You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@vcl.apache.org by jf...@apache.org on 2008/12/12 19:20:18 UTC
svn commit: r726079 [20/32] - in /incubator/vcl/tags/import: ./
managementnode/ managementnode/bin/ managementnode/etc/
managementnode/etc/vcl/ managementnode/legacy_vcl_vbs_scripts/
managementnode/lib/ managementnode/lib/VCL/ managementnode/lib/VCL/Mo...
Added: incubator/vcl/tags/import/web/.ht-inc/Doxyfile
URL: http://svn.apache.org/viewvc/incubator/vcl/tags/import/web/.ht-inc/Doxyfile?rev=726079&view=auto
==============================================================================
--- incubator/vcl/tags/import/web/.ht-inc/Doxyfile (added)
+++ incubator/vcl/tags/import/web/.ht-inc/Doxyfile Fri Dec 12 10:20:10 2008
@@ -0,0 +1,233 @@
+# Doxyfile 1.4.1-KDevelop
+
+#---------------------------------------------------------------------------
+# Project related configuration options
+#---------------------------------------------------------------------------
+PROJECT_NAME = vcl.kdevelop
+PROJECT_NUMBER = $VERSION$
+OUTPUT_DIRECTORY =
+CREATE_SUBDIRS = NO
+OUTPUT_LANGUAGE = English
+USE_WINDOWS_ENCODING = NO
+BRIEF_MEMBER_DESC = YES
+REPEAT_BRIEF = YES
+ABBREVIATE_BRIEF = "The $name class" \
+ "The $name widget" \
+ "The $name file" \
+ is \
+ provides \
+ specifies \
+ contains \
+ represents \
+ a \
+ an \
+ the
+ALWAYS_DETAILED_SEC = NO
+INLINE_INHERITED_MEMB = NO
+FULL_PATH_NAMES = NO
+STRIP_FROM_PATH = /home/jfthomps/
+STRIP_FROM_INC_PATH =
+SHORT_NAMES = NO
+JAVADOC_AUTOBRIEF = NO
+MULTILINE_CPP_IS_BRIEF = NO
+DETAILS_AT_TOP = NO
+INHERIT_DOCS = YES
+DISTRIBUTE_GROUP_DOC = NO
+TAB_SIZE = 8
+ALIASES =
+OPTIMIZE_OUTPUT_FOR_C = NO
+OPTIMIZE_OUTPUT_JAVA = NO
+SUBGROUPING = YES
+#---------------------------------------------------------------------------
+# Build related configuration options
+#---------------------------------------------------------------------------
+EXTRACT_ALL = YES
+EXTRACT_PRIVATE = YES
+EXTRACT_STATIC = YES
+EXTRACT_LOCAL_CLASSES = YES
+EXTRACT_LOCAL_METHODS = YES
+HIDE_UNDOC_MEMBERS = NO
+HIDE_UNDOC_CLASSES = NO
+HIDE_FRIEND_COMPOUNDS = NO
+HIDE_IN_BODY_DOCS = YES
+INTERNAL_DOCS = YES
+CASE_SENSE_NAMES = YES
+HIDE_SCOPE_NAMES = NO
+SHOW_INCLUDE_FILES = YES
+INLINE_INFO = YES
+SORT_MEMBER_DOCS = YES
+SORT_BRIEF_DOCS = YES
+SORT_BY_SCOPE_NAME = NO
+GENERATE_TODOLIST = YES
+GENERATE_TESTLIST = YES
+GENERATE_BUGLIST = YES
+GENERATE_DEPRECATEDLIST= YES
+ENABLED_SECTIONS =
+MAX_INITIALIZER_LINES = 30
+SHOW_USED_FILES = NO
+SHOW_DIRECTORIES = NO
+FILE_VERSION_FILTER =
+#---------------------------------------------------------------------------
+# configuration options related to warning and progress messages
+#---------------------------------------------------------------------------
+QUIET = NO
+WARNINGS = YES
+WARN_IF_UNDOCUMENTED = YES
+WARN_IF_DOC_ERROR = YES
+WARN_NO_PARAMDOC = YES
+WARN_FORMAT = "$file:$line: $text"
+WARN_LOGFILE =
+#---------------------------------------------------------------------------
+# configuration options related to the input files
+#---------------------------------------------------------------------------
+#INPUT = /home/jfthomps/locker/www/vcl/.ht-inc
+INPUT = /afs/eos/engrwww/vcl.ncsu/scheduling/.ht-inc
+FILE_PATTERNS = *.php
+RECURSIVE = yes
+EXCLUDE = /afs/eos/engrwww/vcl.ncsu/scheduling/.ht-inc/jpgraph /afs/eos/engrwww/vcl.ncsu/scheduling/.ht-inc/jpgraph.old
+EXCLUDE_SYMLINKS = NO
+EXCLUDE_PATTERNS =
+EXAMPLE_PATH = /afs/eos/engrwww/vcl.ncsu/scheduling/.ht-inc
+EXAMPLE_PATTERNS = *
+EXAMPLE_RECURSIVE = NO
+IMAGE_PATH =
+INPUT_FILTER =
+FILTER_PATTERNS =
+FILTER_SOURCE_FILES = NO
+#---------------------------------------------------------------------------
+# configuration options related to source browsing
+#---------------------------------------------------------------------------
+SOURCE_BROWSER = YES
+INLINE_SOURCES = NO
+STRIP_CODE_COMMENTS = YES
+REFERENCED_BY_RELATION = YES
+REFERENCES_RELATION = YES
+VERBATIM_HEADERS = YES
+#---------------------------------------------------------------------------
+# configuration options related to the alphabetical class index
+#---------------------------------------------------------------------------
+ALPHABETICAL_INDEX = YES
+COLS_IN_ALPHA_INDEX = 5
+IGNORE_PREFIX =
+#---------------------------------------------------------------------------
+# configuration options related to the HTML output
+#---------------------------------------------------------------------------
+GENERATE_HTML = YES
+HTML_OUTPUT = /home/jfthomps/locker/www/vcl/docs
+HTML_FILE_EXTENSION = .html
+HTML_HEADER =
+HTML_FOOTER =
+HTML_STYLESHEET =
+HTML_ALIGN_MEMBERS = YES
+GENERATE_HTMLHELP = NO
+CHM_FILE =
+HHC_LOCATION =
+GENERATE_CHI = NO
+BINARY_TOC = NO
+TOC_EXPAND = YES
+DISABLE_INDEX = NO
+ENUM_VALUES_PER_LINE = 4
+GENERATE_TREEVIEW = YES
+TREEVIEW_WIDTH = 210
+#---------------------------------------------------------------------------
+# configuration options related to the LaTeX output
+#---------------------------------------------------------------------------
+GENERATE_LATEX = NO
+LATEX_OUTPUT = latex
+LATEX_CMD_NAME = latex
+MAKEINDEX_CMD_NAME = makeindex
+COMPACT_LATEX = NO
+PAPER_TYPE = a4wide
+EXTRA_PACKAGES =
+LATEX_HEADER =
+PDF_HYPERLINKS = NO
+USE_PDFLATEX = NO
+LATEX_BATCHMODE = NO
+LATEX_HIDE_INDICES = NO
+#---------------------------------------------------------------------------
+# configuration options related to the RTF output
+#---------------------------------------------------------------------------
+GENERATE_RTF = NO
+RTF_OUTPUT = rtf
+COMPACT_RTF = NO
+RTF_HYPERLINKS = NO
+RTF_STYLESHEET_FILE =
+RTF_EXTENSIONS_FILE =
+#---------------------------------------------------------------------------
+# configuration options related to the man page output
+#---------------------------------------------------------------------------
+GENERATE_MAN = NO
+MAN_OUTPUT = man
+MAN_EXTENSION = .3
+MAN_LINKS = NO
+#---------------------------------------------------------------------------
+# configuration options related to the XML output
+#---------------------------------------------------------------------------
+GENERATE_XML = NO
+XML_OUTPUT = xml
+XML_SCHEMA =
+XML_DTD =
+XML_PROGRAMLISTING = YES
+#---------------------------------------------------------------------------
+# configuration options for the AutoGen Definitions output
+#---------------------------------------------------------------------------
+GENERATE_AUTOGEN_DEF = NO
