citadel/user_ops.c

   1 /* needed to properly enable crypt() stuff on some systems */
   2 #define _XOPEN_SOURCE
   3 /* needed for str[n]casecmp() on some systems if the above is defined */
   4 #define _XOPEN_SOURCE_EXTENDED
   5
   6 #include <stdlib.h>
   7 #include <unistd.h>
   8 #include <stdio.h>
   9 #include <fcntl.h>
  10 #include <signal.h>
  11 #include <pwd.h>
  12 #include <sys/types.h>
  13 #include <sys/time.h>
  14 #include <string.h>
  15 #include <syslog.h>
  16 #include <pthread.h>
  17 #include "citadel.h"
  18 #include "server.h"
  19 #include "database.h"
  20 #include "user_ops.h"
  21 #include "sysdep_decls.h"
  22 #include "support.h"
  23 #include "room_ops.h"
  24 #include "logging.h"
  25 #include "file_ops.h"
  26 #include "control.h"
  27 #include "msgbase.h"
  28 #include "config.h"
  29 #include "dynloader.h"
  30
  31
  32 /*
  33  * getuser()  -  retrieve named user into supplied buffer.
  34  *               returns 0 on success
  35  */
  36 int getuser(struct usersupp *usbuf, char name[]) {
  37
  38         char lowercase_name[32];
  39         int a;
  40         struct cdbdata *cdbus;
  41
  42         bzero(usbuf, sizeof(struct usersupp));
  43         for (a=0; a<=strlen(name); ++a) {
  44                 lowercase_name[a] = tolower(name[a]);
  45                 }
  46
  47         cdbus = cdb_fetch(CDB_USERSUPP, lowercase_name, strlen(lowercase_name));
  48         if (cdbus == NULL) {
  49                 return(1);      /* user not found */
  50                 }
  51
  52         memcpy(usbuf, cdbus->ptr,
  53                 ( (cdbus->len > sizeof(struct usersupp)) ?
  54                 sizeof(struct usersupp) : cdbus->len) );
  55         cdb_free(cdbus);
  56         return(0);
  57         }
  58
  59
  60 /*
  61  * lgetuser()  -  same as getuser() but locks the record
  62  */
  63 int lgetuser(struct usersupp *usbuf, char *name)
  64 {
  65         int retcode;
  66
  67         retcode = getuser(usbuf,name);
  68         if (retcode == 0) {
  69                 begin_critical_section(S_USERSUPP);
  70                 }
  71         return(retcode);
  72         }
  73
  74
  75 /*
  76  * putuser()  -  write user buffer into the correct place on disk
  77  */
  78 void putuser(struct usersupp *usbuf, char *name)
  79 {
  80         char lowercase_name[32];
  81         int a;
  82
  83         for (a=0; a<=strlen(name); ++a) {
  84                 lowercase_name[a] = tolower(name[a]);
  85                 }
  86
  87         cdb_store(CDB_USERSUPP,
  88                 lowercase_name, strlen(lowercase_name),
  89                 usbuf, sizeof(struct usersupp));
  90
  91         }
  92
  93
  94 /*
  95  * lputuser()  -  same as putuser() but locks the record
  96  */
  97 void lputuser(struct usersupp *usbuf, char *name) {
  98         putuser(usbuf,name);
  99         end_critical_section(S_USERSUPP);
 100         }
 101
 102
 103 /*
 104  * Define a relationship between a user and a room
 105  */
 106 void CtdlSetRelationship(struct visit *newvisit,
 107                         struct usersupp *rel_user,
 108                         struct quickroom *rel_room) {
 109
 110         struct cdbdata *cdbvisit;
 111         struct visit *visits;
 112         int num_visits;
 113         int a;
 114         int replaced = 0;
 115
 116         cdbvisit = cdb_fetch(CDB_VISIT, &rel_user->usernum, sizeof(long));
 117         if (cdbvisit != NULL) {
 118                 num_visits = cdbvisit->len / sizeof(struct visit);
 119                 visits = (struct visit *)
 120                         malloc(num_visits * sizeof(struct visit));
 121                 memcpy(visits, cdbvisit->ptr,
 122                         (num_visits * sizeof(struct visit)));
 123                 cdb_free(cdbvisit);
 124                 }
 125         else {
 126                 num_visits = 0;
 127                 visits = NULL;
 128                 }
 129
 130         /* Replace an existing relationship if possible */
 131         if (num_visits > 0) for (a=0; a<num_visits; ++a) {
 132                 if ( (!strcasecmp(visits[a].v_roomname, rel_room->QRname))
 133                    && (visits[a].v_generation == rel_room->QRgen) ) {
 134                         memcpy(&visits[a], newvisit, sizeof(struct visit));
 135                         replaced = 1;
 136                         }
 137                 }
 138
 139         /* Otherwise, define a new one */
 140         if (replaced == 0) {
 141                 ++num_visits;
 142                 visits = realloc(visits,
 143                         (num_visits * sizeof(struct visit)));
 144                 memcpy(&visits[num_visits-1], newvisit, sizeof(struct visit));
 145                 }
 146
 147         /* Now write the relationship back to disk */
 148         cdb_store(CDB_VISIT,
 149                 &rel_user->usernum, sizeof(long),
 150                 visits,
 151                 (num_visits * sizeof(struct visit)));
 152         free(visits);
 153         }
 154
 155 /*
 156  * Locate a relationship between a user and a room
 157  */
 158 void CtdlGetRelationship(struct visit *vbuf,
 159                         struct usersupp *rel_user,
 160                         struct quickroom *rel_room) {
 161
 162         struct cdbdata *cdbvisit;
 163         struct visit *visits;
 164         int num_visits = 0;
 165         int a;
 166
 167         bzero(vbuf, sizeof(struct visit));
 168         strcpy(vbuf->v_roomname, rel_room->QRname);
 169         vbuf->v_generation = rel_room->QRgen;
 170
 171         cdbvisit = cdb_fetch(CDB_VISIT, &rel_user->usernum, sizeof(long));
 172         if (cdbvisit != NULL) {
 173                 num_visits = cdbvisit->len / sizeof(struct visit);
 174                 visits = (struct visit *)
 175                         malloc(num_visits * sizeof(struct visit));
 176                 memcpy(visits, cdbvisit->ptr,
 177                         (num_visits * sizeof(struct visit)));
 178                 cdb_free(cdbvisit);
 179                 }
 180
 181         if (num_visits == 0) return;
 182
 183         for (a=0; a<num_visits; ++a) {
 184
 185                 lprintf(9, "Visit: %20s %15ld %4ld %4d\n",
 186                         visits[a].v_roomname,
 187                         visits[a].v_generation,
 188                         visits[a].v_lastseen,
 189                         visits[a].v_flags);
 190
 191                 if ( (!strcasecmp(visits[a].v_roomname, rel_room->QRname))
 192                    && (visits[a].v_generation == rel_room->QRgen) ) {
 193                         memcpy(vbuf, &visits[a], sizeof(struct visit));
 194                         }
 195                 }
 196
 197         free(visits);
 198         }
 199
 200
 201 /*
 202  * Is the user currently logged in an Aide?
