citadel/user_ops.c

   1 /* needed to properly enable crypt() stuff on some systems */
   2 #define _XOPEN_SOURCE
   3 /* needed for str[n]casecmp() on some systems if the above is defined */
   4 #define _XOPEN_SOURCE_EXTENDED
   5
   6 #include <stdlib.h>
   7 #include <unistd.h>
   8 #include <stdio.h>
   9 #include <fcntl.h>
  10 #include <signal.h>
  11 #include <pwd.h>
  12 #include <sys/types.h>
  13 #include <sys/time.h>
  14 #include <string.h>
  15 #include <syslog.h>
  16 #include <pthread.h>
  17 #include "citadel.h"
  18 #include "server.h"
  19 #include "database.h"
  20 #include "user_ops.h"
  21 #include "sysdep_decls.h"
  22 #include "support.h"
  23 #include "hooks.h"
  24 #include "room_ops.h"
  25 #include "logging.h"
  26 #include "file_ops.h"
  27 #include "control.h"
  28 #include "msgbase.h"
  29 #include "config.h"
  30
  31
  32 /*
  33  * getuser()  -  retrieve named user into supplied buffer.
  34  *               returns 0 on success
  35  */
  36 int getuser(struct usersupp *usbuf, char name[]) {
  37
  38         char lowercase_name[32];
  39         int a;
  40         struct cdbdata *cdbus;
  41
  42         bzero(usbuf, sizeof(struct usersupp));
  43         for (a=0; a<=strlen(name); ++a) {
  44                 lowercase_name[a] = tolower(name[a]);
  45                 }
  46
  47         cdbus = cdb_fetch(CDB_USERSUPP, lowercase_name, strlen(lowercase_name));
  48         if (cdbus == NULL) {
  49                 return(1);      /* user not found */
  50                 }
  51
  52         memcpy(usbuf, cdbus->ptr,
  53                 ( (cdbus->len > sizeof(struct usersupp)) ?
  54                 sizeof(struct usersupp) : cdbus->len) );
  55         cdb_free(cdbus);
  56         return(0);
  57         }
  58
  59
  60 /*
  61  * lgetuser()  -  same as getuser() but locks the record
  62  */
  63 int lgetuser(struct usersupp *usbuf, char *name)
  64 {
  65         int retcode;
  66
  67         retcode = getuser(usbuf,name);
  68         if (retcode == 0) {
  69                 begin_critical_section(S_USERSUPP);
  70                 }
  71         return(retcode);
  72         }
  73
  74
  75 /*
  76  * putuser()  -  write user buffer into the correct place on disk
  77  */
  78 void putuser(struct usersupp *usbuf, char *name)
  79 {
  80         char lowercase_name[32];
  81         int a;
  82
  83         for (a=0; a<=strlen(name); ++a) {
  84                 lowercase_name[a] = tolower(name[a]);
  85                 }
  86
  87         cdb_store(CDB_USERSUPP,
  88                 lowercase_name, strlen(lowercase_name),
  89                 usbuf, sizeof(struct usersupp));
  90
  91         }
  92
  93
  94 /*
  95  * lputuser()  -  same as putuser() but locks the record
  96  */
  97 void lputuser(struct usersupp *usbuf, char *name) {
  98         putuser(usbuf,name);
  99         end_critical_section(S_USERSUPP);
 100         }
 101
 102
 103 /*
 104  * Is the user currently logged in an Aide?
 105  */
 106 int is_aide(void) {
 107         if (CC->usersupp.axlevel >= 6) return(1);
 108         else return(0);
 109         }
 110
 111
 112 /*
 113  * Is the user currently logged in an Aide *or* the room aide for this room?
 114  */
 115 int is_room_aide(void) {
 116         if ( (CC->usersupp.axlevel >= 6)
 117            || (CC->quickroom.QRroomaide == CC->usersupp.usernum) ) {
 118                 return(1);
 119                 }
 120         else {
 121                 return(0);
 122                 }
 123         }
 124
 125 /*
 126  * getuserbynumber()  -  get user by number
 127  *                       returns 0 if user was found
 128  */
 129 int getuserbynumber(struct usersupp *usbuf, long int number)
 130 {
 131         struct cdbdata *cdbus;
 132
 133         cdb_rewind(CDB_USERSUPP);
 134
 135         while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 136                 bzero(usbuf, sizeof(struct usersupp));
 137                 memcpy(usbuf, cdbus->ptr,
 138                         ( (cdbus->len > sizeof(struct usersupp)) ?
