function processBlockRequestInput($checks = 1) { global $submitErr, $submitErrMsg, $mode, $user, $days; $return = array(); $return['blockname'] = getContinuationVar("blockname", processInputVar("blockname", ARG_STRING)); $return['imageid'] = getContinuationVar("imageid", processInputVar("imageid", ARG_NUMERIC)); $return['machinecnt'] = getContinuationVar("machinecnt", processInputVar("machinecnt", ARG_NUMERIC, 0)); $return['swhour'] = getContinuationVar("swhour", processInputVar("swhour", ARG_MULTINUMERIC)); $return['swminute'] = getContinuationVar("swminute", processInputVar("swminute", ARG_MULTINUMERIC)); $return['swmeridian'] = getContinuationVar("swmeridian", processInputVar("swmeridian", ARG_MULTISTRING)); $return['ewhour'] = getContinuationVar("ewhour", processInputVar("ewhour", ARG_MULTINUMERIC)); $return['ewminute'] = getContinuationVar("ewminute", processInputVar("ewminute", ARG_MULTINUMERIC)); $return['ewmeridian'] = getContinuationVar("ewmeridian", processInputVar("ewmeridian", ARG_MULTISTRING)); $return['smhour'] = getContinuationVar("smhour", processInputVar("smhour", ARG_MULTINUMERIC)); $return['smminute'] = getContinuationVar("smminute", processInputVar("smminute", ARG_MULTINUMERIC)); $return['smmeridian'] = getContinuationVar("smmeridian", processInputVar("smmeridian", ARG_MULTISTRING)); $return['emhour'] = getContinuationVar("emhour", processInputVar("emhour", ARG_MULTINUMERIC)); $return['emminute'] = getContinuationVar("emminute", processInputVar("emminute", ARG_MULTINUMERIC)); $return['emmeridian'] = getContinuationVar("emmeridian", processInputVar("emmeridian", ARG_MULTISTRING)); $return['slhour'] = getContinuationVar("slhour", processInputVar("slhour", ARG_MULTINUMERIC)); $return['slminute'] = getContinuationVar("slminute", processInputVar("slminute", ARG_MULTINUMERIC)); $return['slmeridian'] = getContinuationVar("slmeridian", processInputVar("slmeridian", ARG_MULTISTRING)); $return['elhour'] = getContinuationVar("elhour", processInputVar("elhour", ARG_MULTINUMERIC)); $return['elminute'] = getContinuationVar("elminute", processInputVar("elminute", ARG_MULTINUMERIC)); $return['elmeridian'] = getContinuationVar("elmeridian", processInputVar("elmeridian", ARG_MULTISTRING)); $return['weeknum'] = getContinuationVar("weeknum", processInputVar("weeknum", ARG_NUMERIC)); $return['day'] = getContinuationVar("day", processInputVar("day", ARG_NUMERIC)); $return['date'] = getContinuationVar("date", processInputVar("date", ARG_MULTISTRING)); $return['available'] = getContinuationVar("available", processInputVar("available", ARG_STRING, 'weekly')); $return['usergroupid'] = getContinuationVar("usergroupid", processInputVar("usergroupid", ARG_NUMERIC)); $return['admingroupid'] = getContinuationVar("admingroupid", processInputVar("admingroupid", ARG_NUMERIC)); $return['swdate'] = getContinuationVar("swdate", processInputVar("swdate", ARG_STRING)); $return['ewdate'] = getContinuationVar("ewdate", processInputVar("ewdate", ARG_STRING)); $return['smdate'] = getContinuationVar("smdate", processInputVar("smdate", ARG_STRING)); $return['emdate'] = getContinuationVar("emdate", processInputVar("emdate", ARG_STRING)); $return['wdays'] = getContinuationVar("wdays", processInputVar("wdays", ARG_MULTISTRING)); $return['state'] = getContinuationVar("state", 0); $return['blockRequestid'] = getContinuationVar("blockRequestid", processInputVar("blockRequestid", ARG_NUMERIC)); $return['wdayschecked'] = array(); foreach ($days as $day) { if (in_array($day, $return['wdays'])) { $return['wdayschecked'][$day] = 'checked'; } else { $return['wdayschecked'][$day] = ''; } } if (!$checks) { return $return; } if (!preg_match('/^([-a-zA-Z0-9\\. ]){3,80}$/', $return["blockname"])) { $submitErr |= BLOCKNAMEERR; $submitErrMsg[BLOCKNAMEERR] = "Name can only contain letters, numbers, spaces, dashes(-),<br>and periods(.) and can be from 3 to 80 characters long"; } $resources = getUserResources(array("imageAdmin", "imageCheckOut")); $resources["image"] = removeNoCheckout($resources["image"]); if (!in_array($return['imageid'], array_keys($resources['image']))) { $submitErr |= IMAGEIDERR; $submitErrMsg[IMAGEIDERR] = "The submitted image is invalid."; } if ($return['machinecnt'] < MIN_BLOCK_MACHINES) { $submitErr |= BLOCKCNTERR; $submitErrMsg[BLOCKCNTERR] = "You must request at least " . MIN_BLOCK_MACHINES . " machines"; } elseif ($return['machinecnt'] > MAX_BLOCK_MACHINES) { $submitErr |= BLOCKCNTERR; $submitErrMsg[BLOCKCNTERR] = "You cannot request more than " . MAX_BLOCK_MACHINES . " machines"; } // FIXME should we limit the course groups that show up? $groups = getUserGroups(); if (!array_key_exists($return['usergroupid'], $groups)) { $submitErr |= USERGROUPIDERR; $submitErrMsg[USERGROUPIDERR] = "The submitted user group is invalid."; } if (!array_key_exists($return['admingroupid'], $groups) && $return['admingroupid'] != 0) { $submitErr |= ADMINGROUPIDERR; $submitErrMsg[ADMINGROUPIDERR] = "The submitted user group is invalid."; } if ($return['available'] == 'weekly') { $keys = array('1' => 'swhour', '2' => 'ewhour', '3' => 'swminute', '4' => 'ewminute', '5' => 'swmeridian', '6' => 'ewmeridian', '7' => 'swdate', '8' => 'ewdate'); // check days of week foreach ($return['wdays'] as $index => $day) { if (!in_array($day, $days)) { unset($return['wdays'][$index]); } } /*foreach($days as $day) { if(in_array($day, $return['wdays'])) $return['wdayschecked'][$day] = 'checked'; }*/ if (!count($return['wdays'])) { $submitErr |= STARTDAYERR; $submitErrMsg[STARTDAYERR] = "You must select at least one day of the week"; } } elseif ($return['available'] == 'monthly') { $keys = array('1' => 'smhour', '2' => 'emhour', '3' => 'smminute', '4' => 'emminute', '5' => 'smmeridian', '6' => 'emmeridian', '7' => 'smdate', '8' => 'emdate'); // check weeknum if ($return['weeknum'] < 1 || $return['weeknum'] > 5) { $submitErr |= WEEKNUMERR; $submitErrMsg[WEEKNUMERR] = "Invalid week of the month submitted"; } // check day if ($return['day'] < 1 || $return['day'] > 7) { $submitErr |= DAYERR; $submitErrMsg[DAYERR] = "Invalid day of the week submitted"; } } elseif ($return['available'] == 'list') { $keys = array('1' => 'slhour', '2' => 'elhour', '3' => 'slminute', '4' => 'elminute', '5' => 'slmeridian', '6' => 'elmeridian'); } // check each timeslot for ($i = 0; $i < 4; $i++) { $submitErrMsg[STARTHOURERR][$i] = ""; $submitErrMsg[ENDHOURERR][$i] = ""; // start hour if ($return[$keys[1]][$i] < 1 || $return[$keys[1]][$i] > 12) { $submitErr |= STARTHOURERR; $submitErrMsg[STARTHOURERR][$i] = "The start hour must be between 1 and 12."; } // end hour if ($return[$keys[2]][$i] < 1 || $return[$keys[2]][$i] > 12) { $submitErr |= ENDHOURERR; $submitErrMsg[ENDHOURERR][$i] = " The end hour must be between 1 and 12."; } // start minute if ($return[$keys[3]][$i] < 0 || $return[$keys[3]][$i] > 59) { $submitErr |= STARTHOURERR; // we reuse STARTHOURERR here, it overwrites the last one, but oh well $submitErrMsg[STARTHOURERR][$i] = "The start minute must be between 0 and 59."; } // end minute if ($return[$keys[4]][$i] < 0 || $return[$keys[4]][$i] > 59) { $submitErr |= ENDHOURERR; $submitErrMsg[ENDHOURERR][$i] = " The end minute must be between 0 and 59."; } // start meridian if ($return[$keys[5]][$i] != 'am' && $return[$keys[5]][$i] != 'pm') { $return[$keys[5]][$i] = 'pm'; // just set it to one of them } // end meridian if ($return[$keys[6]][$i] != 'am' && $return[$keys[6]][$i] != 'pm') { $return[$keys[6]][$i] = 'am'; // just set it to one of them } // check that start is before end $return['stime'][$i] = minuteOfDay2("{$return[$keys[1]][$i]}:{$return[$keys[3]][$i]} {$return[$keys[5]][$i]}"); $return['etime'][$i] = minuteOfDay2("{$return[$keys[2]][$i]}:{$return[$keys[4]][$i]} {$return[$keys[6]][$i]}"); if ($return['stime'][$i] > $return['etime'][$i]) { $submitErr |= STARTHOURERR; // we reuse STARTHOURERR here, it overwrites the last one, but oh well $submitErrMsg[STARTHOURERR][$i] = "The start time must be before the end time (or be equal to ignore this slot)"; } } if ($return['available'] == 'weekly' || $return['available'] == 'monthly') { // check that timeslots do not overlap if (!($submitErr & STARTHOURERR) && !($submitErr & ENDHOURERR)) { for ($i = 0; $i < 4; $i++) { for ($j = $i + 1; $j < 4; $j++) { if ($return['etime'][$i] > $return['stime'][$j] && $return['stime'][$i] < $return['etime'][$j]) { $submitErr |= STARTHOURERR; $submitErrMsg[STARTHOURERR][$i] = "This timeslot overlaps with Slot" . ($j + 1); } } } } // check that start date is valid $startarr = split('/', $return[$keys[7]]); if (!preg_match('/^((\\d){1,2})\\/((\\d){1,2})\\/(\\d){2}$/', $return[$keys[7]])) { $submitErr |= STARTDATEERR; $submitErrMsg[STARTDATEERR] = "The start date must be in the form mm/dd/yy."; } elseif (!checkdate($startarr[0], $startarr[1], $startarr[2])) { $submitErr |= STARTDATEERR; $submitErrMsg[STARTDATEERR] = "This is an invalid date."; } elseif (datetimeToUnix("{$startarr[2]}-{$startarr[0]}-{$startarr[1]} 23:59:59") < time()) { $submitErr |= STARTDATEERR; $submitErrMsg[STARTDATEERR] = "The start date must be today or later."; } // check that end date is valid $endarr = split('/', $return[$keys[8]]); if (!preg_match('/^((\\d){1,2})\\/((\\d){1,2})\\/(\\d){2}$/', $return[$keys[8]])) { $submitErr |= ENDDATEERR; $submitErrMsg[ENDDATEERR] = "The end date must be in the form mm/dd/yy."; } elseif (!checkdate($endarr[0], $endarr[1], $endarr[2])) { $submitErr |= ENDDATEERR; $submitErrMsg[ENDDATEERR] = "This is an invalid date."; } elseif (datetimeToUnix("{$startarr[2]}-{$startarr[0]}-{$startarr[1]} 00:00:00") > datetimeToUnix("{$endarr[2]}-{$endarr[0]}-{$endarr[1]} 00:00:00")) { $submitErr |= ENDDATEERR; $submitErrMsg[ENDDATEERR] = "The end date must be later than the start date."; } } elseif ($return['available'] == 'list') { if (!($submitErr & STARTHOURERR) && !($submitErr & ENDHOURERR)) { // check date[1-n] for ($i = 0; $i < 4; $i++) { $submitErrMsg[STARTDATEERR][$i] = ""; if ($return['stime'][$i] == $return['etime'][$i]) { continue; } $submitErrMsg[STARTDATEERR][$i] = ""; $datearr = split('/', $return['date'][$i]); if (!preg_match('/^((\\d){1,2})\\/((\\d){1,2})\\/(\\d){2}$/', $return['date'][$i])) { $submitErr |= STARTDATEERR; $submitErrMsg[STARTDATEERR][$i] = "The date must be in the form mm/dd/yy."; } elseif (!checkdate($datearr[0], $datearr[1], $datearr[2])) { $submitErr |= STARTDATEERR; $submitErrMsg[STARTDATEERR][$i] = "Invalid date submitted."; } elseif (datetimeToUnix("{$datearr[2]}-{$datearr[0]}-{$datearr[1]} 23:59:59") < time()) { $submitErr |= STARTDATEERR; $submitErrMsg[STARTDATEERR][$i] = "The date must be today or later."; } } } } if (0) { # FIXME $submitErr |= AVAILABLEERR; $submitErrMsg[AVAILABLEERR] = "The submitted availability selection is invalid."; } return $return; }