 203  */
 204 int is_aide(void) {
 205         if (CC->usersupp.axlevel >= 6) return(1);
 206         else return(0);
 207         }
 208
 209
 210 /*
 211  * Is the user currently logged in an Aide *or* the room aide for this room?
 212  */
 213 int is_room_aide(void) {
 214         if ( (CC->usersupp.axlevel >= 6)
 215            || (CC->quickroom.QRroomaide == CC->usersupp.usernum) ) {
 216                 return(1);
 217                 }
 218         else {
 219                 return(0);
 220                 }
 221         }
 222
 223 /*
 224  * getuserbynumber()  -  get user by number
 225  *                       returns 0 if user was found
 226  */
 227 int getuserbynumber(struct usersupp *usbuf, long int number)
 228 {
 229         struct cdbdata *cdbus;
 230
 231         cdb_rewind(CDB_USERSUPP);
 232
 233         while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 234                 bzero(usbuf, sizeof(struct usersupp));
 235                 memcpy(usbuf, cdbus->ptr,
 236                         ( (cdbus->len > sizeof(struct usersupp)) ?
 237                         sizeof(struct usersupp) : cdbus->len) );
 238                 cdb_free(cdbus);
 239                 if (usbuf->usernum == number) {
 240                         return(0);
 241                         }
 242                 }
 243         return(-1);
 244         }
 245
 246
 247 /*
 248  * USER cmd
 249  */
 250 void cmd_user(char *cmdbuf)
 251 {
 252         char username[256];
 253         char autoname[256];
 254         int found_user = 0;
 255         struct passwd *p;
 256         int a;
 257
 258         extract(username,cmdbuf,0);
 259         username[25] = 0;
 260         strproc(username);
 261
 262         if ((CC->logged_in)) {
 263                 cprintf("%d Already logged in.\n",ERROR);
 264                 return;
 265                 }
 266
 267         found_user = getuser(&CC->usersupp,username);
 268         if (found_user != 0) {
 269                 p = (struct passwd *)getpwnam(username);
 270                 if (p!=NULL) {
 271                         strcpy(autoname,p->pw_gecos);
 272                         for (a=0; a<strlen(autoname); ++a)
 273                                 if (autoname[a]==',') autoname[a]=0;
 274                         found_user = getuser(&CC->usersupp,autoname);
 275                         }
 276                 }
 277         if (found_user == 0) {
 278                 if (((CC->nologin)) && (CC->usersupp.axlevel < 6)) {
 279                         cprintf("%d %s: Too many users are already online (maximum is %d)\n",
 280                         ERROR+MAX_SESSIONS_EXCEEDED,
 281                         config.c_nodename,config.c_maxsessions);
 282                         }
 283                 else {
 284                         strcpy(CC->curr_user,CC->usersupp.fullname);
 285                         cprintf("%d Password required for %s\n",
 286                                 MORE_DATA,CC->curr_user);
 287                         }
 288                 }
 289         else {
 290                 cprintf("%d %s not found.\n",ERROR,username);
 291                 }
 292         }
 293
 294
 295
 296 /*
 297  * session startup code which is common to both cmd_pass() and cmd_newu()
 298  */
 299 void session_startup(void) {
 300         int a;
 301         struct quickroom qr;
 302
 303         syslog(LOG_NOTICE,"user <%s> logged in",CC->curr_user);
 304
 305         lgetuser(&CC->usersupp,CC->curr_user);
 306         ++(CC->usersupp.timescalled);
 307         CC->fake_username[0] = '\0';
 308         CC->fake_postname[0] = '\0';
 309         CC->fake_hostname[0] = '\0';
 310         CC->fake_roomname[0] = '\0';
 311         CC->last_pager[0] = '\0';
 312         time(&CC->usersupp.lastcall);
 313
 314         /* If this user's name is the name of the system administrator
 315          * (as specified in setup), automatically assign access level 6.
 316          */
 317         if (!strcasecmp(CC->usersupp.fullname, config.c_sysadm)) {
 318                 CC->usersupp.axlevel = 6;
 319                 }
 320
 321 /* A room's generation number changes each time it is recycled. Users are kept
 322  * out of private rooms or forget rooms by matching the generation numbers. To
 323  * avoid an accidental matchup, unmatched numbers are set to -1 here.
 324  *
 325  * FIX - This can get removed once the new relationships system is in place.
