function updateLDAPUser($authtype, $userid)
{
global $authMechs;
$esc_userid = mysql_real_escape_string($userid);
$userData = getLDAPUserData($authtype, $userid);
if (is_null($userData)) {
return NULL;
}
$affilid = $authMechs[$authtype]['affiliationid'];
$now = unixToDatetime(time());
// select desired data from db
$qbase = "SELECT i.name AS IMtype, " . "u.IMid AS IMid, " . "u.affiliationid, " . "af.name AS affiliation, " . "af.shibonly, " . "u.emailnotices, " . "u.preferredname AS preferredname, " . "u.uid AS uid, " . "u.id AS id, " . "u.width AS width, " . "u.height AS height, " . "u.bpp AS bpp, " . "u.audiomode AS audiomode, " . "u.mapdrives AS mapdrives, " . "u.mapprinters AS mapprinters, " . "u.mapserial AS mapserial, " . "COALESCE(u.rdpport, 3389) AS rdpport, " . "u.showallgroups " . "FROM user u, " . "IMtype i, " . "affiliation af " . "WHERE u.IMtypeid = i.id AND " . "af.id = {$affilid} AND ";
if (array_key_exists('numericid', $userData) && is_numeric($userData['numericid'])) {
$query = $qbase . "u.uid = {$userData['numericid']}";
} else {
$query = $qbase . "u.unityid = '{$esc_userid}' AND " . "u.affiliationid = {$affilid}";
}
$qh = doQuery($query, 255);
$updateuid = 0;
# check to see if there is a matching entry where uid is NULL but unityid and affiliationid match
if (array_key_exists('numericid', $userData) && is_numeric($userData['numericid']) && !mysql_num_rows($qh)) {
$updateuid = 1;
$query = $qbase . "u.unityid = '{$esc_userid}' AND " . "u.affiliationid = {$affilid}";
$qh = doQuery($query, 255);
}
// if get a row
// update db
// update results from select
if ($user = mysql_fetch_assoc($qh)) {
$user["unityid"] = $userid;
$user["firstname"] = $userData['first'];
$user["lastname"] = $userData["last"];
$user["email"] = $userData["email"];
$user["lastupdated"] = $now;
$query = "UPDATE user " . "SET unityid = '{$esc_userid}', " . "firstname = '{$userData['first']}', " . "lastname = '{$userData['last']}', " . "email = '{$userData['email']}', ";
if ($updateuid) {
$query .= "uid = {$userData['numericid']}, ";
}
$query .= "lastupdated = '{$now}' ";
if (array_key_exists('numericid', $userData) && is_numeric($userData['numericid']) && !$updateuid) {
$query .= "WHERE uid = {$userData['numericid']}";
} else {
$query .= "WHERE unityid = '{$esc_userid}' AND " . "affiliationid = {$affilid}";
}
doQuery($query, 256, 'vcl', 1);
} else {
// call addLDAPUser
$id = addLDAPUser($authtype, $userid);
$query = "SELECT u.unityid AS unityid, " . "u.affiliationid, " . "af.name AS affiliation, " . "u.firstname AS firstname, " . "u.lastname AS lastname, " . "u.preferredname AS preferredname, " . "u.email AS email, " . "i.name AS IMtype, " . "u.IMid AS IMid, " . "u.uid AS uid, " . "u.id AS id, " . "u.width AS width, " . "u.height AS height, " . "u.bpp AS bpp, " . "u.audiomode AS audiomode, " . "u.mapdrives AS mapdrives, " . "u.mapprinters AS mapprinters, " . "u.mapserial AS mapserial, " . "COALESCE(u.rdpport, 3389) AS rdpport, " . "u.showallgroups, " . "u.usepublickeys, " . "u.sshpublickeys, " . "u.lastupdated AS lastupdated " . "FROM user u, " . "IMtype i, " . "affiliation af " . "WHERE u.IMtypeid = i.id AND " . "u.affiliationid = af.id AND " . "u.id = {$id}";
$qh = doQuery($query, 101);
if (!($user = mysql_fetch_assoc($qh))) {
return NULL;
}
$user['sshpublickeys'] = htmlspecialchars($user['sshpublickeys']);
}
// TODO handle generic updating of groups
switch (getAffiliationName($affilid)) {
case 'EXAMPLE1':
updateEXAMPLE1Groups($user);
break;
default:
//TODO possibly add to a default group
}
$user["groups"] = getUsersGroups($user["id"], 1);
$user["groupperms"] = getUsersGroupPerms(array_keys($user['groups']));
$user["privileges"] = getOverallUserPrivs($user["id"]);
$user['login'] = $user['unityid'];
return $user;
}
function ldapLogin($authtype, $userid, $passwd)
{
global $HTMLheader, $printedHTMLheader, $authMechs, $phpVer;
$esc_userid = mysql_real_escape_string($userid);
if (!($fh = fsockopen($authMechs[$authtype]['server'], 636, $errno, $errstr, 5))) {
printLoginPageWithSkin($authtype, 1);
return;
}
fclose($fh);
$ds = ldap_connect("ldaps://{$authMechs[$authtype]['server']}/");
if (!$ds) {
addLoginLog($userid, $authtype, $authMechs[$authtype]['affiliationid'], 0);
print $HTMLheader;
$printedHTMLheader = 1;
selectAuth();
return;
}
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
if (array_key_exists('lookupuserbeforeauth', $authMechs[$authtype]) && $authMechs[$authtype]['lookupuserbeforeauth'] && array_key_exists('lookupuserfield', $authMechs[$authtype])) {
# in this case, we have to look up what part of the tree the user is in
# before we can actually look up the user
$auth = $authMechs[$authtype];
if (array_key_exists('masterlogin', $auth) && strlen($auth['masterlogin'])) {
$res = ldap_bind($ds, $auth['masterlogin'], $auth['masterpwd']);
} else {
$res = ldap_bind($ds);
}
if (!$res) {
addLoginLog($userid, $authtype, $auth['affiliationid'], 0);
printLoginPageWithSkin($authtype);
return;
}
$search = ldap_search($ds, $auth['binddn'], "{$auth['lookupuserfield']}={$userid}", array('dn'), 0, 3, 15);
if ($search) {
$tmpdata = ldap_get_entries($ds, $search);
if (!$tmpdata['count'] || !array_key_exists('dn', $tmpdata[0])) {
addLoginLog($userid, $authtype, $auth['affiliationid'], 0);
printLoginPageWithSkin($authtype);
return;
}
$ldapuser = $tmpdata[0]['dn'];
} else {
addLoginLog($userid, $authtype, $auth['affiliationid'], 0);
printLoginPageWithSkin($authtype);
return;
}
} else {
$ldapuser = sprintf($authMechs[$authtype]['userid'], $userid);
}
$res = ldap_bind($ds, $ldapuser, $passwd);
if (!$res) {
// login failed
$err = ldap_error($ds);
if ($err == 'Invalid credentials') {
