {
$dooverride = 1;
$errmsg = i("WARNING - The selected user group does not currently have access to the selected environment. You can submit the Block Allocation again to ignore this warning.");
$err = 1;
}
}
if (!$err && $type != 'weekly' && $type != 'monthly' && $type != 'list') {
$errmsg = i("You must select one of \"Repeating Weekly\", \"Repeating Monthly\", or \"List of Dates/Times\".");
$err = 1;
}
if (!$err) {
if ($type == 'list') {
$slots = processInputVar('slots', ARG_STRING);
$return['slots'] = explode(',', $slots);
$return['times'] = array();
$lastdate = array('day' => '', 'ts' => 0);
foreach ($return['slots'] as $slot) {
$tmp = explode('|', $slot);
if (count($tmp) != 3) {
$errmsg = i("Invalid date/time submitted.");
$err = 1;
break;
}
$date = $tmp[0];
if (!$err) {
$datets = strtotime($date);
if ($method != 'edit' && $datets < time() - SECINDAY) {
$errmsg = i("The date must be today or later.");
$err = 1;
break;
}
}
$return['times'][] = "{$tmp[1]}|{$tmp[2]}";
if ($datets > $lastdate['ts']) {
$lastdate['ts'] = $datets;
$lastdate['day'] = $date;
}
}
if (!$err) {
$expirets = strtotime("{$lastdate['day']} 23:59:59");
$return['expiretime'] = unixToDatetime($expirets);
}
}
if ($type == 'weekly' || $type == 'monthly') {
$return['startdate'] = processInputVar('startdate', ARG_NUMERIC);
$return['enddate'] = processInputVar('enddate', ARG_NUMERIC);
$times = processInputVar('times', ARG_STRING);
$return['startts'] = strtotime($return['startdate']);
$return['endts'] = strtotime($return['enddate']);
if ($return['startts'] > $return['endts']) {
$errmsg = i("The Last Date of Usage must be the same or later than the First Date of Usage.");
$err = 1;
} elseif ($method != 'edit' && $return['startts'] < time() - SECINDAY) {
$errmsg = i("The start date must be today or later.");
$err = 1;
}
$expirets = strtotime("{$return['enddate']} 23:59:59");
$return['expiretime'] = unixToDatetime($expirets);
$return['times'] = explode(',', $times);
}
foreach ($return['times'] as $time) {
$tmp = explode('|', $time);
if (count($tmp) != 2) {
$errmsg = i("Invalid start/end time submitted");
$err = 1;
break;
}
$start = explode(':', $tmp[0]);
if (count($start) != 2 || !is_numeric($start[0]) || !is_numeric($start[1]) || $start[0] < 0 || $start[0] > 23 || $start[1] < 0 || $start[1] > 59) {
$errmsg = i("Invalid start time submitted");
$err = 1;
break;
}
$end = explode(':', $tmp[1]);
if (count($end) != 2 || !is_numeric($end[0]) || !is_numeric($end[1]) || $end[0] < 0 || $end[0] > 23 || $end[1] < 0 || $end[1] > 59) {
$errmsg = i("Invalid end time submitted");
$err = 1;
break;
}
$start = minuteOfDay($start[0], $start[1]);
$end = minuteOfDay($end[0], $end[1]);
if ($start >= $end) {
$errmsg = i("Each start time must be less than the corresponding end time.");
$err = 1;
break;
}
}
if ($type == 'weekly') {
$validdays = 0;
$errmsg = '';
for ($day = $return['startts'], $i = 0; $i < 7, $day < $return['endts'] + SECINDAY; $i++, $day += SECINDAY) {
$daynum = date('w', $day);
$validdays |= 1 << $daynum;
}
$days = processInputVar('days', ARG_STRING);
$dayscheck = processInputVar('days', ARG_NUMERIC);
if ($days == '' && $dayscheck == '0') {
$days = 0;
}
$return['daymask'] = 0;
if (!$err) {
foreach (explode(',', $days) as $day) {
if ($day == '' || $day < 0 || $day > 6) {
$errmsg = i("Invalid day submitted.");
$err = 1;
break;
}
$return['daymask'] |= 1 << $day;
}
}
if (!$err && ($return['daymask'] & $validdays) == 0) {
$errmsg = i("No valid days submitted for the specified date range.");
$err = 1;
}
}
if ($type == 'monthly') {
$return['weeknum'] = processInputVar('weeknum', ARG_NUMERIC);
$return['day'] = processInputVar('day', ARG_NUMERIC);
if (!$err && ($return['weeknum'] < 1 || $return['weeknum'] > 5)) {
$errmsg = i("Invalid week number submitted.");
$err = 1;
}
if (!$err && ($return['day'] < 1 || $return['day'] > 7)) {
$errmsg = i("Invalid day of week submitted.");
$err = 1;
}
$times = getMonthlyBlockTimes('', $return['startts'], $return['endts'], $return['day'], $return['weeknum'], $return['times']);
if (!$err && empty($times)) {
$errmsg = i("Specified day of month not found in date range.");
$err = 1;
}
}
}
if ($method == 'request') {
$return['comments'] = processInputVar('comments', ARG_STRING);
if (get_magic_quotes_gpc()) {
$return['comments'] = stripslashes($return['comments']);
}
if (!$err && preg_match('/[<>]/', $return['comments'])) {
$errmsg = i("<>\\'s are not allowed in the comments.");
$err = 1;
}
}
if ($err) {
print "clearHideConfirmForm();";
print "alert('{$errmsg}');";
$data = array('extragroups' => $extragroups, 'method' => $method);
if ($method == 'edit') {
$data['blockid'] = getContinuationVar('blockid');
}
$cont = addContinuationsEntry('AJblockAllocationSubmit', $data, SECINWEEK, 1, 0);
print "dojo.byId('submitcont').value = '{$cont}';";
if ($dooverride) {
$data['override'] = 1;
$cont = addContinuationsEntry('AJblockAllocationSubmit', $data, SECINWEEK, 1, 0);
print "dojo.byId('submitcont2').value = '{$cont}';";
} else {
print "dojo.byId('submitcont2').value = '';";
}
}
$return['type'] = $type;
$return['err'] = $err;
return $return;
}
function processMgmtnodeInput($checks = 1)
{
global $submitErr, $submitErrMsg, $user, $mode;
$return = array();
$mgmtnodes = getManagementNodes();
$return["mgmtnodeid"] = getContinuationVar("mgmtnodeid");
$return["hostname"] = getContinuationVar("hostname", processInputVar("hostname", ARG_STRING));
$return["IPaddress"] = getContinuationVar("IPaddress", processInputVar("IPaddress", ARG_STRING));
$return["owner"] = getContinuationVar("owner", processInputVar("owner", ARG_STRING, $user["unityid"]));
$return["stateid"] = getContinuationVar("stateid", processInputVar("stateid", ARG_STRING));
$return["premoduleid"] = getContinuationVar("premoduleid", processInputVar("premoduleid", ARG_NUMERIC));
$return["checkininterval"] = getContinuationVar("checkininterval", processInputVar("checkininterval", ARG_NUMERIC));
$return["installpath"] = getContinuationVar("installpath", processInputVar("installpath", ARG_STRING));
$return["keys"] = getContinuationVar("keys", processInputVar("keys", ARG_STRING));
$return["sshport"] = getContinuationVar("sshport", processInputVar("sshport", ARG_NUMERIC));
$return["imagelibenable"] = getContinuationVar("imagelibenable", processInputVar("imagelibenable", ARG_NUMERIC));
$return["imagelibgroupid"] = getContinuationVar("imagelibgroupid", processInputVar("imagelibgroupid", ARG_NUMERIC));
$return["imagelibuser"] = getContinuationVar("imagelibuser", processInputVar("imagelibuser", ARG_STRING));
$return["imagelibkey"] = getContinuationVar("imagelibkey", processInputVar("imagelibkey", ARG_STRING));
if ($return['checkininterval'] < 5) {
$return['checkininterval'] = 5;
}
if ($return['checkininterval'] > 30) {
$return['checkininterval'] = 30;
}
if ($return['sshport'] < 1 || $return['sshport'] > 65535) {
$return['sshport'] = 22;
}
if ($return['imagelibenable'] != '' && $return['imagelibenable'] != 1) {
$return['imagelibenable'] = '';
}
if ($return['imagelibenable'] != 1) {
$return["imagelibgroupid"] = 'NULL';
$return["imagelibuser"] = '******';
$return["imagelibkey"] = 'NULL';
}
if (!$checks) {
return $return;
}
if (!ereg('^[a-zA-Z0-9_][-a-zA-Z0-9_\\.]{1,49}$', $return["hostname"])) {
$submitErr |= MNHOSTNAMEERR;
$submitErrMsg[MNHOSTNAMEERR] = "Hostname can only contain letters, numbers, dashes(-), periods(.), and underscores(_). It can be from 1 to 50 characters long";
}
if (!($submitErr & MNHOSTNAMEERR) && $mode != "confirmEditMgmtnode" && checkForMgmtnodeHostname($return["hostname"])) {
$submitErr |= MNHOSTNAMEERR;
$submitErrMsg[MNHOSTNAMEERR] = "A node already exists with this hostname.";
}
$ipaddrArr = explode('.', $return["IPaddress"]);
if (!ereg('^(([0-9]){1,3}\\.){3}([0-9]){1,3}$', $return["IPaddress"]) || $ipaddrArr[0] < 1 || $ipaddrArr[0] > 255 || $ipaddrArr[1] < 0 || $ipaddrArr[1] > 255 || $ipaddrArr[2] < 0 || $ipaddrArr[2] > 255 || $ipaddrArr[3] < 1 || $ipaddrArr[3] > 255) {
$submitErr |= IPADDRESSERR;
$submitErrMsg[IPADDRESSERR] = "Invalid IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
}
if ($mode != "confirmEditMgmtnode" && !($submitErr & IPADDRESSERR) && checkForMgmtnodeIPaddress($return["IPaddress"])) {
$submitErr |= IPADDRESSERR;
$submitErrMsg[IPADDRESSERR] = "A node already exists with this IP address.";
}
if (!validateUserid($return["owner"])) {
$submitErr |= MNOWNERERR;
$submitErrMsg[MNOWNERERR] = "Submitted ID is not valid";
}
if (!preg_match('/^([-a-zA-Z0-9_\\.\\/]){2,100}$/', $return["installpath"])) {
$submitErr |= MNINSTPATHERR;
$submitErrMsg[MNINSTPATHERR] = "This can only contain letters, numbers, dashes(-), periods(.), underscores(_), and forward slashes(/). It can be from 2 to 100 characters long";
}
if (!empty($return['keys']) && !preg_match('/^([-a-zA-Z0-9_\\.\\/,]){2,1024}$/', $return["keys"])) {
$submitErr |= MNSSHIDKEYSERR;