 326  *
 327  */
 328         for (a=0; a<MAXROOMS; ++a) {
 329                 getroom(&qr,a);
 330                 if (CC->usersupp.generation[a] != qr.QRgen)
 331                                         CC->usersupp.generation[a]=(-1);
 332                 if (CC->usersupp.forget[a] != qr.QRgen)
 333                                         CC->usersupp.forget[a]=(-1);
 334                 }
 335
 336         lputuser(&CC->usersupp,CC->curr_user);
 337
 338         /* Run any cleanup routines registered by loadable modules */
 339         PerformSessionHooks(EVT_LOGIN);
 340
 341         cprintf("%d %s|%d|%d|%d|%u|%ld\n",OK,CC->usersupp.fullname,CC->usersupp.axlevel,
 342                 CC->usersupp.timescalled,CC->usersupp.posted,CC->usersupp.flags,
 343                 CC->usersupp.usernum);
 344         usergoto(0,0);          /* Enter the lobby */
 345         rec_log(CL_LOGIN,CC->curr_user);
 346         }
 347
 348
 349 /*
 350  * misc things to be taken care of when a user is logged out
 351  */
 352 void logout(struct CitContext *who)
 353 {
 354         who->logged_in = 0;
 355         if (who->download_fp != NULL) {
 356                 fclose(who->download_fp);
 357                 who->download_fp = NULL;
 358                 }
 359         if (who->upload_fp != NULL) {
 360                 abort_upl(who);
 361                 }
 362
 363         /* Do modular stuff... */
 364         PerformSessionHooks(EVT_LOGOUT);
 365         }
 366
 367
 368 void cmd_pass(char *buf)
 369 {
 370         char password[256];
 371         int code;
 372         struct passwd *p;
 373
 374         extract(password,buf,0);
 375
 376         if ((CC->logged_in)) {
 377                 cprintf("%d Already logged in.\n",ERROR);
 378                 return;
 379                 }
 380         if (!strcmp(CC->curr_user,"")) {
 381                 cprintf("%d You must send a name with USER first.\n",ERROR);
 382                 return;
 383                 }
 384         if (getuser(&CC->usersupp,CC->curr_user)) {
 385                 cprintf("%d Can't find user record!\n",ERROR+INTERNAL_ERROR);
 386                 return;
 387                 }
 388
 389         code = (-1);
 390         if (CC->usersupp.USuid == BBSUID) {
 391                 strproc(password);
 392                 strproc(CC->usersupp.password);
 393                 code = strcasecmp(CC->usersupp.password,password);
 394                 }
 395         else {
 396                 p = (struct passwd *)getpwuid(CC->usersupp.USuid);
 397 #ifdef ENABLE_AUTOLOGIN
 398                 if (p!=NULL) {
 399                         if (!strcmp(p->pw_passwd,
 400                            (char *)crypt(password,p->pw_passwd))) {
 401                                 code = 0;
 402                                 lgetuser(&CC->usersupp, CC->curr_user);
 403                                 strcpy(CC->usersupp.password, password);
 404                                 lputuser(&CC->usersupp, CC->curr_user);
 405                                 }
 406                         }
 407 #endif
 408                 }
 409
 410         if (!code) {
 411                 (CC->logged_in) = 1;
 412                 session_startup();
 413                 }
 414         else {
 415                 cprintf("%d Wrong password.\n",ERROR);
 416                 rec_log(CL_BADPW,CC->curr_user);
 417                 }
 418         }
 419
 420
 421 /*
 422  * Delete a user record *and* all of its related resources.
 423  */
 424 int purge_user(char *pname) {
 425         char filename[64];
 426         struct usersupp usbuf;
 427         int a;
 428         struct cdbdata *cdbmb;
 429         long *mailbox;
 430         int num_mails;
 431
 432         if (getuser(&usbuf, pname) != 0) {
 433                 lprintf(5, "Cannot purge user <%s> - not found\n", pname);
 434                 return(ERROR+NO_SUCH_USER);
 435                 }
 436
 437         /* FIX   Don't delete a user who is currently logged in. */
 438
 439         /* Perform any purge functions registered by server extensions */
 440         PerformUserHooks(usbuf.fullname, usbuf.usernum, EVT_PURGEUSER);
 441
 442         /* delete any messages in the user's mailbox */
 443         cdbmb = cdb_fetch(CDB_MAILBOXES, &usbuf.usernum, sizeof(long));
 444         if (cdbmb != NULL) {
 445                 num_mails = cdbmb->len / sizeof(long);
 446                 mailbox = (long *) cdbmb->ptr;
 447                 if (num_mails > 0) for (a=0; a<num_mails; ++a) {
 448                         cdb_delete(CDB_MSGMAIN, &mailbox[a], sizeof(long));
 449                         }
 450                 cdb_free(cdbmb);
 451                 /* now delete the mailbox itself */
 452                 cdb_delete(CDB_MAILBOXES, &usbuf.usernum, sizeof(long));
 453                 }
 454
 455         /* delete any existing user/room relationships */
 456         cdb_delete(CDB_VISIT, &usbuf.usernum, sizeof(long));
 457
 458         /* delete the userlog entry */
 459         cdb_delete(CDB_USERSUPP, pname, strlen(pname));
 460
 461         /* remove the user's bio file */
 462         sprintf(filename, "./bio/%ld", usbuf.usernum);
 463         unlink(filename);
 464
 465         /* remove the user's picture */
 466         sprintf(filename, "./userpics/%ld.gif", usbuf.usernum);
 467         unlink(filename);
 468
 469         return(0);
 470         }
 471
 472
 473 /*
 474  * create_user()  -  back end processing to create a new user
 475  */
 476 int create_user(char *newusername)
 477 {
 478         struct usersupp usbuf;
 479         int a;
 480         struct passwd *p = NULL;
 481         char username[64];
 482
 483         strcpy(username, newusername);
 484         strproc(username);
 485
 486 #ifdef ENABLE_AUTOLOGIN
 487         p = (struct passwd *)getpwnam(username);
 488 #endif
 489         if (p != NULL) {
 490                 strcpy(username, p->pw_gecos);
 491                 for (a=0; a<strlen(username); ++a) {
 492                         if (username[a] == ',') username[a] = 0;
 493                         }
 494                 CC->usersupp.USuid = p->pw_uid;
 495                 }
 496         else {
 497                 CC->usersupp.USuid = BBSUID;
 498                 }
 499
 500         if (!getuser(&usbuf,username)) {