function confirmEditOrAddImage($state) { global $submitErr, $user; $data = processImageInput(1); if ($submitErr) { editOrAddImage($state); return; } if (get_magic_quotes_gpc()) { $data['description'] = stripslashes($data['description']); $data['usage'] = stripslashes($data['usage']); $data['comments'] = stripslashes($data['comments']); } $groups = getUserGroups(); $groups[0] = array("name" => "Any"); if (!$state) { $images = getImages(); } if ($state) { $nextmode = "imageClickThroughAgreement"; $title = "Add Image"; $question = "Add the following image?"; } else { $nextmode = "submitEditImage"; $title = "Edit Image"; $question = "Submit changes to the image?"; } $platforms = getPlatforms(); $oslist = getOSList(); print "<FORM action=\"" . BASEURL . SCRIPT . "\" method=post>\n"; print "<DIV align=center>\n"; print "<H2>{$title}</H2>\n"; print "{$question}<br><br>\n"; print "<TABLE>\n"; if (!$state) { /*print " <TR>\n"; print " <TH align=right>Short Name:</TH>\n"; print " <TD>" . $data["name"] . "</TD>\n"; print " </TR>\n";*/ } print " <TR>\n"; print " <TH align=right>Name:</TH>\n"; print " <TD>" . $data["prettyname"] . "</TD>\n"; print " </TR>\n"; print " <TR>\n"; print " <TH align=right>Owner:</TH>\n"; print " <TD>" . $data["owner"] . "</TD>\n"; print " </TR>\n"; /*print " <TR>\n"; print " <TH align=right>Platform:</TH>\n"; print " <TD>" . $platforms[$data["platformid"]] . "</TD>\n"; print " </TR>\n"; print " <TR>\n"; print " <TH align=right>OS:</TH>\n"; print " <TD>" . $oslist[$data["osid"]]["prettyname"] . "</TD>\n"; print " </TR>\n";*/ print " <TR>\n"; print " <TD colspan=2>\n"; print "<br><strong>Image Description</strong>:<br>\n"; print "{$data['description']}<br><br>\n"; print "<strong>Usage Notes</strong>:<br>\n"; print "{$data['usage']}<br><br>\n"; if ($state) { print "<strong>Revision Comments</strong>:<br>\n"; print "{$data['comments']}<br><br>\n"; } print " </TD>\n"; print " </TR>\n"; print "</TABLE>\n"; print "<TABLE>\n"; print " <TR>\n"; print " <TD colspan=2><strong>Advanced Options</strong>:</TD>\n"; print " </TR>\n"; print " <TR>\n"; print " <TD colspan=2><hr></TD>\n"; print " </TR>\n"; print " <TR>\n"; print " <TH align=right>Minimum RAM (MB):</TH>\n"; print " <TD>" . $data["minram"] . "</TD>\n"; print " </TR>\n"; print " <TR>\n"; print " <TH align=right>Minimum Num of Processors:</TH>\n"; print " <TD>" . $data["minprocnumber"] . "</TD>\n"; print " </TR>\n"; print " <TR>\n"; print " <TH align=right>Minimum Processor Speed (MHz):</TH>\n"; print " <TD>" . $data["minprocspeed"] . "</TD>\n"; print " </TR>\n"; print " <TR>\n"; print " <TH align=right>Minimum Network Speed (Mbps):</TH>\n"; print " <TD>" . $data["minnetwork"] . "</TD>\n"; print " </TR>\n"; print " <TR>\n"; print " <TH align=right>Maximum Concurrent Usage:</TH>\n"; if ($data['maxconcurrent'] == '') { print " <TD>N/A</TD>\n"; } else { print " <TD>" . $data["maxconcurrent"] . "</TD>\n"; } print " </TR>\n"; if (!$state) { print " <TR>\n"; print " <TH align=right>Estimated Reload Time (min):</TH>\n"; print " <TD>" . $data["reloadtime"] . "</TD>\n"; print " </TR>\n"; } print " <TR>\n"; print " <TH align=right>Available for checkout:</TH>\n"; if ($data["forcheckout"]) { print " <TD>Yes</TD>\n"; } else { print " <TD>No</TD>\n"; } print " </TR>\n"; print " <TR>\n"; print " <TH align=right>Check for logged in user:</TH>\n"; if ($data["checkuser"]) { print " <TD>Yes</TD>\n"; } else { print " <TD>No</TD>\n"; } print " </TR>\n"; if ($user["adminlevel"] == "developer" || $user['adminlevel'] == 'full') { print " <TR>\n"; print " <TH align=right>User group allowed to log in:</TH>\n"; $tmp = explode('@', $groups[$data["usergroupid"]]["name"]); if (array_key_exists(1, $tmp) && $tmp[1] != $user['affiliation']) { print " <TD>" . $groups[$data["usergroupid"]]["name"] . "</TD>\n"; } else { print " <TD>{$tmp[0]}</TD>\n"; } print " </TR>\n"; } if (!$state) { print " <TR>\n"; print " <TH style=\"vertical-align:top; text-align:right;\">Subimages:</TH>\n"; print " <TD>\n"; if (array_key_exists("subimages", $images[$data["imageid"]]) && count($images[$data["imageid"]]["subimages"])) { foreach ($images[$data["imageid"]]["subimages"] as $imgid) { print "{$images[$imgid]["prettyname"]}<br>\n"; } } else { print "None"; } print " </TD>\n"; print " </TR>\n"; } else { print " <TR>\n"; print " <TH align=right>Use sysprep:</TH>\n"; if ($data["sysprep"]) { print " <TD>Yes</TD>\n"; } else { print " <TD>No</TD>\n"; } print " </TR>\n"; } print " <TR>\n"; print " <TD colspan=2><hr></TD>\n"; print " </TR>\n"; print "</TABLE>\n"; print "<TABLE>\n"; print " <TR valign=top>\n"; print " <TD>\n"; $data['description'] = mysql_escape_string($data['description']); $data['usage'] = mysql_escape_string($data['usage']); $data['comments'] = mysql_escape_string($data['comments']); if ($state) { $data['nextmode'] = 'submitAddImage'; $cont = addContinuationsEntry($nextmode, $data, SECINDAY, 0); } else { $cont = addContinuationsEntry($nextmode, $data, SECINDAY, 0, 0); } print " <INPUT type=hidden name=continuation value=\"{$cont}\">\n"; if ($state) { print " <INPUT type=submit value=\"Add Image\">\n"; } else { print " <INPUT type=submit value=\"Submit Changes\">\n"; } print " </FORM>\n"; print " </TD>\n"; print " <TD>\n"; print " <FORM action=\"" . BASEURL . SCRIPT . "\" method=post>\n"; if ($state) { $cont = addContinuationsEntry('viewRequests'); } else { $cont = addContinuationsEntry('viewImages'); } print " <INPUT type=hidden name=continuation value=\"{$cont}\">\n"; print " <INPUT type=submit value=Cancel>\n"; print " </FORM>\n"; print " </TD>\n"; print " </TR>\n"; print "</TABLE>\n"; }
function getUserMaxTimes($uid = 0) { global $user; $return = array("initial" => 0, "total" => 0, "extend" => 0); if ($uid == 0) { $groupids = array_keys($user["groups"]); } else { $groupids = array_keys(getUsersGroups($uid, 1)); } if (!count($groupids)) { array_push($groupids, getUserGroupID(DEFAULTGROUP)); } $allgroups = getUserGroups(); foreach ($groupids as $id) { if ($return["initial"] < $allgroups[$id]["initialmaxtime"]) { $return["initial"] = $allgroups[$id]["initialmaxtime"]; } if ($return["total"] < $allgroups[$id]["totalmaxtime"]) { $return["total"] = $allgroups[$id]["totalmaxtime"]; } if ($return["extend"] < $allgroups[$id]["maxextendtime"]) { $return["extend"] = $allgroups[$id]["maxextendtime"]; } } return $return; }
function XMLRPCblockAllocation($imageid, $start, $end, $numMachines, $usergroupid, $ignoreprivileges = 0) { global $user, $xmlrpcBlockAPIUsers; if (!in_array($user['id'], $xmlrpcBlockAPIUsers)) { return array('status' => 'error', 'errorcode' => 34, 'errormsg' => 'access denied for managing block allocations'); } # valid $imageid $resources = getUserResources(array("imageAdmin", "imageCheckOut")); $resources["image"] = removeNoCheckout($resources["image"]); if (!array_key_exists($imageid, $resources['image'])) { return array('status' => 'error', 'errorcode' => 3, 'errormsg' => "access denied to {$imageid}"); } # validate $start and $end $dtreg = '([0-9]{4})-([0-9]{2})-([0-9]{2}) ([0-9]{2}):([0-9]{2}):([0-9]{2})'; $startts = datetimeToUnix($start); $endts = datetimeToUnix($end); $maxend = datetimeToUnix("2038-01-01 00:00:00"); if (!preg_match("/^{$dtreg}\$/", $start) || $startts < 0 || $startts > $maxend) { return array('status' => 'error', 'errorcode' => 4, 'errormsg' => "received invalid input for start"); } if (!preg_match("/^{$dtreg}\$/", $end) || $endts < 0 || $endts > $maxend) { return array('status' => 'error', 'errorcode' => 36, 'errormsg' => "received invalid input for end"); } # validate $numMachines if (!is_numeric($numMachines) || $numMachines < MIN_BLOCK_MACHINES || $numMachines > MAX_BLOCK_MACHINES) { return array('status' => 'error', 'errorcode' => 64, 'errormsg' => 'The submitted number of seats must be between ' . MIN_BLOCK_MACHINES . ' and ' . MAX_BLOCK_MACHINES . '.'); } # validate $usergroupid $groups = getUserGroups(); if (!array_key_exists($usergroupid, $groups)) { return array('status' => 'error', 'errorcode' => 67, 'errormsg' => 'Submitted user group does not exist'); } # validate ignoreprivileges if (!is_numeric($ignoreprivileges) || $ignoreprivileges < 0 || $ignoreprivileges > 1) { return array('status' => 'error', 'errorcode' => 86, 'errormsg' => 'ignoreprivileges must be 0 or 1'); } $ownerid = getUserlistID('vclreload@Local'); $name = "API:{$start}"; $managementnodes = getManagementNodes('future'); if (empty($managementnodes)) { return array('status' => 'error', 'errorcode' => 12, 'errormsg' => 'could not allocate a management node to handle block allocation'); } $mnid = array_rand($managementnodes); $query = "INSERT INTO blockRequest " . "(name, " . "imageid, " . "numMachines, " . "groupid, " . "repeating, " . "ownerid, " . "managementnodeid, " . "expireTime, " . "status) " . "VALUES " . "('{$name}', " . "{$imageid}, " . "{$numMachines}, " . "{$usergroupid}, " . "'list', " . "{$ownerid}, " . "{$mnid}, " . "'{$end}', " . "'accepted')"; doQuery($query, 101); $brid = dbLastInsertID(); $query = "INSERT INTO blockTimes " . "(blockRequestid, " . "start, " . "end) " . "VALUES " . "({$brid}, " . "'{$start}', " . "'{$end}')"; doQuery($query, 101); $btid = dbLastInsertID(); $query = "INSERT INTO blockWebDate " . "(blockRequestid, " . "start, " . "end, " . "days) " . "VALUES " . "({$brid}, " . "'{$start}', " . "'{$end}', " . "0)"; doQuery($query); $sh = date('g', $startts); $smi = date('i', $startts); $sme = date('a', $startts); $eh = date('g', $startts); $emi = date('i', $startts); $eme = date('a', $startts); $query = "INSERT INTO blockWebTime " . "(blockRequestid, " . "starthour, " . "startminute, " . "startmeridian, " . "endhour, " . "endminute, " . "endmeridian, " . "`order`) " . "VALUES " . "({$brid}, " . "{$sh}," . "{$smi}," . "'{$sme}'," . "{$eh}," . "{$emi}," . "'{$eme}'," . "0)"; doQuery($query); $return = XMLRPCprocessBlockTime($btid, $ignoreprivileges); $return['blockTimesid'] = $btid; return $return; }
$formVars['serialNo'] = $serialNo; // for '$recordAction = "add"' we update the original '$formVars' array element to ensure a correct serial number when generating the file name via the 'parsePlaceholderString()' function // handle file uploads: // for '$recordAction = "add"' file name generation needs to be done *after* the record has been created and a serial number is available if (!empty($uploadFile) && !empty($uploadFile["tmp_name"])) { // process information of any file that was uploaded, auto-generate a file name if required and move the file to the appropriate directory: $fileName = handleFileUploads($uploadFile, $formVars); $queryRefsUpdateFileName = "UPDATE {$tableRefs} SET file = " . quote_smart($fileName) . " WHERE serial = " . quote_smart($serialNo); $result = queryMySQLDatabase($queryRefsUpdateFileName); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' } $queryUserData = "INSERT INTO {$tableUserData} SET " . "marked = " . quote_smart($markedRadio) . ", " . "copy = " . quote_smart($copyName) . ", " . "selected = " . quote_smart($selectedRadio) . ", " . "user_keys = " . quote_smart($userKeysName) . ", " . "user_notes = " . quote_smart($userNotesName) . ", " . "user_file = " . quote_smart($userFileName) . ", " . "user_groups = " . quote_smart($userGroupsName) . ", " . "cite_key = " . quote_smart($citeKeyName) . ", " . "related = " . quote_smart($relatedName) . ", " . "record_id = " . quote_smart($serialNo) . ", " . "user_id = " . quote_smart($loginUserID) . ", " . "data_id = NULL"; // inserting 'NULL' into an auto_increment PRIMARY KEY attribute allocates the next available key value $result = queryMySQLDatabase($queryUserData); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' getUserGroups($tableUserData, $loginUserID); // update the 'userGroups' session variable (function 'getUserGroups()' is defined in 'include.inc.php') // Send EMAIL announcement: if ($sendEmailAnnouncements == "yes") { // first, build an appropriate author string: // Call the 'extractAuthorsLastName()' function (defined in 'include.inc.php') to extract the last name of a particular author (specified by position). Required Parameters: // 1. pattern describing delimiter that separates different authors // 2. pattern describing delimiter that separates author name & initials (within one author) // 3. position of the author whose last name shall be extracted (e.g., "1" will return the 1st author's last name) // 4. contents of the author field $authorString = extractAuthorsLastName("/ *; */", "/ *, */", 1, $authorName); if ($authorCount == "2") { $authorString .= " & "; $authorString .= extractAuthorsLastName("/ *; */", "/ *, */", 2, $authorName); } if ($authorCount == "3") {