$submitErrMsg[MNSSHIDKEYSERR] = "This can only contain letters, numbers, dashes(-), periods(.), underscores(_), forward slashes(/), and commas(,). It can be from 2 to 1024 characters long";
}
if ($return['imagelibenable'] == 1) {
$validgroups = getUserResources(array('mgmtNodeAdmin'), array("manageGroup"), 1);
if (!in_array($return['imagelibgroupid'], array_keys($validgroups['managementnode']))) {
$submitErr |= MNIMGLIBGRPIDERR;
$submitErrMsg[MNIMGLIBGRPIDERR] = "The selected group was invalid";
}
if (!preg_match('/^([-a-zA-Z0-9_\\.\\/,]){2,20}$/', $return["imagelibuser"])) {
$submitErr |= MNIMGLIBUSERERR;
$submitErrMsg[MNIMGLIBUSERERR] = "This can only contain letters, numbers, and dashes(-) and can be from 2 to 20 characters long";
}
if (!preg_match('/^([-a-zA-Z0-9_\\.\\/,]){2,100}$/', $return["imagelibkey"])) {
$submitErr |= MNIMGLIBKEYERR;
$submitErrMsg[MNIMGLIBKEYERR] = "This can only contain letters, numbers, dashes(-), periods(.), underscores(_), and forward slashes(/). It can be from 2 to 100 characters long";
}
} else {
$return["imagelibgroupid"] = 'NULL';
$return["imagelibuser"] = '******';
$return["imagelibkey"] = 'NULL';
}
return $return;
}
function validateResourceData()
{
global $user;
$return = array('error' => 0);
$return['rscid'] = getContinuationVar('rscid', 0);
$return['name'] = processInputVar('name', ARG_STRING);
$return['startnum'] = processInputVar('startnum', ARG_NUMERIC);
$return['endnum'] = processInputVar('endnum', ARG_NUMERIC);
$return['owner'] = processInputVar('owner', ARG_STRING, "{$user['unityid']}@{$user['affiliation']}");
$return['type'] = processInputVar('type', ARG_STRING);
$return['IPaddress'] = processInputVar('ipaddress', ARG_STRING);
$return['privateIPaddress'] = processInputVar('privateipaddress', ARG_STRING);
$return['eth0macaddress'] = processInputVar('privatemac', ARG_STRING);
$return['eth1macaddress'] = processInputVar('publicmac', ARG_STRING);
$return['startpubipaddress'] = processInputVar('startpubipaddress', ARG_STRING);
$return['endpubipaddress'] = processInputVar('endpubipaddress', ARG_STRING);
$return['startprivipaddress'] = processInputVar('startprivipaddress', ARG_STRING);
$return['endprivipaddress'] = processInputVar('endprivipaddress', ARG_STRING);
$return['startmac'] = processInputVar('startmac', ARG_STRING);
$return['provisioningid'] = processInputVar('provisioningid', ARG_NUMERIC);
$return['stateid'] = processInputVar('stateid', ARG_NUMERIC);
$return['notes'] = processInputVar('notes', ARG_STRING);
$return['vmprofileid'] = processInputVar('vmprofileid', ARG_NUMERIC);
$return['platformid'] = processInputVar('platformid', ARG_NUMERIC);
$return['scheduleid'] = processInputVar('scheduleid', ARG_NUMERIC);
$return['ram'] = processInputVar('ram', ARG_NUMERIC);
$return['cores'] = processInputVar('cores', ARG_NUMERIC);
$return['procspeed'] = processInputVar('procspeed', ARG_NUMERIC);
$return['network'] = processInputVar('network', ARG_NUMERIC);
$return['predictivemoduleid'] = processInputVar('predictivemoduleid', ARG_NUMERIC);
$return['natenabled'] = processInputVar('natenabled', ARG_NUMERIC);
$return['nathostid'] = processInputVar('nathostid', ARG_NUMERIC);
$return['nathostenabled'] = processInputVar('nathostenabled', ARG_NUMERIC);
$return['natpublicIPaddress'] = processInputVar('natpublicipaddress', ARG_STRING);
$return['natinternalIPaddress'] = processInputVar('natinternalipaddress', ARG_STRING);
$return['location'] = processInputVar('location', ARG_STRING);
$addmode = processInputVar('addmode', ARG_STRING);
if (!is_null($addmode) && $addmode != 'single' && $addmode != 'multiple') {
$return['error'] = 1;
$return['errormsg'] = "Invalid Add mode submitted";
return $return;
}
$olddata = getContinuationVar('olddata');
if ($return['rscid'] == 0) {
$return['mode'] = 'add';
} else {
$return['mode'] = 'edit';
}
$errormsg = array();
# hostname
$hostreg = '/^[a-zA-Z0-9_][-a-zA-Z0-9_\\.]{1,49}$/';
if ($return['mode'] == 'add' && $addmode == 'multiple') {
$hostreg = '/^[a-zA-Z0-9_%][-a-zA-Z0-9_\\.%]{1,49}$/';
}
if (!preg_match($hostreg, $return['name'])) {
$return['error'] = 1;
$errormsg[] = "Hostname can only contain letters, numbers, dashes(-), periods(.), and underscores(_). It can be from 1 to 50 characters long";
} elseif ($this->checkForHostname($return['name'], $return['rscid'])) {
$return['error'] = 1;
$errormsg[] = "A computer already exists with this hostname.";
}
# add multiple
if ($return['mode'] == 'add' && $addmode == 'multiple') {
# startnum/endnum
if ($return['startnum'] < 0 || $return['startnum'] > 255) {
$return['error'] = 1;
$errormsg[] = "Start must be from 0 to 255";
}
if ($return['endnum'] < 0 || $return['endnum'] > 255) {
$return['error'] = 1;
$errormsg[] = "End must be from 0 to 255";
}
if ($return['startnum'] >= 0 && $return['startnum'] <= 255 && $return['endnum'] >= 0 && $return['endnum'] <= 255 && $return['startnum'] > $return['endnum']) {
$return['error'] = 1;
$errormsg[] = "Start must be >= End";
}
$checkhosts = array();
for ($i = $return['startnum']; $i <= $return['endnum']; $i++) {
$checkhosts[] = str_replace('%', $i, $return['name']);
}
$allhosts = implode("','", $checkhosts);
$query = "SELECT hostname FROM computer " . "WHERE hostname IN ('{$allhosts}') AND " . "deleted = 0";
$qh = doQuery($query);
$exists = array();
while ($row = mysql_fetch_assoc($qh)) {
$exists[] = $row['hostname'];
}
if (count($exists)) {
$hosts = implode(', ', $exists);
$return['error'] = 1;
$errormsg[] = "There are already computers with these hostnames: {$hosts}";
}
} else {
$return['startnum'] = 0;
$return['endnum'] = 0;
}
# owner
if (!validateUserid($return['owner'])) {
$return['error'] = 1;
$errormsg[] = "Submitted owner is not valid";
}
# type
if (!preg_match('/^(blade|lab|virtualmachine)$/', $return['type'])) {
$return['error'] = 1;
$errormsg[] = "Submitted type is not valid";
}
# edit or add single
if ($return['rscid'] || $return['mode'] == 'add' && $addmode == 'single') {
# ipaddress
if (!validateIPv4addr($return['IPaddress'])) {
$return['error'] = 1;
$errormsg[] = "Invalid Public IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
}
# private ipaddress
if (strlen($return['privateIPaddress']) && !validateIPv4addr($return['privateIPaddress'])) {
$return['error'] = 1;
$errormsg[] = "Invalid Private IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
}
# eth0macaddress
if (strlen($return['eth0macaddress'])) {
if (!preg_match('/^(([A-Fa-f0-9]){2}:){5}([A-Fa-f0-9]){2}$/', $return["eth0macaddress"])) {
$return['error'] = 1;
$errormsg[] = "Invalid Private MAC address. Must be XX:XX:XX:XX:XX:XX " . "with each pair of XX being from 00 to FF (inclusive)";
} elseif ($this->checkForMACaddress($return['eth0macaddress'], 0, $return['rscid'])) {
$return['error'] = 1;
$errormsg[] = "There is already a computer with this Private MAC address.";
}
}
# eth1macaddress
if (strlen($return['eth1macaddress'])) {
if (!preg_match('/^(([A-Fa-f0-9]){2}:){5}([A-Fa-f0-9]){2}$/', $return["eth1macaddress"])) {
$return['error'] = 1;
$errormsg[] = "Invalid Public MAC address. Must be XX:XX:XX:XX:XX:XX " . "with each pair of XX being from 00 to FF (inclusive)";
} elseif ($this->checkForMACaddress($return['eth1macaddress'], 1, $return['rscid'])) {
$return['error'] = 1;
$errormsg[] = "There is already a computer with this Public MAC address.";
}
}
} else {
$return['IPaddress'] = '';
$return['privateIPaddress'] = '';
$return['eth0macaddress'] = '';
$return['eth1macaddress'] = '';
}
# add multiple
if ($return['mode'] == 'add' && $addmode == 'multiple') {
if (!validateIPv4addr($return['startpubipaddress'])) {
$return['error'] = 1;
$errormsg[] = "Invalid Start Public IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
}
if (!validateIPv4addr($return['endpubipaddress'])) {
$return['error'] = 1;
$errormsg[] = "Invalid End Public IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
}
if (!validateIPv4addr($return['startprivipaddress'])) {
$return['error'] = 1;
$errormsg[] = "Invalid Start Private IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
}
if (!validateIPv4addr($return['endprivipaddress'])) {
$return['error'] = 1;
$errormsg[] = "Invalid End Private IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
}
$startpubiplong = ip2long($return['startpubipaddress']);
$endpubiplong = ip2long($return['endpubipaddress']);
if ($startpubiplong > $endpubiplong) {
$return['error'] = 1;
$errormsg[] = "Start Public IP Address must be lower or equal to End Public IP Address";
} elseif ($endpubiplong - $startpubiplong != $return['endnum'] - $return['startnum']) {
$return['error'] = 1;
$errormsg[] = "Public IP Address range does not equal Start/End range";
}
$startpriviplong = ip2long($return['startprivipaddress']);
$endpriviplong = ip2long($return['endprivipaddress']);
if ($startpriviplong > $endpriviplong) {
$return['error'] = 1;
$errormsg[] = "Start Private IP Address must be lower or equal to End Private IP Address";
