/* Set v_seen if necessary */
if (vbuf->v_seen[0] == 0) {
- sprintf(vbuf->v_seen, "*:%ld", vbuf->v_lastseen);
+ snprintf(vbuf->v_seen, sizeof vbuf->v_seen, "*:%ld", vbuf->v_lastseen);
}
}
-void MailboxName(char *buf, struct usersupp *who, char *prefix)
+void MailboxName(char *buf, size_t n, const struct usersupp *who, const char *prefix)
{
- sprintf(buf, "%010ld.%s", who->usernum, prefix);
+ snprintf(buf, n, "%010ld.%s", who->usernum, prefix);
}
void logged_in_response(void)
{
cprintf("%d %s|%d|%ld|%ld|%u|%ld|%ld\n",
- OK, CC->usersupp.fullname, CC->usersupp.axlevel,
+ CIT_OK, CC->usersupp.fullname, CC->usersupp.axlevel,
CC->usersupp.timescalled, CC->usersupp.posted,
CC->usersupp.flags, CC->usersupp.usernum,
CC->usersupp.lastcall);
}
close(pipev[0]);
- write(pipev[1], buf, sprintf(buf, "%lu\n", (unsigned long) uid));
+ write(pipev[1], buf,
+ snprintf(buf, sizeof buf, "%lu\n", (unsigned long) uid));
write(pipev[1], pass, strlen(pass));
write(pipev[1], "\n", 1);
close(pipev[1]);
cdb_delete(CDB_USERSUPP, lowercase_name, strlen(lowercase_name));
/* remove the user's bio file */
- sprintf(filename, "./bio/%ld", usbuf.usernum);
+ snprintf(filename, sizeof filename, "./bio/%ld", usbuf.usernum);
unlink(filename);
/* remove the user's picture */
- sprintf(filename, "./userpics/%ld.gif", usbuf.usernum);
+ snprintf(filename, sizeof filename, "./userpics/%ld.gif", usbuf.usernum);
unlink(filename);
return (0);
putuser(&usbuf);
/* give the user a private mailbox */
- MailboxName(mailboxname, &usbuf, MAILROOM);
+ MailboxName(mailboxname, sizeof mailboxname, &usbuf, MAILROOM);
create_room(mailboxname, 5, "", 0, 1);
/*** Everything below this line can be bypassed if we are administratively
}
strproc(new_pw);
if (strlen(new_pw) == 0) {
- cprintf("%d Password unchanged.\n", OK);
+ cprintf("%d Password unchanged.\n", CIT_OK);
return;
}
lgetuser(&CC->usersupp, CC->curr_user);
strcpy(CC->usersupp.password, new_pw);
lputuser(&CC->usersupp);
- cprintf("%d Password changed.\n", OK);
+ cprintf("%d Password changed.\n", CIT_OK);
rec_log(CL_PWCHANGE, CC->curr_user);
PerformSessionHooks(EVT_SETPASS);
}
a = create_user(username, 0);
if (a == 0) {
- cprintf("%d ok\n", OK);
+ cprintf("%d ok\n", CIT_OK);
return;
} else if (a == ERROR + ALREADY_EXISTS) {
cprintf("%d '%s' already exists.\n",
getuser(&CC->usersupp, CC->curr_user);
cprintf("%d %d|%d|%d|%d\n",
- OK,
+ CIT_OK,
CC->usersupp.USscreenwidth,
CC->usersupp.USscreenheight,
(CC->usersupp.flags & US_USER_SET),
lprintf(9, "new_mod processed to %d\n", new_mod);
}
lputuser(&CC->usersupp);
- cprintf("%d Ok\n", OK);
+ cprintf("%d Ok\n", CIT_OK);
}
/*
CtdlGetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
vbuf.v_lastseen = newlr;
- sprintf(vbuf.v_seen, "*:%ld", newlr);
+ snprintf(vbuf.v_seen, sizeof vbuf.v_seen, "*:%ld", newlr);
CtdlSetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
lputuser(&CC->usersupp);
