citadel/user_ops.c

   1 /* needed to properly enable crypt() stuff on some systems */
   2 #define _XOPEN_SOURCE
   3
   4 #include <stdlib.h>
   5 #include <unistd.h>
   6 #include <stdio.h>
   7 #include <fcntl.h>
   8 #include <signal.h>
   9 #include <pwd.h>
  10 #include <sys/types.h>
  11 #include <sys/time.h>
  12 #include <string.h>
  13 #include <syslog.h>
  14 #include <pthread.h>
  15 #include "citadel.h"
  16 #include "server.h"
  17 #include "proto.h"
  18
  19 extern struct config config;
  20
  21
  22 /*
  23  * hash()  -  hash table function for user lookup
  24  */
  25 int hash(char *str)
  26 {
  27         int h = 0;
  28         int i;
  29
  30         for (i=0; i<strlen(str); ++i) h=h+((i+1)*tolower(str[i]));
  31         return(h);
  32         }
  33
  34
  35 /*
  36  * getuser()  -  retrieve named user into supplied buffer.
  37  *               returns 0 on success
  38  */
  39 int getuser(struct usersupp *usbuf, char name[]) {
  40
  41         char lowercase_name[32];
  42         int a;
  43         struct cdbdata *cdbus;
  44
  45         bzero(usbuf, sizeof(struct usersupp));
  46         for (a=0; a<=strlen(name); ++a) {
  47                 lowercase_name[a] = tolower(name[a]);
  48                 }
  49
  50         cdbus = cdb_fetch(CDB_USERSUPP, lowercase_name, strlen(lowercase_name));
  51         if (cdbus == NULL) {    /* not found */
  52                 return(1);
  53                 }
  54
  55         memcpy(usbuf, cdbus->ptr, cdbus->len);
  56         cdb_free(cdbus);
  57         return(0);
  58         }
  59
  60
  61 /*
  62  * lgetuser()  -  same as getuser() but locks the record
  63  */
  64 int lgetuser(struct usersupp *usbuf, char *name)
  65 {
  66         int retcode;
  67
  68         retcode = getuser(usbuf,name);
  69         if (retcode == 0) {
  70                 begin_critical_section(S_USERSUPP);
  71                 }
  72         return(retcode);
  73         }
  74
  75
  76 /*
  77  * putuser()  -  write user buffer into the correct place on disk
  78  */
  79 void putuser(struct usersupp *usbuf, char *name)
  80 {
  81         char lowercase_name[32];
  82         int a;
  83
  84         for (a=0; a<=strlen(name); ++a) {
  85                 lowercase_name[a] = tolower(name[a]);
  86                 }
  87
  88         cdb_store(CDB_USERSUPP, lowercase_name, strlen(lowercase_name),
  89                 usbuf, sizeof(struct usersupp));
  90
  91         }
  92
  93
  94 /*
  95  * lputuser()  -  same as putuser() but locks the record
  96  */
  97 void lputuser(struct usersupp *usbuf, char *name)
  98 {
  99         putuser(usbuf,name);
 100         end_critical_section(S_USERSUPP);
 101         }
 102
 103
 104 /*
 105  * Is the user currently logged in an Aide?
 106  */
 107 int is_aide(void) {
 108         if (CC->usersupp.axlevel >= 6) return(1);
 109         else return(0);
 110         }
 111
 112
 113 /*
 114  * Is the user currently logged in an Aide *or* the room aide for this room?
