citadel/user_ops.c

   1 /* needed to properly enable crypt() stuff on some systems */
   2 #define _XOPEN_SOURCE
   3 /* needed for str[n]casecmp() on some systems if the above is defined */
   4 #define _XOPEN_SOURCE_EXTENDED
   5
   6 #include <stdlib.h>
   7 #include <unistd.h>
   8 #include <stdio.h>
   9 #include <fcntl.h>
  10 #include <signal.h>
  11 #include <pwd.h>
  12 #include <sys/types.h>
  13 #include <sys/time.h>
  14 #include <string.h>
  15 #include <syslog.h>
  16 #include <pthread.h>
  17 #include "citadel.h"
  18 #include "server.h"
  19 #include "database.h"
  20 #include "user_ops.h"
  21 #include "sysdep_decls.h"
  22 #include "support.h"
  23 #include "room_ops.h"
  24 #include "logging.h"
  25 #include "file_ops.h"
  26 #include "control.h"
  27 #include "msgbase.h"
  28 #include "config.h"
  29 #include "dynloader.h"
  30
  31
  32 /*
  33  * getuser()  -  retrieve named user into supplied buffer.
  34  *               returns 0 on success
  35  */
  36 int getuser(struct usersupp *usbuf, char name[]) {
  37
  38         char lowercase_name[32];
  39         int a;
  40         struct cdbdata *cdbus;
  41
  42         bzero(usbuf, sizeof(struct usersupp));
  43         for (a=0; a<=strlen(name); ++a) {
  44                 lowercase_name[a] = tolower(name[a]);
  45                 }
  46
  47         cdbus = cdb_fetch(CDB_USERSUPP, lowercase_name, strlen(lowercase_name));
  48         if (cdbus == NULL) {
  49                 return(1);      /* user not found */
  50                 }
  51
  52         memcpy(usbuf, cdbus->ptr,
  53                 ( (cdbus->len > sizeof(struct usersupp)) ?
  54                 sizeof(struct usersupp) : cdbus->len) );
  55         cdb_free(cdbus);
  56         return(0);
  57         }
  58
  59
  60 /*
  61  * lgetuser()  -  same as getuser() but locks the record
  62  */
  63 int lgetuser(struct usersupp *usbuf, char *name)
  64 {
  65         int retcode;
  66
  67         retcode = getuser(usbuf,name);
  68         if (retcode == 0) {
  69                 begin_critical_section(S_USERSUPP);
  70                 }
  71         return(retcode);
  72         }
  73
  74
  75 /*
  76  * putuser()  -  write user buffer into the correct place on disk
  77  */
  78 void putuser(struct usersupp *usbuf, char *name)
  79 {
  80         char lowercase_name[32];
  81         int a;
  82
  83         for (a=0; a<=strlen(name); ++a) {
  84                 lowercase_name[a] = tolower(name[a]);
  85                 }
  86
  87         cdb_store(CDB_USERSUPP,
  88                 lowercase_name, strlen(lowercase_name),
  89                 usbuf, sizeof(struct usersupp));
  90
  91         }
  92
  93
  94 /*
  95  * lputuser()  -  same as putuser() but locks the record
  96  */
  97 void lputuser(struct usersupp *usbuf, char *name) {
  98         putuser(usbuf,name);
  99         end_critical_section(S_USERSUPP);
 100         }
 101
 102
 103 /*
 104  * Define a relationship between a user and a room
 105  */
 106 void CtdlSetRelationship(struct visit *newvisit,
 107                         struct usersupp *rel_user,
 108                         struct quickroom *rel_room) {
 109
 110         struct cdbdata *cdbvisit;
 111         struct visit *visits;
 112         int num_visits;
 113         int a;
 114         int replaced = 0;
 115
 116         cdbvisit = cdb_fetch(CDB_VISIT, &rel_user->usernum, sizeof(long));
 117         if (cdbvisit != NULL) {
 118                 num_visits = cdbvisit->len / sizeof(struct visit);
 119                 visits = (struct visit *)
 120                         malloc(num_visits * sizeof(struct visit));
 121                 memcpy(visits, cdbvisit->ptr,
 122                         (num_visits * sizeof(struct visit)));
 123                 cdb_free(cdbvisit);
 124                 }
 125         else {
 126                 num_visits = 0;
 127                 visits = NULL;
 128                 }
 129
 130         /* Replace an existing relationship if possible */
 131         if (num_visits > 0) for (a=0; a<num_visits; ++a) {
 132                 if ( (!strcasecmp(visits[a].v_roomname, rel_room->QRname))
 133                    && (visits[a].v_generation == rel_room->QRgen) ) {
 134                         memcpy(&visits[a], newvisit, sizeof(struct visit));
 135                         replaced = 1;
 136                         }
 137                 }
 138
 139         /* Otherwise, define a new one */
 140         if (replaced == 0) {
 141                 ++num_visits;
 142                 visits = realloc(visits,
 143                         (num_visits * sizeof(struct visit)));
 144                 memcpy(&visits[num_visits-1], newvisit, sizeof(struct visit));
 145                 }
 146
 147         /* Now write the relationship back to disk */
 148         cdb_store(CDB_VISIT,
 149                 &rel_user->usernum, sizeof(long),
 150                 visits,
 151                 (num_visits * sizeof(struct visit)));
 152         free(visits);
 153         }
 154
 155 /*
 156  * Locate a relationship between a user and a room
 157  */
 158 void CtdlGetRelationship(struct visit *vbuf,
 159                         struct usersupp *rel_user,
 160                         struct quickroom *rel_room) {
 161
 162         struct cdbdata *cdbvisit;
 163         struct visit *visits;
 164         int num_visits;
 165         int a;
 166
 167         bzero(vbuf, sizeof(struct visit));
 168         strcpy(vbuf->v_roomname, rel_room->QRname);
 169         vbuf->v_generation = rel_room->QRgen;
 170
 171         cdbvisit = cdb_fetch(CDB_VISIT, &rel_user->usernum, sizeof(long));
 172         if (cdbvisit != NULL) {
 173                 if ((num_visits = cdbvisit->len / sizeof(struct visit)) == 0) {
 174                         cdb_free(cdbvisit);
 175                         return;
 176                 }
 177                 visits = (struct visit *)
 178                         malloc(num_visits * sizeof(struct visit));
 179                 memcpy(visits, cdbvisit->ptr,
 180                         (num_visits * sizeof(struct visit)));
 181                 cdb_free(cdbvisit);
 182                 }
 183         else return;
 184
 185         for (a=0; a<num_visits; ++a) {
 186
 187                 if ( (!strcasecmp(visits[a].v_roomname, rel_room->QRname))
 188                    && (visits[a].v_generation == rel_room->QRgen) ) {
 189                         memcpy(vbuf, &visits[a], sizeof(struct visit));
 190                         }
 191                 }
 192
 193         free(visits);
 194         }
 195
 196
 197 /*
 198  * Is the user currently logged in an Aide?
