citadel/user_ops.c

   1 /* needed to properly enable crypt() stuff on some systems */
   2 #define _XOPEN_SOURCE
   3 /* needed for str[n]casecmp() on some systems if the above is defined */
   4 #define _XOPEN_SOURCE_EXTENDED
   5
   6 #include <stdlib.h>
   7 #include <unistd.h>
   8 #include <stdio.h>
   9 #include <fcntl.h>
  10 #include <signal.h>
  11 #include <pwd.h>
  12 #include <sys/types.h>
  13 #include <sys/time.h>
  14 #include <string.h>
  15 #include <syslog.h>
  16 #include <pthread.h>
  17 #include "citadel.h"
  18 #include "server.h"
  19 #include "database.h"
  20 #include "user_ops.h"
  21 #include "sysdep_decls.h"
  22 #include "support.h"
  23 #include "room_ops.h"
  24 #include "logging.h"
  25 #include "file_ops.h"
  26 #include "control.h"
  27 #include "msgbase.h"
  28 #include "config.h"
  29 #include "dynloader.h"
  30
  31
  32 /*
  33  * getuser()  -  retrieve named user into supplied buffer.
  34  *               returns 0 on success
  35  */
  36 int getuser(struct usersupp *usbuf, char name[]) {
  37
  38         char lowercase_name[32];
  39         int a;
  40         struct cdbdata *cdbus;
  41
  42         bzero(usbuf, sizeof(struct usersupp));
  43         for (a=0; a<=strlen(name); ++a) {
  44                 lowercase_name[a] = tolower(name[a]);
  45                 }
  46
  47         cdbus = cdb_fetch(CDB_USERSUPP, lowercase_name, strlen(lowercase_name));
  48         if (cdbus == NULL) {
  49                 return(1);      /* user not found */
  50                 }
  51
  52         memcpy(usbuf, cdbus->ptr,
  53                 ( (cdbus->len > sizeof(struct usersupp)) ?
  54                 sizeof(struct usersupp) : cdbus->len) );
  55         cdb_free(cdbus);
  56         return(0);
  57         }
  58
  59
  60 /*
  61  * lgetuser()  -  same as getuser() but locks the record
  62  */
  63 int lgetuser(struct usersupp *usbuf, char *name)
  64 {
  65         int retcode;
  66
  67         retcode = getuser(usbuf,name);
  68         if (retcode == 0) {
  69                 begin_critical_section(S_USERSUPP);
  70                 }
  71         return(retcode);
  72         }
  73
  74
  75 /*
  76  * putuser()  -  write user buffer into the correct place on disk
  77  */
  78 void putuser(struct usersupp *usbuf, char *name)
  79 {
  80         char lowercase_name[32];
  81         int a;
  82
  83         for (a=0; a<=strlen(name); ++a) {
  84                 lowercase_name[a] = tolower(name[a]);
  85                 }
  86
  87         cdb_store(CDB_USERSUPP,
  88                 lowercase_name, strlen(lowercase_name),
  89                 usbuf, sizeof(struct usersupp));
  90
  91         }
  92
  93
  94 /*
  95  * lputuser()  -  same as putuser() but locks the record
  96  */
  97 void lputuser(struct usersupp *usbuf, char *name) {
  98         putuser(usbuf,name);
  99         end_critical_section(S_USERSUPP);
 100         }
 101
 102
 103 /*
 104  * Define a relationship between a user and a room
 105  */
 106 void CtdlSetRelationship(struct visit *newvisit,
 107                         struct usersupp *rel_user,
 108                         struct quickroom *rel_room) {
 109
 110         struct cdbdata *cdbvisit;
 111         struct visit *visits;
 112         int num_visits;
 113         int a;
 114         int replaced = 0;
 115
 116         cdbvisit = cdb_fetch(CDB_VISIT, &rel_user->usernum, sizeof(long));
 117         if (cdbvisit != NULL) {
 118                 num_visits = cdbvisit->len / sizeof(struct visit);
 119                 visits = (struct visit *)
 120                         malloc(num_visits * sizeof(struct visit));
 121                 memcpy(visits, cdbvisit->ptr,
 122                         (num_visits * sizeof(struct visit)));
 123                 cdb_free(cdbvisit);
 124                 }
 125         else {
 126                 num_visits = 0;
 127                 visits = NULL;
 128                 }
 129
 130         /* Replace an existing relationship if possible */
 131         if (num_visits > 0) for (a=0; a<num_visits; ++a) {
 132                 if ( (!strcasecmp(visits[a].v_roomname, rel_room->QRname))
 133                    && (visits[a].v_generation == rel_room->QRgen) ) {
 134                         memcpy(&visits[a], newvisit, sizeof(struct visit));
 135                         replaced = 1;
 136                         }
 137                 }
 138
 139         /* Otherwise, define a new one */
 140         if (replaced == 0) {
 141                 ++num_visits;
 142                 visits = realloc(visits,
 143                         (num_visits * sizeof(struct visit)));
 144                 memcpy(&visits[num_visits-1], newvisit, sizeof(struct visit));
 145                 }
 146
 147         /* Now write the relationship back to disk */
 148         cdb_store(CDB_VISIT,
 149                 &rel_user->usernum, sizeof(long),
 150                 visits,
 151                 (num_visits * sizeof(struct visit)));
 152         free(visits);
 153         }
 154
 155 /*
 156  * Locate a relationship between a user and a room
 157  */
 158 void CtdlGetRelationship(struct visit *vbuf,
 159                         struct usersupp *rel_user,
 160                         struct quickroom *rel_room) {
 161
 162         struct cdbdata *cdbvisit;
 163         struct visit *visits;
 164         int num_visits = 0;
 165         int a;
 166
 167         bzero(vbuf, sizeof(struct visit));
 168         strcpy(vbuf->v_roomname, rel_room->QRname);
 169         vbuf->v_generation = rel_room->QRgen;
 170
 171         cdbvisit = cdb_fetch(CDB_VISIT, &rel_user->usernum, sizeof(long));
 172         if (cdbvisit != NULL) {
 173                 num_visits = cdbvisit->len / sizeof(struct visit);
 174                 visits = (struct visit *)
 175                         malloc(num_visits * sizeof(struct visit));
 176                 memcpy(visits, cdbvisit->ptr,
 177                         (num_visits * sizeof(struct visit)));
 178                 cdb_free(cdbvisit);
 179                 }
 180
 181         if (num_visits == 0) return;
 182
 183         for (a=0; a<num_visits; ++a) {
 184
 185                 if ( (!strcasecmp(visits[a].v_roomname, rel_room->QRname))
 186                    && (visits[a].v_generation == rel_room->QRgen) ) {
 187                         memcpy(vbuf, &visits[a], sizeof(struct visit));
 188                         }
 189                 }
 190
 191         free(visits);
 192         }
 193
 194
 195 /*
 196  * Is the user currently logged in an Aide?
