예제 #1
0
function updateLDAPUser($authtype, $userid)
{
    global $authMechs;
    $esc_userid = mysql_real_escape_string($userid);
    $userData = getLDAPUserData($authtype, $userid);
    if (is_null($userData)) {
        return NULL;
    }
    $affilid = $authMechs[$authtype]['affiliationid'];
    $now = unixToDatetime(time());
    // select desired data from db
    $qbase = "SELECT i.name AS IMtype, " . "u.IMid AS IMid, " . "u.affiliationid, " . "af.name AS affiliation, " . "af.shibonly, " . "u.emailnotices, " . "u.preferredname AS preferredname, " . "u.uid AS uid, " . "u.id AS id, " . "u.width AS width, " . "u.height AS height, " . "u.bpp AS bpp, " . "u.audiomode AS audiomode, " . "u.mapdrives AS mapdrives, " . "u.mapprinters AS mapprinters, " . "u.mapserial AS mapserial, " . "COALESCE(u.rdpport, 3389) AS rdpport, " . "u.showallgroups " . "FROM user u, " . "IMtype i, " . "affiliation af " . "WHERE u.IMtypeid = i.id AND " . "af.id = {$affilid} AND ";
    if (array_key_exists('numericid', $userData) && is_numeric($userData['numericid'])) {
        $query = $qbase . "u.uid = {$userData['numericid']}";
    } else {
        $query = $qbase . "u.unityid = '{$esc_userid}' AND " . "u.affiliationid = {$affilid}";
    }
    $qh = doQuery($query, 255);
    $updateuid = 0;
    # check to see if there is a matching entry where uid is NULL but unityid and affiliationid match
    if (array_key_exists('numericid', $userData) && is_numeric($userData['numericid']) && !mysql_num_rows($qh)) {
        $updateuid = 1;
        $query = $qbase . "u.unityid = '{$esc_userid}' AND " . "u.affiliationid = {$affilid}";
        $qh = doQuery($query, 255);
    }
    // if get a row
    //    update db
    //    update results from select
    if ($user = mysql_fetch_assoc($qh)) {
        $user["unityid"] = $userid;
        $user["firstname"] = $userData['first'];
        $user["lastname"] = $userData["last"];
        $user["email"] = $userData["email"];
        $user["lastupdated"] = $now;
        $query = "UPDATE user " . "SET unityid = '{$esc_userid}', " . "firstname = '{$userData['first']}', " . "lastname = '{$userData['last']}', " . "email = '{$userData['email']}', ";
        if ($updateuid) {
            $query .= "uid = {$userData['numericid']}, ";
        }
        $query .= "lastupdated = '{$now}' ";
        if (array_key_exists('numericid', $userData) && is_numeric($userData['numericid']) && !$updateuid) {
            $query .= "WHERE uid = {$userData['numericid']}";
        } else {
            $query .= "WHERE unityid = '{$esc_userid}' AND " . "affiliationid = {$affilid}";
        }
        doQuery($query, 256, 'vcl', 1);
    } else {
        //    call addLDAPUser
        $id = addLDAPUser($authtype, $userid);
        $query = "SELECT u.unityid AS unityid, " . "u.affiliationid, " . "af.name AS affiliation, " . "u.firstname AS firstname, " . "u.lastname AS lastname, " . "u.preferredname AS preferredname, " . "u.email AS email, " . "i.name AS IMtype, " . "u.IMid AS IMid, " . "u.uid AS uid, " . "u.id AS id, " . "u.width AS width, " . "u.height AS height, " . "u.bpp AS bpp, " . "u.audiomode AS audiomode, " . "u.mapdrives AS mapdrives, " . "u.mapprinters AS mapprinters, " . "u.mapserial AS mapserial, " . "COALESCE(u.rdpport, 3389) AS rdpport, " . "u.showallgroups, " . "u.usepublickeys, " . "u.sshpublickeys, " . "u.lastupdated AS lastupdated " . "FROM user u, " . "IMtype i, " . "affiliation af " . "WHERE u.IMtypeid = i.id AND " . "u.affiliationid = af.id AND " . "u.id = {$id}";
        $qh = doQuery($query, 101);
        if (!($user = mysql_fetch_assoc($qh))) {
            return NULL;
        }
        $user['sshpublickeys'] = htmlspecialchars($user['sshpublickeys']);
    }
    // TODO handle generic updating of groups
    switch (getAffiliationName($affilid)) {
        case 'EXAMPLE1':
            updateEXAMPLE1Groups($user);
            break;
        default:
            //TODO possibly add to a default group
    }
    $user["groups"] = getUsersGroups($user["id"], 1);
    $user["groupperms"] = getUsersGroupPerms(array_keys($user['groups']));
    $user["privileges"] = getOverallUserPrivs($user["id"]);
    $user['login'] = $user['unityid'];
    return $user;
}
예제 #2
0
function ldapLogin($authtype, $userid, $passwd)
{
    global $HTMLheader, $printedHTMLheader, $authMechs, $phpVer;
    $esc_userid = mysql_real_escape_string($userid);
    if (!($fh = fsockopen($authMechs[$authtype]['server'], 636, $errno, $errstr, 5))) {
        printLoginPageWithSkin($authtype, 1);
        return;
    }
    fclose($fh);
    $ds = ldap_connect("ldaps://{$authMechs[$authtype]['server']}/");
    if (!$ds) {
        addLoginLog($userid, $authtype, $authMechs[$authtype]['affiliationid'], 0);
        print $HTMLheader;
        $printedHTMLheader = 1;
        selectAuth();
        return;
    }
    ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
    ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
    if (array_key_exists('lookupuserbeforeauth', $authMechs[$authtype]) && $authMechs[$authtype]['lookupuserbeforeauth'] && array_key_exists('lookupuserfield', $authMechs[$authtype])) {
        # in this case, we have to look up what part of the tree the user is in
        #   before we can actually look up the user
        $auth = $authMechs[$authtype];
        if (array_key_exists('masterlogin', $auth) && strlen($auth['masterlogin'])) {
            $res = ldap_bind($ds, $auth['masterlogin'], $auth['masterpwd']);
        } else {
            $res = ldap_bind($ds);
        }
        if (!$res) {
            addLoginLog($userid, $authtype, $auth['affiliationid'], 0);
            printLoginPageWithSkin($authtype);
            return;
        }
        $search = ldap_search($ds, $auth['binddn'], "{$auth['lookupuserfield']}={$userid}", array('dn'), 0, 3, 15);
        if ($search) {
            $tmpdata = ldap_get_entries($ds, $search);
            if (!$tmpdata['count'] || !array_key_exists('dn', $tmpdata[0])) {
                addLoginLog($userid, $authtype, $auth['affiliationid'], 0);
                printLoginPageWithSkin($authtype);
                return;
            }
            $ldapuser = $tmpdata[0]['dn'];
        } else {
            addLoginLog($userid, $authtype, $auth['affiliationid'], 0);
            printLoginPageWithSkin($authtype);
            return;
        }
    } else {
        $ldapuser = sprintf($authMechs[$authtype]['userid'], $userid);
    }
    $res = ldap_bind($ds, $ldapuser, $passwd);
    if (!$res) {
        // login failed
        $err = ldap_error($ds);
        if ($err == 'Invalid credentials') {
            addLoginLog($userid, $authtype, $authMechs[$authtype]['affiliationid'], 0, $err);
        } else {
            addLoginLog($userid, $authtype, $authMechs[$authtype]['affiliationid'], 0);
        }
        printLoginPageWithSkin($authtype);
        return;
    } else {
        addLoginLog($userid, $authtype, $authMechs[$authtype]['affiliationid'], 1);
        # used to rely on later code to update user info if update timestamp was expired
        // see if user in our db
        /*$query = "SELECT id "
        		       . "FROM user "
        		       . "WHERE unityid = '$esc_userid' AND "
        		       .       "affiliationid = {$authMechs[$authtype]['affiliationid']}";
        		$qh = doQuery($query, 101);
        		if(! mysql_num_rows($qh)) {
        			// if not, add user
        			$newid = updateLDAPUser($authtype, $userid);
        			if(is_null($newid))
        				abort(8);
        		}*/
        # now, we always update the user info