 199  */
 200 int is_aide(void) {
 201         if (CC->usersupp.axlevel >= 6) return(1);
 202         else return(0);
 203         }
 204
 205
 206 /*
 207  * Is the user currently logged in an Aide *or* the room aide for this room?
 208  */
 209 int is_room_aide(void) {
 210         if ( (CC->usersupp.axlevel >= 6)
 211            || (CC->quickroom.QRroomaide == CC->usersupp.usernum) ) {
 212                 return(1);
 213                 }
 214         else {
 215                 return(0);
 216                 }
 217         }
 218
 219 /*
 220  * getuserbynumber()  -  get user by number
 221  *                       returns 0 if user was found
 222  */
 223 int getuserbynumber(struct usersupp *usbuf, long int number)
 224 {
 225         struct cdbdata *cdbus;
 226
 227         cdb_rewind(CDB_USERSUPP);
 228
 229         while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 230                 bzero(usbuf, sizeof(struct usersupp));
 231                 memcpy(usbuf, cdbus->ptr,
 232                         ( (cdbus->len > sizeof(struct usersupp)) ?
 233                         sizeof(struct usersupp) : cdbus->len) );
 234                 cdb_free(cdbus);
 235                 if (usbuf->usernum == number) {
 236                         return(0);
 237                         }
 238                 }
 239         return(-1);
 240         }
 241
 242
 243 /*
 244  * USER cmd
 245  */
 246 void cmd_user(char *cmdbuf)
 247 {
 248         char username[256];
 249         char autoname[256];
 250         int found_user = 0;
 251         struct passwd *p;
 252         int a;
 253
 254         extract(username,cmdbuf,0);
 255         username[25] = 0;
 256         strproc(username);
 257
 258         if ((CC->logged_in)) {
 259                 cprintf("%d Already logged in.\n",ERROR);
 260                 return;
 261                 }
 262
 263         found_user = getuser(&CC->usersupp,username);
 264         if (found_user != 0) {
 265                 p = (struct passwd *)getpwnam(username);
 266                 if (p!=NULL) {
 267                         strcpy(autoname,p->pw_gecos);
 268                         for (a=0; a<strlen(autoname); ++a)
 269                                 if (autoname[a]==',') autoname[a]=0;
 270                         found_user = getuser(&CC->usersupp,autoname);
 271                         }
 272                 }
 273         if (found_user == 0) {
 274                 if (((CC->nologin)) && (CC->usersupp.axlevel < 6)) {
 275                         cprintf("%d %s: Too many users are already online (maximum is %d)\n",
 276                         ERROR+MAX_SESSIONS_EXCEEDED,
 277                         config.c_nodename,config.c_maxsessions);
 278                         }
 279                 else {
 280                         strcpy(CC->curr_user,CC->usersupp.fullname);
 281                         cprintf("%d Password required for %s\n",
 282                                 MORE_DATA,CC->curr_user);
 283                         }
 284                 }
 285         else {
 286                 cprintf("%d %s not found.\n",ERROR,username);
 287                 }
 288         }
 289
 290
 291
 292 /*
 293  * session startup code which is common to both cmd_pass() and cmd_newu()
 294  */
 295 void session_startup(void) {
 296         int a;
 297         struct quickroom qr;
 298
 299         syslog(LOG_NOTICE,"user <%s> logged in",CC->curr_user);
 300
 301         lgetuser(&CC->usersupp,CC->curr_user);
 302         ++(CC->usersupp.timescalled);
 303         CC->fake_username[0] = '\0';
 304         CC->fake_postname[0] = '\0';
 305         CC->fake_hostname[0] = '\0';
 306         CC->fake_roomname[0] = '\0';
 307         CC->last_pager[0] = '\0';
 308         time(&CC->usersupp.lastcall);
 309
 310         /* If this user's name is the name of the system administrator
 311          * (as specified in setup), automatically assign access level 6.