 197  */
 198 int is_aide(void) {
 199         if (CC->usersupp.axlevel >= 6) return(1);
 200         else return(0);
 201         }
 202
 203
 204 /*
 205  * Is the user currently logged in an Aide *or* the room aide for this room?
 206  */
 207 int is_room_aide(void) {
 208         if ( (CC->usersupp.axlevel >= 6)
 209            || (CC->quickroom.QRroomaide == CC->usersupp.usernum) ) {
 210                 return(1);
 211                 }
 212         else {
 213                 return(0);
 214                 }
 215         }
 216
 217 /*
 218  * getuserbynumber()  -  get user by number
 219  *                       returns 0 if user was found
 220  */
 221 int getuserbynumber(struct usersupp *usbuf, long int number)
 222 {
 223         struct cdbdata *cdbus;
 224
 225         cdb_rewind(CDB_USERSUPP);
 226
 227         while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 228                 bzero(usbuf, sizeof(struct usersupp));
 229                 memcpy(usbuf, cdbus->ptr,
 230                         ( (cdbus->len > sizeof(struct usersupp)) ?
 231                         sizeof(struct usersupp) : cdbus->len) );
 232                 cdb_free(cdbus);
 233                 if (usbuf->usernum == number) {
 234                         return(0);
 235                         }
 236                 }
 237         return(-1);
 238         }
 239
 240
 241 /*
 242  * USER cmd
 243  */
 244 void cmd_user(char *cmdbuf)
 245 {
 246         char username[256];
 247         char autoname[256];
 248         int found_user = 0;
 249         struct passwd *p;
 250         int a;
 251
 252         extract(username,cmdbuf,0);
 253         username[25] = 0;
 254         strproc(username);
 255
 256         if ((CC->logged_in)) {
 257                 cprintf("%d Already logged in.\n",ERROR);
 258                 return;
 259                 }
 260
 261         found_user = getuser(&CC->usersupp,username);
 262         if (found_user != 0) {
 263                 p = (struct passwd *)getpwnam(username);
 264                 if (p!=NULL) {
 265                         strcpy(autoname,p->pw_gecos);
 266                         for (a=0; a<strlen(autoname); ++a)
 267                                 if (autoname[a]==',') autoname[a]=0;
 268                         found_user = getuser(&CC->usersupp,autoname);
 269                         }
 270                 }
 271         if (found_user == 0) {
 272                 if (((CC->nologin)) && (CC->usersupp.axlevel < 6)) {
 273                         cprintf("%d %s: Too many users are already online (maximum is %d)\n",
 274                         ERROR+MAX_SESSIONS_EXCEEDED,
 275                         config.c_nodename,config.c_maxsessions);
 276                         }
 277                 else {
 278                         strcpy(CC->curr_user,CC->usersupp.fullname);
 279                         cprintf("%d Password required for %s\n",
 280                                 MORE_DATA,CC->curr_user);
 281                         }
 282                 }
 283         else {
 284                 cprintf("%d %s not found.\n",ERROR,username);
 285                 }
 286         }
 287
 288
 289
 290 /*
 291  * session startup code which is common to both cmd_pass() and cmd_newu()
 292  */
 293 void session_startup(void) {
 294         int a;
 295         struct quickroom qr;
 296
 297         syslog(LOG_NOTICE,"user <%s> logged in",CC->curr_user);
 298
 299         lgetuser(&CC->usersupp,CC->curr_user);
 300         ++(CC->usersupp.timescalled);
 301         CC->fake_username[0] = '\0';
 302         CC->fake_postname[0] = '\0';
 303         CC->fake_hostname[0] = '\0';
 304         CC->fake_roomname[0] = '\0';
 305         CC->last_pager[0] = '\0';
 306         time(&CC->usersupp.lastcall);
 307
 308         /* If this user's name is the name of the system administrator
 309          * (as specified in setup), automatically assign access level 6.