        $newid = updateLDAPUser($authtype, $userid);
        if (is_null($newid)) {
            abort(8);
        }
        // get cookie data
        $cookie = getAuthCookieData("{$userid}@" . getAffiliationName($authMechs[$authtype]['affiliationid']));
        // set cookie
        if (version_compare(PHP_VERSION, "5.2", ">=") == true) {
            setcookie("VCLAUTH", "{$cookie['data']}", 0, "/", COOKIEDOMAIN, 0, 1);
        } else {
            setcookie("VCLAUTH", "{$cookie['data']}", 0, "/", COOKIEDOMAIN, 0);
        }
        # set skin cookie based on affiliation
        $skin = getAffiliationTheme($authMechs[$authtype]['affiliationid']);
        $ucskin = strtoupper($skin);
        setcookie("VCLSKIN", "{$ucskin}", time() + SECINDAY * 31, "/", COOKIEDOMAIN);
        // redirect to main page
        header("Location: " . BASEURL . SCRIPT);
        dbDisconnect();
        exit;
    }
}
예제 #3
0
 function addConfigMapping($data, $maptypes)
 {
     $configdata = $this->_getData($data['configid']);
     if (is_null($configdata[$data['configid']]['configstageid'])) {
         $stageid = $data['stageid'];
     } else {
         $stageid = $configdata[$data['configid']]['configstageid'];
     }
     $query = "INSERT INTO configmap " . "(configid, " . "configmaptypeid, " . "subid, " . "affiliationid, " . "disabled, " . "configstageid) " . "VALUES " . "({$data['configid']}, " . "{$data['maptypeid']}, " . "{$data['subid']}, " . "{$data['affiliationid']}, " . "0, " . "{$stageid})";
     doQuery($query);
     $configmapid = dbLastInsertID();
     $id = $data['configid'];
     $configdata = $this->_getData($id);
     $stages = $this->getConfigMapStages();
     $item = array('id' => $configmapid, 'configid' => $id, 'configname' => $configdata[$id]['name'], 'description' => $configdata[$id]['description'], 'configtypeid' => $configdata[$id]['configtypeid'], 'configtype' => $configdata[$id]['configtype'], 'configmaptypeid' => $data['maptypeid'], 'configmaptype' => $maptypes[$data['maptypeid']], 'affiliationid' => $data['affiliationid'], 'mapto' => $data['mapto'], 'affiliation' => getAffiliationName($data['affiliationid']), 'disabled' => 0, 'stageid' => $data['stageid'], 'configstage' => $stages[$data['stageid']]);
     $ret = array('status' => 'success', 'item' => $item, 'action' => 'add');
     sendJSON($ret);
     return;
 }
예제 #4
0
function editOrAddGroup($state)
{
    global $submitErr, $user, $mode;
    $usergroups = getUserGroups();
    $type = getContinuationVar("type");
    if ($state) {
        $isowner = 1;
    } elseif ($type == 'resource') {
        $isowner = getContinuationVar('isowner');
    }
    if (!$state) {
        $groupid = getContinuationVar('groupid', processInputVar('groupid', ARG_NUMERIC));
        if ($type == 'user') {
            if (!array_key_exists($groupid, $usergroups)) {
                print "<h2>Edit User Group</h2>\n";
                print "The selected user group does not exist.\n";
                return;
            }
            $isowner = 0;
            if ($usergroups[$groupid]['ownerid'] != $user['id']) {
                if ($usergroups[$groupid]['custom'] == 0 || $usergroups[$groupid]['courseroll'] == 1) {
                    if (!checkUserHasPerm('Manage Federated User Groups (global)') && (!checkUserHasPerm('Manage Federated User Groups (affiliation only)') || $usergroups[$groupid]['groupaffiliationid'] != $user['affiliationid'])) {
                        print "<h2>Edit User Group</h2>\n";
                        print "You do not have access to modify the selected user group.\n";
                        return;
                    } else {
                        $isowner = 1;
                    }
                } elseif (!array_key_exists("editgroupid", $usergroups[$groupid]) || !array_key_exists($usergroups[$groupid]["editgroupid"], $user["groups"])) {
                    print "<h2>Edit User Group</h2>\n";
                    print "You do not have access to modify the selected user group.\n";
                    return;
                }
            } else {
                $isowner = 1;
            }
        } else {
            $userresources = getUserResources(array("groupAdmin"), array("manageGroup"), 1);
            $noaccess = 1;
            foreach (array_keys($userresources) as $rtype) {
                if (array_key_exists($groupid, $userresources[$rtype])) {
                    $noaccess = 0;
                    break;
                }
            }
            if ($noaccess) {
                print "<h2>Edit Resource Group</h2>\n";
                print "You do not have access to modify the selected resource group.\n";
                return;
            }
        }
    }
    $allcustomgroups = getUserGroups(1);
    if ($user['showallgroups']) {
        $affilusergroups = $allcustomgroups;
    } else {
        $affilusergroups = getUserGroups(1, $user['affiliationid']);
    }
    $defaultusergroupid = getUserGroupID('Default for Editable by', 1);
    if ($type == 'resource') {
        $dispUserGrpIDs = array();
        $dispUserGrpIDsAllAffils = array();
        foreach (array_keys($allcustomgroups) as $id) {
            # figure out if user is owner or in editor group
            $owner = 0;
            $editor = 0;
            if ($allcustomgroups[$id]["ownerid"] == $user["id"]) {
                $owner = 1;
            }
            if (array_key_exists("editgroupid", $allcustomgroups[$id]) && array_key_exists($allcustomgroups[$id]["editgroupid"], $user["groups"])) {
                $editor = 1;
            }
            if (!$owner && !$editor) {
                continue;
            }
            if ($user['showallgroups']) {
                $dispUserGrpIDs[$id] = $allcustomgroups[$id]['name'];
            } elseif (array_key_exists($id, $affilusergroups) && $allcustomgroups[$id]['groupaffiliation'] == $user['affiliation']) {
                $dispUserGrpIDs[$id] = $allcustomgroups[$id]['name'];
            }
            $dispUserGrpIDsAllAffils[$id] = $allcustomgroups[$id]['name'];
        }
    }
    $resourcegroups = getResourceGroups();
    $affils = getAffiliations();
    $resourcetypes = getTypes("resources");
    if ($submitErr) {
        $data = processGroupInput(0);
        if ($mode == "submitEditGroup") {
            $id = $data["groupid"];
            if ($data["type"] == "resource") {
                list($grouptype, $junk) = explode('/', $resourcegroups[$id]["name"]);
                $ownerid = $resourcegroups[$id]["ownerid"];
            }
        } else {
            if ($data["type"] == "resource") {
                if ($state) {
                    $grouptype = $resourcetypes['resources'][$data['resourcetypeid']];
                } else {
                    list($grouptype, $junk) = explode('/', $resourcegroups[$data['groupid']]["name"]);
                }
                $ownerid = $data["ownergroup"];
            } else {
                $selectAffil = getContinuationVar('selectAffil');
                if (empty($selectAffil) && $user['showallgroups']) {
                    $selectAffil = 1;
                }
            }
        }
    } else {
        $data["groupid"] = getContinuationVar("groupid");
        $data["type"] = getContinuationVar("type");
        $data["isowner"] = $isowner;
        if (!$state) {
            $id = $groupid;
            $data['groupid'] = $id;
        } else {
            $id = $data["groupid"];
        }
        if ($data["type"] == "user") {
            if ($state) {
