Esempio n. 1
0
function processBlockAllocationInput()
{
    global $user;
    $return = array();
    $method = getContinuationVar('method');
    $return['name'] = processInputVar('name', ARG_STRING);
    $return['owner'] = processInputVar('owner', ARG_STRING);
    $return['imageid'] = processInputVar('imageid', ARG_NUMERIC);
    $return['seats'] = processInputVar('seats', ARG_NUMERIC);
    $return['groupid'] = processInputVar('groupid', ARG_NUMERIC);
    $override = getContinuationVar('override', 0);
    $type = processInputVar('type', ARG_STRING);
    $err = 0;
    if ($method != 'request' && !preg_match('/^([-a-zA-Z0-9\\. \\(\\)]){3,80}$/', $return['name'])) {
        $errmsg = i("The name can only contain letters, numbers, spaces, dashes(-), and periods(.) and can be from 3 to 80 characters long");
        $err = 1;
    }
    $resources = getUserResources(array("imageAdmin", "imageCheckOut"));
    $resources["image"] = removeNoCheckout($resources["image"]);
    if (!array_key_exists($return['imageid'], $resources['image'])) {
        $errmsg = i("The submitted image is invalid.");
        $err = 1;
    }
    if (!$err && $method != 'request' && !validateUserid($return['owner'])) {
        $errmsg = i("The submitted owner is invalid.");
        $err = 1;
    } else {
        $return['ownerid'] = getUserlistID($return['owner']);
    }
    $groups = getUserGroups(0, $user['affiliationid']);
    $extragroups = getContinuationVar('extragroups');
    if (!$err && !array_key_exists($return['groupid'], $groups) && !array_key_exists($return['groupid'], $extragroups) && $return['groupid'] != 0) {
        $errmsg = i("The submitted user group is invalid.");
        $err = 1;
    }
    if (!$err && $return['groupid'] == 0) {
        $return['groupid'] = 'NULL';
    }
    if (!$err && ($return['seats'] < MIN_BLOCK_MACHINES || $return['seats'] > MAX_BLOCK_MACHINES)) {
        $errmsg = sprintf(i("The submitted number of seats must be between %d and %d."), MIN_BLOCK_MACHINES, MAX_BLOCK_MACHINES);
        $err = 1;
    }
    if (!$err) {
        $imgdata = getImages(0, $return['imageid']);
        $concur = $imgdata[$return['imageid']]['maxconcurrent'];
        if (!is_null($concur) && $concur != 0 && $return['seats'] > $concur) {
            $errmsg = sprintf(i("The selected image can only have %d concurrent reservations. Please reduce the number of requested seats to %d or less."), $concur, $concur);
            $err = 1;
        }
    }
    $dooverride = 0;
    # check user group access to image
    if (($method == 'new' || $method == 'edit') && !$err && !$override) {
        $groupresources = getUserResources(array("imageAdmin", "imageCheckOut"), array("available"), 0, 0, 0, $return['groupid']);
        if (!array_key_exists($return['imageid'], $groupresources['image'])) {
            $dooverride = 1;
            $errmsg = i("WARNING - The selected user group does not currently have access to the selected environment. You can submit the Block Allocation again to ignore this warning.");
            $err = 1;
        }
    }
    if (!$err && $type != 'weekly' && $type != 'monthly' && $type != 'list') {
        $errmsg = i("You must select one of \"Repeating Weekly\", \"Repeating Monthly\", or \"List of Dates/Times\".");
        $err = 1;
    }
    if (!$err) {
        if ($type == 'list') {
            $slots = processInputVar('slots', ARG_STRING);
            $return['slots'] = explode(',', $slots);
            $return['times'] = array();
            $lastdate = array('day' => '', 'ts' => 0);
            foreach ($return['slots'] as $slot) {
                $tmp = explode('|', $slot);
                if (count($tmp) != 3) {
                    $errmsg = i("Invalid date/time submitted.");
                    $err = 1;
                    break;
                }
                $date = $tmp[0];
                if (!$err) {
                    $datets = strtotime($date);
                    if ($method != 'edit' && $datets < time() - SECINDAY) {
                        $errmsg = i("The date must be today or later.");
                        $err = 1;
                        break;
                    }
                }
                $return['times'][] = "{$tmp[1]}|{$tmp[2]}";
                if ($datets > $lastdate['ts']) {
                    $lastdate['ts'] = $datets;
                    $lastdate['day'] = $date;
                }
            }
            if (!$err) {
                $expirets = strtotime("{$lastdate['day']} 23:59:59");
                $return['expiretime'] = unixToDatetime($expirets);
            }
        }
        if ($type == 'weekly' || $type == 'monthly') {
            $return['startdate'] = processInputVar('startdate', ARG_NUMERIC);
            $return['enddate'] = processInputVar('enddate', ARG_NUMERIC);
            $times = processInputVar('times', ARG_STRING);
            $return['startts'] = strtotime($return['startdate']);
            $return['endts'] = strtotime($return['enddate']);
            if ($return['startts'] > $return['endts']) {
                $errmsg = i("The Last Date of Usage must be the same or later than the First Date of Usage.");
                $err = 1;
            } elseif ($method != 'edit' && $return['startts'] < time() - SECINDAY) {
                $errmsg = i("The start date must be today or later.");
                $err = 1;
            }
            $expirets = strtotime("{$return['enddate']} 23:59:59");
            $return['expiretime'] = unixToDatetime($expirets);
            $return['times'] = explode(',', $times);
        }
        foreach ($return['times'] as $time) {
            $tmp = explode('|', $time);
            if (count($tmp) != 2) {
                $errmsg = i("Invalid start/end time submitted");
                $err = 1;
                break;
            }
            $start = explode(':', $tmp[0]);
            if (count($start) != 2 || !is_numeric($start[0]) || !is_numeric($start[1]) || $start[0] < 0 || $start[0] > 23 || $start[1] < 0 || $start[1] > 59) {
                $errmsg = i("Invalid start time submitted");
                $err = 1;
                break;
            }
            $end = explode(':', $tmp[1]);
            if (count($end) != 2 || !is_numeric($end[0]) || !is_numeric($end[1]) || $end[0] < 0 || $end[0] > 23 || $end[1] < 0 || $end[1] > 59) {
                $errmsg = i("Invalid end time submitted");
                $err = 1;
                break;
            }
            $start = minuteOfDay($start[0], $start[1]);
            $end = minuteOfDay($end[0], $end[1]);
            if ($start >= $end) {
                $errmsg = i("Each start time must be less than the corresponding end time.");
                $err = 1;
                break;
            }
        }
        if ($type == 'weekly') {
            $validdays = 0;
            $errmsg = '';
            for ($day = $return['startts'], $i = 0; $i < 7, $day < $return['endts'] + SECINDAY; $i++, $day += SECINDAY) {
                $daynum = date('w', $day);
                $validdays |= 1 << $daynum;
            }
            $days = processInputVar('days', ARG_STRING);
            $dayscheck = processInputVar('days', ARG_NUMERIC);
            if ($days == '' && $dayscheck == '0') {
                $days = 0;
            }
            $return['daymask'] = 0;
            if (!$err) {
                foreach (explode(',', $days) as $day) {
                    if ($day == '' || $day < 0 || $day > 6) {
                        $errmsg = i("Invalid day submitted.");
                        $err = 1;
                        break;
                    }
                    $return['daymask'] |= 1 << $day;
                }
            }
            if (!$err && ($return['daymask'] & $validdays) == 0) {
                $errmsg = i("No valid days submitted for the specified date range.");
                $err = 1;
            }
        }
        if ($type == 'monthly') {
            $return['weeknum'] = processInputVar('weeknum', ARG_NUMERIC);
            $return['day'] = processInputVar('day', ARG_NUMERIC);
            if (!$err && ($return['weeknum'] < 1 || $return['weeknum'] > 5)) {
                $errmsg = i("Invalid week number submitted.");
                $err = 1;
            }
            if (!$err && ($return['day'] < 1 || $return['day'] > 7)) {
                $errmsg = i("Invalid day of week submitted.");
                $err = 1;
            }
            $times = getMonthlyBlockTimes('', $return['startts'], $return['endts'], $return['day'], $return['weeknum'], $return['times']);
            if (!$err && empty($times)) {
                $errmsg = i("Specified day of month not found in date range.");
                $err = 1;
            }
        }
    }
    if ($method == 'request') {
        $return['comments'] = processInputVar('comments', ARG_STRING);
        if (get_magic_quotes_gpc()) {
            $return['comments'] = stripslashes($return['comments']);
        }
        if (!$err && preg_match('/[<>]/', $return['comments'])) {
            $errmsg = i("<>\\'s are not allowed in the comments.");
            $err = 1;
        }
    }
    if ($err) {
        print "clearHideConfirmForm();";
        print "alert('{$errmsg}');";
        $data = array('extragroups' => $extragroups, 'method' => $method);
        if ($method == 'edit') {
            $data['blockid'] = getContinuationVar('blockid');
        }
        $cont = addContinuationsEntry('AJblockAllocationSubmit', $data, SECINWEEK, 1, 0);
        print "dojo.byId('submitcont').value = '{$cont}';";
        if ($dooverride) {
            $data['override'] = 1;
            $cont = addContinuationsEntry('AJblockAllocationSubmit', $data, SECINWEEK, 1, 0);
            print "dojo.byId('submitcont2').value = '{$cont}';";
        } else {
            print "dojo.byId('submitcont2').value = '';";
        }
    }
    $return['type'] = $type;
    $return['err'] = $err;
    return $return;
}
Esempio n. 2
0
function processMgmtnodeInput($checks = 1)
{
    global $submitErr, $submitErrMsg, $user, $mode;
    $return = array();
    $mgmtnodes = getManagementNodes();
    $return["mgmtnodeid"] = getContinuationVar("mgmtnodeid");
    $return["hostname"] = getContinuationVar("hostname", processInputVar("hostname", ARG_STRING));
    $return["IPaddress"] = getContinuationVar("IPaddress", processInputVar("IPaddress", ARG_STRING));
    $return["owner"] = getContinuationVar("owner", processInputVar("owner", ARG_STRING, $user["unityid"]));
    $return["stateid"] = getContinuationVar("stateid", processInputVar("stateid", ARG_STRING));
    $return["premoduleid"] = getContinuationVar("premoduleid", processInputVar("premoduleid", ARG_NUMERIC));
    $return["checkininterval"] = getContinuationVar("checkininterval", processInputVar("checkininterval", ARG_NUMERIC));
    $return["installpath"] = getContinuationVar("installpath", processInputVar("installpath", ARG_STRING));
