Esempio n. 1
0
    /**
     * @param $title string title in UTF-8
     * @return string
     */
    public static function html_start($title)
    {
        $title = REST::htmlspecialchars($title);
        $t_index = REST::urlencode(dirname($_SERVER['REQUEST_URI']));
        if ($t_index != '/') {
            $t_index .= '/';
        }
        $t_index = REST::htmlspecialchars($t_index);
        $portalurl = self::PORTAL_URL;
        $retval = REST::xml_header() . <<<EOS
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-us">
<head>
  <title>{$title}</title>
  <link rel="stylesheet" type="text/css" href="{$portalurl}style.css" />
  <link rel="index" rev="child" type="application/xhtml+xml" href="{$t_index}" />
</head><body>
<div id="header"><p><a rel="index" rev="child" href="{$t_index}"><img border="0" src="{$portalurl}dirup.png"/> UP</a></p>
<h1>{$title}</h1></div>
EOS;
        return $retval;
    }
    REST::fatal(REST::HTTP_BAD_REQUEST, 'Missing (one of) required parameters "email" and "password"');
}
$dn = Portal_User::csa_dn();
if (empty($dn)) {
    REST::fatal(REST::HTTP_NOT_FOUND);
}
$escemail = Portal_MySQL::escape_string($_GET['email']);
$md5password = md5($_GET['password']);
$escdn = Portal_MySQL::escape_string($dn);
Portal_MySQL::real_query(<<<EOS
DELETE FROM `User`
WHERE `user_dn` = {$escdn}
  AND `user_email` <> {$escemail};
EOS
);
Portal_MySQL::real_query(<<<EOS
UPDATE `User`
SET `user_dn` = {$escdn}
WHERE `user_email` = {$escemail}
  AND `user_password` = '{$md5password}';
EOS
);
if (!Portal_MySQL::mysql()->affected_rows) {
    Portal_User::unauthorized();
}
$url = REST::htmlspecialchars(Portal::portalURL());
REST::fatal(REST::HTTP_OK, <<<EOS
<p>Registration complete.</p>
<p>You can now start <a href="{$url}">using the GridApps web service</a>.</p>
EOS
);
Esempio n. 3
0
 /**
  * @param $name string the relative URL of the resource. May include query params.
  * @param $info array fieldname => value pairs with extra information about the resource.
  * @param $delete bool indicates whether the resource supports the DELETE method. 
  * @return string
  */
 public function line($name, $info = null, $delete = false)
 {
     if (!is_array($info)) {
         $info = array();
     }
     if (!$this->header_sent) {
         if ($this->headers === null) {
             $this->headers = array_keys($info);
         }
         $this->start();
     }
     // ⌧ (the erase sign)
     $expname = explode('?', $name, 2);
     $escname = htmlspecialchars(urldecode($expname[0]), ENT_QUOTES, 'UTF-8');
     #$escsize = htmlspecialchars($size, ENT_QUOTES, 'UTF-8');
     $is_coll = substr($expname[0], -1) === '/';
     echo '<tr class="' . ($is_coll ? 'collection' : 'resource') . '">' . '<td class="delete">';
     if ($delete) {
         echo '<form action="' . htmlspecialchars($name, ENT_QUOTES, 'UTF-8') . (strstr($name, '?') === false ? '?' : '&') . 'http_method=DELETE" method="post"><input type="submit" value="✘" title="Delete ' . $escname . '"/></form>';
     }
     echo '</td><td class="name"><a rel="child" href="' . htmlspecialchars($name, ENT_QUOTES, 'UTF-8') . '">' . $escname . '</a></td>';
     foreach ($this->headers as $header) {
         echo '<td class="' . strtolower(preg_replace('/[^\\w\\d]+/', '', $header)) . '">';
         if (isset($info[$header])) {
             $value = $info[$header];
             if (strtolower(substr($header, -4)) != 'html') {
                 $value = REST::htmlspecialchars($value);
             }
             echo $value;
         }
         echo "</td>\n";
     }
     echo "</tr>\n";
 }
 * Licensed under the Apache License, Version 2.0 (the "License"); you may
 * not use this file except in compliance with the License. You may obtain
 * a copy of the License at <http://www.apache.org/licenses/LICENSE-2.0>
 * 
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 * 
 * $Id: databases.php 2459 2009-08-10 21:20:41Z pieterb $
 **************************************************************************/
/**
 * File documentation.
