4 * This module handles self-service subscription/unsubscription to mail lists.
6 * Copyright (c) 2002-2009 by the citadel.org team
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
33 #include <sys/types.h>
35 #if TIME_WITH_SYS_TIME
36 # include <sys/time.h>
40 # include <sys/time.h>
49 #include <libcitadel.h>
52 #include "citserver.h"
58 #include "internet_addressing.h"
59 #include "clientsocket.h"
68 #include "ctdl_module.h"
72 * Generate a randomizationalisticized token to use for authentication of
73 * a subscribe or unsubscribe request.
75 void listsub_generate_token(char *buf) {
79 /* Theo, please sit down and shut up. This key doesn't have to be
80 * tinfoil-hat secure, it just needs to be reasonably unguessable
83 sprintf(sourcebuf, "%lx",
84 (long) (++seq + getpid() + time(NULL))
87 /* Convert it to base64 so it looks cool */
88 CtdlEncodeBase64(buf, sourcebuf, strlen(sourcebuf), 0);
93 * Enter a subscription request
95 void do_subscribe(char *room, char *email, char *subtype, char *webpage) {
96 struct ctdlroom qrbuf;
100 char confirmation_request[2048];
102 char urlroom[ROOMNAMELEN];
107 if (CtdlGetRoom(&qrbuf, room) != 0) {
108 cprintf("%d There is no list called '%s'\n", ERROR + ROOM_NOT_FOUND, room);
112 if ((qrbuf.QRflags2 & QR2_SELFLIST) == 0) {
114 "does not accept subscribe/unsubscribe requests.\n",
115 ERROR + HIGHER_ACCESS_REQUIRED, qrbuf.QRname);
119 listsub_generate_token(token);
121 assoc_file_name(filename, sizeof filename, &qrbuf, ctdl_netcfg_dir);
124 * Make sure the requested address isn't already subscribed
126 begin_critical_section(S_NETCONFIGS);
127 ncfp = fopen(filename, "r");
129 while (fgets(buf, sizeof buf, ncfp) != NULL) {
130 buf[strlen(buf)-1] = 0;
131 extract_token(scancmd, buf, 0, '|', sizeof scancmd);
132 extract_token(scanemail, buf, 1, '|', sizeof scanemail);
133 if ((!strcasecmp(scancmd, "listrecp"))
134 || (!strcasecmp(scancmd, "digestrecp"))) {
135 if (!strcasecmp(scanemail, email)) {
142 end_critical_section(S_NETCONFIGS);
144 if (found_sub != 0) {
145 cprintf("%d '%s' is already subscribed to '%s'.\n",
146 ERROR + ALREADY_EXISTS,
147 email, qrbuf.QRname);
152 * Now add it to the file
154 begin_critical_section(S_NETCONFIGS);
155 ncfp = fopen(filename, "a");
157 fprintf(ncfp, "subpending|%s|%s|%s|%ld|%s\n",
166 end_critical_section(S_NETCONFIGS);
168 /* Generate and send the confirmation request */
170 urlesc(urlroom, ROOMNAMELEN, qrbuf.QRname);
172 snprintf(confirmation_request, sizeof confirmation_request,
174 "MIME-Version: 1.0\n"
175 "Content-Type: multipart/alternative; boundary=\"__ctdlmultipart__\"\n"
177 "This is a multipart message in MIME format.\n"
179 "--__ctdlmultipart__\n"
180 "Content-type: text/plain\n"
182 "Someone (probably you) has submitted a request to subscribe\n"
183 "<%s> to the '%s' mailing list.\n"
185 "Please go here to confirm this request:\n"
186 " %s?room=%s&token=%s&cmd=confirm \n"
188 "If this request has been submitted in error and you do not\n"
189 "wish to receive the '%s' mailing list, simply do nothing,\n"
190 "and you will not receive any further mailings.\n"
192 "--__ctdlmultipart__\n"
193 "Content-type: text/html\n"
196 "Someone (probably you) has submitted a request to subscribe\n"
197 "<%s> to the <B>%s</B> mailing list.<BR><BR>\n"
198 "Please click here to confirm this request:<BR>\n"
199 "<A HREF=\"%s?room=%s&token=%s&cmd=confirm\">"
200 "%s?room=%s&token=%s&cmd=confirm</A><BR><BR>\n"
201 "If this request has been submitted in error and you do not\n"