 312          */
 313         if (!strcasecmp(CC->usersupp.fullname, config.c_sysadm)) {
 314                 CC->usersupp.axlevel = 6;
 315                 }
 316
 317  /******************************************************************************/
 318  /* FIX  It is safe to remove this segment during the cutover                  */
 319         for (a=0; a<MAXROOMS; ++a) {
 320                 getroom(&qr,a);
 321                 if (CC->usersupp.generation[a] != qr.QRgen)
 322                                         CC->usersupp.generation[a]=(-1);
 323                 if (CC->usersupp.forget[a] != qr.QRgen)
 324                                         CC->usersupp.forget[a]=(-1);
 325                 }
 326  /******************************************************************************/
 327
 328         lputuser(&CC->usersupp,CC->curr_user);
 329
 330         /* Run any cleanup routines registered by loadable modules */
 331         PerformSessionHooks(EVT_LOGIN);
 332
 333         cprintf("%d %s|%d|%d|%d|%u|%ld\n",OK,CC->usersupp.fullname,CC->usersupp.axlevel,
 334                 CC->usersupp.timescalled,CC->usersupp.posted,CC->usersupp.flags,
 335                 CC->usersupp.usernum);
 336         usergoto(0,0);          /* Enter the lobby */
 337         rec_log(CL_LOGIN,CC->curr_user);
 338         }
 339
 340
 341 /*
 342  * misc things to be taken care of when a user is logged out
 343  */
 344 void logout(struct CitContext *who)
 345 {
 346         who->logged_in = 0;
 347         if (who->download_fp != NULL) {
 348                 fclose(who->download_fp);
 349                 who->download_fp = NULL;
 350                 }
 351         if (who->upload_fp != NULL) {
 352                 abort_upl(who);
 353                 }
 354
 355         /* Do modular stuff... */
 356         PerformSessionHooks(EVT_LOGOUT);
 357         }
 358
 359
 360 void cmd_pass(char *buf)
 361 {
 362         char password[256];
 363         int code;
 364         struct passwd *p;
 365
 366         extract(password,buf,0);
 367
 368         if ((CC->logged_in)) {
 369                 cprintf("%d Already logged in.\n",ERROR);
 370                 return;
 371                 }
 372         if (!strcmp(CC->curr_user,"")) {
 373                 cprintf("%d You must send a name with USER first.\n",ERROR);
 374                 return;
 375                 }
 376         if (getuser(&CC->usersupp,CC->curr_user)) {
 377                 cprintf("%d Can't find user record!\n",ERROR+INTERNAL_ERROR);
 378                 return;
 379                 }
 380
 381         code = (-1);
 382         if (CC->usersupp.USuid == BBSUID) {
 383                 strproc(password);
 384                 strproc(CC->usersupp.password);
 385                 code = strcasecmp(CC->usersupp.password,password);
 386                 }
 387         else {
 388                 p = (struct passwd *)getpwuid(CC->usersupp.USuid);
 389 #ifdef ENABLE_AUTOLOGIN
 390                 if (p!=NULL) {
 391                         if (!strcmp(p->pw_passwd,
 392                            (char *)crypt(password,p->pw_passwd))) {
 393                                 code = 0;
 394                                 lgetuser(&CC->usersupp, CC->curr_user);
 395                                 strcpy(CC->usersupp.password, password);
 396                                 lputuser(&CC->usersupp, CC->curr_user);
 397                                 }
 398                         }
 399 #endif
 400                 }
 401
 402         if (!code) {
 403                 (CC->logged_in) = 1;
 404                 session_startup();
 405                 }
 406         else {
 407                 cprintf("%d Wrong password.\n",ERROR);
 408                 rec_log(CL_BADPW,CC->curr_user);
 409                 }
 410         }
 411
 412
 413 /*
 414  * Delete a user record *and* all of its related resources.
 415  */
 416 int purge_user(char *pname) {
 417         char filename[64];
 418         struct usersupp usbuf;
 419         int a;
 420         struct cdbdata *cdbmb;
 421         long *mailbox;
 422         int num_mails;
 423
 424         if (getuser(&usbuf, pname) != 0) {
 425                 lprintf(5, "Cannot purge user <%s> - not found\n", pname);
 426                 return(ERROR+NO_SUCH_USER);
 427                 }
 428
 429         /* FIX   Don't delete a user who is currently logged in. */
 430
 431         /* Perform any purge functions registered by server extensions */
 432         PerformUserHooks(usbuf.fullname, usbuf.usernum, EVT_PURGEUSER);
 433
 434         /* delete any messages in the user's mailbox */
 435         cdbmb = cdb_fetch(CDB_MAILBOXES, &usbuf.usernum, sizeof(long));
 436         if (cdbmb != NULL) {
 437                 num_mails = cdbmb->len / sizeof(long);
 438                 mailbox = (long *) cdbmb->ptr;
 439                 if (num_mails > 0) for (a=0; a<num_mails; ++a) {
 440                         cdb_delete(CDB_MSGMAIN, &mailbox[a], sizeof(long));
 441                         }
 442                 cdb_free(cdbmb);
 443                 /* now delete the mailbox itself */
 444                 cdb_delete(CDB_MAILBOXES, &usbuf.usernum, sizeof(long));
 445                 }
 446
 447         /* delete any existing user/room relationships */
 448         cdb_delete(CDB_VISIT, &usbuf.usernum, sizeof(long));
 449
 450         /* delete the userlog entry */
 451         cdb_delete(CDB_USERSUPP, pname, strlen(pname));
 452
 453         /* remove the user's bio file */
 454         sprintf(filename, "./bio/%ld", usbuf.usernum);
 455         unlink(filename);
 456
 457         /* remove the user's picture */
 458         sprintf(filename, "./userpics/%ld.gif", usbuf.usernum);
 459         unlink(filename);
 460
 461         return(0);
 462         }
 463
 464
 465 /*
 466  * create_user()  -  back end processing to create a new user
 467  */
 468 int create_user(char *newusername)
 469 {
 470         struct usersupp usbuf;
 471         int a;
 472         struct passwd *p = NULL;
 473         char username[64];
 474
 475         strcpy(username, newusername);
 476         strproc(username);
 477
 478 #ifdef ENABLE_AUTOLOGIN
 479         p = (struct passwd *)getpwnam(username);
 480 #endif
 481         if (p != NULL) {
 482                 strcpy(username, p->pw_gecos);
 483                 for (a=0; a<strlen(username); ++a) {
 484                         if (username[a] == ',') username[a] = 0;
 485                         }
 486                 CC->usersupp.USuid = p->pw_uid;