addLoginLog($userid, $authtype, $authMechs[$authtype]['affiliationid'], 0, $err);
} else {
addLoginLog($userid, $authtype, $authMechs[$authtype]['affiliationid'], 0);
}
printLoginPageWithSkin($authtype);
return;
} else {
addLoginLog($userid, $authtype, $authMechs[$authtype]['affiliationid'], 1);
# used to rely on later code to update user info if update timestamp was expired
// see if user in our db
/*$query = "SELECT id "
. "FROM user "
. "WHERE unityid = '$esc_userid' AND "
. "affiliationid = {$authMechs[$authtype]['affiliationid']}";
$qh = doQuery($query, 101);
if(! mysql_num_rows($qh)) {
// if not, add user
$newid = updateLDAPUser($authtype, $userid);
if(is_null($newid))
abort(8);
}*/
# now, we always update the user info
$newid = updateLDAPUser($authtype, $userid);
if (is_null($newid)) {
abort(8);
}
// get cookie data
$cookie = getAuthCookieData("{$userid}@" . getAffiliationName($authMechs[$authtype]['affiliationid']));
// set cookie
if (version_compare(PHP_VERSION, "5.2", ">=") == true) {
setcookie("VCLAUTH", "{$cookie['data']}", 0, "/", COOKIEDOMAIN, 0, 1);
} else {
setcookie("VCLAUTH", "{$cookie['data']}", 0, "/", COOKIEDOMAIN, 0);
}
# set skin cookie based on affiliation
$skin = getAffiliationTheme($authMechs[$authtype]['affiliationid']);
$ucskin = strtoupper($skin);
setcookie("VCLSKIN", "{$ucskin}", time() + SECINDAY * 31, "/", COOKIEDOMAIN);
// redirect to main page
header("Location: " . BASEURL . SCRIPT);
dbDisconnect();
exit;
}
}
function addConfigMapping($data, $maptypes)
{
$configdata = $this->_getData($data['configid']);
if (is_null($configdata[$data['configid']]['configstageid'])) {
$stageid = $data['stageid'];
} else {
$stageid = $configdata[$data['configid']]['configstageid'];
}
$query = "INSERT INTO configmap " . "(configid, " . "configmaptypeid, " . "subid, " . "affiliationid, " . "disabled, " . "configstageid) " . "VALUES " . "({$data['configid']}, " . "{$data['maptypeid']}, " . "{$data['subid']}, " . "{$data['affiliationid']}, " . "0, " . "{$stageid})";
doQuery($query);
$configmapid = dbLastInsertID();
$id = $data['configid'];
$configdata = $this->_getData($id);
$stages = $this->getConfigMapStages();
$item = array('id' => $configmapid, 'configid' => $id, 'configname' => $configdata[$id]['name'], 'description' => $configdata[$id]['description'], 'configtypeid' => $configdata[$id]['configtypeid'], 'configtype' => $configdata[$id]['configtype'], 'configmaptypeid' => $data['maptypeid'], 'configmaptype' => $maptypes[$data['maptypeid']], 'affiliationid' => $data['affiliationid'], 'mapto' => $data['mapto'], 'affiliation' => getAffiliationName($data['affiliationid']), 'disabled' => 0, 'stageid' => $data['stageid'], 'configstage' => $stages[$data['stageid']]);
$ret = array('status' => 'success', 'item' => $item, 'action' => 'add');
sendJSON($ret);
return;
}
function editOrAddGroup($state)
{
global $submitErr, $user, $mode;
$usergroups = getUserGroups();
$type = getContinuationVar("type");
if ($state) {
$isowner = 1;
} elseif ($type == 'resource') {
$isowner = getContinuationVar('isowner');
}
if (!$state) {
$groupid = getContinuationVar('groupid', processInputVar('groupid', ARG_NUMERIC));
if ($type == 'user') {
if (!array_key_exists($groupid, $usergroups)) {
print "<h2>Edit User Group</h2>\n";
print "The selected user group does not exist.\n";
return;
}
$isowner = 0;
if ($usergroups[$groupid]['ownerid'] != $user['id']) {
if ($usergroups[$groupid]['custom'] == 0 || $usergroups[$groupid]['courseroll'] == 1) {
if (!checkUserHasPerm('Manage Federated User Groups (global)') && (!checkUserHasPerm('Manage Federated User Groups (affiliation only)') || $usergroups[$groupid]['groupaffiliationid'] != $user['affiliationid'])) {
print "<h2>Edit User Group</h2>\n";
print "You do not have access to modify the selected user group.\n";
return;
} else {
$isowner = 1;
}
} elseif (!array_key_exists("editgroupid", $usergroups[$groupid]) || !array_key_exists($usergroups[$groupid]["editgroupid"], $user["groups"])) {
print "<h2>Edit User Group</h2>\n";
print "You do not have access to modify the selected user group.\n";
return;
}
} else {
$isowner = 1;
}
} else {
$userresources = getUserResources(array("groupAdmin"), array("manageGroup"), 1);
$noaccess = 1;
foreach (array_keys($userresources) as $rtype) {
if (array_key_exists($groupid, $userresources[$rtype])) {
$noaccess = 0;
break;
}
}
if ($noaccess) {
print "<h2>Edit Resource Group</h2>\n";
print "You do not have access to modify the selected resource group.\n";
return;
}
}
}
$allcustomgroups = getUserGroups(1);
if ($user['showallgroups']) {
$affilusergroups = $allcustomgroups;
} else {
$affilusergroups = getUserGroups(1, $user['affiliationid']);
}
$defaultusergroupid = getUserGroupID('Default for Editable by', 1);
if ($type == 'resource') {
$dispUserGrpIDs = array();
$dispUserGrpIDsAllAffils = array();
foreach (array_keys($allcustomgroups) as $id) {
# figure out if user is owner or in editor group
$owner = 0;
$editor = 0;
if ($allcustomgroups[$id]["ownerid"] == $user["id"]) {
$owner = 1;
}
if (array_key_exists("editgroupid", $allcustomgroups[$id]) && array_key_exists($allcustomgroups[$id]["editgroupid"], $user["groups"])) {
$editor = 1;
}
if (!$owner && !$editor) {
continue;
}
if ($user['showallgroups']) {
$dispUserGrpIDs[$id] = $allcustomgroups[$id]['name'];
} elseif (array_key_exists($id, $affilusergroups) && $allcustomgroups[$id]['groupaffiliation'] == $user['affiliation']) {
$dispUserGrpIDs[$id] = $allcustomgroups[$id]['name'];
}
$dispUserGrpIDsAllAffils[$id] = $allcustomgroups[$id]['name'];
}
}
$resourcegroups = getResourceGroups();
$affils = getAffiliations();
$resourcetypes = getTypes("resources");