 501                 return(ERROR+ALREADY_EXISTS);
 502                 }
 503
 504         strcpy(CC->curr_user,username);
 505         strcpy(CC->usersupp.fullname,username);
 506         (CC->logged_in) = 1;
 507
 508         for (a=0; a<MAXROOMS; ++a) {
 509                 CC->usersupp.lastseen[a]=0L;
 510                 CC->usersupp.generation[a]=(-1);
 511                 CC->usersupp.forget[a]=(-1);
 512                 }
 513         strcpy(CC->usersupp.password,"");
 514
 515         /* These are the default flags on new accounts */
 516         CC->usersupp.flags =
 517                 US_NEEDVALID|US_LASTOLD|US_DISAPPEAR|US_PAGINATOR|US_FLOORS;
 518
 519         CC->usersupp.timescalled = 0;
 520         CC->usersupp.posted = 0;
 521         CC->usersupp.axlevel = config.c_initax;
 522         CC->usersupp.USscreenwidth = 80;
 523         CC->usersupp.USscreenheight = 24;
 524         time(&CC->usersupp.lastcall);
 525         strcpy(CC->usersupp.USname, "");
 526         strcpy(CC->usersupp.USaddr, "");
 527         strcpy(CC->usersupp.UScity, "");
 528         strcpy(CC->usersupp.USstate, "");
 529         strcpy(CC->usersupp.USzip, "");
 530         strcpy(CC->usersupp.USphone, "");
 531
 532         /* fetch a new user number */
 533         CC->usersupp.usernum = get_new_user_number();
 534
 535         if (CC->usersupp.usernum == 1L) {
 536                 CC->usersupp.axlevel = 6;
 537                 }
 538
 539         /* add user to userlog */
 540         putuser(&CC->usersupp,CC->curr_user);
 541         if (getuser(&CC->usersupp,CC->curr_user)) {
 542                 return(ERROR+INTERNAL_ERROR);
 543                 }
 544         rec_log(CL_NEWUSER,CC->curr_user);
 545         return(0);
 546         }
 547
 548
 549
 550
 551 /*
 552  * cmd_newu()  -  create a new user account
 553  */
 554 void cmd_newu(char *cmdbuf)
 555 {
 556         int a;
 557         char username[256];
 558
 559         if ((CC->logged_in)) {
 560                 cprintf("%d Already logged in.\n",ERROR);
 561                 return;
 562                 }
 563
 564         if ((CC->nologin)) {
 565                 cprintf("%d %s: Too many users are already online (maximum is %d)\n",
 566                 ERROR+MAX_SESSIONS_EXCEEDED,
 567                 config.c_nodename,config.c_maxsessions);
 568                 }
 569
 570         extract(username,cmdbuf,0);
 571         username[25] = 0;
 572         strproc(username);
 573
 574         if (strlen(username)==0) {
 575                 cprintf("%d You must supply a user name.\n",ERROR);
 576                 return;
 577                 }
 578
 579         a = create_user(username);
 580         if ((!strcasecmp(username, "bbs")) ||
 581             (!strcasecmp(username, "new")) ||
 582             (!strcasecmp(username, ".")))
 583         {
 584            cprintf("%d '%s' is an invalid login name.\n", ERROR);
 585            return;
 586         }
 587         if (a==ERROR+ALREADY_EXISTS) {
 588                 cprintf("%d '%s' already exists.\n",
 589                         ERROR+ALREADY_EXISTS,username);
 590                 return;
 591                 }
 592         else if (a==ERROR+INTERNAL_ERROR) {
 593                 cprintf("%d Internal error - user record disappeared?\n",
 594                         ERROR+INTERNAL_ERROR);
 595                 return;
 596                 }
 597         else if (a==0) {
 598                 session_startup();
 599                 }
 600         else {
 601                 cprintf("%d unknown error\n",ERROR);
 602                 }
 603         rec_log(CL_NEWUSER,CC->curr_user);
 604         }
 605
 606
 607
 608 /*
 609  * set password
 610  */
 611 void cmd_setp(char *new_pw)
 612 {
 613         if (!(CC->logged_in)) {
 614                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 615                 return;
 616                 }
 617         if (CC->usersupp.USuid != BBSUID) {
 618                 cprintf("%d Not allowed.  Use the 'passwd' command.\n",ERROR);
 619                 return;
 620                 }
 621         strproc(new_pw);
 622         if (strlen(new_pw)==0) {
 623                 cprintf("%d Password unchanged.\n",OK);
 624                 return;
 625                 }
 626         lgetuser(&CC->usersupp,CC->curr_user);
 627         strcpy(CC->usersupp.password,new_pw);
 628         lputuser(&CC->usersupp,CC->curr_user);
 629         cprintf("%d Password changed.\n",OK);
 630         rec_log(CL_PWCHANGE,CC->curr_user);
 631         PerformSessionHooks(EVT_SETPASS);
 632         }
 633
 634 /*
 635  * get user parameters
 636  */
 637 void cmd_getu(void) {
 638         if (!(CC->logged_in)) {
 639                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 640                 return;
 641                 }
 642         getuser(&CC->usersupp,CC->curr_user);
 643         cprintf("%d %d|%d|%d\n",
 644                 OK,
 645                 CC->usersupp.USscreenwidth,
 646                 CC->usersupp.USscreenheight,
 647                 (CC->usersupp.flags & US_USER_SET)
 648                 );
 649         }
 650
 651 /*
 652  * set user parameters
 653  */
 654 void cmd_setu(char *new_parms)
 655 {
 656
 657         if (num_parms(new_parms)!=3) {
 658                 cprintf("%d Usage error.\n",ERROR);
 659                 return;
 660                 }
 661         if (!(CC->logged_in)) {
 662                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 663                 return;
 664                 }
 665         lgetuser(&CC->usersupp,CC->curr_user);
 666         CC->usersupp.USscreenwidth = extract_int(new_parms,0);
 667         CC->usersupp.USscreenheight = extract_int(new_parms,1);
 668         CC->usersupp.flags = CC->usersupp.flags & (~US_USER_SET);
 669         CC->usersupp.flags = CC->usersupp.flags |
 670                 (extract_int(new_parms,2) & US_USER_SET);
 671         lputuser(&CC->usersupp,CC->curr_user);
 672         cprintf("%d Ok\n",OK);
 673         }
 674
 675 /*
 676  * set last read pointer
 677  */
 678 void cmd_slrp(char *new_ptr)
 679 {
 680         long newlr;
 681         struct visit vbuf;
 682
 683         if (!(CC->logged_in)) {
 684                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 685                 return;