- cprintf("%d %ld\n", OK, newlr);
+ cprintf("%d %ld\n", CIT_OK, newlr);
}
target_setting = extract_int(argbuf, 1);
CtdlSetSeen(target_msgnum, target_setting);
- cprintf("%d OK\n", OK);
+ cprintf("%d OK\n", CIT_OK);
}
char bbb[SIZ];
struct visit vbuf;
- if (CtdlAccessCheck(ac_room_aide))
- return;
+ /*
+ * These commands are only allowed by aides, room aides,
+ * and room namespace owners
+ */
+ if (is_room_aide()
+ || (atol(CC->quickroom.QRname) == CC->usersupp.usernum) ) {
+ /* access granted */
+ }
+ else {
+ /* access denied */
+ cprintf("%d Higher access or room ownership required.\n",
+ ERROR + HIGHER_ACCESS_REQUIRED);
+ return;
+ }
if (lgetuser(&USscratch, iuser) != 0) {
cprintf("%d No such user.\n", ERROR);
lputuser(&USscratch);
/* post a message in Aide> saying what we just did */
- sprintf(bbb, "%s %s %s> by %s\n",
+ snprintf(bbb, sizeof bbb, "%s %s %s> by %s\n",
iuser,
((op == 1) ? "invited to" : "kicked out of"),
CC->quickroom.QRname,
aide_message(bbb);
cprintf("%d %s %s %s.\n",
- OK, iuser,
+ CIT_OK, iuser,
((op == 1) ? "invited to" : "kicked out of"),
CC->quickroom.QRname);
return;
}
if (CtdlForgetThisRoom() == 0) {
- cprintf("%d Ok\n", OK);
+ cprintf("%d Ok\n", CIT_OK);
}
else {
cprintf("%d You may not forget this room.\n", ERROR);
}
if ((CitControl.MMflags & MM_VALID) == 0) {
- cprintf("%d There are no unvalidated users.\n", OK);
+ cprintf("%d There are no unvalidated users.\n", CIT_OK);
return;
}
CitControl.MMflags = CitControl.MMflags & (~MM_VALID);
put_control();
end_critical_section(S_CONTROL);
- cprintf("%d *** End of registration.\n", OK);
+ cprintf("%d *** End of registration.\n", CIT_OK);
}
/* If the access level was set to zero, delete the user */
if (newax == 0) {
if (purge_user(user) == 0) {
- cprintf("%d %s Deleted.\n", OK, userbuf.fullname);
+ cprintf("%d %s Deleted.\n", CIT_OK, userbuf.fullname);
return;
}
}
- cprintf("%d User '%s' validated.\n", OK, userbuf.fullname);
+ cprintf("%d User '%s' validated.\n", CIT_OK, userbuf.fullname);
}
/* check for mail */
mail = NewMailCount();
- cprintf("%d %d|%d|%d\n", OK, mail, regis, vali);
+ cprintf("%d %d|%d|%d\n", CIT_OK, mail, regis, vali);
}
struct usersupp usbuf;
if (getuser(&usbuf, who) == 0) {
- cprintf("%d %s\n", OK, usbuf.fullname);
+ cprintf("%d %s\n", CIT_OK, usbuf.fullname);
} else {
cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
}
return;
}
cprintf("%d %s|%s|%u|%ld|%ld|%d|%ld|%ld|%d\n",
- OK,
+ CIT_OK,
usbuf.fullname,
usbuf.password,
usbuf.flags,
deleted = 1;
}
}
- cprintf("%d Ok", OK);
+ cprintf("%d Ok", CIT_OK);
if (deleted)
cprintf(" (%s deleted)", requested_user);
cprintf("\n");
long *msglist = NULL;
int num_msgs = 0;
- MailboxName(mailboxname, &CC->usersupp, MAILROOM);
+ MailboxName(mailboxname, sizeof mailboxname, &CC->usersupp, MAILROOM);
if (getroom(&mailbox, mailboxname) != 0)
return (0);
CtdlGetRelationship(&vbuf, &CC->usersupp, &mailbox);