1 // Server functions which handle file transfers and room directories.
3 // Copyright (c) 1987-2024 by the citadel.org team
5 // This program is open source software. Use, duplication, or disclosure
6 // is subject to the terms of the GNU General Public License, version 3.
12 #include <libcitadel.h>
14 #include <sys/types.h>
16 #include "../../ctdl_module.h"
17 #include "../../citserver.h"
18 #include "../../support.h"
19 #include "../../config.h"
20 #include "../../user_ops.h"
23 // Server command to delete a file from a room's directory
24 void cmd_delf(char *filename) {
28 if (CtdlAccessCheck(ac_room_aide))
31 if ((CC->room.QRflags & QR_DIRECTORY) == 0) {
32 cprintf("%d No directory in this room.\n", ERROR + NOT_HERE);
36 if (IsEmptyStr(filename)) {
37 cprintf("%d You must specify a file name.\n", ERROR + FILE_NOT_FOUND);
40 for (a = 0; !IsEmptyStr(&filename[a]); ++a) {
41 if ((filename[a] == '/') || (filename[a] == '\\')) {
45 snprintf(pathname, sizeof pathname, "%s/%s/%s", ctdl_file_dir, CC->room.QRdirname, filename);
48 cprintf("%d File '%s' deleted.\n", CIT_OK, pathname);
51 cprintf("%d File '%s' not found.\n", ERROR + FILE_NOT_FOUND, pathname);
56 // move a file from one room directory to another
57 void cmd_movf(char *cmdbuf) {
58 char filename[PATH_MAX];
59 char pathname[PATH_MAX];
60 char newpath[PATH_MAX];
61 char newroom[ROOMNAMELEN];
64 struct ctdlroom qrbuf;
66 extract_token(filename, cmdbuf, 0, '|', sizeof filename);
67 extract_token(newroom, cmdbuf, 1, '|', sizeof newroom);
69 if (CtdlAccessCheck(ac_room_aide))
72 if ((CC->room.QRflags & QR_DIRECTORY) == 0) {
73 cprintf("%d No directory in this room.\n", ERROR + NOT_HERE);
77 if (IsEmptyStr(filename)) {
78 cprintf("%d You must specify a file name.\n", ERROR + FILE_NOT_FOUND);
82 for (a = 0; !IsEmptyStr(&filename[a]); ++a) {
83 if ((filename[a] == '/') || (filename[a] == '\\')) {
87 snprintf(pathname, sizeof pathname, "./files/%s/%s", CC->room.QRdirname, filename);
88 if (access(pathname, 0) != 0) {
89 cprintf("%d File '%s' not found.\n", ERROR + FILE_NOT_FOUND, pathname);
93 if (CtdlGetRoom(&qrbuf, newroom) != 0) {
94 cprintf("%d '%s' does not exist.\n", ERROR + ROOM_NOT_FOUND, newroom);
97 if ((qrbuf.QRflags & QR_DIRECTORY) == 0) {
98 cprintf("%d '%s' is not a directory room.\n", ERROR + NOT_HERE, qrbuf.QRname);
101 snprintf(newpath, sizeof newpath, "./files/%s/%s", qrbuf.QRdirname, filename);
102 if (link(pathname, newpath) != 0) {
103 cprintf("%d Couldn't move file: %s\n", ERROR + INTERNAL_ERROR, strerror(errno));
108 // this is a crude method of copying the file description
109 snprintf(buf, sizeof buf, "cat ./files/%s/filedir |grep \"%s\" >>./files/%s/filedir", CC->room.QRdirname, filename,
112 cprintf("%d File '%s' has been moved.\n", CIT_OK, filename);
116 // This code is common to all commands which open a file for downloading,
117 // regardless of whether it's a file from the directory, an image, a network
118 // spool file, a MIME attachment, etc.
119 // It examines the file and displays the OK result code and some information
120 // about the file. NOTE: this stuff is Unix dependent.