 115  */
 116 int is_room_aide(void) {
 117         if ( (CC->usersupp.axlevel >= 6)
 118                 || (CC->quickroom.QRroomaide == CC->usersupp.usernum) ) return(1);
 119         else return(0);
 120         }
 121
 122 /*
 123  * getuserbynumber()  -  get user by number
 124  *                       returns 0 if user was found
 125  */
 126 int getuserbynumber(struct usersupp *usbuf, long int number)
 127 {
 128         struct cdbdata *cdbus;
 129
 130         cdb_rewind(CDB_USERSUPP);
 131
 132         while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 133                 bzero(usbuf, sizeof(struct usersupp));
 134                 memcpy(usbuf, cdbus->ptr, cdbus->len);
 135                 cdb_free(cdbus);
 136                 if (usbuf->usernum == number) {
 137                         return(0);
 138                         }
 139                 }
 140         return(-1);
 141         }
 142
 143
 144 /*
 145  * USER cmd
 146  */
 147 void cmd_user(char *cmdbuf)
 148 {
 149         char username[256];
 150         char autoname[256];
 151         int found_user = 0;
 152         struct passwd *p;
 153         int a;
 154
 155         extract(username,cmdbuf,0);
 156         username[25] = 0;
 157         strproc(username);
 158
 159         if ((CC->logged_in)) {
 160                 cprintf("%d Already logged in.\n",ERROR);
 161                 return;
 162                 }
 163
 164         found_user = getuser(&CC->usersupp,username);
 165         if (found_user != 0) {
 166                 p = (struct passwd *)getpwnam(username);
 167                 if (p!=NULL) {
 168                         strcpy(autoname,p->pw_gecos);
 169                         for (a=0; a<strlen(autoname); ++a)
 170                                 if (autoname[a]==',') autoname[a]=0;
 171                         found_user = getuser(&CC->usersupp,autoname);
 172                         }
 173                 }
 174         if (found_user == 0) {
 175                 if (((CC->nologin)) && (CC->usersupp.axlevel < 6)) {
 176                         cprintf("%d %s: Too many users are already online (maximum is %d)\n",
 177                         ERROR+MAX_SESSIONS_EXCEEDED,
 178                         config.c_nodename,config.c_maxsessions);
 179                         }
 180                 else {
 181                         strcpy(CC->curr_user,CC->usersupp.fullname);
 182                         cprintf("%d Password required for %s\n",
 183                                 MORE_DATA,CC->curr_user);
 184                         }
 185                 }
 186         else {
 187                 cprintf("%d %s not found.\n",ERROR,username);
 188                 }
 189         }
 190
 191
 192
 193 /*
 194  * session startup code which is common to both cmd_pass() and cmd_newu()
 195  */
 196 void session_startup(void) {
 197         int a;
 198         struct quickroom qr;
 199
 200         syslog(LOG_NOTICE,"user <%s> logged in",CC->curr_user);
 201         hook_user_login(CC->cs_pid, CC->curr_user);
 202         lgetuser(&CC->usersupp,CC->curr_user);
 203         ++(CC->usersupp.timescalled);
 204         CC->fake_username[0] = '\0';
 205         CC->fake_postname[0] = '\0';
 206         CC->fake_hostname[0] = '\0';
 207         CC->fake_roomname[0] = '\0';
 208         CC->last_pager[0] = '\0';
 209         time(&CC->usersupp.lastcall);
 210
 211         /* If this user's name is the name of the system administrator
 212          * (as specified in setup), automatically assign access level 6.
 213          */
 214         if (!strcasecmp(CC->usersupp.fullname, config.c_sysadm)) {
 215                 CC->usersupp.axlevel = 6;
 216                 }
 217
 218 /* A room's generation number changes each time it is recycled. Users are kept
 219  * out of private rooms or forget rooms by matching the generation numbers. To
 220  * avoid an accidental matchup, unmatched numbers are set to -1 here.
 221  */
 222         for (a=0; a<MAXROOMS; ++a) {
 223                 getroom(&qr,a);
 224                 if (CC->usersupp.generation[a] != qr.QRgen)
 225                                         CC->usersupp.generation[a]=(-1);
 226                 if (CC->usersupp.forget[a] != qr.QRgen)
 227                                         CC->usersupp.forget[a]=(-1);
 228                 }
 229
 230         lputuser(&CC->usersupp,CC->curr_user);
 231
 232         cprintf("%d %s|%d|%d|%d|%u|%ld\n",OK,CC->usersupp.fullname,CC->usersupp.axlevel,
 233                 CC->usersupp.timescalled,CC->usersupp.posted,CC->usersupp.flags,
 234                 CC->usersupp.usernum);
 235         usergoto(0,0);          /* Enter the lobby */
 236         rec_log(CL_LOGIN,CC->curr_user);
 237         }
 238
 239
 240
 241 /*
 242  * misc things to be taken care of when a user is logged out
 243  */
 244 void logout(struct CitContext *who)
 245 {
 246         who->logged_in = 0;
 247         if (who->download_fp != NULL) {
 248                 fclose(who->download_fp);
 249                 who->download_fp = NULL;
 250                 }
 251         if (who->upload_fp != NULL) {