if ($submitErr) {
$data = processGroupInput(0);
if ($mode == "submitEditGroup") {
$id = $data["groupid"];
if ($data["type"] == "resource") {
list($grouptype, $junk) = explode('/', $resourcegroups[$id]["name"]);
$ownerid = $resourcegroups[$id]["ownerid"];
}
} else {
if ($data["type"] == "resource") {
if ($state) {
$grouptype = $resourcetypes['resources'][$data['resourcetypeid']];
} else {
list($grouptype, $junk) = explode('/', $resourcegroups[$data['groupid']]["name"]);
}
$ownerid = $data["ownergroup"];
} else {
$selectAffil = getContinuationVar('selectAffil');
if (empty($selectAffil) && $user['showallgroups']) {
$selectAffil = 1;
}
}
}
} else {
$data["groupid"] = getContinuationVar("groupid");
$data["type"] = getContinuationVar("type");
$data["isowner"] = $isowner;
if (!$state) {
$id = $groupid;
$data['groupid'] = $id;
} else {
$id = $data["groupid"];
}
if ($data["type"] == "user") {
if ($state) {
$data["name"] = '';
$data["affiliationid"] = $user['affiliationid'];
$data["owner"] = $user['unityid'];
if (array_key_exists('VCLEDITGROUPID', $_COOKIE) && (array_key_exists($_COOKIE['VCLEDITGROUPID'], $affilusergroups) || $_COOKIE['VCLEDITGROUPID'] == $defaultusergroupid)) {
$data["editgroupid"] = $_COOKIE['VCLEDITGROUPID'];
} else {
$data["editgroupid"] = $defaultusergroupid;
}
if (!array_key_exists($data['editgroupid'], $affilusergroups)) {
if ($user['showallgroups']) {
$affil = getAffiliationName(1);
$affilusergroups[$data['editgroupid']]['name'] = "Default for Editable by@{$affil}";
} else {
$affilusergroups[$data['editgroupid']]['name'] = 'Default for Editable by';
}
}
$data["initialmax"] = 240;
$data["totalmax"] = 360;
$data["maxextend"] = 30;
$data["overlap"] = 0;
$data["custom"] = 1;
$data["courseroll"] = 0;
$tmp = explode('@', $data['name']);
$data['name'] = $tmp[0];
if ($user['showallgroups']) {
$selectAffil = 1;
} else {
$selectAffil = 0;
}
} else {
$data["name"] = $usergroups[$id]["name"];
$data["affiliationid"] = $usergroups[$id]["groupaffiliationid"];
$data["owner"] = $usergroups[$id]["owner"];
$data["editgroupid"] = $usergroups[$id]["editgroupid"];
$data["initialmax"] = $usergroups[$id]["initialmaxtime"];
$data["totalmax"] = $usergroups[$id]["totalmaxtime"];
$data["maxextend"] = $usergroups[$id]["maxextendtime"];
$data["overlap"] = $usergroups[$id]["overlapResCount"];
$data["custom"] = $usergroups[$id]["custom"];
$data["courseroll"] = $usergroups[$id]["courseroll"];
$tmp = explode('@', $data['name']);
$data['name'] = $tmp[0];
if ($user['showallgroups'] || array_key_exists(1, $tmp) && $tmp[1] != $user['affiliation']) {
$selectAffil = 1;
} else {
$selectAffil = 0;
}
}
} else {
unset($affilusergroups[$defaultusergroupid]);
if ($state) {
$grouptype = 'computer';
$data['name'] = '';
if (array_key_exists('VCLOWNERGROUPID', $_COOKIE) && array_key_exists($_COOKIE['VCLOWNERGROUPID'], $user['groups'])) {
$ownerid = $_COOKIE['VCLOWNERGROUPID'];
} else {
$ownerid = "";
foreach (array_keys($user["groups"]) as $grpid) {
if (array_key_exists($grpid, $dispUserGrpIDs)) {
$ownerid = $grpid;
break;
}
}
}
} else {
list($grouptype, $data["name"]) = explode('/', $resourcegroups[$id]["name"]);
$ownerid = $resourcegroups[$id]["ownerid"];
}
}
}
if ($data['type'] == 'user' && !array_key_exists($defaultusergroupid, $affilusergroups)) {
if ($user['showallgroups']) {
$affil = getAffiliationName(1);
$affilusergroups[$defaultusergroupid]['name'] = "Default for Editable by@{$affil}";
} else {
$affilusergroups[$defaultusergroupid]['name'] = 'Default for Editable by';
}
uasort($affilusergroups, "sortKeepIndex");
}
$editusergroup = 0;
if ($data['type'] != 'user') {
print "<FORM action=\"" . BASEURL . SCRIPT . "#resources\" method=post>\n";
} else {
print "<FORM action=\"" . BASEURL . SCRIPT . "\" method=post>\n";
}
print "<DIV align=center>\n";
if ($state) {
if ($data["type"] == "user") {
print "<H2>Add User Group</H2>\n";
} else {
print "<H2>Add Resource Group</H2>\n";
}
} else {
if ($data["type"] == "user") {
print "<H2>Edit User Group</H2>\n";
print "{$usergroups[$data['groupid']]['name']}<br><br>\n";
if ($data['courseroll'] == 1) {
print "Type: Course Roll<br><br>\n";
} elseif ($data['custom'] == 0) {
print "Type: Federated<br><br>\n";
}
$editusergroup = 1;
} else {
print "<H2>Edit Resource Group</H2>\n";
}
}
if ($state && $data["type"] == "user" || $data["isowner"] || $data["type"] == "resource") {
print "<TABLE>\n";
if ($data["type"] == "resource") {
print " <TR>\n";
print " <TH align=right>Type:</TH>\n";
print " <TD>\n";
if ($state && $submitErr) {
$resourcetypeid = $data['resourcetypeid'];
} else {
$resourcetypeid = array_search($grouptype, $resourcetypes["resources"]);
}
if ($state) {
printSelectInput("resourcetypeid", $resourcetypes["resources"], $resourcetypeid);
} else {
print " {$grouptype}\n";
}
print " </TD>\n";
print " <TD></TD>\n";
print " </TR>\n";
}
$editname = 1;
if ($data['type'] == 'user' && $state == 0 && $usergroups[$groupid]['groupaffiliationid'] == 1) {
$tmp = explode('@', $usergroups[$groupid]['name']);
if ($tmp[0] == 'Specify End Time' || $tmp[0] == 'Allow No User Check' || $tmp[0] == 'Default for Editable by') {
$editname = 0;
}
}
if ($data['type'] == 'resource' || $editname && $data['courseroll'] == 0 && $data['custom'] == 1) {
print " <TR>\n";
print " <TH align=right>Name:</TH>\n";
print " <TD><INPUT type=text name=name value=\"{$data['name']}\" ";
print "maxlength=30>";
if ($data['type'] == 'user' && $selectAffil) {
print "@";
printSelectInput('affiliationid', $affils, $data['affiliationid']);
}
print "</TD>\n";
print " <TD>";
printSubmitErr(GRPNAMEERR);
print "</TD>\n";
print " </TR>\n";
}
if ($editname == 0) {