+#---------------------------------------------------------------------------
+# configuration options related to the Perl module output
+#---------------------------------------------------------------------------
+GENERATE_PERLMOD = NO
+PERLMOD_LATEX = NO
+PERLMOD_PRETTY = YES
+PERLMOD_MAKEVAR_PREFIX =
+#---------------------------------------------------------------------------
+# Configuration options related to the preprocessor
+#---------------------------------------------------------------------------
+ENABLE_PREPROCESSING = YES
+MACRO_EXPANSION = NO
+EXPAND_ONLY_PREDEF = NO
+SEARCH_INCLUDES = YES
+INCLUDE_PATH =
+INCLUDE_FILE_PATTERNS =
+PREDEFINED =
+EXPAND_AS_DEFINED =
+SKIP_FUNCTION_MACROS = YES
+#---------------------------------------------------------------------------
+# Configuration::additions related to external references
+#---------------------------------------------------------------------------
+TAGFILES =
+GENERATE_TAGFILE = vcl.tag
+ALLEXTERNALS = NO
+EXTERNAL_GROUPS = YES
+PERL_PATH = /usr/bin/perl
+#---------------------------------------------------------------------------
+# Configuration options related to the dot tool
+#---------------------------------------------------------------------------
+CLASS_DIAGRAMS = YES
+HIDE_UNDOC_RELATIONS = NO
+HAVE_DOT = YES
+CLASS_GRAPH = YES
+COLLABORATION_GRAPH = YES
+GROUP_GRAPHS = YES
+UML_LOOK = NO
+TEMPLATE_RELATIONS = NO
+INCLUDE_GRAPH = YES
+INCLUDED_BY_GRAPH = YES
+CALL_GRAPH = YES
+CALLER_GRAPH = NO
+GRAPHICAL_HIERARCHY = YES
+DIRECTORY_GRAPH = YES
+DOT_IMAGE_FORMAT = png
+DOT_PATH = /usr/bin
+DOTFILE_DIRS =
+MAX_DOT_GRAPH_WIDTH = 1536
+MAX_DOT_GRAPH_HEIGHT = 1536
+MAX_DOT_GRAPH_DEPTH = 1000
+DOT_GRAPH_MAX_NODES = 50
+DOT_TRANSPARENT = NO
+DOT_MULTI_TARGETS = YES
+GENERATE_LEGEND = YES
+DOT_CLEANUP = NO
+#---------------------------------------------------------------------------
+# Configuration::additions related to the search engine
+#---------------------------------------------------------------------------
+SEARCHENGINE = NO
Added: incubator/vcl/tags/import/web/.ht-inc/authentication.php
URL: http://svn.apache.org/viewvc/incubator/vcl/tags/import/web/.ht-inc/authentication.php?rev=726079&view=auto
==============================================================================
--- incubator/vcl/tags/import/web/.ht-inc/authentication.php (added)
+++ incubator/vcl/tags/import/web/.ht-inc/authentication.php Fri Dec 12 10:20:10 2008
@@ -0,0 +1,605 @@
+<?php
+/*
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+*/
+
+/**
+ * \file
+ */
+////////////////////////////////////////////////////////////////////////////////
+///
+/// \fn getAuthCookieData($loginid, $valid)
+///
+/// \param $loginid - login id for user
+/// \param $valid - (optional, default=600) - time in minutes the cookie
+/// should be valid
+///
+/// \return on failure, an error message; on success, an array with 2 elements:\n
+/// data - encrypted payload for auth cookie\n
+/// ts - unix timestamp it will expire
+///
+/// \brief gets user's information and stores it along with their IP address and
+/// a timestamp
+///
+////////////////////////////////////////////////////////////////////////////////
+function getAuthCookieData($loginid, $valid=600) {
+ global $keys;
+ $ts = time() + ($valid * 60);
+ $remoteIP = $_SERVER["REMOTE_ADDR"];
+ if(empty($remoteIP))
+ return "Failed to obtain remote IP address for fixed cookie type";
+ $cdata = "$loginid|$remoteIP|$ts";
+
+ if(! openssl_private_encrypt($cdata, $cryptdata, $keys["private"]))
+ return "Failed to encrypt cookie data";
+
+ return array("data" => $cryptdata, "ts" => $ts);
+}
+
+////////////////////////////////////////////////////////////////////////////////
+///
+/// \fn readAuthCookie()
+///
+/// \return on success, an array with the following indices:\n
+/// \b userid - numeric user id\n
+/// \b first - first name\n
+/// \b middle - middle name (may be an empty string)\n
+/// \b last - last name\n
+/// \b email - email address\n
+/// \b created - timestamp of account creation (in mysql datetime format)\n
+/// \b ts - timestamp that authentication cookie will expire (in unix timestamp
+/// format)\n
+/// \b type - 'fixed' or 'floating' - fixed = tied to specific IP address;
+/// floating = not tied to any IP address (only fixed is supported at this time)\n
+/// \b remoteIP - empty for type 'floating'; user's IP address for type 'fixed'
+///
+/// \brief parses the ITECSAUTH cookie and returns an array; on failure, returns
+/// an empty array. You will then need to call ITECSAUTH_getError to get
+/// the reason.
+///
+////////////////////////////////////////////////////////////////////////////////
+function readAuthCookie() {
+ global $keys, $AUTHERROR;
+ if(get_magic_quotes_gpc())
+ $cookie = stripslashes($_COOKIE["VCLAUTH"]);
+ else
+ $cookie = $_COOKIE["VCLAUTH"];
+ if(! openssl_public_decrypt($cookie, $tmp, $keys['public'])) {
+ $AUTHERROR["code"] = 3;
+ $AUTHERROR["message"] = "Failed to decrypt auth cookie";
+ return NULL;
+ }
+
+ $tmparr = explode('|', $tmp);
+ $loginid = $tmparr[0];
+ $remoteIP = $tmparr[1];
+ $ts = $tmparr[2];
+
+ if($ts < time()) {
+ $AUTHERROR["code"] = 4;
+ $AUTHERROR["message"] = "Auth cookie has expired";
+ return NULL;
+ }
+ if($_SERVER["REMOTE_ADDR"] != $remoteIP) {
+ //setcookie("ITECSAUTH", "", time() - 10, "/", COOKIEDOMAIN);
+ $AUTHERROR["code"] = 4;
+ $AUTHERROR["message"] = "remote IP in auth cookie doesn't match user's remote IP";
+ return NULL;
+ }
+
+ return $loginid;
+}
+
+////////////////////////////////////////////////////////////////////////////////
+///
+/// \fn selectAuth()
+///
+/// \brief prints a page for the user to select the authentication method to use
+///
+////////////////////////////////////////////////////////////////////////////////
+function selectAuth() {
+ global $HTMLheader, $printedHTMLheader, $authMechs, $skin;
+ $authtype = getContinuationVar('authtype', processInputVar("authtype", ARG_STRING));
+ if(array_key_exists($authtype, $authMechs)) {
+ if($authMechs[$authtype]['type'] == 'redirect') {
+ header("Location: {$authMechs[$authtype]['URL']}");
+ dbDisconnect();
+ exit;
+ }
+ elseif($authMechs[$authtype]['type'] == 'ldap' ||
+ $authMechs[$authtype]['type'] == 'local') {
+ printLoginPageWithSkin($authtype);
+ return;
+ }
+ }
+ require_once("themes/$skin/page.php");
+ $HTMLheader = getHeader(0);
+ print $HTMLheader;
+ $printedHTMLheader = 1;
+ print "<H2>Welcome to the Virtual Computing Lab</H2>\n";