 252                 abort_upl(who);
 253                 }
 254         }
 255
 256
 257 void cmd_pass(char *buf)
 258 {
 259         char password[256];
 260         int code;
 261         struct passwd *p;
 262
 263         extract(password,buf,0);
 264
 265         if ((CC->logged_in)) {
 266                 cprintf("%d Already logged in.\n",ERROR);
 267                 return;
 268                 }
 269         if (!strcmp(CC->curr_user,"")) {
 270                 cprintf("%d You must send a name with USER first.\n",ERROR);
 271                 return;
 272                 }
 273         if (getuser(&CC->usersupp,CC->curr_user)) {
 274                 cprintf("%d Can't find user record!\n",ERROR+INTERNAL_ERROR);
 275                 return;
 276                 }
 277
 278         code = (-1);
 279         if (CC->usersupp.USuid == BBSUID) {
 280                 strproc(password);
 281                 strproc(CC->usersupp.password);
 282                 code = strcasecmp(CC->usersupp.password,password);
 283                 }
 284         else {
 285                 p = (struct passwd *)getpwuid(CC->usersupp.USuid);
 286 #ifdef ENABLE_AUTOLOGIN
 287                 if (p!=NULL) {
 288                         if (!strcmp(p->pw_passwd,
 289                            (char *)crypt(password,p->pw_passwd))) {
 290                                 code = 0;
 291                                 lgetuser(&CC->usersupp, CC->curr_user);
 292                                 strcpy(CC->usersupp.password, password);
 293                                 lputuser(&CC->usersupp, CC->curr_user);
 294                                 }
 295                         }
 296 #endif
 297                 }
 298
 299         if (!code) {
 300                 (CC->logged_in) = 1;
 301                 session_startup();
 302                 }
 303         else {
 304                 cprintf("%d Wrong password.\n",ERROR);
 305                 rec_log(CL_BADPW,CC->curr_user);
 306                 }
 307         }
 308
 309
 310 /*
 311  * purge related files when removing or overwriting a user record
 312  */
 313 void purge_user(char *pname) {
 314         char filename[64];
 315         struct usersupp usbuf;
 316         int a;
 317         struct cdbdata *cdbmb;
 318         long *mailbox;
 319         int num_mails;
 320
 321         if (getuser(&usbuf, pname) != 0) {
 322                 lprintf(5, "Cannot purge user <%s> - not found\n", pname);
 323                 return;
 324                 }
 325
 326         /* delete any messages in the user's mailbox */
 327         cdbmb = cdb_fetch(CDB_MAILBOXES, &usbuf.usernum, sizeof(long));
 328         if (cdbmb != NULL) {
 329                 num_mails = cdbmb->len / sizeof(long);
 330                 mailbox = (long *) cdbmb->ptr;
 331                 if (num_mails > 0) for (a=0; a<num_mails; ++a) {
 332                         cdb_delete(CDB_MSGMAIN, &mailbox[a], sizeof(long));
 333                         }
 334                 cdb_free(cdbmb);
 335                 /* now delete the mailbox itself */
 336                 cdb_delete(CDB_MAILBOXES, &usbuf.usernum, sizeof(long));
 337                 }
 338
 339
 340         /* delete the userlog entry */
 341         cdb_delete(CDB_USERSUPP, pname, strlen(pname));
 342
 343         /* remove the user's bio file */
 344         sprintf(filename, "./bio/%ld", usbuf.usernum);
 345         unlink(filename);
 346
 347         /* remove the user's picture */
 348         sprintf(filename, "./userpics/%ld.gif", usbuf.usernum);
 349         unlink(filename);
 350
 351         }
 352
 353
 354 /*
 355  * create_user()  -  back end processing to create a new user
 356  */
 357 int create_user(char *newusername)
 358 {
 359         struct usersupp usbuf;
 360         int a;
 361         struct passwd *p = NULL;
 362         char username[64];
 363
 364         strcpy(username, newusername);
 365         strproc(username);
 366
 367 #ifdef ENABLE_AUTOLOGIN
 368         p = (struct passwd *)getpwnam(username);
 369 #endif
 370         if (p != NULL) {
 371                 strcpy(username, p->pw_gecos);
 372                 for (a=0; a<strlen(username); ++a) {
 373                         if (username[a] == ',') username[a] = 0;
 374                         }
 375                 CC->usersupp.USuid = p->pw_uid;
 376                 }
 377         else {
 378                 CC->usersupp.USuid = BBSUID;
 379                 }
 380
 381         if (!getuser(&usbuf,username)) {
 382                 return(ERROR+ALREADY_EXISTS);
 383                 }
 384
 385         strcpy(CC->curr_user,username);
 386         strcpy(CC->usersupp.fullname,username);
 387         (CC->logged_in) = 1;
 388
 389         for (a=0; a<MAXROOMS; ++a) {
 390                 CC->usersupp.lastseen[a]=0L;
 391                 CC->usersupp.generation[a]=(-1);
 392                 CC->usersupp.forget[a]=(-1);
 393                 }
 394         strcpy(CC->usersupp.password,"");
 395
 396         /* These are the default flags on new accounts */
 397         CC->usersupp.flags =
 398                 US_NEEDVALID|US_LASTOLD|US_DISAPPEAR|US_PAGINATOR|US_FLOORS;