                $data["name"] = '';
                $data["affiliationid"] = $user['affiliationid'];
                $data["owner"] = $user['unityid'];
                if (array_key_exists('VCLEDITGROUPID', $_COOKIE) && (array_key_exists($_COOKIE['VCLEDITGROUPID'], $affilusergroups) || $_COOKIE['VCLEDITGROUPID'] == $defaultusergroupid)) {
                    $data["editgroupid"] = $_COOKIE['VCLEDITGROUPID'];
                } else {
                    $data["editgroupid"] = $defaultusergroupid;
                }
                if (!array_key_exists($data['editgroupid'], $affilusergroups)) {
                    if ($user['showallgroups']) {
                        $affil = getAffiliationName(1);
                        $affilusergroups[$data['editgroupid']]['name'] = "Default for Editable by@{$affil}";
                    } else {
                        $affilusergroups[$data['editgroupid']]['name'] = 'Default for Editable by';
                    }
                }
                $data["initialmax"] = 240;
                $data["totalmax"] = 360;
                $data["maxextend"] = 30;
                $data["overlap"] = 0;
                $data["custom"] = 1;
                $data["courseroll"] = 0;
                $tmp = explode('@', $data['name']);
                $data['name'] = $tmp[0];
                if ($user['showallgroups']) {
                    $selectAffil = 1;
                } else {
                    $selectAffil = 0;
                }
            } else {
                $data["name"] = $usergroups[$id]["name"];
                $data["affiliationid"] = $usergroups[$id]["groupaffiliationid"];
                $data["owner"] = $usergroups[$id]["owner"];
                $data["editgroupid"] = $usergroups[$id]["editgroupid"];
                $data["initialmax"] = $usergroups[$id]["initialmaxtime"];
                $data["totalmax"] = $usergroups[$id]["totalmaxtime"];
                $data["maxextend"] = $usergroups[$id]["maxextendtime"];
                $data["overlap"] = $usergroups[$id]["overlapResCount"];
                $data["custom"] = $usergroups[$id]["custom"];
                $data["courseroll"] = $usergroups[$id]["courseroll"];
                $tmp = explode('@', $data['name']);
                $data['name'] = $tmp[0];
                if ($user['showallgroups'] || array_key_exists(1, $tmp) && $tmp[1] != $user['affiliation']) {
                    $selectAffil = 1;
                } else {
                    $selectAffil = 0;
                }
            }
        } else {
            unset($affilusergroups[$defaultusergroupid]);
            if ($state) {
                $grouptype = 'computer';
                $data['name'] = '';
                if (array_key_exists('VCLOWNERGROUPID', $_COOKIE) && array_key_exists($_COOKIE['VCLOWNERGROUPID'], $user['groups'])) {
                    $ownerid = $_COOKIE['VCLOWNERGROUPID'];
                } else {
                    $ownerid = "";
                    foreach (array_keys($user["groups"]) as $grpid) {
                        if (array_key_exists($grpid, $dispUserGrpIDs)) {
                            $ownerid = $grpid;
                            break;
                        }
                    }
                }
            } else {
                list($grouptype, $data["name"]) = explode('/', $resourcegroups[$id]["name"]);
                $ownerid = $resourcegroups[$id]["ownerid"];
            }
        }
    }
    if ($data['type'] == 'user' && !array_key_exists($defaultusergroupid, $affilusergroups)) {
        if ($user['showallgroups']) {
            $affil = getAffiliationName(1);
            $affilusergroups[$defaultusergroupid]['name'] = "Default for Editable by@{$affil}";
        } else {
            $affilusergroups[$defaultusergroupid]['name'] = 'Default for Editable by';
        }
        uasort($affilusergroups, "sortKeepIndex");
    }
    $editusergroup = 0;
    if ($data['type'] != 'user') {
        print "<FORM action=\"" . BASEURL . SCRIPT . "#resources\" method=post>\n";
    } else {
        print "<FORM action=\"" . BASEURL . SCRIPT . "\" method=post>\n";
    }
    print "<DIV align=center>\n";
    if ($state) {
        if ($data["type"] == "user") {
            print "<H2>Add User Group</H2>\n";
        } else {
            print "<H2>Add Resource Group</H2>\n";
        }
    } else {
        if ($data["type"] == "user") {
            print "<H2>Edit User Group</H2>\n";
            print "{$usergroups[$data['groupid']]['name']}<br><br>\n";
            if ($data['courseroll'] == 1) {
                print "Type: Course Roll<br><br>\n";
            } elseif ($data['custom'] == 0) {
                print "Type: Federated<br><br>\n";
            }
            $editusergroup = 1;
        } else {
            print "<H2>Edit Resource Group</H2>\n";
        }
    }
    if ($state && $data["type"] == "user" || $data["isowner"] || $data["type"] == "resource") {
        print "<TABLE>\n";
        if ($data["type"] == "resource") {
            print "  <TR>\n";
            print "    <TH align=right>Type:</TH>\n";
            print "    <TD>\n";
            if ($state && $submitErr) {
                $resourcetypeid = $data['resourcetypeid'];
            } else {
                $resourcetypeid = array_search($grouptype, $resourcetypes["resources"]);
            }
            if ($state) {
                printSelectInput("resourcetypeid", $resourcetypes["resources"], $resourcetypeid);
            } else {
                print "      {$grouptype}\n";
            }
            print "    </TD>\n";
            print "    <TD></TD>\n";
            print "  </TR>\n";
        }
        $editname = 1;
        if ($data['type'] == 'user' && $state == 0 && $usergroups[$groupid]['groupaffiliationid'] == 1) {
            $tmp = explode('@', $usergroups[$groupid]['name']);
            if ($tmp[0] == 'Specify End Time' || $tmp[0] == 'Allow No User Check' || $tmp[0] == 'Default for Editable by') {
                $editname = 0;
            }
        }
        if ($data['type'] == 'resource' || $editname && $data['courseroll'] == 0 && $data['custom'] == 1) {
            print "  <TR>\n";
            print "    <TH align=right>Name:</TH>\n";
            print "    <TD><INPUT type=text name=name value=\"{$data['name']}\" ";
            print "maxlength=30>";
            if ($data['type'] == 'user' && $selectAffil) {
                print "@";
                printSelectInput('affiliationid', $affils, $data['affiliationid']);
            }
            print "</TD>\n";
            print "    <TD>";
            printSubmitErr(GRPNAMEERR);
            print "</TD>\n";
            print "  </TR>\n";
        }
        if ($editname == 0) {
            print "<TR><TD colspan=2 align=\"center\">\n";
            print "(This is a system group whose name cannot be modified.)\n";
            print "</TD></TR>\n";
        }
        if ($data["type"] == "user") {
            if ($data['courseroll'] == 0 && $data['custom'] == 1) {
                print "  <TR>\n";
                print "    <TH align=right>Owner:</TH>\n";
                print "    <TD><INPUT type=text name=owner value=\"" . $data["owner"];
                print "\"></TD>\n";
                print "    <TD>";
                printSubmitErr(GRPOWNER);
                print "</TD>\n";
                print "  </TR>\n";
                print "  <TR>\n";
                print "    <TH align=right>Editable by:</TH>\n";
                print "    <TD valign=\"top\">\n";
                $groupwasnone = 0;