 310          */
 311         if (!strcasecmp(CC->usersupp.fullname, config.c_sysadm)) {
 312                 CC->usersupp.axlevel = 6;
 313                 }
 314
 315  /******************************************************************************/
 316  /* FIX  It is safe to remove this segment during the cutover                  */
 317         for (a=0; a<MAXROOMS; ++a) {
 318                 getroom(&qr,a);
 319                 if (CC->usersupp.generation[a] != qr.QRgen)
 320                                         CC->usersupp.generation[a]=(-1);
 321                 if (CC->usersupp.forget[a] != qr.QRgen)
 322                                         CC->usersupp.forget[a]=(-1);
 323                 }
 324  /******************************************************************************/
 325
 326         lputuser(&CC->usersupp,CC->curr_user);
 327
 328         /* Run any cleanup routines registered by loadable modules */
 329         PerformSessionHooks(EVT_LOGIN);
 330
 331         cprintf("%d %s|%d|%d|%d|%u|%ld\n",OK,CC->usersupp.fullname,CC->usersupp.axlevel,
 332                 CC->usersupp.timescalled,CC->usersupp.posted,CC->usersupp.flags,
 333                 CC->usersupp.usernum);
 334         usergoto(0,0);          /* Enter the lobby */
 335         rec_log(CL_LOGIN,CC->curr_user);
 336         }
 337
 338
 339 /*
 340  * misc things to be taken care of when a user is logged out
 341  */
 342 void logout(struct CitContext *who)
 343 {
 344         who->logged_in = 0;
 345         if (who->download_fp != NULL) {
 346                 fclose(who->download_fp);
 347                 who->download_fp = NULL;
 348                 }
 349         if (who->upload_fp != NULL) {
 350                 abort_upl(who);
 351                 }
 352
 353         /* Do modular stuff... */
 354         PerformSessionHooks(EVT_LOGOUT);
 355         }
 356
 357
 358 void cmd_pass(char *buf)
 359 {
 360         char password[256];
 361         int code;
 362         struct passwd *p;
 363
 364         extract(password,buf,0);
 365
 366         if ((CC->logged_in)) {
 367                 cprintf("%d Already logged in.\n",ERROR);
 368                 return;
 369                 }
 370         if (!strcmp(CC->curr_user,"")) {
 371                 cprintf("%d You must send a name with USER first.\n",ERROR);
 372                 return;
 373                 }
 374         if (getuser(&CC->usersupp,CC->curr_user)) {
 375                 cprintf("%d Can't find user record!\n",ERROR+INTERNAL_ERROR);
 376                 return;
 377                 }
 378
 379         code = (-1);
 380         if (CC->usersupp.USuid == BBSUID) {
 381                 strproc(password);
 382                 strproc(CC->usersupp.password);
 383                 code = strcasecmp(CC->usersupp.password,password);
 384                 }
 385         else {
 386                 p = (struct passwd *)getpwuid(CC->usersupp.USuid);
 387 #ifdef ENABLE_AUTOLOGIN
 388                 if (p!=NULL) {
 389                         if (!strcmp(p->pw_passwd,
 390                            (char *)crypt(password,p->pw_passwd))) {
 391                                 code = 0;
 392                                 lgetuser(&CC->usersupp, CC->curr_user);
 393                                 strcpy(CC->usersupp.password, password);
 394                                 lputuser(&CC->usersupp, CC->curr_user);
 395                                 }
 396                         }
 397 #endif
 398                 }
 399
 400         if (!code) {
 401                 (CC->logged_in) = 1;
 402                 session_startup();
 403                 }
 404         else {
 405                 cprintf("%d Wrong password.\n",ERROR);
 406                 rec_log(CL_BADPW,CC->curr_user);
 407                 }
 408         }
 409
 410
 411 /*
 412  * Delete a user record *and* all of its related resources.
 413  */
 414 int purge_user(char *pname) {
 415         char filename[64];
 416         struct usersupp usbuf;
 417         int a;
 418         struct cdbdata *cdbmb;
 419         long *mailbox;
 420         int num_mails;
 421
 422         if (getuser(&usbuf, pname) != 0) {
 423                 lprintf(5, "Cannot purge user <%s> - not found\n", pname);
 424                 return(ERROR+NO_SUCH_USER);
 425                 }
 426
 427         /* FIX   Don't delete a user who is currently logged in. */
 428
 429         /* Perform any purge functions registered by server extensions */
 430         PerformUserHooks(usbuf.fullname, usbuf.usernum, EVT_PURGEUSER);
 431
 432         /* delete any messages in the user's mailbox */
 433         cdbmb = cdb_fetch(CDB_MAILBOXES, &usbuf.usernum, sizeof(long));
 434         if (cdbmb != NULL) {
 435                 num_mails = cdbmb->len / sizeof(long);
 436                 mailbox = (long *) cdbmb->ptr;
 437                 if (num_mails > 0) for (a=0; a<num_mails; ++a) {
 438                         cdb_delete(CDB_MSGMAIN, &mailbox[a], sizeof(long));
 439                         }
 440                 cdb_free(cdbmb);
 441                 /* now delete the mailbox itself */
 442                 cdb_delete(CDB_MAILBOXES, &usbuf.usernum, sizeof(long));
 443                 }
 444
 445         /* delete any existing user/room relationships */
 446         cdb_delete(CDB_VISIT, &usbuf.usernum, sizeof(long));
 447
 448         /* delete the userlog entry */
 449         cdb_delete(CDB_USERSUPP, pname, strlen(pname));
 450
 451         /* remove the user's bio file */
 452         sprintf(filename, "./bio/%ld", usbuf.usernum);
 453         unlink(filename);
 454
 455         /* remove the user's picture */
 456         sprintf(filename, "./userpics/%ld.gif", usbuf.usernum);
 457         unlink(filename);
 458
 459         return(0);
 460         }
 461
 462
 463 /*
 464  * create_user()  -  back end processing to create a new user
 465  */
 466 int create_user(char *newusername)
 467 {
 468         struct usersupp usbuf;
 469         int a;
 470         struct passwd *p = NULL;
 471         char username[64];
 472
 473         strcpy(username, newusername);
 474         strproc(username);
 475
 476 #ifdef ENABLE_AUTOLOGIN
 477         p = (struct passwd *)getpwnam(username);
 478 #endif
 479         if (p != NULL) {
 480                 strcpy(username, p->pw_gecos);
 481                 for (a=0; a<strlen(username); ++a) {
 482                         if (username[a] == ',') username[a] = 0;
 483                         }
 484                 CC->usersupp.USuid = p->pw_uid;