+ print "<TABLE>\n";
+ print "<TR>\n";
+ print "<TD nowrap class=rightborder>\n";
+ print "Please select an authentication method to use:<br><br>\n";
+ if(strlen($authtype))
+ print "<font color=red>Selected method failed, please try again</font><br>\n";
+ foreach(array_keys($authMechs) as $mech)
+ $methods["$mech"] = $mech;
+ print "<FORM action=\"" . BASEURL . SCRIPT . "\" method=post name=loginform>\n";
+ /*if($skin == 'example1')
+ printSelectInput("authtype", $methods, 'EXAMPLE1 LDAP');
+ elseif($skin == 'example2')
+ printSelectInput("authtype", $methods, 'EXAMPLE2 LDAP');
+ else*/
+ printSelectInput("authtype", $methods, -1, 0, 0, '', 'tabindex=1');
+ print "<br><INPUT type=hidden name=mode value=selectauth>\n";
+ print "<INPUT type=submit value=\"Proceed to Login\" tabindex=2 name=userid>\n";
+ print "</FORM>\n";
+ print "</TD>\n";
+ print "<TD>\n";
+ print "<h3>Explanation of authentication methods:</h3>\n";
+ print "<UL id=expauthul>\n";
+ foreach($authMechs as $mech)
+ print "<LI>{$mech['help']}</LI>\n";
+ print "</UL>\n";
+ print "</TD>\n";
+ print "</TR>\n";
+ print "</TABLE>\n";
+ print getFooter();
+}
+
+////////////////////////////////////////////////////////////////////////////////
+///
+/// \fn printLoginPageWithSkin($authtype)
+///
+/// \param $authtype - and authentication type
+///
+/// \brief sets up the skin for the page correctly, then calls printLoginPage
+///
+////////////////////////////////////////////////////////////////////////////////
+function printLoginPageWithSkin($authtype) {
+ global $authMechs, $HTMLheader, $skin, $printedHTMLheader;
+ switch(getAffiliationName($authMechs[$authtype]['affiliationid'])) {
+ case 'EXAMPLE1':
+ $skin = 'example1';
+ break;
+ case 'EXAMPLE2':
+ $skin = 'example2';
+ break;
+ default:
+ $skin = 'default';
+ break;
+ }
+ require_once("themes/$skin/page.php");
+ $HTMLheader = getHeader(0);
+ printHTMLHeader();
+ print $HTMLheader;
+ $printedHTMLheader = 1;
+ printLoginPage();
+}
+
+////////////////////////////////////////////////////////////////////////////////
+///
+/// \fn printLoginPage()
+///
+/// \brief prints a page for a user to login
+///
+////////////////////////////////////////////////////////////////////////////////
+function printLoginPage() {
+ global $authMechs, $skin, $user;
+ $user['id'] = 0;
+ $authtype = getContinuationVar("authtype", processInputVar("authtype", ARG_STRING));
+ $userid = processInputVar('userid', ARG_STRING, '');
+ if($userid == 'Proceed to Login')
+ $userid = '';
+ if(! array_key_exists($authtype, $authMechs)) {
+ // FIXME - hackerish
+ dbDisconnect();
+ exit;
+ }
+ /*if($skin == 'example1') {
+ $useridLabel = 'Pirateid';
+ $passLabel = 'Passphrase';
+ $text1 = 'Login with your Pirate ID';
+ $text2 = "";
+ }
+ elseif($skin == 'example2') {
+ print "<br>";
+ print "<FORM action=\"" . BASEURL . SCRIPT . "\" method=post name=loginform>\n";
+ if(strlen($userid))
+ print "<font color=red>Login failed</font>\n";
+ print "<TABLE width=\"250\">\n";
+ print " <TR>\n";
+ print " <TH align=right>Key Account:</TH>\n";
+ print " <TD><INPUT type=text name=userid value=\"\"></TD>\n";
+ print " </TR>\n";
+ print " <TR>\n";
+ print " <TH align=right>Password:</TH>\n";
+ print " <TD><INPUT type=password name=password></TD>\n";
+ print " </TR>\n";
+ print " <TR>\n";
+ print " <TD colspan=2 align=right><INPUT type=submit value=Login class=button></TD>\n";
+ print " </TR>\n";
+ print "</TABLE>\n";
+ print "<div width=250 align=center>\n";
+ print "<p>\n";
+ $cdata = array('authtype' => $authtype);
+ $cont = addContinuationsEntry('submitLogin', $cdata);
+ print " <INPUT type=hidden name=continuation value=\"$cont\">\n";
+ print " <br>\n";
+ print " </p>\n";
+ print "</div>\n";
+ print "</FORM>\n";
+ print getFooter();
+ return;
+ }
+ else {*/
+ $useridLabel = 'Userid';
+ $passLabel = 'Password';
+ $text1 = "Login with $authtype";
+ $text2 = "";
+ #}
+ print "<H2 style=\"display: block\">$text1</H2>\n";
+ print "<FORM action=\"" . BASEURL . SCRIPT . "\" method=post name=loginform>\n";
+ if(strlen($userid))
+ print "<font color=red>Login failed</font>\n";
+ print "<TABLE>\n";
+ print " <TR>\n";
+ print " <TH align=right>$useridLabel:</TH>\n";
+ print " <TD><INPUT type=text name=userid value=\"$userid\"></TD>\n";
+ print " </TR>\n";
+ print " <TR>\n";
+ print " <TH align=right>$passLabel:</TH>\n";
+ print " <TD><INPUT type=password name=password></TD>\n";
+ print " </TR>\n";
+ print " <TR>\n";
+ print " <TD colspan=2 align=right><INPUT type=submit value=Login></TD>\n";
+ print " </TR>\n";
+ print "</TABLE>\n";
+ $cdata = array('authtype' => $authtype);
+ $cont = addContinuationsEntry('submitLogin', $cdata);
+ print "<INPUT type=hidden name=continuation value=\"$cont\">\n";
+ print "</FORM>\n";
+ print "$text2<br>\n";
+ print getFooter();
+}
+
+////////////////////////////////////////////////////////////////////////////////
+///
+/// \fn submitLogin()
+///
+/// \brief processes a login page submission
+///
+////////////////////////////////////////////////////////////////////////////////
+function submitLogin() {
+ global $authMechs;
+ $authtype = getContinuationVar("authtype", processInputVar('authtype', ARG_STRING));
+ if(! array_key_exists($authtype, $authMechs)) {
+ // FIXME - hackerish
+ dbDisconnect();
+ exit;
+ }
+ $userid = processInputVar('userid', ARG_STRING, '');
+ $passwd = processInputVar('password', ARG_STRING, '');
+ if(empty($userid) || empty($passwd)) {
+ selectAuth();
+ return;
+ }
+ if(get_magic_quotes_gpc())
+ $passwd = stripslashes($passwd);
+ if($authMechs[$authtype]['type'] == 'ldap')
+ ldapLogin($authtype, $userid, $passwd);
+ elseif($authMechs[$authtype]['type'] == 'local')
+ localLogin($authtype, $userid, $passwd);
+ else
+ selectAuth();
+}
+
+////////////////////////////////////////////////////////////////////////////////
+///
+/// \fn ldapLogin($authtype, $userid, $passwd)
+///
+/// \param $authtype - index from $authMechs array
+/// \param $userid - userid without affiliation
+/// \param $passwd - submitted password
+///
+/// \brief tries to authenticate user via ldap; calls printLoginPageWithSkin if
+/// authentication fails
+///
+////////////////////////////////////////////////////////////////////////////////
+function ldapLogin($authtype, $userid, $passwd) {
+ global $HTMLheader, $printedHTMLheader, $authMechs, $phpVer;
+ $ds = ldap_connect("ldaps://{$authMechs[$authtype]['server']}/");
+ if(! $ds) {
+ print $HTMLheader;
+ $printedHTMLheader = 1;
+ selectAuth();