 686                 }
 687
 688         if (CC->curr_rm < 0) {
 689                 cprintf("%d No current room.\n",ERROR);
 690                 return;
 691                 }
 692
 693         if (!strncasecmp(new_ptr,"highest",7)) {
 694                 newlr = CC->quickroom.QRhighest;
 695 /* FIX ... if the current room is 1 (Mail), newlr needs to be set to the
 696  * number of the highest mail message
 697  */
 698                 }
 699         else {
 700                 newlr = atol(new_ptr);
 701                 }
 702
 703         lgetuser(&CC->usersupp, CC->curr_user);
 704
 705         /* old method - remove */
 706         CC->usersupp.lastseen[CC->curr_rm] = newlr;
 707
 708         /* new method */
 709         CtdlGetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
 710         vbuf.v_lastseen = newlr;
 711         CtdlSetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
 712
 713         lputuser(&CC->usersupp, CC->curr_user);
 714         cprintf("%d %ld\n",OK,newlr);
 715         }
 716
 717
 718 /*
 719  * INVT and KICK commands
 720  */
 721 void cmd_invt_kick(char *iuser, int op)
 722                         /* user name */
 723         {               /* 1 = invite, 0 = kick out */
 724         struct usersupp USscratch;
 725         char bbb[256];
 726         struct visit vbuf;
 727
 728         if (!(CC->logged_in)) {
 729                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 730                 return;
 731                 }
 732
 733         if (CC->curr_rm < 0) {
 734                 cprintf("%d No current room.\n",ERROR);
 735                 return;
 736                 }
 737
 738         if (is_room_aide()==0) {
 739                 cprintf("%d Higher access required.\n",
 740                         ERROR+HIGHER_ACCESS_REQUIRED);
 741                 return;
 742                 }
 743
 744         /* FIX - with the new relationships scheme we can lock users out,
 745            so it'll make sense to remove this routine */
 746         if ( (op==1) && ((CC->quickroom.QRflags&QR_PRIVATE)==0) ) {
 747                 cprintf("%d Not a private room.\n",ERROR+NOT_HERE);
 748                 return;
 749                 }
 750
 751         if (lgetuser(&USscratch,iuser)!=0) {
 752                 cprintf("%d No such user.\n",ERROR);
 753                 return;
 754                 }
 755
 756         CtdlGetRelationship(&vbuf, &USscratch, &CC->quickroom);
 757
 758         if (op==1) {
 759                 /* old method -- FIX remove this when we're ready */
 760                 USscratch.generation[CC->curr_rm]=CC->quickroom.QRgen;
 761                 USscratch.forget[CC->curr_rm]=(-1);
 762
 763                 /* new method */
 764                 vbuf.v_flags = vbuf.v_flags & ~V_FORGET & ~V_LOCKOUT;
 765                 }
 766
 767         if (op==0) {
 768                 /* old method -- FIX remove this when we're ready */
 769                 USscratch.generation[CC->curr_rm]=(-1);
 770                 USscratch.forget[CC->curr_rm]=CC->quickroom.QRgen;
 771
 772                 /* new method */
 773                 vbuf.v_flags = vbuf.v_flags | V_FORGET | V_LOCKOUT;
 774                 }
 775
 776         CtdlSetRelationship(&vbuf, &USscratch, &CC->quickroom);
 777
 778         lputuser(&USscratch,iuser);
 779
 780         /* post a message in Aide> saying what we just did */
 781         sprintf(bbb,"%s %s %s> by %s",
 782                 iuser,
 783                 ((op == 1) ? "invited to" : "kicked out of"),
 784                 CC->quickroom.QRname,
 785                 CC->usersupp.fullname);
 786         aide_message(bbb);
 787
 788         if ((op==0)&&((CC->quickroom.QRflags&QR_PRIVATE)==0)) {
 789                 cprintf("%d Ok. (Not a private room, <Z>ap effect only)\n",OK);
 790                 }
 791         else {
 792                 cprintf("%d Ok.\n",OK);
 793                 }
 794         return;
 795         }
 796
 797
 798 /*
 799  * forget (Zap) the current room
 800  */
 801 void cmd_forg(void) {
 802         struct visit vbuf;
 803
 804         if (!(CC->logged_in)) {
 805                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 806                 return;
 807                 }
 808
 809         if (CC->curr_rm < 0) {
 810                 cprintf("%d No current room.\n",ERROR);
 811                 return;
 812                 }
 813
 814         if (CC->curr_rm < 3) {
 815                 cprintf("%d You cannot forget this room.\n",ERROR+NOT_HERE);
 816                 return;
 817                 }
 818
 819         if (is_aide()) {
 820                 cprintf("%d Aides cannot forget rooms.\n",ERROR);
 821                 return;
 822                 }
 823
 824         lgetuser(&CC->usersupp,CC->curr_user);
 825         CtdlGetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
 826
 827         /* old method -- FIX remove this when we're ready */
 828         CC->usersupp.forget[CC->curr_rm] = CC->quickroom.QRgen;
 829         CC->usersupp.generation[CC->curr_rm] = (-1);
 830
 831         /* new method */
 832         vbuf.v_flags = vbuf.v_flags | V_FORGET;
 833
 834         CtdlSetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
 835         lputuser(&CC->usersupp,CC->curr_user);
 836         cprintf("%d Ok\n",OK);
 837         CC->curr_rm = (-1);
 838         }
 839
 840 /*
 841  * Get Next Unregistered User
 842  */
 843 void cmd_gnur(void) {
 844         struct cdbdata *cdbus;
 845         struct usersupp usbuf;
 846
 847         if (!(CC->logged_in)) {
 848                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 849                 return;
 850                 }
 851
 852         if (CC->usersupp.axlevel < 6) {
 853                 cprintf("%d Higher access required.\n",
 854                         ERROR+HIGHER_ACCESS_REQUIRED);
 855                 return;
 856                 }
 857
 858         if ((CitControl.MMflags&MM_VALID)==0) {
 859                 cprintf("%d There are no unvalidated users.\n",OK);
 860                 return;
 861                 }
 862
 863         /* There are unvalidated users.  Traverse the usersupp database,
 864          * and return the first user we find that needs validation.