 139                         sizeof(struct usersupp) : cdbus->len) );
 140                 cdb_free(cdbus);
 141                 if (usbuf->usernum == number) {
 142                         return(0);
 143                         }
 144                 }
 145         return(-1);
 146         }
 147
 148
 149 /*
 150  * USER cmd
 151  */
 152 void cmd_user(char *cmdbuf)
 153 {
 154         char username[256];
 155         char autoname[256];
 156         int found_user = 0;
 157         struct passwd *p;
 158         int a;
 159
 160         extract(username,cmdbuf,0);
 161         username[25] = 0;
 162         strproc(username);
 163
 164         if ((CC->logged_in)) {
 165                 cprintf("%d Already logged in.\n",ERROR);
 166                 return;
 167                 }
 168
 169         found_user = getuser(&CC->usersupp,username);
 170         if (found_user != 0) {
 171                 p = (struct passwd *)getpwnam(username);
 172                 if (p!=NULL) {
 173                         strcpy(autoname,p->pw_gecos);
 174                         for (a=0; a<strlen(autoname); ++a)
 175                                 if (autoname[a]==',') autoname[a]=0;
 176                         found_user = getuser(&CC->usersupp,autoname);
 177                         }
 178                 }
 179         if (found_user == 0) {
 180                 if (((CC->nologin)) && (CC->usersupp.axlevel < 6)) {
 181                         cprintf("%d %s: Too many users are already online (maximum is %d)\n",
 182                         ERROR+MAX_SESSIONS_EXCEEDED,
 183                         config.c_nodename,config.c_maxsessions);
 184                         }
 185                 else {
 186                         strcpy(CC->curr_user,CC->usersupp.fullname);
 187                         cprintf("%d Password required for %s\n",
 188                                 MORE_DATA,CC->curr_user);
 189                         }
 190                 }
 191         else {
 192                 cprintf("%d %s not found.\n",ERROR,username);
 193                 }
 194         }
 195
 196
 197
 198 /*
 199  * session startup code which is common to both cmd_pass() and cmd_newu()
 200  */
 201 void session_startup(void) {
 202         int a;
 203         struct quickroom qr;
 204         struct LoginFunctionHook *fcn;
 205
 206         syslog(LOG_NOTICE,"user <%s> logged in",CC->curr_user);
 207
 208         lgetuser(&CC->usersupp,CC->curr_user);
 209         ++(CC->usersupp.timescalled);
 210         CC->fake_username[0] = '\0';
 211         CC->fake_postname[0] = '\0';
 212         CC->fake_hostname[0] = '\0';
 213         CC->fake_roomname[0] = '\0';
 214         CC->last_pager[0] = '\0';
 215         time(&CC->usersupp.lastcall);
 216
 217         /* If this user's name is the name of the system administrator
 218          * (as specified in setup), automatically assign access level 6.
 219          */
 220         if (!strcasecmp(CC->usersupp.fullname, config.c_sysadm)) {
 221                 CC->usersupp.axlevel = 6;
 222                 }
 223
 224 /* A room's generation number changes each time it is recycled. Users are kept
 225  * out of private rooms or forget rooms by matching the generation numbers. To
 226  * avoid an accidental matchup, unmatched numbers are set to -1 here.
 227  */
 228         for (a=0; a<MAXROOMS; ++a) {
 229                 getroom(&qr,a);
 230                 if (CC->usersupp.generation[a] != qr.QRgen)
 231                                         CC->usersupp.generation[a]=(-1);
 232                 if (CC->usersupp.forget[a] != qr.QRgen)
 233                                         CC->usersupp.forget[a]=(-1);
 234                 }
 235
 236         lputuser(&CC->usersupp,CC->curr_user);
 237
 238         /* Run any cleanup routines registered by loadable modules */
 239         for (fcn = LoginHookTable; fcn != NULL; fcn = fcn->next) {
 240                 (*fcn->h_function_pointer)();
 241                 }
 242
 243         cprintf("%d %s|%d|%d|%d|%u|%ld\n",OK,CC->usersupp.fullname,CC->usersupp.axlevel,
 244                 CC->usersupp.timescalled,CC->usersupp.posted,CC->usersupp.flags,
 245                 CC->usersupp.usernum);
 246         usergoto(0,0);          /* Enter the lobby */
 247         rec_log(CL_LOGIN,CC->curr_user);
 248         }
 249
 250
 251
 252 /*
 253  * misc things to be taken care of when a user is logged out
 254  */
 255 void logout(struct CitContext *who)
 256 {
 257         who->logged_in = 0;
 258         if (who->download_fp != NULL) {
 259                 fclose(who->download_fp);
 260                 who->download_fp = NULL;
 261                 }
 262         if (who->upload_fp != NULL) {
 263                 abort_upl(who);
 264                 }
 265         }
 266
 267
 268 void cmd_pass(char *buf)
 269 {
 270         char password[256];
 271         int code;
 272         struct passwd *p;
 273
 274         extract(password,buf,0);
 275
 276         if ((CC->logged_in)) {
 277                 cprintf("%d Already logged in.\n",ERROR);
 278                 return;
 279                 }
 280         if (!strcmp(CC->curr_user,"")) {
 281                 cprintf("%d You must send a name with USER first.\n",ERROR);
 282                 return;
 283                 }
 284         if (getuser(&CC->usersupp,CC->curr_user)) {
 285                 cprintf("%d Can't find user record!\n",ERROR+INTERNAL_ERROR);
 286                 return;
 287                 }
 288
 289         code = (-1);
 290         if (CC->usersupp.USuid == BBSUID) {
 291                 strproc(password);
 292                 strproc(CC->usersupp.password);
 293                 code = strcasecmp(CC->usersupp.password,password);
 294                 }
 295         else {
 296                 p = (struct passwd *)getpwuid(CC->usersupp.USuid);
 297 #ifdef ENABLE_AUTOLOGIN
 298                 if (p!=NULL) {
 299                         if (!strcmp(p->pw_passwd,
 300                            (char *)crypt(password,p->pw_passwd))) {
 301                                 code = 0;
 302                                 lgetuser(&CC->usersupp, CC->curr_user);
 303                                 strcpy(CC->usersupp.password, password);
 304                                 lputuser(&CC->usersupp, CC->curr_user);
 305                                 }
 306                         }
 307 #endif
 308                 }
 309
 310         if (!code) {
 311                 (CC->logged_in) = 1;
 312                 session_startup();
 313                 }
 314         else {
 315                 cprintf("%d Wrong password.\n",ERROR);
 316                 rec_log(CL_BADPW,CC->curr_user);
 317                 }
 318         }
 319
 320
 321 /*
 322  * Delete a user record *and* all of its related resources.