print "<TR><TD colspan=2 align=\"center\">\n";
print "(This is a system group whose name cannot be modified.)\n";
print "</TD></TR>\n";
}
if ($data["type"] == "user") {
if ($data['courseroll'] == 0 && $data['custom'] == 1) {
print " <TR>\n";
print " <TH align=right>Owner:</TH>\n";
print " <TD><INPUT type=text name=owner value=\"" . $data["owner"];
print "\"></TD>\n";
print " <TD>";
printSubmitErr(GRPOWNER);
print "</TD>\n";
print " </TR>\n";
print " <TR>\n";
print " <TH align=right>Editable by:</TH>\n";
print " <TD valign=\"top\">\n";
$groupwasnone = 0;
if ($submitErr & EDITGROUPERR) {
if ($state == 0) {
$data['editgroupid'] = $usergroups[$data['groupid']]['editgroupid'];
} elseif (count($affilusergroups)) {
$tmp = array_keys($affilusergroups);
$data['editgroupid'] = $tmp[0];
}
}
$notice = '';
if ($state == 0 && empty($usergroups[$data['groupid']]["editgroup"])) {
$affilusergroups = array_reverse($affilusergroups, TRUE);
$affilusergroups[0] = array('name' => 'None');
$affilusergroups = array_reverse($affilusergroups, TRUE);
$groupwasnone = 1;
$notice = "<strong>Note:</strong> You are the only person that can<br>" . "edit membership of this group. Select a<br>user group here " . "to allow members of that<br>group to edit membership of this one.";
} elseif (!array_key_exists($data['editgroupid'], $affilusergroups) && $data['editgroupid'] != 0) {
$affilusergroups[$data['editgroupid']] = array('name' => getUserGroupName($data['editgroupid'], 1));
uasort($affilusergroups, "sortKeepIndex");
}
if ($state == 1 && $data['editgroupid'] == 0) {
print "None\n";
} else {
printSelectInput("editgroupid", $affilusergroups, $data["editgroupid"]);
}
print " </TD>\n";
print " <TD>";
if ($submitErr & EDITGROUPERR) {
printSubmitErr(EDITGROUPERR);
} else {
print $notice;
}
print "</TD>";
print " </TR>\n";
} else {
$groupwasnone = 1;
}
print " <TR>\n";
print " <TH align=right>Initial Max Time:</TH>\n";
print " <TD>";
$lengths = getReservationLengths(65535);
if (!array_key_exists($data['initialmax'], $lengths)) {
$data['initialmax'] = getReservationLengthCeiling($data['initialmax']);
}
printSelectInput("initialmax", $lengths, $data['initialmax']);
print " </TD>";
print " <TD>";
printSubmitErr(INITIALMAXERR);
print "</TD>\n";
print " </TR>\n";
print " <TR>\n";
print " <TH align=right>Total Max Time:</TH>\n";
print " <TD>";
if (!array_key_exists($data['totalmax'], $lengths)) {
$data['totalmax'] = getReservationLengthCeiling($data['totalmax']);
}
printSelectInput("totalmax", $lengths, $data['totalmax']);
print " </TD>\n";
print " <TD>";
printSubmitErr(TOTALMAXERR);
print "</TD>\n";
print " </TR>\n";
print " <TR>\n";
print " <TH align=right>Max Extend Time:</TH>\n";
print " <TD>";
if (!array_key_exists($data['maxextend'], $lengths)) {
$data['maxextend'] = getReservationLengthCeiling($data['maxextend']);
}
printSelectInput("maxextend", $lengths, $data['maxextend']);
print " </TD>\n";
print " <TD>";
printSubmitErr(MAXEXTENDERR);
print "</TD>\n";
print " </TR>\n";
if (checkUserHasPerm('Set Overlapping Reservation Count')) {
print " <TR>\n";
print " <TH align=right>Max Overlapping Reservations:</TH>\n";
print " <TD><INPUT type=text name=overlap value=\"";
print $data["overlap"] . "\" maxlength=4></TD>\n";
print " <TD>";
printSubmitErr(MAXOVERLAPERR);
print "</TD>\n";
print " </TR>\n";
}
} else {
print " <TR>\n";
print " <TH align=right>Owning User Group:</TH>\n";
print " <TD>\n";
if ($submitErr & EDITGROUPERR) {
$ownerid = $resourcegroups[$groupid]['ownerid'];
}
if ($state == 0 && $ownerid != '' && !array_key_exists($ownerid, $dispUserGrpIDs)) {
$dispUserGrpIDs[$ownerid] = $usergroups[$ownerid]['name'];
uasort($dispUserGrpIDs, "sortKeepIndex");
}
if (!empty($dispUserGrpIDs)) {
printSelectInput("ownergroup", $dispUserGrpIDs, $ownerid);
} else {
printSelectInput("ownergroup", $dispUserGrpIDsAllAffils, $ownerid);
}
print " </TD>\n";
print " <TD>\n";
if ($submitErr & EDITGROUPERR) {
printSubmitErr(EDITGROUPERR);
}
print " </TD>\n";
print " </TR>\n";
}
print "</TABLE>\n";
print "<TABLE>\n";
print " <TR valign=top>\n";
print " <TD>\n";
if ($state) {
$cdata = array('type' => $data['type']);
if ($data['type'] == 'user') {
$cdata['isowner'] = $data['isowner'];
if ($data['editgroupid'] == 0) {
$cdata['editgroupid'] = 0;
$cdata['groupwasnone'] = 1;
}
$cdata['editgroupids'] = implode(',', array_keys($affilusergroups));
} else {
if (!empty($dispUserGrpIDs)) {
$cdata['ownergroupids'] = implode(',', array_keys($dispUserGrpIDs));
} else {
$cdata['ownergroupids'] = implode(',', array_keys($dispUserGrpIDsAllAffils));
}
}
$cont = addContinuationsEntry('submitAddGroup', $cdata);
print " <INPUT type=hidden name=continuation value=\"{$cont}\">\n";
print " <INPUT type=submit value=\"Add Group\">\n";
} else {
$cdata = array('type' => $data['type'], 'groupid' => $data['groupid'], 'isowner' => $data['isowner'], 'editname' => $editname);
if ($data['type'] == 'resource') {
$cdata['resourcetypeid'] = $resourcetypeid;
if (!empty($dispUserGrpIDs)) {
$cdata['ownergroupids'] = implode(',', array_keys($dispUserGrpIDs));
} else {
$cdata['ownergroupids'] = implode(',', array_keys($dispUserGrpIDsAllAffils));
}
} else {
if ($data['courseroll'] == 1 || $data['custom'] == 0 || $editname == 0) {
$cdata['name'] = $data['name'];
$cdata['affiliationid'] = $data['affiliationid'];
}
$cdata['selectAffil'] = $selectAffil;
$cdata['groupwasnone'] = $groupwasnone;
$cdata['custom'] = $data['custom'];
$cdata['courseroll'] = $data['courseroll'];
$cdata['editgroupids'] = implode(',', array_keys($affilusergroups));
}
$cont = addContinuationsEntry('confirmEditGroup', $cdata);
print " <INPUT type=hidden name=continuation value=\"{$cont}\">\n";