} elseif ($endpriviplong - $startpriviplong != $return['endnum'] - $return['startnum']) {
$return['error'] = 1;
$errormsg[] = "Private IP Address range does not equal Start/End range";
}
$return['startpubiplong'] = $startpubiplong;
$return['endpubiplong'] = $endpubiplong;
$return['startpriviplong'] = $startpriviplong;
$return['endpriviplong'] = $endpriviplong;
$cnt = $endpubiplong - $startpubiplong + 1;
if ($return['startmac'] != '') {
if (!preg_match('/^(([A-Fa-f0-9]){2}:){5}([A-Fa-f0-9]){2}$/', $return['startmac'])) {
$return['error'] = 1;
$errormsg[] = "Invalid Start MAC address. Must be XX:XX:XX:XX:XX:XX " . "with each pair of XX being from 00 to FF (inclusive)";
} elseif ($this->checkMultiAddMacs($return['startmac'], $cnt, $msg, $macs)) {
$return['error'] = 1;
$errormsg[] = $msg;
}
$return['macs'] = $macs;
} else {
$return['macs'] = array();
}
} else {
$return['startpubipaddress'] = '';
$return['endpubipaddress'] = '';
$return['startprivipaddress'] = '';
$return['endprivipaddress'] = '';
$return['startmac'] = '';
}
# provisioningid
$provisioning = getProvisioning();
if (!array_key_exists($return['provisioningid'], $provisioning)) {
$return['error'] = 1;
$errormsg[] = "Invalid Provisioning Engine selected";
} else {
$return['provisioning'] = $provisioning[$return['provisioningid']]['name'];
}
# stateid 2 - available, 10 - maintenance, 20 - vmhostinuse
if (!preg_match('/^(2|10|20)$/', $return['stateid']) && ($return['mode'] == 'add' || $return['stateid'] != $olddata['stateid'])) {
$return['error'] = 1;
$errormsg[] = "Invalid value submitted for State";
}
# validate type/provisioning combinations
$provtypes = getProvisioningTypes();
if (($return['mode'] == 'add' || $olddata['provisioningid'] != $return['provisioningid']) && !array_key_exists($return['provisioningid'], $provtypes[$return['type']])) {
$return['error'] = 1;
$errormsg[] = "Invalid Provisioning Engine selected for computer type";
}
# validate type/provisioning/state combinations
if ($return['mode'] == 'add' || $olddata['stateid'] != $return['stateid']) {
if ($return['type'] == 'lab') {
if ($return['stateid'] != 2 && $return['stateid'] != 10) {
$return['error'] = 1;
$errormsg[] = "Invalid state submitted for computer type Lab";
}
} elseif ($return['type'] == 'virtualmachine') {
if ($return['stateid'] != 10 && ($return['mode'] == 'add' || !is_numeric($olddata['vmhostid']) || $return['stateid'] != 2)) {
$return['error'] = 1;
$errormsg[] = "Invalid state submitted for computer type Virtual Machine";
}
} elseif ($return['type'] == 'blade') {
if ($provisioning[$return['provisioningid']]['name'] == 'none' && $return['stateid'] != 10 && $return['stateid'] != 20) {
$return['error'] = 1;
$errormsg[] = "Invalid state submitted for computer type Bare Metal";
}
}
}
# notes
if ($return['stateid'] == 10) {
if (!preg_match('/^([-a-zA-Z0-9_\\. ,#\\(\\)=\\+:;]{0,5000})$/', $return['notes'])) {
$return['error'] = 1;
$errormsg[] = "Maintenance reason can be up to 5000 characters long and may only<br>contain letters, numbers, spaces and these characters: - , . _ # ( ) = + : ;";
}
} else {
$return['notes'] = '';
}
# vmprofileid
$profiles = getVMProfiles();
if ($return['type'] == 'blade' && $return['stateid'] == 20 && !array_key_exists($return['vmprofileid'], $profiles)) {
$return['error'] = 1;
$errormsg[] = "Invalid value submitted for VM Host Profile";
}
# platformid
$platforms = getPlatforms();
if (!array_key_exists($return['platformid'], $platforms)) {
$return['error'] = 1;
$errormsg[] = "Invalid value submitted for Platform";
}
# scheduleid
$schedules = getSchedules();
if (!array_key_exists($return['scheduleid'], $schedules)) {
$return['error'] = 1;
$errormsg[] = "Invalid value submitted for Schedule";
}
# ram
if ($return['ram'] < 500 || $return['ram'] > 16777215) {
$return['error'] = 1;
$errormsg[] = "Invalid value submitted for RAM";
}
# cores
if ($return['cores'] < 1 || $return['cores'] > 255) {
$return['error'] = 1;
$errormsg[] = "Invalid value submitted for No. Cores";
}
# procspeed
if ($return['procspeed'] < 500 || $return['procspeed'] > 10000) {
$return['error'] = 1;
$errormsg[] = "Invalid value submitted for Processor Speed";
}
# network
if (!preg_match('/^(10|100|1000|10000|100000)$/', $return['network'])) {
$return['error'] = 1;
$errormsg[] = "Invalid value submitted for Network";
}
# predictivemoduleid
$premodules = getPredictiveModules();
if (!array_key_exists($return['predictivemoduleid'], $premodules)) {
$return['error'] = 1;
$errormsg[] = "Invalid value submitted for Predictive Loading Module";
}
$naterror = 0;
# natenabled
if ($return['natenabled'] != 0 && $return['natenabled'] != 1) {
$return['error'] = 1;
$errormsg[] = "Invalid value for Connect Using NAT";
$naterror = 1;
}
# nathostid
$nathosts = getNAThosts();
if ($return['natenabled'] && $return['nathostid'] == 0 || $return['nathostid'] != 0 && !array_key_exists($return['nathostid'], $nathosts)) {
$return['error'] = 1;
$errormsg[] = "Invalid value submitted for NAT Host";
$naterror = 1;
}
# nat change - check for active reservations
$vclreloadid = getUserlistID('vclreload@Local');
if ($return['mode'] == 'edit') {
if ($olddata['nathostid'] == '') {
$olddata['nathostid'] = 0;
}
if (!$naterror && ($olddata['natenabled'] != $return['natenabled'] || $olddata['nathostid'] != $return['nathostid'])) {
$query = "SELECT rq.id " . "FROM request rq, " . "reservation rs " . "WHERE rs.requestid = rq.id AND " . "rs.computerid = {$return['rscid']} AND " . "rq.start <= NOW() AND " . "rq.end > NOW() AND " . "rq.stateid NOT IN (1,5,11,12) AND " . "rq.laststateid NOT IN (1,5,11,12) AND " . "rq.userid != {$vclreloadid}";
$qh = doQuery($query);
if (mysql_num_rows($qh)) {
$return['error'] = 1;
$errormsg[] = "This computer has an active reservation. NAT settings cannot be changed for computers having<br>active reservations.";
}
}
}
$nathosterror = 0;
# nathostenabled
if ($return['nathostenabled'] != 0 && $return['nathostenabled'] != 1) {
$return['error'] = 1;
$errormsg[] = "Invalid value for Use as NAT Host";
$nathosterror = 1;
}
# natpublicIPaddress
if ($return['nathostenabled'] && ($return['mode'] == 'edit' || $addmode == 'single')) {
if (!validateIPv4addr($return['natpublicIPaddress'])) {
$return['error'] = 1;
$errormsg[] = "Invalid NAT Public IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
$nathosterror = 1;
}
# natinternalIPaddress
if (!validateIPv4addr($return['natinternalIPaddress'])) {
$return['error'] = 1;
$errormsg[] = "Invalid NAT Internal IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
$nathosterror = 1;
}
}
# nat host change - check for active reservations
if (!$nathosterror && $return['mode'] == 'edit') {
if ($olddata['nathostenabled'] != $return['nathostenabled'] || $olddata['natpublicIPaddress'] != $return['natpublicIPaddress'] || $olddata['natinternalIPaddress'] != $return['natinternalIPaddress']) {
$query = "SELECT rq.id " . "FROM request rq, " . "reservation rs, " . "nathostcomputermap nhcm, " . "nathost nh " . "WHERE rs.requestid = rq.id AND " . "rs.computerid = nhcm.computerid AND " . "nhcm.nathostid = nh.id AND " . "nh.resourceid = {$olddata['resourceid']} AND " . "rq.start <= NOW() AND " . "rq.end > NOW() AND " . "rq.stateid NOT IN (1,5,11,12) AND " . "rq.laststateid NOT IN (1,5,11,12) AND " . "rq.userid != {$vclreloadid}";
$qh = doQuery($query);
if (mysql_num_rows($qh)) {
$return['error'] = 1;
$errormsg[] = "This computer is the NAT host for other computers that have active reservations. NAT host<br>settings cannot be changed while providing NAT for active reservations.";
}
}
}
# location
if (!preg_match('/^([-a-zA-Z0-9_\\. ,@#\\(\\)]{0,255})$/', $return['location'])) {
$return['error'] = 1;
$errormsg[] = "Invalid value submitted for Location";
}
if ($return['mode'] == 'add') {
$return['addmode'] = $addmode;
}
if ($return['error']) {
$return['errormsg'] = implode('<br>', $errormsg);
}
return $return;
}
function processInput($configid)
{
$return = array();
$configtypes = getConfigTypes();
$return['typeid'] = processInputVar('typeid', ARG_NUMERIC);
if (!array_key_exists($return['typeid'], $configtypes)) {
$this->errmsg = "Invalid type submitted";
return 0;
}
$return['name'] = processInputVar('name', ARG_STRING);
if (!preg_match('/^([-a-zA-Z0-9\\. ]){3,80}$/', $return['name'])) {
$this->errmsg = "The name can only contain letters, numbers, spaces, dashes(-)," . "\\nand periods(.) and can be from 3 to 80 characters long";
return 0;
}
# check for existance of name
$name = mysql_real_escape_string($return['name']);
$query = "SELECT id FROM config WHERE name = '{$name}' AND id != {$configid}";
$qh = doQuery($query);
if (mysql_num_rows($qh)) {
$this->errmsg = "Another config with this name already exists.";
return 0;
}
# owner
$return['owner'] = processInputVar('owner', ARG_STRING);
if (!validateUserid($return['owner'])) {
$this->errmsg = "Invalid user submitted for owner";
return 0;
}
$return['ownerid'] = getUserlistID($return['owner']);