 399
 400         CC->usersupp.timescalled = 0;
 401         CC->usersupp.posted = 0;
 402         CC->usersupp.axlevel = INITAX;
 403         CC->usersupp.USscreenwidth = 80;
 404         CC->usersupp.USscreenheight = 24;
 405         time(&CC->usersupp.lastcall);
 406         strcpy(CC->usersupp.USname, "");
 407         strcpy(CC->usersupp.USaddr, "");
 408         strcpy(CC->usersupp.UScity, "");
 409         strcpy(CC->usersupp.USstate, "");
 410         strcpy(CC->usersupp.USzip, "");
 411         strcpy(CC->usersupp.USphone, "");
 412
 413         /* fetch a new user number */
 414         CC->usersupp.usernum = get_new_user_number();
 415
 416         if (CC->usersupp.usernum == 1L) {
 417                 CC->usersupp.axlevel = 6;
 418                 }
 419
 420         /* add user to userlog */
 421         putuser(&CC->usersupp,CC->curr_user);
 422         if (getuser(&CC->usersupp,CC->curr_user)) {
 423                 return(ERROR+INTERNAL_ERROR);
 424                 }
 425         rec_log(CL_NEWUSER,CC->curr_user);
 426         return(0);
 427         }
 428
 429
 430
 431
 432 /*
 433  * cmd_newu()  -  create a new user account
 434  */
 435 void cmd_newu(char *cmdbuf)
 436 {
 437         int a;
 438         char username[256];
 439
 440         if ((CC->logged_in)) {
 441                 cprintf("%d Already logged in.\n",ERROR);
 442                 return;
 443                 }
 444
 445         if ((CC->nologin)) {
 446                 cprintf("%d %s: Too many users are already online (maximum is %d)\n",
 447                 ERROR+MAX_SESSIONS_EXCEEDED,
 448                 config.c_nodename,config.c_maxsessions);
 449                 }
 450
 451         extract(username,cmdbuf,0);
 452         username[25] = 0;
 453         strproc(username);
 454
 455         if (strlen(username)==0) {
 456                 cprintf("%d You must supply a user name.\n",ERROR);
 457                 return;
 458                 }
 459
 460         a = create_user(username);
 461         if ((!strcasecmp(username, "bbs")) ||
 462             (!strcasecmp(username, "new")) ||
 463             (!strcasecmp(username, ".")))
 464         {
 465            cprintf("%d '%s' is an invalid login name.\n", ERROR);
 466            return;
 467         }
 468         if (a==ERROR+ALREADY_EXISTS) {
 469                 cprintf("%d '%s' already exists.\n",
 470                         ERROR+ALREADY_EXISTS,username);
 471                 return;
 472                 }
 473         else if (a==ERROR+INTERNAL_ERROR) {
 474                 cprintf("%d Internal error - user record disappeared?\n",
 475                         ERROR+INTERNAL_ERROR);
 476                 return;
 477                 }
 478         else if (a==0) {
 479                 session_startup();
 480                 }
 481         else {
 482                 cprintf("%d unknown error\n",ERROR);
 483                 }
 484         rec_log(CL_NEWUSER,CC->curr_user);
 485         }
 486
 487
 488
 489 /*
 490  * set password
 491  */
 492 void cmd_setp(char *new_pw)
 493 {
 494         if (!(CC->logged_in)) {
 495                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 496                 return;
 497                 }
 498         if (CC->usersupp.USuid != BBSUID) {
 499                 cprintf("%d Not allowed.  Use the 'passwd' command.\n",ERROR);
 500                 return;
 501                 }
 502         strproc(new_pw);
 503         if (strlen(new_pw)==0) {
 504                 cprintf("%d Password unchanged.\n",OK);
 505                 return;
 506                 }
 507         lgetuser(&CC->usersupp,CC->curr_user);
 508         strcpy(CC->usersupp.password,new_pw);
 509         lputuser(&CC->usersupp,CC->curr_user);
 510         cprintf("%d Password changed.\n",OK);
 511         rec_log(CL_PWCHANGE,CC->curr_user);
 512         }
 513
 514 /*
 515  * get user parameters
 516  */
 517 void cmd_getu(void) {
 518         if (!(CC->logged_in)) {
 519                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 520                 return;
 521                 }
 522         getuser(&CC->usersupp,CC->curr_user);
 523         cprintf("%d %d|%d|%d\n",OK,CC->usersupp.USscreenwidth,
 524                 CC->usersupp.USscreenheight,(CC->usersupp.flags & US_USER_SET));
 525         }
 526
 527 /*
 528  * set user parameters
 529  */
 530 void cmd_setu(char *new_parms)
 531 {
 532
 533         if (num_parms(new_parms)!=3) {
 534                 cprintf("%d Usage error.\n",ERROR);
 535                 return;
 536                 }
 537         if (!(CC->logged_in)) {
 538                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 539                 return;
 540                 }
 541         lgetuser(&CC->usersupp,CC->curr_user);
 542         CC->usersupp.USscreenwidth = extract_int(new_parms,0);
 543         CC->usersupp.USscreenheight = extract_int(new_parms,1);
 544         CC->usersupp.flags = CC->usersupp.flags & (~US_USER_SET);
 545         CC->usersupp.flags = CC->usersupp.flags |
 546                 (extract_int(new_parms,2) & US_USER_SET);