    $return["keys"] = getContinuationVar("keys", processInputVar("keys", ARG_STRING));
    $return["sshport"] = getContinuationVar("sshport", processInputVar("sshport", ARG_NUMERIC));
    $return["imagelibenable"] = getContinuationVar("imagelibenable", processInputVar("imagelibenable", ARG_NUMERIC));
    $return["imagelibgroupid"] = getContinuationVar("imagelibgroupid", processInputVar("imagelibgroupid", ARG_NUMERIC));
    $return["imagelibuser"] = getContinuationVar("imagelibuser", processInputVar("imagelibuser", ARG_STRING));
    $return["imagelibkey"] = getContinuationVar("imagelibkey", processInputVar("imagelibkey", ARG_STRING));
    if ($return['checkininterval'] < 5) {
        $return['checkininterval'] = 5;
    }
    if ($return['checkininterval'] > 30) {
        $return['checkininterval'] = 30;
    }
    if ($return['sshport'] < 1 || $return['sshport'] > 65535) {
        $return['sshport'] = 22;
    }
    if ($return['imagelibenable'] != '' && $return['imagelibenable'] != 1) {
        $return['imagelibenable'] = '';
    }
    if ($return['imagelibenable'] != 1) {
        $return["imagelibgroupid"] = 'NULL';
        $return["imagelibuser"] = '******';
        $return["imagelibkey"] = 'NULL';
    }
    if (!$checks) {
        return $return;
    }
    if (!ereg('^[a-zA-Z0-9_][-a-zA-Z0-9_\\.]{1,49}$', $return["hostname"])) {
        $submitErr |= MNHOSTNAMEERR;
        $submitErrMsg[MNHOSTNAMEERR] = "Hostname can only contain letters, numbers, dashes(-), periods(.), and underscores(_). It can be from 1 to 50 characters long";
    }
    if (!($submitErr & MNHOSTNAMEERR) && $mode != "confirmEditMgmtnode" && checkForMgmtnodeHostname($return["hostname"])) {
        $submitErr |= MNHOSTNAMEERR;
        $submitErrMsg[MNHOSTNAMEERR] = "A node already exists with this hostname.";
    }
    $ipaddrArr = explode('.', $return["IPaddress"]);
    if (!ereg('^(([0-9]){1,3}\\.){3}([0-9]){1,3}$', $return["IPaddress"]) || $ipaddrArr[0] < 1 || $ipaddrArr[0] > 255 || $ipaddrArr[1] < 0 || $ipaddrArr[1] > 255 || $ipaddrArr[2] < 0 || $ipaddrArr[2] > 255 || $ipaddrArr[3] < 1 || $ipaddrArr[3] > 255) {
        $submitErr |= IPADDRESSERR;
        $submitErrMsg[IPADDRESSERR] = "Invalid IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
    }
    if ($mode != "confirmEditMgmtnode" && !($submitErr & IPADDRESSERR) && checkForMgmtnodeIPaddress($return["IPaddress"])) {
        $submitErr |= IPADDRESSERR;
        $submitErrMsg[IPADDRESSERR] = "A node already exists with this IP address.";
    }
    if (!validateUserid($return["owner"])) {
        $submitErr |= MNOWNERERR;
        $submitErrMsg[MNOWNERERR] = "Submitted ID is not valid";
    }
    if (!preg_match('/^([-a-zA-Z0-9_\\.\\/]){2,100}$/', $return["installpath"])) {
        $submitErr |= MNINSTPATHERR;
        $submitErrMsg[MNINSTPATHERR] = "This can only contain letters, numbers, dashes(-), periods(.), underscores(_), and forward slashes(/). It can be from 2 to 100 characters long";
    }
    if (!empty($return['keys']) && !preg_match('/^([-a-zA-Z0-9_\\.\\/,]){2,1024}$/', $return["keys"])) {
        $submitErr |= MNSSHIDKEYSERR;
        $submitErrMsg[MNSSHIDKEYSERR] = "This can only contain letters, numbers, dashes(-), periods(.), underscores(_), forward slashes(/), and commas(,). It can be from 2 to 1024 characters long";
    }
    if ($return['imagelibenable'] == 1) {
        $validgroups = getUserResources(array('mgmtNodeAdmin'), array("manageGroup"), 1);
        if (!in_array($return['imagelibgroupid'], array_keys($validgroups['managementnode']))) {
            $submitErr |= MNIMGLIBGRPIDERR;
            $submitErrMsg[MNIMGLIBGRPIDERR] = "The selected group was invalid";
        }
        if (!preg_match('/^([-a-zA-Z0-9_\\.\\/,]){2,20}$/', $return["imagelibuser"])) {
            $submitErr |= MNIMGLIBUSERERR;
            $submitErrMsg[MNIMGLIBUSERERR] = "This can only contain letters, numbers, and dashes(-) and can be from 2 to 20 characters long";
        }
        if (!preg_match('/^([-a-zA-Z0-9_\\.\\/,]){2,100}$/', $return["imagelibkey"])) {
            $submitErr |= MNIMGLIBKEYERR;
            $submitErrMsg[MNIMGLIBKEYERR] = "This can only contain letters, numbers, dashes(-), periods(.), underscores(_), and forward slashes(/). It can be from 2 to 100 characters long";
        }
    } else {
        $return["imagelibgroupid"] = 'NULL';
        $return["imagelibuser"] = '******';
        $return["imagelibkey"] = 'NULL';
    }
    return $return;
}
Esempio n. 3
0
 function validateResourceData()
 {
     global $user;
     $return = array('error' => 0);
     $return['rscid'] = getContinuationVar('rscid', 0);
     $return['name'] = processInputVar('name', ARG_STRING);
     $return['startnum'] = processInputVar('startnum', ARG_NUMERIC);
     $return['endnum'] = processInputVar('endnum', ARG_NUMERIC);
     $return['owner'] = processInputVar('owner', ARG_STRING, "{$user['unityid']}@{$user['affiliation']}");
     $return['type'] = processInputVar('type', ARG_STRING);
     $return['IPaddress'] = processInputVar('ipaddress', ARG_STRING);
     $return['privateIPaddress'] = processInputVar('privateipaddress', ARG_STRING);
     $return['eth0macaddress'] = processInputVar('privatemac', ARG_STRING);
     $return['eth1macaddress'] = processInputVar('publicmac', ARG_STRING);
     $return['startpubipaddress'] = processInputVar('startpubipaddress', ARG_STRING);
     $return['endpubipaddress'] = processInputVar('endpubipaddress', ARG_STRING);
     $return['startprivipaddress'] = processInputVar('startprivipaddress', ARG_STRING);
     $return['endprivipaddress'] = processInputVar('endprivipaddress', ARG_STRING);
     $return['startmac'] = processInputVar('startmac', ARG_STRING);
     $return['provisioningid'] = processInputVar('provisioningid', ARG_NUMERIC);
     $return['stateid'] = processInputVar('stateid', ARG_NUMERIC);
     $return['notes'] = processInputVar('notes', ARG_STRING);
     $return['vmprofileid'] = processInputVar('vmprofileid', ARG_NUMERIC);
     $return['platformid'] = processInputVar('platformid', ARG_NUMERIC);
     $return['scheduleid'] = processInputVar('scheduleid', ARG_NUMERIC);
     $return['ram'] = processInputVar('ram', ARG_NUMERIC);
     $return['cores'] = processInputVar('cores', ARG_NUMERIC);
     $return['procspeed'] = processInputVar('procspeed', ARG_NUMERIC);
     $return['network'] = processInputVar('network', ARG_NUMERIC);
     $return['predictivemoduleid'] = processInputVar('predictivemoduleid', ARG_NUMERIC);
     $return['natenabled'] = processInputVar('natenabled', ARG_NUMERIC);
     $return['nathostid'] = processInputVar('nathostid', ARG_NUMERIC);
     $return['nathostenabled'] = processInputVar('nathostenabled', ARG_NUMERIC);
     $return['natpublicIPaddress'] = processInputVar('natpublicipaddress', ARG_STRING);
     $return['natinternalIPaddress'] = processInputVar('natinternalipaddress', ARG_STRING);
     $return['location'] = processInputVar('location', ARG_STRING);
     $addmode = processInputVar('addmode', ARG_STRING);
     if (!is_null($addmode) && $addmode != 'single' && $addmode != 'multiple') {
         $return['error'] = 1;
         $return['errormsg'] = "Invalid Add mode submitted";
         return $return;
     }
     $olddata = getContinuationVar('olddata');
     if ($return['rscid'] == 0) {
         $return['mode'] = 'add';
     } else {
         $return['mode'] = 'edit';
     }
     $errormsg = array();
     # hostname
     $hostreg = '/^[a-zA-Z0-9_][-a-zA-Z0-9_\\.]{1,49}$/';
     if ($return['mode'] == 'add' && $addmode == 'multiple') {
         $hostreg = '/^[a-zA-Z0-9_%][-a-zA-Z0-9_\\.%]{1,49}$/';
     }
     if (!preg_match($hostreg, $return['name'])) {
         $return['error'] = 1;
         $errormsg[] = "Hostname can only contain letters, numbers, dashes(-), periods(.), and underscores(_). It can be from 1 to 50 characters long";
     } elseif ($this->checkForHostname($return['name'], $return['rscid'])) {
         $return['error'] = 1;
         $errormsg[] = "A computer already exists with this hostname.";
     }
     # add multiple
     if ($return['mode'] == 'add' && $addmode == 'multiple') {
         # startnum/endnum
         if ($return['startnum'] < 0 || $return['startnum'] > 255) {
             $return['error'] = 1;
             $errormsg[] = "Start must be from 0 to 255";
         }
         if ($return['endnum'] < 0 || $return['endnum'] > 255) {
             $return['error'] = 1;
             $errormsg[] = "End must be from 0 to 255";
         }
         if ($return['startnum'] >= 0 && $return['startnum'] <= 255 && $return['endnum'] >= 0 && $return['endnum'] <= 255 && $return['startnum'] > $return['endnum']) {
             $return['error'] = 1;
             $errormsg[] = "Start must be &gt;= End";
         }
         $checkhosts = array();
         for ($i = $return['startnum']; $i <= $return['endnum']; $i++) {
             $checkhosts[] = str_replace('%', $i, $return['name']);
         }
         $allhosts = implode("','", $checkhosts);
         $query = "SELECT hostname FROM computer " . "WHERE hostname IN ('{$allhosts}') AND " . "deleted = 0";
         $qh = doQuery($query);
         $exists = array();
         while ($row = mysql_fetch_assoc($qh)) {
             $exists[] = $row['hostname'];
         }
         if (count($exists)) {
             $hosts = implode(', ', $exists);
             $return['error'] = 1;
             $errormsg[] = "There are already computers with these hostnames: {$hosts}";
         }
     } else {
         $return['startnum'] = 0;
         $return['endnum'] = 0;
     }
     # owner
     if (!validateUserid($return['owner'])) {
         $return['error'] = 1;
         $errormsg[] = "Submitted owner is not valid";
     }
     # type
     if (!preg_match('/^(blade|lab|virtualmachine)$/', $return['type'])) {
         $return['error'] = 1;
         $errormsg[] = "Submitted type is not valid";
     }
     # edit or add single
     if ($return['rscid'] || $return['mode'] == 'add' && $addmode == 'single') {
         # ipaddress
         if (!validateIPv4addr($return['IPaddress'])) {
             $return['error'] = 1;
             $errormsg[] = "Invalid Public IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
         }
         # private ipaddress
         if (strlen($return['privateIPaddress']) && !validateIPv4addr($return['privateIPaddress'])) {
             $return['error'] = 1;
             $errormsg[] = "Invalid Private IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
         }
         # eth0macaddress
         if (strlen($return['eth0macaddress'])) {
             if (!preg_match('/^(([A-Fa-f0-9]){2}:){5}([A-Fa-f0-9]){2}$/', $return["eth0macaddress"])) {
                 $return['error'] = 1;
                 $errormsg[] = "Invalid Private MAC address. Must be XX:XX:XX:XX:XX:XX " . "with each pair of XX being from 00 to FF (inclusive)";
             } elseif ($this->checkForMACaddress($return['eth0macaddress'], 0, $return['rscid'])) {
                 $return['error'] = 1;
