citadel/user_ops.c

   1 /* needed to properly enable crypt() stuff on some systems */
   2 #define _XOPEN_SOURCE
   3 /* needed for str[n]casecmp() on some systems if the above is defined */
   4 #define _XOPEN_SOURCE_EXTENDED
   5
   6 #include <stdlib.h>
   7 #include <unistd.h>
   8 #include <stdio.h>
   9 #include <fcntl.h>
  10 #include <signal.h>
  11 #include <pwd.h>
  12 #include <sys/types.h>
  13 #include <sys/time.h>
  14 #include <string.h>
  15 #include <syslog.h>
  16 #include <pthread.h>
  17 #include "citadel.h"
  18 #include "server.h"
  19 #include "proto.h"
  20
  21 extern struct config config;
  22
  23
  24 /*
  25  * hash()  -  hash table function for user lookup
  26  */
  27 int hash(char *str)
  28 {
  29         int h = 0;
  30         int i;
  31
  32         for (i=0; i<strlen(str); ++i) h=h+((i+1)*tolower(str[i]));
  33         return(h);
  34         }
  35
  36
  37 /*
  38  * getuser()  -  retrieve named user into supplied buffer.
  39  *               returns 0 on success
  40  */
  41 int getuser(struct usersupp *usbuf, char name[]) {
  42
  43         char lowercase_name[32];
  44         int a;
  45         struct cdbdata *cdbus;
  46
  47         bzero(usbuf, sizeof(struct usersupp));
  48         for (a=0; a<=strlen(name); ++a) {
  49                 lowercase_name[a] = tolower(name[a]);
  50                 }
  51
  52         cdbus = cdb_fetch(CDB_USERSUPP, lowercase_name, strlen(lowercase_name));
  53         if (cdbus == NULL) {    /* not found */
  54                 return(1);
  55                 }
  56
  57         memcpy(usbuf, cdbus->ptr, cdbus->len);
  58         cdb_free(cdbus);
  59         return(0);
  60         }
  61
  62
  63 /*
  64  * lgetuser()  -  same as getuser() but locks the record
  65  */
  66 int lgetuser(struct usersupp *usbuf, char *name)
  67 {
  68         int retcode;
  69
  70         retcode = getuser(usbuf,name);
  71         if (retcode == 0) {
  72                 begin_critical_section(S_USERSUPP);
  73                 }
  74         return(retcode);
  75         }
  76
  77
  78 /*
  79  * putuser()  -  write user buffer into the correct place on disk
  80  */
  81 void putuser(struct usersupp *usbuf, char *name)
  82 {
  83         char lowercase_name[32];
  84         int a;
  85
  86         for (a=0; a<=strlen(name); ++a) {
  87                 lowercase_name[a] = tolower(name[a]);
  88                 }
  89
  90         cdb_store(CDB_USERSUPP, lowercase_name, strlen(lowercase_name),
  91                 usbuf, sizeof(struct usersupp));
  92
  93         }
  94
  95
  96 /*
  97  * lputuser()  -  same as putuser() but locks the record
  98  */
  99 void lputuser(struct usersupp *usbuf, char *name)
 100 {
 101         putuser(usbuf,name);
 102         end_critical_section(S_USERSUPP);
 103         }
 104
 105
 106 /*
 107  * Is the user currently logged in an Aide?
 108  */
 109 int is_aide(void) {
 110         if (CC->usersupp.axlevel >= 6) return(1);
 111         else return(0);
 112         }
 113
 114
 115 /*
 116  * Is the user currently logged in an Aide *or* the room aide for this room?