 487                 }
 488         else {
 489                 CC->usersupp.USuid = BBSUID;
 490                 }
 491
 492         if (!getuser(&usbuf,username)) {
 493                 return(ERROR+ALREADY_EXISTS);
 494                 }
 495
 496         strcpy(CC->curr_user,username);
 497         strcpy(CC->usersupp.fullname,username);
 498         strcpy(CC->usersupp.password,"");
 499         (CC->logged_in) = 1;
 500
 501         /********************************************************/
 502         /* FIX this can safely be removed during the cutover... */
 503         for (a=0; a<MAXROOMS; ++a) {
 504                 CC->usersupp.lastseen[a]=0L;
 505                 CC->usersupp.generation[a]=(-1);
 506                 CC->usersupp.forget[a]=(-1);
 507                 }
 508         /********************************************************/
 509
 510         /* These are the default flags on new accounts */
 511         CC->usersupp.flags =
 512                 US_NEEDVALID|US_LASTOLD|US_DISAPPEAR|US_PAGINATOR|US_FLOORS;
 513
 514         CC->usersupp.timescalled = 0;
 515         CC->usersupp.posted = 0;
 516         CC->usersupp.axlevel = config.c_initax;
 517         CC->usersupp.USscreenwidth = 80;
 518         CC->usersupp.USscreenheight = 24;
 519         time(&CC->usersupp.lastcall);
 520         strcpy(CC->usersupp.USname, "");
 521         strcpy(CC->usersupp.USaddr, "");
 522         strcpy(CC->usersupp.UScity, "");
 523         strcpy(CC->usersupp.USstate, "");
 524         strcpy(CC->usersupp.USzip, "");
 525         strcpy(CC->usersupp.USphone, "");
 526
 527         /* fetch a new user number */
 528         CC->usersupp.usernum = get_new_user_number();
 529
 530         if (CC->usersupp.usernum == 1L) {
 531                 CC->usersupp.axlevel = 6;
 532                 }
 533
 534         /* add user to userlog */
 535         putuser(&CC->usersupp,CC->curr_user);
 536         if (getuser(&CC->usersupp,CC->curr_user)) {
 537                 return(ERROR+INTERNAL_ERROR);
 538                 }
 539         rec_log(CL_NEWUSER,CC->curr_user);
 540         return(0);
 541         }
 542
 543
 544
 545
 546 /*
 547  * cmd_newu()  -  create a new user account
 548  */
 549 void cmd_newu(char *cmdbuf)
 550 {
 551         int a;
 552         char username[256];
 553
 554         if ((CC->logged_in)) {
 555                 cprintf("%d Already logged in.\n",ERROR);
 556                 return;
 557                 }
 558
 559         if ((CC->nologin)) {
 560                 cprintf("%d %s: Too many users are already online (maximum is %d)\n",
 561                 ERROR+MAX_SESSIONS_EXCEEDED,
 562                 config.c_nodename,config.c_maxsessions);
 563                 }
 564
 565         extract(username,cmdbuf,0);
 566         username[25] = 0;
 567         strproc(username);
 568
 569         if (strlen(username)==0) {
 570                 cprintf("%d You must supply a user name.\n",ERROR);
 571                 return;
 572                 }
 573
 574         a = create_user(username);
 575         if ((!strcasecmp(username, "bbs")) ||
 576             (!strcasecmp(username, "new")) ||
 577             (!strcasecmp(username, ".")))
 578         {
 579            cprintf("%d '%s' is an invalid login name.\n", ERROR);
 580            return;
 581         }
 582         if (a==ERROR+ALREADY_EXISTS) {
 583                 cprintf("%d '%s' already exists.\n",
 584                         ERROR+ALREADY_EXISTS,username);
 585                 return;
 586                 }
 587         else if (a==ERROR+INTERNAL_ERROR) {
 588                 cprintf("%d Internal error - user record disappeared?\n",
 589                         ERROR+INTERNAL_ERROR);
 590                 return;
 591                 }
 592         else if (a==0) {
 593                 session_startup();
 594                 }
 595         else {
 596                 cprintf("%d unknown error\n",ERROR);
 597                 }
 598         rec_log(CL_NEWUSER,CC->curr_user);
 599         }
 600
 601
 602
 603 /*
 604  * set password
 605  */
 606 void cmd_setp(char *new_pw)
 607 {
 608         if (!(CC->logged_in)) {
 609                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 610                 return;
 611                 }
 612         if (CC->usersupp.USuid != BBSUID) {
 613                 cprintf("%d Not allowed.  Use the 'passwd' command.\n",ERROR);
 614                 return;
 615                 }
 616         strproc(new_pw);
 617         if (strlen(new_pw)==0) {
 618                 cprintf("%d Password unchanged.\n",OK);
 619                 return;
 620                 }
 621         lgetuser(&CC->usersupp,CC->curr_user);
 622         strcpy(CC->usersupp.password,new_pw);
 623         lputuser(&CC->usersupp,CC->curr_user);
 624         cprintf("%d Password changed.\n",OK);
 625         rec_log(CL_PWCHANGE,CC->curr_user);
 626         PerformSessionHooks(EVT_SETPASS);
 627         }
 628
 629 /*
 630  * get user parameters
 631  */
 632 void cmd_getu(void) {
 633         if (!(CC->logged_in)) {
 634                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 635                 return;
 636                 }
 637         getuser(&CC->usersupp,CC->curr_user);
 638         cprintf("%d %d|%d|%d\n",
 639                 OK,
 640                 CC->usersupp.USscreenwidth,
 641                 CC->usersupp.USscreenheight,
 642                 (CC->usersupp.flags & US_USER_SET)
 643                 );
 644         }
 645
 646 /*
 647  * set user parameters
 648  */
 649 void cmd_setu(char *new_parms)
 650 {
 651
 652         if (num_parms(new_parms)!=3) {
 653                 cprintf("%d Usage error.\n",ERROR);
 654                 return;
 655                 }
 656         if (!(CC->logged_in)) {
 657                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 658                 return;
 659                 }
 660         lgetuser(&CC->usersupp,CC->curr_user);
 661         CC->usersupp.USscreenwidth = extract_int(new_parms,0);
 662         CC->usersupp.USscreenheight = extract_int(new_parms,1);
 663         CC->usersupp.flags = CC->usersupp.flags & (~US_USER_SET);
 664         CC->usersupp.flags = CC->usersupp.flags |
 665                 (extract_int(new_parms,2) & US_USER_SET);
 666         lputuser(&CC->usersupp,CC->curr_user);
 667         cprintf("%d Ok\n",OK);
 668         }
 669
 670 /*
 671  * set last read pointer
 672  */
 673 void cmd_slrp(char *new_ptr)
 674 {
 675         long newlr;