                 $errormsg[] = "There is already a computer with this Private MAC address.";
             }
         }
         # eth1macaddress
         if (strlen($return['eth1macaddress'])) {
             if (!preg_match('/^(([A-Fa-f0-9]){2}:){5}([A-Fa-f0-9]){2}$/', $return["eth1macaddress"])) {
                 $return['error'] = 1;
                 $errormsg[] = "Invalid Public MAC address. Must be XX:XX:XX:XX:XX:XX " . "with each pair of XX being from 00 to FF (inclusive)";
             } elseif ($this->checkForMACaddress($return['eth1macaddress'], 1, $return['rscid'])) {
                 $return['error'] = 1;
                 $errormsg[] = "There is already a computer with this Public MAC address.";
             }
         }
     } else {
         $return['IPaddress'] = '';
         $return['privateIPaddress'] = '';
         $return['eth0macaddress'] = '';
         $return['eth1macaddress'] = '';
     }
     # add multiple
     if ($return['mode'] == 'add' && $addmode == 'multiple') {
         if (!validateIPv4addr($return['startpubipaddress'])) {
             $return['error'] = 1;
             $errormsg[] = "Invalid Start Public IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
         }
         if (!validateIPv4addr($return['endpubipaddress'])) {
             $return['error'] = 1;
             $errormsg[] = "Invalid End Public IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
         }
         if (!validateIPv4addr($return['startprivipaddress'])) {
             $return['error'] = 1;
             $errormsg[] = "Invalid Start Private IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
         }
         if (!validateIPv4addr($return['endprivipaddress'])) {
             $return['error'] = 1;
             $errormsg[] = "Invalid End Private IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
         }
         $startpubiplong = ip2long($return['startpubipaddress']);
         $endpubiplong = ip2long($return['endpubipaddress']);
         if ($startpubiplong > $endpubiplong) {
             $return['error'] = 1;
             $errormsg[] = "Start Public IP Address must be lower or equal to End Public IP Address";
         } elseif ($endpubiplong - $startpubiplong != $return['endnum'] - $return['startnum']) {
             $return['error'] = 1;
             $errormsg[] = "Public IP Address range does not equal Start/End range";
         }
         $startpriviplong = ip2long($return['startprivipaddress']);
         $endpriviplong = ip2long($return['endprivipaddress']);
         if ($startpriviplong > $endpriviplong) {
             $return['error'] = 1;
             $errormsg[] = "Start Private IP Address must be lower or equal to End Private IP Address";
         } elseif ($endpriviplong - $startpriviplong != $return['endnum'] - $return['startnum']) {
             $return['error'] = 1;
             $errormsg[] = "Private IP Address range does not equal Start/End range";
         }
         $return['startpubiplong'] = $startpubiplong;
         $return['endpubiplong'] = $endpubiplong;
         $return['startpriviplong'] = $startpriviplong;
         $return['endpriviplong'] = $endpriviplong;
         $cnt = $endpubiplong - $startpubiplong + 1;
         if ($return['startmac'] != '') {
             if (!preg_match('/^(([A-Fa-f0-9]){2}:){5}([A-Fa-f0-9]){2}$/', $return['startmac'])) {
                 $return['error'] = 1;
                 $errormsg[] = "Invalid Start MAC address. Must be XX:XX:XX:XX:XX:XX " . "with each pair of XX being from 00 to FF (inclusive)";
             } elseif ($this->checkMultiAddMacs($return['startmac'], $cnt, $msg, $macs)) {
                 $return['error'] = 1;
                 $errormsg[] = $msg;
             }
             $return['macs'] = $macs;
         } else {
             $return['macs'] = array();
         }
     } else {
         $return['startpubipaddress'] = '';
         $return['endpubipaddress'] = '';
         $return['startprivipaddress'] = '';
         $return['endprivipaddress'] = '';
         $return['startmac'] = '';
     }
     # provisioningid
     $provisioning = getProvisioning();
     if (!array_key_exists($return['provisioningid'], $provisioning)) {
         $return['error'] = 1;
         $errormsg[] = "Invalid Provisioning Engine selected";
     } else {
         $return['provisioning'] = $provisioning[$return['provisioningid']]['name'];
     }
     # stateid  2 - available, 10 - maintenance, 20 - vmhostinuse
     if (!preg_match('/^(2|10|20)$/', $return['stateid']) && ($return['mode'] == 'add' || $return['stateid'] != $olddata['stateid'])) {
         $return['error'] = 1;
         $errormsg[] = "Invalid value submitted for State";
     }
     # validate type/provisioning combinations
     $provtypes = getProvisioningTypes();
     if (($return['mode'] == 'add' || $olddata['provisioningid'] != $return['provisioningid']) && !array_key_exists($return['provisioningid'], $provtypes[$return['type']])) {
         $return['error'] = 1;
         $errormsg[] = "Invalid Provisioning Engine selected for computer type";
     }
     # validate type/provisioning/state combinations
     if ($return['mode'] == 'add' || $olddata['stateid'] != $return['stateid']) {
         if ($return['type'] == 'lab') {
             if ($return['stateid'] != 2 && $return['stateid'] != 10) {
                 $return['error'] = 1;
                 $errormsg[] = "Invalid state submitted for computer type Lab";
             }
         } elseif ($return['type'] == 'virtualmachine') {
             if ($return['stateid'] != 10 && ($return['mode'] == 'add' || !is_numeric($olddata['vmhostid']) || $return['stateid'] != 2)) {
                 $return['error'] = 1;
                 $errormsg[] = "Invalid state submitted for computer type Virtual Machine";
             }
         } elseif ($return['type'] == 'blade') {
             if ($provisioning[$return['provisioningid']]['name'] == 'none' && $return['stateid'] != 10 && $return['stateid'] != 20) {
                 $return['error'] = 1;
                 $errormsg[] = "Invalid state submitted for computer type Bare Metal";
             }
         }
     }
     # notes
     if ($return['stateid'] == 10) {
         if (!preg_match('/^([-a-zA-Z0-9_\\. ,#\\(\\)=\\+:;]{0,5000})$/', $return['notes'])) {
             $return['error'] = 1;
             $errormsg[] = "Maintenance reason can be up to 5000 characters long and may only<br>contain letters, numbers, spaces and these characters: - , . _ # ( ) = + : ;";
         }
     } else {
         $return['notes'] = '';
     }
     # vmprofileid
     $profiles = getVMProfiles();
     if ($return['type'] == 'blade' && $return['stateid'] == 20 && !array_key_exists($return['vmprofileid'], $profiles)) {
         $return['error'] = 1;
         $errormsg[] = "Invalid value submitted for VM Host Profile";
     }
     # platformid
     $platforms = getPlatforms();
     if (!array_key_exists($return['platformid'], $platforms)) {
         $return['error'] = 1;
         $errormsg[] = "Invalid value submitted for Platform";
     }
     # scheduleid
     $schedules = getSchedules();
     if (!array_key_exists($return['scheduleid'], $schedules)) {
         $return['error'] = 1;
         $errormsg[] = "Invalid value submitted for Schedule";
     }
     # ram
     if ($return['ram'] < 500 || $return['ram'] > 16777215) {
         $return['error'] = 1;
         $errormsg[] = "Invalid value submitted for RAM";
     }
     # cores
     if ($return['cores'] < 1 || $return['cores'] > 255) {
         $return['error'] = 1;
         $errormsg[] = "Invalid value submitted for No. Cores";
     }
     # procspeed
     if ($return['procspeed'] < 500 || $return['procspeed'] > 10000) {
         $return['error'] = 1;
         $errormsg[] = "Invalid value submitted for Processor Speed";
     }
     # network
     if (!preg_match('/^(10|100|1000|10000|100000)$/', $return['network'])) {
         $return['error'] = 1;
         $errormsg[] = "Invalid value submitted for Network";
     }
     # predictivemoduleid
     $premodules = getPredictiveModules();
     if (!array_key_exists($return['predictivemoduleid'], $premodules)) {
         $return['error'] = 1;
         $errormsg[] = "Invalid value submitted for Predictive Loading Module";
     }
     $naterror = 0;
     # natenabled
     if ($return['natenabled'] != 0 && $return['natenabled'] != 1) {
         $return['error'] = 1;
         $errormsg[] = "Invalid value for Connect Using NAT";
         $naterror = 1;
     }
     # nathostid
     $nathosts = getNAThosts();
     if ($return['natenabled'] && $return['nathostid'] == 0 || $return['nathostid'] != 0 && !array_key_exists($return['nathostid'], $nathosts)) {
         $return['error'] = 1;
         $errormsg[] = "Invalid value submitted for NAT Host";
         $naterror = 1;
     }
     # nat change - check for active reservations
     $vclreloadid = getUserlistID('vclreload@Local');
     if ($return['mode'] == 'edit') {
         if ($olddata['nathostid'] == '') {
             $olddata['nathostid'] = 0;
         }
         if (!$naterror && ($olddata['natenabled'] != $return['natenabled'] || $olddata['nathostid'] != $return['nathostid'])) {
             $query = "SELECT rq.id " . "FROM request rq, " . "reservation rs " . "WHERE rs.requestid = rq.id AND " . "rs.computerid = {$return['rscid']} AND " . "rq.start <= NOW() AND " . "rq.end > NOW() AND " . "rq.stateid NOT IN (1,5,11,12) AND " . "rq.laststateid NOT IN (1,5,11,12) AND " . "rq.userid != {$vclreloadid}";
             $qh = doQuery($query);
             if (mysql_num_rows($qh)) {
                 $return['error'] = 1;
                 $errormsg[] = "This computer has an active reservation. NAT settings cannot be changed for computers having<br>active reservations.";
             }
         }
     }
     $nathosterror = 0;
     # nathostenabled
     if ($return['nathostenabled'] != 0 && $return['nathostenabled'] != 1) {
         $return['error'] = 1;
         $errormsg[] = "Invalid value for Use as NAT Host";
         $nathosterror = 1;
     }
     # natpublicIPaddress
     if ($return['nathostenabled'] && ($return['mode'] == 'edit' || $addmode == 'single')) {
         if (!validateIPv4addr($return['natpublicIPaddress'])) {
             $return['error'] = 1;
             $errormsg[] = "Invalid NAT Public IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
             $nathosterror = 1;
         }
         # natinternalIPaddress
         if (!validateIPv4addr($return['natinternalIPaddress'])) {
             $return['error'] = 1;
             $errormsg[] = "Invalid NAT Internal IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
             $nathosterror = 1;
         }
     }
     # nat host change - check for active reservations
     if (!$nathosterror && $return['mode'] == 'edit') {
         if ($olddata['nathostenabled'] != $return['nathostenabled'] || $olddata['natpublicIPaddress'] != $return['natpublicIPaddress'] || $olddata['natinternalIPaddress'] != $return['natinternalIPaddress']) {