 485                 }
 486         else {
 487                 CC->usersupp.USuid = BBSUID;
 488                 }
 489
 490         if (!getuser(&usbuf,username)) {
 491                 return(ERROR+ALREADY_EXISTS);
 492                 }
 493
 494         strcpy(CC->curr_user,username);
 495         strcpy(CC->usersupp.fullname,username);
 496         strcpy(CC->usersupp.password,"");
 497         (CC->logged_in) = 1;
 498
 499         /********************************************************/
 500         /* FIX this can safely be removed during the cutover... */
 501         for (a=0; a<MAXROOMS; ++a) {
 502                 CC->usersupp.lastseen[a]=0L;
 503                 CC->usersupp.generation[a]=(-1);
 504                 CC->usersupp.forget[a]=(-1);
 505                 }
 506         /********************************************************/
 507
 508         /* These are the default flags on new accounts */
 509         CC->usersupp.flags =
 510                 US_NEEDVALID|US_LASTOLD|US_DISAPPEAR|US_PAGINATOR|US_FLOORS;
 511
 512         CC->usersupp.timescalled = 0;
 513         CC->usersupp.posted = 0;
 514         CC->usersupp.axlevel = config.c_initax;
 515         CC->usersupp.USscreenwidth = 80;
 516         CC->usersupp.USscreenheight = 24;
 517         time(&CC->usersupp.lastcall);
 518         strcpy(CC->usersupp.USname, "");
 519         strcpy(CC->usersupp.USaddr, "");
 520         strcpy(CC->usersupp.UScity, "");
 521         strcpy(CC->usersupp.USstate, "");
 522         strcpy(CC->usersupp.USzip, "");
 523         strcpy(CC->usersupp.USphone, "");
 524
 525         /* fetch a new user number */
 526         CC->usersupp.usernum = get_new_user_number();
 527
 528         if (CC->usersupp.usernum == 1L) {
 529                 CC->usersupp.axlevel = 6;
 530                 }
 531
 532         /* add user to userlog */
 533         putuser(&CC->usersupp,CC->curr_user);
 534         if (getuser(&CC->usersupp,CC->curr_user)) {
 535                 return(ERROR+INTERNAL_ERROR);
 536                 }
 537         rec_log(CL_NEWUSER,CC->curr_user);
 538         return(0);
 539         }
 540
 541
 542
 543
 544 /*
 545  * cmd_newu()  -  create a new user account
 546  */
 547 void cmd_newu(char *cmdbuf)
 548 {
 549         int a;
 550         char username[256];
 551
 552         if ((CC->logged_in)) {
 553                 cprintf("%d Already logged in.\n",ERROR);
 554                 return;
 555                 }
 556
 557         if ((CC->nologin)) {
 558                 cprintf("%d %s: Too many users are already online (maximum is %d)\n",
 559                 ERROR+MAX_SESSIONS_EXCEEDED,
 560                 config.c_nodename,config.c_maxsessions);
 561                 }
 562
 563         extract(username,cmdbuf,0);
 564         username[25] = 0;
 565         strproc(username);
 566
 567         if (strlen(username)==0) {
 568                 cprintf("%d You must supply a user name.\n",ERROR);
 569                 return;
 570                 }
 571
 572         a = create_user(username);
 573         if ((!strcasecmp(username, "bbs")) ||
 574             (!strcasecmp(username, "new")) ||
 575             (!strcasecmp(username, ".")))
 576         {
 577            cprintf("%d '%s' is an invalid login name.\n", ERROR);
 578            return;
 579         }
 580         if (a==ERROR+ALREADY_EXISTS) {
 581                 cprintf("%d '%s' already exists.\n",
 582                         ERROR+ALREADY_EXISTS,username);
 583                 return;
 584                 }
 585         else if (a==ERROR+INTERNAL_ERROR) {
 586                 cprintf("%d Internal error - user record disappeared?\n",
 587                         ERROR+INTERNAL_ERROR);
 588                 return;
 589                 }
 590         else if (a==0) {
 591                 session_startup();
 592                 }
 593         else {
 594                 cprintf("%d unknown error\n",ERROR);
 595                 }
 596         rec_log(CL_NEWUSER,CC->curr_user);
 597         }
 598
 599
 600
 601 /*
 602  * set password
 603  */
 604 void cmd_setp(char *new_pw)
 605 {
 606         if (!(CC->logged_in)) {
 607                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 608                 return;
 609                 }
 610         if (CC->usersupp.USuid != BBSUID) {
 611                 cprintf("%d Not allowed.  Use the 'passwd' command.\n",ERROR);
 612                 return;
 613                 }
 614         strproc(new_pw);
 615         if (strlen(new_pw)==0) {
 616                 cprintf("%d Password unchanged.\n",OK);
 617                 return;
 618                 }
 619         lgetuser(&CC->usersupp,CC->curr_user);
 620         strcpy(CC->usersupp.password,new_pw);
 621         lputuser(&CC->usersupp,CC->curr_user);
 622         cprintf("%d Password changed.\n",OK);
 623         rec_log(CL_PWCHANGE,CC->curr_user);
 624         PerformSessionHooks(EVT_SETPASS);
 625         }
 626
 627 /*
 628  * get user parameters
 629  */
 630 void cmd_getu(void) {
 631         if (!(CC->logged_in)) {
 632                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 633                 return;
 634                 }
 635         getuser(&CC->usersupp,CC->curr_user);
 636         cprintf("%d %d|%d|%d\n",
 637                 OK,
 638                 CC->usersupp.USscreenwidth,
 639                 CC->usersupp.USscreenheight,
 640                 (CC->usersupp.flags & US_USER_SET)
 641                 );
 642         }
 643
 644 /*
 645  * set user parameters
 646  */
 647 void cmd_setu(char *new_parms)
 648 {
 649
 650         if (num_parms(new_parms)!=3) {
 651                 cprintf("%d Usage error.\n",ERROR);
 652                 return;
 653                 }
 654         if (!(CC->logged_in)) {
 655                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 656                 return;
 657                 }
 658         lgetuser(&CC->usersupp,CC->curr_user);
 659         CC->usersupp.USscreenwidth = extract_int(new_parms,0);
 660         CC->usersupp.USscreenheight = extract_int(new_parms,1);
 661         CC->usersupp.flags = CC->usersupp.flags & (~US_USER_SET);
 662         CC->usersupp.flags = CC->usersupp.flags |
 663                 (extract_int(new_parms,2) & US_USER_SET);
 664         lputuser(&CC->usersupp,CC->curr_user);
 665         cprintf("%d Ok\n",OK);
 666         }
 667
 668 /*
 669  * set last read pointer
 670  */
 671 void cmd_slrp(char *new_ptr)
 672 {
 673         long newlr;