 323  */
 324 int purge_user(char *pname) {
 325         char filename[64];
 326         struct usersupp usbuf;
 327         int a;
 328         struct cdbdata *cdbmb;
 329         long *mailbox;
 330         int num_mails;
 331
 332         if (getuser(&usbuf, pname) != 0) {
 333                 lprintf(5, "Cannot purge user <%s> - not found\n", pname);
 334                 return(ERROR+NO_SUCH_USER);
 335                 }
 336
 337         /* FIX   Don't delete a user who is currently logged in. */
 338
 339         /* delete any messages in the user's mailbox */
 340         cdbmb = cdb_fetch(CDB_MAILBOXES, &usbuf.usernum, sizeof(long));
 341         if (cdbmb != NULL) {
 342                 num_mails = cdbmb->len / sizeof(long);
 343                 mailbox = (long *) cdbmb->ptr;
 344                 if (num_mails > 0) for (a=0; a<num_mails; ++a) {
 345                         cdb_delete(CDB_MSGMAIN, &mailbox[a], sizeof(long));
 346                         }
 347                 cdb_free(cdbmb);
 348                 /* now delete the mailbox itself */
 349                 cdb_delete(CDB_MAILBOXES, &usbuf.usernum, sizeof(long));
 350                 }
 351
 352
 353         /* delete the userlog entry */
 354         cdb_delete(CDB_USERSUPP, pname, strlen(pname));
 355
 356         /* remove the user's bio file */
 357         sprintf(filename, "./bio/%ld", usbuf.usernum);
 358         unlink(filename);
 359
 360         /* remove the user's picture */
 361         sprintf(filename, "./userpics/%ld.gif", usbuf.usernum);
 362         unlink(filename);
 363
 364         return(0);
 365         }
 366
 367
 368 /*
 369  * create_user()  -  back end processing to create a new user
 370  */
 371 int create_user(char *newusername)
 372 {
 373         struct usersupp usbuf;
 374         int a;
 375         struct passwd *p = NULL;
 376         char username[64];
 377
 378         strcpy(username, newusername);
 379         strproc(username);
 380
 381 #ifdef ENABLE_AUTOLOGIN
 382         p = (struct passwd *)getpwnam(username);
 383 #endif
 384         if (p != NULL) {
 385                 strcpy(username, p->pw_gecos);
 386                 for (a=0; a<strlen(username); ++a) {
 387                         if (username[a] == ',') username[a] = 0;
 388                         }
 389                 CC->usersupp.USuid = p->pw_uid;
 390                 }
 391         else {
 392                 CC->usersupp.USuid = BBSUID;
 393                 }
 394
 395         if (!getuser(&usbuf,username)) {
 396                 return(ERROR+ALREADY_EXISTS);
 397                 }
 398
 399         strcpy(CC->curr_user,username);
 400         strcpy(CC->usersupp.fullname,username);
 401         (CC->logged_in) = 1;
 402
 403         for (a=0; a<MAXROOMS; ++a) {
 404                 CC->usersupp.lastseen[a]=0L;
 405                 CC->usersupp.generation[a]=(-1);
 406                 CC->usersupp.forget[a]=(-1);
 407                 }
 408         strcpy(CC->usersupp.password,"");
 409
 410         /* These are the default flags on new accounts */
 411         CC->usersupp.flags =
 412                 US_NEEDVALID|US_LASTOLD|US_DISAPPEAR|US_PAGINATOR|US_FLOORS;
 413
 414         CC->usersupp.timescalled = 0;
 415         CC->usersupp.posted = 0;
 416         CC->usersupp.axlevel = INITAX;
 417         CC->usersupp.USscreenwidth = 80;
 418         CC->usersupp.USscreenheight = 24;
 419         time(&CC->usersupp.lastcall);
 420         strcpy(CC->usersupp.USname, "");
 421         strcpy(CC->usersupp.USaddr, "");
 422         strcpy(CC->usersupp.UScity, "");
 423         strcpy(CC->usersupp.USstate, "");
 424         strcpy(CC->usersupp.USzip, "");
 425         strcpy(CC->usersupp.USphone, "");
 426
 427         /* fetch a new user number */
 428         CC->usersupp.usernum = get_new_user_number();
 429
 430         if (CC->usersupp.usernum == 1L) {
 431                 CC->usersupp.axlevel = 6;
 432                 }
 433
 434         /* add user to userlog */
 435         putuser(&CC->usersupp,CC->curr_user);
 436         if (getuser(&CC->usersupp,CC->curr_user)) {
 437                 return(ERROR+INTERNAL_ERROR);
 438                 }
 439         rec_log(CL_NEWUSER,CC->curr_user);
 440         return(0);
 441         }
 442
 443
 444
 445
 446 /*
 447  * cmd_newu()  -  create a new user account
 448  */
 449 void cmd_newu(char *cmdbuf)
 450 {
 451         int a;
 452         char username[256];
 453
 454         if ((CC->logged_in)) {
 455                 cprintf("%d Already logged in.\n",ERROR);
 456                 return;
 457                 }
 458
 459         if ((CC->nologin)) {
 460                 cprintf("%d %s: Too many users are already online (maximum is %d)\n",
 461                 ERROR+MAX_SESSIONS_EXCEEDED,
 462                 config.c_nodename,config.c_maxsessions);
 463                 }
 464
 465         extract(username,cmdbuf,0);
 466         username[25] = 0;
 467         strproc(username);
 468
 469         if (strlen(username)==0) {
 470                 cprintf("%d You must supply a user name.\n",ERROR);
 471                 return;
 472                 }
 473
 474         a = create_user(username);
 475         if ((!strcasecmp(username, "bbs")) ||
 476             (!strcasecmp(username, "new")) ||
 477             (!strcasecmp(username, ".")))