             $query = "SELECT rq.id " . "FROM request rq, " . "reservation rs, " . "nathostcomputermap nhcm, " . "nathost nh " . "WHERE rs.requestid = rq.id AND " . "rs.computerid = nhcm.computerid AND " . "nhcm.nathostid = nh.id AND " . "nh.resourceid = {$olddata['resourceid']} AND " . "rq.start <= NOW() AND " . "rq.end > NOW() AND " . "rq.stateid NOT IN (1,5,11,12) AND " . "rq.laststateid NOT IN (1,5,11,12) AND " . "rq.userid != {$vclreloadid}";
             $qh = doQuery($query);
             if (mysql_num_rows($qh)) {
                 $return['error'] = 1;
                 $errormsg[] = "This computer is the NAT host for other computers that have active reservations. NAT host<br>settings cannot be changed while providing NAT for active reservations.";
             }
         }
     }
     # location
     if (!preg_match('/^([-a-zA-Z0-9_\\. ,@#\\(\\)]{0,255})$/', $return['location'])) {
         $return['error'] = 1;
         $errormsg[] = "Invalid value submitted for Location";
     }
     if ($return['mode'] == 'add') {
         $return['addmode'] = $addmode;
     }
     if ($return['error']) {
         $return['errormsg'] = implode('<br>', $errormsg);
     }
     return $return;
 }
Esempio n. 4
0
 function processInput($configid)
 {
     $return = array();
     $configtypes = getConfigTypes();
     $return['typeid'] = processInputVar('typeid', ARG_NUMERIC);
     if (!array_key_exists($return['typeid'], $configtypes)) {
         $this->errmsg = "Invalid type submitted";
         return 0;
     }
     $return['name'] = processInputVar('name', ARG_STRING);
     if (!preg_match('/^([-a-zA-Z0-9\\. ]){3,80}$/', $return['name'])) {
         $this->errmsg = "The name can only contain letters, numbers, spaces, dashes(-)," . "\\nand periods(.) and can be from 3 to 80 characters long";
         return 0;
     }
     # check for existance of name
     $name = mysql_real_escape_string($return['name']);
     $query = "SELECT id FROM config WHERE name = '{$name}' AND id != {$configid}";
     $qh = doQuery($query);
     if (mysql_num_rows($qh)) {
         $this->errmsg = "Another config with this name already exists.";
         return 0;
     }
     # owner
     $return['owner'] = processInputVar('owner', ARG_STRING);
     if (!validateUserid($return['owner'])) {
         $this->errmsg = "Invalid user submitted for owner";
         return 0;
     }
     $return['ownerid'] = getUserlistID($return['owner']);
     if (is_null($return['owner'])) {
         $this->errmsg = "Invalid user submitted for owner";
         return 0;
     }
     # optional
     $return['optional'] = processInputVar('optional', ARG_NUMERIC);
     if ($return['optional'] !== '0' && $return['optional'] !== '1') {
         $this->errmsg = "Invalid data submitted";
         return 0;
     }
     # type
     $return['type'] = $configtypes[$return['typeid']];
     # cluster
     if ($return['type'] == 'Cluster') {
         if (get_magic_quotes_gpc()) {
             $tmp = stripslashes($_POST['subimages']);
         } else {
             $tmp = $_POST['subimages'];
         }
         $tmp = json_decode($tmp, 1);
         if (is_null($tmp)) {
             $this->errmsg = "Invalid data submitted";
             return 0;
         }
         $resources = getUserResources(array("imageAdmin"));
         $return['subimages'] = $tmp['items'];
         foreach ($return['subimages'] as $key => $sub) {
             if (!array_key_exists($sub['imageid'], $resources['image'])) {
                 $this->errmsg = "Invalid subimage submitted";
                 return 0;
             } elseif (!is_numeric($sub['min']) || $sub['min'] < 1 || $sub['min'] > MAXSUBIMAGES || !is_numeric($sub['max']) || $sub['max'] < 1 || $sub['max'] > MAXSUBIMAGES || $sub['min'] > $sub['max']) {
                 $this->errmsg = "Invalid min/max value submitted for {$resources['image'][$sub['imageid']]}";
                 return 0;
             } elseif ($sub['deleted'] != 0 && $sub['deleted'] != 1) {
                 if ($sub['id'] > 15000000) {
                     unset($return['subimages'][$key]);
                 } else {
                     $return['subimages'][$key]['deleted'] = 0;
                 }
             }
         }
         $return['data'] = '';
     } elseif ($return['type'] == 'VLAN') {
         $tmp = getContinuationVar('configdata');
         $vdata = $tmp['variables'][0];
         $return['data'] = processInputVar('vlanid', ARG_NUMERIC);
         if ($return['data'] < 1 || $return['data'] > 4095) {
             $this->errmsg = "VLAN ID must be between 1 and 4095";
             return 0;
         }
         $var = array($vdata['id'] => array('id' => $vdata['id'], 'name' => 'VLAN', 'identifier' => $vdata['identifier'], 'datatypeid' => $vdata['datatypeid'], 'defaultvalue' => $return['data'], 'required' => '1', 'ask' => '0', 'deleted' => '0'));
         $return['configvariables'] = $var;
     } else {
         # TODO may need more validation on data
         $return['data'] = trim($_POST['data']);
         if (get_magic_quotes_gpc()) {
             $return['data'] = stripslashes($return['data']);
         }
         if (!is_string($return['data']) || $return['data'] == '') {
             $this->errmsg = "cannot be empty";
             return 0;
         }
         # TODO validate configvariable input
         if (get_magic_quotes_gpc()) {
             $tmp = stripslashes($_POST['configvariables']);
         } else {
             $tmp = $_POST['configvariables'];
         }
         $tmp = json_decode($tmp, 1);
         $return['configvariables'] = $tmp['items'];
     }
     return $return;
 }
Esempio n. 5
0
 function validateResourceData()
 {
     global $user;
     $return = array('error' => 0);
     $return["name"] = processInputVar("name", ARG_STRING);
     $return["owner"] = processInputVar("owner", ARG_STRING, "{$user["unityid"]}@{$user['affiliation']}");
     $return["ram"] = processInputVar("ram", ARG_NUMERIC, 512);
     $return["cores"] = processInputVar("cores", ARG_NUMERIC);
     $return["cpuspeed"] = processInputVar("cpuspeed", ARG_NUMERIC);
     $return["networkspeed"] = (int) processInputVar("networkspeed", ARG_NUMERIC);
     $return["concurrent"] = processInputVar("concurrent", ARG_NUMERIC, 0);
     $return["reload"] = processInputVar("reload", ARG_NUMERIC);
     # not in add
     $return["checkout"] = processInputVar("checkout", ARG_NUMERIC);
     $return["checkuser"] = processInputVar("checkuser", ARG_NUMERIC);
     $return["rootaccess"] = processInputVar("rootaccess", ARG_NUMERIC);
     $return["sethostname"] = processInputVar("sethostname", ARG_NUMERIC);
     $return["sysprep"] = processInputVar("sysprep", ARG_NUMERIC);
     # only in add
     $return["connectmethodids"] = processInputVar("connectmethodids", ARG_STRING);
     # only in add
     $return['requestid'] = getContinuationVar('requestid');
     # only in add
     $return["imageid"] = getContinuationVar('imageid');
     $return['baserevisionid'] = getContinuationVar('baserevisionid');
     $return["desc"] = processInputVar("desc", ARG_STRING);
     if (get_magic_quotes_gpc()) {
         $return["desc"] = stripslashes($return['desc']);
     }
     $return['desc'] = preg_replace("/[\n\\s]*\$/", '', $return['desc']);
     $return['desc'] = preg_replace("/\r/", '', $return['desc']);
     $return['desc'] = htmlspecialchars($return['desc']);
     $return['desc'] = preg_replace("/\n/", '<br>', $return['desc']);
     $return["usage"] = processInputVar("usage", ARG_STRING);
     if (get_magic_quotes_gpc()) {
         $return["usage"] = stripslashes($return['usage']);
     }
     $return['usage'] = preg_replace("/[\n\\s]*\$/", '', $return['usage']);
     $return['usage'] = preg_replace("/\r/", '', $return['usage']);
     $return['usage'] = htmlspecialchars($return['usage']);
     $return['usage'] = preg_replace("/\n/", '<br>', $return['usage']);
     $return["comments"] = processInputVar("imgcomments", ARG_STRING);
     if (get_magic_quotes_gpc()) {
         $return["comments"] = stripslashes($return['comments']);
     }
     $return['comments'] = preg_replace("/[\n\\s]*\$/", '', $return['comments']);
     $return['comments'] = preg_replace("/\r/", '', $return['comments']);
     $return['comments'] = htmlspecialchars($return['comments']);
     $return['comments'] = preg_replace("/\n/", '<br>', $return['comments']);
     if ($return['requestid'] != '') {
         $return['mode'] = 'add';
     } else {
         $return['mode'] = 'edit';
     }
     $errormsg = array();
     if (preg_match("/[-'\"]/", $return["name"]) || strlen($return["name"]) > 60 || strlen($return["name"]) < 2) {
         $return['error'] = 1;
         $errormsg[] = i("Name must be from 2 to 60 characters and cannot contain any dashes (-), single (') or double (\") quotes.");
     } elseif (!preg_match('/^[\\x20-\\x7E]+$/', $return["name"])) {
         $return['error'] = 1;
         $errormsg[] = i("Name can only contain alphabets, numbers, signs, and spaces.");
     } else {
         if ($return['mode'] == 'edit') {
             $imageid = $return['imageid'];
         } else {
             $imageid = '';
         }
         if ($this->checkForImageName($return["name"], "long", $imageid)) {
             $return['error'] = 1;
             $errormsg[] = i("An image already exists with this name.");
         }
     }
     if ($return["ram"] < 0 || $return["ram"] > 8388607) {
         $return['error'] = 1;
         $errormsg[] = i("RAM must be between 0 and 8388607");
     }
     if ($return["cores"] < 0 || $return["cores"] > 255) {
         $return['error'] = 1;
         $errormsg[] = i("Cores must be between 0 and 255");
     }
     if ($return["cpuspeed"] < 0 || $return["cpuspeed"] > 20000) {
         $return['error'] = 1;
         $errormsg[] = i("Processor Speed must be between 0 and 20000");
     }
     $lognetwork = log10($return['networkspeed']);
     if ($lognetwork < 1 || $lognetwork > 5) {
         $return['error'] = 1;
         $errormsg[] = i("Invalid value submitted for network speed");
     }
     if (!is_numeric($return['concurrent']) && !empty($return['concurrent']) || is_numeric($return['concurrent']) && ($return["concurrent"] < 0 || $return["concurrent"] > 255)) {
         $return['error'] = 1;
         $errormsg[] = i("Max concurrent usage must be between 0 and 255");
     }
     if ($return['mode'] == 'edit' && ($return["reload"] < 0 || $return["reload"] > 120)) {
         $return['error'] = 1;
         $errormsg[] = i("Estimated Reload Time must be between 0 and 120");
     }
     if (!validateUserid($return["owner"])) {
         $return['error'] = 1;
         $errormsg[] = i("Submitted ID is not valid");
     }
     if ($return['checkout'] != 0 && $return['checkout'] != 1) {
         $return['error'] = 1;
         $errormsg[] = i("Available for checkout must be Yes or No");
     }
     if ($return['checkuser'] != 0 && $return['checkuser'] != 1) {
         $return['error'] = 1;
