From 037f1b3eb226710a05497459b003d596131143f9 Mon Sep 17 00:00:00 2001
From: David Anderson <davea@ssl.berkeley.edu>
Date: Fri, 9 Jan 2015 10:54:05 -0800
Subject: [PATCH] web: fix PHP errors on empty team search; when delete spam
 team, delete user too

---
 html/inc/account.inc         | 119 +++++++++++++++++++++++++++++++++++
 html/inc/team.inc            |   4 +-
 html/ops/delete_spammers.php |  21 +++++--
 html/user/team_search.php    |  10 ++-
 4 files changed, 146 insertions(+), 8 deletions(-)
 create mode 100644 html/inc/account.inc

diff --git a/html/inc/account.inc b/html/inc/account.inc
new file mode 100644
index 0000000000..ffa310eaed
--- /dev/null
+++ b/html/inc/account.inc
@@ -0,0 +1,119 @@
+<?php
+// This file is part of BOINC.
+// http://boinc.berkeley.edu
+// Copyright (C) 2015 University of California
+//
+// BOINC is free software; you can redistribute it and/or modify it
+// under the terms of the GNU Lesser General Public License
+// as published by the Free Software Foundation,
+// either version 3 of the License, or (at your option) any later version.
+//
+// BOINC is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+// See the GNU Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public License
+// along with BOINC.  If not, see <http://www.gnu.org/licenses/>.
+
+function create_account_form($teamid, $next_url) {
+    echo "
+        <p>
+        <form action=\"create_account_action.php\" method=\"post\">
+        <input type=hidden name=next_url value=\"$next_url\">
+    ";
+
+    if ($teamid) {
+        echo "
+            <input type=\"hidden\" name=\"teamid\" value=\"$teamid\">
+        ";
+    }
+    start_table();
+
+    // Using invitation codes to restrict access?
+    //
+    if (defined('INVITE_CODES')) {
+         row2(
+             tra("Invitation Code")."<br><p class=\"text-info\">".tra("A valid invitation code is required to create an account.")."</p>",
+             "<input type=\"text\" name=\"invite_code\" size=\"30\" >"
+         );
+    }
+
+    row2(
+        tra("Name")."<br><p class=\"text-info\">".tra("Identifies you on our web site. Use your real name or a nickname.")."</p>",
+        "<input type=\"text\" name=\"new_name\" size=\"30\">"
+    );
+    row2(
+        tra("Email Address")."<br><p class=\"text-info\">".tra("Must be a valid address of the form 'name@domain'.")."</p>",
+        "<input type=\"text\" name=\"new_email_addr\" size=\"50\">"
+    );
+    $min_passwd_length = parse_element(get_config(), "<min_passwd_length>");
+    if (!$min_passwd_length) {
+        $min_passwd_length = 6;
+    }
+
+    row2(
+        tra("Password")
+        ."<br><p class=\"text-info\">".tra("Must be at least %1 characters", $min_passwd_length)."</p>",
+        "<input type=\"password\" name=\"passwd\">"
+    );
+    row2(tra("Confirm password"), "<input type=\"password\" name=\"passwd2\">");
+    row2_init(
+        tra("Country")."<br><p class=\"text-info\">".tra("Select the country you want to represent, if any.")."</p>",
+        "<select name=\"country\">"
+    );
+    print_country_select();
+    echo "</select></td></tr>\n";
+    row2(
+        tra("Postal or ZIP Code")."<br><p class=\"text-info\">".tra("Optional")."</p>",
+        "<input type=\"text\" name=\"postal_code\" size=\"20\">"
+    );
+
+    // Check if we're reCaptcha to prevent spam accounts
+    //
+    $publickey = parse_config(get_config(), "<recaptcha_public_key>");
+    if ($publickey) {
+        row2(
+            tra("Please enter the words shown in the image"),
+            recaptcha_get_html($publickey, null, is_https())
+        );
+    }
+
+    row2("",
+        "<input class=\"btn btn-primary\" type=\"submit\" value=\"".tra("Create account")."\">"
+    );
+    end_table();
+    echo "</form>\n";
+}
+
+function login_form($next_url) {
+    echo "