 478         {
 479            cprintf("%d '%s' is an invalid login name.\n", ERROR);
 480            return;
 481         }
 482         if (a==ERROR+ALREADY_EXISTS) {
 483                 cprintf("%d '%s' already exists.\n",
 484                         ERROR+ALREADY_EXISTS,username);
 485                 return;
 486                 }
 487         else if (a==ERROR+INTERNAL_ERROR) {
 488                 cprintf("%d Internal error - user record disappeared?\n",
 489                         ERROR+INTERNAL_ERROR);
 490                 return;
 491                 }
 492         else if (a==0) {
 493                 session_startup();
 494                 }
 495         else {
 496                 cprintf("%d unknown error\n",ERROR);
 497                 }
 498         rec_log(CL_NEWUSER,CC->curr_user);
 499         }
 500
 501
 502
 503 /*
 504  * set password
 505  */
 506 void cmd_setp(char *new_pw)
 507 {
 508         if (!(CC->logged_in)) {
 509                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 510                 return;
 511                 }
 512         if (CC->usersupp.USuid != BBSUID) {
 513                 cprintf("%d Not allowed.  Use the 'passwd' command.\n",ERROR);
 514                 return;
 515                 }
 516         strproc(new_pw);
 517         if (strlen(new_pw)==0) {
 518                 cprintf("%d Password unchanged.\n",OK);
 519                 return;
 520                 }
 521         lgetuser(&CC->usersupp,CC->curr_user);
 522         strcpy(CC->usersupp.password,new_pw);
 523         lputuser(&CC->usersupp,CC->curr_user);
 524         cprintf("%d Password changed.\n",OK);
 525         rec_log(CL_PWCHANGE,CC->curr_user);
 526         }
 527
 528 /*
 529  * get user parameters
 530  */
 531 void cmd_getu(void) {
 532         if (!(CC->logged_in)) {
 533                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 534                 return;
 535                 }
 536         getuser(&CC->usersupp,CC->curr_user);
 537         cprintf("%d %d|%d|%d\n",
 538                 OK,
 539                 CC->usersupp.USscreenwidth,
 540                 CC->usersupp.USscreenheight,
 541                 (CC->usersupp.flags & US_USER_SET)
 542                 );
 543         }
 544
 545 /*
 546  * set user parameters
 547  */
 548 void cmd_setu(char *new_parms)
 549 {
 550
 551         if (num_parms(new_parms)!=3) {
 552                 cprintf("%d Usage error.\n",ERROR);
 553                 return;
 554                 }
 555         if (!(CC->logged_in)) {
 556                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 557                 return;
 558                 }
 559         lgetuser(&CC->usersupp,CC->curr_user);
 560         CC->usersupp.USscreenwidth = extract_int(new_parms,0);
 561         CC->usersupp.USscreenheight = extract_int(new_parms,1);
 562         CC->usersupp.flags = CC->usersupp.flags & (~US_USER_SET);
 563         CC->usersupp.flags = CC->usersupp.flags |
 564                 (extract_int(new_parms,2) & US_USER_SET);
 565         lputuser(&CC->usersupp,CC->curr_user);
 566         cprintf("%d Ok\n",OK);
 567         }
 568
 569 /*
 570  * set last read pointer
 571  */
 572 void cmd_slrp(char *new_ptr)
 573 {
 574         long newlr;
 575
 576         if (!(CC->logged_in)) {
 577                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 578                 return;
 579                 }
 580
 581         if (CC->curr_rm < 0) {
 582                 cprintf("%d No current room.\n",ERROR);
 583                 return;
 584                 }
 585
 586         if (!strncasecmp(new_ptr,"highest",7)) {
 587                 newlr = CC->quickroom.QRhighest;
 588                 }
 589         else {
 590                 newlr = atol(new_ptr);
 591                 }
 592
 593         lgetuser(&CC->usersupp, CC->curr_user);
 594         CC->usersupp.lastseen[CC->curr_rm] = newlr;
 595         lputuser(&CC->usersupp, CC->curr_user);
 596         cprintf("%d %ld\n",OK,newlr);
 597         }
 598
 599
 600 /*
 601  * INVT and KICK commands
 602  */
 603 void cmd_invt_kick(char *iuser, int op)
 604                         /* user name */
 605         {               /* 1 = invite, 0 = kick out */
 606         struct usersupp USscratch;
 607         char bbb[256];
 608
 609         if (!(CC->logged_in)) {
 610                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 611                 return;
 612                 }
 613
 614         if (CC->curr_rm < 0) {