         $errormsg[] = i("Check for logged in user must be Yes or No");
     }
     if ($return['rootaccess'] != 0 && $return['rootaccess'] != 1) {
         $return['error'] = 1;
         $errormsg[] = i("Users have administrative access must be Yes or No");
     }
     if ($return['sethostname'] != 0 && $return['sethostname'] != 1) {
         $return['error'] = 1;
         $errormsg[] = i("Set computer hostname must be Yes or No");
     }
     if ($return['mode'] == 'add' && $return['sysprep'] != 0 && $return['sysprep'] != 1) {
         $return['error'] = 1;
         $errormsg[] = i("Use sysprep must be Yes or No");
     }
     if (empty($return['desc'])) {
         $return['error'] = 1;
         $errormsg[] = i("You must include a description of the image") . "<br>";
     }
     if ($return['mode'] == 'add') {
         if (!preg_match('/^[,0-9]+$/', $return['connectmethodids'])) {
             $tmp = getImageConnectMethods($return['imageid'], getContinuationVar('baserevisionid', 0));
             $return['connectmethodids'] = implode(',', array_keys($tmp));
         } else {
             $conmethods = getConnectMethods($return['imageid']);
             $ids = array();
             foreach (explode(',', $return['connectmethodids']) as $id) {
                 if (array_key_exists($id, $conmethods)) {
                     $ids[$id] = 1;
                 }
             }
             if (empty($ids)) {
                 $ids = getImageConnectMethods($return['imageid'], getContinuationVar('baserevisionid', 0));
             }
             $return['connectmethodids'] = implode(',', array_keys($ids));
         }
     }
     if ($return['error']) {
         $return['errormsg'] = implode('<br>', $errormsg);
     }
     return $return;
 }
Esempio n. 6
0
function addGroupUser()
{
    global $submitErr, $submitErrMsg;
    $groupid = getContinuationVar("groupid");
    $newuser = processInputVar("newuser", ARG_STRING);
    if (validateUserid($newuser) != 1) {
        $submitErr |= IDNAMEERR;
        $submitErrMsg[IDNAMEERR] = "Invalid login ID";
        editOrAddGroup(0);
        return;
    }
    addUserGroupMember($newuser, $groupid);
    editOrAddGroup(0);
}
Esempio n. 7
0
function processImageInput($checks = 1)
{
    global $submitErr, $submitErrMsg, $user;
    $return = array();
    $mode = processInputVar("mode", ARG_STRING);
    $return["imageid"] = processInputVar("imageid", ARG_NUMERIC, getContinuationVar('imageid'));
    $return['requestid'] = getContinuationVar('requestid');
    #$return["name"] = processInputVar("name", ARG_STRING);
    $return["prettyname"] = processInputVar("prettyname", ARG_STRING);
    $return["owner"] = processInputVar("owner", ARG_STRING, "{$user["unityid"]}@{$user['affiliation']}");
    #$return["platformid"] = processInputVar("platformid", ARG_NUMERIC);
    #$return["osid"] = processInputVar("osid", ARG_NUMERIC);
    $return["minram"] = processInputVar("minram", ARG_NUMERIC, 64);
    $return["minprocnumber"] = processInputVar("minprocnumber", ARG_NUMERIC);
    $return["minprocspeed"] = processInputVar("minprocspeed", ARG_NUMERIC, 500);
    $return["minnetwork"] = processInputVar("minnetwork", ARG_NUMERIC);
    $return["maxconcurrent"] = processInputVar("maxconcurrent", ARG_NUMERIC);
    $return["reloadtime"] = processInputVar("reloadtime", ARG_NUMERIC, 10);
    $return["forcheckout"] = processInputVar("forcheckout", ARG_NUMERIC, 1);
    $return["checkuser"] = processInputVar("checkuser", ARG_NUMERIC, 1);
    $return["usergroupid"] = processInputVar("usergroupid", ARG_NUMERIC);
    $return["sysprep"] = processInputVar("sysprep", ARG_NUMERIC, 1);
    $return["description"] = processInputVar("description", ARG_STRING);
    $return["usage"] = processInputVar("usage", ARG_STRING);
    $return["comments"] = processInputVar("comments", ARG_STRING);
    $return['description'] = preg_replace("/[\n\\s]*\$/", '', $return['description']);
    $return['description'] = preg_replace("/\r/", '', $return['description']);
    $return['description'] = htmlspecialchars($return['description']);
    $return['description'] = preg_replace("/\n/", '<br>', $return['description']);
    $return['usage'] = preg_replace("/[\n\\s]*\$/", '', $return['usage']);
    $return['usage'] = preg_replace("/\r/", '', $return['usage']);
    $return['usage'] = htmlspecialchars($return['usage']);
    $return['usage'] = preg_replace("/\n/", '<br>', $return['usage']);
    $return['comments'] = preg_replace("/[\n\\s]*\$/", '', $return['comments']);
    $return['comments'] = preg_replace("/\r/", '', $return['comments']);
    $return['comments'] = htmlspecialchars($return['comments']);
    $return['comments'] = preg_replace("/\n/", '<br>', $return['comments']);
    if (!$checks) {
        return $return;
    }
    /*if($mode != "confirmAddImage" &&
    	   (strlen($return["name"]) > 30 || strlen($return["name"]) < 2)) {
    	   $submitErr |= NAMEERR;
    	   $submitErrMsg[NAMEERR] = "Short Name must be from 2 to 30 characters";
    	}
    	if(! ($submitErr & NAMEERR) && 
    	   checkForImageName($return["name"], "short", $return["imageid"])) {
    	   $submitErr |= NAMEERR;
    	   $submitErrMsg[NAMEERR] = "An image already exists with this name.";
    	}*/
    if (ereg('-', $return["prettyname"]) || strlen($return["prettyname"]) > 60 || strlen($return["prettyname"]) < 2) {
        $submitErr |= PRETTYNAMEERR;
        $submitErrMsg[PRETTYNAMEERR] = "Long Name must be from 2 to 60 characters " . "and cannot contain any dashes (-).";
    }
    if (!($submitErr & PRETTYNAMEERR) && checkForImageName($return["prettyname"], "long", $return["imageid"])) {
        $submitErr |= PRETTYNAMEERR;
        $submitErrMsg[PRETTYNAMEERR] = "An image already exists with this name.";
    }
    if ($return["minram"] < 0 || $return["minram"] > 20480) {
        $submitErr |= MINRAMERR;
        $submitErrMsg[MINRAMERR] = "RAM must be between 0 and 20480 MB";
    }
    if ($return["minprocspeed"] < 0 || $return["minprocspeed"] > 20000) {
        $submitErr |= MINPROCSPEEDERR;
        $submitErrMsg[MINPROCSPEEDERR] = "Processor Speed must be between 0 and 20000";
    }
    if (!is_numeric($return['maxconcurrent']) && !empty($return['maxconcurrent']) || is_numeric($return['maxconcurrent']) && ($return["maxconcurrent"] < 1 || $return["maxconcurrent"] > 255)) {
        $submitErr |= MAXCONCURRENTERR;
        $submitErrMsg[MAXCONCURRENTERR] = "Max concurrent usage must be blank or between 1 and 255";
    }
    if ($return["reloadtime"] < 0 || $return["reloadtime"] > 120) {
        $submitErr |= RELOADTIMEERR;
        $submitErrMsg[RELOADTIMEERR] = "Estimated Reload Time must be between 0 and 120";
    }
    if (!validateUserid($return["owner"])) {
        $submitErr |= IMGOWNERERR;
        $submitErrMsg[IMGOWNERERR] = "Submitted ID is not valid";
    }
    if (empty($return['description'])) {
        $submitErr |= IMAGEDESCRIPTIONERR;
        $submitErrMsg[IMAGEDESCRIPTIONERR] = "You must include a description of the image<br>";
    }
    return $return;
}
Esempio n. 8
0
function validateAPIgroupInput($items, $exists)
{
    # initialMaxTime
    if (array_key_exists('initialMaxTime', $items)) {
        if (!is_numeric($items['initialMaxTime']) || $items['initialMaxTime'] < 1 || $items['initialMaxTime'] > 65535) {
            return array('status' => 'error', 'errorcode' => 21, 'errormsg' => 'submitted initialMaxTime is invalid');
        }
    }
    # totalMaxTime
    if (array_key_exists('totalMaxTime', $items)) {
        if (!is_numeric($items['totalMaxTime']) || $items['totalMaxTime'] < 1 || $items['totalMaxTime'] > 65535) {
            return array('status' => 'error', 'errorcode' => 22, 'errormsg' => 'submitted totalMaxTime is invalid');
        }
    }
    # maxExtendTime
    if (array_key_exists('maxExtendTime', $items)) {
        if (!is_numeric($items['maxExtendTime']) || $items['maxExtendTime'] < 1 || $items['maxExtendTime'] > 65535) {
            return array('status' => 'error', 'errorcode' => 23, 'errormsg' => 'submitted maxExtendTime is invalid');
        }
    }
    # affiliation
    if (array_key_exists('affiliation', $items)) {
        $esc_affiliation = mysql_escape_string($items['affiliation']);
        $affilid = getAffiliationID($esc_affiliation);
        if (is_null($affilid)) {
            return array('status' => 'error', 'errorcode' => 17, 'errormsg' => 'unknown affiliation');
        }
        $items['affiliationid'] = $affilid;
    }
    # name
    if (array_key_exists('name', $items)) {
        if (!ereg('^[-a-zA-Z0-9_\\.: ]{3,30}$', $items['name'])) {
            return array('status' => 'error', 'errorcode' => 19, 'errormsg' => 'Name must be between 3 and 30 characters ' . 'and can only contain letters, numbers, and ' . 'these characters: - _ . :');
        }
        $esc_name = mysql_escape_string($items['name']);
        $doesexist = checkForGroupName($esc_name, 'user', '', $affilid);
        if ($exists && !$doesexist) {
            return array('status' => 'error', 'errorcode' => 18, 'errormsg' => 'user group with submitted name and affiliation does not exist');
        } elseif (!$exists && $doesexist) {
            return array('status' => 'error', 'errorcode' => 27, 'errormsg' => 'existing user group with submitted name and affiliation');
        } elseif ($exists && $doesexist) {
            $items['id'] = getUserGroupID($esc_name, $affilid);
        }
    }
    # owner
    if (array_key_exists('owner', $items)) {
        if (!validateUserid(mysql_escape_string($items['owner']))) {
            return array('status' => 'error', 'errorcode' => 20, 'errormsg' => 'submitted owner is invalid');
        }
    }
    # managingGroup
    if (array_key_exists('managingGroup', $items)) {
        $parts = explode('@', $items['managingGroup']);
        if (count($parts) != 2) {
            return array('status' => 'error', 'errorcode' => 24, 'errormsg' => 'submitted managingGroup is invalid');
        }
        $esc_mgName = mysql_escape_string($parts[0]);
        $esc_mgAffil = mysql_escape_string($parts[1]);
        $mgaffilid = getAffiliationID($esc_mgAffil);
        if (!checkForGroupName($esc_mgName, 'user', '', $mgaffilid)) {
            return array('status' => 'error', 'errorcode' => 25, 'errormsg' => 'submitted managingGroup does not exist');
        }
        $items['managingGroupID'] = getUserGroupID($esc_mgName, $mgaffilid);
        $items['managingGroupName'] = $parts[0];
        $items['managingGroupAffilid'] = $mgaffilid;
    }
    $items['status'] = 'success';
    return $items;
}
Esempio n. 9
0
function processUserPrefsInput($checks = 1)
{
    global $submitErr, $submitErrMsg, $user;
    $return = array();
    $defaultres = $user["width"] . 'x' . $user["height"];
    $return["preferredname"] = processInputVar("preferredname", ARG_STRING, $user["preferredname"]);
    $return["resolution"] = processInputVar("resolution", ARG_STRING, $defaultres);
    $return["bpp"] = processInputVar("bpp", ARG_NUMERIC, $user["bpp"]);