                if ($submitErr & EDITGROUPERR) {
                    if ($state == 0) {
                        $data['editgroupid'] = $usergroups[$data['groupid']]['editgroupid'];
                    } elseif (count($affilusergroups)) {
                        $tmp = array_keys($affilusergroups);
                        $data['editgroupid'] = $tmp[0];
                    }
                }
                $notice = '';
                if ($state == 0 && empty($usergroups[$data['groupid']]["editgroup"])) {
                    $affilusergroups = array_reverse($affilusergroups, TRUE);
                    $affilusergroups[0] = array('name' => 'None');
                    $affilusergroups = array_reverse($affilusergroups, TRUE);
                    $groupwasnone = 1;
                    $notice = "<strong>Note:</strong> You are the only person that can<br>" . "edit membership of this group. Select a<br>user group here " . "to allow members of that<br>group to edit membership of this one.";
                } elseif (!array_key_exists($data['editgroupid'], $affilusergroups) && $data['editgroupid'] != 0) {
                    $affilusergroups[$data['editgroupid']] = array('name' => getUserGroupName($data['editgroupid'], 1));
                    uasort($affilusergroups, "sortKeepIndex");
                }
                if ($state == 1 && $data['editgroupid'] == 0) {
                    print "None\n";
                } else {
                    printSelectInput("editgroupid", $affilusergroups, $data["editgroupid"]);
                }
                print "    </TD>\n";
                print "    <TD>";
                if ($submitErr & EDITGROUPERR) {
                    printSubmitErr(EDITGROUPERR);
                } else {
                    print $notice;
                }
                print "</TD>";
                print "  </TR>\n";
            } else {
                $groupwasnone = 1;
            }
            print "  <TR>\n";
            print "    <TH align=right>Initial Max Time:</TH>\n";
            print "    <TD>";
            $lengths = getReservationLengths(65535);
            if (!array_key_exists($data['initialmax'], $lengths)) {
                $data['initialmax'] = getReservationLengthCeiling($data['initialmax']);
            }
            printSelectInput("initialmax", $lengths, $data['initialmax']);
            print "    </TD>";
            print "    <TD>";
            printSubmitErr(INITIALMAXERR);
            print "</TD>\n";
            print "  </TR>\n";
            print "  <TR>\n";
            print "    <TH align=right>Total Max Time:</TH>\n";
            print "    <TD>";
            if (!array_key_exists($data['totalmax'], $lengths)) {
                $data['totalmax'] = getReservationLengthCeiling($data['totalmax']);
            }
            printSelectInput("totalmax", $lengths, $data['totalmax']);
            print "    </TD>\n";
            print "    <TD>";
            printSubmitErr(TOTALMAXERR);
            print "</TD>\n";
            print "  </TR>\n";
            print "  <TR>\n";
            print "    <TH align=right>Max Extend Time:</TH>\n";
            print "    <TD>";
            if (!array_key_exists($data['maxextend'], $lengths)) {
                $data['maxextend'] = getReservationLengthCeiling($data['maxextend']);
            }
            printSelectInput("maxextend", $lengths, $data['maxextend']);
            print "    </TD>\n";
            print "    <TD>";
            printSubmitErr(MAXEXTENDERR);
            print "</TD>\n";
            print "  </TR>\n";
            if (checkUserHasPerm('Set Overlapping Reservation Count')) {
                print "  <TR>\n";
                print "    <TH align=right>Max Overlapping Reservations:</TH>\n";
                print "    <TD><INPUT type=text name=overlap value=\"";
                print $data["overlap"] . "\" maxlength=4></TD>\n";
                print "    <TD>";
                printSubmitErr(MAXOVERLAPERR);
                print "</TD>\n";
                print "  </TR>\n";
            }
        } else {
            print "  <TR>\n";
            print "    <TH align=right>Owning User Group:</TH>\n";
            print "    <TD>\n";
            if ($submitErr & EDITGROUPERR) {
                $ownerid = $resourcegroups[$groupid]['ownerid'];
            }
            if ($state == 0 && $ownerid != '' && !array_key_exists($ownerid, $dispUserGrpIDs)) {
                $dispUserGrpIDs[$ownerid] = $usergroups[$ownerid]['name'];
                uasort($dispUserGrpIDs, "sortKeepIndex");
            }
            if (!empty($dispUserGrpIDs)) {
                printSelectInput("ownergroup", $dispUserGrpIDs, $ownerid);
            } else {
                printSelectInput("ownergroup", $dispUserGrpIDsAllAffils, $ownerid);
            }
            print "    </TD>\n";
            print "    <TD>\n";
            if ($submitErr & EDITGROUPERR) {
                printSubmitErr(EDITGROUPERR);
            }
            print "    </TD>\n";
            print "  </TR>\n";
        }
        print "</TABLE>\n";
        print "<TABLE>\n";
        print "  <TR valign=top>\n";
        print "    <TD>\n";
        if ($state) {
            $cdata = array('type' => $data['type']);
            if ($data['type'] == 'user') {
                $cdata['isowner'] = $data['isowner'];
                if ($data['editgroupid'] == 0) {
                    $cdata['editgroupid'] = 0;
                    $cdata['groupwasnone'] = 1;
                }
                $cdata['editgroupids'] = implode(',', array_keys($affilusergroups));
            } else {
                if (!empty($dispUserGrpIDs)) {
                    $cdata['ownergroupids'] = implode(',', array_keys($dispUserGrpIDs));
                } else {
                    $cdata['ownergroupids'] = implode(',', array_keys($dispUserGrpIDsAllAffils));
                }
            }
            $cont = addContinuationsEntry('submitAddGroup', $cdata);
            print "      <INPUT type=hidden name=continuation value=\"{$cont}\">\n";
            print "      <INPUT type=submit value=\"Add Group\">\n";
        } else {
            $cdata = array('type' => $data['type'], 'groupid' => $data['groupid'], 'isowner' => $data['isowner'], 'editname' => $editname);
            if ($data['type'] == 'resource') {
                $cdata['resourcetypeid'] = $resourcetypeid;
                if (!empty($dispUserGrpIDs)) {
                    $cdata['ownergroupids'] = implode(',', array_keys($dispUserGrpIDs));
                } else {
                    $cdata['ownergroupids'] = implode(',', array_keys($dispUserGrpIDsAllAffils));
                }
            } else {
                if ($data['courseroll'] == 1 || $data['custom'] == 0 || $editname == 0) {
                    $cdata['name'] = $data['name'];
                    $cdata['affiliationid'] = $data['affiliationid'];
                }
                $cdata['selectAffil'] = $selectAffil;
                $cdata['groupwasnone'] = $groupwasnone;
                $cdata['custom'] = $data['custom'];
                $cdata['courseroll'] = $data['courseroll'];
                $cdata['editgroupids'] = implode(',', array_keys($affilusergroups));
            }
            $cont = addContinuationsEntry('confirmEditGroup', $cdata);
            print "      <INPUT type=hidden name=continuation value=\"{$cont}\">\n";
            print "      <INPUT type=submit value=\"Confirm Changes\">\n";
        }
        print "      </FORM>\n";
        print "    </TD>\n";
