public static function render_page_process($PATH)
{
$account_creation_string = phoromatic_server::read_setting('account_creation_alt');
$account_creation_enabled = $account_creation_string == null;
if ($account_creation_enabled && isset($_POST['register_username']) && isset($_POST['register_password']) && isset($_POST['register_password_confirm']) && isset($_POST['register_email'])) {
$new_account = create_new_phoromatic_account($_POST['register_username'], $_POST['register_password'], $_POST['register_password_confirm'], $_POST['register_email'], isset($_POST['seed_accountid']) ? $_POST['seed_accountid'] : null);
if ($new_account) {
echo phoromatic_webui_header(array('Account Created'), '');
$box = '<h1>Account Created</h1>
<p>Your account has been created. You may now log-in to begin utilizing the Phoronix Test Suite\'s Phoromatic.</p>
<form name="login_form" id="login_form" action="?login" method="post" onsubmit="return phoromatic_login(this);">
<p><div style="width: 200px; font-weight: bold; float: left;">User:</div> <input type="text" name="username" /></p>
<p><div style="width: 200px; font-weight: bold; float: left;">Password:</div> <input type="password" name="password" /></p>
<p><div style="width: 200px; font-weight: bold; float: left;"> </div> <input type="submit" value="Submit" /></p>
</form>';
echo phoromatic_webui_box($box);
echo phoromatic_webui_footer();
}
} else {
if (isset($_POST['username']) && isset($_POST['password']) && strtolower($_POST['username']) == 'rootadmin') {
$admin_pw = phoromatic_server::read_setting('root_admin_pw');
if (empty($admin_pw)) {
echo phoromatic_webui_header(array('Action Required'), '');
$box = '<h1>Root Admin Password Not Set</h1>
<p>The root admin password has not yet been set for this system. It can be set by running on the system: <strong>phoronix-test-suite phoromatic.set-root-admin-password</strong>.</p>';
echo phoromatic_webui_box($box);
echo phoromatic_webui_footer();
return false;
} else {
if (hash('sha256', 'PTS' . $_POST['password']) != $admin_pw) {
echo phoromatic_webui_header(array('Invalid Password'), '');
$box = '<h1>Root Admin Password Incorrect</h1>
<p>The root admin password is incorrect.</p>';
echo phoromatic_webui_box($box);
echo phoromatic_webui_footer();
return false;
} else {
session_regenerate_id();
$_SESSION['UserID'] = 0;
$_SESSION['UserName'] = '******';
$_SESSION['AccountID'] = 0;
$_SESSION['AdminLevel'] = -40;
$_SESSION['CreatedOn'] = null;
$_SESSION['CoreVersionOnSignOn'] = PTS_CORE_VERSION;
session_write_close();
header('Location: /?admin');
}
}
} else {
if (isset($_POST['username']) && isset($_POST['password'])) {
$matching_user = phoromatic_server::$db->querySingle('SELECT UserName, Password, AccountID, UserID, AdminLevel, CreatedOn FROM phoromatic_users WHERE UserName = \'' . SQLite3::escapeString($_POST['username']) . '\'', true);
if (!empty($matching_user)) {
$user_id = $matching_user['UserID'];
$created_on = $matching_user['CreatedOn'];
$user = $matching_user['UserName'];
$hashed_password = $matching_user['Password'];
$account_id = $matching_user['AccountID'];
$admin_level = $matching_user['AdminLevel'];
if ($admin_level < 1) {
pts_logger::add_to_log($_SERVER['REMOTE_ADDR'] . ' attempted to log-in to a disabled account: ' . $_POST['username']);
phoromatic_error_page('Disabled Account', 'The log-in is not possible as this account has been disabled.');
return false;
}
if ($user == $_POST['username']) {
$account_salt = phoromatic_server::$db->querySingle('SELECT Salt FROM phoromatic_accounts WHERE AccountID = \'' . $account_id . '\'');
} else {
$account_salt = null;
}
if ($account_salt != null && hash('sha256', $account_salt . $_POST['password']) == $hashed_password) {
session_regenerate_id();
$_SESSION['UserID'] = $user_id;
$_SESSION['UserName'] = $user;
$_SESSION['AccountID'] = $account_id;