print " <INPUT type=submit value=\"Confirm Changes\">\n";
}
print " </FORM>\n";
print " </TD>\n";
print " <TD>\n";
print " <FORM action=\"" . BASEURL . SCRIPT . "\" method=post>\n";
print " <INPUT type=hidden name=mode value=viewGroups>\n";
print " <INPUT type=submit value=Cancel>\n";
print " </FORM>\n";
print " </TD>\n";
print " </TR>\n";
print "</TABLE>\n";
}
if ($data["type"] != "user") {
print "</DIV>\n";
return;
}
if ($editusergroup) {
$newuser = processInputVar("newuser", ARG_STRING);
print "<H3>Group Membership</H3>\n";
if ($mode == "addGroupUser" && !($submitErr & IDNAMEERR)) {
print "<font color=\"#008000\">{$newuser} successfully added to group";
print "</font><br><br>\n";
}
if ($mode == "deleteGroupUser") {
print "<font color=\"#008000\">{$newuser} successfully deleted from ";
print "group</font><br><br>\n";
}
$groupmembers = getUserGroupMembers($data["groupid"]);
$edit = 1;
if ($data['courseroll'] == 1 || $data['custom'] == 0) {
$edit = 0;
}
if (empty($groupmembers) && !$edit) {
print "(empty group)<br>\n";
}
print "<TABLE border=1>\n";
if ($edit) {
print " <TR>\n";
print " <FORM action=\"" . BASEURL . SCRIPT . "\" method=post>\n";
print " <TD align=right><INPUT type=submit value=Add></TD>\n";
print " <TD><INPUT type=text name=newuser maxlength=80 size=40 ";
if ($submitErr & IDNAMEERR) {
print "value=\"{$newuser}\"></TD>\n";
} else {
print "></TD>\n";
}
if ($submitErr) {
print " <TD>\n";
printSubmitErr(IDNAMEERR);
print " </TD>\n";
}
$cont = addContinuationsEntry('addGroupUser', $data);
print " <INPUT type=hidden name=continuation value=\"{$cont}\">\n";
print " </FORM>\n";
print " </TR>\n";
}
foreach ($groupmembers as $id => $login) {
print " <TR>\n";
if ($edit) {
print " <TD>\n";
print " <FORM action=\"" . BASEURL . SCRIPT . "\" method=post>\n";
print " <INPUT type=submit value=Delete>\n";
$data['userid'] = $id;
$data['newuser'] = $login;
$cont = addContinuationsEntry('deleteGroupUser', $data);
print " <INPUT type=hidden name=continuation value=\"{$cont}\">\n";
print " </FORM>\n";
print " </TD>\n";
}
print " <TD>{$login}</TD>\n";
print " </TR>\n";
}
print "</TABLE>\n";
}
print "</DIV>\n";
}
function updateLDAPUser($authtype, $userid)
{
global $authMechs;
$userData = getLDAPUserData($authtype, $userid);
if (is_null($userData)) {
return NULL;
}
$affilid = $authMechs[$authtype]['affiliationid'];
$now = unixToDatetime(time());
// select desired data from db
$query = "SELECT i.name AS IMtype, " . "u.IMid AS IMid, " . "u.affiliationid, " . "af.name AS affiliation, " . "af.shibonly, " . "u.emailnotices, " . "a.name AS adminlevel, " . "a.id AS adminlevelid, " . "u.preferredname AS preferredname, " . "u.uid AS uid, " . "u.id AS id, " . "u.width AS width, " . "u.height AS height, " . "u.bpp AS bpp, " . "u.audiomode AS audiomode, " . "u.mapdrives AS mapdrives, " . "u.mapprinters AS mapprinters, " . "u.mapserial AS mapserial, " . "u.showallgroups " . "FROM user u, " . "IMtype i, " . "adminlevel a, " . "affiliation af " . "WHERE u.IMtypeid = i.id AND " . "u.adminlevelid = a.id AND " . "af.id = {$affilid} AND ";
if (array_key_exists('numericid', $userData) && is_numeric($userData['numericid'])) {
$query .= "u.uid = " . $userData["numericid"];
} else {
$query .= "u.unityid = '{$userid}' AND " . "u.affiliationid = {$affilid}";
}
$qh = doQuery($query, 255);
// if get a row
// update db
// update results from select
if ($user = mysql_fetch_assoc($qh)) {
$user["unityid"] = $userid;
$user["firstname"] = $userData['first'];
$user["lastname"] = $userData["last"];
$user["email"] = $userData["email"];
$user["lastupdated"] = $now;
$query = "UPDATE user " . "SET unityid = '{$userid}', " . "firstname = '{$userData['first']}', " . "lastname = '{$userData['last']}', " . "email = '{$userData['email']}', " . "lastupdated = '{$now}' ";
if (array_key_exists('numericid', $userData) && is_numeric($userData['numericid'])) {
$query .= "WHERE uid = " . $userData["numericid"];
} else {
$query .= "WHERE unityid = '{$userid}' AND " . "affiliationid = {$affilid}";
}
doQuery($query, 256, 'vcl', 1);
} else {
// call addLDAPUser
$id = addLDAPUser($authtype, $userid);
$query = "SELECT u.unityid AS unityid, " . "u.affiliationid, " . "af.name AS affiliation, " . "u.firstname AS firstname, " . "u.lastname AS lastname, " . "u.preferredname AS preferredname, " . "u.email AS email, " . "i.name AS IMtype, " . "u.IMid AS IMid, " . "u.uid AS uid, " . "u.id AS id, " . "a.name AS adminlevel, " . "a.id AS adminlevelid, " . "u.width AS width, " . "u.height AS height, " . "u.bpp AS bpp, " . "u.audiomode AS audiomode, " . "u.mapdrives AS mapdrives, " . "u.mapprinters AS mapprinters, " . "u.mapserial AS mapserial, " . "u.showallgroups, " . "u.lastupdated AS lastupdated " . "FROM user u, " . "IMtype i, " . "affiliation af, " . "adminlevel a " . "WHERE u.IMtypeid = i.id AND " . "u.adminlevelid = a.id AND " . "u.affiliationid = af.id AND " . "u.id = {$id}";
$qh = doQuery($query, 101);
if (!($user = mysql_fetch_assoc($qh))) {
return NULL;
}
}
// TODO handle generic updating of groups
switch (getAffiliationName($affilid)) {
case 'EXAMPLE1':
updateEXAMPLE1Groups($user);
break;
default:
//TODO possibly add to a default group
}
$user["groups"] = getUsersGroups($user["id"], 1);
$user["privileges"] = getOverallUserPrivs($user["id"]);
$user['login'] = $user['unityid'];
return $user;
}
function ldapLogin($authtype, $userid, $passwd)
{
global $HTMLheader, $printedHTMLheader, $authMechs, $phpVer;
$ds = ldap_connect("ldaps://{$authMechs[$authtype]['server']}/");
if (!$ds) {
print $HTMLheader;
$printedHTMLheader = 1;
selectAuth();
return;
}
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