} if (SQUID_LDAP_PASSWORD_REGEX && !preg_match(SQUID_LDAP_PASSWORD_REGEX, _post("password"))) { $errors[] = "Invalid password."; } if (!$errors) { $un = _post("username"); $pw = _post("password"); $register = _post("register_device") == 1; $ad = ldap_connect(SQUID_LDAP_SERVER); if ($ad !== false && @ldap_bind($ad, $un . SQUID_LDAP_USERNAME_APPEND, $pw)) { $allowed = true; $proxyEnforced = true; $sessionTime = SQUID_DEFAULT_SESSION_DURATION; if (!empty($SQUID_LDAP_GROUP_PERMISSIONS)) { $allowed = false; $groups = getUserGroups($un, true, false); if (is_array($groups)) { foreach ($SQUID_LDAP_GROUP_PERMISSIONS as $groupDN => $groupPermissions) { if (in_array($groupDN, $groups) && (!$register && $groupPermissions["ALLOW_SESSION"] || $register && $groupPermissions["ALLOW_DEVICE_REGISTRATION"])) { $allowed = true; if (!$register && isset($groupPermissions["SESSION_DURATION"])) { $sessionTime = $groupPermissions["SESSION_DURATION"]; } if (isset($groupPermissions["ALLOW_NO_PROXY"]) && $groupPermissions["ALLOW_NO_PROXY"]) { $proxyEnforced = false; } break; } } } }
function processBlockAllocationInput() { global $user; $return = array(); $method = getContinuationVar('method'); $return['name'] = processInputVar('name', ARG_STRING); $return['owner'] = processInputVar('owner', ARG_STRING); $return['imageid'] = processInputVar('imageid', ARG_NUMERIC); $return['seats'] = processInputVar('seats', ARG_NUMERIC); $return['groupid'] = processInputVar('groupid', ARG_NUMERIC); $override = getContinuationVar('override', 0); $type = processInputVar('type', ARG_STRING); $err = 0; if ($method != 'request' && !preg_match('/^([-a-zA-Z0-9\\. \\(\\)]){3,80}$/', $return['name'])) { $errmsg = i("The name can only contain letters, numbers, spaces, dashes(-), and periods(.) and can be from 3 to 80 characters long"); $err = 1; } $resources = getUserResources(array("imageAdmin", "imageCheckOut")); $resources["image"] = removeNoCheckout($resources["image"]); if (!array_key_exists($return['imageid'], $resources['image'])) { $errmsg = i("The submitted image is invalid."); $err = 1; } if (!$err && $method != 'request' && !validateUserid($return['owner'])) { $errmsg = i("The submitted owner is invalid."); $err = 1; } else { $return['ownerid'] = getUserlistID($return['owner']); } $groups = getUserGroups(0, $user['affiliationid']); $extragroups = getContinuationVar('extragroups'); if (!$err && !array_key_exists($return['groupid'], $groups) && !array_key_exists($return['groupid'], $extragroups) && $return['groupid'] != 0) { $errmsg = i("The submitted user group is invalid."); $err = 1; } if (!$err && $return['groupid'] == 0) { $return['groupid'] = 'NULL'; } if (!$err && ($return['seats'] < MIN_BLOCK_MACHINES || $return['seats'] > MAX_BLOCK_MACHINES)) { $errmsg = sprintf(i("The submitted number of seats must be between %d and %d."), MIN_BLOCK_MACHINES, MAX_BLOCK_MACHINES); $err = 1; } if (!$err) { $imgdata = getImages(0, $return['imageid']); $concur = $imgdata[$return['imageid']]['maxconcurrent']; if (!is_null($concur) && $concur != 0 && $return['seats'] > $concur) { $errmsg = sprintf(i("The selected image can only have %d concurrent reservations. Please reduce the number of requested seats to %d or less."), $concur, $concur); $err = 1; } } $dooverride = 0; # check user group access to image if (($method == 'new' || $method == 'edit') && !$err && !$override) { $groupresources = getUserResources(array("imageAdmin", "imageCheckOut"), array("available"), 0, 0, 0, $return['groupid']); if (!array_key_exists($return['imageid'], $groupresources['image'])) { $dooverride = 1; $errmsg = i("WARNING - The selected user group does not currently have access to the selected environment. You can submit the Block Allocation again to ignore this warning."); $err = 1; } } if (!$err && $type != 'weekly' && $type != 'monthly' && $type != 'list') { $errmsg = i("You must select one of \"Repeating Weekly\", \"Repeating Monthly\", or \"List of Dates/Times\"."); $err = 1; } if (!$err) { if ($type == 'list') { $slots = processInputVar('slots', ARG_STRING); $return['slots'] = explode(',', $slots); $return['times'] = array(); $lastdate = array('day' => '', 'ts' => 0); foreach ($return['slots'] as $slot) { $tmp = explode('|', $slot); if (count($tmp) != 3) { $errmsg = i("Invalid date/time submitted."); $err = 1; break; } $date = $tmp[0]; if (!$err) { $datets = strtotime($date); if ($method != 'edit' && $datets < time() - SECINDAY) { $errmsg = i("The date must be today or later."); $err = 1; break; } } $return['times'][] = "{$tmp[1]}|{$tmp[2]}"; if ($datets > $lastdate['ts']) { $lastdate['ts'] = $datets; $lastdate['day'] = $date; } } if (!$err) { $expirets = strtotime("{$lastdate['day']} 23:59:59"); $return['expiretime'] = unixToDatetime($expirets); } } if ($type == 'weekly' || $type == 'monthly') { $return['startdate'] = processInputVar('startdate', ARG_NUMERIC); $return['enddate'] = processInputVar('enddate', ARG_NUMERIC); $times = processInputVar('times', ARG_STRING); $return['startts'] = strtotime($return['startdate']); $return['endts'] = strtotime($return['enddate']); if ($return['startts'] > $return['endts']) { $errmsg = i("The Last Date of Usage must be the same or later than the First Date of Usage."); $err = 1; } elseif ($method != 'edit' && $return['startts'] < time() - SECINDAY) { $errmsg = i("The start date must be today or later."); $err = 1; } $expirets = strtotime("{$return['enddate']} 23:59:59"); $return['expiretime'] = unixToDatetime($expirets); $return['times'] = explode(',', $times); } foreach ($return['times'] as $time) { $tmp = explode('|', $time); if (count($tmp) != 2) { $errmsg = i("Invalid start/end time submitted"); $err = 1; break; } $start = explode(':', $tmp[0]); if (count($start) != 2 || !is_numeric($start[0]) || !is_numeric($start[1]) || $start[0] < 0 || $start[0] > 23 || $start[1] < 0 || $start[1] > 59) { $errmsg = i("Invalid start time submitted"); $err = 1; break; } $end = explode(':', $tmp[1]); if (count($end) != 2 || !is_numeric($end[0]) || !is_numeric($end[1]) || $end[0] < 0 || $end[0] > 23 || $end[1] < 0 || $end[1] > 59) { $errmsg = i("Invalid end time submitted"); $err = 1; break; } $start = minuteOfDay($start[0], $start[1]); $end = minuteOfDay($end[0], $end[1]); if ($start >= $end) { $errmsg = i("Each start time must be less than the corresponding end time."); $err = 1; break; } } if ($type == 'weekly') { $validdays = 0; $errmsg = ''; for ($day = $return['startts'], $i = 0; $i < 7, $day < $return['endts'] + SECINDAY; $i++, $day += SECINDAY) { $daynum = date('w', $day); $validdays |= 1 << $daynum; } $days = processInputVar('days', ARG_STRING); $dayscheck = processInputVar('days', ARG_NUMERIC); if ($days == '' && $dayscheck == '0') { $days = 0; } $return['daymask'] = 0; if (!$err) { foreach (explode(',', $days) as $day) { if ($day == '' || $day < 0 || $day > 6) { $errmsg = i("Invalid day submitted."); $err = 1; break; } $return['daymask'] |= 1 << $day; } } if (!$err && ($return['daymask'] & $validdays) == 0) { $errmsg = i("No valid days submitted for the specified date range."); $err = 1; } } if ($type == 'monthly') { $return['weeknum'] = processInputVar('weeknum', ARG_NUMERIC); $return['day'] = processInputVar('day', ARG_NUMERIC); if (!$err && ($return['weeknum'] < 1 || $return['weeknum'] > 5)) { $errmsg = i("Invalid week number submitted."); $err = 1; } if (!$err && ($return['day'] < 1 || $return['day'] > 7)) { $errmsg = i("Invalid day of week submitted."); $err = 1; } $times = getMonthlyBlockTimes('', $return['startts'], $return['endts'], $return['day'], $return['weeknum'], $return['times']); if (!$err && empty($times)) { $errmsg = i("Specified day of month not found in date range."); $err = 1; } } } if ($method == 'request') { $return['comments'] = processInputVar('comments', ARG_STRING); if (get_magic_quotes_gpc()) { $return['comments'] = stripslashes($return['comments']); } if (!$err && preg_match('/[<>]/', $return['comments'])) { $errmsg = i("<>\\'s are not allowed in the comments."); $err = 1; } } if ($err) { print "clearHideConfirmForm();"; print "alert('{$errmsg}');"; $data = array('extragroups' => $extragroups, 'method' => $method); if ($method == 'edit') { $data['blockid'] = getContinuationVar('blockid'); } $cont = addContinuationsEntry('AJblockAllocationSubmit', $data, SECINWEEK, 1, 0); print "dojo.byId('submitcont').value = '{$cont}';"; if ($dooverride) { $data['override'] = 1; $cont = addContinuationsEntry('AJblockAllocationSubmit', $data, SECINWEEK, 1, 0); print "dojo.byId('submitcont2').value = '{$cont}';"; } else { print "dojo.byId('submitcont2').value = '';"; } } $return['type'] = $type; $return['err'] = $err; return $return; }
if (is_null($proxyPort)) { releaseLock(); exit("No spare WAN ports for this IP address."); } if ($conn->query("insert into wan_sessions (username, serial_number, ip_address, proxy_port, auth_time_utc, expiry_time_utc)\nvalues ('" . $conn->escape_string($username) . "', '" . $conn->escape_string($serialNumber) . "', '{$srcIP}', {$proxyPort}, UTC_TIMESTAMP(), ADDTIME(UTC_TIMESTAMP(), '" . SQUID_WAN_SESSION_DURATION . "'))")) { iptablesAddWanUser($srcIP, $proxyPort); } else { releaseLock(); exit("Error creating session."); } } else { renewWanSession($sessionId, $conn); } releaseLock(); // check that our user is active, and hand out a custom PAC if required $userGroups = getUserGroups($username, true, false); // if $userGroups === FALSE, the user is inactive (or we encountered an LDAP error) if (is_array($userGroups)) { $pacFile = SQUID_ROOT . "/pac.wan.js"; $subs["{PORT}"] = $proxyPort; foreach ($userGroups as $userGroup) { if (isset($SQUID_CUSTOM_PAC) && is_array($SQUID_CUSTOM_PAC) && array_key_exists($userGroup, $SQUID_CUSTOM_PAC)) { $pacFile = SQUID_ROOT . "/" . $SQUID_CUSTOM_PAC[$userGroup]; break; } } } } else { $q->close(); releaseLock(); }
$ttl = $row[1] + 0; // keep the session alive renewWanSession($row[2], $mconn); } releaseLock(); } if (!$un) { writeReply("ERR"); // negative cache TTL is 5 seconds cacheResult($srcIP, $mac, isset($input[1]) ? $input[1] : "", null, 5); continue; } if ($ttl > SQUID_MAX_TTL) { $ttl = SQUID_MAX_TTL; } $userGroups = getUserGroups($un, true, true, $ldapServer, $ldapUser, $ldapPassword, $ldapBase); if ($userGroups === false) { // this could indicate a disabled account or an LDAP error writeReply(SQUID_FAILURE_CODE . " message=\"Unable to retrieve groups for '{$un}'.\""); cacheResult($srcIP, $mac, isset($input[1]) ? $input[1] : "", null, 10); continue; } if (!isset($input[1])) { writeReply("OK user={$un}"); cacheResult($srcIP, $mac, "", $un, $ttl); continue; } else { if (!isset($ldapGroups[$input[1]])) { writeReply(SQUID_FAILURE_CODE . " message=\"No matching group DN found for '{$input['1']}'.\""); cacheResult($srcIP, $mac, $input[1], null, SQUID_MAX_TTL); continue;