if (is_null($return['owner'])) {
$this->errmsg = "Invalid user submitted for owner";
return 0;
}
# optional
$return['optional'] = processInputVar('optional', ARG_NUMERIC);
if ($return['optional'] !== '0' && $return['optional'] !== '1') {
$this->errmsg = "Invalid data submitted";
return 0;
}
# type
$return['type'] = $configtypes[$return['typeid']];
# cluster
if ($return['type'] == 'Cluster') {
if (get_magic_quotes_gpc()) {
$tmp = stripslashes($_POST['subimages']);
} else {
$tmp = $_POST['subimages'];
}
$tmp = json_decode($tmp, 1);
if (is_null($tmp)) {
$this->errmsg = "Invalid data submitted";
return 0;
}
$resources = getUserResources(array("imageAdmin"));
$return['subimages'] = $tmp['items'];
foreach ($return['subimages'] as $key => $sub) {
if (!array_key_exists($sub['imageid'], $resources['image'])) {
$this->errmsg = "Invalid subimage submitted";
return 0;
} elseif (!is_numeric($sub['min']) || $sub['min'] < 1 || $sub['min'] > MAXSUBIMAGES || !is_numeric($sub['max']) || $sub['max'] < 1 || $sub['max'] > MAXSUBIMAGES || $sub['min'] > $sub['max']) {
$this->errmsg = "Invalid min/max value submitted for {$resources['image'][$sub['imageid']]}";
return 0;
} elseif ($sub['deleted'] != 0 && $sub['deleted'] != 1) {
if ($sub['id'] > 15000000) {
unset($return['subimages'][$key]);
} else {
$return['subimages'][$key]['deleted'] = 0;
}
}
}
$return['data'] = '';
} elseif ($return['type'] == 'VLAN') {
$tmp = getContinuationVar('configdata');
$vdata = $tmp['variables'][0];
$return['data'] = processInputVar('vlanid', ARG_NUMERIC);
if ($return['data'] < 1 || $return['data'] > 4095) {
$this->errmsg = "VLAN ID must be between 1 and 4095";
return 0;
}
$var = array($vdata['id'] => array('id' => $vdata['id'], 'name' => 'VLAN', 'identifier' => $vdata['identifier'], 'datatypeid' => $vdata['datatypeid'], 'defaultvalue' => $return['data'], 'required' => '1', 'ask' => '0', 'deleted' => '0'));
$return['configvariables'] = $var;
} else {
# TODO may need more validation on data
$return['data'] = trim($_POST['data']);
if (get_magic_quotes_gpc()) {
$return['data'] = stripslashes($return['data']);
}
if (!is_string($return['data']) || $return['data'] == '') {
$this->errmsg = "cannot be empty";
return 0;
}
# TODO validate configvariable input
if (get_magic_quotes_gpc()) {
$tmp = stripslashes($_POST['configvariables']);
} else {
$tmp = $_POST['configvariables'];
}
$tmp = json_decode($tmp, 1);
$return['configvariables'] = $tmp['items'];
}
return $return;
}
function validateResourceData()
{
global $user;
$return = array('error' => 0);
$return["name"] = processInputVar("name", ARG_STRING);
$return["owner"] = processInputVar("owner", ARG_STRING, "{$user["unityid"]}@{$user['affiliation']}");
$return["ram"] = processInputVar("ram", ARG_NUMERIC, 512);
$return["cores"] = processInputVar("cores", ARG_NUMERIC);
$return["cpuspeed"] = processInputVar("cpuspeed", ARG_NUMERIC);
$return["networkspeed"] = (int) processInputVar("networkspeed", ARG_NUMERIC);
$return["concurrent"] = processInputVar("concurrent", ARG_NUMERIC, 0);
$return["reload"] = processInputVar("reload", ARG_NUMERIC);
# not in add
$return["checkout"] = processInputVar("checkout", ARG_NUMERIC);
$return["checkuser"] = processInputVar("checkuser", ARG_NUMERIC);
$return["rootaccess"] = processInputVar("rootaccess", ARG_NUMERIC);
$return["sethostname"] = processInputVar("sethostname", ARG_NUMERIC);
$return["sysprep"] = processInputVar("sysprep", ARG_NUMERIC);
# only in add
$return["connectmethodids"] = processInputVar("connectmethodids", ARG_STRING);
# only in add
$return['requestid'] = getContinuationVar('requestid');
# only in add
$return["imageid"] = getContinuationVar('imageid');
$return['baserevisionid'] = getContinuationVar('baserevisionid');
$return["desc"] = processInputVar("desc", ARG_STRING);
if (get_magic_quotes_gpc()) {
$return["desc"] = stripslashes($return['desc']);
}
$return['desc'] = preg_replace("/[\n\\s]*\$/", '', $return['desc']);
$return['desc'] = preg_replace("/\r/", '', $return['desc']);
$return['desc'] = htmlspecialchars($return['desc']);
$return['desc'] = preg_replace("/\n/", '<br>', $return['desc']);
$return["usage"] = processInputVar("usage", ARG_STRING);
if (get_magic_quotes_gpc()) {
$return["usage"] = stripslashes($return['usage']);
}
$return['usage'] = preg_replace("/[\n\\s]*\$/", '', $return['usage']);
$return['usage'] = preg_replace("/\r/", '', $return['usage']);
$return['usage'] = htmlspecialchars($return['usage']);
$return['usage'] = preg_replace("/\n/", '<br>', $return['usage']);
$return["comments"] = processInputVar("imgcomments", ARG_STRING);
if (get_magic_quotes_gpc()) {
$return["comments"] = stripslashes($return['comments']);
}
$return['comments'] = preg_replace("/[\n\\s]*\$/", '', $return['comments']);
$return['comments'] = preg_replace("/\r/", '', $return['comments']);
$return['comments'] = htmlspecialchars($return['comments']);
$return['comments'] = preg_replace("/\n/", '<br>', $return['comments']);
if ($return['requestid'] != '') {
$return['mode'] = 'add';
} else {
$return['mode'] = 'edit';
}
$errormsg = array();
if (preg_match("/[-'\"]/", $return["name"]) || strlen($return["name"]) > 60 || strlen($return["name"]) < 2) {
$return['error'] = 1;
$errormsg[] = i("Name must be from 2 to 60 characters and cannot contain any dashes (-), single (') or double (\") quotes.");
} elseif (!preg_match('/^[\\x20-\\x7E]+$/', $return["name"])) {
$return['error'] = 1;
$errormsg[] = i("Name can only contain alphabets, numbers, signs, and spaces.");
} else {
if ($return['mode'] == 'edit') {
$imageid = $return['imageid'];
} else {
$imageid = '';
}
if ($this->checkForImageName($return["name"], "long", $imageid)) {
$return['error'] = 1;
$errormsg[] = i("An image already exists with this name.");
}
}
if ($return["ram"] < 0 || $return["ram"] > 8388607) {
$return['error'] = 1;
$errormsg[] = i("RAM must be between 0 and 8388607");
}
if ($return["cores"] < 0 || $return["cores"] > 255) {
$return['error'] = 1;
$errormsg[] = i("Cores must be between 0 and 255");
}
if ($return["cpuspeed"] < 0 || $return["cpuspeed"] > 20000) {
$return['error'] = 1;
$errormsg[] = i("Processor Speed must be between 0 and 20000");
}
$lognetwork = log10($return['networkspeed']);
if ($lognetwork < 1 || $lognetwork > 5) {
$return['error'] = 1;
$errormsg[] = i("Invalid value submitted for network speed");
}
if (!is_numeric($return['concurrent']) && !empty($return['concurrent']) || is_numeric($return['concurrent']) && ($return["concurrent"] < 0 || $return["concurrent"] > 255)) {
$return['error'] = 1;
$errormsg[] = i("Max concurrent usage must be between 0 and 255");
}
if ($return['mode'] == 'edit' && ($return["reload"] < 0 || $return["reload"] > 120)) {
$return['error'] = 1;
$errormsg[] = i("Estimated Reload Time must be between 0 and 120");
}
if (!validateUserid($return["owner"])) {
$return['error'] = 1;
$errormsg[] = i("Submitted ID is not valid");
}
if ($return['checkout'] != 0 && $return['checkout'] != 1) {
$return['error'] = 1;
$errormsg[] = i("Available for checkout must be Yes or No");
}
if ($return['checkuser'] != 0 && $return['checkuser'] != 1) {
$return['error'] = 1;
$errormsg[] = i("Check for logged in user must be Yes or No");
}
if ($return['rootaccess'] != 0 && $return['rootaccess'] != 1) {
$return['error'] = 1;
$errormsg[] = i("Users have administrative access must be Yes or No");
}
if ($return['sethostname'] != 0 && $return['sethostname'] != 1) {
$return['error'] = 1;
$errormsg[] = i("Set computer hostname must be Yes or No");
}
if ($return['mode'] == 'add' && $return['sysprep'] != 0 && $return['sysprep'] != 1) {
$return['error'] = 1;
$errormsg[] = i("Use sysprep must be Yes or No");
}
if (empty($return['desc'])) {
$return['error'] = 1;
$errormsg[] = i("You must include a description of the image") . "<br>";
}
if ($return['mode'] == 'add') {
if (!preg_match('/^[,0-9]+$/', $return['connectmethodids'])) {
$tmp = getImageConnectMethods($return['imageid'], getContinuationVar('baserevisionid', 0));
$return['connectmethodids'] = implode(',', array_keys($tmp));
} else {
$conmethods = getConnectMethods($return['imageid']);
$ids = array();
foreach (explode(',', $return['connectmethodids']) as $id) {
if (array_key_exists($id, $conmethods)) {
$ids[$id] = 1;
}
}
if (empty($ids)) {
$ids = getImageConnectMethods($return['imageid'], getContinuationVar('baserevisionid', 0));
}
$return['connectmethodids'] = implode(',', array_keys($ids));
}
}
if ($return['error']) {
$return['errormsg'] = implode('<br>', $errormsg);
}
return $return;
}
function addGroupUser()
{
global $submitErr, $submitErrMsg;
$groupid = getContinuationVar("groupid");
$newuser = processInputVar("newuser", ARG_STRING);
if (validateUserid($newuser) != 1) {
$submitErr |= IDNAMEERR;
$submitErrMsg[IDNAMEERR] = "Invalid login ID";
editOrAddGroup(0);
return;
}
addUserGroupMember($newuser, $groupid);
editOrAddGroup(0);
}
function processImageInput($checks = 1)
{
global $submitErr, $submitErrMsg, $user;