202 "wish to receive the '%s' mailing list, simply do nothing,\n"
203 "and you will not receive any further mailings.\n"
206 "--__ctdlmultipart__--\n",
209 webpage, urlroom, token,
213 webpage, urlroom, token,
214 webpage, urlroom, token,
218 quickie_message( /* This delivers the message */
223 confirmation_request,
225 "Please confirm your list subscription"
228 cprintf("%d Subscription entered; confirmation request sent\n", CIT_OK);
233 * Enter an unsubscription request
235 void do_unsubscribe(char *room, char *email, char *webpage) {
236 struct ctdlroom qrbuf;
241 char confirmation_request[2048];
242 char urlroom[ROOMNAMELEN];
247 if (CtdlGetRoom(&qrbuf, room) != 0) {
248 cprintf("%d There is no list called '%s'\n",
249 ERROR + ROOM_NOT_FOUND, room);
253 if ((qrbuf.QRflags2 & QR2_SELFLIST) == 0) {
255 "does not accept subscribe/unsubscribe requests.\n",
256 ERROR + HIGHER_ACCESS_REQUIRED, qrbuf.QRname);
260 listsub_generate_token(token);
262 assoc_file_name(filename, sizeof filename, &qrbuf, ctdl_netcfg_dir);
265 * Make sure there's actually a subscription there to remove
267 begin_critical_section(S_NETCONFIGS);
268 ncfp = fopen(filename, "r");
270 while (fgets(buf, sizeof buf, ncfp) != NULL) {
271 buf[strlen(buf)-1] = 0;
272 extract_token(scancmd, buf, 0, '|', sizeof scancmd);
273 extract_token(scanemail, buf, 1, '|', sizeof scanemail);
274 if ((!strcasecmp(scancmd, "listrecp"))
275 || (!strcasecmp(scancmd, "digestrecp"))) {
276 if (!strcasecmp(scanemail, email)) {
283 end_critical_section(S_NETCONFIGS);
285 if (found_sub == 0) {
286 cprintf("%d '%s' is not subscribed to '%s'.\n",
287 ERROR + NO_SUCH_USER,
288 email, qrbuf.QRname);
293 * Ok, now enter the unsubscribe-pending entry.
295 begin_critical_section(S_NETCONFIGS);
296 ncfp = fopen(filename, "a");
298 fprintf(ncfp, "unsubpending|%s|%s|%ld|%s\n",
306 end_critical_section(S_NETCONFIGS);
308 /* Generate and send the confirmation request */
310 urlesc(urlroom, ROOMNAMELEN, qrbuf.QRname);
312 snprintf(confirmation_request, sizeof confirmation_request,
314 "MIME-Version: 1.0\n"
315 "Content-Type: multipart/alternative; boundary=\"__ctdlmultipart__\"\n"
317 "This is a multipart message in MIME format.\n"
319 "--__ctdlmultipart__\n"
320 "Content-type: text/plain\n"
322 "Someone (probably you) has submitted a request to unsubscribe\n"
323 "<%s> from the '%s' mailing list.\n"
325 "Please go here to confirm this request:\n"
326 " %s?room=%s&token=%s&cmd=confirm \n"
328 "If this request has been submitted in error and you do not\n"
329 "wish to unsubscribe from the '%s' mailing list, simply do nothing,\n"
330 "and the request will not be processed.\n"
332 "--__ctdlmultipart__\n"
333 "Content-type: text/html\n"
336 "Someone (probably you) has submitted a request to unsubscribe\n"
337 "<%s> from the <B>%s</B> mailing list.<BR><BR>\n"
338 "Please click here to confirm this request:<BR>\n"
339 "<A HREF=\"%s?room=%s&token=%s&cmd=confirm\">"
340 "%s?room=%s&token=%s&cmd=confirm</A><BR><BR>\n"
341 "If this request has been submitted in error and you do not\n"
342 "wish to unsubscribe from the '%s' mailing list, simply do nothing,\n"
343 "and the request will not be processed.\n"
346 "--__ctdlmultipart__--\n",
349 webpage, urlroom, token,
353 webpage, urlroom, token,
354 webpage, urlroom, token,
358 quickie_message( /* This delivers the message */
363 confirmation_request,
365 "Please confirm your unsubscribe request"
368 cprintf("%d Unubscription noted; confirmation request sent\n", CIT_OK);
373 * Confirm a subscribe/unsubscribe request.