/*if($authtype == 'EXAMPLE1 LDAP') {
# in this case, we have to look up what part of the tree the user is in
# before we can actually look up the user
$auth = $authMechs[$authtype];
$res = ldap_bind($ds, $auth['masterlogin'],
$auth['masterpwd']);
if(! $res) {
printLoginPageWithSkin($authtype);
return;
}
$search = ldap_search($ds,
$auth['binddn'],
"cn=$userid",
array('dn'), 0, 3, 15);
if($search) {
$tmpdata = ldap_get_entries($ds, $search);
if(! $tmpdata['count'] || ! array_key_exists('dn', $tmpdata[0])) {
printLoginPageWithSkin($authtype);
return;
}
$ldapuser = $tmpdata[0]['dn'];
}
else {
printLoginPageWithSkin($authtype);
return;
}
}
elseif($authtype == 'EXAMPLE2 LDAP') {
# this is similar to EXAMPLE1, but here we do an anonymous bind
$auth = $authMechs[$authtype];
$res = ldap_bind($ds);
if(! $res) {
printLoginPageWithSkin($authtype);
return;
}
$search = ldap_search($ds,
$auth['binddn'],
"uid=$userid",
array('dn'), 0, 3, 15);
if($search) {
$tmpdata = ldap_get_entries($ds, $search);
if(! $tmpdata['count'] || ! array_key_exists('dn', $tmpdata[0])) {
printLoginPageWithSkin($authtype);
return;
}
$ldapuser = $tmpdata[0]['dn'];
}
else {
printLoginPageWithSkin($authtype);
return;
}
}
else*/
$ldapuser = sprintf($authMechs[$authtype]['userid'], $userid);
$res = ldap_bind($ds, $ldapuser, $passwd);
if (!$res) {
// login failed
printLoginPageWithSkin($authtype);
return;
} else {
// see if user in our db
$query = "SELECT id " . "FROM user " . "WHERE unityid = '{$userid}' AND " . "affiliationid = {$authMechs[$authtype]['affiliationid']}";
$qh = doQuery($query, 101);
if (!mysql_num_rows($qh)) {
// if not, add user
$newid = updateLDAPUser($authtype, $userid);
if (is_null($newid)) {
abort(8);
}
}
// get cookie data
$cookie = getAuthCookieData("{$userid}@" . getAffiliationName($authMechs[$authtype]['affiliationid']));
// set cookie
if (version_compare(PHP_VERSION, "5.2", ">=") == true) {
setcookie("VCLAUTH", "{$cookie['data']}", 0, "/", COOKIEDOMAIN, 0, 1);
} else {
setcookie("VCLAUTH", "{$cookie['data']}", 0, "/", COOKIEDOMAIN, 0);
}
# set skin cookie based on affiliation
/*if(getAffiliationName($authMechs[$authtype]['affiliationid']) == 'EXAMPLE1')
setcookie("VCLSKIN", "EXAMPLE1", (time() + (SECINDAY * 31)), "/", COOKIEDOMAIN);
elseif(getAffiliationName($authMechs[$authtype]['affiliationid']) == 'EXAMPLE2')
setcookie("VCLSKIN", "EXAMPLE2", (time() + (SECINDAY * 31)), "/", COOKIEDOMAIN);
else*/
setcookie("VCLSKIN", "DEFAULT", time() + SECINDAY * 31, "/", COOKIEDOMAIN);
// redirect to main page
header("Location: " . BASEURL . SCRIPT);
dbDisconnect();
exit;
}
}
function userLookup()
{
global $user;
$userid = processInputVar("userid", ARG_STRING);
if (get_magic_quotes_gpc()) {
$userid = stripslashes($userid);
}
$affilid = processInputVar('affiliationid', ARG_NUMERIC, $user['affiliationid']);
$force = processInputVar('force', ARG_NUMERIC, 0);
print "<div align=center>\n";
print "<H2>User Lookup</H2>\n";
print "<FORM action=\"" . BASEURL . SCRIPT . "\" method=post>\n";
print "<TABLE>\n";
print " <TR>\n";
print " <TH>Name (last, first) or User ID:</TH>\n";
print " <TD><INPUT type=text name=userid value=\"{$userid}\" size=25></TD>\n";
if (checkUserHasPerm('User Lookup (global)')) {
$affils = getAffiliations();
print " <TD>\n";
print "@";
printSelectInput("affiliationid", $affils, $affilid);
print " </TD>\n";
}
print " </TR>\n";
print " <TR>\n";
print " <TD colspan=2>\n";
print " <input type=checkbox id=force name=force value=1>\n";
print " <label for=force>Attempt forcing an update from LDAP (User ID only)</label>\n";
print " </TD>\n";
print " </TR>\n";
print " <TR>\n";
print " <TD colspan=3 align=center><INPUT type=submit value=Submit>\n";
print " </TR>\n";
print "</TABLE>\n";
$cont = addContinuationsEntry('submitUserLookup');
print "<INPUT type=hidden name=continuation value=\"{$cont}\">\n";
print "</FORM><br>\n";
if (!empty($userid)) {
$esc_userid = mysql_real_escape_string($userid);
if (preg_match('/,/', $userid)) {
$mode = 'name';
$force = 0;
} else {
$mode = 'userid';
}
if (!checkUserHasPerm('User Lookup (global)') && $user['affiliationid'] != $affilid) {
print "<font color=red>{$userid} not found</font><br>\n";
return;
}
if ($mode == 'userid') {
$query = "SELECT id " . "FROM user " . "WHERE unityid = '{$esc_userid}' AND " . "affiliationid = {$affilid}";
$affilname = getAffiliationName($affilid);
$userid = "{$userid}@{$affilname}";
$esc_userid = "{$esc_userid}@{$affilname}";
} else {
$tmp = explode(',', $userid);
$last = mysql_real_escape_string(trim($tmp[0]));
$first = mysql_real_escape_string(trim($tmp[1]));
$query = "SELECT CONCAT(u.unityid, '@', a.name) AS unityid " . "FROM user u, " . "affiliation a " . "WHERE u.firstname = '{$first}' AND " . "u.lastname = '{$last}' AND " . "u.affiliationid = {$affilid} AND " . "a.id = {$affilid}";
}
$qh = doQuery($query, 101);
if (!mysql_num_rows($qh)) {
if ($mode == 'name') {
print "<font color=red>User not found</font><br>\n";
return;
} else {
print "<font color=red>{$userid} not currently found in VCL user database, will try to add...</font><br>\n";
}
} elseif ($force) {
$_SESSION['userresources'] = array();
$row = mysql_fetch_assoc($qh);
$newtime = unixToDatetime(time() - SECINDAY - 5);
$query = "UPDATE user SET lastupdated = '{$newtime}' WHERE id = {$row['id']}";
doQuery($query, 101);
} elseif ($mode == 'name') {
$row = mysql_fetch_assoc($qh);
$userid = $row['unityid'];
$esc_userid = $row['unityid'];
}
$userdata = getUserInfo($esc_userid);
if (is_null($userdata)) {
$userdata = getUserInfo($esc_userid, 1);
if (is_null($userdata)) {
print "<font color=red>{$userid} not found</font><br>\n";
return;
}
}