function AJsaveUserGroupPrivs() { global $user; $groups = getUserGroups(0, $user['affiliationid']); $groupid = processInputVar('groupid', ARG_NUMERIC); if (!array_key_exists($groupid, $groups)) { sendJSON(array('failed' => 'noaccess')); return; } $permids = processInputVar('permids', ARG_STRING); if (!preg_match('/^[0-9,]*$/', $permids)) { sendJSON(array('failed' => 'invalid input')); return; } $perms = explode(',', $permids); $query = "DELETE FROM usergrouppriv WHERE usergroupid = {$groupid}"; doQuery($query, 101); if (empty($perms[0])) { sendJSON(array('success' => 1)); return; } $values = array(); foreach ($perms as $permid) { $values[] = "({$groupid}, {$permid})"; } $allvals = implode(',', $values); $query = "INSERT INTO usergrouppriv " . "(usergroupid, " . "userprivtypeid) " . "VALUES {$allvals}"; doQuery($query, 101); sendJSON(array('success' => 1)); $_SESSION['user']["groupperms"] = getUsersGroupPerms(array_keys($user['groups'])); }
function confirmDeleteGroup() { $groupid = getContinuationVar("groupid"); $type = getContinuationVar("type"); $usergroups = getUserGroups(1); $resourcegroups = getResourceGroups(); if ($type == "user") { $title = "Delete User Group"; $question = "Delete the following user group?"; $name = $usergroups[$groupid]["name"]; $target = ""; } else { $title = "Delete Resource Group"; $question = "Delete the following resource group?"; list($resourcetype, $name) = split('/', $resourcegroups[$groupid]["name"]); $target = "#resources"; } if (checkForGroupUsage($groupid, $type)) { print "<H2 align=center>{$title}</H2>\n"; print "This group is currently assigned to at least one node in the "; print "privilege tree. You cannot delete it until it is no longer "; print "in use."; return; } print "<DIV align=center>\n"; print "<H2>{$title}</H2>\n"; print "{$question}<br><br>\n"; print "<TABLE>\n"; if ($type == "resource") { print " <TR>\n"; print " <TH align=right>Type:</TH>\n"; print " <TD>{$resourcetype}</TD>\n"; print " </TR>\n"; } print " <TR>\n"; print " <TH align=right>Name:</TH>\n"; print " <TD>{$name}</TD>\n"; print " </TR>\n"; if ($type == "resource") { print " <TR>\n"; print " <TH align=right>Owning User Group:</TH>\n"; print " <TD>" . $resourcegroups[$groupid]["owner"] . "</TD>\n"; print " </TR>\n"; } print "</TABLE>\n"; print "<TABLE>\n"; print " <TR valign=top>\n"; print " <TD>\n"; print " <FORM action=\"" . BASEURL . SCRIPT . "{$target}\" method=post>\n"; $cdata = array('groupid' => $groupid, 'type' => $type); $cont = addContinuationsEntry('submitDeleteGroup', $cdata); print " <INPUT type=hidden name=continuation value=\"{$cont}\">\n"; print " <INPUT type=submit value=Submit>\n"; print " </FORM>\n"; print " </TD>\n"; print " <TD>\n"; print " <FORM action=\"" . BASEURL . SCRIPT . "\" method=post>\n"; print " <INPUT type=hidden name=mode value=viewGroups>\n"; print " <INPUT type=submit value=Cancel>\n"; print " </FORM>\n"; print " </TD>\n"; print " </TR>\n"; print "</TABLE>\n"; }
function check_login($referer, $loginEmail, $loginPassword) { global $username; global $password; global $hostName; global $databaseName; global $connection; global $HeaderString; global $loginUserID; global $loginFirstName; global $loginLastName; global $adminLoginEmail; global $abbrevInstitution; global $tableAuth, $tableUserData, $tableUsers; // defined in 'db.inc.php' global $loc; // Get the two character salt from the email address collected from the challenge $salt = substr($loginEmail, 0, 2); // Encrypt the loginPassword collected from the challenge (so that we can compare it to the encrypted passwords that are stored in the 'auth' table) $crypted_password = crypt($loginPassword, $salt); // CONSTRUCT SQL QUERY: $query = "SELECT user_id FROM {$tableAuth} WHERE email = " . quote_smart($loginEmail) . " AND password = "******"errors"); } // function 'deleteSessionVariable()' is defined in 'include.inc.php' if (isset($_SESSION['formVars'])) { // delete the 'formVars' session variable: deleteSessionVariable("formVars"); } // function 'deleteSessionVariable()' is defined in 'include.inc.php' $userID = $row["user_id"]; // extract the user's userID from the last query // Now we need to get the user's first name and last name (e.g., in order to display them within the login welcome message) $query = "SELECT user_id, first_name, last_name, abbrev_institution, language, last_login FROM {$tableUsers} WHERE user_id = " . quote_smart($userID); // CONSTRUCT SQL QUERY $result = queryMySQLDatabase($query); // RUN the query on the database through the connection (function 'queryMySQLDatabase()' is defined in 'include.inc.php') $row2 = mysql_fetch_array($result); // EXTRACT results: fetch the one row into the array '$row2' // Save the fetched user details to the session file: // Write back session variables: saveSessionVariable("loginEmail", $loginEmail); // function 'saveSessionVariable()' is defined in 'include.inc.php' saveSessionVariable("loginUserID", $row2["user_id"]); saveSessionVariable("loginFirstName", $row2["first_name"]); saveSessionVariable("loginLastName", $row2["last_name"]); saveSessionVariable("abbrevInstitution", $row2["abbrev_institution"]); saveSessionVariable("userLanguage", $row2["language"]); saveSessionVariable("lastLogin", $row2["last_login"]); // Get all user groups specified by the current user // and (if some groups were found) save them as semicolon-delimited string to the session variable 'userGroups': getUserGroups($tableUserData, $row2["user_id"]); // function 'getUserGroups()' is defined in 'include.inc.php' if ($loginEmail == $adminLoginEmail) { // ('$adminLoginEmail' is specified in 'ini.inc.php') // Get all user groups specified by the admin // and (if some groups were found) save them as semicolon-delimited string to the session variable 'adminUserGroups': getUserGroups($tableUsers, $row2["user_id"]); } // function 'getUserGroups()' is defined in 'include.inc.php' // Get all user queries that were saved previously by the current user // and (if some queries were found) save them as semicolon-delimited string to the session variable 'userQueries': getUserQueries($row2["user_id"]); // function 'getUserQueries()' is defined in 'include.inc.php' // Get all export formats that were selected previously by the current user // and (if some formats were found) save them as semicolon-delimited string to the session variable 'user_export_formats': getVisibleUserFormatsStylesTypes($row2["user_id"], "format", "export"); // function 'getVisibleUserFormatsStylesTypes()' is defined in 'include.inc.php' // Get all citation formats that were selected previously by the current user // and (if some formats were found) save them as semicolon-delimited string to the session variable 'user_cite_formats': getVisibleUserFormatsStylesTypes($row2["user_id"], "format", "cite"); // function 'getVisibleUserFormatsStylesTypes()' is defined in 'include.inc.php' // Get all citation styles that were selected previously by the current user // and (if some styles were found) save them as semicolon-delimited string to the session variable 'user_styles': getVisibleUserFormatsStylesTypes($row2["user_id"], "style", ""); // function 'getVisibleUserFormatsStylesTypes()' is defined in 'include.inc.php' // Get all document types that were selected previously by the current user // and (if some types were found) save them as semicolon-delimited string to the session variable 'user_types': getVisibleUserFormatsStylesTypes($row2["user_id"], "type", ""); // function 'getVisibleUserFormatsStylesTypes()' is defined in 'include.inc.php' // Get the user permissions for the current user // and save all allowed user actions as semicolon-delimited string to the session variable 'user_permissions': getPermissions($row2["user_id"], "user", true); // function 'getPermissions()' is defined in 'include.inc.php' // Get the default view for the current user // and save it to the session variable 'userDefaultView': getDefaultView($row2["user_id"]); // function 'getDefaultView()' is defined in 'include.inc.php' // Get the default number of records per page preferred by the current user // and save it to the session variable 'userRecordsPerPage': getDefaultNumberOfRecords($row2["user_id"]); // function 'getDefaultNumberOfRecords()' is defined in 'include.inc.php' // Get the user's preference for displaying auto-completions // and save it to the session variable 'userAutoCompletions': getPrefAutoCompletions($row2["user_id"]); // function 'getPrefAutoCompletions()' is defined in 'include.inc.php' // Get the list of "main fields" for the current user // and save the list of fields as comma-delimited string to the session variable 'userMainFields': getMainFields($row2["user_id"]); // function 'getMainFields()' is defined in 'include.inc.php' // We also update the user's entry within the 'users' table: $query = "UPDATE {$tableUsers} SET " . "last_login = NOW(), " . "logins = logins+1 " . "WHERE user_id = {$userID}"; // RUN the query on the database through the connection: $result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' if (!preg_match("#/(error|user_login|install)\\.php#i", $referer)) { header("Location: " . $referer); } else { header("Location: index.php"); } // back to main page } else { // Ensure 'loginEmail' is not registered, so the user is not logged in if (isset($_SESSION['loginEmail'])) { // delete the 'loginEmail' session variable: deleteSessionVariable("loginEmail"); } // function 'deleteSessionVariable()' is defined in 'include.inc.php' // Save an error message: $HeaderString = "<b><span class=\"warning\">" . $loc["LoginFailedYouProvidedAnIncorrectEmailAddressOrPassword"] . "</span></b>"; // Write back session variables: saveSessionVariable("HeaderString", $HeaderString); // function 'saveSessionVariable()' is defined in 'include.inc.php' login_page($referer); } // ------------------- // (5) CLOSE the database connection: disconnectFromMySQLDatabase(); // function 'disconnectFromMySQLDatabase()' is defined in 'include.inc.php' }
<?php /* Script para manejar cualquier request para obtener datos de la base de datos */ require_once 'functions.php'; if (isset($_POST['id']) and isset($_POST['getData'])) { switch ($_POST['getData']) { case 0: echo json_encode(getUserGroups($_POST['id'])); break; case 1: echo json_encode(getTeacherUserGroups($_POST['id'])); break; case 2: echo json_encode(getTeachers()); break; case 3: echo json_encode(getAllGroups()); break; case 4: echo json_encode(getTasksFromClass($_POST['group'])); break; case 5: echo json_encode(getStudentsFromClass($_POST['group'])); break; case 6: echo json_encode(getAllGroupsReport()); break; case 7: echo json_encode(getTeacherUserGroupsReport($_POST['id']));