 674         struct visit vbuf;
 675
 676         if (!(CC->logged_in)) {
 677                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 678                 return;
 679                 }
 680
 681         if (CC->curr_rm < 0) {
 682                 cprintf("%d No current room.\n",ERROR);
 683                 return;
 684                 }
 685
 686         if (!strncasecmp(new_ptr,"highest",7)) {
 687                 newlr = CC->quickroom.QRhighest;
 688 /* FIX ... if the current room is 1 (Mail), newlr needs to be set to the
 689  * number of the highest mail message
 690  */
 691                 }
 692         else {
 693                 newlr = atol(new_ptr);
 694                 }
 695
 696         lgetuser(&CC->usersupp, CC->curr_user);
 697
 698         /* old method - remove */
 699         CC->usersupp.lastseen[CC->curr_rm] = newlr;
 700
 701         /* new method */
 702         CtdlGetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
 703         vbuf.v_lastseen = newlr;
 704         CtdlSetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
 705
 706         lputuser(&CC->usersupp, CC->curr_user);
 707         cprintf("%d %ld\n",OK,newlr);
 708         }
 709
 710
 711 /*
 712  * INVT and KICK commands
 713  */
 714 void cmd_invt_kick(char *iuser, int op)
 715                         /* user name */
 716         {               /* 1 = invite, 0 = kick out */
 717         struct usersupp USscratch;
 718         char bbb[256];
 719         struct visit vbuf;
 720
 721         if (!(CC->logged_in)) {
 722                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 723                 return;
 724                 }
 725
 726         if (CC->curr_rm < 0) {
 727                 cprintf("%d No current room.\n",ERROR);
 728                 return;
 729                 }
 730
 731         if (is_room_aide()==0) {
 732                 cprintf("%d Higher access required.\n",
 733                         ERROR+HIGHER_ACCESS_REQUIRED);
 734                 return;
 735                 }
 736
 737         /* FIX - with the new relationships scheme we can lock users out,
 738            so it'll make sense to remove this routine */
 739         if ( (op==1) && ((CC->quickroom.QRflags&QR_PRIVATE)==0) ) {
 740                 cprintf("%d Not a private room.\n",ERROR+NOT_HERE);
 741                 return;
 742                 }
 743
 744         if (lgetuser(&USscratch,iuser)!=0) {
 745                 cprintf("%d No such user.\n",ERROR);
 746                 return;
 747                 }
 748
 749         CtdlGetRelationship(&vbuf, &USscratch, &CC->quickroom);
 750
 751         if (op==1) {
 752                 /* old method -- FIX remove this when we're ready */
 753                 USscratch.generation[CC->curr_rm]=CC->quickroom.QRgen;
 754                 USscratch.forget[CC->curr_rm]=(-1);
 755
 756                 /* new method */
 757                 vbuf.v_flags = vbuf.v_flags & ~V_FORGET & ~V_LOCKOUT;
 758                 vbuf.v_flags = vbuf.v_flags | V_ACCESS;
 759                 }
 760
 761         if (op==0) {
 762                 /* old method -- FIX remove this when we're ready */
 763                 USscratch.generation[CC->curr_rm]=(-1);
 764                 USscratch.forget[CC->curr_rm]=CC->quickroom.QRgen;
 765
 766                 /* new method */
 767                 vbuf.v_flags = vbuf.v_flags & ~V_ACCESS;
 768                 vbuf.v_flags = vbuf.v_flags | V_FORGET | V_LOCKOUT;
 769                 }
 770
 771         CtdlSetRelationship(&vbuf, &USscratch, &CC->quickroom);
 772
 773         lputuser(&USscratch,iuser);
 774
 775         /* post a message in Aide> saying what we just did */
 776         sprintf(bbb,"%s %s %s> by %s",
 777                 iuser,
 778                 ((op == 1) ? "invited to" : "kicked out of"),
 779                 CC->quickroom.QRname,
 780                 CC->usersupp.fullname);
 781         aide_message(bbb);
 782
 783         if ((op==0)&&((CC->quickroom.QRflags&QR_PRIVATE)==0)) {
 784                 cprintf("%d Ok. (Not a private room, <Z>ap effect only)\n",OK);
 785                 }
 786         else {
 787                 cprintf("%d Ok.\n",OK);
 788                 }
 789         return;
 790         }
 791
 792
 793 /*
 794  * forget (Zap) the current room
 795  */
 796 void cmd_forg(void) {
 797         struct visit vbuf;
 798
 799         if (!(CC->logged_in)) {
 800                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 801                 return;
 802                 }
 803
 804         if (CC->curr_rm < 0) {
 805                 cprintf("%d No current room.\n",ERROR);
 806                 return;
 807                 }
 808
 809         if (CC->curr_rm < 3) {
 810                 cprintf("%d You cannot forget this room.\n",ERROR+NOT_HERE);
 811                 return;
 812                 }
 813
 814         if (is_aide()) {
 815                 cprintf("%d Aides cannot forget rooms.\n",ERROR);
 816                 return;
 817                 }
 818
 819         lgetuser(&CC->usersupp,CC->curr_user);
 820         CtdlGetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
 821
 822         /* old method -- FIX remove this when we're ready */
 823         CC->usersupp.forget[CC->curr_rm] = CC->quickroom.QRgen;
 824         CC->usersupp.generation[CC->curr_rm] = (-1);
 825
 826         /* new method */
 827         vbuf.v_flags = vbuf.v_flags | V_FORGET;
 828
 829         CtdlSetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
 830         lputuser(&CC->usersupp,CC->curr_user);
 831         cprintf("%d Ok\n",OK);
 832         CC->curr_rm = (-1);
 833         }
 834
 835 /*
 836  * Get Next Unregistered User
 837  */
 838 void cmd_gnur(void) {
 839         struct cdbdata *cdbus;
 840         struct usersupp usbuf;
 841
 842         if (!(CC->logged_in)) {
 843                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 844                 return;
 845                 }
 846
 847         if (CC->usersupp.axlevel < 6) {
 848                 cprintf("%d Higher access required.\n",
 849                         ERROR+HIGHER_ACCESS_REQUIRED);
 850                 return;
 851                 }
 852
 853         if ((CitControl.MMflags&MM_VALID)==0) {
 854                 cprintf("%d There are no unvalidated users.\n",OK);
 855                 return;
 856                 }
 857
 858         /* There are unvalidated users.  Traverse the usersupp database,
 859          * and return the first user we find that needs validation.