 676         struct visit vbuf;
 677
 678         if (!(CC->logged_in)) {
 679                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 680                 return;
 681                 }
 682
 683         if (CC->curr_rm < 0) {
 684                 cprintf("%d No current room.\n",ERROR);
 685                 return;
 686                 }
 687
 688         if (!strncasecmp(new_ptr,"highest",7)) {
 689                 newlr = CC->quickroom.QRhighest;
 690 /* FIX ... if the current room is 1 (Mail), newlr needs to be set to the
 691  * number of the highest mail message
 692  */
 693                 }
 694         else {
 695                 newlr = atol(new_ptr);
 696                 }
 697
 698         lgetuser(&CC->usersupp, CC->curr_user);
 699
 700         /* old method - remove */
 701         CC->usersupp.lastseen[CC->curr_rm] = newlr;
 702
 703         /* new method */
 704         CtdlGetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
 705         vbuf.v_lastseen = newlr;
 706         CtdlSetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
 707
 708         lputuser(&CC->usersupp, CC->curr_user);
 709         cprintf("%d %ld\n",OK,newlr);
 710         }
 711
 712
 713 /*
 714  * INVT and KICK commands
 715  */
 716 void cmd_invt_kick(char *iuser, int op)
 717                         /* user name */
 718         {               /* 1 = invite, 0 = kick out */
 719         struct usersupp USscratch;
 720         char bbb[256];
 721         struct visit vbuf;
 722
 723         if (!(CC->logged_in)) {
 724                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 725                 return;
 726                 }
 727
 728         if (CC->curr_rm < 0) {
 729                 cprintf("%d No current room.\n",ERROR);
 730                 return;
 731                 }
 732
 733         if (is_room_aide()==0) {
 734                 cprintf("%d Higher access required.\n",
 735                         ERROR+HIGHER_ACCESS_REQUIRED);
 736                 return;
 737                 }
 738
 739         /* FIX - with the new relationships scheme we can lock users out,
 740            so it'll make sense to remove this routine */
 741         if ( (op==1) && ((CC->quickroom.QRflags&QR_PRIVATE)==0) ) {
 742                 cprintf("%d Not a private room.\n",ERROR+NOT_HERE);
 743                 return;
 744                 }
 745
 746         if (lgetuser(&USscratch,iuser)!=0) {
 747                 cprintf("%d No such user.\n",ERROR);
 748                 return;
 749                 }
 750
 751         CtdlGetRelationship(&vbuf, &USscratch, &CC->quickroom);
 752
 753         if (op==1) {
 754                 /* old method -- FIX remove this when we're ready */
 755                 USscratch.generation[CC->curr_rm]=CC->quickroom.QRgen;
 756                 USscratch.forget[CC->curr_rm]=(-1);
 757
 758                 /* new method */
 759                 vbuf.v_flags = vbuf.v_flags & ~V_FORGET & ~V_LOCKOUT;
 760                 vbuf.v_flags = vbuf.v_flags | V_ACCESS;
 761                 }
 762
 763         if (op==0) {
 764                 /* old method -- FIX remove this when we're ready */
 765                 USscratch.generation[CC->curr_rm]=(-1);
 766                 USscratch.forget[CC->curr_rm]=CC->quickroom.QRgen;
 767
 768                 /* new method */
 769                 vbuf.v_flags = vbuf.v_flags & ~V_ACCESS;
 770                 vbuf.v_flags = vbuf.v_flags | V_FORGET | V_LOCKOUT;
 771                 }
 772
 773         CtdlSetRelationship(&vbuf, &USscratch, &CC->quickroom);
 774
 775         lputuser(&USscratch,iuser);
 776
 777         /* post a message in Aide> saying what we just did */
 778         sprintf(bbb,"%s %s %s> by %s",
 779                 iuser,
 780                 ((op == 1) ? "invited to" : "kicked out of"),
 781                 CC->quickroom.QRname,
 782                 CC->usersupp.fullname);
 783         aide_message(bbb);
 784
 785         if ((op==0)&&((CC->quickroom.QRflags&QR_PRIVATE)==0)) {
 786                 cprintf("%d Ok. (Not a private room, <Z>ap effect only)\n",OK);
 787                 }
 788         else {
 789                 cprintf("%d Ok.\n",OK);
 790                 }
 791         return;
 792         }
 793
 794
 795 /*
 796  * forget (Zap) the current room
 797  */
 798 void cmd_forg(void) {
 799         struct visit vbuf;
 800
 801         if (!(CC->logged_in)) {
 802                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 803                 return;
 804                 }
 805
 806         if (CC->curr_rm < 0) {
 807                 cprintf("%d No current room.\n",ERROR);
 808                 return;
 809                 }
 810
 811         if (CC->curr_rm < 3) {
 812                 cprintf("%d You cannot forget this room.\n",ERROR+NOT_HERE);
 813                 return;
 814                 }
 815
 816         if (is_aide()) {
 817                 cprintf("%d Aides cannot forget rooms.\n",ERROR);
 818                 return;
 819                 }
 820
 821         lgetuser(&CC->usersupp,CC->curr_user);
 822         CtdlGetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
 823
 824         /* old method -- FIX remove this when we're ready */
 825         CC->usersupp.forget[CC->curr_rm] = CC->quickroom.QRgen;
 826         CC->usersupp.generation[CC->curr_rm] = (-1);
 827
 828         /* new method */
 829         vbuf.v_flags = vbuf.v_flags | V_FORGET;
 830
 831         CtdlSetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
 832         lputuser(&CC->usersupp,CC->curr_user);
 833         cprintf("%d Ok\n",OK);
 834         CC->curr_rm = (-1);
 835         }
 836
 837 /*
 838  * Get Next Unregistered User
 839  */
 840 void cmd_gnur(void) {
 841         struct cdbdata *cdbus;
 842         struct usersupp usbuf;
 843
 844         if (!(CC->logged_in)) {
 845                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 846                 return;
 847                 }
 848
 849         if (CC->usersupp.axlevel < 6) {
 850                 cprintf("%d Higher access required.\n",
 851                         ERROR+HIGHER_ACCESS_REQUIRED);
 852                 return;
 853                 }
 854
 855         if ((CitControl.MMflags&MM_VALID)==0) {
 856                 cprintf("%d There are no unvalidated users.\n",OK);
 857                 return;
 858                 }
 859
 860         /* There are unvalidated users.  Traverse the usersupp database,
 861          * and return the first user we find that needs validation.