375 void do_confirm(char *room, char *token) {
376 struct ctdlroom qrbuf;
379 char line_token[256];
387 char address_to_unsubscribe[256];
390 char *holdbuf = NULL;
394 strcpy(address_to_unsubscribe, "");
396 if (CtdlGetRoom(&qrbuf, room) != 0) {
397 cprintf("%d There is no list called '%s'\n",
398 ERROR + ROOM_NOT_FOUND, room);
402 if ((qrbuf.QRflags2 & QR2_SELFLIST) == 0) {
404 "does not accept subscribe/unsubscribe requests.\n",
405 ERROR + HIGHER_ACCESS_REQUIRED, qrbuf.QRname);
410 * Now start scanning this room's netconfig file for the
413 assoc_file_name(filename, sizeof filename, &qrbuf, ctdl_netcfg_dir);
414 begin_critical_section(S_NETCONFIGS);
415 ncfp = fopen(filename, "r+");
417 while (line_offset = ftell(ncfp),
418 (fgets(buf, sizeof buf, ncfp) != NULL) ) {
419 buf[strlen(buf)-1] = 0;
420 line_length = strlen(buf);
421 extract_token(cmd, buf, 0, '|', sizeof cmd);
422 if (!strcasecmp(cmd, "subpending")) {
423 extract_token(email, buf, 1, '|', sizeof email);
424 extract_token(subtype, buf, 2, '|', sizeof subtype);
425 extract_token(line_token, buf, 3, '|', sizeof line_token);
426 if (!strcasecmp(token, line_token)) {
427 if (!strcasecmp(subtype, "digest")) {
428 safestrncpy(buf, "digestrecp|", sizeof buf);
431 safestrncpy(buf, "listrecp|", sizeof buf);
435 /* SLEAZY HACK: pad the line out so
436 * it's the same length as the line
439 while (strlen(buf) < line_length) {
442 fseek(ncfp, line_offset, SEEK_SET);
443 fprintf(ncfp, "%s\n", buf);
447 if (!strcasecmp(cmd, "unsubpending")) {
448 extract_token(line_token, buf, 2, '|', sizeof line_token);
449 if (!strcasecmp(token, line_token)) {
450 extract_token(address_to_unsubscribe, buf, 1, '|',
451 sizeof address_to_unsubscribe);
457 end_critical_section(S_NETCONFIGS);
460 * If "address_to_unsubscribe" contains something, then we have to
461 * make another pass at the file, stripping out lines referring to
464 if (!IsEmptyStr(address_to_unsubscribe)) {
465 holdbuf = malloc(SIZ);
466 begin_critical_section(S_NETCONFIGS);
467 ncfp = fopen(filename, "r+");
469 while (line_offset = ftell(ncfp),
470 (fgets(buf, sizeof buf, ncfp) != NULL) ) {
471 buf[strlen(buf)-1]=0;
472 extract_token(scancmd, buf, 0, '|', sizeof scancmd);
473 extract_token(scanemail, buf, 1, '|', sizeof scanemail);
474 if ( (!strcasecmp(scancmd, "listrecp"))
475 && (!strcasecmp(scanemail,
476 address_to_unsubscribe)) ) {
479 else if ( (!strcasecmp(scancmd, "digestrecp"))
480 && (!strcasecmp(scanemail,
481 address_to_unsubscribe)) ) {
484 else if ( (!strcasecmp(scancmd, "subpending"))
485 && (!strcasecmp(scanemail,
486 address_to_unsubscribe)) ) {
489 else if ( (!strcasecmp(scancmd, "unsubpending"))
490 && (!strcasecmp(scanemail,
491 address_to_unsubscribe)) ) {
494 else { /* Not relevant, so *keep* it! */
495 linelen = strlen(buf);
496 holdbuf = realloc(holdbuf,
497 (buflen + linelen + 2) );
498 strcpy(&holdbuf[buflen], buf);
500 strcpy(&holdbuf[buflen], "\n");
506 ncfp = fopen(filename, "w");
508 fwrite(holdbuf, buflen+1, 1, ncfp);
511 end_critical_section(S_NETCONFIGS);
516 * Did we do anything useful today?
519 cprintf("%d %d operation(s) confirmed.\n", CIT_OK, success);
520 CtdlLogPrintf(CTDL_NOTICE,
521 "Mailing list: %s %ssubscribed to %s with token %s\n",
523 (!IsEmptyStr(address_to_unsubscribe)) ? "un" : "",
528 cprintf("%d Invalid token.\n", ERROR + ILLEGAL_VALUE);
536 * process subscribe/unsubscribe requests and confirmations
538 void cmd_subs(char *cmdbuf) {
541 char room[ROOMNAMELEN];
547 extract_token(opr, cmdbuf, 0, '|', sizeof opr);
548 if (!strcasecmp(opr, "subscribe")) {
549 extract_token(subtype, cmdbuf, 3, '|', sizeof subtype);
550 if ( (strcasecmp(subtype, "list"))
551 && (strcasecmp(subtype, "digest")) ) {
552 cprintf("%d Invalid subscription type '%s'\n",
553 ERROR + ILLEGAL_VALUE, subtype);
556 extract_token(room, cmdbuf, 1, '|', sizeof room);
557 extract_token(email, cmdbuf, 2, '|', sizeof email);
558 extract_token(webpage, cmdbuf, 4, '|', sizeof webpage);
559 do_subscribe(room, email, subtype, webpage);
562 else if (!strcasecmp(opr, "unsubscribe")) {
563 extract_token(room, cmdbuf, 1, '|', sizeof room);
564 extract_token(email, cmdbuf, 2, '|', sizeof email);
565 extract_token(webpage, cmdbuf, 3, '|', sizeof webpage);
566 do_unsubscribe(room, email, webpage);
568 else if (!strcasecmp(opr, "confirm")) {
569 extract_token(room, cmdbuf, 1, '|', sizeof room);
570 extract_token(token, cmdbuf, 2, '|', sizeof token);
571 do_confirm(room, token);
574 cprintf("%d Invalid command\n", ERROR + ILLEGAL_VALUE);
582 CTDL_MODULE_INIT(listsub)
586 CtdlRegisterProtoHook(cmd_subs, "SUBS", "List subscribe/unsubscribe");
589 /* return our Subversion id for the Log */