 860          */
 861         cdb_rewind(CDB_USERSUPP);
 862         while (cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 863                 bzero(&usbuf, sizeof(struct usersupp));
 864                 memcpy(&usbuf, cdbus->ptr,
 865                         ( (cdbus->len > sizeof(struct usersupp)) ?
 866                         sizeof(struct usersupp) : cdbus->len) );
 867                 cdb_free(cdbus);
 868                 if ((usbuf.flags & US_NEEDVALID)
 869                    &&(usbuf.axlevel > 0)) {
 870                         cprintf("%d %s\n",MORE_DATA,usbuf.fullname);
 871                         return;
 872                         }
 873                 }
 874
 875         /* If we get to this point, there are no more unvalidated users.
 876          * Therefore we clear the "users need validation" flag.
 877          */
 878
 879         begin_critical_section(S_CONTROL);
 880         get_control();
 881         CitControl.MMflags = CitControl.MMflags&(~MM_VALID);
 882         put_control();
 883         end_critical_section(S_CONTROL);
 884         cprintf("%d *** End of registration.\n",OK);
 885
 886
 887         }
 888
 889
 890 /*
 891  * get registration info for a user
 892  */
 893 void cmd_greg(char *who)
 894 {
 895         struct usersupp usbuf;
 896         int a,b;
 897         char pbuf[32];
 898
 899         if (!(CC->logged_in)) {
 900                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 901                 return;
 902                 }
 903
 904         if (!strcasecmp(who,"_SELF_")) strcpy(who,CC->curr_user);
 905
 906         if ((CC->usersupp.axlevel < 6) && (strcasecmp(who,CC->curr_user))) {
 907                 cprintf("%d Higher access required.\n",
 908                         ERROR+HIGHER_ACCESS_REQUIRED);
 909                 return;
 910                 }
 911
 912         if (getuser(&usbuf,who) != 0) {
 913                 cprintf("%d '%s' not found.\n",ERROR+NO_SUCH_USER,who);
 914                 return;
 915                 }
 916
 917         cprintf("%d %s\n",LISTING_FOLLOWS,usbuf.fullname);
 918         cprintf("%ld\n",usbuf.usernum);
 919         cprintf("%s\n",usbuf.password);
 920         cprintf("%s\n",usbuf.USname);
 921         cprintf("%s\n",usbuf.USaddr);
 922         cprintf("%s\n%s\n%s\n",
 923                 usbuf.UScity,usbuf.USstate,usbuf.USzip);
 924         strcpy(pbuf,usbuf.USphone);
 925         usbuf.USphone[0]=0;
 926         for (a=0; a<strlen(pbuf); ++a) {
 927                 if ((pbuf[a]>='0')&&(pbuf[a]<='9')) {
 928                         b=strlen(usbuf.USphone);
 929                         usbuf.USphone[b]=pbuf[a];
 930                         usbuf.USphone[b+1]=0;
 931                         }
 932                 }
 933         while(strlen(usbuf.USphone)<10) {
 934                 strcpy(pbuf,usbuf.USphone);
 935                 strcpy(usbuf.USphone," ");
 936                 strcat(usbuf.USphone,pbuf);
 937                 }
 938
 939         cprintf("(%c%c%c) %c%c%c-%c%c%c%c\n",
 940                 usbuf.USphone[0],usbuf.USphone[1],
 941                 usbuf.USphone[2],usbuf.USphone[3],
 942                 usbuf.USphone[4],usbuf.USphone[5],
 943                 usbuf.USphone[6],usbuf.USphone[7],
 944                 usbuf.USphone[8],usbuf.USphone[9]);
 945
 946         cprintf("%d\n",usbuf.axlevel);
 947         cprintf("%s\n",usbuf.USemail);
 948         cprintf("000\n");
 949         }
 950
 951 /*
 952  * validate a user
 953  */
 954 void cmd_vali(char *v_args)
 955 {
 956         char user[256];
 957         int newax;
 958         struct usersupp userbuf;
 959
 960         extract(user,v_args,0);
 961         newax = extract_int(v_args,1);
 962
 963         if (!(CC->logged_in)) {
 964                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 965                 return;
 966                 }
 967
 968         if (CC->usersupp.axlevel < 6) {
 969                 cprintf("%d Higher access required.\n",
 970                         ERROR+HIGHER_ACCESS_REQUIRED);
 971                 return;
 972                 }
 973
 974         if (lgetuser(&userbuf,user)!=0) {
 975                 cprintf("%d '%s' not found.\n",ERROR+NO_SUCH_USER,user);
 976                 return;
 977                 }
 978
 979         userbuf.axlevel = newax;
 980         userbuf.flags = (userbuf.flags & ~US_NEEDVALID);
 981
 982         lputuser(&userbuf,user);
 983
 984         /* If the access level was set to zero, delete the user */
 985         if (newax == 0) {
 986                 if (purge_user(user)==0) {
 987                         cprintf("%d %s Deleted.\n", OK, userbuf.fullname);
 988                         return;
 989                         }
 990                 }
 991
 992         cprintf("%d ok\n",OK);
 993         }
 994
 995
 996
 997 /*
 998  *  Traverse the user file...
 999  */
1000 void ForEachUser(void (*CallBack)(struct usersupp *EachUser)) {
1001         struct usersupp usbuf;
1002         struct cdbdata *cdbus;
1003
1004         cdb_rewind(CDB_USERSUPP);
1005
1006         while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
1007                 bzero(&usbuf, sizeof(struct usersupp));
1008                 memcpy(&usbuf, cdbus->ptr,
1009                         ( (cdbus->len > sizeof(struct usersupp)) ?