 * @package Portal
 */
require_once 'include/global.php';
REST::require_method('GET', 'HEAD');
$user_id = Portal_User::current()->user_id();
$result = Portal_MySQL::query(<<<EOS
SELECT DISTINCT `name` FROM `Database`
WHERE `is_shared` > 0
   OR `user_id` = {$user_id}
EOS
);
$action = REST::htmlspecialchars($_SERVER['REQUEST_URI']);
$directory = RESTDir::factory('Available databases (by name)');
while ($row = $result->fetch_row()) {
    $directory->line($row[0] . '/');
}
$directory->end();
DELETE FROM `Token`
 WHERE `token_id`={$escjobid}
   AND `user_id`={$escuserid};
EOS
);
    if (!Portal_MySQL::mysql()->affected_rows) {
        REST::fatal(REST::HTTP_NOT_FOUND);
    }
    REST::header(array('status' => REST::HTTP_NO_CONTENT));
    exit;
}
// The user tries to get information about eir jobs
if (file_exists($fullfilename = Portal::JOBRESULTS_DIR . $jobid)) {
    REST::redirect(REST::HTTP_SEE_OTHER, Portal::portalURL() . "jobresults/{$jobid}");
}
$result = Portal_MySQL::query(<<<EOS
SELECT `token_error` 
  FROM `Token`
 WHERE `token_id`={$escjobid}
   AND `user_id`={$escuserid};
EOS
);
if (!($row = $result->fetch_row())) {
    // Can't find what the user is looking for
    REST::fatal(REST::HTTP_GONE);
}
if (empty($row[0])) {
    REST::fatal(REST::HTTP_NOT_FOUND, "<p>Your job hasn't been executed yet. Try again later.</p>");
}
REST::fatal(REST::HTTP_OK, '<p>Your job finished with the following error:</p><pre>' . REST::htmlspecialchars($row[0]) . '</pre>');
 public static function html_end()
 {
     $retval = '<div id="footer">';
     if ($_SERVER['REQUEST_METHOD'] === 'GET') {
         if ($_SERVER['SERVER_PORT'] == self::PORT_SSL) {
             $switchto = 'X.509 Client Certificate Authentication';
             $url = 'https://' . $_SERVER['SERVER_NAME'] . ':' . self::PORT_SSL_CSA . $_SERVER['REQUEST_URI'];
         } elseif ($_SERVER['SERVER_PORT'] == self::PORT_SSL_CSA) {
             $switchto = 'Username/Password Authentication';
             $url = 'https://' . $_SERVER['SERVER_NAME'] . ':' . self::PORT_SSL . $_SERVER['REQUEST_URI'];
         }
         $retval .= '<div id="changeauth"><a href="' . REST::htmlspecialchars($url) . '">Switch to ' . $switchto . '</a></div>';
     }
     //    if ($_SERVER['REQUEST_METHOD'] === 'GET') {
     //      if ($_SERVER['SERVER_PORT'] == Portal::PORT_SSL) {
     //        $switchto = 'X.509 Client Certificate Authentication';
     //        $url = 'https://' . $_SERVER['SERVER_NAME'] . ':' . Portal::PORT_SSL_CSA .
     //          $_SERVER['REQUEST_URI'];
     //      } else {
     //        $switchto = 'Username/Password Authentication';
     //        $url = 'https://' . $_SERVER['SERVER_NAME'] . ':' . Portal::PORT_SSL .
     //          $_SERVER['REQUEST_URI'];
     //      }
     //      $retval .= '<a href="' . REST::htmlspecialchars($url) . '">Switch to ' .
     //        $switchto . '</a>';
     //    }
     $retval .= '</div></body></html>';
     return $retval;
 }
 * See the License for the specific language governing permissions and
 * limitations under the License.
 * 
 * $Id: register.php 2459 2009-08-10 21:20:41Z pieterb $
 **************************************************************************/
/**
 * File documentation.
 * @package Portal
 */
require_once 'include/global.php';
$referrer = empty($_GET['referrer']) ? null : REST::htmlspecialchars($_GET['referrer']);
if (isset($_GET['email']) && isset($_GET['name'])) {
    // Check the email address for syntax:
    $_GET['email'] = strtolower($_GET['email']);
    if (!preg_match('/^[\\w\\d\\-.]+@[\\w\\d\\-]+(?:\\.[\\w\\d\\-]+)*\\.\\w+$/', $_GET['email'])) {
        REST::fatal(REST::HTTP_BAD_REQUEST, '<p>"' . REST::htmlspecialchars($_GET['email']) . '" is not a well-formed e-mail address.</p>');
    }
    // Check the name:
    $_GET['name'] = preg_replace('/\\s+/', ' ', trim($_GET['name']));
    if ($_GET['name'] === '') {
        REST::fatal(REST::HTTP_BAD_REQUEST, '<p>Please provide a display name.</p>');
    }
    $escemail = Portal_MySQL::escape_string($_GET['email']);
    $escname = Portal_MySQL::escape_string($_GET['name']);
    //  $dn = ($_SERVER['SERVER_PORT'] == Portal::PORT_SSL_CSA)
    //    ? Portal_User::csa_dn() : null;
    //  $escdn = Portal_MySQL::escape_string($dn);
    $password = Portal_User::createPassword();
    $md5password = md5($password);
    Portal_MySQL::real_query(<<<EOS
INSERT INTO `User` (`user_email`, `user_name`, `user_password`)
 /**
  * Never returns
  */
 public static function unauthorized()
 {
     if ($_SERVER['SERVER_PORT'] == Portal::PORT_PLAIN) {
         REST::redirect(REST::HTTP_TEMPORARY_REDIRECT, 'https://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']);
     }
     header('WWW-Authenticate: Basic realm="Grid Portal"');
     $register = REST::htmlspecialchars('https://' . $_SERVER['SERVER_NAME'] . Portal::portalURL() . 'register?referrer=' . urlencode(REST::urlbase() . $_SERVER['REQUEST_URI']));
     REST::fatal(REST::HTTP_UNAUTHORIZED, "<p>You can register <a href=\"{$register}\">here</a>.</p>");
     exit;
 }