 547         lputuser(&CC->usersupp,CC->curr_user);
 548         cprintf("%d Ok\n",OK);
 549         }
 550
 551 /*
 552  * set last read pointer
 553  */
 554 void cmd_slrp(char *new_ptr)
 555 {
 556         long newlr;
 557
 558         if (!(CC->logged_in)) {
 559                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 560                 return;
 561                 }
 562
 563         if (CC->curr_rm < 0) {
 564                 cprintf("%d No current room.\n",ERROR);
 565                 return;
 566                 }
 567
 568         if (!strncasecmp(new_ptr,"highest",7)) {
 569                 newlr = CC->quickroom.QRhighest;
 570                 }
 571         else {
 572                 newlr = atol(new_ptr);
 573                 }
 574
 575         lgetuser(&CC->usersupp, CC->curr_user);
 576         CC->usersupp.lastseen[CC->curr_rm] = newlr;
 577         lputuser(&CC->usersupp, CC->curr_user);
 578         cprintf("%d %ld\n",OK,newlr);
 579         }
 580
 581
 582 /*
 583  * INVT and KICK commands
 584  */
 585 void cmd_invt_kick(char *iuser, int op)
 586                         /* user name */
 587         {               /* 1 = invite, 0 = kick out */
 588         struct usersupp USscratch;
 589         char bbb[256];
 590
 591         if (!(CC->logged_in)) {
 592                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 593                 return;
 594                 }
 595
 596         if (CC->curr_rm < 0) {
 597                 cprintf("%d No current room.\n",ERROR);
 598                 return;
 599                 }
 600
 601         if (is_room_aide()==0) {
 602                 cprintf("%d Higher access required.\n",
 603                         ERROR+HIGHER_ACCESS_REQUIRED);
 604                 return;
 605                 }
 606
 607         if ( (op==1) && ((CC->quickroom.QRflags&QR_PRIVATE)==0) ) {
 608                 cprintf("%d Not a private room.\n",ERROR+NOT_HERE);
 609                 return;
 610                 }
 611
 612         if (lgetuser(&USscratch,iuser)!=0) {
 613                 cprintf("%d No such user.\n",ERROR);
 614                 return;
 615                 }
 616
 617         if (op==1) {
 618                 USscratch.generation[CC->curr_rm]=CC->quickroom.QRgen;
 619                 USscratch.forget[CC->curr_rm]=(-1);
 620                 }
 621
 622         if (op==0) {
 623                 USscratch.generation[CC->curr_rm]=(-1);
 624                 USscratch.forget[CC->curr_rm]=CC->quickroom.QRgen;
 625                 }
 626
 627         lputuser(&USscratch,iuser);
 628
 629         /* post a message in Aide> saying what we just did */
 630         sprintf(bbb,"%s %s %s> by %s",
 631                 iuser,
 632                 ((op == 1) ? "invited to" : "kicked out of"),
 633                 CC->quickroom.QRname,
 634                 CC->usersupp.fullname);
 635         aide_message(bbb);
 636
 637         if ((op==0)&&((CC->quickroom.QRflags&QR_PRIVATE)==0)) {
 638                 cprintf("%d Ok. (Not a private room, <Z>ap effect only)\n",OK);
 639                 }
 640         else {
 641                 cprintf("%d Ok.\n",OK);
 642                 }
 643         return;
 644         }
 645
 646
 647 /*
 648  * forget (Zap) the current room
 649  */
 650 void cmd_forg(void) {
 651         if (!(CC->logged_in)) {
 652                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 653                 return;
 654                 }
 655
 656         if (CC->curr_rm < 0) {
 657                 cprintf("%d No current room.\n",ERROR);
 658                 return;
 659                 }
 660
 661         if (CC->curr_rm < 3) {
 662                 cprintf("%d You cannot forget this room.\n",ERROR+NOT_HERE);
 663                 return;
 664                 }
 665
 666         if (is_aide()) {
 667                 cprintf("%d Aides cannot forget rooms.\n",ERROR);
 668                 return;
 669                 }
 670
 671         lgetuser(&CC->usersupp,CC->curr_user);
 672         CC->usersupp.forget[CC->curr_rm] = CC->quickroom.QRgen;
 673         CC->usersupp.generation[CC->curr_rm] = (-1);
 674         lputuser(&CC->usersupp,CC->curr_user);
 675         cprintf("%d Ok\n",OK);
 676         CC->curr_rm = (-1);
 677         }
 678
 679 /*
 680  * Get Next Unregistered User
 681  */
 682 void cmd_gnur(void) {
 683         struct cdbdata *cdbus;
 684         struct usersupp usbuf;
 685
 686         if (!(CC->logged_in)) {
 687                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 688                 return;
 689                 }
 690
 691         if (CC->usersupp.axlevel < 6) {
 692                 cprintf("%d Higher access required.\n",
 693                         ERROR+HIGHER_ACCESS_REQUIRED);
 694                 return;
 695                 }
 696
 697         if ((CitControl.MMflags&MM_VALID)==0) {
 698                 cprintf("%d There are no unvalidated users.\n",OK);
 699                 return;
 700                 }
 701
 702         /* There are unvalidated users.  Traverse the usersupp database,
 703          * and return the first user we find that needs validation.
