From b45e89e9af1569b41c63354584e4da471c9a83ad Mon Sep 17 00:00:00 2001 From: David Anderson Date: Mon, 10 Dec 2018 16:58:56 -0800 Subject: [PATCH 1/2] web: add options for not collecting or showing URL and country Add constants NO_USER_URL and NO_USER_COUNTRY. If you set these to true (in project.inc) there will be no query or display of user web site URL and user country, respectively. --- html/inc/account.inc | 18 +++++++++-------- html/inc/forum.inc | 2 +- html/inc/user.inc | 30 ++++++++++++++++++----------- html/inc/user_util.inc | 13 +++++++------ html/inc/util.inc | 6 ++++++ html/inc/xml.inc | 22 ++++++++++++++------- html/user/am_set_info.php | 8 +++++++- html/user/edit_user_info_action.php | 28 ++++++++++++++------------- html/user/edit_user_info_form.php | 24 +++++++++++++---------- 9 files changed, 94 insertions(+), 57 deletions(-) diff --git a/html/inc/account.inc b/html/inc/account.inc index d6c270fcacb..4db6ea2481d 100644 --- a/html/inc/account.inc +++ b/html/inc/account.inc @@ -102,14 +102,16 @@ function create_account_form($teamid, $next_url) { ), "passwd", "", "password",'id="passwd"',passwd_visible_checkbox("passwd") ); - form_select( - sprintf('%s', - tra("Select the country you want to represent, if any."), - tra("Country") - ), - "country", - country_select_options() - ); + if (!NO_USER_COUNTRY) { + form_select( + sprintf('%s', + tra("Select the country you want to represent, if any."), + tra("Country") + ), + "country", + country_select_options() + ); + } if (POSTAL_CODE) { form_input_text( tra("Postal or ZIP Code")."
".tra("Optional")."", diff --git a/html/inc/forum.inc b/html/inc/forum.inc index a5121a550fb..80c0d5ccafd 100644 --- a/html/inc/forum.inc +++ b/html/inc/forum.inc @@ -628,7 +628,7 @@ function show_post( // - put the .png's in html/user/flags/ // - put define("COUNTRY_FLAGS", 1); in your html/project/project.inc // - if (defined("COUNTRY_FLAGS")) { + if (!NO_USER_COUNTRY && defined("COUNTRY_FLAGS")) { if (array_key_exists($user->country, $country_to_iso3166_2)) { $code = $country_to_iso3166_2[$user->country]; echo "\"$user-country\" title=\"$user->country\" src=flags/$code.png>\n"; diff --git a/html/inc/user.inc b/html/inc/user.inc index 34d8df42eb8..2c23c21a829 100644 --- a/html/inc/user.inc +++ b/html/inc/user.inc @@ -243,11 +243,15 @@ function show_user_info_private($user) { } row2(tra("Email address"), $email_text); } - if (strlen($user->url)) { - $u = normalize_user_url($user->url); - row2(tra("URL"), sprintf('%s', $u, $u)); + if (!NO_USER_URL) { + if (strlen($user->url)) { + $u = normalize_user_url($user->url); + row2(tra("URL"), sprintf('%s', $u, $u)); + } + } + if (!NO_USER_COUNTRY) { + row2(tra("Country"), $user->country); } - row2(tra("Country"), $user->country); if (POSTAL_CODE) { row2(tra("Postal code"), $user->postal_code); } @@ -433,13 +437,17 @@ function show_user_summary_public($user) { global $g_logged_in_user; row2(tra("User ID"), $user->id); row2(tra("%1 member since", PROJECT), date_str($user->create_time)); - row2(tra("Country"), $user->country); - // don't show URL if user has no recent credit (spam suppression) - // - if (strlen($user->url)) { - if (!NO_COMPUTING || $user->expavg_credit > 1) { - $u = normalize_user_url($user->url); - row2(tra("URL"), sprintf('%s', $u, $u)); + if (!NO_USER_COUNTRY) { + row2(tra("Country"), $user->country); + } + if (!NO_USER_URL) { + // don't show URL if user has no recent credit (spam suppression) + // + if (strlen($user->url)) { + if (!NO_COMPUTING || $user->expavg_credit > 1) { + $u = normalize_user_url($user->url); + row2(tra("URL"), sprintf('%s', $u, $u)); + } } } if (!NO_COMPUTING) { diff --git a/html/inc/user_util.inc b/html/inc/user_util.inc index ce2ab7c2114..37067b79c83 100644 --- a/html/inc/user_util.inc +++ b/html/inc/user_util.inc @@ -187,6 +187,7 @@ function validate_post_make_user() { } // Check if consent to terms of use has been given. + // $myconsent = FALSE; list($checkct, $ctid) = check_consent_type(CONSENT_TYPE_ENROLL); if ($checkct and check_termsofuse()) { @@ -258,12 +259,12 @@ function validate_post_make_user() { $passwd_hash = md5($passwd.