 117  */
 118 int is_room_aide(void) {
 119         if ( (CC->usersupp.axlevel >= 6)
 120                 || (CC->quickroom.QRroomaide == CC->usersupp.usernum) ) return(1);
 121         else return(0);
 122         }
 123
 124 /*
 125  * getuserbynumber()  -  get user by number
 126  *                       returns 0 if user was found
 127  */
 128 int getuserbynumber(struct usersupp *usbuf, long int number)
 129 {
 130         struct cdbdata *cdbus;
 131
 132         cdb_rewind(CDB_USERSUPP);
 133
 134         while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 135                 bzero(usbuf, sizeof(struct usersupp));
 136                 memcpy(usbuf, cdbus->ptr, cdbus->len);
 137                 cdb_free(cdbus);
 138                 if (usbuf->usernum == number) {
 139                         return(0);
 140                         }
 141                 }
 142         return(-1);
 143         }
 144
 145
 146 /*
 147  * USER cmd
 148  */
 149 void cmd_user(char *cmdbuf)
 150 {
 151         char username[256];
 152         char autoname[256];
 153         int found_user = 0;
 154         struct passwd *p;
 155         int a;
 156
 157         extract(username,cmdbuf,0);
 158         username[25] = 0;
 159         strproc(username);
 160
 161         if ((CC->logged_in)) {
 162                 cprintf("%d Already logged in.\n",ERROR);
 163                 return;
 164                 }
 165
 166         found_user = getuser(&CC->usersupp,username);
 167         if (found_user != 0) {
 168                 p = (struct passwd *)getpwnam(username);
 169                 if (p!=NULL) {
 170                         strcpy(autoname,p->pw_gecos);
 171                         for (a=0; a<strlen(autoname); ++a)
 172                                 if (autoname[a]==',') autoname[a]=0;
 173                         found_user = getuser(&CC->usersupp,autoname);
 174                         }
 175                 }
 176         if (found_user == 0) {
 177                 if (((CC->nologin)) && (CC->usersupp.axlevel < 6)) {
 178                         cprintf("%d %s: Too many users are already online (maximum is %d)\n",
 179                         ERROR+MAX_SESSIONS_EXCEEDED,
 180                         config.c_nodename,config.c_maxsessions);
 181                         }
 182                 else {
 183                         strcpy(CC->curr_user,CC->usersupp.fullname);
 184                         cprintf("%d Password required for %s\n",
 185                                 MORE_DATA,CC->curr_user);
 186                         }
 187                 }
 188         else {
 189                 cprintf("%d %s not found.\n",ERROR,username);
 190                 }
 191         }
 192
 193
 194
 195 /*
 196  * session startup code which is common to both cmd_pass() and cmd_newu()
 197  */
 198 void session_startup(void) {
 199         int a;
 200         struct quickroom qr;
 201
 202         syslog(LOG_NOTICE,"user <%s> logged in",CC->curr_user);
 203         hook_user_login(CC->cs_pid, CC->curr_user);
 204         lgetuser(&CC->usersupp,CC->curr_user);
 205         ++(CC->usersupp.timescalled);
 206         CC->fake_username[0] = '\0';
 207         CC->fake_postname[0] = '\0';
 208         CC->fake_hostname[0] = '\0';
 209         CC->fake_roomname[0] = '\0';
 210         CC->last_pager[0] = '\0';
 211         time(&CC->usersupp.lastcall);
 212
 213         /* If this user's name is the name of the system administrator
 214          * (as specified in setup), automatically assign access level 6.
 215          */
 216         if (!strcasecmp(CC->usersupp.fullname, config.c_sysadm)) {
 217                 CC->usersupp.axlevel = 6;
 218                 }
 219
 220 /* A room's generation number changes each time it is recycled. Users are kept
 221  * out of private rooms or forget rooms by matching the generation numbers. To
 222  * avoid an accidental matchup, unmatched numbers are set to -1 here.
 223  */
 224         for (a=0; a<MAXROOMS; ++a) {
 225                 getroom(&qr,a);
 226                 if (CC->usersupp.generation[a] != qr.QRgen)
 227                                         CC->usersupp.generation[a]=(-1);
 228                 if (CC->usersupp.forget[a] != qr.QRgen)
 229                                         CC->usersupp.forget[a]=(-1);
 230                 }
 231
 232         lputuser(&CC->usersupp,CC->curr_user);
 233
 234         cprintf("%d %s|%d|%d|%d|%u|%ld\n",OK,CC->usersupp.fullname,CC->usersupp.axlevel,
 235                 CC->usersupp.timescalled,CC->usersupp.posted,CC->usersupp.flags,
 236                 CC->usersupp.usernum);
 237         usergoto(0,0);          /* Enter the lobby */
 238         rec_log(CL_LOGIN,CC->curr_user);
 239         }
 240
 241
 242
 243 /*
 244  * misc things to be taken care of when a user is logged out
 245  */
 246 void logout(struct CitContext *who)
 247 {
 248         who->logged_in = 0;
 249         if (who->download_fp != NULL) {
 250                 fclose(who->download_fp);
 251                 who->download_fp = NULL;
 252                 }
 253         if (who->upload_fp != NULL) {
