This application is designed to help LSPs track compliance with tasks assigned to their users, such as SSN Remediation. An LSP installs the application, configures the list of users that need to complete the task, and then notifies the users. Users complete the task, and then access this application to record compliance. LSPs may use an administrative interface to view progress.
The following components are needed to run this application:
1. Apache web server
2. PHP running on the web server
3. PHP configured to use mysqli
4. PHP configured to use LDAP (not strictly necessary, but it makes it nicer)
5. Apache configured to use NetBadge
6. A MySQL database server that the web server may query
Assuming you have a database set up on a MySQL server and that you have the credentials for accessing it (note: creating MySQL databases and accounts is outside of the scope of this documentation), create the users and the administrators table in that database. You may do this with the mysql command line interface from a unix prompt. Be sure to swap out YOUR_USERNAME, YOUR_DATABASE_SERVER, and YOUR_DATABASE_NAME with the actual values for your database.
mysql -u YOUR_USERNAME -h YOUR_DATABASE_SERVER -p (enter your user's database password) use YOUR_DATABASE_NAME CREATE TABLE users (computing_id VARCHAR(255), completion_date DATE NOT NULL, PRIMARY KEY(computing_id)); CREATE TABLE administrators (computing_id VARCHAR(255), PRIMARY KEY(computing_id));
Insert the users who need to complete the task into the users table. There are lots of ways to do this, but here’s an example using the mysql command line interface. Be sure to swap out YOUR_USERNAME, YOUR_DATABASE_SERVER, and YOUR_DATABASE_NAME with the actual values for your database.
Note: Include yourself in the list of users so that you may verify that things are working correctly.
mysql -u YOUR_USERNAME -h YOUR_DATABASE_SERVER -p (enter your user's database password) use YOUR_DATABASE_NAME INSERT INTO users(computing_id) VALUES("mst3k"); INSERT INTO users(computing_id) VALUES("abc2d"); INSERT INTO users(computing_id) VALUES("xyz3e");
Add any administrators you’d like to the administrators table (administrators can view the status for everyone):
INSERT INTO administrators(computing_id) VALUES("mst3k");
For batch loading large numbers of users, you can use the mysqlimport command. First, create a file called “users.txt” on your machine that has all of your users in it, one per line. For example:
mst3k abc2d zyx3e
Then use the mysqlimport command (be sure to swap out all of the uppercase values below with your real credentials):
mysqlimport --columns=computing_id --local -u YOUR_USERNAME -h YOUR_DATABASE_SERVER -p YOUR_DATABASE_NAME users.txt
Log into your web server, go to the appropriate place in the filesystem for storing SSL content, and clone the application. Be sure to swap out YOUR_WEB_SERVER_HOST and YOUR_SSL_DIRECTORY with the actual values for your site. Please note that this application uses NetBadge, which requires SSL, so the application will not work unless it is installed in an SSL directory on a NetBadge-enabled web server.
ssh YOUR_WEB_SERVER_HOST (e.g. - ssh blue.unix.virginia.edu) cd YOUR_SSL_DIRECTORY (e.g. - cd /web/www.virginia.edu/doc/my_department) git clone git://github.com/darthmolly/remediation.git
Alternatively, download one of the tagged versions, and then upload it to your server.
At a minimum, you will need to adjust the settings in inc/configs.inc.php to include your database information. Edit the values in the first few lines in the parts after the => symbol. For example, change:
"DATABASE_HOST" => "localhost", # your database server
to (where YOUR_DATABASE_SERVER is the actual information for your database server):
"DATABASE_HOST" => "YOUR_DATABASE_SERVER", # your database server
You should now be able to access your application via a web browser. You’ll need to use the correct host name and directory information for your site. Be sure to swap out YOUR_WEBSERVER and YOUR_SUBDIRECTORY (if applicable):
https://YOUR_WEB_SERVER/YOUR_SUBDIRECTORY/remediate
For example:
https://www.virginia.edu/mydepartment/remediate
Note the “s” on https! If NetBadge is correctly enabled, you should see NetBadge authorization occur. If you get a message that says “We couldn’t find your user record.”, that means you forgot to put your own computing id into the database (doh!)
If you get a blank screen, it’s possible that you have a PHP error occurring, and your server is configured not to display PHP errors (this is a good thing in production, but it makes troubleshooting difficult). To change this setting, edit the file called “.htaccess” (note that the file begins with a dot), and take out the comment symbols (#) at the beginning of the last two lines:
php_flag display_errors on php_value error_reporting 6143
Save, and then try reloading your page to see error messages.
Now that your application is up and running, you will almost certainly want to update the default verbiage. The relevant files are in the “partials” directory of your application. In there you will find:
1. header.inc.php – the header at the top of the page
2. incomplete.inc.php – the text someone sees if they haven’t completed the process
3. complete.inc.php – the text someone sees if they have already completed the process
4. done.inc.php – the text someone sees right after they complete the process
5. not_found.inc.php – the text someone sees if they have logged into the site but aren’t in your users table
6. footer.inc.php – the footer at the bottom of the page
7. style.css – a stylesheet for the app. In case you want to get fancy or something.
8. users.inc.php – the administrative screen
9. user_confirmation_email.inc.php – the email a user gets after completing the process
10. admin_confirmation_email.inc.php – the email an administrators gets after a user has completed the process