From 1b92e7781affa8dee1427ac8f803e5f0ef9e680d Mon Sep 17 00:00:00 2001 From: David Anderson Date: Mon, 11 Nov 2002 10:26:40 +0000 Subject: [PATCH] web site: accounts, login svn path=/trunk/boinc/; revision=597 --- checkin_notes | 29 +++++++ db/constraints.sql | 2 + db/db.h | 2 +- doc/account.html | 9 +-- doc/app.html | 25 +++--- doc/create_project.html | 1 + doc/participate.html | 2 + doc/startup.html | 14 ++-- html/user/create_account.php | 13 --- html/user/create_account_form.php | 69 ++++++++++++++++ html/user/index.php | 69 +++++++--------- html/user/login.inc | 93 --------------------- html/user/login.php | 10 --- html/user/login_action.php | 130 ++++++------------------------ html/user/login_form.php | 21 +++++ html/user/util.inc | 6 +- test/test_uc.php | 12 +-- todo | 6 +- 18 files changed, 215 insertions(+), 298 deletions(-) delete mode 100644 html/user/create_account.php create mode 100644 html/user/create_account_form.php delete mode 100644 html/user/login.inc delete mode 100644 html/user/login.php create mode 100644 html/user/login_form.php diff --git a/checkin_notes b/checkin_notes index 0cbac426a3..4568ddb954 100755 --- a/checkin_notes +++ b/checkin_notes @@ -2356,3 +2356,32 @@ David Nov 9 2002 test_uc.php tools/ process_result_template.C + +David Nov 9 2002 + - Simplified account creation. + Only screen name, email address required; country, zip optional. + Only account ID required to log in + Removed web password from form; + projects can add this if they want. + - Change "authenticator" to "account ID" everywhere + - made country list appear on account creation form + + todo + db/ + constraints.sql + db.h + doc/ + account.html + app.html + create_project.html + participate.html + startup.html + html_user/ + renamed create_account.php to create_account_form.php + renamed login.php to login_form.php + download.php + index.php + login_action.php + util.inc + test/ + test_uc.php diff --git a/db/constraints.sql b/db/constraints.sql index 6b43c35dee..6920ef3ee1 100644 --- a/db/constraints.sql +++ b/db/constraints.sql @@ -11,6 +11,8 @@ alter table app_version alter table user add unique(email_addr); +alter table user + add unique(authenticator); alter table user add index ind_tid (teamid); diff --git a/db/db.h b/db/db.h index fa1cde7f6b..9dc04528b2 100644 --- a/db/db.h +++ b/db/db.h @@ -102,7 +102,7 @@ struct USER { unsigned int create_time; char email_addr[256]; char name[256]; - char web_password[256]; + char web_password[256]; // optional char authenticator[256]; char country[256]; char postal_code[256]; diff --git a/doc/account.html b/doc/account.html index 7ac839bd41..e165c84bfd 100644 --- a/doc/account.html +++ b/doc/account.html @@ -10,20 +10,17 @@ This involves filling out a form with -
  • You will receive an email containing an account ID +
  • You will receive an email containing an account key (a long random string).
  • Download and install the BOINC client program. -It will ask for a project URL and an account ID. +It will ask for a project URL and an account key. Enter the project's URL, -cut and paste the account ID from the email. +cut and paste the account key from the email.

    diff --git a/doc/app.html b/doc/app.html index cc76e0f1cf..57b5e845ae 100644 --- a/doc/app.html +++ b/doc/app.html @@ -1,15 +1,11 @@ -Platforms, applications, and versions +Applications and versions -

    Platforms, applications, and versions

    -

    -A platform is a compilation target (Windows/Intel, -Linux/Intel, MacOS/PPC, etc.). -Platforms are maintained in the platform table in the BOINC DB, -and can be created using the add utility. +

    Applications and versions

    -An application consists of an executable program, -perhaps with versions for various platforms. +An application represents a particular distributed computation; +it consists of a program (perhaps with versions for different platforms) +and a set of workunits and results. A project can operate many applications. Applications are maintained in the application table in the BOINC DB, and can be created using the add utility. @@ -32,13 +28,14 @@ Mac version 304.

    Each application has a minimum version. -When a client is sent work for an application, it is also sent -the latest application version for its platform. +When a client is sent work for an application, +it is also sent the latest application version for its platform. It is sent work only if this version is the minimum or greater.