 862          */
 863         cdb_rewind(CDB_USERSUPP);
 864         while (cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 865                 bzero(&usbuf, sizeof(struct usersupp));
 866                 memcpy(&usbuf, cdbus->ptr,
 867                         ( (cdbus->len > sizeof(struct usersupp)) ?
 868                         sizeof(struct usersupp) : cdbus->len) );
 869                 cdb_free(cdbus);
 870                 if ((usbuf.flags & US_NEEDVALID)
 871                    &&(usbuf.axlevel > 0)) {
 872                         cprintf("%d %s\n",MORE_DATA,usbuf.fullname);
 873                         return;
 874                         }
 875                 }
 876
 877         /* If we get to this point, there are no more unvalidated users.
 878          * Therefore we clear the "users need validation" flag.
 879          */
 880
 881         begin_critical_section(S_CONTROL);
 882         get_control();
 883         CitControl.MMflags = CitControl.MMflags&(~MM_VALID);
 884         put_control();
 885         end_critical_section(S_CONTROL);
 886         cprintf("%d *** End of registration.\n",OK);
 887
 888
 889         }
 890
 891
 892 /*
 893  * get registration info for a user
 894  */
 895 void cmd_greg(char *who)
 896 {
 897         struct usersupp usbuf;
 898         int a,b;
 899         char pbuf[32];
 900
 901         if (!(CC->logged_in)) {
 902                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 903                 return;
 904                 }
 905
 906         if (!strcasecmp(who,"_SELF_")) strcpy(who,CC->curr_user);
 907
 908         if ((CC->usersupp.axlevel < 6) && (strcasecmp(who,CC->curr_user))) {
 909                 cprintf("%d Higher access required.\n",
 910                         ERROR+HIGHER_ACCESS_REQUIRED);
 911                 return;
 912                 }
 913
 914         if (getuser(&usbuf,who) != 0) {
 915                 cprintf("%d '%s' not found.\n",ERROR+NO_SUCH_USER,who);
 916                 return;
 917                 }
 918
 919         cprintf("%d %s\n",LISTING_FOLLOWS,usbuf.fullname);
 920         cprintf("%ld\n",usbuf.usernum);
 921         cprintf("%s\n",usbuf.password);
 922         cprintf("%s\n",usbuf.USname);
 923         cprintf("%s\n",usbuf.USaddr);
 924         cprintf("%s\n%s\n%s\n",
 925                 usbuf.UScity,usbuf.USstate,usbuf.USzip);
 926         strcpy(pbuf,usbuf.USphone);
 927         usbuf.USphone[0]=0;
 928         for (a=0; a<strlen(pbuf); ++a) {
 929                 if ((pbuf[a]>='0')&&(pbuf[a]<='9')) {
 930                         b=strlen(usbuf.USphone);
 931                         usbuf.USphone[b]=pbuf[a];
 932                         usbuf.USphone[b+1]=0;
 933                         }
 934                 }
 935         while(strlen(usbuf.USphone)<10) {
 936                 strcpy(pbuf,usbuf.USphone);
 937                 strcpy(usbuf.USphone," ");
 938                 strcat(usbuf.USphone,pbuf);
 939                 }
 940
 941         cprintf("(%c%c%c) %c%c%c-%c%c%c%c\n",
 942                 usbuf.USphone[0],usbuf.USphone[1],
 943                 usbuf.USphone[2],usbuf.USphone[3],
 944                 usbuf.USphone[4],usbuf.USphone[5],
 945                 usbuf.USphone[6],usbuf.USphone[7],
 946                 usbuf.USphone[8],usbuf.USphone[9]);
 947
 948         cprintf("%d\n",usbuf.axlevel);
 949         cprintf("%s\n",usbuf.USemail);
 950         cprintf("000\n");
 951         }
 952
 953 /*
 954  * validate a user
 955  */
 956 void cmd_vali(char *v_args)
 957 {
 958         char user[256];
 959         int newax;
 960         struct usersupp userbuf;
 961
 962         extract(user,v_args,0);
 963         newax = extract_int(v_args,1);
 964
 965         if (!(CC->logged_in)) {
 966                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 967                 return;
 968                 }
 969
 970         if (CC->usersupp.axlevel < 6) {
 971                 cprintf("%d Higher access required.\n",
 972                         ERROR+HIGHER_ACCESS_REQUIRED);
 973                 return;
 974                 }
 975
 976         if (lgetuser(&userbuf,user)!=0) {
 977                 cprintf("%d '%s' not found.\n",ERROR+NO_SUCH_USER,user);
 978                 return;
 979                 }
 980
 981         userbuf.axlevel = newax;
 982         userbuf.flags = (userbuf.flags & ~US_NEEDVALID);
 983
 984         lputuser(&userbuf,user);
 985
 986         /* If the access level was set to zero, delete the user */
 987         if (newax == 0) {
 988                 if (purge_user(user)==0) {
 989                         cprintf("%d %s Deleted.\n", OK, userbuf.fullname);
 990                         return;
 991                         }
 992                 }
 993
 994         cprintf("%d ok\n",OK);
 995         }
 996
 997
 998
 999 /*
1000  *  Traverse the user file...
1001  */
1002 void ForEachUser(void (*CallBack)(struct usersupp *EachUser)) {
1003         struct usersupp usbuf;
1004         struct cdbdata *cdbus;
1005
1006         cdb_rewind(CDB_USERSUPP);
1007
1008         while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
1009                 bzero(&usbuf, sizeof(struct usersupp));
1010                 memcpy(&usbuf, cdbus->ptr,
1011                         ( (cdbus->len > sizeof(struct usersupp)) ?