+ return;
+ }
+ ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
+ /*if($authtype == 'EXAMPLE1 LDAP') {
+ # in this case, we have to look up what part of the tree the user is in
+ # before we can actually look up the user
+ $auth = $authMechs[$authtype];
+ ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
+ ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
+ $res = ldap_bind($ds, $auth['masterlogin'],
+ $auth['masterpwd']);
+ if(! $res) {
+ printLoginPageWithSkin($authtype);
+ return;
+ }
+ $search = ldap_search($ds,
+ $auth['binddn'],
+ "cn=$userid",
+ array('dn'), 0, 3, 15);
+ if($search) {
+ $tmpdata = ldap_get_entries($ds, $search);
+ if(! $tmpdata['count'] || ! array_key_exists('dn', $tmpdata[0])) {
+ printLoginPageWithSkin($authtype);
+ return;
+ }
+ $ldapuser = $tmpdata[0]['dn'];
+ }
+ else {
+ printLoginPageWithSkin($authtype);
+ return;
+ }
+ }
+ elseif($authtype == 'EXAMPLE2 LDAP') {
+ # this is similar to EXAMPLE1, but here we do an anonymous bind
+ $auth = $authMechs[$authtype];
+ $res = ldap_bind($ds);
+ if(! $res) {
+ printLoginPageWithSkin($authtype);
+ return;
+ }
+ $search = ldap_search($ds,
+ $auth['binddn'],
+ "uid=$userid",
+ array('dn'), 0, 3, 15);
+ if($search) {
+ $tmpdata = ldap_get_entries($ds, $search);
+ if(! $tmpdata['count'] || ! array_key_exists('dn', $tmpdata[0])) {
+ printLoginPageWithSkin($authtype);
+ return;
+ }
+ $ldapuser = $tmpdata[0]['dn'];
+ }
+ else {
+ printLoginPageWithSkin($authtype);
+ return;
+ }
+ }
+ else*/
+ $ldapuser = sprintf($authMechs[$authtype]['userid'], $userid);
+ $res = ldap_bind($ds, $ldapuser, $passwd);
+ if(! $res) {
+ // login failed
+ printLoginPageWithSkin($authtype);
+ return;
+ }
+ else {
+ // see if user in our db
+ $query = "SELECT id "
+ . "FROM user "
+ . "WHERE unityid = '$userid' AND "
+ . "affiliationid = {$authMechs[$authtype]['affiliationid']}";
+ $qh = doQuery($query, 101);
+ if(! mysql_num_rows($qh)) {
+ // if not, add user
+ $newid = updateLDAPUser($authtype, $userid);
+ if(is_null($newid))
+ abort(8);
+ }
+ // get cookie data
+ $cookie = getAuthCookieData("$userid@" . getAffiliationName($authMechs[$authtype]['affiliationid']));
+ // set cookie
+ if(version_compare(PHP_VERSION, "5.2", ">=") == true)
+ setcookie("VCLAUTH", "{$cookie['data']}", $cookie['ts'], "/", COOKIEDOMAIN, 1, 1);
+ else
+ setcookie("VCLAUTH", "{$cookie['data']}", $cookie['ts'], "/", COOKIEDOMAIN, 1);
+ # set skin cookie based on affiliation
+ /*if(getAffiliationName($authMechs[$authtype]['affiliationid']) == 'EXAMPLE1')
+ setcookie("VCLSKIN", "EXAMPLE1", (time() + (SECINDAY * 31)), "/", COOKIEDOMAIN);
+ elseif(getAffiliationName($authMechs[$authtype]['affiliationid']) == 'EXAMPLE2')
+ setcookie("VCLSKIN", "EXAMPLE2", (time() + (SECINDAY * 31)), "/", COOKIEDOMAIN);
+ else*/
+ setcookie("VCLSKIN", "DEFAULT", (time() + (SECINDAY * 31)), "/", COOKIEDOMAIN);
+ // redirect to main page
+ $tmp = explode('/', $_SERVER['HTTP_REFERER']);
+ if($tmp[2] != 'vcl.ncsu.edu' ||
+ (array_key_exists(3, $tmp) && $tmp[3] != 'scheduling')) {
+ array_shift($tmp);
+ array_shift($tmp);
+ array_shift($tmp);
+ $rest = implode('/', $tmp);
+ header("Location: https://vcl.ncsu.edu/$rest");
+ }
+ else
+ header("Location: " . BASEURL . SCRIPT);
+ dbDisconnect();
+ exit;
+ }
+}
+
+////////////////////////////////////////////////////////////////////////////////
+///
+/// \fn localLogin()
+///
+/// \brief tries to authenticate user locally; calls printLoginPageWithSkin if
+/// authentication fails
+///
+////////////////////////////////////////////////////////////////////////////////
+function localLogin() {
+ global $HTMLheader, $phpVer;
+ $userid = processInputVar('userid', ARG_STRING);
+ $passwd = processInputVar('password', ARG_STRING);
+ if(validateLocalAccount($userid, $passwd)) {
+ //set cookie
+ $cookie = getAuthCookieData("$userid@local");
+ if(version_compare(PHP_VERSION, "5.2", ">=") == true)
+ setcookie("VCLAUTH", "{$cookie['data']}", $cookie['ts'], "/", COOKIEDOMAIN, 1, 1);
+ else
+ setcookie("VCLAUTH", "{$cookie['data']}", $cookie['ts'], "/", COOKIEDOMAIN, 1);
+ //load main page
+ setcookie("VCLSKIN", "NCSU", (time() + (SECINDAY * 31)), "/", COOKIEDOMAIN);
+ header("Location: " . BASEURL . SCRIPT);
+ dbDisconnect();
+ exit;
+ }
+ else {
+ printLoginPageWithSkin('Local Account');
+ printHTMLFooter();
+ dbDisconnect();
+ exit;
+ }
+}
+
+////////////////////////////////////////////////////////////////////////////////
+///
+/// \fn validateLocalAccount($user, $pass)
+///
+/// \param $user - unityid from user table
+/// \param $pass - user's password
+///
+/// \return 1 if account exists in localauth table, 0 if it does not
+///
+/// \brief checks to see if $user has an entry in the localauth table
+///
+////////////////////////////////////////////////////////////////////////////////
+function validateLocalAccount($user, $pass) {
+ $query = "SELECT l.salt "
+ . "FROM localauth l, "
+ . "user u, "
+ . "affiliation a "
+ . "WHERE u.unityid = '$user' AND "
+ . "u.affiliationid = a.id AND "
+ . "a.name = 'Local' AND "
+ . "l.userid = u.id";
+ $qh = doQuery($query, 101);
+ if(mysql_num_rows($qh) != 1 ||
+ (! ($row = mysql_fetch_assoc($qh))))
+ return 0;
+
+ $passhash = sha1("$pass{$row['salt']}");
+ $query = "SELECT u.id "
+ . "FROM user u, "
+ . "localauth l, "
+ . "affiliation a "
+ . "WHERE u.unityid = '$user' AND "
+ . "l.userid = u.id AND "
+ . "l.passhash = '$passhash' AND "
+ . "u.affiliationid = a.id AND "
+ . "a.name = 'Local'";
+ $qh = doQuery($query, 101);
+ if(mysql_num_rows($qh) == 1)
+ return 1;
+ else
+ return 0;
+}
+
+////////////////////////////////////////////////////////////////////////////////
+///
+/// \fn checkExpiredDemoUser($userid, $groups)
+///
+/// \param $userid - id from user table
+/// \param $groups - (optional) array of user's groups as returned by
+/// getUsersGroups
+///
+/// \brief checks to see if user is only in demo group and if so check to see
+/// if it has been 3 days since start of first reservation or if user has made
+/// 3 reservations; if so, moves user to nodemo group
+///
+////////////////////////////////////////////////////////////////////////////////
+function checkExpiredDemoUser($userid, $groups=0) {
+ global $mode, $skin, $noHTMLwrappers;
+ if($groups == 0)
+ $groups = getUsersGroups($userid, 1);
+
+ if(count($groups) != 1)
+ return;
+
+ $tmp = array_values($groups);
+ if($tmp[0] != 'demo')
+ return;
+
+ $query = "SELECT start "
+ . "FROM log "
+ . "WHERE userid = $userid "