$_SESSION['AdminLevel'] = $admin_level;
$_SESSION['CreatedOn'] = $created_on;
$_SESSION['CoreVersionOnSignOn'] = PTS_CORE_VERSION;
$account_salt = phoromatic_server::$db->exec('UPDATE phoromatic_users SET LastIP = \'' . $_SERVER['REMOTE_ADDR'] . '\', LastLogin = \'' . phoromatic_server::current_time() . '\' WHERE UserName = "******"');
session_write_close();
pts_file_io::mkdir(phoromatic_server::phoromatic_account_path($account_id));
pts_file_io::mkdir(phoromatic_server::phoromatic_account_result_path($account_id));
pts_file_io::mkdir(phoromatic_server::phoromatic_account_system_path($account_id));
pts_file_io::mkdir(phoromatic_server::phoromatic_account_suite_path($account_id));
echo phoromatic_webui_header(array('Welcome, ' . $user), '');
$box = '<h1>Log-In Successful</h1>
<p><strong>' . $user . '</strong>, we are now redirecting you to your account portal. If you are not redirected within a few seconds, please <a href="?main">click here</a>.<script type="text/javascript">window.location.href = "?main";</script></p>';
echo phoromatic_webui_box($box);
echo phoromatic_webui_footer();
pts_logger::add_to_log($_SERVER['REMOTE_ADDR'] . ' successfully logged in as user: '******'REMOTE_ADDR'] . ' failed a log-in attempt as: ' . $_POST['username']);
phoromatic_error_page('Invalid Information', 'The user-name or password did not match our records.');
return false;
}
} else {
pts_logger::add_to_log($_SERVER['REMOTE_ADDR'] . ' failed a log-in attempt as: ' . $_POST['username']);
phoromatic_error_page('Invalid Information', 'The user-name was not found within our system.');
return false;
}
} else {
echo phoromatic_webui_header(array(), '');
$box = '<h1>Welcome</h1>
<p>You must log-in to your Phoromatic account or create an account to access this service.</p>
<p>Phoromatic is the remote management and test orchestration system for the Phoronix Test Suite. Phoromatic allows the automatic scheduling of tests, remote installation of new tests, and the management of multiple test systems over a LAN or WAN all through an intuitive, easy-to-use web interface. Tests can be scheduled to automatically run on a routine basis across multiple test systems. The test results are then available from this central, secure location.</p>
<p>Phoromatic makes it very easy to provide for automated scheduling of tests on multiple systems, is extremely extensible, allows various remote testing possibilities, makes it very trivial to manage multiple systems, and centralizes result management within an organization.</p>
<p><a href="about.php">Learn more about Phoromatic</a>.</p>
<hr />
<h1>Log-In</h1>
<form name="login_form" id="login_form" action="?login" method="post" onsubmit="return phoromatic_login(this);">
<p><div style="width: 200px; font-weight: 500; float: left;">User:</div> <input type="text" name="username" /></p>
<p><div style="width: 200px; font-weight: 500; float: left;">Password:</div> <input type="password" name="password" /></p>
<p><div style="width: 200px; font-weight: 500; float: left;"> </div> <input type="submit" value="Submit" /></p>
</form>
<hr />
<h1>Register</h1>';
if (!empty($account_creation_string)) {
$box .= '<p>' . $account_creation_string . '</p>';
} else {
$box .= '
<p>Creating a new Phoromatic account is free and easy. The public, open-source version of the Phoronix Test Suite client is limited in its Phoromatic server abilities when it comes to result management and local storage outside of the OpenBenchmarking.org cloud. For organizations looking for behind-the-firewall support and other enterprise features, <a href="http://www.phoronix-test-suite.com/?k=commercial">contact us</a>. To create a new account for this Phoromatic server, simply fill out the form below.</p>';
$box .= '<form name="register_form" id="register_form" action="?register" method="post" onsubmit="return phoromatic_initial_registration(this);">