$return = array();
$mode = processInputVar("mode", ARG_STRING);
$return["imageid"] = processInputVar("imageid", ARG_NUMERIC, getContinuationVar('imageid'));
$return['requestid'] = getContinuationVar('requestid');
#$return["name"] = processInputVar("name", ARG_STRING);
$return["prettyname"] = processInputVar("prettyname", ARG_STRING);
$return["owner"] = processInputVar("owner", ARG_STRING, "{$user["unityid"]}@{$user['affiliation']}");
#$return["platformid"] = processInputVar("platformid", ARG_NUMERIC);
#$return["osid"] = processInputVar("osid", ARG_NUMERIC);
$return["minram"] = processInputVar("minram", ARG_NUMERIC, 64);
$return["minprocnumber"] = processInputVar("minprocnumber", ARG_NUMERIC);
$return["minprocspeed"] = processInputVar("minprocspeed", ARG_NUMERIC, 500);
$return["minnetwork"] = processInputVar("minnetwork", ARG_NUMERIC);
$return["maxconcurrent"] = processInputVar("maxconcurrent", ARG_NUMERIC);
$return["reloadtime"] = processInputVar("reloadtime", ARG_NUMERIC, 10);
$return["forcheckout"] = processInputVar("forcheckout", ARG_NUMERIC, 1);
$return["checkuser"] = processInputVar("checkuser", ARG_NUMERIC, 1);
$return["usergroupid"] = processInputVar("usergroupid", ARG_NUMERIC);
$return["sysprep"] = processInputVar("sysprep", ARG_NUMERIC, 1);
$return["description"] = processInputVar("description", ARG_STRING);
$return["usage"] = processInputVar("usage", ARG_STRING);
$return["comments"] = processInputVar("comments", ARG_STRING);
$return['description'] = preg_replace("/[\n\\s]*\$/", '', $return['description']);
$return['description'] = preg_replace("/\r/", '', $return['description']);
$return['description'] = htmlspecialchars($return['description']);
$return['description'] = preg_replace("/\n/", '<br>', $return['description']);
$return['usage'] = preg_replace("/[\n\\s]*\$/", '', $return['usage']);
$return['usage'] = preg_replace("/\r/", '', $return['usage']);
$return['usage'] = htmlspecialchars($return['usage']);
$return['usage'] = preg_replace("/\n/", '<br>', $return['usage']);
$return['comments'] = preg_replace("/[\n\\s]*\$/", '', $return['comments']);
$return['comments'] = preg_replace("/\r/", '', $return['comments']);
$return['comments'] = htmlspecialchars($return['comments']);
$return['comments'] = preg_replace("/\n/", '<br>', $return['comments']);
if (!$checks) {
return $return;
}
/*if($mode != "confirmAddImage" &&
(strlen($return["name"]) > 30 || strlen($return["name"]) < 2)) {
$submitErr |= NAMEERR;
$submitErrMsg[NAMEERR] = "Short Name must be from 2 to 30 characters";
}
if(! ($submitErr & NAMEERR) &&
checkForImageName($return["name"], "short", $return["imageid"])) {
$submitErr |= NAMEERR;
$submitErrMsg[NAMEERR] = "An image already exists with this name.";
}*/
if (ereg('-', $return["prettyname"]) || strlen($return["prettyname"]) > 60 || strlen($return["prettyname"]) < 2) {
$submitErr |= PRETTYNAMEERR;
$submitErrMsg[PRETTYNAMEERR] = "Long Name must be from 2 to 60 characters " . "and cannot contain any dashes (-).";
}
if (!($submitErr & PRETTYNAMEERR) && checkForImageName($return["prettyname"], "long", $return["imageid"])) {
$submitErr |= PRETTYNAMEERR;
$submitErrMsg[PRETTYNAMEERR] = "An image already exists with this name.";
}
if ($return["minram"] < 0 || $return["minram"] > 20480) {
$submitErr |= MINRAMERR;
$submitErrMsg[MINRAMERR] = "RAM must be between 0 and 20480 MB";
}
if ($return["minprocspeed"] < 0 || $return["minprocspeed"] > 20000) {
$submitErr |= MINPROCSPEEDERR;
$submitErrMsg[MINPROCSPEEDERR] = "Processor Speed must be between 0 and 20000";
}
if (!is_numeric($return['maxconcurrent']) && !empty($return['maxconcurrent']) || is_numeric($return['maxconcurrent']) && ($return["maxconcurrent"] < 1 || $return["maxconcurrent"] > 255)) {
$submitErr |= MAXCONCURRENTERR;
$submitErrMsg[MAXCONCURRENTERR] = "Max concurrent usage must be blank or between 1 and 255";
}
if ($return["reloadtime"] < 0 || $return["reloadtime"] > 120) {
$submitErr |= RELOADTIMEERR;
$submitErrMsg[RELOADTIMEERR] = "Estimated Reload Time must be between 0 and 120";
}
if (!validateUserid($return["owner"])) {
$submitErr |= IMGOWNERERR;
$submitErrMsg[IMGOWNERERR] = "Submitted ID is not valid";
}
if (empty($return['description'])) {
$submitErr |= IMAGEDESCRIPTIONERR;
$submitErrMsg[IMAGEDESCRIPTIONERR] = "You must include a description of the image<br>";
}
return $return;
}
function validateAPIgroupInput($items, $exists)
{
# initialMaxTime
if (array_key_exists('initialMaxTime', $items)) {
if (!is_numeric($items['initialMaxTime']) || $items['initialMaxTime'] < 1 || $items['initialMaxTime'] > 65535) {
return array('status' => 'error', 'errorcode' => 21, 'errormsg' => 'submitted initialMaxTime is invalid');
}
}
# totalMaxTime
if (array_key_exists('totalMaxTime', $items)) {
if (!is_numeric($items['totalMaxTime']) || $items['totalMaxTime'] < 1 || $items['totalMaxTime'] > 65535) {
return array('status' => 'error', 'errorcode' => 22, 'errormsg' => 'submitted totalMaxTime is invalid');
}
}
# maxExtendTime
if (array_key_exists('maxExtendTime', $items)) {
if (!is_numeric($items['maxExtendTime']) || $items['maxExtendTime'] < 1 || $items['maxExtendTime'] > 65535) {
return array('status' => 'error', 'errorcode' => 23, 'errormsg' => 'submitted maxExtendTime is invalid');
}
}
# affiliation
if (array_key_exists('affiliation', $items)) {
$esc_affiliation = mysql_escape_string($items['affiliation']);
$affilid = getAffiliationID($esc_affiliation);
if (is_null($affilid)) {
return array('status' => 'error', 'errorcode' => 17, 'errormsg' => 'unknown affiliation');
}
$items['affiliationid'] = $affilid;
}
# name
if (array_key_exists('name', $items)) {
if (!ereg('^[-a-zA-Z0-9_\\.: ]{3,30}$', $items['name'])) {
return array('status' => 'error', 'errorcode' => 19, 'errormsg' => 'Name must be between 3 and 30 characters ' . 'and can only contain letters, numbers, and ' . 'these characters: - _ . :');
}
$esc_name = mysql_escape_string($items['name']);
$doesexist = checkForGroupName($esc_name, 'user', '', $affilid);
if ($exists && !$doesexist) {
return array('status' => 'error', 'errorcode' => 18, 'errormsg' => 'user group with submitted name and affiliation does not exist');
} elseif (!$exists && $doesexist) {
return array('status' => 'error', 'errorcode' => 27, 'errormsg' => 'existing user group with submitted name and affiliation');
} elseif ($exists && $doesexist) {
$items['id'] = getUserGroupID($esc_name, $affilid);
}
}
# owner
if (array_key_exists('owner', $items)) {
if (!validateUserid(mysql_escape_string($items['owner']))) {
return array('status' => 'error', 'errorcode' => 20, 'errormsg' => 'submitted owner is invalid');
}
}
# managingGroup
if (array_key_exists('managingGroup', $items)) {
$parts = explode('@', $items['managingGroup']);
if (count($parts) != 2) {
return array('status' => 'error', 'errorcode' => 24, 'errormsg' => 'submitted managingGroup is invalid');
}
$esc_mgName = mysql_escape_string($parts[0]);
$esc_mgAffil = mysql_escape_string($parts[1]);
$mgaffilid = getAffiliationID($esc_mgAffil);
if (!checkForGroupName($esc_mgName, 'user', '', $mgaffilid)) {
return array('status' => 'error', 'errorcode' => 25, 'errormsg' => 'submitted managingGroup does not exist');
}
$items['managingGroupID'] = getUserGroupID($esc_mgName, $mgaffilid);
$items['managingGroupName'] = $parts[0];
$items['managingGroupAffilid'] = $mgaffilid;
}
$items['status'] = 'success';
return $items;
}
function processUserPrefsInput($checks = 1)
{
global $submitErr, $submitErrMsg, $user;
$return = array();
$defaultres = $user["width"] . 'x' . $user["height"];
$return["preferredname"] = processInputVar("preferredname", ARG_STRING, $user["preferredname"]);
$return["resolution"] = processInputVar("resolution", ARG_STRING, $defaultres);
$return["bpp"] = processInputVar("bpp", ARG_NUMERIC, $user["bpp"]);
$return["audiomode"] = processInputVar("audiomode", ARG_STRING, $user["audiomode"]);
$return["mapdrives"] = processInputVar("mapdrives", ARG_NUMERIC, $user["mapdrives"]);
$return["mapprinters"] = processInputVar("mapprinters", ARG_NUMERIC, $user["mapprinters"]);
$return["mapserial"] = processInputVar("mapserial", ARG_NUMERIC, $user["mapserial"]);
$return['unityid'] = "{$user['unityid']}@{$user['affiliation']}";
if (!$checks) {
return $return;
}
if (strlen($return["preferredname"]) > 25) {
$submitErr |= PREFNAMEERR;
$submitErrMsg[PREFNAMEERR] = "Preferred name can only be up to 25 characters";
}
if (!ereg('^[a-zA-Z ]*$', $return["preferredname"])) {
$submitErr |= PREFNAMEERR;
$submitErrMsg[PREFNAMEERR] = "Preferred name can only contain letters and spaces";
}
if (array_key_exists('unityid', $return) && !validateUserid($return['unityid'])) {
$submitErr |= VIEWASUSERERR;
$submitErrMsg[VIEWASUSERERR] = "Invalid user id";
}
if ($user['affiliation'] == 'Local') {
$return['newpassword'] = $_POST['newpassword'];
$confirmpwd = $_POST['confirmpassword'];
$curr = $_POST['currentpassword'];