$userdata["groups"] = getUsersGroups($userdata["id"], 1, 1);
print "<TABLE>\n";
if (!empty($userdata['unityid'])) {
print " <TR>\n";
print " <TH align=right>User ID:</TH>\n";
print " <TD>{$userdata["unityid"]}</TD>\n";
print " </TR>\n";
}
if (!empty($userdata['firstname'])) {
print " <TR>\n";
print " <TH align=right>First Name:</TH>\n";
print " <TD>{$userdata["firstname"]}</TD>\n";
print " </TR>\n";
}
if (!empty($userdata['lastname'])) {
print " <TR>\n";
print " <TH align=right>Last Name:</TH>\n";
print " <TD>{$userdata["lastname"]}</TD>\n";
print " </TR>\n";
}
if (!empty($userdata['preferredname'])) {
print " <TR>\n";
print " <TH align=right>Preferred Name:</TH>\n";
print " <TD>{$userdata["preferredname"]}</TD>\n";
print " </TR>\n";
}
if (!empty($userdata['affiliation'])) {
print " <TR>\n";
print " <TH align=right>Affiliation:</TH>\n";
print " <TD>{$userdata["affiliation"]}</TD>\n";
print " </TR>\n";
}
if (!empty($userdata['email'])) {
print " <TR>\n";
print " <TH align=right>Email:</TH>\n";
print " <TD>{$userdata["email"]}</TD>\n";
print " </TR>\n";
}
print " <TR>\n";
print " <TH align=right style=\"vertical-align: top\">Groups:</TH>\n";
print " <TD>\n";
uasort($userdata["groups"], "sortKeepIndex");
foreach ($userdata["groups"] as $group) {
print " {$group}<br>\n";
}
print " </TD>\n";
print " </TR>\n";
print " <TR>\n";
print " <TH align=right style=\"vertical-align: top\">User Group Permissions:</TH>\n";
print " <TD>\n";
if (count($userdata['groupperms'])) {
foreach ($userdata['groupperms'] as $perm) {
print " {$perm}<br>\n";
}
} else {
print " No additional user group permissions\n";
}
print " </TD>\n";
print " </TR>\n";
print " <TR>\n";
print " <TH align=right style=\"vertical-align: top\">Privileges (found somewhere in the tree):</TH>\n";
print " <TD>\n";
uasort($userdata["privileges"], "sortKeepIndex");
foreach ($userdata["privileges"] as $priv) {
if ($priv == "block" || $priv == "cascade") {
continue;
}
print " {$priv}<br>\n";
}
print " </TD>\n";
print " </TR>\n";
print "</TABLE>\n";
# get user's resources
$userResources = getUserResources(array("imageCheckOut"), array("available"), 0, 0, $userdata['id']);
# find nodes where user has privileges
$query = "SELECT p.name AS privnode, " . "upt.name AS userprivtype, " . "up.privnodeid " . "FROM userpriv up, " . "privnode p, " . "userprivtype upt " . "WHERE up.privnodeid = p.id AND " . "up.userprivtypeid = upt.id AND " . "up.userid = {$userdata['id']} " . "ORDER BY p.name, " . "upt.name";
$qh = doQuery($query, 101);
if (mysql_num_rows($qh)) {
print "Nodes where user is granted privileges:<br>\n";
print "<TABLE>\n";
$privnodeid = 0;
while ($row = mysql_fetch_assoc($qh)) {
if ($privnodeid != $row['privnodeid']) {
if ($privnodeid) {
print " </TD>\n";
print " </TR>\n";
}
print " <TR>\n";
$privnodeid = $row['privnodeid'];
$path = getNodePath($privnodeid);
print " <TH align=right>{$path}</TH>\n";
print " <TD>\n";
}
print " {$row['userprivtype']}<br>\n";
}
print " </TD>\n";
print " </TR>\n";
print "</TABLE>\n";
}
# find nodes where user's groups have privileges
if (!empty($userdata['groups'])) {
$query = "SELECT DISTINCT p.name AS privnode, " . "upt.name AS userprivtype, " . "up.privnodeid " . "FROM userpriv up, " . "privnode p, " . "userprivtype upt " . "WHERE up.privnodeid = p.id AND " . "up.userprivtypeid = upt.id AND " . "upt.name != 'cascade' AND " . "upt.name != 'block' AND " . "up.usergroupid IN (" . implode(',', array_keys($userdata['groups'])) . ") " . "ORDER BY p.name, " . "upt.name";
$qh = doQuery($query, 101);
if (mysql_num_rows($qh)) {
print "Nodes where user's groups are granted privileges:<br>\n";
print "<TABLE>\n";
$privnodeid = 0;
while ($row = mysql_fetch_assoc($qh)) {
if ($privnodeid != $row['privnodeid']) {
if ($privnodeid) {
print " </TD>\n";
print " </TR>\n";
}
print " <TR>\n";
$privnodeid = $row['privnodeid'];
$path = getNodePath($privnodeid);
print " <TH align=right>{$path}</TH>\n";
print " <TD>\n";
}
print " {$row['userprivtype']}<br>\n";
}
print " </TD>\n";
print " </TR>\n";
print "</TABLE>\n";
}
}
print "<table>\n";
print " <tr>\n";
print " <th>Images User Has Access To:<th>\n";
print " <td>\n";
foreach ($userResources['image'] as $img) {
print " {$img}<br>\n";
}
print " </td>\n";
print " </tr>\n";
print "</table>\n";
# login history
$query = "SELECT authmech, " . "timestamp, " . "passfail, " . "remoteIP, " . "code " . "FROM loginlog " . "WHERE (user = '******'unityid']}' OR " . "user = '******'unityid']}@{$userdata['affiliation']}') AND " . "affiliationid = {$userdata['affiliationid']} " . "ORDER BY timestamp DESC " . "LIMIT 8";
$logins = array();
$qh = doQuery($query);
while ($row = mysql_fetch_assoc($qh)) {
$logins[] = $row;
}
if (count($logins)) {
$logins = array_reverse($logins);
print "<h3>Login History (last 8 attempts)</h3>\n";
print "<table summary=\"login attempts\">\n";
print "<colgroup>\n";
print "<col class=\"logincol\" />\n";
print "<col class=\"logincol\" />\n";
print "<col class=\"logincol\" />\n";
print "<col class=\"logincol\" />\n";
print "<col />\n";
print "</colgroup>\n";
print " <tr>\n";
print " <th>Authentication Method</th>\n";
print " <th>Timestamp</th>\n";
print " <th>Result</th>\n";
print " <th>Remote IP</th>\n";
print " <th>Extra Info</th>\n";
print " </tr>\n";
foreach ($logins as $login) {
print " <tr>\n";
print " <td class=\"logincell\">{$login['authmech']}</td>\n";
$ts = prettyDatetime($login['timestamp'], 1);
print " <td class=\"logincell\">{$ts}</td>\n";
if ($login['passfail']) {
print " <td class=\"logincell\"><font color=\"#008000\">Pass</font></td>\n";
} else {
print " <td class=\"logincell\"><font color=\"red\">Fail</font></td>\n";
}