+ . "AND finalend < NOW() "
+ . "ORDER BY start "
+ . "LIMIT 3";
+ $qh = doQuery($query, 101);
+ $expire = time() - (SECINDAY * 3);
+ $rows = mysql_num_rows($qh);
+ if($row = mysql_fetch_assoc($qh)) {
+ if($rows >= 3 || datetimeToUnix($row['start']) < $expire) {
+ if(in_array($mode, $noHTMLwrappers))
+ # do a redirect and handle removal on next page load so user can
+ # be notified - doesn't always work, but handles a few extra
+ # cases
+ header("Location: " . BASEURL . SCRIPT);
+ else {
+ $nodemoid = getUserGroupID('nodemo', getAffiliationID('ITECS'));
+ $query = "DELETE FROM usergroupmembers " # have to do the delete here
+ . "WHERE userid = $userid"; # because updateGroups doesn't
+ # delete from custom groups
+ doQuery($query, 101);
+ updateGroups(array($nodemoid), $userid);
+ if(empty($skin)) {
+ $skin = 'ncsu';
+ require_once("themes/$skin/page.php");
+ }
+ $mode = 'expiredemouser';
+ printHTMLHeader();
+ print "<h2>Account Expired</h2>\n";
+ print "The account you are using is a demo account that has now expired. ";
+ print "You cannot make any more reservations. Please contact <a href=\"";
+ print "mailto:" . HELPEMAIL . "\">" . HELPEMAIL . "</a> if you need ";
+ print "further access to VCL.<br>\n";
+ }
+ semUnlock();
+ printHTMLFooter();
+ dbDisconnect();
+ exit;
+ }
+ }
+}
+
+////////////////////////////////////////////////////////////////////////////////
+///
+/// \fn testGeneralAffiliation(&$login, &$affilid)
+///
+/// \param $login - (pass by ref) a login id with affiliation
+/// \param $affilid - (pass by ref) gets overwritten
+///
+/// \return - 1 if successfully found affiliation id, 0 if failed
+///
+/// \brief changes $login to be without affiliation and sticks the associated
+/// affiliation id in $affilid
+///
+////////////////////////////////////////////////////////////////////////////////
+function testGeneralAffiliation(&$login, &$affilid) {
+ if(preg_match('/^([^@]*)@([^@\.]*)$/', $login, $matches)) {
+ $login = $matches[1];
+ $affilid = getAffiliationID($matches[2]);
+ return 1;
+ }
+ return 0;
+}
+
+?>
Added: incubator/vcl/tags/import/web/.ht-inc/authmethods/itecsauth.php
URL: http://svn.apache.org/viewvc/incubator/vcl/tags/import/web/.ht-inc/authmethods/itecsauth.php?rev=726079&view=auto
==============================================================================
--- incubator/vcl/tags/import/web/.ht-inc/authmethods/itecsauth.php (added)
+++ incubator/vcl/tags/import/web/.ht-inc/authmethods/itecsauth.php Fri Dec 12 10:20:10 2008
@@ -0,0 +1,299 @@
+<?php
+/*
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+*/
+
+/**
+ * \file
+ */
+
+////////////////////////////////////////////////////////////////////////////////
+///
+/// \fn addITECSUser($loginid)
+///
+/// \param $loginid - email address of user
+///
+/// \return new id from user table or NULL if there was a problem
+///
+/// \brief looks up a user's info in the accounts database and adds the user to
+/// our database
+///
+////////////////////////////////////////////////////////////////////////////////
+function addITECSUser($loginid) {
+ global $mysql_link_vcl, $ENABLE_ITECSAUTH;
+ if(! $ENABLE_ITECSAUTH)
+ return NULL;
+ $query = "SELECT id AS uid, "
+ . "first, "
+ . "middle, "
+ . "last, "
+ . "email, "
+ . "created, "
+ . "active, "
+ . "lockedout "
+ . "FROM user "
+ . "WHERE email = '$loginid'";
+ $qh = doQuery($query, 101, "accounts");
+ if($row = mysql_fetch_assoc($qh)) {
+ // FIXME test replacing ''s
+ // FIXME do we care if the account is active?
+ $first = ereg_replace("'", "\'", $row['first']);
+ $middle = ereg_replace("'", "\'", $row['middle']);
+ $last = ereg_replace("'", "\'", $row['last']);
+ $loweruser = strtolower($row['email']);
+ $query = "INSERT INTO user ("
+ . "uid, "
+ . "unityid, "
+ . "affiliationid, "
+ . "firstname, "
+ . "middlename, "
+ . "lastname, "
+ . "email, "
+ . "emailnotices, "
+ . "lastupdated) "
+ . "VALUES ("
+ . "{$row['uid']}, "
+ . "'$loweruser', "
+ . "2, "
+ . "'$first', "
+ . "'$middle', "
+ . "'$last', "
+ . "'{$row['email']}', "
+ . "0, "
+ . "NOW())";
+ // FIXME might want this logged
+ doQuery($query, 101, 'vcl', 1);
+ }
+ if(mysql_affected_rows($mysql_link_vcl)) {
+ $qh = doQuery("SELECT LAST_INSERT_ID() FROM user", 101);
+ if(! $row = mysql_fetch_row($qh)) {
+ abort(101);
+ }
+ return $row[0];
+ }
+ return NULL;
+}
+
+////////////////////////////////////////////////////////////////////////////////
+///
+/// \fn validateITECSUser($loginid)
+///
+/// \param $loginid - email address for user
+///
+/// \return 1 if account exists and is active or not yet activated, 0 otherwise
+///
+/// \brief looks up $loginid in accounts db
+///
+////////////////////////////////////////////////////////////////////////////////
+function validateITECSUser($loginid) {
+ global $ENABLE_ITECSAUTH;
+ if(! $ENABLE_ITECSAUTH)
+ return 0;
+ $query = "SELECT email "
+ . "FROM user "
+ . "WHERE email = '$loginid' AND "
+ . "(active = 1 OR "
+ . "activated = 0)";
+ $qh = doQuery($query, 101, "accounts");
+ if(mysql_num_rows($qh))
+ return 1;
+ return 0;
+}
+
+////////////////////////////////////////////////////////////////////////////////
+///
+/// \fn updateITECSUser($userid)
+///
+/// \param $userid - email address for user
+///
+/// \return NULL if fail to update data or an array with these elements:\n
+/// \b id - user's numeric from user table\n
+/// \b uid - user's numeric unity id\n
+/// \b unityid - unity ID for the user\n
+/// \b affiliation - user's affiliation\n
+/// \b affiliationid - user's affiliation id\n
+/// \b curriculum - curriculum user is in\n
+/// \b firstname - user's first name\n
+/// \b preferredname - user's preferred name\n
+/// \b middlename - user's middle name\n
+/// \b lastname - user's last name\n
+/// \b email - user's preferred email address\n
+/// \b IMtype - user's preferred IM protocol\n
+/// \b IMid - user's IM id\n
+/// \b adminlevel - user's admin level (= 'none' if no admin access)\n
+/// \b adminlevelid - id of adminlevel\n
+/// \b width - rdp file width\n
+/// \b height - rdp file height\n
+/// \b bpp - rdp file bpp\n
+/// \b audiomode - rdp file audio mode\n
+/// \b mapdrives - rdp file drive mapping\n
+/// \b mapprinters - rdp file printer mapping\n
+/// \b mapserial - rdp file serial port mapping\n
+/// \b showallgroups - show all user groups or not\n
+/// \b lastupdated - datetime the information was last updated
+///
+/// \brief updates user's info in the user table; adds user if not already in
+/// table