 615                 cprintf("%d No current room.\n",ERROR);
 616                 return;
 617                 }
 618
 619         if (is_room_aide()==0) {
 620                 cprintf("%d Higher access required.\n",
 621                         ERROR+HIGHER_ACCESS_REQUIRED);
 622                 return;
 623                 }
 624
 625         if ( (op==1) && ((CC->quickroom.QRflags&QR_PRIVATE)==0) ) {
 626                 cprintf("%d Not a private room.\n",ERROR+NOT_HERE);
 627                 return;
 628                 }
 629
 630         if (lgetuser(&USscratch,iuser)!=0) {
 631                 cprintf("%d No such user.\n",ERROR);
 632                 return;
 633                 }
 634
 635         if (op==1) {
 636                 USscratch.generation[CC->curr_rm]=CC->quickroom.QRgen;
 637                 USscratch.forget[CC->curr_rm]=(-1);
 638                 }
 639
 640         if (op==0) {
 641                 USscratch.generation[CC->curr_rm]=(-1);
 642                 USscratch.forget[CC->curr_rm]=CC->quickroom.QRgen;
 643                 }
 644
 645         lputuser(&USscratch,iuser);
 646
 647         /* post a message in Aide> saying what we just did */
 648         sprintf(bbb,"%s %s %s> by %s",
 649                 iuser,
 650                 ((op == 1) ? "invited to" : "kicked out of"),
 651                 CC->quickroom.QRname,
 652                 CC->usersupp.fullname);
 653         aide_message(bbb);
 654
 655         if ((op==0)&&((CC->quickroom.QRflags&QR_PRIVATE)==0)) {
 656                 cprintf("%d Ok. (Not a private room, <Z>ap effect only)\n",OK);
 657                 }
 658         else {
 659                 cprintf("%d Ok.\n",OK);
 660                 }
 661         return;
 662         }
 663
 664
 665 /*
 666  * forget (Zap) the current room
 667  */
 668 void cmd_forg(void) {
 669         if (!(CC->logged_in)) {
 670                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 671                 return;
 672                 }
 673
 674         if (CC->curr_rm < 0) {
 675                 cprintf("%d No current room.\n",ERROR);
 676                 return;
 677                 }
 678
 679         if (CC->curr_rm < 3) {
 680                 cprintf("%d You cannot forget this room.\n",ERROR+NOT_HERE);
 681                 return;
 682                 }
 683
 684         if (is_aide()) {
 685                 cprintf("%d Aides cannot forget rooms.\n",ERROR);
 686                 return;
 687                 }
 688
 689         lgetuser(&CC->usersupp,CC->curr_user);
 690         CC->usersupp.forget[CC->curr_rm] = CC->quickroom.QRgen;
 691         CC->usersupp.generation[CC->curr_rm] = (-1);
 692         lputuser(&CC->usersupp,CC->curr_user);
 693         cprintf("%d Ok\n",OK);
 694         CC->curr_rm = (-1);
 695         }
 696
 697 /*
 698  * Get Next Unregistered User
 699  */
 700 void cmd_gnur(void) {
 701         struct cdbdata *cdbus;
 702         struct usersupp usbuf;
 703
 704         if (!(CC->logged_in)) {
 705                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 706                 return;
 707                 }
 708
 709         if (CC->usersupp.axlevel < 6) {
 710                 cprintf("%d Higher access required.\n",
 711                         ERROR+HIGHER_ACCESS_REQUIRED);
 712                 return;
 713                 }
 714
 715         if ((CitControl.MMflags&MM_VALID)==0) {
 716                 cprintf("%d There are no unvalidated users.\n",OK);
 717                 return;
 718                 }
 719
 720         /* There are unvalidated users.  Traverse the usersupp database,
 721          * and return the first user we find that needs validation.
 722          */
 723         cdb_rewind(CDB_USERSUPP);
 724         while (cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 725                 bzero(&usbuf, sizeof(struct usersupp));
 726                 memcpy(&usbuf, cdbus->ptr,
 727                         ( (cdbus->len > sizeof(struct usersupp)) ?
 728                         sizeof(struct usersupp) : cdbus->len) );
 729                 cdb_free(cdbus);
 730                 if ((usbuf.flags & US_NEEDVALID)
 731                    &&(usbuf.axlevel > 0)) {
 732                         cprintf("%d %s\n",MORE_DATA,usbuf.fullname);
 733                         return;
 734                         }
 735                 }
 736
 737         /* If we get to this point, there are no more unvalidated users.
 738          * Therefore we clear the "users need validation" flag.