 865          */
 866         cdb_rewind(CDB_USERSUPP);
 867         while (cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 868                 bzero(&usbuf, sizeof(struct usersupp));
 869                 memcpy(&usbuf, cdbus->ptr,
 870                         ( (cdbus->len > sizeof(struct usersupp)) ?
 871                         sizeof(struct usersupp) : cdbus->len) );
 872                 cdb_free(cdbus);
 873                 if ((usbuf.flags & US_NEEDVALID)
 874                    &&(usbuf.axlevel > 0)) {
 875                         cprintf("%d %s\n",MORE_DATA,usbuf.fullname);
 876                         return;
 877                         }
 878                 }
 879
 880         /* If we get to this point, there are no more unvalidated users.
 881          * Therefore we clear the "users need validation" flag.
 882          */
 883
 884         begin_critical_section(S_CONTROL);
 885         get_control();
 886         CitControl.MMflags = CitControl.MMflags&(~MM_VALID);
 887         put_control();
 888         end_critical_section(S_CONTROL);
 889         cprintf("%d *** End of registration.\n",OK);
 890
 891
 892         }
 893
 894
 895 /*
 896  * get registration info for a user
 897  */
 898 void cmd_greg(char *who)
 899 {
 900         struct usersupp usbuf;
 901         int a,b;
 902         char pbuf[32];
 903
 904         if (!(CC->logged_in)) {
 905                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 906                 return;
 907                 }
 908
 909         if (!strcasecmp(who,"_SELF_")) strcpy(who,CC->curr_user);
 910
 911         if ((CC->usersupp.axlevel < 6) && (strcasecmp(who,CC->curr_user))) {
 912                 cprintf("%d Higher access required.\n",
 913                         ERROR+HIGHER_ACCESS_REQUIRED);
 914                 return;
 915                 }
 916
 917         if (getuser(&usbuf,who) != 0) {
 918                 cprintf("%d '%s' not found.\n",ERROR+NO_SUCH_USER,who);
 919                 return;
 920                 }
 921
 922         cprintf("%d %s\n",LISTING_FOLLOWS,usbuf.fullname);
 923         cprintf("%ld\n",usbuf.usernum);
 924         cprintf("%s\n",usbuf.password);
 925         cprintf("%s\n",usbuf.USname);
 926         cprintf("%s\n",usbuf.USaddr);
 927         cprintf("%s\n%s\n%s\n",
 928                 usbuf.UScity,usbuf.USstate,usbuf.USzip);
 929         strcpy(pbuf,usbuf.USphone);
 930         usbuf.USphone[0]=0;
 931         for (a=0; a<strlen(pbuf); ++a) {
 932                 if ((pbuf[a]>='0')&&(pbuf[a]<='9')) {
 933                         b=strlen(usbuf.USphone);
 934                         usbuf.USphone[b]=pbuf[a];
 935                         usbuf.USphone[b+1]=0;
 936                         }
 937                 }
 938         while(strlen(usbuf.USphone)<10) {
 939                 strcpy(pbuf,usbuf.USphone);
 940                 strcpy(usbuf.USphone," ");
 941                 strcat(usbuf.USphone,pbuf);
 942                 }
 943
 944         cprintf("(%c%c%c) %c%c%c-%c%c%c%c\n",
 945                 usbuf.USphone[0],usbuf.USphone[1],
 946                 usbuf.USphone[2],usbuf.USphone[3],
 947                 usbuf.USphone[4],usbuf.USphone[5],
 948                 usbuf.USphone[6],usbuf.USphone[7],
 949                 usbuf.USphone[8],usbuf.USphone[9]);
 950
 951         cprintf("%d\n",usbuf.axlevel);
 952         cprintf("%s\n",usbuf.USemail);
 953         cprintf("000\n");
 954         }
 955
 956 /*
 957  * validate a user
 958  */
 959 void cmd_vali(char *v_args)
 960 {
 961         char user[256];
 962         int newax;
 963         struct usersupp userbuf;
 964
 965         extract(user,v_args,0);
 966         newax = extract_int(v_args,1);
 967
 968         if (!(CC->logged_in)) {
 969                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 970                 return;
 971                 }
 972
 973         if (CC->usersupp.axlevel < 6) {
 974                 cprintf("%d Higher access required.\n",
 975                         ERROR+HIGHER_ACCESS_REQUIRED);
 976                 return;
 977                 }
 978
 979         if (lgetuser(&userbuf,user)!=0) {
 980                 cprintf("%d '%s' not found.\n",ERROR+NO_SUCH_USER,user);
 981                 return;
 982                 }
 983
 984         userbuf.axlevel = newax;
 985         userbuf.flags = (userbuf.flags & ~US_NEEDVALID);
 986
 987         lputuser(&userbuf,user);
 988
 989         /* If the access level was set to zero, delete the user */
 990         if (newax == 0) {
 991                 if (purge_user(user)==0) {
 992                         cprintf("%d %s Deleted.\n", OK, userbuf.fullname);
 993                         return;
 994                         }
 995                 }
 996
 997         cprintf("%d ok\n",OK);
 998         }
 999
1000
1001
1002 /*
1003  *  Traverse the user file...
1004  */
1005 void ForEachUser(void (*CallBack)(struct usersupp *EachUser)) {
1006         struct usersupp usbuf;
1007         struct cdbdata *cdbus;
1008
1009         cdb_rewind(CDB_USERSUPP);
1010
1011         while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
1012                 bzero(&usbuf, sizeof(struct usersupp));
1013                 memcpy(&usbuf, cdbus->ptr,
1014                         ( (cdbus->len > sizeof(struct usersupp)) ?