    Application versions are maintained in the app_version table -in the BOINC DB, Each entry includes an XML document describing the +in the BOINC DB. +Each entry includes an XML document describing the files that make up the application version: 

     <file_info> ... 
@@ -57,5 +54,5 @@ files that make up the application version:
     </file_ref>
 </app_version>
    -The add utility provides a -simplified interface for creating application versions. +Application versions can be created using the +add utility program. diff --git a/doc/create_project.html b/doc/create_project.html index a86423a840..e171553e9a 100644 --- a/doc/create_project.html +++ b/doc/create_project.html @@ -1,4 +1,5 @@ Creating a BOINC project +

    Creating a BOINC project

    diff --git a/doc/participate.html b/doc/participate.html index 6759e44dd7..2cf02bf8a9 100644 --- a/doc/participate.html +++ b/doc/participate.html @@ -1,3 +1,5 @@ +Participating in BOINC projects +

    Participating in BOINC projects

    • Joining a project diff --git a/doc/startup.html b/doc/startup.html index 7fc2ffc866..0d7c792ec0 100644 --- a/doc/startup.html +++ b/doc/startup.html @@ -6,19 +6,19 @@ You can join a second and subsequent projects as follows.
      1. Visit the new project's web site and create an account. -Note: if you wish, you can use different email, user name or password +Note: if you wish, you can use different email and name than those of your first account. -
      2. Receive an email containing an account ID (a long random string). -
      3. Run the BOINC +
      4. Receive an email containing an account key (a long random string). +
      5. Run the BOINC client, and select the Add Project command. +Enter the project's URL and your account key.
      -

      How preferences are stored

      +

      Where to edit your preferences

      Your preferences are stored on BOINC servers. -When your hosts communicate with a server they get the -latest preferences, and they pass along these preferences -to other servers. +When your hosts communicate with a server they get the latest preferences, +and they pass along these preferences to other servers. Thus, when you change your preferences on one project's web site, these changes will quickly spread to all your hosts, and to the web sites of all the other projects in which you participate. diff --git a/html/user/create_account.php b/html/user/create_account.php deleted file mode 100644 index 51911ef75c..0000000000 --- a/html/user/create_account.php +++ /dev/null @@ -1,13 +0,0 @@ - diff --git a/html/user/create_account_form.php b/html/user/create_account_form.php new file mode 100644 index 0000000000..f02c05d4c6 --- /dev/null +++ b/html/user/create_account_form.php @@ -0,0 +1,69 @@ + + +

      + + + + + + + + + + + + + +
      +Name or nickname: +
      Your identifier on our web site. Use your real name or a nickname. +      		 + +
      +Email address: +
      Your account key will be emailed to this address. +      		 + +
      +Country: +
      select the country you wish to represent, if any. +      		 + + +
      +Postal (ZIP) code: + + +
      +
      +      		 + +
      +
      + + diff --git a/html/user/index.php b/html/user/index.php index 3c4b8e1a8c..6738ddcd68 100644 --- a/html/user/index.php +++ b/html/user/index.php @@ -2,48 +2,39 @@ require_once("util.inc"); require_once("db.inc"); - db_init(); - $user = get_user_from_cookie(); - printf( - "\n" - ."".PROJECT."\n" - ."\n" - ."\n" - ."\n" - ."\n" - ); - if ($user) { - echo "

      ".PROJECT."

      Welcome $user->name

      \n"; - echo "If you are not $user->name or would wish to log in as another user "; - echo "login here."; - } else { - echo "
      \n"; - } + page_head("Home page"); ?> -

      -This distributed computing project is running on the BOINC software platform. -BOINC is a software platform for public-participation distributed -computing projects. -Users are allowed to simultaneously participate in multiple projects -and to choose how to allocate their resources for each project. +

      What we're doing

      +The Astropulse project, based at UC Berkeley, +uses the idle time of thousands of computers to +analyze radio telescope signals. +Astropulse uses BOINC, +which allows you to participate in multiple +distributed computing projects at the same time. -

      Joining this project

      -First, create an account. -You will be sent an authenticator -to the email specified. -After successfully creating an account, -download the BOINC client. -Install and run the client. -When it asks you for authenticator, -cut and paste the authenticator from the email. +