 739          */
 740
 741         begin_critical_section(S_CONTROL);
 742         get_control();
 743         CitControl.MMflags = CitControl.MMflags&(~MM_VALID);
 744         put_control();
 745         end_critical_section(S_CONTROL);
 746         cprintf("%d *** End of registration.\n",OK);
 747
 748
 749         }
 750
 751
 752 /*
 753  * get registration info for a user
 754  */
 755 void cmd_greg(char *who)
 756 {
 757         struct usersupp usbuf;
 758         int a,b;
 759         char pbuf[32];
 760
 761         if (!(CC->logged_in)) {
 762                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 763                 return;
 764                 }
 765
 766         if (!strcasecmp(who,"_SELF_")) strcpy(who,CC->curr_user);
 767
 768         if ((CC->usersupp.axlevel < 6) && (strcasecmp(who,CC->curr_user))) {
 769                 cprintf("%d Higher access required.\n",
 770                         ERROR+HIGHER_ACCESS_REQUIRED);
 771                 return;
 772                 }
 773
 774         if (getuser(&usbuf,who) != 0) {
 775                 cprintf("%d '%s' not found.\n",ERROR+NO_SUCH_USER,who);
 776                 return;
 777                 }
 778
 779         cprintf("%d %s\n",LISTING_FOLLOWS,usbuf.fullname);
 780         cprintf("%ld\n",usbuf.usernum);
 781         cprintf("%s\n",usbuf.password);
 782         cprintf("%s\n",usbuf.USname);
 783         cprintf("%s\n",usbuf.USaddr);
 784         cprintf("%s\n%s\n%s\n",
 785                 usbuf.UScity,usbuf.USstate,usbuf.USzip);
 786         strcpy(pbuf,usbuf.USphone);
 787         usbuf.USphone[0]=0;
 788         for (a=0; a<strlen(pbuf); ++a) {
 789                 if ((pbuf[a]>='0')&&(pbuf[a]<='9')) {
 790                         b=strlen(usbuf.USphone);
 791                         usbuf.USphone[b]=pbuf[a];
 792                         usbuf.USphone[b+1]=0;
 793                         }
 794                 }
 795         while(strlen(usbuf.USphone)<10) {
 796                 strcpy(pbuf,usbuf.USphone);
 797                 strcpy(usbuf.USphone," ");
 798                 strcat(usbuf.USphone,pbuf);
 799                 }
 800
 801         cprintf("(%c%c%c) %c%c%c-%c%c%c%c\n",
 802                 usbuf.USphone[0],usbuf.USphone[1],
 803                 usbuf.USphone[2],usbuf.USphone[3],
 804                 usbuf.USphone[4],usbuf.USphone[5],
 805                 usbuf.USphone[6],usbuf.USphone[7],
 806                 usbuf.USphone[8],usbuf.USphone[9]);
 807
 808         cprintf("%d\n",usbuf.axlevel);
 809         cprintf("%s\n",usbuf.USemail);
 810         cprintf("000\n");
 811         }
 812
 813 /*
 814  * validate a user
 815  */
 816 void cmd_vali(char *v_args)
 817 {
 818         char user[256];
 819         int newax;
 820         struct usersupp userbuf;
 821
 822         extract(user,v_args,0);
 823         newax = extract_int(v_args,1);
 824
 825         if (!(CC->logged_in)) {
 826                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 827                 return;
 828                 }
 829
 830         if (CC->usersupp.axlevel < 6) {
 831                 cprintf("%d Higher access required.\n",
 832                         ERROR+HIGHER_ACCESS_REQUIRED);
 833                 return;
 834                 }
 835
 836         if (lgetuser(&userbuf,user)!=0) {
 837                 cprintf("%d '%s' not found.\n",ERROR+NO_SUCH_USER,user);
 838                 return;
 839                 }
 840
 841         userbuf.axlevel = newax;
 842         userbuf.flags = (userbuf.flags & ~US_NEEDVALID);
 843
 844         lputuser(&userbuf,user);
 845
 846         /* If the access level was set to zero, delete the user */
 847         if (newax == 0) {
 848                 if (purge_user(user)==0) {
 849                         cprintf("%d %s Deleted.\n", OK, userbuf.fullname);
 850                         return;
 851                         }
 852                 }
 853
 854         cprintf("%d ok\n",OK);
 855         }
 856
 857
 858
 859 /*
 860  *  Traverse the user file...
 861  */
 862 void ForEachUser(void (*CallBack)(struct usersupp *EachUser)) {
 863         struct usersupp usbuf;
 864         struct cdbdata *cdbus;
 865
 866         cdb_rewind(CDB_USERSUPP);
 867
 868         while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 869                 bzero(&usbuf, sizeof(struct usersupp));
 870                 memcpy(&usbuf, cdbus->ptr,
 871                         ( (cdbus->len > sizeof(struct usersupp)) ?