if (get_magic_quotes_gpc()) {
$return['newpassword'] = stripslashes($return['newpassword']);
$confirmpwd = stripslashes($confirmpwd);
$curr = stripslashes($curr);
}
if (!empty($return['newpassword']) && !empty($confirmpwd) && !validateLocalAccount($user['unityid'], $curr)) {
$submitErr |= LOCALPASSWORDERR;
$submitErrMsg[LOCALPASSWORDERR] = "Password incorrect";
} elseif (empty($return['newpassword']) && !empty($confirmpwd) || !empty($return['newpassword']) && empty($confirmpwd) || $return['newpassword'] != $confirmpwd) {
$submitErr |= LOCALPASSWORDERR;
$submitErrMsg[LOCALPASSWORDERR] = "Passwords do not match";
}
}
return $return;
}
function AJsubmitAddUserPriv()
{
global $submitErr, $submitErrMsg, $user;
$node = processInputVar("activeNode", ARG_NUMERIC);
if (!checkUserHasPriv("userGrant", $user["id"], $node)) {
$text = "You do not have rights to add new users at this node.";
print "addUserPaneHide(); ";
print "alert('{$text}');";
dbDisconnect();
exit;
}
$newuser = processInputVar("newuser", ARG_STRING);
if (!validateUserid($newuser)) {
$text = "<font color=red>{$newuser} is not a valid userid</font>";
print setAttribute('addUserPrivStatus', 'innerHTML', $text);
dbDisconnect();
exit;
}
$perms = explode(':', processInputVar('perms', ARG_STRING));
$usertypes = getTypes("users");
array_push($usertypes["users"], "block");
array_push($usertypes["users"], "cascade");
$newuserprivs = array();
foreach ($usertypes["users"] as $type) {
if (in_array($type, $perms)) {
array_push($newuserprivs, $type);
}
}
if (empty($newuserprivs) || count($newuserprivs) == 1 && in_array("cascade", $newuserprivs)) {
$text = "<font color=red>No user privileges were specified</font>";
print setAttribute('addUserPrivStatus', 'innerHTML', $text);
dbDisconnect();
exit;
}
$node = processInputVar("activeNode", ARG_NUMERIC);
updateUserOrGroupPrivs($newuser, $node, $newuserprivs, array(), "user");
clearPrivCache();
print "refreshPerms();";
dbDisconnect();
exit;
}
function processScheduleInput($checks = 1)
{
global $submitErr, $submitErrMsg;
$return = array();
$return["start"] = array();
$return["end"] = array();
$return["scheduleid"] = getContinuationVar("scheduleid", processInputVar("scheduleid", ARG_NUMERIC));
$return["name"] = getContinuationVar("name", processInputVar("name", ARG_STRING));
$return["owner"] = getContinuationVar("owner", processInputVar("owner", ARG_STRING));
$return["submode"] = processInputVar("submode", ARG_STRING);
$return["selrow"] = processInputVar("selrow", ARG_NUMERIC);
$return["count"] = getContinuationVar("count", processInputVar("count", ARG_NUMERIC, 0));
$return["startDay"] = processInputVar("startDay", ARG_MULTINUMERIC);
$return["startTime"] = processInputVar("startTime", ARG_MULTISTRING);
$return["endDay"] = processInputVar("endDay", ARG_MULTINUMERIC);
$return["endTime"] = processInputVar("endTime", ARG_MULTISTRING);
if (!$checks) {
return $return;
}
if (strlen($return["name"]) > 25 || strlen($return["name"]) < 2) {
$submitErr |= SCHNAMEERR;
$submitErrMsg[SCHNAMEERR] = "Name must be from 2 to 30 characters";
}
if (!($submitErr & SCHNAMEERR) && checkForScheduleName($return["name"], $return["scheduleid"])) {
$submitErr |= SCHNAMEERR;
$submitErrMsg[SCHNAMEERR] = "A schedule already exists with this name.";
}
if (!validateUserid($return["owner"])) {
$submitErr |= SCHOWNERERR;
$submitErrMsg[SCHOWNERERR] = "The submitted unity ID is invalid.";
}
for ($i = 0; $i < $return["count"]; $i++) {
if (!ereg('^((0?[1-9])|(1[0-2])):([0-5][0-9]) (am|pm)$', $return["startTime"][$i]) || !ereg('^((0?[1-9])|(1[0-2])):([0-5][0-9]) (am|pm)$', $return["endTime"][$i])) {
$submitErr |= 1 << $i;
$submitErrMsg[1 << $i] = "Time must be of the form [H]H:MM am/pm";
} elseif (daytimeToMin($return["startDay"][$i], $return["startTime"][$i], "start") >= daytimeToMin($return["endDay"][$i], $return["endTime"][$i], "end")) {
$submitErr |= 1 << $i;
$submitErrMsg[1 << $i] = "The start day/time must be before the end day/time";
}
}
for ($i = 0; $i < $return["count"] - 1; $i++) {
for ($j = $i + 1; $j < $return["count"]; $j++) {
if (daytimeToMin($return["startDay"][$i], $return["startTime"][$i], "start") < daytimeToMin($return["endDay"][$j], $return["endTime"][$j], "end") && daytimeToMin($return["endDay"][$i], $return["endTime"][$i], "end") > daytimeToMin($return["startDay"][$j], $return["startTime"][$j], "start")) {
$submitErr |= OVERLAPERR;
$submitErrMsg[OVERLAPERR] = "At least 2 of the time periods overlap. Please combine them into a single entry.";
break 2;
}
}
}
return $return;
}
function XMLRPCaddUsersToGroup($name, $affiliation, $users)
{
global $user;
if (!in_array('groupAdmin', $user['privileges'])) {
return array('status' => 'error', 'errorcode' => 16, 'errormsg' => 'access denied for managing user groups');
}
$validate = array('name' => $name, 'affiliation' => $affiliation);
$rc = validateAPIgroupInput($validate, 1);
if ($rc['status'] == 'error') {
return $rc;
}
$query = "SELECT ownerid, " . "editusergroupid AS editgroupid " . "FROM usergroup " . "WHERE id = {$rc['id']}";
$qh = doQuery($query, 101);
if (!($row = mysql_fetch_assoc($qh))) {
return array('status' => 'error', 'errorcode' => 18, 'errormsg' => 'user group with submitted name and affiliation does not exist');
}
# if not owner and not member of managing group, no access
if ($user['id'] != $row['ownerid'] && !array_key_exists($row['editgroupid'], $user['groups'])) {
return array('status' => 'error', 'errorcode' => 28, 'errormsg' => 'access denied to user group with submitted name and affiliation');
}
$fails = array();
foreach ($users as $_user) {
if (empty($_user)) {
continue;
}
$esc_user = mysql_escape_string($_user);
if (validateUserid($esc_user) == 1) {
addUserGroupMember($esc_user, $rc['id']);
} else {
$fails[] = $_user;
}
}
if (count($fails)) {
$cnt = 'some';
$code = 34;
if (count($fails) == count($users)) {
$cnt = 'all submitted';
$code = 35;
}
return array('status' => 'warning', 'failedusers' => $fails, 'warningcode' => $code, 'warningmsg' => "failed to add {$cnt} users to user group");
}
return array('status' => 'success');
}
function processBulkComputerInput($checks = 1)
{
global $submitErr, $submitErrMsg, $viewmode;
$return = processComputerInput2();
$ipaddress = getContinuationVar("ipaddress", processInputVar("ipaddress", ARG_STRING));
if (!empty($ipaddress)) {
$return["startipaddress"] = $ipaddress;
$tmp = $ipaddress;
$tmpArr = explode('.', $tmp);
array_pop($tmpArr);
$return["endipaddress"] = implode('.', $tmpArr);
$return["starthostval"] = "";
$return["endhostval"] = "";
} else {
$return["startipaddress"] = getContinuationVar("startipaddress", processInputVar("startipaddress", ARG_STRING));
$return["endipaddress"] = getContinuationVar("endipaddress", processInputVar("endipaddress", ARG_STRING));
$return["starthostval"] = getContinuationVar("starthostval", processInputVar("starthostval", ARG_NUMERIC));
$return["endhostval"] = getContinuationVar("endhostval", processInputVar("endhostval", ARG_NUMERIC));
}
$return["startpripaddress"] = getContinuationVar("startpripaddress", processInputVar("startpripaddress", ARG_STRING));
$return["endpripaddress"] = getContinuationVar("endpripaddress", processInputVar("endpripaddress", ARG_STRING));
$return["startmac"] = getContinuationVar("startmac", processInputVar("startmac", ARG_STRING));
$return["stateid"] = getContinuationVar("stateid", processInputVar("stateid", ARG_NUMERIC));
$return["owner"] = getContinuationVar("owner", processInputVar("owner", ARG_STRING));
$return["platformid"] = getContinuationVar("platformid", processInputVar("platformid", ARG_NUMERIC));
$return["scheduleid"] = getContinuationVar("scheduleid", processInputVar("scheduleid", ARG_NUMERIC));
$return["ram"] = getContinuationVar("ram", processInputVar("ram", ARG_NUMERIC));
$return["numprocs"] = getContinuationVar("numprocs", processInputVar("numprocs", ARG_NUMERIC));
$return["procspeed"] = getContinuationVar("procspeed", processInputVar("procspeed", ARG_NUMERIC));
$return["network"] = getContinuationVar("network", processInputVar("network", ARG_NUMERIC));
$return["hostname"] = getContinuationVar("hostname", processInputVar("hostname", ARG_STRING));
$return["type"] = getContinuationVar("type", processInputVar("type", ARG_STRING));
$return["provisioningid"] = getContinuationVar("provisioningid", processInputVar("provisioningid", ARG_NUMERIC));
$return["computergroup"] = getContinuationVar("computergroup", processInputVar("computergroup", ARG_MULTINUMERIC));
$return['macs'] = getContinuationVar('macs', array());
if (!$checks) {
return $return;
}
$startaddrArr = explode('.', $return["startipaddress"]);
if (!ereg('^(([0-9]){1,3}\\.){3}([0-9]){1,3}$', $return["startipaddress"]) || $startaddrArr[0] < 1 || $startaddrArr[0] > 255 || $startaddrArr[1] < 0 || $startaddrArr[1] > 255 || $startaddrArr[2] < 0 || $startaddrArr[2] > 255 || $startaddrArr[3] < 1 || $startaddrArr[3] > 255) {
$submitErr |= IPADDRERR;