 704          */
 705         cdb_rewind(CDB_USERSUPP);
 706         while (cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 707                 bzero(&usbuf, sizeof(struct usersupp));
 708                 memcpy(&usbuf, cdbus->ptr, cdbus->len);
 709                 cdb_free(cdbus);
 710                 if ((usbuf.flags & US_NEEDVALID)
 711                    &&(usbuf.axlevel > 0)) {
 712                         cprintf("%d %s\n",MORE_DATA,usbuf.fullname);
 713                         return;
 714                         }
 715                 }
 716
 717         /* If we get to this point, there are no more unvalidated users.
 718          * Therefore we clear the "users need validation" flag.
 719          */
 720
 721         begin_critical_section(S_CONTROL);
 722         get_control();
 723         CitControl.MMflags = CitControl.MMflags&(~MM_VALID);
 724         put_control();
 725         end_critical_section(S_CONTROL);
 726         cprintf("%d *** End of registration.\n",OK);
 727
 728
 729         }
 730
 731
 732 /*
 733  * get registration info for a user
 734  */
 735 void cmd_greg(char *who)
 736 {
 737         struct usersupp usbuf;
 738         int a,b;
 739         char pbuf[32];
 740
 741         if (!(CC->logged_in)) {
 742                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 743                 return;
 744                 }
 745
 746         if (!strcasecmp(who,"_SELF_")) strcpy(who,CC->curr_user);
 747
 748         if ((CC->usersupp.axlevel < 6) && (strcasecmp(who,CC->curr_user))) {
 749                 cprintf("%d Higher access required.\n",
 750                         ERROR+HIGHER_ACCESS_REQUIRED);
 751                 return;
 752                 }
 753
 754         if (getuser(&usbuf,who) != 0) {
 755                 cprintf("%d '%s' not found.\n",ERROR+NO_SUCH_USER,who);
 756                 return;
 757                 }
 758
 759         cprintf("%d %s\n",LISTING_FOLLOWS,usbuf.fullname);
 760         cprintf("%ld\n",usbuf.usernum);
 761         cprintf("%s\n",usbuf.password);
 762         cprintf("%s\n",usbuf.USname);
 763         cprintf("%s\n",usbuf.USaddr);
 764         cprintf("%s\n%s\n%s\n",
 765                 usbuf.UScity,usbuf.USstate,usbuf.USzip);
 766         strcpy(pbuf,usbuf.USphone);
 767         usbuf.USphone[0]=0;
 768         for (a=0; a<strlen(pbuf); ++a) {
 769                 if ((pbuf[a]>='0')&&(pbuf[a]<='9')) {
 770                         b=strlen(usbuf.USphone);
 771                         usbuf.USphone[b]=pbuf[a];
 772                         usbuf.USphone[b+1]=0;
 773                         }
 774                 }
 775         while(strlen(usbuf.USphone)<10) {
 776                 strcpy(pbuf,usbuf.USphone);
 777                 strcpy(usbuf.USphone," ");
 778                 strcat(usbuf.USphone,pbuf);
 779                 }
 780
 781         cprintf("(%c%c%c) %c%c%c-%c%c%c%c\n",
 782                 usbuf.USphone[0],usbuf.USphone[1],
 783                 usbuf.USphone[2],usbuf.USphone[3],
 784                 usbuf.USphone[4],usbuf.USphone[5],
 785                 usbuf.USphone[6],usbuf.USphone[7],
 786                 usbuf.USphone[8],usbuf.USphone[9]);
 787
 788         cprintf("%d\n",usbuf.axlevel);
 789         cprintf("%s\n",usbuf.USemail);
 790         cprintf("000\n");
 791         }
 792
 793 /*
 794  * validate a user
 795  */
 796 void cmd_vali(char *v_args)
 797 {
 798         char user[256];
 799         int newax;
 800         struct usersupp userbuf;
 801
 802         extract(user,v_args,0);
 803         newax = extract_int(v_args,1);
 804
 805         if (!(CC->logged_in)) {
 806                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 807                 return;
 808                 }
 809
 810         if (CC->usersupp.axlevel < 6) {
 811                 cprintf("%d Higher access required.\n",
 812                         ERROR+HIGHER_ACCESS_REQUIRED);
 813                 return;
 814                 }
 815
 816         if (lgetuser(&userbuf,user)!=0) {
 817                 cprintf("%d '%s' not found.\n",ERROR+NO_SUCH_USER,user);
 818                 return;
 819                 }
 820
 821         userbuf.axlevel = newax;
 822         userbuf.flags = (userbuf.flags & ~US_NEEDVALID);
 823
 824         lputuser(&userbuf,user);
 825
 826         /* If the access level was set to zero, delete the user */
 827         if (newax == 0) {
 828                 purge_user(user);
