* Licensed under the Apache License, Version 2.0 (the "License"); you may * not use this file except in compliance with the License. You may obtain * a copy of the License at <http://www.apache.org/licenses/LICENSE-2.0> * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * * $Id: databases.php 2459 2009-08-10 21:20:41Z pieterb $ **************************************************************************/ /** * File documentation. * @package Portal */ require_once 'include/global.php'; REST::require_method('GET', 'HEAD'); $user_id = Portal_User::current()->user_id(); $result = Portal_MySQL::query(<<<EOS SELECT DISTINCT `name` FROM `Database` WHERE `is_shared` > 0 OR `user_id` = {$user_id} EOS ); $action = REST::htmlspecialchars($_SERVER['REQUEST_URI']); $directory = RESTDir::factory('Available databases (by name)'); while ($row = $result->fetch_row()) { $directory->line($row[0] . '/'); } $directory->end();
REST::fatal(REST::HTTP_BAD_REQUEST, 'Missing (one of) required parameters "email" and "password"'); } $dn = Portal_User::csa_dn(); if (empty($dn)) { REST::fatal(REST::HTTP_NOT_FOUND); } $escemail = Portal_MySQL::escape_string($_GET['email']); $md5password = md5($_GET['password']); $escdn = Portal_MySQL::escape_string($dn); Portal_MySQL::real_query(<<<EOS DELETE FROM `User` WHERE `user_dn` = {$escdn} AND `user_email` <> {$escemail}; EOS ); Portal_MySQL::real_query(<<<EOS UPDATE `User` SET `user_dn` = {$escdn} WHERE `user_email` = {$escemail} AND `user_password` = '{$md5password}'; EOS ); if (!Portal_MySQL::mysql()->affected_rows) { Portal_User::unauthorized(); } $url = REST::htmlspecialchars(Portal::portalURL()); REST::fatal(REST::HTTP_OK, <<<EOS <p>Registration complete.</p> <p>You can now start <a href="{$url}">using the GridApps web service</a>.</p> EOS );
public static function recordRequest($url, $ip = '') { $user_id = Portal_MySQL::escape_string(Portal_User::current()->user_id()); $esc_url = Portal_MySQL::escape_string($url); $esc_ip = Portal_MySQL::escape_string($ip); Portal_MySQL::real_query(<<<EOS INSERT INTO `Statistics` (`requested_url`, `request_origin`, `user_id`) VALUES ({$esc_url}, {$esc_ip}, {$user_id}); EOS ); }
// Check the email address for syntax: $_GET['email'] = strtolower($_GET['email']); if (!preg_match('/^[\\w\\d\\-.]+@[\\w\\d\\-]+(?:\\.[\\w\\d\\-]+)*\\.\\w+$/', $_GET['email'])) { REST::fatal(REST::HTTP_BAD_REQUEST, '<p>"' . REST::htmlspecialchars($_GET['email']) . '" is not a well-formed e-mail address.</p>'); } // Check the name: $_GET['name'] = preg_replace('/\\s+/', ' ', trim($_GET['name'])); if ($_GET['name'] === '') { REST::fatal(REST::HTTP_BAD_REQUEST, '<p>Please provide a display name.</p>'); } $escemail = Portal_MySQL::escape_string($_GET['email']); $escname = Portal_MySQL::escape_string($_GET['name']); // $dn = ($_SERVER['SERVER_PORT'] == Portal::PORT_SSL_CSA) // ? Portal_User::csa_dn() : null; // $escdn = Portal_MySQL::escape_string($dn); $password = Portal_User::createPassword(); $md5password = md5($password); Portal_MySQL::real_query(<<<EOS INSERT INTO `User` (`user_email`, `user_name`, `user_password`) VALUES ({$escemail}, {$escname}, '{$md5password}') ON DUPLICATE KEY UPDATE `user_name` = {$escname}, `user_password` = '{$md5password}'; EOS ); $csa_confirm = 'https://' . $_SERVER['SERVER_NAME'] . ':' . Portal::PORT_SSL_CSA . Portal::portalURL() . 'csaconfirm?email=' . urlencode($_GET['email']) . '&password='******'email'], 'Access to ' . $_SERVER['SERVER_NAME'], <<<EOS Hi {$_GET['name']}, These are the credentials you may use for the Grid Application Portal:
/** * @param bool $required * @return Portal_User */ public static function current() { if (self::$current === null) { switch ($_SERVER['SERVER_PORT']) { case Portal::PORT_PLAIN: self::unauthorized(); break; // strictly unnecessary, but syntactically nicer. // strictly unnecessary, but syntactically nicer. case Portal::PORT_SSL: if (!isset($_SERVER['PHP_AUTH_USER'])) { self::unauthorized(); } $user_email = Portal_MySQL::escape_string($_SERVER['PHP_AUTH_USER']); $user_password = md5($_SERVER['PHP_AUTH_PW']); $result = Portal_MySQL::query(<<<EOS SELECT `user_id`, `user_name`, `user_dn` FROM `User` WHERE `user_email` = {$user_email} AND `user_password`= '{$user_password}'; EOS ); if (!($row = $result->fetch_row())) { self::unauthorized(); } self::$current = new Portal_User((int) $row[0], $_SERVER['PHP_AUTH_USER'], $row[1], $row[2]); break; case Portal::PORT_SSL_CSA: $user_dn = self::csa_dn(); if (isset($_SERVER['PHP_AUTH_USER']) && (int) $_SERVER['PHP_AUTH_USER'] > 0 && preg_match('@^/O=dutchgrid/O=users/O=sara/CN=(?:Evert Lammerts|Pieter van Beek)@', $_SERVER['SSL_CLIENT_S_DN'])) { $esc_user_id = (int) $_SERVER['PHP_AUTH_USER']; $result = Portal_MySQL::query(<<<EOS SELECT `user_email`, `user_name`, `user_dn` FROM `User` WHERE `user_id` = {$esc_user_id}; EOS ); if (!($row = $result->fetch_row())) { REST::fatal(REST::HTTP_UNAUTHORIZED, "No such user id: {$esc_user_id}"); } self::$current = new Portal_User($esc_user_id, $row[1], $row[0], $row[2], true); } else { $esc_user_dn = Portal_MySQL::escape_string($user_dn); $result = Portal_MySQL::query(<<<EOS SELECT `user_id`, `user_email`, `user_name` FROM `User` WHERE `user_dn` = {$esc_user_dn}; EOS ); if (!($row = $result->fetch_row())) { self::unauthorized(); } self::$current = new Portal_User($row[0], $row[2], $row[1], $user_dn); } break; default: REST::fatal(REST::HTTP_INTERNAL_SERVER_ERROR); } } return self::$current; }
EOS ); exec("cd '{$sandbox}'; find -mindepth 1 -maxdepth 1 -print0 | xargs -0 tar zcf {$TEMPNAM}.tgz", $output, $return_var); if ($return_var) { $output = implode("\n", $output); REST::fatal(REST::HTTP_INTERNAL_SERVER_ERROR, $output); } $tokenhandle = fopen("{$TEMPNAM}.tgz", 'r'); try { $token_url = Topos::putTokenFile($tokenhandle, 'application/x-compressed-tar'); } catch (Exception $e) { fclose($tokenhandle); throw $e; } fclose($tokenhandle); $token_id = basename($token_url); Portal_MySQL::real_query(<<<EOS INSERT INTO `Token` ( `token_id`, `user_id` ) VALUES ( {$token_id}, {$user_id} ); EOS ); $resultURL = REST::urlbase() . Portal::portalURL() . "jobstates/{$token_id}"; REST::created($resultURL); } Portal_User::current(); REST::header(array('Content-Type' => REST::best_xhtml_type())); echo Portal::html_start("{$appname}-{$appversion}") . '<form action="' . $appversion . '" method="post" enctype="multipart/form-data">'; $portlet->doGET(); echo '</form>' . Portal::html_end();
/** * Get a list of available databases, given a set of database types. * @param $name... string the name(s) of the database types. * @return string an x fragment, to be put inside a select element. */ public static function availableDatabases() { $dbTypes = func_get_args(); if (empty($dbTypes)) { return array(); } foreach ($dbTypes as $key => $value) { $dbTypes[$key] = self::databaseTypeIDByName($value); } $dbTypes = implode(',', $dbTypes); $user_id = Portal_User::current()->user_id(); $result = Portal_MySQL::query(<<<EOS SELECT `d`.`name`, `d`.`version`, `d`.`type`, `u`.`user_name`, `d`.`database_id` FROM `Database` AS d LEFT JOIN `User` AS u USING(`user_id`) WHERE (`d`.`is_shared` > 0 OR `d`.`user_id` = {$user_id}) AND `d`.`type` IN({$dbTypes}); EOS ); $sorter = array(); while ($row = $result->fetch_row()) { $extension = self::databaseTypeExtension($row[2]); $sorter[$row[3]]["{$row[0]}-{$row[1]}.{$extension}"] = REST::urlencode(Portal::portalURL() . 'databases/' . $row[0] . '/' . $row[1] . '/' . $row[4] . '.' . $extension); } $user_names = array_keys($sorter); natsort($user_names); $retval = ''; foreach ($user_names as $user_name) { $retval .= "\n<optgroup label=\"" . htmlentities($user_name) . "\">"; $dbnames = array_keys($sorter[$user_name]); natsort($dbnames); foreach ($dbnames as $dbname) { $retval .= "\n<option value=\"" . $sorter[$user_name][$dbname] . "\">{$dbname}</option>"; } $retval .= "\n</optgroup>"; } return $retval; }