 872                         sizeof(struct usersupp) : cdbus->len) );
 873                 cdb_free(cdbus);
 874                 (*CallBack)(&usbuf);
 875                 }
 876         }
 877
 878
 879 /*
 880  * List one user (this works with cmd_list)
 881  */
 882 void ListThisUser(struct usersupp *usbuf) {
 883         if (usbuf->axlevel > 0) {
 884                 if ((CC->usersupp.axlevel>=6)
 885                    ||((usbuf->flags&US_UNLISTED)==0)
 886                    ||((CC->internal_pgm))) {
 887                         cprintf("%s|%d|%ld|%ld|%d|%d|",
 888                                 usbuf->fullname,
 889                                 usbuf->axlevel,
 890                                 usbuf->usernum,
 891                                 usbuf->lastcall,
 892                                 usbuf->timescalled,
 893                                 usbuf->posted);
 894                         if (CC->usersupp.axlevel >= 6)
 895                                 cprintf("%s",usbuf->password);
 896                         cprintf("\n");
 897                         }
 898                 }
 899         }
 900
 901 /*
 902  *  List users
 903  */
 904 void cmd_list(void) {
 905         cprintf("%d \n",LISTING_FOLLOWS);
 906         ForEachUser(ListThisUser);
 907         cprintf("000\n");
 908         }
 909
 910
 911 /*
 912  * enter registration info
 913  */
 914 void cmd_regi(void) {
 915         int a,b,c;
 916         char buf[256];
 917
 918         char tmpname[256];
 919         char tmpaddr[256];
 920         char tmpcity[256];
 921         char tmpstate[256];
 922         char tmpzip[256];
 923         char tmpphone[256];
 924         char tmpemail[256];
 925
 926         if (!(CC->logged_in)) {
 927                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 928                 return;
 929                 }
 930
 931         strcpy(tmpname,"");
 932         strcpy(tmpaddr,"");
 933         strcpy(tmpcity,"");
 934         strcpy(tmpstate,"");
 935         strcpy(tmpzip,"");
 936         strcpy(tmpphone,"");
 937         strcpy(tmpemail,"");
 938
 939         cprintf("%d Send registration...\n",SEND_LISTING);
 940         a=0;
 941         while (client_gets(buf), strcmp(buf,"000")) {
 942                 if (a==0) strcpy(tmpname,buf);
 943                 if (a==1) strcpy(tmpaddr,buf);
 944                 if (a==2) strcpy(tmpcity,buf);
 945                 if (a==3) strcpy(tmpstate,buf);
 946                 if (a==4) {
 947                         for (c=0; c<strlen(buf); ++c) {
 948                                 if ((buf[c]>='0')&&(buf[c]<='9')) {
 949                                         b=strlen(tmpzip);
 950                                         tmpzip[b]=buf[c];
 951                                         tmpzip[b+1]=0;
 952                                         }
 953                                 }
 954                         }
 955                 if (a==5) {
 956                         for (c=0; c<strlen(buf); ++c) {
 957                                 if ((buf[c]>='0')&&(buf[c]<='9')) {
 958                                         b=strlen(tmpphone);
 959                                         tmpphone[b]=buf[c];
 960                                         tmpphone[b+1]=0;
 961                                         }
 962                                 }
 963                         }
 964                 if (a==6) strncpy(tmpemail,buf,31);
 965                 ++a;
 966                 }
 967
 968         tmpname[29]=0;
 969         tmpaddr[24]=0;
 970         tmpcity[14]=0;
 971         tmpstate[2]=0;
 972         tmpzip[9]=0;
 973         tmpphone[10]=0;
 974         tmpemail[31]=0;
 975
 976         lgetuser(&CC->usersupp,CC->curr_user);
 977         strcpy(CC->usersupp.USname,tmpname);
 978         strcpy(CC->usersupp.USaddr,tmpaddr);
 979         strcpy(CC->usersupp.UScity,tmpcity);
 980         strcpy(CC->usersupp.USstate,tmpstate);
 981         strcpy(CC->usersupp.USzip,tmpzip);
 982         strcpy(CC->usersupp.USphone,tmpphone);
 983         strcpy(CC->usersupp.USemail,tmpemail);
 984         CC->usersupp.flags=(CC->usersupp.flags|US_REGIS|US_NEEDVALID);
 985         lputuser(&CC->usersupp,CC->curr_user);
 986
 987         /* set global flag calling for validation */
 988         begin_critical_section(S_CONTROL);
 989         get_control();
 990         CitControl.MMflags = CitControl.MMflags | MM_VALID ;
 991         put_control();
 992         end_critical_section(S_CONTROL);
 993         cprintf("%d *** End of registration.\n",OK);
 994         }
 995
 996
 997 /*
 998  * assorted info we need to check at login
 999  */
1000 void cmd_chek(void) {
1001         int mail = 0;
1002         int regis = 0;
1003         int vali = 0;
1004         int a;
1005         struct cdbdata *cdbmb;
1006         long *mailbox;
1007         int num_mails;
1008
1009
1010         if (!(CC->logged_in)) {
1011                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
1012                 return;
1013                 }
1014
1015         getuser(&CC->usersupp,CC->curr_user); /* no lock is needed here */
1016         if ((REGISCALL!=0)&&((CC->usersupp.flags&US_REGIS)==0)) regis = 1;
1017
1018         if (CC->usersupp.axlevel >= 6) {
1019                 get_control();
1020                 if (CitControl.MMflags&MM_VALID) vali = 1;
1021                 }
1022
1023
1024         /* check for mail */
1025         mail = 0;
1026         cdbmb = cdb_fetch(CDB_MAILBOXES, &CC->usersupp.usernum, sizeof(long));
1027         if (cdbmb != NULL) {
1028                 num_mails = cdbmb->len / sizeof(long);
1029                 mailbox = (long *) cdbmb->ptr;