    $return["audiomode"] = processInputVar("audiomode", ARG_STRING, $user["audiomode"]);
    $return["mapdrives"] = processInputVar("mapdrives", ARG_NUMERIC, $user["mapdrives"]);
    $return["mapprinters"] = processInputVar("mapprinters", ARG_NUMERIC, $user["mapprinters"]);
    $return["mapserial"] = processInputVar("mapserial", ARG_NUMERIC, $user["mapserial"]);
    $return['unityid'] = "{$user['unityid']}@{$user['affiliation']}";
    if (!$checks) {
        return $return;
    }
    if (strlen($return["preferredname"]) > 25) {
        $submitErr |= PREFNAMEERR;
        $submitErrMsg[PREFNAMEERR] = "Preferred name can only be up to 25 characters";
    }
    if (!ereg('^[a-zA-Z ]*$', $return["preferredname"])) {
        $submitErr |= PREFNAMEERR;
        $submitErrMsg[PREFNAMEERR] = "Preferred name can only contain letters and spaces";
    }
    if (array_key_exists('unityid', $return) && !validateUserid($return['unityid'])) {
        $submitErr |= VIEWASUSERERR;
        $submitErrMsg[VIEWASUSERERR] = "Invalid user id";
    }
    if ($user['affiliation'] == 'Local') {
        $return['newpassword'] = $_POST['newpassword'];
        $confirmpwd = $_POST['confirmpassword'];
        $curr = $_POST['currentpassword'];
        if (get_magic_quotes_gpc()) {
            $return['newpassword'] = stripslashes($return['newpassword']);
            $confirmpwd = stripslashes($confirmpwd);
            $curr = stripslashes($curr);
        }
        if (!empty($return['newpassword']) && !empty($confirmpwd) && !validateLocalAccount($user['unityid'], $curr)) {
            $submitErr |= LOCALPASSWORDERR;
            $submitErrMsg[LOCALPASSWORDERR] = "Password incorrect";
        } elseif (empty($return['newpassword']) && !empty($confirmpwd) || !empty($return['newpassword']) && empty($confirmpwd) || $return['newpassword'] != $confirmpwd) {
            $submitErr |= LOCALPASSWORDERR;
            $submitErrMsg[LOCALPASSWORDERR] = "Passwords do not match";
        }
    }
    return $return;
}
Esempio n. 10
0
function AJsubmitAddUserPriv()
{
    global $submitErr, $submitErrMsg, $user;
    $node = processInputVar("activeNode", ARG_NUMERIC);
    if (!checkUserHasPriv("userGrant", $user["id"], $node)) {
        $text = "You do not have rights to add new users at this node.";
        print "addUserPaneHide(); ";
        print "alert('{$text}');";
        dbDisconnect();
        exit;
    }
    $newuser = processInputVar("newuser", ARG_STRING);
    if (!validateUserid($newuser)) {
        $text = "<font color=red>{$newuser} is not a valid userid</font>";
        print setAttribute('addUserPrivStatus', 'innerHTML', $text);
        dbDisconnect();
        exit;
    }
    $perms = explode(':', processInputVar('perms', ARG_STRING));
    $usertypes = getTypes("users");
    array_push($usertypes["users"], "block");
    array_push($usertypes["users"], "cascade");
    $newuserprivs = array();
    foreach ($usertypes["users"] as $type) {
        if (in_array($type, $perms)) {
            array_push($newuserprivs, $type);
        }
    }
    if (empty($newuserprivs) || count($newuserprivs) == 1 && in_array("cascade", $newuserprivs)) {
        $text = "<font color=red>No user privileges were specified</font>";
        print setAttribute('addUserPrivStatus', 'innerHTML', $text);
        dbDisconnect();
        exit;
    }
    $node = processInputVar("activeNode", ARG_NUMERIC);
    updateUserOrGroupPrivs($newuser, $node, $newuserprivs, array(), "user");
    clearPrivCache();
    print "refreshPerms();";
    dbDisconnect();
    exit;
}
Esempio n. 11
0
function processScheduleInput($checks = 1)
{
    global $submitErr, $submitErrMsg;
    $return = array();
    $return["start"] = array();
    $return["end"] = array();
    $return["scheduleid"] = getContinuationVar("scheduleid", processInputVar("scheduleid", ARG_NUMERIC));
    $return["name"] = getContinuationVar("name", processInputVar("name", ARG_STRING));
    $return["owner"] = getContinuationVar("owner", processInputVar("owner", ARG_STRING));
    $return["submode"] = processInputVar("submode", ARG_STRING);
    $return["selrow"] = processInputVar("selrow", ARG_NUMERIC);
    $return["count"] = getContinuationVar("count", processInputVar("count", ARG_NUMERIC, 0));
    $return["startDay"] = processInputVar("startDay", ARG_MULTINUMERIC);
    $return["startTime"] = processInputVar("startTime", ARG_MULTISTRING);
    $return["endDay"] = processInputVar("endDay", ARG_MULTINUMERIC);
    $return["endTime"] = processInputVar("endTime", ARG_MULTISTRING);
    if (!$checks) {
        return $return;
    }
    if (strlen($return["name"]) > 25 || strlen($return["name"]) < 2) {
        $submitErr |= SCHNAMEERR;
        $submitErrMsg[SCHNAMEERR] = "Name must be from 2 to 30 characters";
    }
    if (!($submitErr & SCHNAMEERR) && checkForScheduleName($return["name"], $return["scheduleid"])) {
        $submitErr |= SCHNAMEERR;
        $submitErrMsg[SCHNAMEERR] = "A schedule already exists with this name.";
    }
    if (!validateUserid($return["owner"])) {
        $submitErr |= SCHOWNERERR;
        $submitErrMsg[SCHOWNERERR] = "The submitted unity ID is invalid.";
    }
    for ($i = 0; $i < $return["count"]; $i++) {
        if (!ereg('^((0?[1-9])|(1[0-2])):([0-5][0-9]) (am|pm)$', $return["startTime"][$i]) || !ereg('^((0?[1-9])|(1[0-2])):([0-5][0-9]) (am|pm)$', $return["endTime"][$i])) {
            $submitErr |= 1 << $i;
            $submitErrMsg[1 << $i] = "Time must be of the form [H]H:MM&nbsp;am/pm";
        } elseif (daytimeToMin($return["startDay"][$i], $return["startTime"][$i], "start") >= daytimeToMin($return["endDay"][$i], $return["endTime"][$i], "end")) {
            $submitErr |= 1 << $i;
            $submitErrMsg[1 << $i] = "The start day/time must be before the end day/time";
        }
    }
    for ($i = 0; $i < $return["count"] - 1; $i++) {
        for ($j = $i + 1; $j < $return["count"]; $j++) {
            if (daytimeToMin($return["startDay"][$i], $return["startTime"][$i], "start") < daytimeToMin($return["endDay"][$j], $return["endTime"][$j], "end") && daytimeToMin($return["endDay"][$i], $return["endTime"][$i], "end") > daytimeToMin($return["startDay"][$j], $return["startTime"][$j], "start")) {
                $submitErr |= OVERLAPERR;
                $submitErrMsg[OVERLAPERR] = "At least 2 of the time periods overlap. Please combine them into a single entry.";
                break 2;
            }
        }
    }
    return $return;
}
Esempio n. 12
0
function XMLRPCaddUsersToGroup($name, $affiliation, $users)
{
    global $user;
    if (!in_array('groupAdmin', $user['privileges'])) {
        return array('status' => 'error', 'errorcode' => 16, 'errormsg' => 'access denied for managing user groups');
    }
    $validate = array('name' => $name, 'affiliation' => $affiliation);
    $rc = validateAPIgroupInput($validate, 1);
    if ($rc['status'] == 'error') {
        return $rc;
    }
    $query = "SELECT ownerid, " . "editusergroupid AS editgroupid " . "FROM usergroup " . "WHERE id = {$rc['id']}";
    $qh = doQuery($query, 101);
    if (!($row = mysql_fetch_assoc($qh))) {
        return array('status' => 'error', 'errorcode' => 18, 'errormsg' => 'user group with submitted name and affiliation does not exist');
    }
    # if not owner and not member of managing group, no access
    if ($user['id'] != $row['ownerid'] && !array_key_exists($row['editgroupid'], $user['groups'])) {
        return array('status' => 'error', 'errorcode' => 28, 'errormsg' => 'access denied to user group with submitted name and affiliation');
    }
    $fails = array();
    foreach ($users as $_user) {
        if (empty($_user)) {
            continue;
        }
        $esc_user = mysql_escape_string($_user);
        if (validateUserid($esc_user) == 1) {
            addUserGroupMember($esc_user, $rc['id']);
        } else {
            $fails[] = $_user;
        }
    }
    if (count($fails)) {
        $cnt = 'some';
        $code = 34;
        if (count($fails) == count($users)) {
            $cnt = 'all submitted';
            $code = 35;
        }
        return array('status' => 'warning', 'failedusers' => $fails, 'warningcode' => $code, 'warningmsg' => "failed to add {$cnt} users to user group");
    }
    return array('status' => 'success');
}
Esempio n. 13
0
function processBulkComputerInput($checks = 1)
{
    global $submitErr, $submitErrMsg, $viewmode;
    $return = processComputerInput2();
    $ipaddress = getContinuationVar("ipaddress", processInputVar("ipaddress", ARG_STRING));
    if (!empty($ipaddress)) {
        $return["startipaddress"] = $ipaddress;
        $tmp = $ipaddress;
        $tmpArr = explode('.', $tmp);
        array_pop($tmpArr);
        $return["endipaddress"] = implode('.', $tmpArr);
        $return["starthostval"] = "";
        $return["endhostval"] = "";
    } else {
        $return["startipaddress"] = getContinuationVar("startipaddress", processInputVar("startipaddress", ARG_STRING));
        $return["endipaddress"] = getContinuationVar("endipaddress", processInputVar("endipaddress", ARG_STRING));
        $return["starthostval"] = getContinuationVar("starthostval", processInputVar("starthostval", ARG_NUMERIC));
        $return["endhostval"] = getContinuationVar("endhostval", processInputVar("endhostval", ARG_NUMERIC));
    }
    $return["startpripaddress"] = getContinuationVar("startpripaddress", processInputVar("startpripaddress", ARG_STRING));
    $return["endpripaddress"] = getContinuationVar("endpripaddress", processInputVar("endpripaddress", ARG_STRING));
    $return["startmac"] = getContinuationVar("startmac", processInputVar("startmac", ARG_STRING));
    $return["stateid"] = getContinuationVar("stateid", processInputVar("stateid", ARG_NUMERIC));
    $return["owner"] = getContinuationVar("owner", processInputVar("owner", ARG_STRING));
    $return["platformid"] = getContinuationVar("platformid", processInputVar("platformid", ARG_NUMERIC));
    $return["scheduleid"] = getContinuationVar("scheduleid", processInputVar("scheduleid", ARG_NUMERIC));
    $return["ram"] = getContinuationVar("ram", processInputVar("ram", ARG_NUMERIC));
    $return["numprocs"] = getContinuationVar("numprocs", processInputVar("numprocs", ARG_NUMERIC));
    $return["procspeed"] = getContinuationVar("procspeed", processInputVar("procspeed", ARG_NUMERIC));
    $return["network"] = getContinuationVar("network", processInputVar("network", ARG_NUMERIC));
    $return["hostname"] = getContinuationVar("hostname", processInputVar("hostname", ARG_STRING));
    $return["type"] = getContinuationVar("type", processInputVar("type", ARG_STRING));
    $return["provisioningid"] = getContinuationVar("provisioningid", processInputVar("provisioningid", ARG_NUMERIC));
    $return["computergroup"] = getContinuationVar("computergroup", processInputVar("computergroup", ARG_MULTINUMERIC));
    $return['macs'] = getContinuationVar('macs', array());
    if (!$checks) {
        return $return;