 829                 cprintf("%d %s Deleted.\n", OK, userbuf.fullname);
 830                 return;
 831                 }
 832
 833         cprintf("%d ok\n",OK);
 834         }
 835
 836
 837
 838 /*
 839  *  List users
 840  */
 841 void cmd_list(void) {
 842         struct usersupp usbuf;
 843         struct cdbdata *cdbus;
 844
 845         cdb_rewind(CDB_USERSUPP);
 846         cprintf("%d \n",LISTING_FOLLOWS);
 847
 848         while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 849                 bzero(&usbuf, sizeof(struct usersupp));
 850                 memcpy(&usbuf, cdbus->ptr, cdbus->len);
 851                 cdb_free(cdbus);
 852
 853             if (usbuf.axlevel > 0) {
 854                 if ((CC->usersupp.axlevel>=6)
 855                    ||((usbuf.flags&US_UNLISTED)==0)
 856                    ||((CC->internal_pgm))) {
 857                         cprintf("%s|%d|%ld|%ld|%d|%d|",
 858                                 usbuf.fullname,
 859                                 usbuf.axlevel,
 860                                 usbuf.usernum,
 861                                 usbuf.lastcall,
 862                                 usbuf.timescalled,
 863                                 usbuf.posted);
 864                         if (CC->usersupp.axlevel >= 6) cprintf("%s",usbuf.password);
 865                         cprintf("\n");
 866                         }
 867                     }
 868                 }
 869         cprintf("000\n");
 870         }
 871
 872 /*
 873  * enter registration info
 874  */
 875 void cmd_regi(void) {
 876         int a,b,c;
 877         char buf[256];
 878
 879         char tmpname[256];
 880         char tmpaddr[256];
 881         char tmpcity[256];
 882         char tmpstate[256];
 883         char tmpzip[256];
 884         char tmpphone[256];
 885         char tmpemail[256];
 886
 887         if (!(CC->logged_in)) {
 888                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 889                 return;
 890                 }
 891
 892         strcpy(tmpname,"");
 893         strcpy(tmpaddr,"");
 894         strcpy(tmpcity,"");
 895         strcpy(tmpstate,"");
 896         strcpy(tmpzip,"");
 897         strcpy(tmpphone,"");
 898         strcpy(tmpemail,"");
 899
 900         cprintf("%d Send registration...\n",SEND_LISTING);
 901         a=0;
 902         while (client_gets(buf), strcmp(buf,"000")) {
 903                 if (a==0) strcpy(tmpname,buf);
 904                 if (a==1) strcpy(tmpaddr,buf);
 905                 if (a==2) strcpy(tmpcity,buf);
 906                 if (a==3) strcpy(tmpstate,buf);
 907                 if (a==4) {
 908                         for (c=0; c<strlen(buf); ++c) {
 909                                 if ((buf[c]>='0')&&(buf[c]<='9')) {
 910                                         b=strlen(tmpzip);
 911                                         tmpzip[b]=buf[c];
 912                                         tmpzip[b+1]=0;
 913                                         }
 914                                 }
 915                         }
 916                 if (a==5) {
 917                         for (c=0; c<strlen(buf); ++c) {
 918                                 if ((buf[c]>='0')&&(buf[c]<='9')) {
 919                                         b=strlen(tmpphone);
 920                                         tmpphone[b]=buf[c];
 921                                         tmpphone[b+1]=0;
 922                                         }
 923                                 }
 924                         }
 925                 if (a==6) strncpy(tmpemail,buf,31);
 926                 ++a;
 927                 }
 928
 929         tmpname[29]=0;
 930         tmpaddr[24]=0;
 931         tmpcity[14]=0;
 932         tmpstate[2]=0;
 933         tmpzip[9]=0;
 934         tmpphone[10]=0;
 935         tmpemail[31]=0;
 936
 937         lgetuser(&CC->usersupp,CC->curr_user);
 938         strcpy(CC->usersupp.USname,tmpname);
 939         strcpy(CC->usersupp.USaddr,tmpaddr);
 940         strcpy(CC->usersupp.UScity,tmpcity);
 941         strcpy(CC->usersupp.USstate,tmpstate);
 942         strcpy(CC->usersupp.USzip,tmpzip);
 943         strcpy(CC->usersupp.USphone,tmpphone);
 944         strcpy(CC->usersupp.USemail,tmpemail);
 945         CC->usersupp.flags=(CC->usersupp.flags|US_REGIS|US_NEEDVALID);
 946         lputuser(&CC->usersupp,CC->curr_user);
 947