print " <td class=\"logincell\">{$login['remoteIP']}</td>\n";
print " <td class=\"logincell\">{$login['code']}</td>\n";
print " </tr>\n";
}
print "</table>\n";
} else {
print "<h3>Login History</h3>\n";
print "There are no login attempts by this user.<br>\n";
}
# reservation history
$requests = array();
$query = "SELECT DATE_FORMAT(l.start, '%W, %b %D, %Y, %h:%i %p') AS start, " . "DATE_FORMAT(l.finalend, '%W, %b %D, %Y, %h:%i %p') AS end, " . "c.hostname, " . "i.prettyname AS prettyimage, " . "s.IPaddress, " . "l.ending " . "FROM log l, " . "image i, " . "computer c, " . "sublog s " . "WHERE l.userid = {$userdata['id']} AND " . "s.logid = l.id AND " . "i.id = s.imageid AND " . "c.id = s.computerid " . "ORDER BY l.start DESC " . "LIMIT 5";
$qh = doQuery($query, 290);
while ($row = mysql_fetch_assoc($qh)) {
array_push($requests, $row);
}
$requests = array_reverse($requests);
if (!empty($requests)) {
print "<h3>User's last " . count($requests) . " reservations:</h3>\n";
print "<table>\n";
$first = 1;
foreach ($requests as $req) {
if ($first) {
$first = 0;
} else {
print " <tr>\n";
print " <td colspan=2><hr></td>\n";
print " </tr>\n";
}
print " <tr>\n";
print " <th align=right>Image:</th>\n";
print " <td>{$req['prettyimage']}</td>\n";
print " </tr>\n";
print " <tr>\n";
print " <th align=right>Computer:</th>\n";
print " <td>{$req['hostname']}</td>\n";
print " </tr>\n";
print " <tr>\n";
print " <th align=right>Start:</th>\n";
print " <td>{$req['start']}</td>\n";
print " </tr>\n";
print " <tr>\n";
print " <th align=right>End:</th>\n";
print " <td>{$req['end']}</td>\n";
print " </tr>\n";
if ($req['IPaddress'] != '') {
print " <tr>\n";
print " <th align=right>IP Address:</th>\n";
print " <td>{$req['IPaddress']}</td>\n";
print " </tr>\n";
}
print " <tr>\n";
print " <th align=right>Ending:</th>\n";
print " <td>{$req['ending']}</td>\n";
print " </tr>\n";
}
print "</table>\n";
} else {
print "User made no reservations in the past week.<br>\n";
}
# current reservations
$requests = array();
$query = "SELECT DATE_FORMAT(rq.start, '%W, %b %D, %Y, %h:%i %p') AS start, " . "DATE_FORMAT(rq.end, '%W, %b %D, %Y, %h:%i %p') AS end, " . "rq.id AS requestid, " . "MIN(rs.id) AS reservationid, " . "c.hostname AS computer, " . "i.prettyname AS prettyimage, " . "c.IPaddress AS compIP, " . "rs.remoteIP AS userIP, " . "ch.hostname AS vmhost, " . "mn.hostname AS managementnode, " . "srq.name AS servername, " . "aug.name AS admingroup, " . "lug.name AS logingroup, " . "s1.name AS state, " . "s2.name AS laststate " . "FROM image i, " . "managementnode mn, " . "request rq " . "LEFT JOIN reservation rs ON (rs.requestid = rq.id) " . "LEFT JOIN computer c ON (rs.computerid = c.id) " . "LEFT JOIN vmhost vh ON (c.vmhostid = vh.id) " . "LEFT JOIN computer ch ON (vh.computerid = ch.id) " . "LEFT JOIN serverrequest srq ON (srq.requestid = rq.id) " . "LEFT JOIN usergroup aug ON (aug.id = srq.admingroupid) " . "LEFT JOIN usergroup lug ON (lug.id = srq.logingroupid) " . "LEFT JOIN state s1 ON (s1.id = rq.stateid) " . "LEFT JOIN state s2 ON (s2.id = rq.laststateid) " . "WHERE rq.userid = {$userdata['id']} AND " . "i.id = rs.imageid AND " . "mn.id = rs.managementnodeid " . "GROUP BY rq.id " . "ORDER BY rq.start";
$qh = doQuery($query, 290);
while ($row = mysql_fetch_assoc($qh)) {
array_push($requests, $row);
}
$requests = array_reverse($requests);
if (!empty($requests)) {
print "<h3>User's current reservations:</h3>\n";
print "<table>\n";
$first = 1;
foreach ($requests as $req) {
if ($first) {
$first = 0;
} else {
print " <tr>\n";
print " <td colspan=2><hr></td>\n";
print " </tr>\n";
}
print " <tr>\n";
print " <th align=right>Request ID:</th>\n";
print " <td>{$req['requestid']}</td>\n";
print " </tr>\n";
if ($req['servername'] != '') {
print " <tr>\n";
print " <th align=right>Reservation Name:</th>\n";
print " <td>{$req['servername']}</td>\n";
print " </tr>\n";
}
print " <tr>\n";
print " <th align=right>Image:</th>\n";
print " <td>{$req['prettyimage']}</td>\n";
print " </tr>\n";
print " <tr>\n";
print " <th align=right>State:</th>\n";
if ($req['state'] == 'pending') {
print " <td>{$req['laststate']}</td>\n";
} else {
print " <td>{$req['state']}</td>\n";
}
print " </tr>\n";
print " <tr>\n";
print " <th align=right>Computer:</th>\n";
print " <td>{$req['computer']}</td>\n";
print " </tr>\n";
if (!empty($req['vmhost'])) {
print " <tr>\n";
print " <th align=right>VM Host:</th>\n";
print " <td>{$req['vmhost']}</td>\n";
print " </tr>\n";
}
print " <tr>\n";
print " <th align=right>Start:</th>\n";
print " <td>{$req['start']}</td>\n";
print " </tr>\n";
print " <tr>\n";
print " <th align=right>End:</th>\n";
if ($req['end'] == 'Friday, Jan 1st, 2038, 12:00 AM') {
print " <td>(indefinite)</td>\n";
} else {
print " <td>{$req['end']}</td>\n";
}
print " </tr>\n";
if ($req['compIP'] != '') {
print " <tr>\n";
print " <th align=right>Node's IP Address:</th>\n";
print " <td>{$req['compIP']}</td>\n";
print " </tr>\n";
}
if ($req['userIP'] != '') {
print " <tr>\n";
print " <th align=right>User's IP Address:</th>\n";
print " <td>{$req['userIP']}</td>\n";
print " </tr>\n";
}
if ($req['admingroup'] != '') {
print " <tr>\n";
print " <th align=right>Admin Group:</th>\n";
print " <td>{$req['admingroup']}</td>\n";
print " </tr>\n";
}
if ($req['logingroup'] != '') {
print " <tr>\n";
print " <th align=right>Access Group:</th>\n";
print " <td>{$req['logingroup']}</td>\n";
print " </tr>\n";
}
print " <tr>\n";
print " <th align=right>Management Node:</th>\n";
print " <td>{$req['managementnode']}</td>\n";
print " </tr>\n";
}
print "</table>\n";
} else {
print "User does not have any current reservations.<br>\n";
}
}
print "</div>\n";
}