      How to join

      -
      - + +

      Returning participants

      + + + diff --git a/html/user/login.inc b/html/user/login.inc deleted file mode 100644 index 2398aa9cdb..0000000000 --- a/html/user/login.inc +++ /dev/null @@ -1,93 +0,0 @@ -\n" - .TABLE2."\n - Enter the email address and password of your account to login:\n -
      \n - \n - Email Address\n - \n - \n - \n - Password\n - \n - \n - \n -
      \n - \n - \n - \n - \n -
      \n" - .TABLE2."\n - If you don't have an account, please create a new one\n - \n"; - page_tail(); -} - -function print_create_account_form() { - printf( - "
      \n" - .TABLE2."\n" - ."To create a new account, please fill out the following information:\n" - ."
      \n" - ."\n" - ." Name or nickname:".SM_FONT." this is the name that will be seen by other users on the web.      \n" - ."\n" - ."\n" - ." \n" - ."\n" - ."
      \n" - ."\n" - ." Email address:".SM_FONT." ex.john@mailserver.com - this is what you will be using to login to your account. The address you enter\n" - ."must be valid in order for you to create an account; a unique BOINC key will be sent to it to make sure it is valid.\n" - ."\n" - ."\n" - ." \n" - ."\n" - ."
      \n" - ."\n" - ." Password:".SM_FONT." remember this password - you may need it to access your account in the future.\n" - ."\n" - ."\n" - ." \n" - ."\n" - ."
      \n" - ."\n" - ." Retype password to confirm:\n" - ."\n" - ."\n" - ." \n" - ."\n" - ."
      \n" - ."\n" - ." Country:".SM_FONT." select from the list below the country you wish to represent.\n" - ."\n" - ."\n" - ." \n" - ." \n" - ."\n" - ."
      \n" - ."\n" - ." Postal (ZIP) code:\n" - ."\n" - ."\n" - ." \n" - ."\n" - ."
      \n" - ."\n" - ." \n" - ."\n". - "\n" - ."
      \n" - ); -} - -?> diff --git a/html/user/login.php b/html/user/login.php deleted file mode 100644 index 1cd0ef3ed6..0000000000 --- a/html/user/login.php +++ /dev/null @@ -1,10 +0,0 @@ - diff --git a/html/user/login_action.php b/html/user/login_action.php index 3f65b4dddd..82a6d6044d 100644 --- a/html/user/login_action.php +++ b/html/user/login_action.php @@ -4,111 +4,33 @@ require_once("db.inc"); db_init(); - if (strlen($HTTP_POST_VARS["old"])) { - $query = sprintf( - "select * from user where email_addr='%s'", - $HTTP_POST_VARS["existing_email"] - ); - $result = mysql_query($query); - if ($result) { - $user = mysql_fetch_object($result); - mysql_free_result($result); - } - if (!$user) { - page_head("Logging in"); - echo "There is no account with the email address you have entered.\n"; - echo "Click the Back button to re-enter email address.\n"; - } else if ($user->web_password != $HTTP_POST_VARS["existing_password"]) { - page_head("Logging in"); - echo BADPASS; - } else { - setcookie("auth", $user->authenticator, time()+100000000); - page_head("User Page"); - show_user_page_private($user); - } - } else if (strlen($HTTP_POST_VARS["new"])) { - $query = sprintf( - "select * from user where email_addr='%s'", - $HTTP_POST_VARS["new_email_addr"] - ); - $result = mysql_query($query); - if ($result) { - $user = mysql_fetch_object($result); - mysql_free_result($result); - } - if (strlen($HTTP_POST_VARS["new_email_addr"]) == 0) { - page_head("Creating Account"); - printf( - TABLE2."\n" - ."You must enter an email address to create an account.\n" - ."\n" - ."" - ); - } else if (strlen($HTTP_POST_VARS["new_password"]) == 0) { - page_head("Creating Account"); - printf( - TABLE2."\n" - ."You must enter a web password to create an account.\n" - ."\n" - ."" - ); - } else if ($user) { - page_head("Creating Account"); - printf( - TABLE2."\n" - ."There's already an account with that email address. Click the Back button\n" - ." on your browser to edit your information, or login to your \n" - .PROJECT." account.\n" - ."\n" - ); - } else { - if ($HTTP_POST_VARS["new_password"] != $HTTP_POST_VARS["new_password2"]) { - page_head("Creating Account"); - printf( - TABLE2."\n" - ."".DIFFPASS - ."\n" - ."\n" - ); - } else { - $authenticator = random_string(); - $email_addr = $HTTP_POST_VARS["new_email_addr"]; - $query = sprintf( - "insert into user (create_time, email_addr, name, web_password, authenticator, country, postal_code, global_prefs, project_prefs) values(%d, '%s', '%s', '%s', '%s', '%s', %d, '', '')", - time(), - $email_addr, - $HTTP_POST_VARS["new_name"], - $HTTP_POST_VARS["new_password"], - $authenticator, - $HTTP_POST_VARS["country"], - $HTTP_POST_VARS["postal_code"] - ); - $result = mysql_query($query); - if ($result) { - setcookie("auth", $authenticator); - page_head("Creating Account"); - echo TABLE2."\n - - Your account has been created successfully. - In order to run the client you will need a BOINC key. - A key will be sent to the email address you provided, - and you can simply copy and paste the key, - which will be a string of letters and numbers, - in the location indicated when you run the client. - \n -