        print "    <TD>\n";
        print "      <FORM action=\"" . BASEURL . SCRIPT . "\" method=post>\n";
        print "      <INPUT type=hidden name=mode value=viewGroups>\n";
        print "      <INPUT type=submit value=Cancel>\n";
        print "      </FORM>\n";
        print "    </TD>\n";
        print "  </TR>\n";
        print "</TABLE>\n";
    }
    if ($data["type"] != "user") {
        print "</DIV>\n";
        return;
    }
    if ($editusergroup) {
        $newuser = processInputVar("newuser", ARG_STRING);
        print "<H3>Group Membership</H3>\n";
        if ($mode == "addGroupUser" && !($submitErr & IDNAMEERR)) {
            print "<font color=\"#008000\">{$newuser} successfully added to group";
            print "</font><br><br>\n";
        }
        if ($mode == "deleteGroupUser") {
            print "<font color=\"#008000\">{$newuser} successfully deleted from ";
            print "group</font><br><br>\n";
        }
        $groupmembers = getUserGroupMembers($data["groupid"]);
        $edit = 1;
        if ($data['courseroll'] == 1 || $data['custom'] == 0) {
            $edit = 0;
        }
        if (empty($groupmembers) && !$edit) {
            print "(empty group)<br>\n";
        }
        print "<TABLE border=1>\n";
        if ($edit) {
            print "  <TR>\n";
            print "  <FORM action=\"" . BASEURL . SCRIPT . "\" method=post>\n";
            print "    <TD align=right><INPUT type=submit value=Add></TD>\n";
            print "    <TD><INPUT type=text name=newuser maxlength=80 size=40 ";
            if ($submitErr & IDNAMEERR) {
                print "value=\"{$newuser}\"></TD>\n";
            } else {
                print "></TD>\n";
            }
            if ($submitErr) {
                print "    <TD>\n";
                printSubmitErr(IDNAMEERR);
                print "    </TD>\n";
            }
            $cont = addContinuationsEntry('addGroupUser', $data);
            print "  <INPUT type=hidden name=continuation value=\"{$cont}\">\n";
            print "  </FORM>\n";
            print "  </TR>\n";
        }
        foreach ($groupmembers as $id => $login) {
            print "  <TR>\n";
            if ($edit) {
                print "    <TD>\n";
                print "      <FORM action=\"" . BASEURL . SCRIPT . "\" method=post>\n";
                print "      <INPUT type=submit value=Delete>\n";
                $data['userid'] = $id;
                $data['newuser'] = $login;
                $cont = addContinuationsEntry('deleteGroupUser', $data);
                print "      <INPUT type=hidden name=continuation value=\"{$cont}\">\n";
                print "      </FORM>\n";
                print "    </TD>\n";
            }
            print "    <TD>{$login}</TD>\n";
            print "  </TR>\n";
        }
        print "</TABLE>\n";
    }
    print "</DIV>\n";
}
예제 #5
0
function updateLDAPUser($authtype, $userid)
{
    global $authMechs;
    $userData = getLDAPUserData($authtype, $userid);
    if (is_null($userData)) {
        return NULL;
    }
    $affilid = $authMechs[$authtype]['affiliationid'];
    $now = unixToDatetime(time());
    // select desired data from db
    $query = "SELECT i.name AS IMtype, " . "u.IMid AS IMid, " . "u.affiliationid, " . "af.name AS affiliation, " . "af.shibonly, " . "u.emailnotices, " . "a.name AS adminlevel, " . "a.id AS adminlevelid, " . "u.preferredname AS preferredname, " . "u.uid AS uid, " . "u.id AS id, " . "u.width AS width, " . "u.height AS height, " . "u.bpp AS bpp, " . "u.audiomode AS audiomode, " . "u.mapdrives AS mapdrives, " . "u.mapprinters AS mapprinters, " . "u.mapserial AS mapserial, " . "u.showallgroups " . "FROM user u, " . "IMtype i, " . "adminlevel a, " . "affiliation af " . "WHERE u.IMtypeid = i.id AND " . "u.adminlevelid = a.id AND " . "af.id = {$affilid} AND ";
    if (array_key_exists('numericid', $userData) && is_numeric($userData['numericid'])) {
        $query .= "u.uid = " . $userData["numericid"];
    } else {
        $query .= "u.unityid = '{$userid}' AND " . "u.affiliationid = {$affilid}";
    }
    $qh = doQuery($query, 255);
    // if get a row
    //    update db
    //    update results from select
    if ($user = mysql_fetch_assoc($qh)) {
        $user["unityid"] = $userid;
        $user["firstname"] = $userData['first'];
        $user["lastname"] = $userData["last"];
        $user["email"] = $userData["email"];
        $user["lastupdated"] = $now;
        $query = "UPDATE user " . "SET unityid = '{$userid}', " . "firstname = '{$userData['first']}', " . "lastname = '{$userData['last']}', " . "email = '{$userData['email']}', " . "lastupdated = '{$now}' ";
        if (array_key_exists('numericid', $userData) && is_numeric($userData['numericid'])) {
            $query .= "WHERE uid = " . $userData["numericid"];
        } else {
            $query .= "WHERE unityid = '{$userid}' AND " . "affiliationid = {$affilid}";
        }
        doQuery($query, 256, 'vcl', 1);
    } else {
        //    call addLDAPUser
        $id = addLDAPUser($authtype, $userid);
        $query = "SELECT u.unityid AS unityid, " . "u.affiliationid, " . "af.name AS affiliation, " . "u.firstname AS firstname, " . "u.lastname AS lastname, " . "u.preferredname AS preferredname, " . "u.email AS email, " . "i.name AS IMtype, " . "u.IMid AS IMid, " . "u.uid AS uid, " . "u.id AS id, " . "a.name AS adminlevel, " . "a.id AS adminlevelid, " . "u.width AS width, " . "u.height AS height, " . "u.bpp AS bpp, " . "u.audiomode AS audiomode, " . "u.mapdrives AS mapdrives, " . "u.mapprinters AS mapprinters, " . "u.mapserial AS mapserial, " . "u.showallgroups, " . "u.lastupdated AS lastupdated " . "FROM user u, " . "IMtype i, " . "affiliation af, " . "adminlevel a " . "WHERE u.IMtypeid = i.id AND " . "u.adminlevelid = a.id AND " . "u.affiliationid = af.id AND " . "u.id = {$id}";
        $qh = doQuery($query, 101);
        if (!($user = mysql_fetch_assoc($qh))) {
            return NULL;
        }
    }
    // TODO handle generic updating of groups
    switch (getAffiliationName($affilid)) {
        case 'EXAMPLE1':
            updateEXAMPLE1Groups($user);
            break;
        default:
            //TODO possibly add to a default group
    }
    $user["groups"] = getUsersGroups($user["id"], 1);
    $user["privileges"] = getOverallUserPrivs($user["id"]);
    $user['login'] = $user['unityid'];
    return $user;
}
예제 #6
0
function ldapLogin($authtype, $userid, $passwd)
{
    global $HTMLheader, $printedHTMLheader, $authMechs, $phpVer;
    $ds = ldap_connect("ldaps://{$authMechs[$authtype]['server']}/");
    if (!$ds) {
        print $HTMLheader;
        $printedHTMLheader = 1;
        selectAuth();
        return;
    }
    ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
    ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
    /*if($authtype == 'EXAMPLE1 LDAP') {
    		# in this case, we have to look up what part of the tree the user is in
    		#   before we can actually look up the user
    		$auth = $authMechs[$authtype];
    		$res = ldap_bind($ds, $auth['masterlogin'],
    		                 $auth['masterpwd']);
    		if(! $res) {
    			printLoginPageWithSkin($authtype);
    			return;
    		}
    		$search = ldap_search($ds,
    		                      $auth['binddn'], 
    		                      "cn=$userid",
    		                      array('dn'), 0, 3, 15);
    		if($search) {
    			$tmpdata = ldap_get_entries($ds, $search);
    			if(! $tmpdata['count'] || ! array_key_exists('dn', $tmpdata[0])) {