 254                 abort_upl(who);
 255                 }
 256         }
 257
 258
 259 void cmd_pass(char *buf)
 260 {
 261         char password[256];
 262         int code;
 263         struct passwd *p;
 264
 265         extract(password,buf,0);
 266
 267         if ((CC->logged_in)) {
 268                 cprintf("%d Already logged in.\n",ERROR);
 269                 return;
 270                 }
 271         if (!strcmp(CC->curr_user,"")) {
 272                 cprintf("%d You must send a name with USER first.\n",ERROR);
 273                 return;
 274                 }
 275         if (getuser(&CC->usersupp,CC->curr_user)) {
 276                 cprintf("%d Can't find user record!\n",ERROR+INTERNAL_ERROR);
 277                 return;
 278                 }
 279
 280         code = (-1);
 281         if (CC->usersupp.USuid == BBSUID) {
 282                 strproc(password);
 283                 strproc(CC->usersupp.password);
 284                 code = strcasecmp(CC->usersupp.password,password);
 285                 }
 286         else {
 287                 p = (struct passwd *)getpwuid(CC->usersupp.USuid);
 288 #ifdef ENABLE_AUTOLOGIN
 289                 if (p!=NULL) {
 290                         if (!strcmp(p->pw_passwd,
 291                            (char *)crypt(password,p->pw_passwd))) {
 292                                 code = 0;
 293                                 lgetuser(&CC->usersupp, CC->curr_user);
 294                                 strcpy(CC->usersupp.password, password);
 295                                 lputuser(&CC->usersupp, CC->curr_user);
 296                                 }
 297                         }
 298 #endif
 299                 }
 300
 301         if (!code) {
 302                 (CC->logged_in) = 1;
 303                 session_startup();
 304                 }
 305         else {
 306                 cprintf("%d Wrong password.\n",ERROR);
 307                 rec_log(CL_BADPW,CC->curr_user);
 308                 }
 309         }
 310
 311
 312 /*
 313  * purge related files when removing or overwriting a user record
 314  */
 315 void purge_user(char *pname) {
 316         char filename[64];
 317         struct usersupp usbuf;
 318         int a;
 319         struct cdbdata *cdbmb;
 320         long *mailbox;
 321         int num_mails;
 322
 323         if (getuser(&usbuf, pname) != 0) {
 324                 lprintf(5, "Cannot purge user <%s> - not found\n", pname);
 325                 return;
 326                 }
 327
 328         /* delete any messages in the user's mailbox */
 329         cdbmb = cdb_fetch(CDB_MAILBOXES, &usbuf.usernum, sizeof(long));
 330         if (cdbmb != NULL) {
 331                 num_mails = cdbmb->len / sizeof(long);
 332                 mailbox = (long *) cdbmb->ptr;
 333                 if (num_mails > 0) for (a=0; a<num_mails; ++a) {
 334                         cdb_delete(CDB_MSGMAIN, &mailbox[a], sizeof(long));
 335                         }
 336                 cdb_free(cdbmb);
 337                 /* now delete the mailbox itself */
 338                 cdb_delete(CDB_MAILBOXES, &usbuf.usernum, sizeof(long));
 339                 }
 340
 341
 342         /* delete the userlog entry */
 343         cdb_delete(CDB_USERSUPP, pname, strlen(pname));
 344
 345         /* remove the user's bio file */
 346         sprintf(filename, "./bio/%ld", usbuf.usernum);
 347         unlink(filename);
 348
 349         /* remove the user's picture */
 350         sprintf(filename, "./userpics/%ld.gif", usbuf.usernum);
 351         unlink(filename);
 352
 353         }
 354
 355
 356 /*
 357  * create_user()  -  back end processing to create a new user
 358  */
 359 int create_user(char *newusername)
 360 {
 361         struct usersupp usbuf;
 362         int a;
 363         struct passwd *p = NULL;
 364         char username[64];
 365
 366         strcpy(username, newusername);
 367         strproc(username);
 368
 369 #ifdef ENABLE_AUTOLOGIN
 370         p = (struct passwd *)getpwnam(username);
 371 #endif
 372         if (p != NULL) {
 373                 strcpy(username, p->pw_gecos);
 374                 for (a=0; a<strlen(username); ++a) {
 375                         if (username[a] == ',') username[a] = 0;
 376                         }
 377                 CC->usersupp.USuid = p->pw_uid;
 378                 }
 379         else {
 380                 CC->usersupp.USuid = BBSUID;
 381                 }
 382
 383         if (!getuser(&usbuf,username)) {
 384                 return(ERROR+ALREADY_EXISTS);
 385                 }
 386
 387         strcpy(CC->curr_user,username);
 388         strcpy(CC->usersupp.fullname,username);
 389         (CC->logged_in) = 1;
 390
 391         for (a=0; a<MAXROOMS; ++a) {
 392                 CC->usersupp.lastseen[a]=0L;
 393                 CC->usersupp.generation[a]=(-1);
 394                 CC->usersupp.forget[a]=(-1);
 395                 }
 396         strcpy(CC->usersupp.password,"");
 397
 398         /* These are the default flags on new accounts */
 399         CC->usersupp.flags =
 400                 US_NEEDVALID|US_LASTOLD|US_DISAPPEAR|US_PAGINATOR|US_FLOORS;