1015                         sizeof(struct usersupp) : cdbus->len) );
1016                 cdb_free(cdbus);
1017                 (*CallBack)(&usbuf);
1018                 }
1019         }
1020
1021
1022 /*
1023  * List one user (this works with cmd_list)
1024  */
1025 void ListThisUser(struct usersupp *usbuf) {
1026         if (usbuf->axlevel > 0) {
1027                 if ((CC->usersupp.axlevel>=6)
1028                    ||((usbuf->flags&US_UNLISTED)==0)
1029                    ||((CC->internal_pgm))) {
1030                         cprintf("%s|%d|%ld|%ld|%d|%d|",
1031                                 usbuf->fullname,
1032                                 usbuf->axlevel,
1033                                 usbuf->usernum,
1034                                 usbuf->lastcall,
1035                                 usbuf->timescalled,
1036                                 usbuf->posted);
1037                         if (CC->usersupp.axlevel >= 6)
1038                                 cprintf("%s",usbuf->password);
1039                         cprintf("\n");
1040                         }
1041                 }
1042         }
1043
1044 /*
1045  *  List users
1046  */
1047 void cmd_list(void) {
1048         cprintf("%d \n",LISTING_FOLLOWS);
1049         ForEachUser(ListThisUser);
1050         cprintf("000\n");
1051         }
1052
1053
1054 /*
1055  * enter registration info
1056  */
1057 void cmd_regi(void) {
1058         int a,b,c;
1059         char buf[256];
1060
1061         char tmpname[256];
1062         char tmpaddr[256];
1063         char tmpcity[256];
1064         char tmpstate[256];
1065         char tmpzip[256];
1066         char tmpphone[256];
1067         char tmpemail[256];
1068
1069         if (!(CC->logged_in)) {
1070                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
1071                 return;
1072                 }
1073
1074         strcpy(tmpname,"");
1075         strcpy(tmpaddr,"");
1076         strcpy(tmpcity,"");
1077         strcpy(tmpstate,"");
1078         strcpy(tmpzip,"");
1079         strcpy(tmpphone,"");
1080         strcpy(tmpemail,"");
1081
1082         cprintf("%d Send registration...\n",SEND_LISTING);
1083         a=0;
1084         while (client_gets(buf), strcmp(buf,"000")) {
1085                 if (a==0) strcpy(tmpname,buf);
1086                 if (a==1) strcpy(tmpaddr,buf);
1087                 if (a==2) strcpy(tmpcity,buf);
1088                 if (a==3) strcpy(tmpstate,buf);
1089                 if (a==4) {
1090                         for (c=0; c<strlen(buf); ++c) {
1091                                 if ((buf[c]>='0')&&(buf[c]<='9')) {
1092                                         b=strlen(tmpzip);
1093                                         tmpzip[b]=buf[c];
1094                                         tmpzip[b+1]=0;
1095                                         }
1096                                 }
1097                         }
1098                 if (a==5) {
1099                         for (c=0; c<strlen(buf); ++c) {
1100                                 if ((buf[c]>='0')&&(buf[c]<='9')) {
1101                                         b=strlen(tmpphone);
1102                                         tmpphone[b]=buf[c];
1103                                         tmpphone[b+1]=0;
1104                                         }
1105                                 }
1106                         }
1107                 if (a==6) strncpy(tmpemail,buf,31);
1108                 ++a;
1109                 }
1110
1111         tmpname[29]=0;
1112         tmpaddr[24]=0;
1113         tmpcity[14]=0;
1114         tmpstate[2]=0;
1115         tmpzip[9]=0;
1116         tmpphone[10]=0;
1117         tmpemail[31]=0;
1118
1119         lgetuser(&CC->usersupp,CC->curr_user);
1120         strcpy(CC->usersupp.USname,tmpname);
1121         strcpy(CC->usersupp.USaddr,tmpaddr);
1122         strcpy(CC->usersupp.UScity,tmpcity);
1123         strcpy(CC->usersupp.USstate,tmpstate);
1124         strcpy(CC->usersupp.USzip,tmpzip);
1125         strcpy(CC->usersupp.USphone,tmpphone);
1126         strcpy(CC->usersupp.USemail,tmpemail);
1127         CC->usersupp.flags=(CC->usersupp.flags|US_REGIS|US_NEEDVALID);
1128         lputuser(&CC->usersupp,CC->curr_user);
1129
1130         /* set global flag calling for validation */
1131         begin_critical_section(S_CONTROL);
1132         get_control();
1133         CitControl.MMflags = CitControl.MMflags | MM_VALID ;
1134         put_control();
1135         end_critical_section(S_CONTROL);
1136         cprintf("%d *** End of registration.\n",OK);
1137         }
1138
1139
1140 /*
1141  * assorted info we need to check at login
1142  */
1143 void cmd_chek(void) {
1144         int mail = 0;
1145         int regis = 0;
1146         int vali = 0;
1147
1148         if (!(CC->logged_in)) {
1149                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
1150                 return;
1151                 }
1152
1153         getuser(&CC->usersupp,CC->curr_user); /* no lock is needed here */
1154         if ((REGISCALL!=0)&&((CC->usersupp.flags&US_REGIS)==0)) regis = 1;
1155
1156         if (CC->usersupp.axlevel >= 6) {
1157                 get_control();
1158                 if (CitControl.MMflags&MM_VALID) vali = 1;
1159                 }
1160
1161
1162         /* check for mail */
1163         mail = NewMailCount();
1164
1165         cprintf("%d %d|%d|%d\n",OK,mail,regis,vali);
1166         }
1167
1168
1169 /*
1170  * check to see if a user exists
1171  */
1172 void cmd_qusr(char *who)
1173 {
1174         struct usersupp usbuf;
1175
1176         if (getuser(&usbuf,who) == 0) {
1177                 cprintf("%d %s\n",OK,usbuf.fullname);
1178                 }
1179         else {
1180                 cprintf("%d No such user.\n",ERROR+NO_SUCH_USER);
1181                 }