    				printLoginPageWithSkin($authtype);
    				return;
    			}
    			$ldapuser = $tmpdata[0]['dn'];
    		}
    		else {
    			printLoginPageWithSkin($authtype);
    			return;
    		}
    	}
    	elseif($authtype == 'EXAMPLE2 LDAP') {
    		# this is similar to EXAMPLE1, but here we do an anonymous bind
    		$auth = $authMechs[$authtype];
    		$res = ldap_bind($ds);
    		if(! $res) {
    			printLoginPageWithSkin($authtype);
    			return;
    		}
    		$search = ldap_search($ds,
    		                      $auth['binddn'], 
    		                      "uid=$userid",
    		                      array('dn'), 0, 3, 15);
    		if($search) {
    			$tmpdata = ldap_get_entries($ds, $search);
    			if(! $tmpdata['count'] || ! array_key_exists('dn', $tmpdata[0])) {
    				printLoginPageWithSkin($authtype);
    				return;
    			}
    			$ldapuser = $tmpdata[0]['dn'];
    		}
    		else {
    			printLoginPageWithSkin($authtype);
    			return;
    		}
    	}
    	else*/
    $ldapuser = sprintf($authMechs[$authtype]['userid'], $userid);
    $res = ldap_bind($ds, $ldapuser, $passwd);
    if (!$res) {
        // login failed
        printLoginPageWithSkin($authtype);
        return;
    } else {
        // see if user in our db
        $query = "SELECT id " . "FROM user " . "WHERE unityid = '{$userid}' AND " . "affiliationid = {$authMechs[$authtype]['affiliationid']}";
        $qh = doQuery($query, 101);
        if (!mysql_num_rows($qh)) {
            // if not, add user
            $newid = updateLDAPUser($authtype, $userid);
            if (is_null($newid)) {
                abort(8);
            }
        }
        // get cookie data
        $cookie = getAuthCookieData("{$userid}@" . getAffiliationName($authMechs[$authtype]['affiliationid']));
        // set cookie
        if (version_compare(PHP_VERSION, "5.2", ">=") == true) {
            setcookie("VCLAUTH", "{$cookie['data']}", 0, "/", COOKIEDOMAIN, 0, 1);
        } else {
            setcookie("VCLAUTH", "{$cookie['data']}", 0, "/", COOKIEDOMAIN, 0);
        }
        # set skin cookie based on affiliation
        /*if(getAffiliationName($authMechs[$authtype]['affiliationid']) == 'EXAMPLE1')
        			setcookie("VCLSKIN", "EXAMPLE1", (time() + (SECINDAY * 31)), "/", COOKIEDOMAIN);
        		elseif(getAffiliationName($authMechs[$authtype]['affiliationid']) == 'EXAMPLE2')
        			setcookie("VCLSKIN", "EXAMPLE2", (time() + (SECINDAY * 31)), "/", COOKIEDOMAIN);
        		else*/
        setcookie("VCLSKIN", "DEFAULT", time() + SECINDAY * 31, "/", COOKIEDOMAIN);
        // redirect to main page
        header("Location: " . BASEURL . SCRIPT);
        dbDisconnect();
        exit;
    }
}
예제 #7
0
function userLookup()
{
    global $user;
    $userid = processInputVar("userid", ARG_STRING);
    if (get_magic_quotes_gpc()) {
        $userid = stripslashes($userid);
    }
    $affilid = processInputVar('affiliationid', ARG_NUMERIC, $user['affiliationid']);
    $force = processInputVar('force', ARG_NUMERIC, 0);
    print "<div align=center>\n";
    print "<H2>User Lookup</H2>\n";
    print "<FORM action=\"" . BASEURL . SCRIPT . "\" method=post>\n";
    print "<TABLE>\n";
    print "  <TR>\n";
    print "    <TH>Name (last, first) or User ID:</TH>\n";
    print "    <TD><INPUT type=text name=userid value=\"{$userid}\" size=25></TD>\n";
    if (checkUserHasPerm('User Lookup (global)')) {
        $affils = getAffiliations();
        print "    <TD>\n";
        print "@";
        printSelectInput("affiliationid", $affils, $affilid);
        print "    </TD>\n";
    }
    print "  </TR>\n";
    print "  <TR>\n";
    print "    <TD colspan=2>\n";
    print "      <input type=checkbox id=force name=force value=1>\n";
    print "      <label for=force>Attempt forcing an update from LDAP (User ID only)</label>\n";
    print "    </TD>\n";
    print "  </TR>\n";
    print "  <TR>\n";
    print "    <TD colspan=3 align=center><INPUT type=submit value=Submit>\n";
    print "  </TR>\n";
    print "</TABLE>\n";
    $cont = addContinuationsEntry('submitUserLookup');
    print "<INPUT type=hidden name=continuation value=\"{$cont}\">\n";
    print "</FORM><br>\n";
    if (!empty($userid)) {
        $esc_userid = mysql_real_escape_string($userid);
        if (preg_match('/,/', $userid)) {
            $mode = 'name';
            $force = 0;
        } else {
            $mode = 'userid';
        }
        if (!checkUserHasPerm('User Lookup (global)') && $user['affiliationid'] != $affilid) {
            print "<font color=red>{$userid} not found</font><br>\n";
            return;
        }
        if ($mode == 'userid') {
            $query = "SELECT id " . "FROM user " . "WHERE unityid = '{$esc_userid}' AND " . "affiliationid = {$affilid}";
            $affilname = getAffiliationName($affilid);
            $userid = "{$userid}@{$affilname}";
            $esc_userid = "{$esc_userid}@{$affilname}";
        } else {
            $tmp = explode(',', $userid);
            $last = mysql_real_escape_string(trim($tmp[0]));
            $first = mysql_real_escape_string(trim($tmp[1]));
            $query = "SELECT CONCAT(u.unityid, '@', a.name) AS unityid " . "FROM user u, " . "affiliation a " . "WHERE u.firstname = '{$first}' AND " . "u.lastname = '{$last}' AND " . "u.affiliationid = {$affilid} AND " . "a.id = {$affilid}";
        }
        $qh = doQuery($query, 101);
        if (!mysql_num_rows($qh)) {
            if ($mode == 'name') {
                print "<font color=red>User not found</font><br>\n";
                return;
            } else {
                print "<font color=red>{$userid} not currently found in VCL user database, will try to add...</font><br>\n";
            }
        } elseif ($force) {
            $_SESSION['userresources'] = array();
            $row = mysql_fetch_assoc($qh);
            $newtime = unixToDatetime(time() - SECINDAY - 5);
            $query = "UPDATE user SET lastupdated = '{$newtime}' WHERE id = {$row['id']}";
            doQuery($query, 101);
        } elseif ($mode == 'name') {
            $row = mysql_fetch_assoc($qh);
            $userid = $row['unityid'];
            $esc_userid = $row['unityid'];
        }
        $userdata = getUserInfo($esc_userid);
        if (is_null($userdata)) {
            $userdata = getUserInfo($esc_userid, 1);
            if (is_null($userdata)) {
                print "<font color=red>{$userid} not found</font><br>\n";
                return;
            }
        }
        $userdata["groups"] = getUsersGroups($userdata["id"], 1, 1);
        print "<TABLE>\n";
        if (!empty($userdata['unityid'])) {
            print "  <TR>\n";
            print "    <TH align=right>User ID:</TH>\n";
            print "    <TD>{$userdata["unityid"]}</TD>\n";
            print "  </TR>\n";
        }
        if (!empty($userdata['firstname'])) {
            print "  <TR>\n";
            print "    <TH align=right>First Name:</TH>\n";
            print "    <TD>{$userdata["firstname"]}</TD>\n";
            print "  </TR>\n";
        }
        if (!empty($userdata['lastname'])) {
            print "  <TR>\n";
            print "    <TH align=right>Last Name:</TH>\n";
            print "    <TD>{$userdata["lastname"]}</TD>\n";
            print "  </TR>\n";
        }
        if (!empty($userdata['preferredname'])) {
            print "  <TR>\n";
            print "    <TH align=right>Preferred Name:</TH>\n";
            print "    <TD>{$userdata["preferredname"]}</TD>\n";
            print "  </TR>\n";
        }
        if (!empty($userdata['affiliation'])) {