 948         /* set global flag calling for validation */
 949         begin_critical_section(S_CONTROL);
 950         get_control();
 951         CitControl.MMflags = CitControl.MMflags | MM_VALID ;
 952         put_control();
 953         end_critical_section(S_CONTROL);
 954         cprintf("%d *** End of registration.\n",OK);
 955         }
 956
 957
 958 /*
 959  * assorted info we need to check at login
 960  */
 961 void cmd_chek(void) {
 962         int mail = 0;
 963         int regis = 0;
 964         int vali = 0;
 965         int a;
 966         struct cdbdata *cdbmb;
 967         long *mailbox;
 968         int num_mails;
 969
 970
 971         if (!(CC->logged_in)) {
 972                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 973                 return;
 974                 }
 975
 976         getuser(&CC->usersupp,CC->curr_user); /* no lock is needed here */
 977         if ((REGISCALL!=0)&&((CC->usersupp.flags&US_REGIS)==0)) regis = 1;
 978
 979         if (CC->usersupp.axlevel >= 6) {
 980                 get_control();
 981                 if (CitControl.MMflags&MM_VALID) vali = 1;
 982                 }
 983
 984
 985         /* check for mail */
 986         mail = 0;
 987         cdbmb = cdb_fetch(CDB_MAILBOXES, &CC->usersupp.usernum, sizeof(long));
 988         if (cdbmb != NULL) {
 989                 num_mails = cdbmb->len / sizeof(long);
 990                 mailbox = (long *) cdbmb->ptr;
 991                 if (num_mails > 0) for (a=0; a<num_mails; ++a) {
 992                         if (mailbox[a] > (CC->usersupp.lastseen[1])) ++mail;
 993                         }
 994                 cdb_free(cdbmb);
 995                 }
 996
 997
 998         cprintf("%d %d|%d|%d\n",OK,mail,regis,vali);
 999         }
1000
1001
1002 /*
1003  * check to see if a user exists
1004  */
1005 void cmd_qusr(char *who)
1006 {
1007         struct usersupp usbuf;
1008
1009         if (getuser(&usbuf,who) == 0) {
1010                 cprintf("%d %s\n",OK,usbuf.fullname);
1011                 }
1012         else {
1013                 cprintf("%d No such user.\n",ERROR+NO_SUCH_USER);
1014                 }
1015         }
1016
1017
1018 /*
1019  * enter user bio
1020  */
1021 void cmd_ebio(void) {
1022         char buf[256];
1023         FILE *fp;
1024
1025         if (!(CC->logged_in)) {
1026                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
1027                 return;
1028                 }
1029
1030         sprintf(buf,"./bio/%ld",CC->usersupp.usernum);
1031         fp = fopen(buf,"w");
1032         if (fp == NULL) {
1033                 cprintf("%d Cannot create file\n",ERROR);
1034                 return;
1035                 }
1036         cprintf("%d  \n",SEND_LISTING);
1037         while(client_gets(buf), strcmp(buf,"000")) {
1038                 fprintf(fp,"%s\n",buf);
1039                 }
1040         fclose(fp);
1041         }
1042
1043 /*
1044  * read user bio
1045  */
1046 void cmd_rbio(char *cmdbuf)
1047 {
1048         struct usersupp ruser;
1049         char buf[256];
1050         FILE *fp;
1051
1052         extract(buf,cmdbuf,0);
1053         if (getuser(&ruser,buf)!=0) {
1054                 cprintf("%d No such user.\n",ERROR+NO_SUCH_USER);
1055                 return;
1056                 }
1057         sprintf(buf,"./bio/%ld",ruser.usernum);
1058
1059         fp = fopen(buf,"r");
1060         if (fp == NULL) {
1061                 cprintf("%d %s has no bio on file.\n",
1062                         ERROR+FILE_NOT_FOUND,ruser.fullname);
1063                 return;
1064                 }
1065         cprintf("%d  \n",LISTING_FOLLOWS);
1066         while (fgets(buf,256,fp)!=NULL) cprintf("%s",buf);
1067         fclose(fp);
1068         cprintf("000\n");
1069         }
1070
1071 /*
1072  * list of users who have entered bios
1073  */
1074 void cmd_lbio(void) {
1075         char buf[256];
1076         FILE *ls;
1077         struct usersupp usbuf;
1078
1079         ls=popen("cd ./bio; ls","r");
1080         if (ls==NULL) {
1081                 cprintf("%d Cannot open listing.\n",ERROR+FILE_NOT_FOUND);
1082                 return;
1083                 }
1084
1085         cprintf("%d\n",LISTING_FOLLOWS);
1086         while (fgets(buf,255,ls)!=NULL)
1087                 if (getuserbynumber(&usbuf,atol(buf))==0)
1088                         cprintf("%s\n",usbuf.fullname);
1089         pclose(ls);
1090         cprintf("000\n");
1091         }