1010                         sizeof(struct usersupp) : cdbus->len) );
1011                 cdb_free(cdbus);
1012                 (*CallBack)(&usbuf);
1013                 }
1014         }
1015
1016
1017 /*
1018  * List one user (this works with cmd_list)
1019  */
1020 void ListThisUser(struct usersupp *usbuf) {
1021         if (usbuf->axlevel > 0) {
1022                 if ((CC->usersupp.axlevel>=6)
1023                    ||((usbuf->flags&US_UNLISTED)==0)
1024                    ||((CC->internal_pgm))) {
1025                         cprintf("%s|%d|%ld|%ld|%d|%d|",
1026                                 usbuf->fullname,
1027                                 usbuf->axlevel,
1028                                 usbuf->usernum,
1029                                 usbuf->lastcall,
1030                                 usbuf->timescalled,
1031                                 usbuf->posted);
1032                         if (CC->usersupp.axlevel >= 6)
1033                                 cprintf("%s",usbuf->password);
1034                         cprintf("\n");
1035                         }
1036                 }
1037         }
1038
1039 /*
1040  *  List users
1041  */
1042 void cmd_list(void) {
1043         cprintf("%d \n",LISTING_FOLLOWS);
1044         ForEachUser(ListThisUser);
1045         cprintf("000\n");
1046         }
1047
1048
1049 /*
1050  * enter registration info
1051  */
1052 void cmd_regi(void) {
1053         int a,b,c;
1054         char buf[256];
1055
1056         char tmpname[256];
1057         char tmpaddr[256];
1058         char tmpcity[256];
1059         char tmpstate[256];
1060         char tmpzip[256];
1061         char tmpphone[256];
1062         char tmpemail[256];
1063
1064         if (!(CC->logged_in)) {
1065                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
1066                 return;
1067                 }
1068
1069         strcpy(tmpname,"");
1070         strcpy(tmpaddr,"");
1071         strcpy(tmpcity,"");
1072         strcpy(tmpstate,"");
1073         strcpy(tmpzip,"");
1074         strcpy(tmpphone,"");
1075         strcpy(tmpemail,"");
1076
1077         cprintf("%d Send registration...\n",SEND_LISTING);
1078         a=0;
1079         while (client_gets(buf), strcmp(buf,"000")) {
1080                 if (a==0) strcpy(tmpname,buf);
1081                 if (a==1) strcpy(tmpaddr,buf);
1082                 if (a==2) strcpy(tmpcity,buf);
1083                 if (a==3) strcpy(tmpstate,buf);
1084                 if (a==4) {
1085                         for (c=0; c<strlen(buf); ++c) {
1086                                 if ((buf[c]>='0')&&(buf[c]<='9')) {
1087                                         b=strlen(tmpzip);
1088                                         tmpzip[b]=buf[c];
1089                                         tmpzip[b+1]=0;
1090                                         }
1091                                 }
1092                         }
1093                 if (a==5) {
1094                         for (c=0; c<strlen(buf); ++c) {
1095                                 if ((buf[c]>='0')&&(buf[c]<='9')) {
1096                                         b=strlen(tmpphone);
1097                                         tmpphone[b]=buf[c];
1098                                         tmpphone[b+1]=0;
1099                                         }
1100                                 }
1101                         }
1102                 if (a==6) strncpy(tmpemail,buf,31);
1103                 ++a;
1104                 }
1105
1106         tmpname[29]=0;
1107         tmpaddr[24]=0;
1108         tmpcity[14]=0;
1109         tmpstate[2]=0;
1110         tmpzip[9]=0;
1111         tmpphone[10]=0;
1112         tmpemail[31]=0;
1113
1114         lgetuser(&CC->usersupp,CC->curr_user);
1115         strcpy(CC->usersupp.USname,tmpname);
1116         strcpy(CC->usersupp.USaddr,tmpaddr);
1117         strcpy(CC->usersupp.UScity,tmpcity);
1118         strcpy(CC->usersupp.USstate,tmpstate);
1119         strcpy(CC->usersupp.USzip,tmpzip);
1120         strcpy(CC->usersupp.USphone,tmpphone);
1121         strcpy(CC->usersupp.USemail,tmpemail);
1122         CC->usersupp.flags=(CC->usersupp.flags|US_REGIS|US_NEEDVALID);
1123         lputuser(&CC->usersupp,CC->curr_user);
1124
1125         /* set global flag calling for validation */
1126         begin_critical_section(S_CONTROL);
1127         get_control();
1128         CitControl.MMflags = CitControl.MMflags | MM_VALID ;
1129         put_control();
1130         end_critical_section(S_CONTROL);
1131         cprintf("%d *** End of registration.\n",OK);
1132         }
1133
1134
1135 /*
1136  * assorted info we need to check at login
1137  */
1138 void cmd_chek(void) {
1139         int mail = 0;
1140         int regis = 0;
1141         int vali = 0;
1142
1143         if (!(CC->logged_in)) {
1144                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
1145                 return;
1146                 }
1147
1148         getuser(&CC->usersupp,CC->curr_user); /* no lock is needed here */
1149         if ((REGISCALL!=0)&&((CC->usersupp.flags&US_REGIS)==0)) regis = 1;
1150
1151         if (CC->usersupp.axlevel >= 6) {
1152                 get_control();
1153                 if (CitControl.MMflags&MM_VALID) vali = 1;
1154                 }
1155
1156
1157         /* check for mail */
1158         mail = NewMailCount();
1159
1160         cprintf("%d %d|%d|%d\n",OK,mail,regis,vali);
1161         }
1162
1163
1164 /*
1165  * check to see if a user exists
1166  */
1167 void cmd_qusr(char *who)
1168 {
1169         struct usersupp usbuf;
1170
1171         if (getuser(&usbuf,who) == 0) {
1172                 cprintf("%d %s\n",OK,usbuf.fullname);
1173                 }
1174         else {
1175                 cprintf("%d No such user.\n",ERROR+NO_SUCH_USER);
1176                 }