    }
    $startaddrArr = explode('.', $return["startipaddress"]);
    if (!ereg('^(([0-9]){1,3}\\.){3}([0-9]){1,3}$', $return["startipaddress"]) || $startaddrArr[0] < 1 || $startaddrArr[0] > 255 || $startaddrArr[1] < 0 || $startaddrArr[1] > 255 || $startaddrArr[2] < 0 || $startaddrArr[2] > 255 || $startaddrArr[3] < 1 || $startaddrArr[3] > 255) {
        $submitErr |= IPADDRERR;
        $submitErrMsg[IPADDRERR] = "Invalid IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
    }
    $endaddrArr = explode('.', $return["endipaddress"]);
    if (!ereg('^(([0-9]){1,3}\\.){3}([0-9]){1,3}$', $return["endipaddress"]) || $endaddrArr[0] < 1 || $endaddrArr[0] > 255 || $endaddrArr[1] < 0 || $endaddrArr[1] > 255 || $endaddrArr[2] < 0 || $endaddrArr[2] > 255 || $endaddrArr[3] < 1 || $endaddrArr[3] > 255) {
        $submitErr |= IPADDRERR2;
        $submitErrMsg[IPADDRERR2] = "Invalid IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
    }
    $endpraddrArr = array();
    if ($viewmode == ADMIN_DEVELOPER) {
        if (!empty($return['startpripaddress']) || !empty($return['endpripaddress'])) {
            $startpraddrArr = explode('.', $return["startpripaddress"]);
            if (!ereg('^(([0-9]){1,3}\\.){3}([0-9]){1,3}$', $return["startpripaddress"]) || $startpraddrArr[0] < 1 || $startpraddrArr[0] > 255 || $startpraddrArr[1] < 0 || $startpraddrArr[1] > 255 || $startpraddrArr[2] < 0 || $startpraddrArr[2] > 255 || $startpraddrArr[3] < 1 || $startpraddrArr[3] > 255) {
                $submitErr |= IPADDRERR3;
                $submitErrMsg[IPADDRERR3] = "Invalid IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
            }
            $endpraddrArr = explode('.', $return["endpripaddress"]);
            if (!ereg('^(([0-9]){1,3}\\.){3}([0-9]){1,3}$', $return["endpripaddress"]) || $endpraddrArr[0] < 1 || $endpraddrArr[0] > 255 || $endpraddrArr[1] < 0 || $endpraddrArr[1] > 255 || $endpraddrArr[2] < 0 || $endpraddrArr[2] > 255 || $endpraddrArr[3] < 1 || $endpraddrArr[3] > 255) {
                $submitErr |= IPADDRERR4;
                $submitErrMsg[IPADDRERR4] = "Invalid IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
            }
        }
        if (!empty($return['startmac'])) {
            if (!ereg('^(([A-Fa-f0-9]){2}:){5}([A-Fa-f0-9]){2}$', $return["startmac"])) {
                $submitErr |= MACADDRERR;
                $submitErrMsg[MACADDRERR] = "Invalid MAC address.  Must be XX:XX:XX:XX:XX:XX " . "with each pair of XX being from 00 to FF (inclusive)";
            } elseif (!$submitErr) {
                $tmp = explode(':', $return['startmac']);
                $topdec = hexdec($tmp[0] . $tmp[1] . $tmp[2]);
                $botdec = hexdec($tmp[3] . $tmp[4] . $tmp[5]);
                $topmac = "{$tmp[0]}:{$tmp[1]}:{$tmp[2]}";
                $topplus = implode(':', str_split(dechex($topdec + 1), 2));
                $start = $botdec;
                $return['macs'] = array();
                $end = $start + ($endaddrArr[3] - $startaddrArr[3] + 1) * 2;
                for ($i = $start; $i < $end; $i++) {
                    if ($i > 16777215) {
                        $val = $i - 16777216;
                        $tmp = sprintf('%06x', $val);
                        $tmp2 = str_split($tmp, 2);
                        $return['macs'][] = $topplus . ':' . implode(':', $tmp2);
                    } else {
                        $tmp = sprintf('%06x', $i);
                        $tmp2 = str_split($tmp, 2);
                        $return['macs'][] = $topmac . ':' . implode(':', $tmp2);
                    }
                }
                if ($i > 16777215 && $topdec == 16777215) {
                    $submitErr |= MACADDRERR;
                    $submitErrMsg[MACADDRERR] = "Starting MAC address too large for given " . "given number of machines";
                }
            }
        }
    }
    if ($return["ram"] < 32 || $return["ram"] > 20480) {
        $submitErr |= RAMERR;
        $submitErrMsg[RAMERR] = "RAM must be between 32 and 20480";
    }
    if ($return["procspeed"] < 500 || $return["procspeed"] > 20000) {
        $submitErr |= PROCSPEEDERR;
        $submitErrMsg[PROCSPEEDERR] = "Processor Speed must be between 500 and 20000";
    }
    if (!ereg('^[a-zA-Z0-9_%][-a-zA-Z0-9_.%]{1,35}$', $return["hostname"])) {
        $submitErr |= HOSTNAMEERR;
        $submitErrMsg[HOSTNAMEERR] = "Hostname must be <= 36 characters";
    }
    if (empty($return["starthostval"]) && $return["starthostval"] != 0) {
        $submitErr |= STARTHOSTVALERR;
        $submitErrMsg[STARTHOSTVALERR] = "Start value can only be numeric.";
    }
    if (empty($return["endhostval"]) && $return["endhostval"] != 0) {
        $submitErr |= ENDHOSTVALERR;
        $submitErrMsg[ENDHOSTVALERR] = "End value can only be numeric.";
    }
    if (!($submitErr & IPADDRERR2 || $submitErr & ENDHOSTVALERR) && $endaddrArr[3] - $startaddrArr[3] != $return["endhostval"] - $return["starthostval"]) {
        $numipaddrs = $endaddrArr[3] - $startaddrArr[3] + 1;
        $numhostnames = $return["endhostval"] - $return["starthostval"] + 1;
        $submitErr |= IPADDRERR2;
        $submitErrMsg[IPADDRERR2] = "The number of IP addresses ({$numipaddrs}) " . "does not match the number of hostnames ({$numhostnames}).";
        $submitErr |= ENDHOSTVALERR;
        $submitErrMsg[ENDHOSTVALERR] = "The number of IP addresses ({$numipaddrs}) " . "does not match the number of hostnames ({$numhostnames}).";
    }
    if ($viewmode == ADMIN_DEVELOPER && !empty($return['startpripaddress']) && !empty($return['endpripaddress']) && (!($submitErr & IPADDRERR2 || $submitErr & IPADDRERR4) && !empty($endpraddrArr) && $endaddrArr[3] - $startaddrArr[3] != $endpraddrArr[3] - $startpraddrArr[3])) {
        $numpubaddrs = $endaddrArr[3] - $startaddrArr[3] + 1;
        $numpraddrs = $endpraddrArr[3] - $startpraddrArr[3] + 1;
        $submitErr |= IPADDRERR2;
        $submitErrMsg[IPADDRERR2] = "The number of public IP addresses ({$numpubaddrs}) " . "does not match the number of private IP addresses ({$numpraddrs}).";
        $submitErr |= IPADDRERR4;
        $submitErrMsg[IPADDRERR4] = $submitErrMsg[IPADDRERR2];
    }
    if (!validateUserid($return["owner"])) {
        $submitErr |= OWNERERR;
        $submitErrMsg[OWNERERR] = "Submitted ID is not valid";
    }
    $return['count'] = 0;
    if (!$submitErr) {
        $return['count'] = $endaddrArr[3] - $startaddrArr[3] + 1;
    }
    return $return;
}
Esempio n. 14
0
 function validateResourceData()
 {
     global $user;
     $return = array('error' => 0);
     $return['rscid'] = getContinuationVar('rscid', 0);
     $return['name'] = processInputVar('name', ARG_STRING);
     $return['owner'] = processInputVar('owner', ARG_STRING, "{$user['unityid']}@{$user['affiliation']}");
     $return['ipaddress'] = processInputVar('ipaddress', ARG_STRING);
     $return['stateid'] = processInputVar('stateid', ARG_NUMERIC);
     $return['sysadminemail'] = processInputVar('sysadminemail', ARG_STRING);
     $return['sharedmailbox'] = processInputVar('sharedmailbox', ARG_STRING);
     $return['installpath'] = processInputVar('installpath', ARG_STRING);
     $return['timeservers'] = processInputVar('timeservers', ARG_STRING);
     $return['keys'] = processInputVar('keys', ARG_STRING);
     $return['sshport'] = processInputVar('sshport', ARG_NUMERIC);
     $return['imagelibenable'] = processInputVar('imagelibenable', ARG_NUMERIC);
     $return['imagelibgroupid'] = processInputVar('imagelibgroupid', ARG_NUMERIC);
     $return['imagelibuser'] = processInputVar('imagelibuser', ARG_STRING);
     $return['imagelibkey'] = processInputVar('imagelibkey', ARG_STRING);
     $return['publicIPconfig'] = processInputVar('publicIPconfig', ARG_STRING);
     $return['publicnetmask'] = processInputVar('publicnetmask', ARG_STRING);
     $return['publicgateway'] = processInputVar('publicgateway', ARG_STRING);
     $return['publicdnsserver'] = processInputVar('publicdnsserver', ARG_STRING);
     $return['checkininterval'] = processInputVar('checkininterval', ARG_NUMERIC);
     $return['availablenetworks'] = processInputVar('availablenetworks', ARG_STRING);
     $return['federatedauth'] = processInputVar('federatedauth', ARG_STRING);
     $return['nathostenabled'] = processInputVar('nathostenabled', ARG_NUMERIC);
     $return['natpublicIPaddress'] = processInputVar('natpublicipaddress', ARG_STRING);
     $return['natinternalIPaddress'] = processInputVar('natinternalipaddress', ARG_STRING);
     if (get_magic_quotes_gpc()) {
         $return['sysadminemail'] = stripslashes($return['sysadminemail']);
         $return['sharedmailbox'] = stripslashes($return['sharedmailbox']);
     }
     $olddata = getContinuationVar('olddata');
     if ($return['rscid'] == 0) {
         $return['mode'] = 'add';
     } else {
         $return['mode'] = 'edit';
     }
     $errormsg = array();
     # hostname
     if (!preg_match('/^[a-zA-Z0-9_][-a-zA-Z0-9_\\.]{1,49}$/', $return['name'])) {
         $return['error'] = 1;
         $errormsg[] = "Hostname can only contain letters, numbers, dashes(-), periods(.), and underscores(_). It can be from 1 to 50 characters long";
     } elseif ($this->checkForMgmtnodeHostname($return['name'], $return['rscid'])) {
         $return['error'] = 1;
         $errormsg[] = "A node already exists with this hostname.";
     }
     # owner
     if (!validateUserid($return['owner'])) {
         $return['error'] = 1;
         $errormsg[] = "Submitted owner is not valid";
     }
     # ipaddress
     if (!validateIPv4addr($return['ipaddress'])) {
         $return['error'] = 1;
         $errormsg[] = "Invalid IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
     }
     # sysadminemail
     if ($return['sysadminemail'] != '') {
         $addrs = explode(',', $return['sysadminemail']);
         foreach ($addrs as $addr) {
             if (!validateEmailAddress($addr)) {
                 $return['error'] = 1;
                 $errormsg[] = "Invalid email address entered for SysAdmin Email Address(es)";
                 break;
             }
         }
     }
     # sharedmailbox
     if ($return['sharedmailbox'] != '' && !validateEmailAddress($return['sharedmailbox'])) {
         $return['error'] = 1;
         $errormsg[] = "Invalid email address entered for Shadow Emails";
     }
     # installpath
     if ($return['installpath'] != '' && !preg_match('/^([-a-zA-Z0-9_\\.\\/]){2,100}$/', $return['installpath'])) {
         $return['error'] = 1;
         $errormsg[] = "Install Path must be empty or only contain letters, numbers, dashes(-), periods(.), underscores(_), and forward slashes(/) and be from 2 to 100 characters long";
     }
     # timeservers
     if ($return['timeservers'] != '') {
         if (strlen($return['timeservers']) > 1000) {
             $return['error'] = 1;
             $errormsg[] = "Too much data entered for Time Server(s)";
         } else {
             $hosts = explode(',', $return['timeservers']);