            print "  <TR>\n";
            print "    <TH align=right>Affiliation:</TH>\n";
            print "    <TD>{$userdata["affiliation"]}</TD>\n";
            print "  </TR>\n";
        }
        if (!empty($userdata['email'])) {
            print "  <TR>\n";
            print "    <TH align=right>Email:</TH>\n";
            print "    <TD>{$userdata["email"]}</TD>\n";
            print "  </TR>\n";
        }
        print "  <TR>\n";
        print "    <TH align=right style=\"vertical-align: top\">Groups:</TH>\n";
        print "    <TD>\n";
        uasort($userdata["groups"], "sortKeepIndex");
        foreach ($userdata["groups"] as $group) {
            print "      {$group}<br>\n";
        }
        print "    </TD>\n";
        print "  </TR>\n";
        print "  <TR>\n";
        print "    <TH align=right style=\"vertical-align: top\">User Group Permissions:</TH>\n";
        print "    <TD>\n";
        if (count($userdata['groupperms'])) {
            foreach ($userdata['groupperms'] as $perm) {
                print "      {$perm}<br>\n";
            }
        } else {
            print "      No additional user group permissions\n";
        }
        print "    </TD>\n";
        print "  </TR>\n";
        print "  <TR>\n";
        print "    <TH align=right style=\"vertical-align: top\">Privileges (found somewhere in the tree):</TH>\n";
        print "    <TD>\n";
        uasort($userdata["privileges"], "sortKeepIndex");
        foreach ($userdata["privileges"] as $priv) {
            if ($priv == "block" || $priv == "cascade") {
                continue;
            }
            print "      {$priv}<br>\n";
        }
        print "    </TD>\n";
        print "  </TR>\n";
        print "</TABLE>\n";
        # get user's resources
        $userResources = getUserResources(array("imageCheckOut"), array("available"), 0, 0, $userdata['id']);
        # find nodes where user has privileges
        $query = "SELECT p.name AS privnode, " . "upt.name AS userprivtype, " . "up.privnodeid " . "FROM userpriv up, " . "privnode p, " . "userprivtype upt " . "WHERE up.privnodeid = p.id AND " . "up.userprivtypeid = upt.id AND " . "up.userid = {$userdata['id']} " . "ORDER BY p.name, " . "upt.name";
        $qh = doQuery($query, 101);
        if (mysql_num_rows($qh)) {
            print "Nodes where user is granted privileges:<br>\n";
            print "<TABLE>\n";
            $privnodeid = 0;
            while ($row = mysql_fetch_assoc($qh)) {
                if ($privnodeid != $row['privnodeid']) {
                    if ($privnodeid) {
                        print "    </TD>\n";
                        print "  </TR>\n";
                    }
                    print "  <TR>\n";
                    $privnodeid = $row['privnodeid'];
                    $path = getNodePath($privnodeid);
                    print "    <TH align=right>{$path}</TH>\n";
                    print "    <TD>\n";
                }
                print "      {$row['userprivtype']}<br>\n";
            }
            print "    </TD>\n";
            print "  </TR>\n";
            print "</TABLE>\n";
        }
        # find nodes where user's groups have privileges
        if (!empty($userdata['groups'])) {
            $query = "SELECT DISTINCT p.name AS privnode, " . "upt.name AS userprivtype, " . "up.privnodeid " . "FROM userpriv up, " . "privnode p, " . "userprivtype upt " . "WHERE up.privnodeid = p.id AND " . "up.userprivtypeid = upt.id AND " . "upt.name != 'cascade' AND " . "upt.name != 'block' AND " . "up.usergroupid IN (" . implode(',', array_keys($userdata['groups'])) . ") " . "ORDER BY p.name, " . "upt.name";
            $qh = doQuery($query, 101);
            if (mysql_num_rows($qh)) {
                print "Nodes where user's groups are granted privileges:<br>\n";
                print "<TABLE>\n";
                $privnodeid = 0;
                while ($row = mysql_fetch_assoc($qh)) {
                    if ($privnodeid != $row['privnodeid']) {
                        if ($privnodeid) {
                            print "    </TD>\n";
                            print "  </TR>\n";
                        }
                        print "  <TR>\n";
                        $privnodeid = $row['privnodeid'];
                        $path = getNodePath($privnodeid);
                        print "    <TH align=right>{$path}</TH>\n";
                        print "    <TD>\n";
                    }
                    print "      {$row['userprivtype']}<br>\n";
                }
                print "    </TD>\n";
                print "  </TR>\n";
                print "</TABLE>\n";
            }
        }
        print "<table>\n";
        print "  <tr>\n";
        print "    <th>Images User Has Access To:<th>\n";
        print "    <td>\n";
        foreach ($userResources['image'] as $img) {
            print "      {$img}<br>\n";
        }
        print "    </td>\n";
        print "  </tr>\n";
        print "</table>\n";
        # login history
        $query = "SELECT authmech, " . "timestamp, " . "passfail, " . "remoteIP, " . "code " . "FROM loginlog " . "WHERE (user = '******'unityid']}' OR " . "user = '******'unityid']}@{$userdata['affiliation']}') AND " . "affiliationid = {$userdata['affiliationid']} " . "ORDER BY timestamp DESC " . "LIMIT 8";
        $logins = array();
        $qh = doQuery($query);
        while ($row = mysql_fetch_assoc($qh)) {
            $logins[] = $row;
        }
        if (count($logins)) {
            $logins = array_reverse($logins);
            print "<h3>Login History (last 8 attempts)</h3>\n";
            print "<table summary=\"login attempts\">\n";
            print "<colgroup>\n";
            print "<col class=\"logincol\" />\n";
            print "<col class=\"logincol\" />\n";
            print "<col class=\"logincol\" />\n";
            print "<col class=\"logincol\" />\n";
            print "<col />\n";
            print "</colgroup>\n";
            print "  <tr>\n";
            print "    <th>Authentication Method</th>\n";
            print "    <th>Timestamp</th>\n";
            print "    <th>Result</th>\n";
            print "    <th>Remote IP</th>\n";
            print "    <th>Extra Info</th>\n";
            print "  </tr>\n";
            foreach ($logins as $login) {
                print "  <tr>\n";
                print "    <td class=\"logincell\">{$login['authmech']}</td>\n";
                $ts = prettyDatetime($login['timestamp'], 1);
                print "    <td class=\"logincell\">{$ts}</td>\n";
                if ($login['passfail']) {
                    print "    <td class=\"logincell\"><font color=\"#008000\">Pass</font></td>\n";
                } else {
                    print "    <td class=\"logincell\"><font color=\"red\">Fail</font></td>\n";
                }
                print "    <td class=\"logincell\">{$login['remoteIP']}</td>\n";
                print "    <td class=\"logincell\">{$login['code']}</td>\n";
                print "  </tr>\n";
            }
            print "</table>\n";
        } else {
            print "<h3>Login History</h3>\n";
            print "There are no login attempts by this user.<br>\n";
        }
        # reservation history
        $requests = array();
        $query = "SELECT DATE_FORMAT(l.start, '%W, %b %D, %Y, %h:%i %p') AS start, " . "DATE_FORMAT(l.finalend, '%W, %b %D, %Y, %h:%i %p') AS end, " . "c.hostname, " . "i.prettyname AS prettyimage, " . "s.IPaddress, " . "l.ending " . "FROM log l, " . "image i, " . "computer c, " . "sublog s " . "WHERE l.userid = {$userdata['id']} AND " . "s.logid = l.id AND " . "i.id = s.imageid AND " . "c.id = s.computerid " . "ORDER BY l.start DESC " . "LIMIT 5";