1182         }
1183
1184
1185 /*
1186  * enter user bio
1187  */
1188 void cmd_ebio(void) {
1189         char buf[256];
1190         FILE *fp;
1191
1192         if (!(CC->logged_in)) {
1193                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
1194                 return;
1195                 }
1196
1197         sprintf(buf,"./bio/%ld",CC->usersupp.usernum);
1198         fp = fopen(buf,"w");
1199         if (fp == NULL) {
1200                 cprintf("%d Cannot create file\n",ERROR);
1201                 return;
1202                 }
1203         cprintf("%d  \n",SEND_LISTING);
1204         while(client_gets(buf), strcmp(buf,"000")) {
1205                 fprintf(fp,"%s\n",buf);
1206                 }
1207         fclose(fp);
1208         }
1209
1210 /*
1211  * read user bio
1212  */
1213 void cmd_rbio(char *cmdbuf)
1214 {
1215         struct usersupp ruser;
1216         char buf[256];
1217         FILE *fp;
1218
1219         extract(buf,cmdbuf,0);
1220         if (getuser(&ruser,buf)!=0) {
1221                 cprintf("%d No such user.\n",ERROR+NO_SUCH_USER);
1222                 return;
1223                 }
1224         sprintf(buf,"./bio/%ld",ruser.usernum);
1225
1226         fp = fopen(buf,"r");
1227         if (fp == NULL) {
1228                 cprintf("%d %s has no bio on file.\n",
1229                         ERROR+FILE_NOT_FOUND,ruser.fullname);
1230                 return;
1231                 }
1232         cprintf("%d  \n",LISTING_FOLLOWS);
1233         while (fgets(buf,256,fp)!=NULL) cprintf("%s",buf);
1234         fclose(fp);
1235         cprintf("000\n");
1236         }
1237
1238 /*
1239  * list of users who have entered bios
1240  */
1241 void cmd_lbio(void) {
1242         char buf[256];
1243         FILE *ls;
1244         struct usersupp usbuf;
1245
1246         ls=popen("cd ./bio; ls","r");
1247         if (ls==NULL) {
1248                 cprintf("%d Cannot open listing.\n",ERROR+FILE_NOT_FOUND);
1249                 return;
1250                 }
1251
1252         cprintf("%d\n",LISTING_FOLLOWS);
1253         while (fgets(buf,255,ls)!=NULL)
1254                 if (getuserbynumber(&usbuf,atol(buf))==0)
1255                         cprintf("%s\n",usbuf.fullname);
1256         pclose(ls);
1257         cprintf("000\n");
1258         }
1259
1260
1261 /*
1262  * Administrative Get User Parameters
1263  */
1264 void cmd_agup(char *cmdbuf) {
1265         struct usersupp usbuf;
1266         char requested_user[256];
1267
1268         if ( (CC->internal_pgm==0)
1269            && ( (CC->logged_in == 0) || (is_aide()==0) ) ) {
1270                 cprintf("%d Higher access required.\n",
1271                         ERROR + HIGHER_ACCESS_REQUIRED);
1272                 return;
1273                 }
1274
1275         extract(requested_user, cmdbuf, 0);
1276         if (getuser(&usbuf, requested_user) != 0) {
1277                 cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
1278                 return;
1279                 }
1280
1281         cprintf("%d %s|%s|%u|%d|%d|%d|%ld\n",
1282                 OK,
1283                 usbuf.fullname,
1284                 usbuf.password,
1285                 usbuf.flags,
1286                 usbuf.timescalled,
1287                 usbuf.posted,
1288                 (int)usbuf.axlevel,
1289                 usbuf.usernum);
1290
1291         }
1292
1293
1294
1295 /*
1296  * Administrative Set User Parameters
1297  */
1298 void cmd_asup(char *cmdbuf) {
1299         struct usersupp usbuf;
1300         char requested_user[256];
1301         int np;
1302         int newax;
1303
1304         if ( (CC->internal_pgm==0)
1305            && ( (CC->logged_in == 0) || (is_aide()==0) ) ) {
1306                 cprintf("%d Higher access required.\n",
1307                         ERROR + HIGHER_ACCESS_REQUIRED);
1308                 return;
1309                 }
1310
1311         extract(requested_user, cmdbuf, 0);
1312         if (lgetuser(&usbuf, requested_user) != 0) {
1313                 cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
1314                 return;
1315                 }
1316
1317         np = num_parms(cmdbuf);
1318         if (np > 1) extract(usbuf.password, cmdbuf, 1);
1319         if (np > 2) usbuf.flags = extract_int(cmdbuf, 2);
1320         if (np > 3) usbuf.timescalled = extract_int(cmdbuf, 3);
1321         if (np > 4) usbuf.posted = extract_int(cmdbuf, 4);
1322         if (np > 5) {
1323                 newax = extract_int(cmdbuf, 5);
1324                 if ((newax >=0) && (newax <= 6)) {
1325                         usbuf.axlevel = extract_int(cmdbuf, 5);
1326                         }
1327                 }
1328
1329         lputuser(&usbuf, requested_user);
1330         if (usbuf.axlevel == 0) {
1331                 if (purge_user(requested_user)==0) {
1332                         cprintf("%d %s deleted.\n", OK, requested_user);
1333                         }
1334                 }
1335         cprintf("%d Ok\n", OK);
1336         }
1337
1338
1339 /*
1340  * Count the number of new mail messages the user has
1341  */
1342 int NewMailCount() {
1343         int num_newmsgs = 0;
1344         struct cdbdata *cdbmb;
1345         int num_mails;
1346         long *mailbox;
1347         int a;
1348
1349         cdbmb = cdb_fetch(CDB_MAILBOXES, &CC->usersupp.usernum, sizeof(long));
1350         if (cdbmb != NULL) {
1351                 num_mails = cdbmb->len / sizeof(long);
1352                 mailbox = (long *) cdbmb->ptr;
1353                 if (num_mails > 0) for (a=0; a<num_mails; ++a) {
1354                         if (mailbox[a] > (CC->usersupp.lastseen[1]))
1355                                 ++num_newmsgs;
1356                         }
1357                 cdb_free(cdbmb);
1358                 }
1359         return(num_newmsgs);
1360         }