+///
+////////////////////////////////////////////////////////////////////////////////
+function updateITECSUser($userid) {
+ global $ENABLE_ITECSAUTH;
+ if(! $ENABLE_ITECSAUTH)
+ return NULL;
+ $query = "SELECT id AS uid, "
+ . "first, "
+ . "middle, "
+ . "last, "
+ . "email, "
+ . "created "
+ . "FROM user "
+ . "WHERE email = '$userid'";
+ $qh = doQuery($query, 101, "accounts");
+ if(! ($userData = mysql_fetch_assoc($qh)))
+ return NULL;
+
+ $now = unixToDatetime(time());
+
+ // select desired data from db
+ $query = "SELECT c.name AS curriculum, "
+ . "i.name AS IMtype, "
+ . "u.IMid AS IMid, "
+ . "u.affiliationid, "
+ . "af.name AS affiliation, "
+ . "a.name AS adminlevel, "
+ . "a.id AS adminlevelid, "
+ . "u.preferredname AS preferredname, "
+ . "u.uid AS uid, "
+ . "u.id AS id, "
+ . "u.width AS width, "
+ . "u.height AS height, "
+ . "u.bpp AS bpp, "
+ . "u.audiomode AS audiomode, "
+ . "u.mapdrives AS mapdrives, "
+ . "u.mapprinters AS mapprinters, "
+ . "u.mapserial AS mapserial, "
+ . "u.showallgroups "
+ . "FROM user u, "
+ . "curriculum c, "
+ . "IMtype i, "
+ . "affiliation af, "
+ . "adminlevel a "
+ . "WHERE u.curriculumid = c.id AND "
+ . "u.IMtypeid = i.id AND "
+ . "u.adminlevelid = a.id AND "
+ . "u.affiliationid = af.id AND "
+ . "u.uid = " . $userData["uid"];
+ $qh = doQuery($query, 255);
+ // if get a row
+ // update db
+ // update results from select
+ if($user = mysql_fetch_assoc($qh)) {
+ $user["unityid"] = $userid;
+ $user["firstname"] = $userData['first'];
+ $user["middlename"] = $userData['middle'];
+ $user["lastname"] = $userData["last"];
+ $user["email"] = $userData["email"];
+ $user["lastupdated"] = $now;
+ $query = "UPDATE user "
+ . "SET unityid = '$userid', "
+ . "firstname = '{$userData['first']}', "
+ . "middlename = '{$userData['middle']}', "
+ . "lastname = '{$userData['last']}', "
+ . "email = '{$userData['email']}', "
+ . "lastupdated = '$now' "
+ . "WHERE uid = " . $userData["uid"];
+ doQuery($query, 256, 'vcl', 1);
+ }
+ else {
+ // call addITECSUser
+ $id = addITECSUser($userid);
+ $query = "SELECT u.unityid AS unityid, "
+ . "u.affiliationid, "
+ . "af.name AS affiliation, "
+ . "c.name AS curriculum, "
+ . "u.firstname AS firstname, "
+ . "u.middlename AS middlename, "
+ . "u.lastname AS lastname, "
+ . "u.preferredname AS preferredname, "
+ . "u.email AS email, "
+ . "i.name AS IMtype, "
+ . "u.IMid AS IMid, "
+ . "u.uid AS uid, "
+ . "u.id AS id, "
+ . "a.name AS adminlevel, "
+ . "a.id AS adminlevelid, "
+ . "u.width AS width, "
+ . "u.height AS height, "
+ . "u.bpp AS bpp, "
+ . "u.audiomode AS audiomode, "
+ . "u.mapdrives AS mapdrives, "
+ . "u.mapprinters AS mapprinters, "
+ . "u.mapserial AS mapserial, "
+ . "u.showallgroups, "
+ . "u.lastupdated AS lastupdated "
+ . "FROM user u, "
+ . "curriculum c, "
+ . "IMtype i, "
+ . "affiliation af, "
+ . "adminlevel a "
+ . "WHERE u.curriculumid = c.id AND "
+ . "u.IMtypeid = i.id AND "
+ . "u.adminlevelid = a.id AND "
+ . "u.affiliationid = af.id AND "
+ . "u.id = $id";
+ $qh = doQuery($query, 101);
+ $user = mysql_fetch_assoc($qh);
+
+ # add account to demo group
+ $demoid = getUserGroupID('demo', getAffiliationID('ITECS'));
+ updateGroups(array($demoid), $user['id']);
+ }
+
+ $user["groups"] = getUsersGroups($user["id"], 1);
+
+ checkExpiredDemoUser($user['id'], $user['groups']);
+
+ $user["privileges"] = getOverallUserPrivs($user["id"]);
+ $tmparr = explode('@', $user['unityid']);
+ $user['login'] = $tmparr[0];
+ return $user;
+}
+
+////////////////////////////////////////////////////////////////////////////////
+///
+/// \fn testITECSAffiliation(&$login, &$affilid)
+///
+/// \param $login - (pass by ref) a login id with affiliation
+/// \param $affilid - (pass by ref) gets overwritten
+///
+/// \return - 1 if successfully found affiliation id, 0 if failed
+///
+/// \brief changes $login to be without affiliation and sticks the associated
+/// affiliation id for ITECS in $affilid
+///
+////////////////////////////////////////////////////////////////////////////////
+function testITECSAffiliation(&$login, &$affilid) {
+ if(preg_match('/^([^@]*@[^@]*\.[^@]*)@ITECS$/', $login, $matches) ||
+ preg_match('/^([^@]*@[^@]*\.[^@]*)$/', $login, $matches)) {
+ $login = $matches[1];
+ $affilid = getAffiliationID('ITECS');
+ return 1;
+ }
+ return 0;
+}
+
+array_push($findAffilFuncs, "testITECSAffiliation");
+?>
Added: incubator/vcl/tags/import/web/.ht-inc/authmethods/ldapauth.php
URL: http://svn.apache.org/viewvc/incubator/vcl/tags/import/web/.ht-inc/authmethods/ldapauth.php?rev=726079&view=auto
==============================================================================
--- incubator/vcl/tags/import/web/.ht-inc/authmethods/ldapauth.php (added)
+++ incubator/vcl/tags/import/web/.ht-inc/authmethods/ldapauth.php Fri Dec 12 10:20:10 2008
@@ -0,0 +1,487 @@
+<?php
+/*
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+*/
+
+/**
+ * \file
+ */
+
+////////////////////////////////////////////////////////////////////////////////
+///
+/// \fn addLDAPUser($authtype, $userid)
+///
+/// \param $authtype - index from the $authMechs array
+/// \param $userid - a userid without the affiliation part
+///
+/// \return id from the user table or NULL on failure
+///
+/// \brief looks up $userid in LDAP according to info in $authMechs array, adds
+/// the user to the user table, and returns the new id from the table
+///
+////////////////////////////////////////////////////////////////////////////////
+function addLDAPUser($authtype, $userid) {
+ global $authMechs, $mysql_link_vcl;
+ $data = getLDAPUserData($authtype, $userid);
+ if(is_null($data))
+ return NULL;
+
+ $loweruserid = strtolower($userid);
+
+ # check for existance of an expired user if a numericid exists
+ if(array_key_exists('numericid', $data)) {
+ $query = "SELECT id, "
+ . "unityid, "
+ . "affiliationid "
+ . "FROM user "
+ . "WHERE lastupdated < DATE_SUB(NOW(), INTERVAL 1 YEAR) AND "
+ . "uid = {$data['numericid']} AND "
+ . "unityid != '$loweruserid'";
+ #. "affiliationid = {$authMechs[$authtype]['affiliationid']}";
+ $qh = doQuery($query, 101);
+ if($row = mysql_fetch_assoc($qh)) {
+ # find the authtype for this user
+ foreach($authMechs as $index => $auth) {
+ if($auth['affiliationid'] == $row['affiliationid'] &&
+ $auth['type'] == 'ldap') {
+ $checktype = $index;
+ break;
+ }
+ }
+ # see if user is still in ldap
+ if(! empty($checktype)) {
+ $testdata = getLDAPUserData($checktype, $row['unityid']);