1030                 if (num_mails > 0) for (a=0; a<num_mails; ++a) {
1031                         if (mailbox[a] > (CC->usersupp.lastseen[1])) ++mail;
1032                         }
1033                 cdb_free(cdbmb);
1034                 }
1035
1036
1037         cprintf("%d %d|%d|%d\n",OK,mail,regis,vali);
1038         }
1039
1040
1041 /*
1042  * check to see if a user exists
1043  */
1044 void cmd_qusr(char *who)
1045 {
1046         struct usersupp usbuf;
1047
1048         if (getuser(&usbuf,who) == 0) {
1049                 cprintf("%d %s\n",OK,usbuf.fullname);
1050                 }
1051         else {
1052                 cprintf("%d No such user.\n",ERROR+NO_SUCH_USER);
1053                 }
1054         }
1055
1056
1057 /*
1058  * enter user bio
1059  */
1060 void cmd_ebio(void) {
1061         char buf[256];
1062         FILE *fp;
1063
1064         if (!(CC->logged_in)) {
1065                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
1066                 return;
1067                 }
1068
1069         sprintf(buf,"./bio/%ld",CC->usersupp.usernum);
1070         fp = fopen(buf,"w");
1071         if (fp == NULL) {
1072                 cprintf("%d Cannot create file\n",ERROR);
1073                 return;
1074                 }
1075         cprintf("%d  \n",SEND_LISTING);
1076         while(client_gets(buf), strcmp(buf,"000")) {
1077                 fprintf(fp,"%s\n",buf);
1078                 }
1079         fclose(fp);
1080         }
1081
1082 /*
1083  * read user bio
1084  */
1085 void cmd_rbio(char *cmdbuf)
1086 {
1087         struct usersupp ruser;
1088         char buf[256];
1089         FILE *fp;
1090
1091         extract(buf,cmdbuf,0);
1092         if (getuser(&ruser,buf)!=0) {
1093                 cprintf("%d No such user.\n",ERROR+NO_SUCH_USER);
1094                 return;
1095                 }
1096         sprintf(buf,"./bio/%ld",ruser.usernum);
1097
1098         fp = fopen(buf,"r");
1099         if (fp == NULL) {
1100                 cprintf("%d %s has no bio on file.\n",
1101                         ERROR+FILE_NOT_FOUND,ruser.fullname);
1102                 return;
1103                 }
1104         cprintf("%d  \n",LISTING_FOLLOWS);
1105         while (fgets(buf,256,fp)!=NULL) cprintf("%s",buf);
1106         fclose(fp);
1107         cprintf("000\n");
1108         }
1109
1110 /*
1111  * list of users who have entered bios
1112  */
1113 void cmd_lbio(void) {
1114         char buf[256];
1115         FILE *ls;
1116         struct usersupp usbuf;
1117
1118         ls=popen("cd ./bio; ls","r");
1119         if (ls==NULL) {
1120                 cprintf("%d Cannot open listing.\n",ERROR+FILE_NOT_FOUND);
1121                 return;
1122                 }
1123
1124         cprintf("%d\n",LISTING_FOLLOWS);
1125         while (fgets(buf,255,ls)!=NULL)
1126                 if (getuserbynumber(&usbuf,atol(buf))==0)
1127                         cprintf("%s\n",usbuf.fullname);
1128         pclose(ls);
1129         cprintf("000\n");
1130         }
1131
1132
1133 /*
1134  * Administrative Get User Parameters
1135  */
1136 void cmd_agup(char *cmdbuf) {
1137         struct usersupp usbuf;
1138         char requested_user[256];
1139
1140         if ( (CC->internal_pgm==0)
1141            && ( (CC->logged_in == 0) || (is_aide()==0) ) ) {
1142                 cprintf("%d Higher access required.\n",
1143                         ERROR + HIGHER_ACCESS_REQUIRED);
1144                 return;
1145                 }
1146
1147         extract(requested_user, cmdbuf, 0);
1148         if (getuser(&usbuf, requested_user) != 0) {
1149                 cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
1150                 return;
1151                 }
1152
1153         cprintf("%d %s|%s|%u|%d|%d|%d|%ld\n",
1154                 OK,
1155                 usbuf.fullname,
1156                 usbuf.password,
1157                 usbuf.flags,
1158                 usbuf.timescalled,
1159                 usbuf.posted,
1160                 (int)usbuf.axlevel,
1161                 usbuf.usernum);
1162
1163         }
1164
1165
1166
1167 /*
1168  * Administrative Set User Parameters
1169  */
1170 void cmd_asup(char *cmdbuf) {
1171         struct usersupp usbuf;
1172         char requested_user[256];
1173         int np;
1174         int newax;
1175
1176         if ( (CC->internal_pgm==0)
1177            && ( (CC->logged_in == 0) || (is_aide()==0) ) ) {
1178                 cprintf("%d Higher access required.\n",
1179                         ERROR + HIGHER_ACCESS_REQUIRED);
1180                 return;
1181                 }
1182
1183         extract(requested_user, cmdbuf, 0);
1184         if (lgetuser(&usbuf, requested_user) != 0) {
1185                 cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
1186                 return;
1187                 }
1188
1189         np = num_parms(cmdbuf);
1190         if (np > 1) extract(usbuf.password, cmdbuf, 1);
1191         if (np > 2) usbuf.flags = extract_int(cmdbuf, 2);
1192         if (np > 3) usbuf.timescalled = extract_int(cmdbuf, 3);
1193         if (np > 4) usbuf.posted = extract_int(cmdbuf, 4);
1194         if (np > 5) {
1195                 newax = extract_int(cmdbuf, 5);
1196                 if ((newax >=0) && (newax <= 6)) {
1197                         usbuf.axlevel = extract_int(cmdbuf, 5);
1198                         }
1199                 }
1200
1201         lputuser(&usbuf, requested_user);
1202         if (usbuf.axlevel == 0) {
1203                 if (purge_user(requested_user)==0) {
1204                         cprintf("%d %s deleted.\n", OK, requested_user);
1205                         }
1206                 }
1207         cprintf("%d Ok\n", OK);
1208         }