function processProfileInput() { global $user; $ret = array(); $ret['profileid'] = processInputVar('id', ARG_NUMERIC); $ret['name'] = processInputVar('name', ARG_STRING); $ret['desc'] = processInputVar('desc', ARG_STRING); $ret['imageid'] = processInputVar('imageid', ARG_NUMERIC); $ret['fixedMAC'] = processInputVar('fixedMAC', ARG_STRING); $ret['admingroupid'] = processInputVar('admingroupid', ARG_NUMERIC); $ret['logingroupid'] = processInputVar('logingroupid', ARG_NUMERIC); $monitored = processInputVar('monitored', ARG_STRING); $ret['fixedIP'] = processInputVar('fixedIP', ARG_STRING); $ret['netmask'] = processInputVar('netmask', ARG_STRING); $ret['router'] = processInputVar('router', ARG_STRING); $ret['dns'] = processInputVar('dns', ARG_STRING); $ret['dnsArr'] = array(); $err = array(); # validate access to this profile $resources = getUserResources(array("serverProfileAdmin"), array("administer")); if ($ret['profileid'] != 70000 && !array_key_exists($ret['profileid'], $resources['serverprofile'])) { $err['msg'] = "You do not have access to administer this server profile."; $err['field'] = 'profileid'; $err['error'] = 1; return $err; } if (!preg_match('/^([-a-zA-Z0-9_\\. ]){3,255}$/', $ret['name'])) { $err['msg'] = "The name can only contain letters, numbers, spaces, dashes(-), " . "underscores(_), and periods(.) and can be from 3 to 255 characters long"; $err['field'] = 'name'; $err['error'] = 1; return $err; } if (!preg_match("/^([-a-zA-Z0-9\\. ,;:@#&\\(\\)_+\\/?\n]){0,1000}\$/", $ret['desc'])) { $err['msg'] = "The description can only contain letters, numbers, spaces, and " . "these characters: - , ; . : @ # & ( ) _ + / ? and can be from " . "3 to 1000 characters long"; $err['field'] = 'desc'; $err['error'] = 1; return $err; } $resources = getUserResources(array("imageAdmin", "imageCheckOut")); $images = removeNoCheckout($resources['image']); if (!array_key_exists($ret['imageid'], $images)) { $err['msg'] = "Invalid image selected"; $err['field'] = 'imageid'; $err['error'] = 1; return $err; } $addrArr = explode('.', $ret['fixedIP']); if ($ret['fixedIP'] == '') { $ret['fixedIP'] = 'NULL'; } elseif (!validateIPv4addr($ret['fixedIP'])) { $err['msg'] = "Invalid value for Fixed IP Address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)"; $err['field'] = 'fixedIP'; $err['error'] = 1; return $err; } elseif (!preg_match('/^[1]+0[^1]+$/', sprintf('%032b', ip2long($ret['netmask'])))) { $err['msg'] = "Invalid netmask specified"; $err['field'] = 'netmask'; $err['error'] = 1; return $err; } elseif (!validateIPv4addr($ret['router'])) { $err['msg'] = "Invalid value for Router. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)"; $err['field'] = 'router'; $err['error'] = 1; return $err; } elseif ((ip2long($ret['fixedIP']) & ip2long($ret['netmask'])) != (ip2long($ret['router']) & ip2long($ret['netmask']))) { $err['msg'] = "IP address and router are not on the same subnet " . "based on the specified netmask."; $err['field'] = 'router'; $err['error'] = 1; return $err; } if ($ret['fixedIP'] != 'NULL') { $tmp = explode(',', $ret['dns']); $cnt = 0; foreach ($tmp as $dnsaddr) { if ($cnt && $dnsaddr == '') { continue; } if ($cnt == 3) { $err['msg'] = "Too many DNS servers specified - up to 3 are allowed."; $err['field'] = 'dns'; $err['error'] = 1; return $err; } if (!validateIPv4addr($dnsaddr)) { $err['msg'] = "Invalid DNS server specified"; $err['field'] = 'dns'; $err['error'] = 1; return $err; } $ret['dnsArr'][] = $dnsaddr; $cnt++; } } if ($ret['fixedMAC'] == '') { $ret['fixedMAC'] = 'NULL'; } elseif (!preg_match('/^(([A-Fa-f0-9]){2}:){5}([A-Fa-f0-9]){2}$/', $ret['fixedMAC'])) { $err['msg'] = "Invalid MAC address. Must be XX:XX:XX:XX:XX:XX with each pair of " . "XX being from 00 to FF (inclusive)"; $err['field'] = 'fixedMAC'; $err['error'] = 1; return $err; } $usergroups = getUserGroups(); /*$usergroups = getUserEditGroups($user['id']); $extraadmingroups = getServerProfileGroups($user['id'], 'admin');*/ if ($ret['admingroupid'] == 0) { $ret['admingroupid'] = 'NULL'; } elseif (!array_key_exists($ret['admingroupid'], $usergroups)) { $err['msg'] = "Invalid Admin User Group selected"; $err['field'] = 'admingroupid'; $err['error'] = 1; return $err; } #$extralogingroups = getServerProfileGroups($user['id'], 'login'); if ($ret['logingroupid'] == 0) { $ret['logingroupid'] = 'NULL'; } elseif (!array_key_exists($ret['logingroupid'], $usergroups)) { $err['msg'] = "Invalid Access User Group selected"; $err['field'] = 'logingroupid'; $err['error'] = 1; return $err; } if (!preg_match('/^(false|on)$/', $monitored)) { $err['msg'] = "Invalid value submitted for Monitored"; $err['field'] = 'monitored'; $err['error'] = 1; return $err; } if ($monitored == 'on') { $ret['monitored'] = 1; } else { $ret['monitored'] = 0; } return $ret; }
function confirmDeleteGroup() { global $user; $groupid = getContinuationVar("groupid"); $type = getContinuationVar("type"); $usergroups = getUserGroups(); $groupid = processInputVar('groupid', ARG_NUMERIC); if ($type == 'user') { if (!array_key_exists($groupid, $usergroups)) { print "<h2>Delete User Group</h2>\n"; print "The selected user group does not exist.\n"; return; } if ($usergroups[$groupid]['ownerid'] != $user['id']) { if ($usergroups[$groupid]['custom'] == 0 || $usergroups[$groupid]['courseroll'] == 1) { if (!checkUserHasPerm('Manage Federated User Groups (global)') && (!checkUserHasPerm('Manage Federated User Groups (affiliation only)') || $usergroups[$groupid]['groupaffiliationid'] != $user['affiliationid'])) { print "<h2>Delete User Group</h2>\n"; print "You do not have access to delete the selected user group.\n"; return; } } else { print "<h2>Delete User Group</h2>\n"; print "You do not have access to delete the selected user group.\n"; return; } } $tmp = explode('@', $usergroups[$groupid]['name']); $checkname = $tmp[0]; if ($usergroups[$groupid]['groupaffiliationid'] == 1 && ($checkname == 'Specify End Time' || $checkname == 'Allow No User Check' || $checkname == 'Default for Editable by')) { print "<h2>Delete User Group</h2>\n"; print "{$usergroups[$groupid]['name']} is a system group that cannot be deleted"; return; } } else { $userresources = getUserResources(array("groupAdmin"), array("manageGroup"), 1); $noaccess = 1; foreach (array_keys($userresources) as $rtype) { if (array_key_exists($groupid, $userresources[$rtype])) { $noaccess = 0; break; } } if ($noaccess) { print "<h2>Delete Resource Group</h2>\n"; print "You do not have access to delete the selected resource group.\n"; return; } } $resourcegroups = getResourceGroups(); if ($type == "user") { $title = "Delete User Group"; $usemsg = "This group is currently in use. You cannot delete it until " . "it is no longer being used."; $question = "Delete the following user group?"; $name = $usergroups[$groupid]["name"]; $target = ""; } else { $title = "Delete Resource Group"; $usemsg = "This group is currently assigned to at least one node in the " . "privilege tree. You cannot delete it until it is no longer " . "in use."; $question = "Delete the following resource group?"; list($resourcetype, $name) = explode('/', $resourcegroups[$groupid]["name"]); $target = "#resources"; } if (checkForGroupUsage($groupid, $type, $usemsg)) { print "<H2 align=center>{$title}</H2>\n"; print $usemsg; return; } print "<DIV align=center>\n"; print "<H2>{$title}</H2>\n"; print "{$question}<br><br>\n"; print "<TABLE>\n"; if ($type == "resource") { print " <TR>\n"; print " <TH align=right>Type:</TH>\n"; print " <TD>{$resourcetype}</TD>\n"; print " </TR>\n"; } print " <TR>\n"; print " <TH align=right>Name:</TH>\n"; print " <TD>{$name}</TD>\n"; print " </TR>\n"; if ($type == "resource") { print " <TR>\n"; print " <TH align=right>Owning User Group:</TH>\n"; print " <TD>" . $resourcegroups[$groupid]["owner"] . "</TD>\n"; print " </TR>\n"; } elseif ($usergroups[$groupid]['courseroll'] == 1 || $usergroups[$groupid]['custom'] == 0) { print "<TR>\n"; print " <TH align=right>Type:</TH>\n"; if ($usergroups[$groupid]['courseroll'] == 1) { print " <TD>Course Roll</TD>\n"; } elseif ($usergroups[$groupid]['custom'] == 0) { print " <TD>Federated</TD>\n"; } print "</TR>\n"; print "<TR>\n"; print " <TD colspan=2><br><strong>Note</strong>: This type of group is "; print "created from external sources<br>and could be recreated from "; print "those sources at any time.<br><br></TD>\n"; print "</TR>\n"; } print "</TABLE>\n"; print "<TABLE>\n"; print " <TR valign=top>\n"; print " <TD>\n"; print " <FORM action=\"" . BASEURL . SCRIPT . "{$target}\" method=post>\n"; $cdata = array('groupid' => $groupid, 'type' => $type); $cont = addContinuationsEntry('submitDeleteGroup', $cdata); print " <INPUT type=hidden name=continuation value=\"{$cont}\">\n"; print " <INPUT type=submit value=Submit>\n"; print " </FORM>\n"; print " </TD>\n"; print " <TD>\n"; print " <FORM action=\"" . BASEURL . SCRIPT . "\" method=post>\n"; print " <INPUT type=hidden name=mode value=viewGroups>\n"; print " <INPUT type=submit value=Cancel>\n"; print " </FORM>\n"; print " </TD>\n"; print " </TR>\n"; print "</TABLE>\n"; print "</DIV>\n"; }
function modifyUserGroups($queryTable, $displayType, $recordSerialsArray, $userID, $userGroup) { global $tableUserData, $tableUsers; // defined in 'db.inc.php' connectToMySQLDatabase(); $userGroupQuoted = preg_quote($userGroup, "/"); // escape meta characters (including '/' that is used as delimiter for the PCRE match & replace functions below and which gets passed as second argument) if ($queryTable == $tableUserData) { // for the current user, get all entries within the 'user_data' table that refer to the selected records (listed in '$recordSerialsArray'): $query = "SELECT record_id, user_groups FROM {$tableUserData} WHERE record_id RLIKE " . quote_smart("^(" . implode("|", $recordSerialsArray) . ")\$") . " AND user_id = " . quote_smart($userID); } elseif ($queryTable == $tableUsers) { // for the admin, get all entries within the 'users' table that refer to the selected records (listed in '$recordSerialsArray'): $query = "SELECT user_id as record_id, user_groups FROM {$tableUsers} WHERE user_id RLIKE " . quote_smart("^(" . implode("|", $recordSerialsArray) . ")\$"); } // (note that by using 'user_id as record_id' we can use the term 'record_id' as identifier of the primary key for both tables) $result = queryMySQLDatabase($query); // RUN the query on the database through the connection $foundSerialsArray = array(); // initialize array variable (which will hold the serial numbers of all found records) $rowsFound = @mysql_num_rows($result); if ($rowsFound > 0) { while ($row = @mysql_fetch_array($result)) { $recordID = $row["record_id"]; // get the serial number of the current record $foundSerialsArray[] = $recordID; // add this record's serial to the array of found serial numbers $recordUserGroups = $row["user_groups"]; // extract the user groups that the current record belongs to // ADD the specified user group to the 'user_groups' field: if ($displayType == "Add" and !preg_match("/(^|.*;) *{$userGroupQuoted} *(;.*|\$)/", $recordUserGroups)) { if (empty($recordUserGroups)) { // and if the 'user_groups' field is completely empty $recordUserGroups = $userGroup; } else { // if the 'user_groups' field does already contain some user content: $recordUserGroups .= "; " . $userGroup; } // append the specified user group to the 'user_groups' field } elseif ($displayType == "Remove") { $recordUserGroups = preg_replace("/^ *{$userGroupQuoted} *(?=;|\$)/", "", $recordUserGroups); // the specified group is listed at the very beginning of the 'user_groups' field $recordUserGroups = preg_replace("/ *; *{$userGroupQuoted} *(?