$new_email_addr); - $country = post_str("country", true); - if (!$country) { - $country = "None"; - } - if (!is_valid_country($country)) { - error_page("bad country"); + $country = ""; + if (!NO_USER_COUNTRY) { + $country = post_str("country", true); + if ($country && !is_valid_country($country)) { + error_page("bad country"); + } } if (POSTAL_CODE) { diff --git a/html/inc/util.inc b/html/inc/util.inc index a31b86c0a92..62b107704a1 100644 --- a/html/inc/util.inc +++ b/html/inc/util.inc @@ -101,6 +101,12 @@ if (!defined('USER_HOME')) { if (!defined('POST_MAX_LINKS')) { define('POST_MAX_LINKS', 0); } +if (!defined('NO_USER_COUNTRY')) { + define('NO_USER_COUNTRY', 0); +} +if (!defined('NO_USER_URL')) { + define('NO_USER_URL', 0); +} // sleep this long on any login failure // (slow the rate of hacker attacks) diff --git a/html/inc/xml.inc b/html/inc/xml.inc index c7e5485d718..473fa38957d 100644 --- a/html/inc/xml.inc +++ b/html/inc/xml.inc @@ -95,18 +95,15 @@ function show_host_xml($host) { // function show_user_xml($user, $show_hosts) { $cpid = md5($user->cross_project_id.$user->email_addr); - $url = normalize_user_url($user->url); echo " $user->id $cpid $user->create_time ".htmlspecialchars($user->name)." - $user->country $user->total_credit $user->expavg_credit $user->expavg_time $user->teamid - ".htmlspecialchars($url)." $user->has_profile "; if ($show_hosts) { @@ -116,8 +113,14 @@ function show_user_xml($user, $show_hosts) { show_host_xml($host); } } -echo" -"; + if (!NO_USER_COUNTRY) { + echo " $user->country\n"; + } + if (!NO_USER_URL) { + $url = normalize_user_url($user->url); + echo " ".htmlspecialchars($url)."\n"; + } + echo "\n"; } function show_team_member($user, $creditonly = false) { @@ -131,12 +134,17 @@ function show_team_member($user, $creditonly = false) { if (!$creditonly) { echo " $user->create_time ".htmlspecialchars($user->name)." - $user->country $user->expavg_credit $user->expavg_time - ".htmlspecialchars($url)." $user->has_profile "; + if (!NO_USER_COUNTRY) { + echo " $user->country\n"; + } + if (!NO_USER_URL) { + $url = normalize_user_url($user->url); + echo " ".htmlspecialchars($url)."\n"; + } } echo " "; diff --git a/html/user/am_set_info.php b/html/user/am_set_info.php index da837d5dc1d..67613d5f32b 100644 --- a/html/user/am_set_info.php +++ b/html/user/am_set_info.php @@ -100,7 +100,10 @@ function success($x) { } $name = BoincDb::escape_string($name); -if ($country && !is_valid_country($country)) { +if (NO_USER_COUNTRY) { + $country = ""; +} +if (!is_valid_country($country)) { xml_error(-1, "invalid country"); } $country = BoincDb::escape_string($country); @@ -118,6 +121,9 @@ function success($x) { $project_prefs = str_ireplace("", "\n".