1177         }
1178
1179
1180 /*
1181  * enter user bio
1182  */
1183 void cmd_ebio(void) {
1184         char buf[256];
1185         FILE *fp;
1186
1187         if (!(CC->logged_in)) {
1188                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
1189                 return;
1190                 }
1191
1192         sprintf(buf,"./bio/%ld",CC->usersupp.usernum);
1193         fp = fopen(buf,"w");
1194         if (fp == NULL) {
1195                 cprintf("%d Cannot create file\n",ERROR);
1196                 return;
1197                 }
1198         cprintf("%d  \n",SEND_LISTING);
1199         while(client_gets(buf), strcmp(buf,"000")) {
1200                 fprintf(fp,"%s\n",buf);
1201                 }
1202         fclose(fp);
1203         }
1204
1205 /*
1206  * read user bio
1207  */
1208 void cmd_rbio(char *cmdbuf)
1209 {
1210         struct usersupp ruser;
1211         char buf[256];
1212         FILE *fp;
1213
1214         extract(buf,cmdbuf,0);
1215         if (getuser(&ruser,buf)!=0) {
1216                 cprintf("%d No such user.\n",ERROR+NO_SUCH_USER);
1217                 return;
1218                 }
1219         sprintf(buf,"./bio/%ld",ruser.usernum);
1220
1221         fp = fopen(buf,"r");
1222         if (fp == NULL) {
1223                 cprintf("%d %s has no bio on file.\n",
1224                         ERROR+FILE_NOT_FOUND,ruser.fullname);
1225                 return;
1226                 }
1227         cprintf("%d  \n",LISTING_FOLLOWS);
1228         while (fgets(buf,256,fp)!=NULL) cprintf("%s",buf);
1229         fclose(fp);
1230         cprintf("000\n");
1231         }
1232
1233 /*
1234  * list of users who have entered bios
1235  */
1236 void cmd_lbio(void) {
1237         char buf[256];
1238         FILE *ls;
1239         struct usersupp usbuf;
1240
1241         ls=popen("cd ./bio; ls","r");
1242         if (ls==NULL) {
1243                 cprintf("%d Cannot open listing.\n",ERROR+FILE_NOT_FOUND);
1244                 return;
1245                 }
1246
1247         cprintf("%d\n",LISTING_FOLLOWS);
1248         while (fgets(buf,255,ls)!=NULL)
1249                 if (getuserbynumber(&usbuf,atol(buf))==0)
1250                         cprintf("%s\n",usbuf.fullname);
1251         pclose(ls);
1252         cprintf("000\n");
1253         }
1254
1255
1256 /*
1257  * Administrative Get User Parameters
1258  */
1259 void cmd_agup(char *cmdbuf) {
1260         struct usersupp usbuf;
1261         char requested_user[256];
1262
1263         if ( (CC->internal_pgm==0)
1264            && ( (CC->logged_in == 0) || (is_aide()==0) ) ) {
1265                 cprintf("%d Higher access required.\n",
1266                         ERROR + HIGHER_ACCESS_REQUIRED);
1267                 return;
1268                 }
1269
1270         extract(requested_user, cmdbuf, 0);
1271         if (getuser(&usbuf, requested_user) != 0) {
1272                 cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
1273                 return;
1274                 }
1275
1276         cprintf("%d %s|%s|%u|%d|%d|%d|%ld\n",
1277                 OK,
1278                 usbuf.fullname,
1279                 usbuf.password,
1280                 usbuf.flags,
1281                 usbuf.timescalled,
1282                 usbuf.posted,
1283                 (int)usbuf.axlevel,
1284                 usbuf.usernum);
1285
1286         }
1287
1288
1289
1290 /*
1291  * Administrative Set User Parameters
1292  */
1293 void cmd_asup(char *cmdbuf) {
1294         struct usersupp usbuf;
1295         char requested_user[256];
1296         int np;
1297         int newax;
1298
1299         if ( (CC->internal_pgm==0)
1300            && ( (CC->logged_in == 0) || (is_aide()==0) ) ) {
1301                 cprintf("%d Higher access required.\n",
1302                         ERROR + HIGHER_ACCESS_REQUIRED);
1303                 return;
1304                 }
1305
1306         extract(requested_user, cmdbuf, 0);
1307         if (lgetuser(&usbuf, requested_user) != 0) {
1308                 cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
1309                 return;
1310                 }
1311
1312         np = num_parms(cmdbuf);
1313         if (np > 1) extract(usbuf.password, cmdbuf, 1);
1314         if (np > 2) usbuf.flags = extract_int(cmdbuf, 2);
1315         if (np > 3) usbuf.timescalled = extract_int(cmdbuf, 3);
1316         if (np > 4) usbuf.posted = extract_int(cmdbuf, 4);
1317         if (np > 5) {
1318                 newax = extract_int(cmdbuf, 5);
1319                 if ((newax >=0) && (newax <= 6)) {
1320                         usbuf.axlevel = extract_int(cmdbuf, 5);
1321                         }
1322                 }
1323
1324         lputuser(&usbuf, requested_user);
1325         if (usbuf.axlevel == 0) {
1326                 if (purge_user(requested_user)==0) {
1327                         cprintf("%d %s deleted.\n", OK, requested_user);
1328                         }
1329                 }
1330         cprintf("%d Ok\n", OK);
1331         }
1332
1333
1334 /*
1335  * Count the number of new mail messages the user has
1336  */
1337 int NewMailCount() {
1338         int num_newmsgs = 0;
1339         struct cdbdata *cdbmb;
1340         int num_mails;
1341         long *mailbox;
1342         int a;
1343
1344         cdbmb = cdb_fetch(CDB_MAILBOXES, &CC->usersupp.usernum, sizeof(long));
1345         if (cdbmb != NULL) {
1346                 num_mails = cdbmb->len / sizeof(long);
1347                 mailbox = (long *) cdbmb->ptr;
1348                 if (num_mails > 0) for (a=0; a<num_mails; ++a) {
1349                         if (mailbox[a] > (CC->usersupp.lastseen[1]))
1350                                 ++num_newmsgs;
1351                         }
1352                 cdb_free(cdbmb);
1353                 }
1354         return(num_newmsgs);
1355         }