 401
 402         CC->usersupp.timescalled = 0;
 403         CC->usersupp.posted = 0;
 404         CC->usersupp.axlevel = INITAX;
 405         CC->usersupp.USscreenwidth = 80;
 406         CC->usersupp.USscreenheight = 24;
 407         time(&CC->usersupp.lastcall);
 408         strcpy(CC->usersupp.USname, "");
 409         strcpy(CC->usersupp.USaddr, "");
 410         strcpy(CC->usersupp.UScity, "");
 411         strcpy(CC->usersupp.USstate, "");
 412         strcpy(CC->usersupp.USzip, "");
 413         strcpy(CC->usersupp.USphone, "");
 414
 415         /* fetch a new user number */
 416         CC->usersupp.usernum = get_new_user_number();
 417
 418         if (CC->usersupp.usernum == 1L) {
 419                 CC->usersupp.axlevel = 6;
 420                 }
 421
 422         /* add user to userlog */
 423         putuser(&CC->usersupp,CC->curr_user);
 424         if (getuser(&CC->usersupp,CC->curr_user)) {
 425                 return(ERROR+INTERNAL_ERROR);
 426                 }
 427         rec_log(CL_NEWUSER,CC->curr_user);
 428         return(0);
 429         }
 430
 431
 432
 433
 434 /*
 435  * cmd_newu()  -  create a new user account
 436  */
 437 void cmd_newu(char *cmdbuf)
 438 {
 439         int a;
 440         char username[256];
 441
 442         if ((CC->logged_in)) {
 443                 cprintf("%d Already logged in.\n",ERROR);
 444                 return;
 445                 }
 446
 447         if ((CC->nologin)) {
 448                 cprintf("%d %s: Too many users are already online (maximum is %d)\n",
 449                 ERROR+MAX_SESSIONS_EXCEEDED,
 450                 config.c_nodename,config.c_maxsessions);
 451                 }
 452
 453         extract(username,cmdbuf,0);
 454         username[25] = 0;
 455         strproc(username);
 456
 457         if (strlen(username)==0) {
 458                 cprintf("%d You must supply a user name.\n",ERROR);
 459                 return;
 460                 }
 461
 462         a = create_user(username);
 463         if ((!strcasecmp(username, "bbs")) ||
 464             (!strcasecmp(username, "new")) ||
 465             (!strcasecmp(username, ".")))
 466         {
 467            cprintf("%d '%s' is an invalid login name.\n", ERROR);
 468            return;
 469         }
 470         if (a==ERROR+ALREADY_EXISTS) {
 471                 cprintf("%d '%s' already exists.\n",
 472                         ERROR+ALREADY_EXISTS,username);
 473                 return;
 474                 }
 475         else if (a==ERROR+INTERNAL_ERROR) {
 476                 cprintf("%d Internal error - user record disappeared?\n",
 477                         ERROR+INTERNAL_ERROR);
 478                 return;
 479                 }
 480         else if (a==0) {
 481                 session_startup();
 482                 }
 483         else {
 484                 cprintf("%d unknown error\n",ERROR);
 485                 }
 486         rec_log(CL_NEWUSER,CC->curr_user);
 487         }
 488
 489
 490
 491 /*
 492  * set password
 493  */
 494 void cmd_setp(char *new_pw)
 495 {
 496         if (!(CC->logged_in)) {
 497                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 498                 return;
 499                 }
 500         if (CC->usersupp.USuid != BBSUID) {
 501                 cprintf("%d Not allowed.  Use the 'passwd' command.\n",ERROR);
 502                 return;
 503                 }
 504         strproc(new_pw);
 505         if (strlen(new_pw)==0) {
 506                 cprintf("%d Password unchanged.\n",OK);
 507                 return;
 508                 }
 509         lgetuser(&CC->usersupp,CC->curr_user);
 510         strcpy(CC->usersupp.password,new_pw);
 511         lputuser(&CC->usersupp,CC->curr_user);
 512         cprintf("%d Password changed.\n",OK);
 513         rec_log(CL_PWCHANGE,CC->curr_user);
 514         }
 515
 516 /*
 517  * get user parameters
 518  */
 519 void cmd_getu(void) {
 520         if (!(CC->logged_in)) {
 521                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 522                 return;
 523                 }
 524         getuser(&CC->usersupp,CC->curr_user);
 525         cprintf("%d %d|%d|%d\n",OK,CC->usersupp.USscreenwidth,
 526                 CC->usersupp.USscreenheight,(CC->usersupp.flags & US_USER_SET));
 527         }
 528
 529 /*
 530  * set user parameters
 531  */
 532 void cmd_setu(char *new_parms)
 533 {
 534
 535         if (num_parms(new_parms)!=3) {
 536                 cprintf("%d Usage error.\n",ERROR);
 537                 return;
 538                 }
 539         if (!(CC->logged_in)) {
 540                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 541                 return;
 542                 }
 543         lgetuser(&CC->usersupp,CC->curr_user);
 544         CC->usersupp.USscreenwidth = extract_int(new_parms,0);
 545         CC->usersupp.USscreenheight = extract_int(new_parms,1);
 546         CC->usersupp.flags = CC->usersupp.flags & (~US_USER_SET);
 547         CC->usersupp.flags = CC->usersupp.flags |
 548                 (extract_int(new_parms,2) & US_USER_SET);