$orig_project_specific, $project_prefs); } +if (NO_USER_URL) { + $url = ""; +} $url = BoincDb::escape_string($url); $send_email = BoincDb::escape_string($send_email); $show_hosts = BoincDb::escape_string($show_hosts); diff --git a/html/user/edit_user_info_action.php b/html/user/edit_user_info_action.php index 652d461e555..77d5cdfec96 100644 --- a/html/user/edit_user_info_action.php +++ b/html/user/edit_user_info_action.php @@ -33,25 +33,27 @@ if (strlen($name) == 0) { error_page(tra("You must supply a name for your account.")); } -$url = post_str("url", true); -$url = sanitize_tags($url); -$country = post_str("country"); -if ($country == "") { - $country = "International"; +$name = BoincDb::escape_string($name); + +$url = ""; +$country = ""; +$postal_code = ""; +if (!NO_USER_URL) { + $url = post_str("url", true); + $url = sanitize_tags($url); + $url = BoincDb::escape_string($url); } -if (!is_valid_country($country)) { - error_page("bad country"); +if (!NO_USER_COUNTRY) { + $country = post_str("country"); + if (!is_valid_country($country)) { + error_page("bad country"); + } + $country = BoincDb::escape_string($country); } -$country = BoincDb::escape_string($country); if (POSTAL_CODE) { $postal_code = BoincDb::escape_string(sanitize_tags(post_str("postal_code", true))); -} else { - $postal_code = ''; } -$name = BoincDb::escape_string($name); -$url = BoincDb::escape_string($url); - $result = $user->update( "name='$name', url='$url', country='$country', postal_code='$postal_code'" ); diff --git a/html/user/edit_user_info_form.php b/html/user/edit_user_info_form.php index be80aa0c450..773c42f2e12 100644 --- a/html/user/edit_user_info_form.php +++ b/html/user/edit_user_info_form.php @@ -35,17 +35,21 @@ $user->name ); -form_input_text( - tra("URL %1 of your personal web page; optional%2", "

", "

"), - 'url', - $user->url -); +if (!NO_USER_URL) { + form_input_text( + tra("URL %1 of your personal web page; optional%2", "

", "

"), + 'url', + $user->url + ); +} -form_select( - tra("Country"), - 'country', - country_select_options($user->country) -); +if (!NO_USER_COUNTRY) { + form_select( + tra("Country"), + 'country', + country_select_options($user->country) + ); +} if (POSTAL_CODE) { form_input_text( From ff91f05aa65e27ec09d029fbd1f0eeaf7e1271bb Mon Sep 17 00:00:00 2001 From: David Anderson Date: Fri, 14 Dec 2018 20:20:24 -0800 Subject: [PATCH 2/2] Tweaks to user URL/country flags - Put flags in config.xml instead of project.inc - Make them positive instead of negative - make db_dump respect them. --- html/inc/account.inc | 2 +- html/inc/forum.inc | 2 +- html/inc/user.inc | 8 ++++---- html/inc/user_util.inc | 2 +- html/inc/util.inc | 18 ++++++++++-------- html/inc/util_basic.inc | 4 ++-- html/inc/xml.inc | 8 ++++---- html/user/am_set_info.php | 4 ++-- html/user/edit_user_info_action.php | 4 ++-- html/user/edit_user_info_form.php | 4 ++-- lib/util.cpp | 1 + sched/db_dump.cpp | 9 +++++++-- sched/sched_config.cpp | 4 ++++ sched/sched_config.h | 2 ++ 14 files changed, 43 insertions(+), 29 deletions(-) diff --git a/html/inc/account.inc b/html/inc/account.inc index 4db6ea2481d..e1ad3f08499 100644 --- a/html/inc/account.inc +++ b/html/inc/account.inc @@ -102,7 +102,7 @@ function create_account_form($teamid, $next_url) { ), "passwd", "", "password",'id="passwd"',passwd_visible_checkbox("passwd") ); - if (!NO_USER_COUNTRY) { + if (USER_COUNTRY) { form_select( sprintf('%s', tra("Select the country you want to represent, if any."), diff --git a/html/inc/forum.inc b/html/inc/forum.inc index 80c0d5ccafd..72f8f5425e7 100644 --- a/html/inc/forum.inc +++ b/html/inc/forum.inc @@ -628,7 +628,7 @@ function show_post( // - put the .png's in html/user/flags/ // - put define("COUNTRY_FLAGS", 1); in your html/project/project.inc // - if (!NO_USER_COUNTRY && defined("COUNTRY_FLAGS")) { + if (USER_COUNTRY && defined("COUNTRY_FLAGS")) { if (array_key_exists($user->country, $country_to_iso3166_2)) { $code = $country_to_iso3166_2[$user->country]; echo "\"$user-country\" title=\"$user->country\" src=flags/$code.png>\n"; diff --git a/html/inc/user.inc b/html/inc/user.inc index 2c23c21a829..606a148224d 100644 --- a/html/inc/user.inc +++ b/html/inc/user.inc @@ -243,13 +243,13 @@ function show_user_info_private($user) { } row2(tra("Email address"), $email_text); } - if (!NO_USER_URL) { + if (USER_URL) { if (strlen($user->url)) { $u = normalize_user_url($user->url); row2(tra("URL"), sprintf('%s', $u, $u)); } } - if (!NO_USER_COUNTRY) { + if (USER_COUNTRY) { row2(tra("Country"), $user->country); } if (POSTAL_CODE) { @@ -437,10 +437,10 @@ function show_user_summary_public($user) { global $g_logged_in_user; row2(tra("User ID"), $user->id); row2(tra("%1 member since", PROJECT), date_str($user->create_time)); - if (!NO_USER_COUNTRY) { + if (USER_COUNTRY) { row2(tra("Country"), $user->country); } - if (!NO_USER_URL) { + if (USER_URL) { // don't show URL if user has no recent credit (spam suppression) // if (strlen($user->url)) { diff --git a/html/inc/user_util.inc b/html/inc/user_util.inc index 37067b79c83..9d238ce75af 100644 --- a/html/inc/user_util.inc +++ b/html/inc/user_util.inc @@ -260,7 +260,7 @@ function validate_post_make_user() { $passwd_hash = md5($passwd.$new_email_addr); $country = ""; - if (!NO_USER_COUNTRY) { + if (USER_COUNTRY) { $country = post_str("country", true); if ($country && !is_valid_country($country)) { error_page("bad country"); diff --git a/html/inc/util.inc b/html/inc/util.inc index 62b107704a1..befed7c2ce5 100644 --- a/html/inc/util.inc +++ b/html/inc/util.inc @@ -34,7 +34,7 @@ require_once("../inc/translation.inc"); require_once("../inc/profile.inc"); require_once("../inc/bootstrap.inc"); -// parse some stuff from config (do it here for efficiency) +// parse some stuff from config.xml (do it here for efficiency) // $config = get_config(); global $master_url; @@ -42,8 +42,16 @@ $master_url = parse_config($config , ""); $recaptcha_public_key = parse_config($config, ""); $recaptcha_private_key = parse_config($config, ""); -// don't allow /... at the end of URL +// the following default to on +// +$x = parse_config($config, ""); +define('USER_COUNTRY', ($x===null)?1:(int)$x); +$x = parse_config($config, ""); +define('USER_URL', ($x===null)?1:(int)$x); + +// don't allow /... at the end of URL +// if (array_key_exists("PATH_INFO", $_SERVER)) { die("bad URL"); } @@ -101,12 +109,6 @@ if (!defined('USER_HOME')) { if (!defined('POST_MAX_LINKS')) { define('POST_MAX_LINKS', 0); } -if (!defined('NO_USER_COUNTRY')) { - define('NO_USER_COUNTRY', 0); -} -if (!defined('NO_USER_URL')) { - define('NO_USER_URL', 0); -} // sleep this long on any login failure // (slow the rate of hacker attacks) diff --git a/html/inc/util_basic.inc b/html/inc/util_basic.inc index 33337ce9d74..8e51ef12fd5 100644 --- a/html/inc/util_basic.inc +++ b/html/inc/util_basic.inc @@ -95,7 +95,6 @@ function get_config() { // If it's a single-tag element, and it's present, just return the tag // function parse_element($xml, $tag) { - $element = null; $closetag = "$user->country\n"; } - if (!NO_USER_URL) { + if (USER_URL) { $url = normalize_user_url($user->url); echo " ".htmlspecialchars($url)."\n"; } @@ -138,10 +138,10 @@ function show_team_member($user, $creditonly = false) { $user->expavg_time $user->has_profile "; - if (!NO_USER_COUNTRY) { + if (USER_COUNTRY) { echo " $user->country\n"; } - if (!NO_USER_URL) { + if (USER_URL) { $url = normalize_user_url($user->url); echo " ".htmlspecialchars($url)."