//
// $Id$
//
+error_reporting(0);
require_once 'plc_config.php';
require_once 'plc_session.php';
} else if ($op == 'view') {
$block = array();
- if (!$plc->person) {
+ if ($plc->hide_planetlab_block) {
+ // do nothing
+ // this is a private hook from the Vicci module to hide the planetlab module
+ } else if (!$plc->person) {
// Force login via HTTPS
unset($_GET['time']);
$form['#action'] = "https://" . $_SERVER['HTTP_HOST'] . url($_GET['q'], drupal_get_destination());
$bullet_item .= l_person_t(plc_my_person_id(),"My Account");
$bullet_item .= ul_start();
if (plc_is_admin() || plc_is_pi())
- $bullet_item .= leaf( href( l_persons_site(plc_my_site_id()), "My Users"));
+ $bullet_item .= leaf( href( l_persons_site(plc_my_site_id()), "My Site Accounts"));
if (plc_is_admin()) {
- $bullet_item .= leaf(href(l_persons_peer('local'),'Local users (looong)'));
- $bullet_item .= leaf(href(l_persons(),'All users (looong)'));
+ $bullet_item .= leaf(href(l_persons_peer('local'),'Local Accounts (slow)'));
+ $bullet_item .= leaf(href(l_persons(),'All Accounts (slow)'));
}
$bullet_item .= ul_end();
$bullet_item .= href(l_nodes(),"Nodes");
$bullet_item .= ul_start();
$bullet_item .= plc_my_node_links();
- $bullet_item .= leaf( href (l_register_node(),"Register Node"));
+ if (plc_is_admin() || plc_is_pi() || plc_is_tech())
+ $bullet_item .= leaf( href (l_register_node(),"Register Node"));
$bullet_item .= ul_end();
$items [] = expanded($bullet_item);
$bullet_item = '';
$bullet_item .= href(l_admin(),"Admin search");
$bullet_item .= ul_start();
- $bullet_item .= leaf( href (l_node_add(),"Add Node"));
+ if ( plc_is_admin() )
+ $bullet_item .= leaf( href (l_node_add(),"Add Node"));
$bullet_item .= leaf( href( l_tags(),"Tags"));
$bullet_item .= leaf( href( l_nodegroups(),"Node groups"));
$bullet_item .= leaf (href(l_peers(),'Peers'));
}
}
+function isValidFileName($file) {
+
+ /* don't allow .. and allow any "word" character \ / */
+
+ return preg_match('/^(((?:\.)(?!\.))|\w)+$/', $file);
+
+}
+
function planetlab_page() {
$path = $_SERVER['DOCUMENT_ROOT'] . preg_replace('/^db\//', '/planetlab/', $_GET['q']);
$output = ob_get_contents();
ob_end_clean();
} else {
- $output = file_get_contents($path);
+ if (isValidFileName($path)) {
+ $output = file_get_contents($path);
+ }
+ else {
+ $output = "";
+ }
}
return $output;
}