 549         lputuser(&CC->usersupp,CC->curr_user);
 550         cprintf("%d Ok\n",OK);
 551         }
 552
 553 /*
 554  * set last read pointer
 555  */
 556 void cmd_slrp(char *new_ptr)
 557 {
 558         long newlr;
 559
 560         if (!(CC->logged_in)) {
 561                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 562                 return;
 563                 }
 564
 565         if (CC->curr_rm < 0) {
 566                 cprintf("%d No current room.\n",ERROR);
 567                 return;
 568                 }
 569
 570         if (!strncasecmp(new_ptr,"highest",7)) {
 571                 newlr = CC->quickroom.QRhighest;
 572                 }
 573         else {
 574                 newlr = atol(new_ptr);
 575                 }
 576
 577         lgetuser(&CC->usersupp, CC->curr_user);
 578         CC->usersupp.lastseen[CC->curr_rm] = newlr;
 579         lputuser(&CC->usersupp, CC->curr_user);
 580         cprintf("%d %ld\n",OK,newlr);
 581         }
 582
 583
 584 /*
 585  * INVT and KICK commands
 586  */
 587 void cmd_invt_kick(char *iuser, int op)
 588                         /* user name */
 589         {               /* 1 = invite, 0 = kick out */
 590         struct usersupp USscratch;
 591         char bbb[256];
 592
 593         if (!(CC->logged_in)) {
 594                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 595                 return;
 596                 }
 597
 598         if (CC->curr_rm < 0) {
 599                 cprintf("%d No current room.\n",ERROR);
 600                 return;
 601                 }
 602
 603         if (is_room_aide()==0) {
 604                 cprintf("%d Higher access required.\n",
 605                         ERROR+HIGHER_ACCESS_REQUIRED);
 606                 return;
 607                 }
 608
 609         if ( (op==1) && ((CC->quickroom.QRflags&QR_PRIVATE)==0) ) {
 610                 cprintf("%d Not a private room.\n",ERROR+NOT_HERE);
 611                 return;
 612                 }
 613
 614         if (lgetuser(&USscratch,iuser)!=0) {
 615                 cprintf("%d No such user.\n",ERROR);
 616                 return;
 617                 }
 618
 619         if (op==1) {
 620                 USscratch.generation[CC->curr_rm]=CC->quickroom.QRgen;
 621                 USscratch.forget[CC->curr_rm]=(-1);
 622                 }
 623
 624         if (op==0) {
 625                 USscratch.generation[CC->curr_rm]=(-1);
 626                 USscratch.forget[CC->curr_rm]=CC->quickroom.QRgen;
 627                 }
 628
 629         lputuser(&USscratch,iuser);
 630
 631         /* post a message in Aide> saying what we just did */
 632         sprintf(bbb,"%s %s %s> by %s",
 633                 iuser,
 634                 ((op == 1) ? "invited to" : "kicked out of"),
 635                 CC->quickroom.QRname,
 636                 CC->usersupp.fullname);
 637         aide_message(bbb);
 638
 639         if ((op==0)&&((CC->quickroom.QRflags&QR_PRIVATE)==0)) {
 640                 cprintf("%d Ok. (Not a private room, <Z>ap effect only)\n",OK);
 641                 }
 642         else {
 643                 cprintf("%d Ok.\n",OK);
 644                 }
 645         return;
 646         }
 647
 648
 649 /*
 650  * forget (Zap) the current room
 651  */
 652 void cmd_forg(void) {
 653         if (!(CC->logged_in)) {
 654                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 655                 return;
 656                 }
 657
 658         if (CC->curr_rm < 0) {
 659                 cprintf("%d No current room.\n",ERROR);
 660                 return;
 661                 }
 662
 663         if (CC->curr_rm < 3) {
 664                 cprintf("%d You cannot forget this room.\n",ERROR+NOT_HERE);
 665                 return;
 666                 }
 667
 668         if (is_aide()) {
 669                 cprintf("%d Aides cannot forget rooms.\n",ERROR);
 670                 return;
 671                 }
 672
 673         lgetuser(&CC->usersupp,CC->curr_user);
 674         CC->usersupp.forget[CC->curr_rm] = CC->quickroom.QRgen;
 675         CC->usersupp.generation[CC->curr_rm] = (-1);
 676         lputuser(&CC->usersupp,CC->curr_user);
 677         cprintf("%d Ok\n",OK);
 678         CC->curr_rm = (-1);
 679         }
 680
 681 /*
 682  * Get Next Unregistered User
 683  */
 684 void cmd_gnur(void) {
 685         struct cdbdata *cdbus;
 686         struct usersupp usbuf;
 687
 688         if (!(CC->logged_in)) {
 689                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 690                 return;
 691                 }
 692
 693         if (CC->usersupp.axlevel < 6) {
 694                 cprintf("%d Higher access required.\n",
 695                         ERROR+HIGHER_ACCESS_REQUIRED);
 696                 return;
 697                 }
 698
 699         if ((CitControl.MMflags&MM_VALID)==0) {
 700                 cprintf("%d There are no unvalidated users.\n",OK);
 701                 return;
 702                 }
 703
 704         /* There are unvalidated users.  Traverse the usersupp database,
 705          * and return the first user we find that needs validation.