\n"; } diff --git a/html/user/am_set_info.php b/html/user/am_set_info.php index 67613d5f32b..350c895d26d 100644 --- a/html/user/am_set_info.php +++ b/html/user/am_set_info.php @@ -100,7 +100,7 @@ function success($x) { } $name = BoincDb::escape_string($name); -if (NO_USER_COUNTRY) { +if (!USER_COUNTRY) { $country = ""; } if (!is_valid_country($country)) { @@ -121,7 +121,7 @@ function success($x) { $project_prefs = str_ireplace("", "\n".$orig_project_specific, $project_prefs); } -if (NO_USER_URL) { +if (!USER_URL) { $url = ""; } $url = BoincDb::escape_string($url); diff --git a/html/user/edit_user_info_action.php b/html/user/edit_user_info_action.php index 77d5cdfec96..6494f2db240 100644 --- a/html/user/edit_user_info_action.php +++ b/html/user/edit_user_info_action.php @@ -38,12 +38,12 @@ $url = ""; $country = ""; $postal_code = ""; -if (!NO_USER_URL) { +if (USER_URL) { $url = post_str("url", true); $url = sanitize_tags($url); $url = BoincDb::escape_string($url); } -if (!NO_USER_COUNTRY) { +if (USER_COUNTRY) { $country = post_str("country"); if (!is_valid_country($country)) { error_page("bad country"); diff --git a/html/user/edit_user_info_form.php b/html/user/edit_user_info_form.php index 773c42f2e12..f19e11cb0f0 100644 --- a/html/user/edit_user_info_form.php +++ b/html/user/edit_user_info_form.php @@ -35,7 +35,7 @@ $user->name ); -if (!NO_USER_URL) { +if (USER_URL) { form_input_text( tra("URL %1 of your personal web page; optional%2", "

", "

"), 'url', @@ -43,7 +43,7 @@ ); } -if (!NO_USER_COUNTRY) { +if (USER_COUNTRY) { form_select( tra("Country"), 'country', diff --git a/lib/util.cpp b/lib/util.cpp index c51418a8b24..5a38f4ff3e7 100644 --- a/lib/util.cpp +++ b/lib/util.cpp @@ -484,6 +484,7 @@ int run_program( FCGI::perror("execvp"); #else perror("execvp"); + fprintf(stderr, "couldn't exec %s: %d\n", file, errno); #endif exit(errno); } diff --git a/sched/db_dump.cpp b/sched/db_dump.cpp index d155facf6f5..04f349eb693 100644 --- a/sched/db_dump.cpp +++ b/sched/db_dump.cpp @@ -582,7 +582,6 @@ void write_user(USER& user, ZFILE* f, bool /*detail*/) { "\n" " %lu\n" " %s\n" - " %s\n" " %d\n" " %f\n" " %f\n" @@ -597,7 +596,13 @@ void write_user(USER& user, ZFILE* f, bool /*detail*/) { user.expavg_time, cpid ); - if (strlen(user.url)) { + if (config.user_country && strlen(user.country)) { + f->write( + " %s\n", + user.country + ); + } + if (config.user_url && strlen(user.url)) { f->write( " %s\n", url diff --git a/sched/sched_config.cpp b/sched/sched_config.cpp index b5a72bf1879..eb4ceb6a99e 100644 --- a/sched/sched_config.cpp +++ b/sched/sched_config.cpp @@ -95,6 +95,8 @@ int SCHED_CONFIG::parse(FILE* f) { scheduler_log_buffer = 32768; version_select_random_factor = 1.; maintenance_delay = 3600; + user_url = true; + user_country = true; if (!xp.parse_start("boinc")) return ERR_XML_PARSE; if (!xp.parse_start("config")) return ERR_XML_PARSE; @@ -194,6 +196,8 @@ int SCHED_CONFIG::parse(FILE* f) { if (xp.parse_bool("job_size_matching", job_size_matching)) continue; if (xp.parse_bool("dont_send_jobs", dont_send_jobs)) continue; if (xp.parse_bool("estimate_flops_from_hav_pfc", estimate_flops_from_hav_pfc)) continue; + if (xp.parse_bool("user_url", user_url)) continue; + if (xp.parse_bool("user_country", user_country)) continue; //////////// STUFF RELEVANT ONLY TO SCHEDULER STARTS HERE /////// diff --git a/sched/sched_config.h b/sched/sched_config.h index f210057d56a..96ec0b64896 100644 --- a/sched/sched_config.h +++ b/sched/sched_config.h @@ -101,6 +101,8 @@ struct SCHED_CONFIG { bool enable_assignment_multi; bool job_size_matching; bool dont_send_jobs; + bool user_url; // whether to export user.url in db dump + bool user_country; //////////// STUFF RELEVANT ONLY TO SCHEDULER FOLLOWS ///////////