=;|\$)/", "", $recordUserGroups); // the specified group occurs after some other group name within the 'user_groups' field $recordUserGroups = preg_replace("/^ *; */i", "", $recordUserGroups); // remove any remaining group delimiters at the beginning of the 'user_groups' field } if ($queryTable == $tableUserData) { // for the current record & user ID, update the matching entry within the 'user_data' table: $queryUserData = "UPDATE {$tableUserData} SET user_groups = " . quote_smart($recordUserGroups) . " WHERE record_id = " . quote_smart($recordID) . " AND user_id = " . quote_smart($userID); } elseif ($queryTable == $tableUsers) { // for the current user ID, update the matching entry within the 'users' table: $queryUserData = "UPDATE {$tableUsers} SET user_groups = " . quote_smart($recordUserGroups) . " WHERE user_id = " . quote_smart($recordID); } $resultUserData = queryMySQLDatabase($queryUserData); // RUN the query on the database through the connection } } if ($queryTable == $tableUserData and $displayType == "Add") { // for all selected records that have no entries in the 'user_data' table (for this user), we'll need to add a new entry containing the specified group: $leftoverSerialsArray = array_diff($recordSerialsArray, $foundSerialsArray); // get all unique array elements of '$recordSerialsArray' which are not in '$foundSerialsArray' foreach ($leftoverSerialsArray as $leftoverRecordID) { if ($leftoverRecordID > 0) { $foundSerialsArray[] = $leftoverRecordID; // add this record's serial to the array of found serial numbers // for the current record & user ID, add a new entry (containing the specified group) to the 'user_data' table: $queryUserData = "INSERT INTO {$tableUserData} SET " . "user_groups = " . quote_smart($userGroup) . ", " . "record_id = " . quote_smart($leftoverRecordID) . ", " . "user_id = " . quote_smart($userID) . ", " . "data_id = NULL"; // inserting 'NULL' into an auto_increment PRIMARY KEY attribute allocates the next available key value $resultUserData = queryMySQLDatabase($queryUserData); // RUN the query on the database through the connection } } } // TODO! // save an informative message: // if (count($foundSerialsArray) == "1") // $recordHeader = $loc["record"]; // use singular form if only one record was updated // else // $recordHeader = $loc["records"]; // use plural form if multiple records were updated // $HeaderString = returnMsg("The groups of " . . " records were updated successfully!", "", "", "HeaderString"); getUserGroups($queryTable, $userID); // update the appropriate session variable }
require_once "PEAR.inc"; require_once "radius.inc"; if ($_POST) { $pconfig = $_POST; unset($input_errors); $authcfg = auth_get_authserver($_POST['authmode']); if (!$authcfg) { $input_errors[] = $_POST['authmode'] . " " . gettext("is not a valid authentication server"); } if (empty($_POST['username']) || empty($_POST['password'])) { $input_errors[] = gettext("A username and password must be specified."); } if (!$input_errors) { if (authenticate_user($_POST['username'], $_POST['password'], $authcfg)) { $savemsg = gettext("User") . ": " . $_POST['username'] . " " . gettext("authenticated successfully."); $groups = getUserGroups($_POST['username'], $authcfg); $savemsg .= "<br />" . gettext("This user is a member of these groups") . ": <br />"; foreach ($groups as $group) { $savemsg .= "{$group} "; } } else { $input_errors[] = gettext("Authentication failed."); } } } $pgtitle = array(gettext("Diagnostics"), gettext("Authentication")); $shortcut_section = "authentication"; include "head.inc"; ?> <body link="#000000" vlink="#000000" alink="#000000">
saveSessionVariable("userLanguage", $defaultLanguage); // '$defaultLanguage' is defined in 'ini.inc.php' saveSessionVariable("userRecordsPerPage", $defaultUserOptions['records_per_page']); // '$defaultUserOptions' is defined in 'ini.inc.php' saveSessionVariable("userAutoCompletions", $defaultUserOptions['show_auto_completions']); saveSessionVariable("userMainFields", $defaultUserOptions['main_fields']); } // Get all user groups specified by the current user // and (if some groups were found) save them as semicolon-delimited string to the session variable 'userGroups': getUserGroups($tableUserData, $loginUserID); // function 'getUserGroups()' is defined in 'include.inc.php' if ($loginEmail == $adminLoginEmail) { // ('$adminLoginEmail' is specified in 'ini.inc.php') // Get all user groups specified by the admin // and (if some groups were found) save them as semicolon-delimited string to the session variable 'adminUserGroups': getUserGroups($tableUsers, $loginUserID); } // function 'getUserGroups()' is defined in 'include.inc.php' // Similarly, get all queries that were saved previously by the current user // and (if some queries were found) save them as semicolon-delimited string to the session variable 'userQueries': getUserQueries($loginUserID); // function 'getUserQueries()' is defined in 'include.inc.php' // Clear the 'errors' and 'formVars' session variables so a future <form> is blank: deleteSessionVariable("errors"); // function 'deleteSessionVariable()' is defined in 'include.inc.php' deleteSessionVariable("formVars"); // ---------------------------------------------- // (4) Now show the user RECEIPT: header("Location: user_receipt.php?userID={$userID}"); // (5) CLOSE the database connection: disconnectFromMySQLDatabase();
function processRequestInput() { global $user; $baseaccess = getContinuationVar('baseaccess', 0); $imagingaccess = getContinuationVar('imagingaccess', 0); $serveraccess = getContinuationVar('serveraccess', 0); $openend = getContinuationVar('openend', 0); $nousercheck = getContinuationVar('nousercheck', 0); $return['imaging'] = getContinuationVar('imaging', 0); $maxinitial = getContinuationVar('maxinitial', 0); $noimaging = getContinuationVar('noimaging', array()); $return = array('err' => 0); # type $return['type'] = processInputVar('type', ARG_STRING); if (!preg_match('/^basic|imaging|server$/', $return['type'])) { $return['err'] = 1; $return['errmsg'] = i('Invalid data submitted'); return $return; } if ($return['type'] == 'basic' && !$baseaccess || $return['type'] == 'imaging' && !$imagingaccess || $return['type'] == 'server' && !$serveraccess) { $return['err'] = 1; $return['errmsg'] = i('No access to submitted reservation type'); return $return; } # ending $return['ending'] = processInputVar('ending', ARG_STRING); if (!preg_match('/^indefinite|endat|duration$/', $return['ending'])) { $return['err'] = 1; $return['errmsg'] = i('Invalid data submitted'); return $return; } if ($return['ending'] == 'duration' && !$baseaccess || $return['ending'] == 'indefinite' && !$serveraccess || $return['ending'] == 'endat' && !$openend && !$serveraccess) { $return['err'] = 1; $return['errmsg'] = i('No access to submitted end type'); return $return; } # imageid $return['imageid'] = processInputVar('imageid', ARG_NUMERIC); $resources = getUserResources(array("imageAdmin", "imageCheckOut")); $withnocheckout = $resources['image']; $images = removeNoCheckout($resources["image"]); $extraimages = getServerProfileImages($user['id']); if (!array_key_exists($return['imageid'], $images) && ($return['type'] != 'server' || !array_key_exists($return['imageid'], $extraimages)) && ($return['type'] != 'imaging' || !array_key_exists($return['imageid'], $withnocheckout)) || $return['type'] == 'imaging' && array_key_exists($return['imageid'], $noimaging)) { $return['err'] = 1; $return['errmsg'] = i('No access to submitted environment'); return $return; } # nousercheck $return['nousercheck'] = processInputVar('nousercheck', ARG_NUMERIC); if (!$nousercheck || $return['nousercheck'] != 1) { $return['nousercheck'] = 0; } # revisionid $revids = processInputVar("revisionid", ARG_STRING); $revids = explode(':', $revids); $images = getImages(0, $return['imageid']); $return['revisionids'] = array(); if (array_key_exists('subimages', $images[$return['imageid']])) { $subimages = $images[$return['imageid']]['subimages']; array_unshift($subimages, $return['imageid']); foreach ($subimages as $key => $imgid) { $revisions = getImageRevisions($imgid); if (!array_key_exists($key, $revids) || !is_numeric($revids[$key]) || !array_key_exists($revids[$key], $revisions)) { $revid = getProductionRevisionid($imgid); } else { $revid = $revids[$key]; } if (!array_key_exists($imgid, $return['revisionids'])) { $return['revisionids'][$imgid] = array(); } $return['revisionids'][$imgid][] = $revid; } } elseif ($revids[0] != '' && is_numeric($revids[0])) { $return['revisionids'][$return['imageid']][] = $revids[0]; } else { $return['revisionids'][$return['imageid']][] = getProductionRevisionid($return['imageid']); } # duration if ($return['ending'] == 'duration') { $return['duration'] = processInputVar('duration', ARG_NUMERIC, 0); if ($return['duration'] > $maxinitial) { $return['duration'] = $maxinitial; } } # start/end $return['start'] = processInputVar('start', ARG_NUMERIC); $return['end'] = processInputVar('end', ARG_NUMERIC, 0); $now = time(); if ($return['start'] == 0) { $start = $now; } else { $start = $return['start']; } if ($return['ending'] == 'endat') { $end = $return['end']; } if ($return['ending'] == 'indefinite') { $end = datetimeToUnix('2038-01-01 00:00:00'); } elseif ($return['ending'] == 'duration') { $end = $start + $return['duration'] * 60; } if ($start < $now) { $return['err'] = 1; $return['errmsg'] = i('The submitted start time is in the past.'); return $return; } if ($start + 900 > $end) { $return['err'] = 1; $return['errmsg'] = i('The end time must be at least 15 minutes later than the start time.'); return $return; } $return['ipaddr'] = ''; $return['macaddr'] = ''; # server specific input if ($return['type'] == 'server') { # name $return['name'] = processInputVar('name', ARG_STRING); if (!preg_match('/^([-a-zA-Z0-9_\\. ]){0,255}$/', $return['name'])) { $return['err'] = 1; $return['errmsg'] = i('The reservation name can only contain letters, numbers, spaces, dashes(-), underscores(_), and periods(.) and can be up to 255 characters long'); return $return; } # ipaddr $return['ipaddr'] = processInputVar('ipaddr', ARG_STRING); if ($return['ipaddr'] != '') { # validate fixed IP address if (!validateIPv4addr($return['ipaddr'])) { $return['err'] = 1; $return['errmsg'] = i('Invalid IP address. Must be w.x.y.z with each of w, x, y, and z being between 1 and 255 (inclusive)'); return $return; } # validate netmask $return['netmask'] = processInputVar('netmask', ARG_STRING); $bnetmask = ip2long($return['netmask']); if (!preg_match('/^[1]+0[^1]+$/', sprintf('%032b', $bnetmask))) { $return['err'] = 1; $return['errmsg'] = i('Invalid netmask specified'); return $return; } # validate router $return['router'] = processInputVar('router', ARG_STRING); if (!validateIPv4addr($return['router'])) { $return['err'] = 1; $return['errmsg'] = i('Invalid router address. Must be w.x.y.z with each of w, x, y, and z being between 1 and 255 (inclusive)'); return $return; } $return['network'] = ip2long($return['ipaddr']) & $bnetmask; if ($return['network'] != (ip2long($return['router']) & $bnetmask)) { $return['err'] = 1; $return['errmsg'] = i('IP address and router are not on the same subnet based on the specified netmask.'); return $return; } # validate dns server(s) $dns = processInputVar('dns', ARG_STRING); $tmp = explode(',', $dns); $cnt = 0; $return['dnsArr'] = array(); foreach ($tmp as $dnsaddr) { if ($cnt && $dnsaddr == '') { continue; } if ($cnt == 3) { $return['err'] = 1; $return['errmsg'] = i('Too many DNS servers specified - up to 3 are allowed.'); return $return; } if (!validateIPv4addr($dnsaddr)) { $return['err'] = 1; $return['errmsg'] = i('Invalid DNS server specified.'); return $return; } $return['dnsArr'][] = $dnsaddr; $cnt++; } # check that a management node can handle the network $mappedmns = getMnsFromImage($return['imageid']); $mnnets = checkAvailableNetworks($return['ipaddr']); $intersect = array_intersect($mappedmns, $mnnets); if (empty($intersect)) { $return['err'] = 1; $return['errmsg'] = i('There are no management nodes that can deploy the selected image with the specified IP address.'); return $return; } } # macaddr $return['macaddr'] = processInputVar('macaddr', ARG_STRING); if ($return['macaddr'] != '' && !preg_match('/^(([A-Fa-f0-9]){2}:){5}([A-Fa-f0-9]){2}$/', $return['macaddr'])) { $return['err'] = 1; $return['errmsg'] = i('Invalid MAC address. Must be XX:XX:XX:XX:XX:XX with each pair of XX being from 00 to FF (inclusive)'); return $return; } # profileid $return['profileid'] = processInputVar('profileid', ARG_NUMERIC, 0); $resources = getUserResources(array("serverCheckOut", "serverProfileAdmin"), array("available", "administer")); if (!array_key_exists($return['profileid'], $resources['serverprofile'])) { $return['profileid'] = 0; } elseif ($return['profileid'] != 0) { $tmp = getServerProfiles($return['profileid']); $tmp = $tmp[$return['profileid']]; if ($tmp['imageid'] != $return['imageid'] && ($tmp['fixedIP'] != $return['ipaddr'] && $tmp['fixedMAC'] != $return['macaddr'] || $tmp['fixedIP'] == $return['ipaddr'] && $return['ipaddr'] == '' && $tmp['fixedMAC'] == $return['macaddr'] && $return['macaddr'] == '')) { $return['profileid'] = 0; } } # admingroupid $usergroups = getUserGroups(); $return['admingroupid'] = processInputVar('admingroupid', ARG_NUMERIC); if ($return['admingroupid'] != 0 && !array_key_exists($return['admingroupid'], $usergroups)) { $return['err'] = 1; $return['errmsg'] = i('You do not have access to use the specified admin user group.'); return $return; } # logingroupid $return['logingroupid'] = processInputVar('logingroupid', ARG_NUMERIC); if ($return['logingroupid'] != 0 && !array_key_exists($return['logingroupid'], $usergroups)) { $return['err'] = 1; $return['errmsg'] = i('You do not have access to use the specified access user group.'); return $return; } # monitored $return['monitored'] = processInputVar('monitored', ARG_NUMERIC, 0); if ($return['monitored'] != 0 && $return['monitored'] != 1) { $return['monitored'] = 0; } # configs # TODO configs /*$tmp = getUserResources(array("configAdmin")); $userconfigs = $tmp['config']; $initconfigs = getMappedConfigs($return['imageid']); if(array_key_exists('configdata', $_POST)) { if(get_magic_quotes_gpc()) $_POST['configdata'] = stripslashes($_POST['configdata']); $configdata = json_decode($_POST['configdata']); } if(array_key_exists('configdata', $_POST) && isset($configdata->configs)) $configs = $configdata->configs; else $configs = (object)array(); $return['configs'] = array(); foreach($initconfigs as $id => $config) { if(isset($configs->{$id}) && isset($configs->{$id}->applied) && $configs->{$config['id']}->applied != 'true' && $configs->{$config['id']}->applied != 'false') unset($configs->{$config['id']}); if($config['optional'] && (! isset($configs->{$id}) || ! $configs->{$id}->applied)) continue; $return['configs'][$id] = array('configid' => $config['configid'], 'configmapid' => $config['configmapid'], 'imageid' => $config['subimageid']); if(isset($configs->{$id})) unset($configs->{$id}); } $rescfgmapids = array(); foreach($configs as $id => $config) { if(! array_key_exists($config->configid, $userconfigs)) continue; $return['configs'][$id] = array('configid' => $config->configid, 'configstageid' => $config->configstageid, 'imageid' => $config->imageid); $tmp = explode('/', $id); $rescfgmapids[$tmp[1]] = 1; } # configvars $tmp = array_splice($initconfigs, 0); $initconfigvars = getImageConfigVariables($tmp); if(array_key_exists('configdata', $_POST) && isset($configdata->configvars)) $configvars = $configdata->configvars; else $configvars = (object)array(); #print "/*"; #printArray($initconfigvars); #printArray($configvars); #print "*" . "/"; $return['configvars'] = array(); foreach($initconfigvars as $id => $configvar) { $tmp = explode('/', $id); $cfgid = "{$tmp[0]}/{$tmp[1]}"; $varid = $tmp[2]; if($configvar['ask'] == 0 || ! isset($configvars->{$id}) || ! isset($configvars->{$id}->value)) { $return['configvars'][$cfgid][$varid] = array('value' => $configvar['defaultvalue']); } else { switch($configvar['datatype']) { case 'bool': case 'int': case 'float': $value = processInputData($configvars->{$id}->value, ARG_NUMERIC); break; default: $value = processInputData($configvars->{$id}->value, ARG_STRING); break; } $return['configvars'][$cfgid][$varid] = array('value' => $value); } if(isset($configvars->{$id})) unset($configvars->{$id}); }*/ /*print "/*"; printArray($rescfgmapids); foreach($configvars as $id => $var) { $cfgid = explode('/', $id); print "cfgid: {$cfgid[1]}\n"; if(! array_key_exists($cfgid[1], $rescfgmapids)) continue; // TODO validate based on var type $value = processInputData($configvars->{$id}->value, ARG_STRING); $return['configvars']["{$cfgid[0]}/{$cfgid[1]}"][$cfgid[2]] = array('value' => $value); } printArray($configvars);*/ #print "*/"; } return $return; }
function viewNodes() { global $user; # FIXME change activeNode if current one has been deleted $mode = processInputVar("mode", ARG_STRING); $tmp = processInputVar("openNodes", ARG_STRING); if ($tmp != "") { $openNodes = explode(":", $tmp); } else { if (!empty($_COOKIE["VCLNODES"])) { $openNodes = explode(":", $_COOKIE["VCLNODES"]); } else { $openNodes = array(DEFAULT_PRIVNODE); } } $topNodes = getChildNodes(); if (count($topNodes)) { $keys = array_keys($topNodes); $defaultActive = array_shift($keys); } $activeNode = processInputVar("activeNode", ARG_NUMERIC); if (empty($activeNode)) { if (!empty($_COOKIE["VCLACTIVENODE"]) && nodeExists($_COOKIE['VCLACTIVENODE'])) { $activeNode = $_COOKIE["VCLACTIVENODE"]; } else { $activeNode = $defaultActive; } } $hasNodeAdmin = checkUserHasPriv("nodeAdmin", $user["id"], $activeNode); # tree print "<H2>Privilege Tree</H2>\n"; /*if($mode == "submitAddChildNode") { print "<font color=\"#008000\">Node successfully added to tree"; print "</font><br><br>\n"; } if($mode == "submitDeleteNode") { print "<font color=\"#008000\">Nodes successfully deleted from tree"; print "</font><br><br>\n"; }*/ print "<dojo:TreeSelector widgetId=treeSelector eventNames=select:nodeSelected></dojo:TreeSelector>\n"; #print "<dojo:TreeRPCController RPCUrl=local widgetId=treeController></dojo:TreeRPCController>\n"; print "<div dojoType=Tree widgetId=privTree selector=treeSelector>\n"; recursivePrintNodes2($topNodes, $openNodes, $activeNode); print "</div>\n"; print "<div id=treebuttons>\n"; if ($hasNodeAdmin) { $openNodes = implode(":", $openNodes); print "<TABLE>\n"; print " <TR valign=top>\n"; print " <TD><FORM action=\"" . BASEURL . SCRIPT . "\" method=post>\n"; print " <button id=addNodeBtn dojoType=Button "; print "onClick=\"showAddNodePane(); return false;\">"; print "Add Child</button>\n"; print " </FORM></TD>\n"; print " <TD><FORM action=\"" . BASEURL . SCRIPT . "\" method=post>\n"; print " <button id=deleteNodeBtn dojoType=Button onClick=\"dojo.widget.byId('deleteDialog').show();\">"; print "Delete Node and Children</button>\n"; print " </FORM></TD>\n"; print " </TR>\n"; print "</TABLE>\n"; } print "</div>\n"; $cont = addContinuationsEntry('selectNode'); print "<INPUT type=hidden id=nodecont value=\"{$cont}\">\n"; # privileges print "<H2>Privileges at Selected Node</H2>\n"; $node = $activeNode; if ($openNodes == "") { $openNodes = DEFAULT_PRIVNODE; } $nodeInfo = getNodeInfo($node); $privs = getNodePrivileges($node); $cascadePrivs = getNodeCascadePrivileges($node); $usertypes = getTypes("users"); $i = 0; $hasUserGrant = checkUserHasPriv("userGrant", $user["id"], $node, $privs, $cascadePrivs); $hasResourceGrant = checkUserHasPriv("resourceGrant", $user["id"], $node, $privs, $cascadePrivs); print "<div id=nodePerms>\n"; # users print "<A name=\"users\"></a>\n"; print "<div id=usersDiv>\n"; print "<H3>Users</H3>\n"; print "<FORM id=usersform action=\"" . BASEURL . SCRIPT . "#users\" method=post>\n"; $users = array(); if (count($privs["users"]) || count($cascadePrivs["users"])) { print "<TABLE border=1 summary=\"\">\n"; print " <TR>\n"; print " <TD></TD>\n"; print " <TH bgcolor=gray style=\"color: black;\">Block<br>Cascaded<br>Rights</TH>\n"; print " <TH bgcolor=\"#008000\" style=\"color: black;\">Cascade<br>to Child<br>Nodes</TH>\n"; foreach ($usertypes["users"] as $type) { $img = getImageText($type); print " <TD>{$img}</TD>\n"; } print " </TR>\n"; $users = array_unique(array_merge(array_keys($privs["users"]), array_keys($cascadePrivs["users"]))); sort($users); foreach ($users as $_user) { printUserPrivRow($_user, $i, $privs["users"], $usertypes["users"], $cascadePrivs["users"], 'user', !$hasUserGrant); $i++; } print "</TABLE>\n"; print "<div id=lastUserNum class=hidden>" . ($i - 1) . "</div>\n"; if ($hasUserGrant) { $cont = addContinuationsEntry('AJchangeUserPrivs'); print "<INPUT type=hidden id=changeuserprivcont value=\"{$cont}\">\n"; } } else { print "There are no user privileges at the selected node.<br>\n"; } if ($hasUserGrant) { print "<BUTTON id=addUserBtn dojoType=Button onclick=\"showAddUserPane(); return false;\">"; print "Add User</button>\n"; } print "</FORM>\n"; print "</div>\n"; # groups print "<A name=\"groups\"></a>\n"; print "<div id=usergroupsDiv>\n"; print "<H3>User Groups</H3>\n"; if (count($privs["usergroups"]) || count($cascadePrivs["usergroups"])) { print "<FORM action=\"" . BASEURL . SCRIPT . "#groups\" method=post>\n"; print "<div id=firstUserGroupNum class=hidden>{$i}</div>"; print "<TABLE border=1 summary=\"\">\n"; print " <TR>\n"; print " <TD></TD>\n"; print " <TH bgcolor=gray style=\"color: black;\">Block<br>Cascaded<br>Rights</TH>\n"; #$img = getImageText("Block Cascaded Rights"); #print " <TD>$img</TD>\n"; print " <TH bgcolor=\"#008000\" style=\"color: black;\">Cascade<br>to Child<br>Nodes</TH>\n"; #$img = getImageText("Cascade to Child Nodes"); #print " <TD>$img</TD>\n"; foreach ($usertypes["users"] as $type) { $img = getImageText($type); print " <TH>{$img}</TH>\n"; } print " </TR>\n"; $groups = array_unique(array_merge(array_keys($privs["usergroups"]), array_keys($cascadePrivs["usergroups"]))); sort($groups); foreach ($groups as $group) { printUserPrivRow($group, $i, $privs["usergroups"], $usertypes["users"], $cascadePrivs["usergroups"], 'group', !$hasUserGrant); $i++; } print "</TABLE>\n"; print "<div id=lastUserGroupNum class=hidden>" . ($i - 1) . "</div>"; if ($hasUserGrant) { $cont = addContinuationsEntry('AJchangeUserGroupPrivs'); print "<INPUT type=hidden id=changeusergroupprivcont value=\"{$cont}\">\n"; } } else { print "There are no user group privileges at the selected node.<br>\n"; $groups = array(); } if ($hasUserGrant) { print "<BUTTON id=addGroupBtn dojoType=Button onclick=\"showAddUserGroupPane(); return false;\">"; print "Add Group</button>\n"; } print "</FORM>\n"; print "</div>\n"; # resources $resourcetypes = array("available", "administer", "manageGroup"); print "<A name=\"resources\"></a>\n"; print "<div id=resourcesDiv>\n"; print "<H3>Resources</H3>\n"; print "<FORM id=resourceForm action=\"" . BASEURL . SCRIPT . "#resources\" method=post>\n"; if (count($privs["resources"]) || count($cascadePrivs["resources"])) { print "<TABLE border=1 summary=\"\">\n"; print " <TR>\n"; print " <TH>Group<br>Name</TH>\n"; print " <TH>Group<br>Type</TH>\n"; print " <TH bgcolor=gray style=\"color: black;\">Block<br>Cascaded<br>Rights</TH>\n"; print " <TH bgcolor=\"#008000\" style=\"color: black;\">Cascade<br>to Child<br>Nodes</TH>\n"; foreach ($resourcetypes as $type) { $img = getImageText("{$type}"); print " <TH>{$img}</TH>\n"; } print " </TR>\n"; $resources = array_unique(array_merge(array_keys($privs["resources"]), array_keys($cascadePrivs["resources"]))); sort($resources); $resourcegroups = getResourceGroups(); $resgroupmembers = getResourceGroupMembers(); foreach ($resources as $resource) { printResourcePrivRow($resource, $i, $privs["resources"], $resourcetypes, $resourcegroups, $resgroupmembers, $cascadePrivs["resources"], !