$submitErrMsg[IPADDRERR] = "Invalid IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
}
$endaddrArr = explode('.', $return["endipaddress"]);
if (!ereg('^(([0-9]){1,3}\\.){3}([0-9]){1,3}$', $return["endipaddress"]) || $endaddrArr[0] < 1 || $endaddrArr[0] > 255 || $endaddrArr[1] < 0 || $endaddrArr[1] > 255 || $endaddrArr[2] < 0 || $endaddrArr[2] > 255 || $endaddrArr[3] < 1 || $endaddrArr[3] > 255) {
$submitErr |= IPADDRERR2;
$submitErrMsg[IPADDRERR2] = "Invalid IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
}
$endpraddrArr = array();
if ($viewmode == ADMIN_DEVELOPER) {
if (!empty($return['startpripaddress']) || !empty($return['endpripaddress'])) {
$startpraddrArr = explode('.', $return["startpripaddress"]);
if (!ereg('^(([0-9]){1,3}\\.){3}([0-9]){1,3}$', $return["startpripaddress"]) || $startpraddrArr[0] < 1 || $startpraddrArr[0] > 255 || $startpraddrArr[1] < 0 || $startpraddrArr[1] > 255 || $startpraddrArr[2] < 0 || $startpraddrArr[2] > 255 || $startpraddrArr[3] < 1 || $startpraddrArr[3] > 255) {
$submitErr |= IPADDRERR3;
$submitErrMsg[IPADDRERR3] = "Invalid IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
}
$endpraddrArr = explode('.', $return["endpripaddress"]);
if (!ereg('^(([0-9]){1,3}\\.){3}([0-9]){1,3}$', $return["endpripaddress"]) || $endpraddrArr[0] < 1 || $endpraddrArr[0] > 255 || $endpraddrArr[1] < 0 || $endpraddrArr[1] > 255 || $endpraddrArr[2] < 0 || $endpraddrArr[2] > 255 || $endpraddrArr[3] < 1 || $endpraddrArr[3] > 255) {
$submitErr |= IPADDRERR4;
$submitErrMsg[IPADDRERR4] = "Invalid IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
}
}
if (!empty($return['startmac'])) {
if (!ereg('^(([A-Fa-f0-9]){2}:){5}([A-Fa-f0-9]){2}$', $return["startmac"])) {
$submitErr |= MACADDRERR;
$submitErrMsg[MACADDRERR] = "Invalid MAC address. Must be XX:XX:XX:XX:XX:XX " . "with each pair of XX being from 00 to FF (inclusive)";
} elseif (!$submitErr) {
$tmp = explode(':', $return['startmac']);
$topdec = hexdec($tmp[0] . $tmp[1] . $tmp[2]);
$botdec = hexdec($tmp[3] . $tmp[4] . $tmp[5]);
$topmac = "{$tmp[0]}:{$tmp[1]}:{$tmp[2]}";
$topplus = implode(':', str_split(dechex($topdec + 1), 2));
$start = $botdec;
$return['macs'] = array();
$end = $start + ($endaddrArr[3] - $startaddrArr[3] + 1) * 2;
for ($i = $start; $i < $end; $i++) {
if ($i > 16777215) {
$val = $i - 16777216;
$tmp = sprintf('%06x', $val);
$tmp2 = str_split($tmp, 2);
$return['macs'][] = $topplus . ':' . implode(':', $tmp2);
} else {
$tmp = sprintf('%06x', $i);
$tmp2 = str_split($tmp, 2);
$return['macs'][] = $topmac . ':' . implode(':', $tmp2);
}
}
if ($i > 16777215 && $topdec == 16777215) {
$submitErr |= MACADDRERR;
$submitErrMsg[MACADDRERR] = "Starting MAC address too large for given " . "given number of machines";
}
}
}
}
if ($return["ram"] < 32 || $return["ram"] > 20480) {
$submitErr |= RAMERR;
$submitErrMsg[RAMERR] = "RAM must be between 32 and 20480";
}
if ($return["procspeed"] < 500 || $return["procspeed"] > 20000) {
$submitErr |= PROCSPEEDERR;
$submitErrMsg[PROCSPEEDERR] = "Processor Speed must be between 500 and 20000";
}
if (!ereg('^[a-zA-Z0-9_%][-a-zA-Z0-9_.%]{1,35}$', $return["hostname"])) {
$submitErr |= HOSTNAMEERR;
$submitErrMsg[HOSTNAMEERR] = "Hostname must be <= 36 characters";
}
if (empty($return["starthostval"]) && $return["starthostval"] != 0) {
$submitErr |= STARTHOSTVALERR;
$submitErrMsg[STARTHOSTVALERR] = "Start value can only be numeric.";
}
if (empty($return["endhostval"]) && $return["endhostval"] != 0) {
$submitErr |= ENDHOSTVALERR;
$submitErrMsg[ENDHOSTVALERR] = "End value can only be numeric.";
}
if (!($submitErr & IPADDRERR2 || $submitErr & ENDHOSTVALERR) && $endaddrArr[3] - $startaddrArr[3] != $return["endhostval"] - $return["starthostval"]) {
$numipaddrs = $endaddrArr[3] - $startaddrArr[3] + 1;
$numhostnames = $return["endhostval"] - $return["starthostval"] + 1;
$submitErr |= IPADDRERR2;
$submitErrMsg[IPADDRERR2] = "The number of IP addresses ({$numipaddrs}) " . "does not match the number of hostnames ({$numhostnames}).";
$submitErr |= ENDHOSTVALERR;
$submitErrMsg[ENDHOSTVALERR] = "The number of IP addresses ({$numipaddrs}) " . "does not match the number of hostnames ({$numhostnames}).";
}
if ($viewmode == ADMIN_DEVELOPER && !empty($return['startpripaddress']) && !empty($return['endpripaddress']) && (!($submitErr & IPADDRERR2 || $submitErr & IPADDRERR4) && !empty($endpraddrArr) && $endaddrArr[3] - $startaddrArr[3] != $endpraddrArr[3] - $startpraddrArr[3])) {
$numpubaddrs = $endaddrArr[3] - $startaddrArr[3] + 1;
$numpraddrs = $endpraddrArr[3] - $startpraddrArr[3] + 1;
$submitErr |= IPADDRERR2;
$submitErrMsg[IPADDRERR2] = "The number of public IP addresses ({$numpubaddrs}) " . "does not match the number of private IP addresses ({$numpraddrs}).";
$submitErr |= IPADDRERR4;
$submitErrMsg[IPADDRERR4] = $submitErrMsg[IPADDRERR2];
}
if (!validateUserid($return["owner"])) {
$submitErr |= OWNERERR;
$submitErrMsg[OWNERERR] = "Submitted ID is not valid";
}
$return['count'] = 0;
if (!$submitErr) {
$return['count'] = $endaddrArr[3] - $startaddrArr[3] + 1;
}
return $return;
}
function validateResourceData()
{
global $user;
$return = array('error' => 0);
$return['rscid'] = getContinuationVar('rscid', 0);
$return['name'] = processInputVar('name', ARG_STRING);
$return['owner'] = processInputVar('owner', ARG_STRING, "{$user['unityid']}@{$user['affiliation']}");
$return['ipaddress'] = processInputVar('ipaddress', ARG_STRING);
$return['stateid'] = processInputVar('stateid', ARG_NUMERIC);
$return['sysadminemail'] = processInputVar('sysadminemail', ARG_STRING);
$return['sharedmailbox'] = processInputVar('sharedmailbox', ARG_STRING);
$return['installpath'] = processInputVar('installpath', ARG_STRING);
$return['timeservers'] = processInputVar('timeservers', ARG_STRING);
$return['keys'] = processInputVar('keys', ARG_STRING);
$return['sshport'] = processInputVar('sshport', ARG_NUMERIC);
$return['imagelibenable'] = processInputVar('imagelibenable', ARG_NUMERIC);
$return['imagelibgroupid'] = processInputVar('imagelibgroupid', ARG_NUMERIC);
$return['imagelibuser'] = processInputVar('imagelibuser', ARG_STRING);
$return['imagelibkey'] = processInputVar('imagelibkey', ARG_STRING);
$return['publicIPconfig'] = processInputVar('publicIPconfig', ARG_STRING);
$return['publicnetmask'] = processInputVar('publicnetmask', ARG_STRING);
$return['publicgateway'] = processInputVar('publicgateway', ARG_STRING);
$return['publicdnsserver'] = processInputVar('publicdnsserver', ARG_STRING);
$return['checkininterval'] = processInputVar('checkininterval', ARG_NUMERIC);
$return['availablenetworks'] = processInputVar('availablenetworks', ARG_STRING);
$return['federatedauth'] = processInputVar('federatedauth', ARG_STRING);
$return['nathostenabled'] = processInputVar('nathostenabled', ARG_NUMERIC);
$return['natpublicIPaddress'] = processInputVar('natpublicipaddress', ARG_STRING);
$return['natinternalIPaddress'] = processInputVar('natinternalipaddress', ARG_STRING);
if (get_magic_quotes_gpc()) {
$return['sysadminemail'] = stripslashes($return['sysadminemail']);
$return['sharedmailbox'] = stripslashes($return['sharedmailbox']);
}
$olddata = getContinuationVar('olddata');
if ($return['rscid'] == 0) {
$return['mode'] = 'add';
} else {
$return['mode'] = 'edit';
}
$errormsg = array();
# hostname
if (!preg_match('/^[a-zA-Z0-9_][-a-zA-Z0-9_\\.]{1,49}$/', $return['name'])) {
$return['error'] = 1;
$errormsg[] = "Hostname can only contain letters, numbers, dashes(-), periods(.), and underscores(_). It can be from 1 to 50 characters long";
} elseif ($this->checkForMgmtnodeHostname($return['name'], $return['rscid'])) {
$return['error'] = 1;
$errormsg[] = "A node already exists with this hostname.";
}
# owner
if (!validateUserid($return['owner'])) {
$return['error'] = 1;
$errormsg[] = "Submitted owner is not valid";
}
# ipaddress
if (!validateIPv4addr($return['ipaddress'])) {
$return['error'] = 1;
$errormsg[] = "Invalid IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
}
# sysadminemail
if ($return['sysadminemail'] != '') {
$addrs = explode(',', $return['sysadminemail']);
foreach ($addrs as $addr) {
if (!validateEmailAddress($addr)) {
$return['error'] = 1;
$errormsg[] = "Invalid email address entered for SysAdmin Email Address(es)";
break;
}
}
}
# sharedmailbox
if ($return['sharedmailbox'] != '' && !validateEmailAddress($return['sharedmailbox'])) {
$return['error'] = 1;
$errormsg[] = "Invalid email address entered for Shadow Emails";
}
# installpath
if ($return['installpath'] != '' && !preg_match('/^([-a-zA-Z0-9_\\.\\/]){2,100}$/', $return['installpath'])) {
$return['error'] = 1;
$errormsg[] = "Install Path must be empty or only contain letters, numbers, dashes(-), periods(.), underscores(_), and forward slashes(/) and be from 2 to 100 characters long";
}
# timeservers
if ($return['timeservers'] != '') {
if (strlen($return['timeservers']) > 1000) {
$return['error'] = 1;