<div style="clear: both; font-weight: 500;">
<div style="float: left; width: 25%;">Username</div>
<div style="float: left; width: 25%;">Password</div>
<div style="float: left; width: 25%;">Confirm Password</div>
<div style="float: left; width: 25%;">Email Address</div>
</div>
<div style="clear: both;">
<div style="float: left; width: 25%;"><input type="hidden" name="seed_accountid" value="' . (isset($_GET['seed_accountid']) ? $_GET['seed_accountid'] : null) . '" /><input type="text" name="register_username" /> <sup>1</sup></div>
<div style="float: left; width: 25%;"><input type="password" name="register_password" /> <sup>2</sup></div>
<div style="float: left; width: 25%;"><input type="password" name="register_password_confirm" /></div>
<div style="float: left; width: 25%;"><input type="text" name="register_email" /> <sup>3</sup><br /><br /><input type="submit" value="Create Account" /></div>
</div>
</form>';
$box .= '<p style="font-size: 11px;"><sup>1</sup> Usernames shall be at least four characters long, not contain any spaces, and only be composed of normal ASCII characters.<br />
<sup>2</sup> Passwords shall be at least six characters long.<br />
<sup>3</sup> A valid email address is required for notifications, password reset, and other verification purposes.<br />
</p>';
}
$box .= '<hr />
<h1>View Public Results</h1>
<p>For accounts that opted to share their test results publicly, you can directly <a href="public.php">view the public test results</a>.</p><hr />';
echo phoromatic_webui_box($box);
echo phoromatic_webui_footer();
}
}
}
}
public static function render_page_process($PATH)
{
if ($_SESSION['AdminLevel'] != -40) {
header('Location: /?main');
}
$main = null;
if (isset($_POST['disable_user'])) {
$stmt = phoromatic_server::$db->prepare('UPDATE phoromatic_users SET AdminLevel = (AdminLevel * -1) WHERE UserName = :user_name');
$stmt->bindValue(':user_name', $_POST['disable_user']);
$result = $stmt->execute();
$main .= '<h2>Disabled Account: ' . $_POST['disable_user'] . '</h2>';
} else {
if (isset($_POST['register_username']) && isset($_POST['register_password']) && isset($_POST['register_password_confirm']) && isset($_POST['register_email'])) {
$new_account = create_new_phoromatic_account($_POST['register_username'], $_POST['register_password'], $_POST['register_password_confirm'], $_POST['register_email'], isset($_POST['seed_accountid']) ? $_POST['seed_accountid'] : null);
}
}
$main .= '<h1>Phoromatic Server Administration</h1>';
$main .= '<hr /><h2>Server Information</h2>';
$main .= '<p><strong>HTTP Server Port:</strong> ' . getenv('PTS_WEB_PORT') . '<br /><strong>WebSocket Server Port:</strong> ' . getenv('PTS_WEBSOCKET_PORT') . '<br /><strong>Phoromatic Server Path:</strong> ' . phoromatic_server::phoromatic_path() . '<br /><strong>Configuration File:</strong>: ' . pts_config::get_config_file_location() . '</p>';
$main .= '<hr /><h2>Statistics</h2>';
$stmt = phoromatic_server::$db->prepare('SELECT COUNT(Title) AS SystemCount FROM phoromatic_systems WHERE State >= 0');
$result = $stmt->execute();
$row = $result->fetchArray();
$stats['Total System Count'] = $row['SystemCount'];
$stmt = phoromatic_server::$db->prepare('SELECT COUNT(Title) AS ScheduleCount FROM phoromatic_schedules WHERE State >= 1');
$result = $stmt->execute();
$row = $result->fetchArray();
$stats['Total Schedule Count'] = $row['ScheduleCount'];
$stmt = phoromatic_server::$db->prepare('SELECT COUNT(UploadID) AS ResultCount FROM phoromatic_results');
$result = $stmt->execute();
$row = $result->fetchArray();
$stats['Total Result Count'] = $row['ResultCount'];
$stmt = phoromatic_server::$db->prepare('SELECT COUNT(ActivityTime) AS ActivityCount FROM phoromatic_activity_stream');
$stmt->bindValue(':today_date', date('Y-m-d') . '%');