1012                         sizeof(struct usersupp) : cdbus->len) );
1013                 cdb_free(cdbus);
1014                 (*CallBack)(&usbuf);
1015                 }
1016         }
1017
1018
1019 /*
1020  * List one user (this works with cmd_list)
1021  */
1022 void ListThisUser(struct usersupp *usbuf) {
1023         if (usbuf->axlevel > 0) {
1024                 if ((CC->usersupp.axlevel>=6)
1025                    ||((usbuf->flags&US_UNLISTED)==0)
1026                    ||((CC->internal_pgm))) {
1027                         cprintf("%s|%d|%ld|%ld|%d|%d|",
1028                                 usbuf->fullname,
1029                                 usbuf->axlevel,
1030                                 usbuf->usernum,
1031                                 usbuf->lastcall,
1032                                 usbuf->timescalled,
1033                                 usbuf->posted);
1034                         if (CC->usersupp.axlevel >= 6)
1035                                 cprintf("%s",usbuf->password);
1036                         cprintf("\n");
1037                         }
1038                 }
1039         }
1040
1041 /*
1042  *  List users
1043  */
1044 void cmd_list(void) {
1045         cprintf("%d \n",LISTING_FOLLOWS);
1046         ForEachUser(ListThisUser);
1047         cprintf("000\n");
1048         }
1049
1050
1051 /*
1052  * enter registration info
1053  */
1054 void cmd_regi(void) {
1055         int a,b,c;
1056         char buf[256];
1057
1058         char tmpname[256];
1059         char tmpaddr[256];
1060         char tmpcity[256];
1061         char tmpstate[256];
1062         char tmpzip[256];
1063         char tmpphone[256];
1064         char tmpemail[256];
1065
1066         if (!(CC->logged_in)) {
1067                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
1068                 return;
1069                 }
1070
1071         strcpy(tmpname,"");
1072         strcpy(tmpaddr,"");
1073         strcpy(tmpcity,"");
1074         strcpy(tmpstate,"");
1075         strcpy(tmpzip,"");
1076         strcpy(tmpphone,"");
1077         strcpy(tmpemail,"");
1078
1079         cprintf("%d Send registration...\n",SEND_LISTING);
1080         a=0;
1081         while (client_gets(buf), strcmp(buf,"000")) {
1082                 if (a==0) strcpy(tmpname,buf);
1083                 if (a==1) strcpy(tmpaddr,buf);
1084                 if (a==2) strcpy(tmpcity,buf);
1085                 if (a==3) strcpy(tmpstate,buf);
1086                 if (a==4) {
1087                         for (c=0; c<strlen(buf); ++c) {
1088                                 if ((buf[c]>='0')&&(buf[c]<='9')) {
1089                                         b=strlen(tmpzip);
1090                                         tmpzip[b]=buf[c];
1091                                         tmpzip[b+1]=0;
1092                                         }
1093                                 }
1094                         }
1095                 if (a==5) {
1096                         for (c=0; c<strlen(buf); ++c) {
1097                                 if ((buf[c]>='0')&&(buf[c]<='9')) {
1098                                         b=strlen(tmpphone);
1099                                         tmpphone[b]=buf[c];
1100                                         tmpphone[b+1]=0;
1101                                         }
1102                                 }
1103                         }
1104                 if (a==6) strncpy(tmpemail,buf,31);
1105                 ++a;
1106                 }
1107
1108         tmpname[29]=0;
1109         tmpaddr[24]=0;
1110         tmpcity[14]=0;
1111         tmpstate[2]=0;
1112         tmpzip[9]=0;
1113         tmpphone[10]=0;
1114         tmpemail[31]=0;
1115
1116         lgetuser(&CC->usersupp,CC->curr_user);
1117         strcpy(CC->usersupp.USname,tmpname);
1118         strcpy(CC->usersupp.USaddr,tmpaddr);
1119         strcpy(CC->usersupp.UScity,tmpcity);
1120         strcpy(CC->usersupp.USstate,tmpstate);
1121         strcpy(CC->usersupp.USzip,tmpzip);
1122         strcpy(CC->usersupp.USphone,tmpphone);
1123         strcpy(CC->usersupp.USemail,tmpemail);
1124         CC->usersupp.flags=(CC->usersupp.flags|US_REGIS|US_NEEDVALID);
1125         lputuser(&CC->usersupp,CC->curr_user);
1126
1127         /* set global flag calling for validation */
1128         begin_critical_section(S_CONTROL);
1129         get_control();
1130         CitControl.MMflags = CitControl.MMflags | MM_VALID ;
1131         put_control();
1132         end_critical_section(S_CONTROL);
1133         cprintf("%d *** End of registration.\n",OK);
1134         }
1135
1136
1137 /*
1138  * assorted info we need to check at login
1139  */
1140 void cmd_chek(void) {
1141         int mail = 0;
1142         int regis = 0;
1143         int vali = 0;
1144
1145         if (!(CC->logged_in)) {
1146                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
1147                 return;
1148                 }
1149
1150         getuser(&CC->usersupp,CC->curr_user); /* no lock is needed here */
1151         if ((REGISCALL!=0)&&((CC->usersupp.flags&US_REGIS)==0)) regis = 1;
1152
1153         if (CC->usersupp.axlevel >= 6) {
1154                 get_control();
1155                 if (CitControl.MMflags&MM_VALID) vali = 1;
1156                 }
1157
1158
1159         /* check for mail */
1160         mail = NewMailCount();
1161
1162         cprintf("%d %d|%d|%d\n",OK,mail,regis,vali);
1163         }
1164
1165
1166 /*
1167  * check to see if a user exists
1168  */
1169 void cmd_qusr(char *who)
1170 {
1171         struct usersupp usbuf;
1172
1173         if (getuser(&usbuf,who) == 0) {
1174                 cprintf("%d %s\n",OK,usbuf.fullname);
1175                 }
1176         else {
1177                 cprintf("%d No such user.\n",ERROR+NO_SUCH_USER);
1178                 }