 706          */
 707         cdb_rewind(CDB_USERSUPP);
 708         while (cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 709                 bzero(&usbuf, sizeof(struct usersupp));
 710                 memcpy(&usbuf, cdbus->ptr, cdbus->len);
 711                 cdb_free(cdbus);
 712                 if ((usbuf.flags & US_NEEDVALID)
 713                    &&(usbuf.axlevel > 0)) {
 714                         cprintf("%d %s\n",MORE_DATA,usbuf.fullname);
 715                         return;
 716                         }
 717                 }
 718
 719         /* If we get to this point, there are no more unvalidated users.
 720          * Therefore we clear the "users need validation" flag.
 721          */
 722
 723         begin_critical_section(S_CONTROL);
 724         get_control();
 725         CitControl.MMflags = CitControl.MMflags&(~MM_VALID);
 726         put_control();
 727         end_critical_section(S_CONTROL);
 728         cprintf("%d *** End of registration.\n",OK);
 729
 730
 731         }
 732
 733
 734 /*
 735  * get registration info for a user
 736  */
 737 void cmd_greg(char *who)
 738 {
 739         struct usersupp usbuf;
 740         int a,b;
 741         char pbuf[32];
 742
 743         if (!(CC->logged_in)) {
 744                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 745                 return;
 746                 }
 747
 748         if (!strcasecmp(who,"_SELF_")) strcpy(who,CC->curr_user);
 749
 750         if ((CC->usersupp.axlevel < 6) && (strcasecmp(who,CC->curr_user))) {
 751                 cprintf("%d Higher access required.\n",
 752                         ERROR+HIGHER_ACCESS_REQUIRED);
 753                 return;
 754                 }
 755
 756         if (getuser(&usbuf,who) != 0) {
 757                 cprintf("%d '%s' not found.\n",ERROR+NO_SUCH_USER,who);
 758                 return;
 759                 }
 760
 761         cprintf("%d %s\n",LISTING_FOLLOWS,usbuf.fullname);
 762         cprintf("%ld\n",usbuf.usernum);
 763         cprintf("%s\n",usbuf.password);
 764         cprintf("%s\n",usbuf.USname);
 765         cprintf("%s\n",usbuf.USaddr);
 766         cprintf("%s\n%s\n%s\n",
 767                 usbuf.UScity,usbuf.USstate,usbuf.USzip);
 768         strcpy(pbuf,usbuf.USphone);
 769         usbuf.USphone[0]=0;
 770         for (a=0; a<strlen(pbuf); ++a) {
 771                 if ((pbuf[a]>='0')&&(pbuf[a]<='9')) {
 772                         b=strlen(usbuf.USphone);
 773                         usbuf.USphone[b]=pbuf[a];
 774                         usbuf.USphone[b+1]=0;
 775                         }
 776                 }
 777         while(strlen(usbuf.USphone)<10) {
 778                 strcpy(pbuf,usbuf.USphone);
 779                 strcpy(usbuf.USphone," ");
 780                 strcat(usbuf.USphone,pbuf);
 781                 }
 782
 783         cprintf("(%c%c%c) %c%c%c-%c%c%c%c\n",
 784                 usbuf.USphone[0],usbuf.USphone[1],
 785                 usbuf.USphone[2],usbuf.USphone[3],
 786                 usbuf.USphone[4],usbuf.USphone[5],
 787                 usbuf.USphone[6],usbuf.USphone[7],
 788                 usbuf.USphone[8],usbuf.USphone[9]);
 789
 790         cprintf("%d\n",usbuf.axlevel);
 791         cprintf("%s\n",usbuf.USemail);
 792         cprintf("000\n");
 793         }
 794
 795 /*
 796  * validate a user
 797  */
 798 void cmd_vali(char *v_args)
 799 {
 800         char user[256];
 801         int newax;
 802         struct usersupp userbuf;
 803
 804         extract(user,v_args,0);
 805         newax = extract_int(v_args,1);
 806
 807         if (!(CC->logged_in)) {
 808                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 809                 return;
 810                 }
 811
 812         if (CC->usersupp.axlevel < 6) {
 813                 cprintf("%d Higher access required.\n",
 814                         ERROR+HIGHER_ACCESS_REQUIRED);
 815                 return;
 816                 }
 817
 818         if (lgetuser(&userbuf,user)!=0) {
 819                 cprintf("%d '%s' not found.\n",ERROR+NO_SUCH_USER,user);
 820                 return;
 821                 }
 822
 823         userbuf.axlevel = newax;
 824         userbuf.flags = (userbuf.flags & ~US_NEEDVALID);
 825
 826         lputuser(&userbuf,user);
 827
 828         /* If the access level was set to zero, delete the user */
 829         if (newax == 0) {
 830                 purge_user(user);