+ if(! is_null($testdata))
+ abort(52);
+ # if not, null the uid for the user
+ $query = "UPDATE user SET uid = NULL WHERE id = {$row['id']}";
+ doQuery($query, 101);
+ }
+ }
+ }
+
+ $query = "INSERT INTO user (";
+ if(array_key_exists('numericid', $data))
+ $query .= "uid, ";
+ $query .= "unityid, "
+ . "affiliationid, "
+ . "firstname, ";
+ if(array_key_exists('middle', $data))
+ $query .= "middlename, ";
+ $query .= "lastname, "
+ . "email, "
+ . "emailnotices, "
+ . "lastupdated) "
+ . "VALUES (";
+ if(array_key_exists('numericid', $data))
+ $query .= "{$data['numericid']}, ";
+ $query .= "'$loweruserid', "
+ . "{$authMechs[$authtype]['affiliationid']}, "
+ . "'{$data['first']}', ";
+ if(array_key_exists('middle', $data))
+ $query .= "'{$data['middle']}', ";
+ $query .= "'{$data['last']}', "
+ . "'{$data['email']}', "
+ . "'{$data['emailnotices']}', "
+ . "NOW())";
+ doQuery($query, 101, 'vcl', 1);
+ if(mysql_affected_rows($mysql_link_vcl)) {
+ $qh = doQuery("SELECT LAST_INSERT_ID() FROM user", 101);
+ if(! $row = mysql_fetch_row($qh)) {
+ abort(101);
+ }
+ return $row[0];
+ }
+ return NULL;
+}
+
+////////////////////////////////////////////////////////////////////////////////
+///
+/// \fn validateLDAPUser($type, $loginid)
+///
+/// \param $type - an array from the $authMechs table
+/// \param $loginid - a userid without the affiliation part
+///
+/// \return 1 if user was found in ldap, 0 if not
+///
+/// \brief checks to see if a user is in ldap
+///
+////////////////////////////////////////////////////////////////////////////////
+function validateLDAPUser($type, $loginid) {
+ global $authMechs;
+ $auth = $authMechs[$type];
+ $ds = ldap_connect("ldaps://{$auth['server']}/");
+ if(! $ds)
+ return -1;
+ ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
+ ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
+
+ if(array_key_exists('masterlogin', $auth) && strlen($auth['masterlogin']))
+ $res = ldap_bind($ds, $auth['masterlogin'], $auth['masterpwd']);
+ else
+ $res = ldap_bind($ds);
+
+ if(! $res)
+ return -1;
+
+ $return = array($auth['email']);
+
+ $search = ldap_search($ds,
+ $auth['binddn'],
+ "{$auth['unityid']}=$loginid",
+ $return, 0, 3, 15);
+ if(! $search)
+ return -1;
+
+ $data = ldap_get_entries($ds, $search);
+ if($data['count'])
+ return 1;
+
+ return 0;
+}
+
+////////////////////////////////////////////////////////////////////////////////
+///
+/// \fn updateLDAPUser($authtype, $userid)
+///
+/// \param $authtype - an array from the $authMechs table
+/// \param $userid - a userid without the affiliation part
+///
+/// \return an array of user information or NULL on error
+///
+/// \brief pulls the user's information from ldap, updates it in the db, and
+/// returns an array of the information
+///
+////////////////////////////////////////////////////////////////////////////////
+function updateLDAPUser($authtype, $userid) {
+ global $authMechs;
+ $userData = getLDAPUserData($authtype, $userid);
+ if(is_null($userData))
+ return NULL;
+ if(! array_key_exists('middle', $userData))
+ $userData['middle'] = '';
+ $affilid = $authMechs[$authtype]['affiliationid'];
+ $now = unixToDatetime(time());
+
+ // select desired data from db
+ $query = "SELECT c.name AS curriculum, "
+ . "i.name AS IMtype, "
+ . "u.IMid AS IMid, "
+ . "u.affiliationid, "
+ . "af.name AS affiliation, "
+ . "a.name AS adminlevel, "
+ . "a.id AS adminlevelid, "
+ . "u.preferredname AS preferredname, "
+ . "u.uid AS uid, "
+ . "u.id AS id, "
+ . "u.width AS width, "
+ . "u.height AS height, "
+ . "u.bpp AS bpp, "
+ . "u.audiomode AS audiomode, "
+ . "u.mapdrives AS mapdrives, "
+ . "u.mapprinters AS mapprinters, "
+ . "u.mapserial AS mapserial, "
+ . "u.showallgroups "
+ . "FROM user u, "
+ . "curriculum c, "
+ . "IMtype i, "
+ . "adminlevel a, "
+ . "affiliation af "
+ . "WHERE u.curriculumid = c.id AND "
+ . "u.IMtypeid = i.id AND "
+ . "u.adminlevelid = a.id AND "
+ . "af.id = $affilid AND ";
+ if(array_key_exists('numericid', $userData))
+ $query .= "u.uid = " . $userData["numericid"];
+ else {
+ $query .= "u.unityid = '$userid' AND "
+ . "u.affiliationid = $affilid";
+ }
+ $qh = doQuery($query, 255);
+ // if get a row
+ // update db
+ // update results from select
+ if($user = mysql_fetch_assoc($qh)) {
+ $user["unityid"] = $userid;
+ $user["firstname"] = $userData['first'];
+ $user["middlename"] = $userData['middle'];
+ $user["lastname"] = $userData["last"];
+ $user["email"] = $userData["email"];
+ $user["lastupdated"] = $now;
+ $query = "UPDATE user "
+ . "SET unityid = '$userid', "
+ . "firstname = '{$userData['first']}', "
+ . "middlename = '{$userData['middle']}', "
+ . "lastname = '{$userData['last']}', "
+ . "email = '{$userData['email']}', "
+ . "lastupdated = '$now' ";
+ if(array_key_exists('numericid', $userData))
+ $query .= "WHERE uid = " . $userData["numericid"];
+ else
+ $query .= "WHERE unityid = '$userid' AND "
+ . "affiliationid = $affilid";
+ doQuery($query, 256, 'vcl', 1);
+ }
+ else {
+ // call addLDAPUser
+ $id = addLDAPUser($authtype, $userid);
+ $query = "SELECT u.unityid AS unityid, "
+ . "u.affiliationid, "
+ . "af.name AS affiliation, "
+ . "c.name AS curriculum, "
+ . "u.firstname AS firstname, "
+ . "u.middlename AS middlename, "
+ . "u.lastname AS lastname, "
+ . "u.preferredname AS preferredname, "
+ . "u.email AS email, "
+ . "i.name AS IMtype, "
+ . "u.IMid AS IMid, "
+ . "u.uid AS uid, "
+ . "u.id AS id, "
+ . "a.name AS adminlevel, "
+ . "a.id AS adminlevelid, "
+ . "u.width AS width, "
+ . "u.height AS height, "
+ . "u.bpp AS bpp, "
+ . "u.audiomode AS audiomode, "
+ . "u.mapdrives AS mapdrives, "
+ . "u.mapprinters AS mapprinters, "
+ . "u.mapserial AS mapserial, "
+ . "u.showallgroups, "
+ . "u.lastupdated AS lastupdated "
+ . "FROM user u, "
+ . "curriculum c, "
+ . "IMtype i, "
+ . "affiliation af, "
+ . "adminlevel a "
+ . "WHERE u.curriculumid = c.id AND "
+ . "u.IMtypeid = i.id AND "
+ . "u.adminlevelid = a.id AND "
+ . "u.affiliationid = af.id AND "
+ . "u.id = $id";
+ $qh = doQuery($query, 101);
+ if(! $user = mysql_fetch_assoc($qh))
+ return NULL;
+ }
+
+ // TODO handle generic updating of groups
+ switch(getAffiliationName($affilid)) {
+ case 'EXAMPLE1':
+ updateEXAMPLE1Groups($user);
+ break;
+ case 'EXAMPLE2':
+ updateEXAMPLE2Groups($user);
+ break;
+ default:
+ //TODO possibly add to a default group
+ }
+ $user["groups"] = getUsersGroups($user["id"], 1);
+ $user["privileges"] = getOverallUserPrivs($user["id"]);
+ $user['login'] = $user['unityid'];
