} else if ($op == 'view') {
$block = array();
- if (!$plc->person) {
+ if (property_exists($plc, 'hide_planetlab_block')) {
+ // do nothing
+ // this is a private hook from the Vicci module to hide the planetlab module
+ } else if (!$plc->person) {
// Force login via HTTPS
unset($_GET['time']);
$form['#action'] = "https://" . $_SERVER['HTTP_HOST'] . url($_GET['q'], drupal_get_destination());
} else {
$block['subject'] = truncate($plc->person['email'],30);
- //////////////////// Logout
+ //////////////////// Logout
$bullet_item = '';
if ($user->uid) {
// Drupal logout (destroys the session and cleans up $user)
// Thierry unclear when this triggers, I suspect this is obsolete
- $bullet_item .= l(t('Logout of %s',
+ $bullet_item .= l(t('Logout of %s',
array('%s' => variable_get('site_name', 'local'))), 'logout');
} else {
// PlanetLab logout (just destroy the session)
$bullet_item .= href (l_logout(),'Logout');
}
$bullet_item .= ul_start();
- // logout
+ // logout
if ( $plc->alt_person && $plc->alt_auth) {
- $email = truncate($plc->person['email'],20);
+ $email = truncate($plc->person['email'],20);
$bullet_item .= leaf( href( l_sulogout(),"Un-become $email"));
- }
+ }
$bullet_item .= ul_end();
$items []= expanded ($bullet_item);
$bullet_item = '';
$bullet_item .= l_person_t(plc_my_person_id(),"My Account");
$bullet_item .= ul_start();
- if (plc_is_admin() || plc_is_pi())
+ if (plc_is_admin() || plc_is_pi())
$bullet_item .= leaf( href( l_persons_site(plc_my_site_id()), "My Site Accounts"));
if (plc_is_admin()) {
$bullet_item .= leaf(href(l_persons_peer('local'),'Local Accounts (slow)'));
$bullet_item .= leaf(href(l_persons(),'All Accounts (slow)'));
}
-
+
$bullet_item .= ul_end();
$items [] = expanded($bullet_item);
$bullet_item .= href(l_sites(),"Sites");
$bullet_item .= ul_start();
$bullet_item .= plc_my_site_links();
- if ( plc_is_admin() )
- $bullet_item .= leaf( href(l_sites_pending(),"Pending Requests"));
+ if ( plc_is_admin() )
+ $bullet_item .= leaf( href(l_sites_pending(),"Pending Requests"));
$bullet_item .= ul_end();
$items[] = expanded($bullet_item);
$bullet_item .= href(l_nodes(),"Nodes");
$bullet_item .= ul_start();
$bullet_item .= plc_my_node_links();
- $bullet_item .= leaf( href (l_register_node(),"Register Node"));
+ if (plc_is_admin() || plc_is_pi() || plc_is_tech()) {
+ $bullet_item .= leaf( href (l_register_node(), "Register Node (ko)"));
+ }
$bullet_item .= ul_end();
$items [] = expanded($bullet_item);
//////////////////// Slices
$bullet_item = '';
- //if( !( plc_is_tech() && ! plc_is_user() && ! plc_is_pi() && ! plc_is_admin() ) )
+ //if( !( plc_is_tech() && ! plc_is_user() && ! plc_is_pi() && ! plc_is_admin() ) )
if (plc_is_admin()) {
$bullet_item .= href(l_slices(),"Slices");
} else {
$bullet_item .= href(l_slices(),"My Slices");
}
$bullet_item .= ul_start();
- if (plc_is_admin())
+ if (plc_is_admin())
$bullet_item .= leaf ( href(l_slices_my_site(), 'My Site Slices'));
if( plc_is_admin() || plc_is_pi() ) {
$bullet_item .= leaf(href(l_slice_add(),"Create Slice"));
}
- if( !( plc_is_tech() && ! plc_is_user() && ! plc_is_pi() && ! plc_is_admin() ) )
+ if( !( plc_is_tech() && ! plc_is_user() && ! plc_is_pi() && ! plc_is_admin() ) )
$bullet_item .= leaf(href(l_sirius(),"Sirius"));
$bullet_item .= ul_end();
$items [] = expanded($bullet_item);
// Our referring page is encased in a query string of the form
// "destination=referrer".
- parse_str(drupal_get_destination()); // => $destination
+ parse_str(drupal_get_destination(), $variables);
+ $destination = $variables['destination'];
// The referrer itself is a URL path with the original query string,
// e.g. "referer.php?query".
extract(parse_url($destination)); // => $query
// Which we then have to parse again as a query string.
- parse_str($query); // => $url
+ parse_str($query, $variables);
+ $url = $variables['url'];
if ($plc->person) {
// To handle the edge case where this function is called during a
}
}
+function isValidFileName($file) {
+
+ /* don't allow .. and allow any "word" character \ / */
+
+ return preg_match('/^(((?:\.)(?!\.))|\w)+$/', $file);
+
+}
+
function planetlab_page() {
$path = $_SERVER['DOCUMENT_ROOT'] . preg_replace('/^db\//', '/planetlab/', $_GET['q']);
$output = ob_get_contents();
ob_end_clean();
} else {
- $output = file_get_contents($path);
+ if (isValidFileName($path)) {
+ $output = file_get_contents($path);
+ }
+ else {
+ $output = "";
+ }
}
return $output;
}
-
+
drupal_not_found();
}