+        <form name=\"f\" method=\"post\" action=\"".secure_url_base()."/login_action.php\">
+        <input type=\"hidden\" name=\"next_url\" value=\"$next_url\">
+    ";
+    start_table();
+    if (LDAP_HOST) {
+        $x = "Email address or LDAP user name:";
+    } else {
+        $x = tra("Email address:");
+    }
+    row2($x . '<br><p class="text-muted"><a href="get_passwd.php">'.tra("forgot email address?")."</a></p>",
+        "<input name=email_addr type=\"text\" size=40 tabindex=1>"
+    );
+    row2(tra("Password:") . '<br><p class="text-muted"><a href="get_passwd.php">' . tra("forgot password?") . "</a></p>",
+        '<input type="password" name="passwd" size="40" tabindex="2">'
+    );
+    row2(tra("Stay logged in"),
+        '<input type="checkbox" name="stay_logged_in" checked>'
+    );
+    $x = urlencode($next_url);
+
+    row2("",
+        "<input class=\"btn btn-default\" type=\"submit\" name=\"mode\" value=\"".tra("Log in")."\" tabindex=\"3\"><br><br>". $create_acct
+    );
+
+    end_table();
+    echo "</form>\n";
+}
+
+?>
diff --git a/html/inc/team.inc b/html/inc/team.inc
index eaa0fbaa66..155b00ec13 100644
--- a/html/inc/team.inc
+++ b/html/inc/team.inc
@@ -161,7 +161,9 @@ function display_team_page($team, $user) {
         }
     }
     row1(tra('Members'));
-    row2(tra('Founder'), user_links($team->founder, BADGE_HEIGHT_MEDIUM));
+    row2(tra('Founder'),
+        $team->founder?user_links($team->founder, BADGE_HEIGHT_MEDIUM):"---"
+    );
     if (count($team->admins)) {
         $first = true;
         $x = "";
diff --git a/html/ops/delete_spammers.php b/html/ops/delete_spammers.php
index 7a62b2ee51..234e19643e 100755
--- a/html/ops/delete_spammers.php
+++ b/html/ops/delete_spammers.php
@@ -42,11 +42,14 @@
 //   delete users with ID N to M inclusive
 //
 // --teams
-//   delete teams that
-//   - have 0 or 1 members
-//   - have no total credit
-//   - have descriptions containing a link
-//   - are not BOINC-Wide teams
+//   delete teams (and their owners) where the team
+//   - has 0 or 1 members
+//   - has no total credit
+//   - has description containing a link
+//   - is not a BOINC-Wide team
+//   and the owner
+//   - has no posts
+//   - has no hosts
 //
 // --user_url
 //   delete accounts that
@@ -200,6 +203,13 @@ function delete_teams() {
         $n = team_count_members($team->id);
         if ($n > 1) continue;
         if (!has_link($team->description)) continue;
+        $user = BoincUser::lookup_id($team->userid);
+        if ($user) {
+            $n = BoincPost::count("user=$user->id");
+            if ($n) continue;
+            $n = BoincHost::count("userid=$user->id");
+            if ($n) continue;
+        }
         if ($test) {
             echo "would delete team:\n";
             echo "   ID: $team->id\n";
@@ -208,6 +218,7 @@ function delete_teams() {
         } else {
             $team->delete();
             echo "deleted team ID $team->id name $team->name\n";
+            if ($user) do_delete_user($user);
         }
     }
 }
diff --git a/html/user/team_search.php b/html/user/team_search.php
index 21e4439168..86097e2d7b 100644
--- a/html/user/team_search.php
+++ b/html/user/team_search.php
@@ -53,14 +53,20 @@ function compare($t1, $t2) {
 // Sort list by decreasing refcnt
 //
 function sort_list(&$list) {
-    foreach ($list as $a=>$b) $b->rnd = rand();
+    foreach ($list as $a=>$b) {
+        $b->rnd = rand();
+    }
     usort($list, 'compare');
 }
 
 function get_teams($clause, $active) {
     $c2 = '';
     if ($active) $c2 = "and expavg_credit>0.1";
-    return BoincTeam::enum("$clause $c2 order by expavg_credit desc limit 20");
+    $x = BoincTeam::enum("$clause $c2 order by expavg_credit desc limit 20");
+    foreach ($x as $t) {
+        $t->refcnt = 0;
+    }
+    return $x;
 }
 
 function show_list($list) {