 831                 cprintf("%d %s Deleted.\n", OK, userbuf.fullname);
 832                 return;
 833                 }
 834
 835         cprintf("%d ok\n",OK);
 836         }
 837
 838
 839
 840 /*
 841  *  List users
 842  */
 843 void cmd_list(void) {
 844         struct usersupp usbuf;
 845         struct cdbdata *cdbus;
 846
 847         cdb_rewind(CDB_USERSUPP);
 848         cprintf("%d \n",LISTING_FOLLOWS);
 849
 850         while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 851                 bzero(&usbuf, sizeof(struct usersupp));
 852                 memcpy(&usbuf, cdbus->ptr, cdbus->len);
 853                 cdb_free(cdbus);
 854
 855             if (usbuf.axlevel > 0) {
 856                 if ((CC->usersupp.axlevel>=6)
 857                    ||((usbuf.flags&US_UNLISTED)==0)
 858                    ||((CC->internal_pgm))) {
 859                         cprintf("%s|%d|%ld|%ld|%d|%d|",
 860                                 usbuf.fullname,
 861                                 usbuf.axlevel,
 862                                 usbuf.usernum,
 863                                 usbuf.lastcall,
 864                                 usbuf.timescalled,
 865                                 usbuf.posted);
 866                         if (CC->usersupp.axlevel >= 6) cprintf("%s",usbuf.password);
 867                         cprintf("\n");
 868                         }
 869                     }
 870                 }
 871         cprintf("000\n");
 872         }
 873
 874 /*
 875  * enter registration info
 876  */
 877 void cmd_regi(void) {
 878         int a,b,c;
 879         char buf[256];
 880
 881         char tmpname[256];
 882         char tmpaddr[256];
 883         char tmpcity[256];
 884         char tmpstate[256];
 885         char tmpzip[256];
 886         char tmpphone[256];
 887         char tmpemail[256];
 888
 889         if (!(CC->logged_in)) {
 890                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 891                 return;
 892                 }
 893
 894         strcpy(tmpname,"");
 895         strcpy(tmpaddr,"");
 896         strcpy(tmpcity,"");
 897         strcpy(tmpstate,"");
 898         strcpy(tmpzip,"");
 899         strcpy(tmpphone,"");
 900         strcpy(tmpemail,"");
 901
 902         cprintf("%d Send registration...\n",SEND_LISTING);
 903         a=0;
 904         while (client_gets(buf), strcmp(buf,"000")) {
 905                 if (a==0) strcpy(tmpname,buf);
 906                 if (a==1) strcpy(tmpaddr,buf);
 907                 if (a==2) strcpy(tmpcity,buf);
 908                 if (a==3) strcpy(tmpstate,buf);
 909                 if (a==4) {
 910                         for (c=0; c<strlen(buf); ++c) {
 911                                 if ((buf[c]>='0')&&(buf[c]<='9')) {
 912                                         b=strlen(tmpzip);
 913                                         tmpzip[b]=buf[c];
 914                                         tmpzip[b+1]=0;
 915                                         }
 916                                 }
 917                         }
 918                 if (a==5) {
 919                         for (c=0; c<strlen(buf); ++c) {
 920                                 if ((buf[c]>='0')&&(buf[c]<='9')) {
 921                                         b=strlen(tmpphone);
 922                                         tmpphone[b]=buf[c];
 923                                         tmpphone[b+1]=0;
 924                                         }
 925                                 }
 926                         }
 927                 if (a==6) strncpy(tmpemail,buf,31);
 928                 ++a;
 929                 }
 930
 931         tmpname[29]=0;
 932         tmpaddr[24]=0;
 933         tmpcity[14]=0;
 934         tmpstate[2]=0;
 935         tmpzip[9]=0;
 936         tmpphone[10]=0;
 937         tmpemail[31]=0;
 938
 939         lgetuser(&CC->usersupp,CC->curr_user);
 940         strcpy(CC->usersupp.USname,tmpname);
 941         strcpy(CC->usersupp.USaddr,tmpaddr);
 942         strcpy(CC->usersupp.UScity,tmpcity);
 943         strcpy(CC->usersupp.USstate,tmpstate);
 944         strcpy(CC->usersupp.USzip,tmpzip);
 945         strcpy(CC->usersupp.USphone,tmpphone);
 946         strcpy(CC->usersupp.USemail,tmpemail);
 947         CC->usersupp.flags=(CC->usersupp.flags|US_REGIS|US_NEEDVALID);
 948         lputuser(&CC->usersupp,CC->curr_user);
 949