+ return $user;
+}
+
+////////////////////////////////////////////////////////////////////////////////
+///
+/// \fn getLDAPUserData($authtype, $userid)
+///
+/// \param $authtype - an array from the $authMechs table
+/// \param $userid - a userid without the affiliation part
+///
+/// \return an array of user information
+///
+/// \brief gets user information from ldap
+///
+////////////////////////////////////////////////////////////////////////////////
+function getLDAPUserData($authtype, $userid) {
+ global $authMechs, $mysql_link_vcl;
+ $auth = $authMechs[$authtype];
+ $domiddle = 0;
+ $donumericid = 0;
+ if(array_key_exists('middlename', $auth))
+ $domiddle = 1;
+ if(array_key_exists('numericid', $auth))
+ $donumericid = 1;
+
+ $ds = ldap_connect("ldaps://{$auth['server']}/");
+ // FIXME
+ ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
+ ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
+
+ if(array_key_exists('masterlogin', $auth) && strlen($auth['masterlogin']))
+ $res = ldap_bind($ds, $auth['masterlogin'], $auth['masterpwd']);
+ else
+ $res = ldap_bind($ds);
+
+ // FIXME
+
+ $ldapsearch = array($auth['firstname'],
+ $auth['lastname'],
+ $auth['email']);
+ if($domiddle)
+ array_push($ldapsearch, $auth['middlename']);
+ if($donumericid)
+ array_push($ldapsearch, $auth['numericid']);
+ # FIXME hack
+ array_push($ldapsearch, 'gecos');
+
+ $search = ldap_search($ds,
+ $auth['binddn'],
+ "{$auth['unityid']}=$userid",
+ $ldapsearch, 0, 3, 15);
+ $return = array();
+ if($search) {
+ $tmpdata = ldap_get_entries($ds, $search);
+ if(! $tmpdata['count'])
+ return NULL;
+ $data = array();
+ for($i = 0; $i < $tmpdata['count']; $i++) {
+ for($j = 0; $j < $tmpdata[$i]['count']; $j++) {
+ if(is_array($tmpdata[$i][$tmpdata[$i][$j]]))
+ $data[strtolower($tmpdata[$i][$j])] = $tmpdata[$i][$tmpdata[$i][$j]][0];
+ else
+ $data[strtolower($tmpdata[$i][$j])] = $tmpdata[$i][$tmpdata[$i][$j]];
+ }
+ }
+ // FIXME hack to take care of users that don't have full info in ldap
+ if(! array_key_exists($auth['firstname'], $data) &&
+ ! array_key_exists(strtolower($auth['firstname']), $data)) {
+ if(array_key_exists('gecos', $data)) {
+ $tmpArr = explode(' ', $data['gecos']);
+ if(count($tmpArr) == 3) {
+ $data[strtolower($auth['firstname'])] = $tmpArr[0];
+ $data[strtolower($auth['middlename'])] = $tmpArr[1];
+ $data[strtolower($auth['lastname'])] = $tmpArr[2];
+ }
+ elseif(count($tmpArr) == 2) {
+ $data[strtolower($auth['firstname'])] = $tmpArr[0];
+ $data[strtolower($auth['middlename'])] = '';
+ $data[strtolower($auth['lastname'])] = $tmpArr[1];
+ }
+ elseif(count($tmpArr) == 1) {
+ $data[strtolower($auth['firstname'])] = '';
+ $data[strtolower($auth['middlename'])] = '';
+ $data[strtolower($auth['lastname'])] = $tmpArr[0];
+ }
+ }
+ else {
+ $data[strtolower($auth['firstname'])] = '';
+ if($domiddle)
+ $data[strtolower($auth['middlename'])] = '';
+ $data[strtolower($auth['lastname'])] = '';
+ }
+ }
+ if(! array_key_exists($auth['email'], $data)) {
+ $data[strtolower($auth['email'])] = $userid . $auth['defaultemail'];
+ }
+
+ $return['first'] = ereg_replace("'", "\'", $data[strtolower($auth['firstname'])]);
+ $return['last'] = ereg_replace("'", "\'", $data[strtolower($auth['lastname'])]);
+ if($domiddle && array_key_exists(strtolower($auth['middlename']), $data))
+ $return['middle'] = ereg_replace("'", "\'", $data[strtolower($auth['middlename'])]);
+ if($donumericid)
+ $return['numericid'] = $data[strtolower($auth['numericid'])];
+ $return['email'] = $data[strtolower($auth['email'])];
+ $return['emailnotices'] = 1;
+
+ return $return;
+ }
+ return NULL;
+}
+
+////////////////////////////////////////////////////////////////////////////////
+///
+/// \fn updateEXAMPLE1Groups($user)
+///
+/// \param $user - an array of user data
+///
+/// \brief builds an array of nisNetgroups user is a member of and calls
+/// updateGroups
+///
+////////////////////////////////////////////////////////////////////////////////
+function updateEXAMPLE1Groups($user) {
+ $count = 0;
+ do {
+ if($count > 2)
+ abort(35);
+ if($count > 0)
+ sleep(1);
+ ldapUIDLookup($user['unityid'], $userData);
+ $count++;
+ } while(! array_key_exists("info", $userData) ||
+ ! array_key_exists("account", $userData["info"]) ||
+ ! array_key_exists("memberNisNetgroup", $userData["info"]["account"]));
+ $newusergroups = array();
+ if(! array_key_exists('info', $userData) ||
+ ! array_key_exists('account', $userData['info']) ||
+ ! array_key_exists('memberNisNetgroup', $userData['info']['account']))
+ return;
+ foreach($userData["info"]["account"]["memberNisNetgroup"] as $item) {
+ $tmpArr = explode(',', $item);
+ $tmpArr = explode('=', $tmpArr[0]);
+ if(! array_key_exists(1, $tmpArr)) {
+ continue;
+ }
+ $grp = mysql_escape_string($tmpArr[1]);
+ array_push($newusergroups, getUserGroupID($grp, $user['affiliationid']));
+ }
+ $newusergroups = array_unique($newusergroups);
+ updateGroups($newusergroups, $user["id"]);
+}
+
+////////////////////////////////////////////////////////////////////////////////
+///
+/// \fn updateEXAMPLE2Groups($user)
+///
+/// \param $user - an array of user data
+///
+/// \brief builds an array of memberof groups user is a member of and calls
+/// updateGroups
+///
+////////////////////////////////////////////////////////////////////////////////
+function updateEXAMPLE2Groups($user) {
+ global $authMechs;
+ $auth = $authMechs['EXAMPLE2 LDAP'];
+ $ds = ldap_connect("ldaps://{$auth['server']}/");
+ if(! $ds)
+ return 0;
+ ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
+
+ $res = ldap_bind($ds, $auth['masterlogin'],
+ $auth['masterpwd']);
+ if(! $res)
+ return 0;
+
+ $search = ldap_search($ds,
+ $auth['binddn'],
+ "{$auth['unityid']}={$user['unityid']}",
+ array('memberof'), 0, 10, 15);
+ if(! $search)
+ return 0;
+
+ $data = ldap_get_entries($ds, $search);
+ $newusergroups = array();
+ if(! array_key_exists('memberof', $data[0]))
+ return;
+ for($i = 0; $i < $data[0]['memberof']['count']; $i++) {
+ if(preg_match('/^CN=(.+),OU=CourseRolls,DC=example2,DC=com/', $data[0]['memberof'][$i], $match) ||
+ preg_match('/^CN=(Students_Enrolled),OU=Students,DC=example2,DC=com$/', $data[0]['memberof'][$i], $match) ||
+ preg_match('/^CN=(Staff),OU=IT,DC=example2,DC=com$/', $data[0]['memberof'][$i], $match))
+ array_push($newusergroups, getUserGroupID($match[1], $user['affiliationid']));
+ }
+ $newusergroups = array_unique($newusergroups);
+ updateGroups($newusergroups, $user["id"]);
+}