$result = $stmt->execute();
$row = $result->fetchArray();
$stats['Total Activity Count'] = $row['ActivityCount'];
$main .= '<p>';
foreach ($stats as $what => $c) {
$main .= '<strong>' . $what . ':</strong> ' . $c . '<br />';
}
$main .= '<hr /><h2>Account Topology</h2>';
$stmt = phoromatic_server::$db->prepare('SELECT * FROM phoromatic_users ORDER BY AccountID,AdminLevel ASC');
$result = $stmt->execute();
$plevel = -1;
$user_list = array();
while ($row = $result->fetchArray()) {
switch ($row['AdminLevel']) {
case 1:
$level = 'Group Administrator';
$offset = null;
break;
case 2:
$level = 'Administrator';
$offset = str_repeat('-', 10);
break;
case 3:
$level = 'Power User';
$offset = str_repeat('-', 20);
break;
case 10:
$level = 'Viewer';
$offset = str_repeat('-', 30);
break;
default:
if ($row['AdminLevel'] < 1) {
$level = 'Disabled';
} else {
$level = 'Unknown';
}
$offset = null;
break;
}
if ($row['AdminLevel'] == 1) {
if ($plevel != -1) {
$main .= '</p>';
}
$main .= '<p>';
}
$main .= $offset . ' <strong>' . $row['UserName'] . '</strong> (<em>' . $level . '</em>) <strong>Created On:</strong> ' . phoromatic_user_friendly_timedate($row['CreatedOn']) . ' <strong>Last Log-In:</strong> ' . ($row['LastLogin'] != null ? phoromatic_user_friendly_timedate($row['LastLogin']) : 'N/A') . ($row['AdminLevel'] == 1 ? ' [<strong>ACCOUNT ID:</strong> ' . $row['AccountID'] . ']' : null) . '<br />';
$plevel = $row['AdminLevel'];
$user_list[$row['UserName']] = $row['AdminLevel'];
}
if ($plevel != -1) {
$main .= '</p>';
}
$main .= '<hr /><h2>Disable Account</h2>';
$main .= '<form action="' . $_SERVER['REQUEST_URI'] . '" name="disable_user" id="disable_user" method="post"><p><select name="disable_user">';
foreach ($user_list as $user_name => $user_level) {
if ($user_level > 0) {
$main .= '<option value="' . $user_name . '">' . $user_name . '</option>';
}
}
$main .= '</select></p><p><input name="submit" value="Disable User" type="submit" /></p></form>';
$main .= '<hr /><h2>Create New Account Group</h2>';
$main .= '<form name="register_form" id="register_form" action="?admin" method="post" onsubmit="return phoromatic_initial_registration(this);">
<h3>Username</h3>
<p><input type="text" name="register_username" /> <sup>1</sup></p>
<h3>Password</h3>
<p><input type="password" name="register_password" /> <sup>2</sup></p>
<h3>Confirm Password</h3>
<p><input type="password" name="register_password_confirm" /></p>
<h3>Email</h3>
<p><input type="text" name="register_email" /> <sup>3</sup></p>
<h3>Account ID</h3>
<p><input type="text" name="seed_accountid" /> <sup>4</sup></p>
<p><input type="submit" value="Create Account" /></p>
</form>
<p style="font-size: 11px;"><sup>1</sup> Usernames shall be at least four characters long, not contain any spaces, and only be composed of normal ASCII characters.<br />
<sup>2</sup> Passwords shall be at least six characters long.<br />
<sup>3</sup> A valid email address is required for notifications, password reset, and other verification purposes.<br />
<sup>4</sup> The account ID field is optional and is used to pre-seed the account identifier for advanced purposes. The field must be six characters. Leave this field blank if you are unsure.<br />
</p>';
//
$server_log = explode(PHP_EOL, file_get_contents(getenv('PTS_PHOROMATIC_LOG_LOCATION')));
foreach ($server_log as $i => $line_item) {
if (strpos($line_item, '[200]') !== false || strpos($line_item, '[302]') !== false) {
unset($server_log[$i]);
}
}
$server_log = implode(PHP_EOL, $server_log);
$main .= '<hr /><h2>Phoromatic Server Log</h2>';
$main .= '<p><textarea style="width: 80%; height: 400px;">' . $server_log . '</textarea></p>';
echo phoromatic_webui_header_logged_in();
echo phoromatic_webui_main($main, phoromatic_webui_right_panel_logged_in());
echo phoromatic_webui_footer();
}