$hasResourceGrant); $i++; } print "</TABLE>\n"; if ($hasResourceGrant) { $cont = addContinuationsEntry('AJchangeResourcePrivs'); print "<INPUT type=hidden id=changeresourceprivcont value=\"{$cont}\">\n"; } } else { print "There are no resource group privileges at the selected node.<br>\n"; $resources = array(); } if ($hasResourceGrant) { print "<BUTTON id=addResourceBtn dojoType=Button onclick=\"showAddResourceGroupPane(); return false;\">"; print "Add Resource Group</button>\n"; } print "</FORM>\n"; print "</div>\n"; print "</div>\n"; print "<div dojoType=FloatingPane\n"; print " id=addUserPane\n"; print " title=\"Add User Permission\"\n"; print " constrainToContainer=false\n"; print " hasShadow=true\n"; print " resizable=true\n"; print " style=\"width: 520px; height: 410px; position: absolute; left: 15; top: 250px; display: none\"\n"; print ">\n"; print "<H2>Add User</H2>\n"; print "<div id=addPaneNodeName></div>\n"; print "<TABLE border=1 summary=\"\">\n"; print " <TR>\n"; print " <TD></TD>\n"; print " <TH bgcolor=gray style=\"color: black;\">Block<br>Cascaded<br>Rights</TH>\n"; print " <TH bgcolor=\"#008000\" style=\"color: black;\">Cascade<br>to Child<br>Nodes</TH>\n"; foreach ($usertypes["users"] as $type) { $img = getImageText($type); print " <TD>{$img}</TD>\n"; } print " </TR>\n"; print " <TR>\n"; print " <TD><INPUT type=text id=newuser name=newuser size=15"; print "></TD>\n"; # block rights $count = count($usertypes) + 1; print " <TD align=center bgcolor=gray><INPUT type=checkbox "; print "dojoType=Checkbox id=blockchk name=block></TD>\n"; #cascade rights print " <TD align=center bgcolor=\"#008000\" id=usercell0:0>"; print "<INPUT type=checkbox dojoType=Checkbox id=userck0:0 name=cascade "; print "></TD>\n"; # normal rights $j = 1; foreach ($usertypes["users"] as $type) { print " <TD align=center id=usercell0:{$j}><INPUT type=checkbox "; print "dojoType=Checkbox name=\"{$type}\" id=userck0:{$j}></TD>\n"; $j++; } print " </TR>\n"; print "</TABLE>\n"; print "<div id=addUserPrivStatus></div>\n"; print "<TABLE summary=\"\"><TR>\n"; print "<TD><button id=submitAddUserBtn dojoType=Button onclick=\"submitAddUser();\">"; print "Submit New User</button></TD>\n"; print "<TD><button id=cancelAddUserBtn dojoType=Button onclick=\"addUserPaneHide();\">"; print "Cancel</button></TD>\n"; print "</TR></TABLE>\n"; $cont = addContinuationsEntry('AJsubmitAddUserPriv'); print "<INPUT type=hidden id=addusercont value=\"{$cont}\">\n"; print "</div>\n"; print "<div dojoType=FloatingPane\n"; print " id=addUserGroupPane\n"; print " title=\"Add User Group Permission\"\n"; print " constrainToContainer=false\n"; print " hasShadow=true\n"; print " resizable=true\n"; print " style=\"width: 520px; height: 410px; position: absolute; left: 15; top: 450px; display: none\"\n"; print ">\n"; print "<H2>Add User Group</H2>\n"; print "<div id=addGroupPaneNodeName></div>\n"; print "<TABLE border=1 summary=\"\">\n"; print " <TR>\n"; print " <TD></TD>\n"; print " <TH bgcolor=gray style=\"color: black;\">Block<br>Cascaded<br>Rights</TH>\n"; print " <TH bgcolor=\"#008000\" style=\"color: black;\">Cascade<br>to Child<br>Nodes</TH>\n"; foreach ($usertypes["users"] as $type) { $img = getImageText($type); print " <TD>{$img}</TD>\n"; } print " </TR>\n"; print " <TR>\n"; print " <TD>\n"; # FIXME should $groups be only the user's groups? $groups = getUserGroups(0, $user['affiliationid']); if (array_key_exists(82, $groups)) { unset($groups[82]); } # remove None group printSelectInput("newgroupid", $groups, -1, 0, 0, 'newgroupid'); print " </TD>\n"; # block rights print " <TD align=center bgcolor=gray><INPUT type=checkbox "; print "dojoType=Checkbox id=blockgrpchk name=blockgrp></TD>\n"; #cascade rights print " <TD align=center bgcolor=\"#008000\" id=grpcell0:0>"; print "<INPUT type=checkbox dojoType=Checkbox id=usergrpck0:0 "; print "name=cascadegrp></TD>\n"; # normal rights $j = 1; foreach ($usertypes["users"] as $type) { print " <TD align=center id=usergrpcell0:{$j}><INPUT type=checkbox "; print "dojoType=Checkbox name=\"{$type}\" id=usergrpck0:{$j}></TD>\n"; $j++; } print " </TR>\n"; print "</TABLE>\n"; print "<div id=addUserGroupPrivStatus></div>\n"; print "<TABLE summary=\"\"><TR>\n"; print "<TD><button id=submitAddGroupBtn dojoType=Button onclick=\"submitAddUserGroup();\">"; print "Submit New User Group</button></TD>\n"; print "<TD><button id=cancelAddGroupBtn dojoType=Button onclick=\"addUserGroupPaneHide();\">"; print "Cancel</button></TD>\n"; print "</TR></TABLE>\n"; $cont = addContinuationsEntry('AJsubmitAddUserGroupPriv'); print "<INPUT type=hidden id=addusergroupcont value=\"{$cont}\">\n"; print "</div>\n"; print "<div dojoType=FloatingPane\n"; print " id=addResourceGroupPane\n"; print " title=\"Add Resource Group Permission\"\n"; print " constrainToContainer=false\n"; print " hasShadow=true\n"; print " resizable=true\n"; print " style=\"width: 520px; height: 410px; position: absolute; left: 15; top: 450px; display: none\"\n"; print ">\n"; print "<H2>Add Resource Group</H2>\n"; print "<div id=addResourceGroupPaneNodeName></div>\n"; print "<TABLE border=1 summary=\"\">\n"; print " <TR>\n"; print " <TD></TD>\n"; print " <TH bgcolor=gray style=\"color: black;\">Block<br>Cascaded<br>Rights</TH>\n"; print " <TH bgcolor=\"#008000\" style=\"color: black;\">Cascade<br>to Child<br>Nodes</TH>\n"; $resourcetypes = array("available", "administer", "manageGroup"); foreach ($resourcetypes as $type) { $img = getImageText("{$type}"); print " <TH>{$img}</TH>\n"; } print " </TR>\n"; print " <TR>\n"; print " <TD>\n"; $resources = array(); $privs = array("computerAdmin", "mgmtNodeAdmin", "imageAdmin", "scheduleAdmin"); $resourcesgroups = getUserResources($privs, array("manageGroup"), 1); foreach (array_keys($resourcesgroups) as $type) { foreach ($resourcesgroups[$type] as $id => $group) { $resources[$id] = $type . "/" . $group; } } printSelectInput("newresourcegroupid", $resources, -1, 0, 0, 'newresourcegroupid'); print " </TD>\n"; # block rights print " <TD align=center bgcolor=gray><INPUT type=checkbox "; print "dojoType=Checkbox id=blockresgrpck name=blockresgrp></TD>\n"; #cascade rights print " <TD align=center bgcolor=\"#008000\" id=resgrpcell0:0>"; print "<INPUT type=checkbox dojoType=Checkbox id=resgrpck0:0 "; print "name=cascaderesgrp></TD>\n"; # normal rights print " <TD align=center id=resgrpcell0:1><INPUT type=checkbox "; print "dojoType=Checkbox name=available id=resgrpck0:1></TD>\n"; print " <TD align=center id=resgrpcell0:2><INPUT type=checkbox "; print "dojoType=Checkbox name=administer id=resgrpck0:2></TD>\n"; print " <TD align=center id=resgrpcell0:3><INPUT type=checkbox "; print "dojoType=Checkbox name=manageGroup id=resgrpck0:3></TD>\n"; print " </TR>\n"; print "</TABLE>\n"; print "<div id=addResourceGroupPrivStatus></div>\n"; print "<TABLE summary=\"\"><TR>\n"; print "<TD><button dojoType=Button onclick=\"submitAddResourceGroup();\">"; print "Submit New Resource Group</button></TD>\n"; print "<TD><button dojoType=Button onclick=\"addResourceGroupPaneHide();\">"; print "Cancel</button></TD>\n"; print "</TR></TABLE>\n"; $cont = addContinuationsEntry('AJsubmitAddResourcePriv'); print "<INPUT type=hidden id=addresourcegroupcont value=\"{$cont}\">\n"; print "</div>\n"; print "<div dojoType=FloatingPane\n"; print " id=addNodePane\n"; print " title=\"Add Child Node\"\n"; print " constrainToContainer=false\n"; print " hasShadow=true\n"; print " resizable=true\n"; print " style=\"width: 280px; height: 200px; position: absolute; left: 15; top: 150px; display: none\"\n"; print ">\n"; print "<H2>Add Child Node</H2>\n"; print "<div id=addChildNodeName></div>\n"; print "<strong>New Node:</strong> <INPUT type=text id=childNodeName>\n"; print "<div id=addChildNodeStatus></div>\n"; print "<TABLE summary=\"\"><TR>\n"; print "<TD><button id=submitAddNodeBtn dojoType=Button onclick=\"submitAddChildNode();\">"; print "Create Child</button></TD>\n"; print "<TD><button id=cancelAddNodeBtn dojoType=Button onclick=\"addNodePaneHide();\">"; print "Cancel</button></TD>\n"; print "</TR></TABLE>\n"; $cont = addContinuationsEntry('AJsubmitAddChildNode'); print "<INPUT type=hidden id=addchildcont value=\"{$cont}\"\n>"; print "</div>\n"; print "<div dojoType=dialog id=deleteDialog bgColor=white bgOpacity=0.5 toggle=fade toggleDuration=250>\n"; print "Delete the following node and all of its children?<br><br>\n"; print "<div id=deleteNodeName></div><br>\n"; print "<div align=center>\n"; print "<TABLE summary=\"\"><TR>\n"; print "<TD><button id=submitDeleteNodeBtn dojoType=Button onClick=\"deleteNode();\">"; print "Delete Nodes</button></TD>\n"; print "<TD><button id=cancelDeleteNodeBtn dojoType=Button "; print "onClick=\"dojo.widget.byId('deleteDialog').hide();\">Cancel</button>"; print "</TD>\n"; print "</TR></TABLE>\n"; $cont = addContinuationsEntry('AJsubmitDeleteNode'); print "<INPUT type=hidden id=delchildcont value=\"{$cont}\"\n>"; print "</div>\n"; print "</div>\n"; print "<div dojoType=dialog id=workingDialog bgColor=white bgOpacity=0.5 toggle=fade toggleDuration=250>\n"; print "Loading...\n"; print "</div>\n"; }
require_once "radius.inc"; if ($_POST) { $pconfig = $_POST; unset($input_errors); $authcfg = auth_get_authserver($_POST['authmode']); if (!$authcfg) { $input_errors[] = $_POST['authmode'] . " " . gettext("is not a valid authentication server"); } if (empty($_POST['username']) || empty($_POST['password'])) { $input_errors[] = gettext("A username and password must be specified."); } if (!$input_errors) { $attributes = array(); if (authenticate_user($_POST['username'], $_POST['password'], $authcfg, $attributes)) { $savemsg = gettext("User") . ": " . $_POST['username'] . " " . gettext("authenticated successfully."); $groups = getUserGroups($_POST['username'], $authcfg, $attributes); $savemsg .= " " . gettext("This user is a member of groups") . ": <br />"; $savemsg .= "<ul>"; foreach ($groups as $group) { $savemsg .= "<li>" . "{$group} " . "</li>"; } $savemsg .= "</ul>"; } else { $input_errors[] = gettext("Authentication failed."); } } } else { if (isset($config['system']['webgui']['authmode'])) { $pconfig['authmode'] = $config['system']['webgui']['authmode']; } else { $pconfig['authmode'] = "Local Database";
echo '<tr class=""><td>No hay actividades recientes</td></tr>'; } ?> </tbody> </table> <legend>Mis Grupos</legend> <table class="table striped bordered hovered"> <tbody> <?php if ($_SESSION['type'] == 0) { $results = getAllGroups(); } else { if ($_SESSION['type'] == 1) { $results = getTeacherUserGroups($_SESSION['id']); } else { $results = getUserGroups($_SESSION['id']); } } if (count($results) > 0) { foreach ($results as $result) { echo '<tr class=""><td><a href="groupSelection.php?id=' . $result['id'] . '">' . $result['name'] . '</a></td></tr>'; } } else { echo '<tr class=""><td>El usuario no está involucrado en ningún grupo</td></tr>'; } ?> </tbody> </table> </div> </div> </body>