        $qh = doQuery($query, 290);
        while ($row = mysql_fetch_assoc($qh)) {
            array_push($requests, $row);
        }
        $requests = array_reverse($requests);
        if (!empty($requests)) {
            print "<h3>User's last " . count($requests) . " reservations:</h3>\n";
            print "<table>\n";
            $first = 1;
            foreach ($requests as $req) {
                if ($first) {
                    $first = 0;
                } else {
                    print "  <tr>\n";
                    print "    <td colspan=2><hr></td>\n";
                    print "  </tr>\n";
                }
                print "  <tr>\n";
                print "    <th align=right>Image:</th>\n";
                print "    <td>{$req['prettyimage']}</td>\n";
                print "  </tr>\n";
                print "  <tr>\n";
                print "    <th align=right>Computer:</th>\n";
                print "    <td>{$req['hostname']}</td>\n";
                print "  </tr>\n";
                print "  <tr>\n";
                print "    <th align=right>Start:</th>\n";
                print "    <td>{$req['start']}</td>\n";
                print "  </tr>\n";
                print "  <tr>\n";
                print "    <th align=right>End:</th>\n";
                print "    <td>{$req['end']}</td>\n";
                print "  </tr>\n";
                if ($req['IPaddress'] != '') {
                    print "  <tr>\n";
                    print "    <th align=right>IP Address:</th>\n";
                    print "    <td>{$req['IPaddress']}</td>\n";
                    print "  </tr>\n";
                }
                print "  <tr>\n";
                print "    <th align=right>Ending:</th>\n";
                print "    <td>{$req['ending']}</td>\n";
                print "  </tr>\n";
            }
            print "</table>\n";
        } else {
            print "User made no reservations in the past week.<br>\n";
        }
        # current reservations
        $requests = array();
        $query = "SELECT DATE_FORMAT(rq.start, '%W, %b %D, %Y, %h:%i %p') AS start, " . "DATE_FORMAT(rq.end, '%W, %b %D, %Y, %h:%i %p') AS end, " . "rq.id AS requestid, " . "MIN(rs.id) AS reservationid, " . "c.hostname AS computer, " . "i.prettyname AS prettyimage, " . "c.IPaddress AS compIP, " . "rs.remoteIP AS userIP, " . "ch.hostname AS vmhost, " . "mn.hostname AS managementnode, " . "srq.name AS servername, " . "aug.name AS admingroup, " . "lug.name AS logingroup, " . "s1.name AS state, " . "s2.name AS laststate " . "FROM image i, " . "managementnode mn, " . "request rq " . "LEFT JOIN reservation rs ON (rs.requestid = rq.id) " . "LEFT JOIN computer c ON (rs.computerid = c.id) " . "LEFT JOIN vmhost vh ON (c.vmhostid = vh.id) " . "LEFT JOIN computer ch ON (vh.computerid = ch.id) " . "LEFT JOIN serverrequest srq ON (srq.requestid = rq.id) " . "LEFT JOIN usergroup aug ON (aug.id = srq.admingroupid) " . "LEFT JOIN usergroup lug ON (lug.id = srq.logingroupid) " . "LEFT JOIN state s1 ON (s1.id = rq.stateid) " . "LEFT JOIN state s2 ON (s2.id = rq.laststateid) " . "WHERE rq.userid = {$userdata['id']} AND " . "i.id = rs.imageid AND " . "mn.id = rs.managementnodeid " . "GROUP BY rq.id " . "ORDER BY rq.start";
        $qh = doQuery($query, 290);
        while ($row = mysql_fetch_assoc($qh)) {
            array_push($requests, $row);
        }
        $requests = array_reverse($requests);
        if (!empty($requests)) {
            print "<h3>User's current reservations:</h3>\n";
            print "<table>\n";
            $first = 1;
            foreach ($requests as $req) {
                if ($first) {
                    $first = 0;
                } else {
                    print "  <tr>\n";
                    print "    <td colspan=2><hr></td>\n";
                    print "  </tr>\n";
                }
                print "  <tr>\n";
                print "    <th align=right>Request ID:</th>\n";
                print "    <td>{$req['requestid']}</td>\n";
                print "  </tr>\n";
                if ($req['servername'] != '') {
                    print "  <tr>\n";
                    print "    <th align=right>Reservation Name:</th>\n";
                    print "    <td>{$req['servername']}</td>\n";
                    print "  </tr>\n";
                }
                print "  <tr>\n";
                print "    <th align=right>Image:</th>\n";
                print "    <td>{$req['prettyimage']}</td>\n";
                print "  </tr>\n";
                print "  <tr>\n";
                print "    <th align=right>State:</th>\n";
                if ($req['state'] == 'pending') {
                    print "    <td>{$req['laststate']}</td>\n";
                } else {
                    print "    <td>{$req['state']}</td>\n";
                }
                print "  </tr>\n";
                print "  <tr>\n";
                print "    <th align=right>Computer:</th>\n";
                print "    <td>{$req['computer']}</td>\n";
                print "  </tr>\n";
                if (!empty($req['vmhost'])) {
                    print "  <tr>\n";
                    print "    <th align=right>VM Host:</th>\n";
                    print "    <td>{$req['vmhost']}</td>\n";
                    print "  </tr>\n";
                }
                print "  <tr>\n";
                print "    <th align=right>Start:</th>\n";
                print "    <td>{$req['start']}</td>\n";
                print "  </tr>\n";
                print "  <tr>\n";
                print "    <th align=right>End:</th>\n";
                if ($req['end'] == 'Friday, Jan 1st, 2038, 12:00 AM') {
                    print "    <td>(indefinite)</td>\n";
                } else {
                    print "    <td>{$req['end']}</td>\n";
                }
                print "  </tr>\n";
                if ($req['compIP'] != '') {
                    print "  <tr>\n";
                    print "    <th align=right>Node's IP Address:</th>\n";
                    print "    <td>{$req['compIP']}</td>\n";
                    print "  </tr>\n";
                }
                if ($req['userIP'] != '') {
                    print "  <tr>\n";
                    print "    <th align=right>User's IP Address:</th>\n";
                    print "    <td>{$req['userIP']}</td>\n";
                    print "  </tr>\n";
                }
                if ($req['admingroup'] != '') {
                    print "  <tr>\n";
                    print "    <th align=right>Admin Group:</th>\n";
                    print "    <td>{$req['admingroup']}</td>\n";
                    print "  </tr>\n";
                }
                if ($req['logingroup'] != '') {
                    print "  <tr>\n";
                    print "    <th align=right>Access Group:</th>\n";
                    print "    <td>{$req['logingroup']}</td>\n";
                    print "  </tr>\n";
                }
                print "  <tr>\n";
                print "    <th align=right>Management Node:</th>\n";
                print "    <td>{$req['managementnode']}</td>\n";
                print "  </tr>\n";
            }
            print "</table>\n";
        } else {
            print "User does not have any current reservations.<br>\n";
        }
    }
    print "</div>\n";
}