$errormsg[] = "Too much data entered for Time Server(s)";
} else {
$hosts = explode(',', $return['timeservers']);
foreach ($hosts as $host) {
if (preg_match('/^([0-9]{1,3}(\\.?))+$/', $host) && !validateIPv4addr($host) || !preg_match('/^[a-zA-Z0-9_][-a-zA-Z0-9_\\.]{1,50}$/', $host)) {
$return['error'] = 1;
$errormsg[] = "Time servers must be an IP address or a hostname containing only letters, numbers, dashes(-), periods(.), and underscores(_). Each host can be up to 50 characters long";
break;
}
}
}
}
# keys
if ($return['keys'] != '' && !preg_match('/^([-a-zA-Z0-9_\\.\\/,]){2,1024}$/', $return['keys'])) {
$return['error'] = 1;
$errormsg[] = "End Node SSH Identity Key Files can only contain letters, numbers, dashes(-), periods(.), underscores(_), forward slashes(/), and commas(,). It can be from 2 to 1024 characters long";
}
# imagelibenable
if ($return['imagelibenable'] == 1) {
# imagelibgroupid
$validgroups = getUserResources(array('mgmtNodeAdmin'), array('manageGroup'), 1);
if (!array_key_exists($return['imagelibgroupid'], $validgroups['managementnode'])) {
$return['error'] = 1;
$errormsg[] = "The group selected for Image Library Management Node Group is not valid";
}
# imagelibuser
if (!preg_match('/^([-a-zA-Z0-9_\\.\\/,]){2,20}$/', $return['imagelibuser'])) {
$return['error'] = 1;
$errormsg[] = "Image Library User can only contain letters, numbers, and dashes(-) and can be from 2 to 20 characters long";
}
# imagelibkey
if (!preg_match('/^([-a-zA-Z0-9_\\.\\/,]){2,100}$/', $return['imagelibkey'])) {
$return['error'] = 1;
$errormsg[] = "Image Library SSH Identity Key File can only contain letters, numbers, dashes(-), periods(.), underscores(_), and forward slashes(/). It can be from 2 to 100 characters long";
}
} else {
$return['imagelibenable'] = 0;
if ($return['mode'] == 'edit') {
$return['imagelibgroupid'] = $olddata['imagelibgroupid'];
$return['imagelibuser'] = $olddata['imagelibuser'];
$return['imagelibkey'] = $olddata['imagelibkey'];
} else {
$return['imagelibgroupid'] = '';
$return['imagelibuser'] = '';
$return['imagelibkey'] = '';
}
}
# publicIPconfig
if (!preg_match('/^(dynamicDHCP|manualDHCP|static)$/', $return['publicIPconfig'])) {
$return['publicIPconfig'] = 'dynamicDHCP';
}
if ($return['publicIPconfig'] == 'static') {
# publicnetmask
$bnetmask = ip2long($return['publicnetmask']);
if (!preg_match('/^[1]+0[^1]+$/', sprintf('%032b', $bnetmask))) {
$return['error'] = 1;
$errormsg[] = "Invalid value specified for Public Netmask";
}
# publicgateway
if (preg_match('/^([0-9]{1,3}(\\.?))+$/', $return['publicgateway']) && !validateIPv4addr($return['publicgateway'])) {
$return['error'] = 1;
$errormsg[] = "Invalid value specified for Public Gateway";
} elseif (!preg_match('/^[a-zA-Z0-9_][-a-zA-Z0-9_\\.]{1,56}$/', $return["publicgateway"])) {
$return['error'] = 1;
$errormsg[] = "Public gateway must be an IP address or a hostname containing only letters, numbers, dashes(-), periods(.), and underscores(_). It can be up to 56 characters long";
}
# publicdnsserver
$servers = explode(',', $return['publicdnsserver']);
if (empty($servers)) {
$return['error'] = 1;
$errormsg[] = "Please enter at least one Public DNS server";
} else {
foreach ($servers as $server) {
if (!validateIPv4addr($server)) {
$return['error'] = 1;
$errormsg[] = "Invalid IP address entered for Public DNS Server";
break;
}
}
}
} else {
$return['publicnetmask'] = $olddata['publicnetmask'];
$return['publicgateway'] = $olddata['publicgateway'];
}
# stateid 2 - available, 5 - failed, 10 - maintenance
if (!preg_match('/^(2|5|10)$/', $return['stateid'])) {
$return['error'] = 1;
$errormsg[] = "Invalid value submitted for State";
}
# checkininterval
if ($return['checkininterval'] < 5) {
$return['checkininterval'] = 5;
} elseif ($return['checkininterval'] > 30) {
$return['checkininterval'] = 30;
}
# sshport
if ($return['sshport'] < 1 || $return['sshport'] > 65535) {
$return['sshport'] = 22;
}
# availablenetworks
if ($return['availablenetworks'] != '') {
if (strpos("\n", $return['availablenetworks'])) {
$return['availablenetworks'] = preg_replace("/(\r)?\n/", ',', $return['availablenetworks']);
}
$return['availablenetworks2'] = explode(',', $return['availablenetworks']);
foreach ($return['availablenetworks2'] as $key => $net) {
$net = trim($net);
if ($net == '') {
unset($return['availablenetworks2'][$key]);
$return['availablenetworks'] = implode("\n", $return['availablenetworks2']);
continue;
}
$return['availablenetworks2'][$key] = $net;
if (!preg_match('/^([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\/([0-9]{2})$/', $net, $matches) || $matches[1] < 0 || $matches[1] > 255 || $matches[2] < 0 || $matches[2] > 255 || $matches[3] < 0 || $matches[3] > 255 || $matches[4] < 0 || $matches[4] > 255 || $matches[5] < 1 || $matches[5] > 32) {
$return['error'] = 1;
$errormsg[] = "Invalid network entered for Available Public Networks; must be comma delimited list of valid networks in the form of x.x.x.x/yy";
}
}
}
# federatedauth
if ($return['federatedauth'] != '') {
$affils = getAffiliations();
$fedarr = explode(',', $return['federatedauth']);
$test = array_udiff($fedarr, $affils, 'strcasecmp');
if (!empty($test)) {
$new = array();
foreach ($test as $affil) {
if (preg_match('/^[-0-9a-zA-Z_\\.:;,]*$/', $affil)) {
$new[] = $affil;
}
}
if (count($test) == count($new)) {
$errormsg[] = "These affiliations do not exist: " . implode(', ', $new);
} else {
$errormsg[] = "Invalid data entered for Affiliations using Federated Authentication for Linux Images";
}
$return['error'] = 1;
}
}
$nathosterror = 0;
# nathostenabled
if ($return['nathostenabled'] != 0 && $return['nathostenabled'] != 1) {
$return['error'] = 1;
$errormsg[] = "Invalid value for Use as NAT Host";
$nathosterror = 1;
}
# natpublicIPaddress
if ($return['nathostenabled']) {
if (!validateIPv4addr($return['natpublicIPaddress'])) {
$return['error'] = 1;
$errormsg[] = "Invalid NAT Public IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
$nathosterror = 1;
}
# natinternalIPaddress
if (!validateIPv4addr($return['natinternalIPaddress'])) {
$return['error'] = 1;
$errormsg[] = "Invalid NAT Internal IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
$nathosterror = 1;
}
}
# nat host change - check for active reservations
if (!$nathosterror && $return['mode'] == 'edit') {
if ($olddata['nathostenabled'] != $return['nathostenabled'] || $olddata['natpublicIPaddress'] != $return['natpublicIPaddress'] || $olddata['natinternalIPaddress'] != $return['natinternalIPaddress']) {
$vclreloadid = getUserlistID('vclreload@Local');
$query = "SELECT rq.id " . "FROM request rq, " . "reservation rs, " . "nathostcomputermap nhcm, " . "nathost nh " . "WHERE rs.requestid = rq.id AND " . "rs.computerid = nhcm.computerid AND " . "nhcm.nathostid = nh.id AND " . "nh.resourceid = {$olddata['resourceid']} AND " . "rq.start <= NOW() AND " . "rq.end > NOW() AND " . "rq.stateid NOT IN (1,5,11,12) AND " . "rq.laststateid NOT IN (1,5,11,12) AND " . "rq.userid != {$vclreloadid}";
$qh = doQuery($query);
if (mysql_num_rows($qh)) {
$return['error'] = 1;
$errormsg[] = "This management node is the NAT host for computers that have active reservations. NAT host<br>settings cannot be changed while providing NAT for active reservations.";
}
}
}
if ($return['error']) {
$return['errormsg'] = implode('<br>', $errormsg);
}
return $return;
}
function validateResourceData()
{
global $user;
$return = array('error' => 0);
$errormsg = array();
$return['rscid'] = getContinuationVar('rscid', 0);
$return["name"] = processInputVar("name", ARG_STRING);
$return["owner"] = processInputVar("owner", ARG_STRING, "{$user["unityid"]}@{$user['affiliation']}");
$times = processInputVar('times', ARG_STRING);
if (!preg_match("/^([A-Za-z0-9-!@#\$%^&\\*\\(\\)_=\\+\\[\\]{}\\\\|:;,\\.\\/\\?~` ]){2,30}\$/", $return['name'])) {
$return['error'] = 1;
$errormsg[] = "Name cannot contain single (') or double (") quotes, " . "less than (<), or greater than (>) and can be from 2 to 30 " . "characters long";
} elseif ($this->checkForScheduleName($return['name'], $return['rscid'])) {
$return['error'] = 1;
$errormsg[] = "A schedule already exists with this name.";
}
if (!validateUserid($return['owner'])) {
$return['error'] = 1;
$errormsg[] = "Submitted owner is not valid";
}
if (!preg_match('/^([0-9]+:[0-9]+,)*([0-9]+:[0-9]+){1}$/', $times)) {
$return['error'] = 1;
$errormsg[] = "Invalid time data submitted";
}
if (!$return['error']) {
$times = explode(',', $times);
$return['times'] = array();
foreach ($times as $pair) {
list($start, $end) = explode(':', $pair);
foreach ($return['times'] as $check) {
if ($start < $check['end'] && $end > $check['start']) {
$return['error'] = 1;
$errormsg[] = "Two sets of times are overlapping - please correct and save again";
break 2;
}
}
$return['times'][] = array('start' => $start, 'end' => $end);
}
}
if ($return['error']) {
$return['errormsg'] = implode('<br>', $errormsg);
}
return $return;
}