1179         }
1180
1181
1182 /*
1183  * enter user bio
1184  */
1185 void cmd_ebio(void) {
1186         char buf[256];
1187         FILE *fp;
1188
1189         if (!(CC->logged_in)) {
1190                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
1191                 return;
1192                 }
1193
1194         sprintf(buf,"./bio/%ld",CC->usersupp.usernum);
1195         fp = fopen(buf,"w");
1196         if (fp == NULL) {
1197                 cprintf("%d Cannot create file\n",ERROR);
1198                 return;
1199                 }
1200         cprintf("%d  \n",SEND_LISTING);
1201         while(client_gets(buf), strcmp(buf,"000")) {
1202                 fprintf(fp,"%s\n",buf);
1203                 }
1204         fclose(fp);
1205         }
1206
1207 /*
1208  * read user bio
1209  */
1210 void cmd_rbio(char *cmdbuf)
1211 {
1212         struct usersupp ruser;
1213         char buf[256];
1214         FILE *fp;
1215
1216         extract(buf,cmdbuf,0);
1217         if (getuser(&ruser,buf)!=0) {
1218                 cprintf("%d No such user.\n",ERROR+NO_SUCH_USER);
1219                 return;
1220                 }
1221         sprintf(buf,"./bio/%ld",ruser.usernum);
1222
1223         fp = fopen(buf,"r");
1224         if (fp == NULL) {
1225                 cprintf("%d %s has no bio on file.\n",
1226                         ERROR+FILE_NOT_FOUND,ruser.fullname);
1227                 return;
1228                 }
1229         cprintf("%d  \n",LISTING_FOLLOWS);
1230         while (fgets(buf,256,fp)!=NULL) cprintf("%s",buf);
1231         fclose(fp);
1232         cprintf("000\n");
1233         }
1234
1235 /*
1236  * list of users who have entered bios
1237  */
1238 void cmd_lbio(void) {
1239         char buf[256];
1240         FILE *ls;
1241         struct usersupp usbuf;
1242
1243         ls=popen("cd ./bio; ls","r");
1244         if (ls==NULL) {
1245                 cprintf("%d Cannot open listing.\n",ERROR+FILE_NOT_FOUND);
1246                 return;
1247                 }
1248
1249         cprintf("%d\n",LISTING_FOLLOWS);
1250         while (fgets(buf,255,ls)!=NULL)
1251                 if (getuserbynumber(&usbuf,atol(buf))==0)
1252                         cprintf("%s\n",usbuf.fullname);
1253         pclose(ls);
1254         cprintf("000\n");
1255         }
1256
1257
1258 /*
1259  * Administrative Get User Parameters
1260  */
1261 void cmd_agup(char *cmdbuf) {
1262         struct usersupp usbuf;
1263         char requested_user[256];
1264
1265         if ( (CC->internal_pgm==0)
1266            && ( (CC->logged_in == 0) || (is_aide()==0) ) ) {
1267                 cprintf("%d Higher access required.\n",
1268                         ERROR + HIGHER_ACCESS_REQUIRED);
1269                 return;
1270                 }
1271
1272         extract(requested_user, cmdbuf, 0);
1273         if (getuser(&usbuf, requested_user) != 0) {
1274                 cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
1275                 return;
1276                 }
1277
1278         cprintf("%d %s|%s|%u|%d|%d|%d|%ld\n",
1279                 OK,
1280                 usbuf.fullname,
1281                 usbuf.password,
1282                 usbuf.flags,
1283                 usbuf.timescalled,
1284                 usbuf.posted,
1285                 (int)usbuf.axlevel,
1286                 usbuf.usernum);
1287
1288         }
1289
1290
1291
1292 /*
1293  * Administrative Set User Parameters
1294  */
1295 void cmd_asup(char *cmdbuf) {
1296         struct usersupp usbuf;
1297         char requested_user[256];
1298         int np;
1299         int newax;
1300
1301         if ( (CC->internal_pgm==0)
1302            && ( (CC->logged_in == 0) || (is_aide()==0) ) ) {
1303                 cprintf("%d Higher access required.\n",
1304                         ERROR + HIGHER_ACCESS_REQUIRED);
1305                 return;
1306                 }
1307
1308         extract(requested_user, cmdbuf, 0);
1309         if (lgetuser(&usbuf, requested_user) != 0) {
1310                 cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
1311                 return;
1312                 }
1313
1314         np = num_parms(cmdbuf);
1315         if (np > 1) extract(usbuf.password, cmdbuf, 1);
1316         if (np > 2) usbuf.flags = extract_int(cmdbuf, 2);
1317         if (np > 3) usbuf.timescalled = extract_int(cmdbuf, 3);
1318         if (np > 4) usbuf.posted = extract_int(cmdbuf, 4);
1319         if (np > 5) {
1320                 newax = extract_int(cmdbuf, 5);
1321                 if ((newax >=0) && (newax <= 6)) {
1322                         usbuf.axlevel = extract_int(cmdbuf, 5);
1323                         }
1324                 }
1325
1326         lputuser(&usbuf, requested_user);
1327         if (usbuf.axlevel == 0) {
1328                 if (purge_user(requested_user)==0) {
1329                         cprintf("%d %s deleted.\n", OK, requested_user);
1330                         }
1331                 }
1332         cprintf("%d Ok\n", OK);
1333         }
1334
1335
1336 /*
1337  * Count the number of new mail messages the user has
1338  */
1339 int NewMailCount() {
1340         int num_newmsgs = 0;
1341         struct cdbdata *cdbmb;
1342         int num_mails;
1343         long *mailbox;
1344         int a;
1345
1346         cdbmb = cdb_fetch(CDB_MAILBOXES, &CC->usersupp.usernum, sizeof(long));
1347         if (cdbmb != NULL) {
1348                 num_mails = cdbmb->len / sizeof(long);
1349                 mailbox = (long *) cdbmb->ptr;
1350                 if (num_mails > 0) for (a=0; a<num_mails; ++a) {
1351                         if (mailbox[a] > (CC->usersupp.lastseen[1]))
1352                                 ++num_newmsgs;
1353                         }
1354                 cdb_free(cdbmb);
1355                 }
1356         return(num_newmsgs);
1357         }