 950         /* set global flag calling for validation */
 951         begin_critical_section(S_CONTROL);
 952         get_control();
 953         CitControl.MMflags = CitControl.MMflags | MM_VALID ;
 954         put_control();
 955         end_critical_section(S_CONTROL);
 956         cprintf("%d *** End of registration.\n",OK);
 957         }
 958
 959
 960 /*
 961  * assorted info we need to check at login
 962  */
 963 void cmd_chek(void) {
 964         int mail = 0;
 965         int regis = 0;
 966         int vali = 0;
 967         int a;
 968         struct cdbdata *cdbmb;
 969         long *mailbox;
 970         int num_mails;
 971
 972
 973         if (!(CC->logged_in)) {
 974                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 975                 return;
 976                 }
 977
 978         getuser(&CC->usersupp,CC->curr_user); /* no lock is needed here */
 979         if ((REGISCALL!=0)&&((CC->usersupp.flags&US_REGIS)==0)) regis = 1;
 980
 981         if (CC->usersupp.axlevel >= 6) {
 982                 get_control();
 983                 if (CitControl.MMflags&MM_VALID) vali = 1;
 984                 }
 985
 986
 987         /* check for mail */
 988         mail = 0;
 989         cdbmb = cdb_fetch(CDB_MAILBOXES, &CC->usersupp.usernum, sizeof(long));
 990         if (cdbmb != NULL) {
 991                 num_mails = cdbmb->len / sizeof(long);
 992                 mailbox = (long *) cdbmb->ptr;
 993                 if (num_mails > 0) for (a=0; a<num_mails; ++a) {
 994                         if (mailbox[a] > (CC->usersupp.lastseen[1])) ++mail;
 995                         }
 996                 cdb_free(cdbmb);
 997                 }
 998
 999
1000         cprintf("%d %d|%d|%d\n",OK,mail,regis,vali);
1001         }
1002
1003
1004 /*
1005  * check to see if a user exists
1006  */
1007 void cmd_qusr(char *who)
1008 {
1009         struct usersupp usbuf;
1010
1011         if (getuser(&usbuf,who) == 0) {
1012                 cprintf("%d %s\n",OK,usbuf.fullname);
1013                 }
1014         else {
1015                 cprintf("%d No such user.\n",ERROR+NO_SUCH_USER);
1016                 }
1017         }
1018
1019
1020 /*
1021  * enter user bio
1022  */
1023 void cmd_ebio(void) {
1024         char buf[256];
1025         FILE *fp;
1026
1027         if (!(CC->logged_in)) {
1028                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
1029                 return;
1030                 }
1031
1032         sprintf(buf,"./bio/%ld",CC->usersupp.usernum);
1033         fp = fopen(buf,"w");
1034         if (fp == NULL) {
1035                 cprintf("%d Cannot create file\n",ERROR);
1036                 return;
1037                 }
1038         cprintf("%d  \n",SEND_LISTING);
1039         while(client_gets(buf), strcmp(buf,"000")) {
1040                 fprintf(fp,"%s\n",buf);
1041                 }
1042         fclose(fp);
1043         }
1044
1045 /*
1046  * read user bio
1047  */
1048 void cmd_rbio(char *cmdbuf)
1049 {
1050         struct usersupp ruser;
1051         char buf[256];
1052         FILE *fp;
1053
1054         extract(buf,cmdbuf,0);
1055         if (getuser(&ruser,buf)!=0) {
1056                 cprintf("%d No such user.\n",ERROR+NO_SUCH_USER);
1057                 return;
1058                 }
1059         sprintf(buf,"./bio/%ld",ruser.usernum);
1060
1061         fp = fopen(buf,"r");
1062         if (fp == NULL) {
1063                 cprintf("%d %s has no bio on file.\n",
1064                         ERROR+FILE_NOT_FOUND,ruser.fullname);
1065                 return;
1066                 }
1067         cprintf("%d  \n",LISTING_FOLLOWS);
1068         while (fgets(buf,256,fp)!=NULL) cprintf("%s",buf);
1069         fclose(fp);
1070         cprintf("000\n");
1071         }
1072
1073 /*
1074  * list of users who have entered bios
1075  */
1076 void cmd_lbio(void) {
1077         char buf[256];
1078         FILE *ls;
1079         struct usersupp usbuf;
1080
1081         ls=popen("cd ./bio; ls","r");
1082         if (ls==NULL) {
1083                 cprintf("%d Cannot open listing.\n",ERROR+FILE_NOT_FOUND);
1084                 return;
1085                 }
1086
1087         cprintf("%d\n",LISTING_FOLLOWS);
1088         while (fgets(buf,255,ls)!=NULL)
1089                 if (getuserbynumber(&usbuf,atol(buf))==0)
1090                         cprintf("%s\n",usbuf.fullname);
1091         pclose(ls);
1092         cprintf("000\n");
1093         }