             foreach ($hosts as $host) {
                 if (preg_match('/^([0-9]{1,3}(\\.?))+$/', $host) && !validateIPv4addr($host) || !preg_match('/^[a-zA-Z0-9_][-a-zA-Z0-9_\\.]{1,50}$/', $host)) {
                     $return['error'] = 1;
                     $errormsg[] = "Time servers must be an IP address or a hostname containing only letters, numbers, dashes(-), periods(.), and underscores(_). Each host can be up to 50 characters long";
                     break;
                 }
             }
         }
     }
     # keys
     if ($return['keys'] != '' && !preg_match('/^([-a-zA-Z0-9_\\.\\/,]){2,1024}$/', $return['keys'])) {
         $return['error'] = 1;
         $errormsg[] = "End Node SSH Identity Key Files can only contain letters, numbers, dashes(-), periods(.), underscores(_), forward slashes(/), and commas(,). It can be from 2 to 1024 characters long";
     }
     # imagelibenable
     if ($return['imagelibenable'] == 1) {
         # imagelibgroupid
         $validgroups = getUserResources(array('mgmtNodeAdmin'), array('manageGroup'), 1);
         if (!array_key_exists($return['imagelibgroupid'], $validgroups['managementnode'])) {
             $return['error'] = 1;
             $errormsg[] = "The group selected for Image Library Management Node Group is not valid";
         }
         # imagelibuser
         if (!preg_match('/^([-a-zA-Z0-9_\\.\\/,]){2,20}$/', $return['imagelibuser'])) {
             $return['error'] = 1;
             $errormsg[] = "Image Library User can only contain letters, numbers, and dashes(-) and can be from 2 to 20 characters long";
         }
         # imagelibkey
         if (!preg_match('/^([-a-zA-Z0-9_\\.\\/,]){2,100}$/', $return['imagelibkey'])) {
             $return['error'] = 1;
             $errormsg[] = "Image Library SSH Identity Key File can only contain letters, numbers, dashes(-), periods(.), underscores(_), and forward slashes(/). It can be from 2 to 100 characters long";
         }
     } else {
         $return['imagelibenable'] = 0;
         if ($return['mode'] == 'edit') {
             $return['imagelibgroupid'] = $olddata['imagelibgroupid'];
             $return['imagelibuser'] = $olddata['imagelibuser'];
             $return['imagelibkey'] = $olddata['imagelibkey'];
         } else {
             $return['imagelibgroupid'] = '';
             $return['imagelibuser'] = '';
             $return['imagelibkey'] = '';
         }
     }
     # publicIPconfig
     if (!preg_match('/^(dynamicDHCP|manualDHCP|static)$/', $return['publicIPconfig'])) {
         $return['publicIPconfig'] = 'dynamicDHCP';
     }
     if ($return['publicIPconfig'] == 'static') {
         # publicnetmask
         $bnetmask = ip2long($return['publicnetmask']);
         if (!preg_match('/^[1]+0[^1]+$/', sprintf('%032b', $bnetmask))) {
             $return['error'] = 1;
             $errormsg[] = "Invalid value specified for Public Netmask";
         }
         # publicgateway
         if (preg_match('/^([0-9]{1,3}(\\.?))+$/', $return['publicgateway']) && !validateIPv4addr($return['publicgateway'])) {
             $return['error'] = 1;
             $errormsg[] = "Invalid value specified for Public Gateway";
         } elseif (!preg_match('/^[a-zA-Z0-9_][-a-zA-Z0-9_\\.]{1,56}$/', $return["publicgateway"])) {
             $return['error'] = 1;
             $errormsg[] = "Public gateway must be an IP address or a hostname containing only letters, numbers, dashes(-), periods(.), and underscores(_). It can be up to 56 characters long";
         }
         # publicdnsserver
         $servers = explode(',', $return['publicdnsserver']);
         if (empty($servers)) {
             $return['error'] = 1;
             $errormsg[] = "Please enter at least one Public DNS server";
         } else {
             foreach ($servers as $server) {
                 if (!validateIPv4addr($server)) {
                     $return['error'] = 1;
                     $errormsg[] = "Invalid IP address entered for Public DNS Server";
                     break;
                 }
             }
         }
     } else {
         $return['publicnetmask'] = $olddata['publicnetmask'];
         $return['publicgateway'] = $olddata['publicgateway'];
     }
     # stateid  2 - available, 5 - failed, 10 - maintenance
     if (!preg_match('/^(2|5|10)$/', $return['stateid'])) {
         $return['error'] = 1;
         $errormsg[] = "Invalid value submitted for State";
     }
     # checkininterval
     if ($return['checkininterval'] < 5) {
         $return['checkininterval'] = 5;
     } elseif ($return['checkininterval'] > 30) {
         $return['checkininterval'] = 30;
     }
     # sshport
     if ($return['sshport'] < 1 || $return['sshport'] > 65535) {
         $return['sshport'] = 22;
     }
     # availablenetworks
     if ($return['availablenetworks'] != '') {
         if (strpos("\n", $return['availablenetworks'])) {
             $return['availablenetworks'] = preg_replace("/(\r)?\n/", ',', $return['availablenetworks']);
         }
         $return['availablenetworks2'] = explode(',', $return['availablenetworks']);
         foreach ($return['availablenetworks2'] as $key => $net) {
             $net = trim($net);
             if ($net == '') {
                 unset($return['availablenetworks2'][$key]);
                 $return['availablenetworks'] = implode("\n", $return['availablenetworks2']);
                 continue;
             }
             $return['availablenetworks2'][$key] = $net;
             if (!preg_match('/^([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\/([0-9]{2})$/', $net, $matches) || $matches[1] < 0 || $matches[1] > 255 || $matches[2] < 0 || $matches[2] > 255 || $matches[3] < 0 || $matches[3] > 255 || $matches[4] < 0 || $matches[4] > 255 || $matches[5] < 1 || $matches[5] > 32) {
                 $return['error'] = 1;
                 $errormsg[] = "Invalid network entered for Available Public Networks; must be comma delimited list of valid networks in the form of x.x.x.x/yy";
             }
         }
     }
     # federatedauth
     if ($return['federatedauth'] != '') {
         $affils = getAffiliations();
         $fedarr = explode(',', $return['federatedauth']);
         $test = array_udiff($fedarr, $affils, 'strcasecmp');
         if (!empty($test)) {
             $new = array();
             foreach ($test as $affil) {
                 if (preg_match('/^[-0-9a-zA-Z_\\.:;,]*$/', $affil)) {
                     $new[] = $affil;
                 }
             }
             if (count($test) == count($new)) {
                 $errormsg[] = "These affiliations do not exist: " . implode(', ', $new);
             } else {
                 $errormsg[] = "Invalid data entered for Affiliations using Federated Authentication for Linux Images";
             }
             $return['error'] = 1;
         }
     }
     $nathosterror = 0;
     # nathostenabled
     if ($return['nathostenabled'] != 0 && $return['nathostenabled'] != 1) {
         $return['error'] = 1;
         $errormsg[] = "Invalid value for Use as NAT Host";
         $nathosterror = 1;
     }
     # natpublicIPaddress
     if ($return['nathostenabled']) {
         if (!validateIPv4addr($return['natpublicIPaddress'])) {
             $return['error'] = 1;
             $errormsg[] = "Invalid NAT Public IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
             $nathosterror = 1;
         }
         # natinternalIPaddress
         if (!validateIPv4addr($return['natinternalIPaddress'])) {
             $return['error'] = 1;
             $errormsg[] = "Invalid NAT Internal IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)";
             $nathosterror = 1;
         }
     }
     # nat host change - check for active reservations
     if (!$nathosterror && $return['mode'] == 'edit') {
         if ($olddata['nathostenabled'] != $return['nathostenabled'] || $olddata['natpublicIPaddress'] != $return['natpublicIPaddress'] || $olddata['natinternalIPaddress'] != $return['natinternalIPaddress']) {
             $vclreloadid = getUserlistID('vclreload@Local');
             $query = "SELECT rq.id " . "FROM request rq, " . "reservation rs, " . "nathostcomputermap nhcm, " . "nathost nh " . "WHERE rs.requestid = rq.id AND " . "rs.computerid = nhcm.computerid AND " . "nhcm.nathostid = nh.id AND " . "nh.resourceid = {$olddata['resourceid']} AND " . "rq.start <= NOW() AND " . "rq.end > NOW() AND " . "rq.stateid NOT IN (1,5,11,12) AND " . "rq.laststateid NOT IN (1,5,11,12) AND " . "rq.userid != {$vclreloadid}";
             $qh = doQuery($query);
             if (mysql_num_rows($qh)) {
                 $return['error'] = 1;
                 $errormsg[] = "This management node is the NAT host for computers that have active reservations. NAT host<br>settings cannot be changed while providing NAT for active reservations.";
             }
         }
     }
     if ($return['error']) {
         $return['errormsg'] = implode('<br>', $errormsg);
     }
     return $return;
 }
Esempio n. 15
0
 function validateResourceData()
 {
     global $user;
     $return = array('error' => 0);
     $errormsg = array();
     $return['rscid'] = getContinuationVar('rscid', 0);
     $return["name"] = processInputVar("name", ARG_STRING);
     $return["owner"] = processInputVar("owner", ARG_STRING, "{$user["unityid"]}@{$user['affiliation']}");
     $times = processInputVar('times', ARG_STRING);
     if (!preg_match("/^([A-Za-z0-9-!@#\$%^&\\*\\(\\)_=\\+\\[\\]{}\\\\|:;,\\.\\/\\?~` ]){2,30}\$/", $return['name'])) {
         $return['error'] = 1;
         $errormsg[] = "Name cannot contain single (') or double (&quot;) quotes, " . "less than (&lt;), or greater than (&gt;) and can be from 2 to 30 " . "characters long";
     } elseif ($this->checkForScheduleName($return['name'], $return['rscid'])) {
         $return['error'] = 1;
         $errormsg[] = "A schedule already exists with this name.";
     }
     if (!validateUserid($return['owner'])) {
         $return['error'] = 1;
         $errormsg[] = "Submitted owner is not valid";
     }
     if (!preg_match('/^([0-9]+:[0-9]+,)*([0-9]+:[0-9]+){1}$/', $times)) {
         $return['error'] = 1;
         $errormsg[] = "Invalid time data submitted";
     }
     if (!$return['error']) {
         $times = explode(',', $times);
         $return['times'] = array();
         foreach ($times as $pair) {
             list($start, $end) = explode(':', $pair);
             foreach ($return['times'] as $check) {
                 if ($start < $check['end'] && $end > $check['start']) {
                     $return['error'] = 1;
                     $errormsg[] = "Two sets of times are overlapping - please correct and save again";
                     break 2;
                 }
             }
             $return['times'][] = array('start' => $start, 'end' => $end);
         }
     }
     if ($return['error']) {
         $return['errormsg'] = implode('<br>', $errormsg);
     }
     return $return;
 }