      \n - Download core client\n - \n"; - mail($email_addr, "BOINC key", "Your BOINC key is " . $authenticator); - } else { - page_head("Creating Account"); - echo TABLE2."\n - Couldn't create account. - Please try again later.\n - \n"; - } - } + $authenticator = $HTTP_POST_VARS["authenticator"]; + $email_addr = $HTTP_POST_VARS["email_addr"]; + $password = $HTTP_POST_VARS["password"]; + if (strlen($authenticator)) { + $query = "select * from user where authenticator='$authenticator'"; + } + $query = sprintf( + $query = "select * from user where email_addr='$email_addr'"; + ); + $result = mysql_query($query); + if ($result) { + $user = mysql_fetch_object($result); + mysql_free_result($result); + } + if (!$user) { + page_head("Log in"); + echo "There is no account with the account key or email address you have entered.\n"; + echo "Click the Back button to try again.\n"; + } else if (strlen($password)) { + page_head("Log in"); + if ($user->web_password != $HTTP_POST_VARS["existing_password"]) { + echo "Bad password."; } + } else { + setcookie("auth", $user->authenticator, time()+100000000); + page_head("User Page"); + show_user_page_private($user); } page_tail(); ?> diff --git a/html/user/login_form.php b/html/user/login_form.php new file mode 100644 index 0000000000..3f56fa9715 --- /dev/null +++ b/html/user/login_form.php @@ -0,0 +1,21 @@ + + + + + +
      + Your account key: + + +
      +
      +       		+ +
      "; + + page_tail(); +?> diff --git a/html/user/util.inc b/html/user/util.inc index 2366255687..b9101cd98e 100644 --- a/html/user/util.inc +++ b/html/user/util.inc @@ -21,9 +21,7 @@ define("TITLE_COLOR", " bgcolor=000000 "); define("TITLE_FONT", " "); define("BODY_COLOR", " bgcolor=ffffff "); define("NOLOGIN", "Not logged in. Click here to login.\n"); -define("BADPASS", "The password you entered is incorrect. Click the Back button on your browser to re-enter your password or try again later."); -define("DIFFPASS", "You've typed two different passwords. Click the Back button on your browser to edit your information, making sure you type the same password in both password fields."); -define("PROJECT", "Sample project"); +define("PROJECT", "Astropulse"); function get_user_from_cookie() { @@ -49,7 +47,7 @@ function page_head($title) { // Put your project title and logo here - echo "

      Sample Project

      \n"; + echo "

      ".PROJECT."

      \n"; echo "

      $title

      \n"; } diff --git a/test/test_uc.php b/test/test_uc.php index 4caa70f13b..d0361f6f74 100644 --- a/test/test_uc.php +++ b/test/test_uc.php @@ -9,15 +9,15 @@ $user = new User(); $host = new Host($user); - // the following is optional - $app = new App("core_client"); - $app_version = new App_Version($app); - $project->add_app($app); - $project->add_app_version($app_version); - $app = new App("upper_case"); $app_version = new App_Version($app); + // the following is optional (makes client web download possible) + $core_app = new App("core client"); + $core_app_version = new App_Version($core_app); + $project->add_app($core_app); + $project->add_app_version($core_app_version); + $project->add_user($user); $project->add_app($app); $project->add_app_version($app_version); diff --git a/todo b/todo index 2fa8ab5f5f..5b7ab524e9 100755 --- a/todo +++ b/todo @@ -1,4 +1,8 @@ -protection mechanism for project admin web +use PHP session mechanism instead of our own cookies + +use https for login (don't sent account key or password in clear) + +protect project admin web pages (htaccess) Deadline mechanism for results - use in result dispatching