121 void OpenCmdResult(char *filename, const char *mime_type) {
126 fstat(fileno(CC->download_fp), &statbuf);
127 CC->download_fp_total = statbuf.st_size;
128 filesize = (long) statbuf.st_size;
129 modtime = (time_t) statbuf.st_mtime;
131 cprintf("%d %ld|%ld|%s|%s\n", CIT_OK, filesize, (long) modtime, filename, mime_type);
135 // open a file for downloading
136 void cmd_open(char *cmdbuf) {
138 char pathname[PATH_MAX];
141 extract_token(filename, cmdbuf, 0, '|', sizeof filename);
143 if (CtdlAccessCheck(ac_logged_in))
146 if ((CC->room.QRflags & QR_DIRECTORY) == 0) {
147 cprintf("%d No directory in this room.\n", ERROR + NOT_HERE);
151 if (IsEmptyStr(filename)) {
152 cprintf("%d You must specify a file name.\n", ERROR + FILE_NOT_FOUND);
155 if (strstr(filename, "../") != NULL) {
156 cprintf("%d syntax error.\n", ERROR + ILLEGAL_VALUE);
160 if (CC->download_fp != NULL) {
161 cprintf("%d You already have a download file open.\n", ERROR + RESOURCE_BUSY);
165 for (a = 0; !IsEmptyStr(&filename[a]); ++a) {
166 if ((filename[a] == '/') || (filename[a] == '\\')) {
171 snprintf(pathname, sizeof pathname, "%s/%s/%s", ctdl_file_dir, CC->room.QRdirname, filename);
172 CC->download_fp = fopen(pathname, "r");
174 if (CC->download_fp == NULL) {
175 cprintf("%d cannot open %s: %s\n", ERROR + INTERNAL_ERROR, pathname, strerror(errno));
179 OpenCmdResult(filename, "application/octet-stream");
183 // open an image file
184 void cmd_oimg(char *cmdbuf) {
185 char filename[PATH_MAX];
186 char pathname[PATH_MAX];
187 char MimeTestBuf[32];
190 extract_token(filename, cmdbuf, 0, '|', sizeof filename);
192 if (IsEmptyStr(filename)) {
193 cprintf("%d You must specify a file name.\n", ERROR + FILE_NOT_FOUND);
197 if (CC->download_fp != NULL) {
198 cprintf("%d You already have a download file open.\n", ERROR + RESOURCE_BUSY);
202 CC->download_fp = fopen(pathname, "rb");
203 if (CC->download_fp == NULL) {
204 strcat(pathname, ".gif");
205 CC->download_fp = fopen(pathname, "rb");
207 if (CC->download_fp == NULL) {
208 cprintf("%d Cannot open %s: %s\n", ERROR + FILE_NOT_FOUND, pathname, strerror(errno));
211 rv = fread(&MimeTestBuf[0], 1, 32, CC->download_fp);
213 cprintf("%d Cannot access %s: %s\n", ERROR + FILE_NOT_FOUND, pathname, strerror(errno));
217 rewind(CC->download_fp);
218 OpenCmdResult(pathname, GuessMimeType(&MimeTestBuf[0], 32));
222 // open a file for uploading
223 void cmd_uopn(char *cmdbuf) {
226 extract_token(CC->upl_file, cmdbuf, 0, '|', sizeof CC->upl_file);
227 extract_token(CC->upl_mimetype, cmdbuf, 1, '|', sizeof CC->upl_mimetype);
228 extract_token(CC->upl_comment, cmdbuf, 2, '|', sizeof CC->upl_comment);
230 if (CtdlAccessCheck(ac_logged_in))
233 if ((CC->room.QRflags & QR_DIRECTORY) == 0) {
234 cprintf("%d No directory in this room.\n", ERROR + NOT_HERE);
238 if (IsEmptyStr(CC->upl_file)) {
239 cprintf("%d You must specify a file name.\n", ERROR + FILE_NOT_FOUND);
243 if (CC->upload_fp != NULL) {
244 cprintf("%d You already have a upload file open.\n", ERROR + RESOURCE_BUSY);
248 for (a = 0; !IsEmptyStr(&CC->upl_file[a]); ++a) {
249 if ((CC->upl_file[a] == '/') || (CC->upl_file[a] == '\\')) {
250 CC->upl_file[a] = '_';
253 snprintf(CC->upl_path, sizeof CC->upl_path, "%s/%s/%s", ctdl_file_dir, CC->room.QRdirname, CC->upl_file);
254 snprintf(CC->upl_filedir, sizeof CC->upl_filedir, "%s/%s/filedir", ctdl_file_dir, CC->room.QRdirname);
256 CC->upload_fp = fopen(CC->upl_path, "r");
257 if (CC->upload_fp != NULL) {
258 fclose(CC->upload_fp);
259 CC->upload_fp = NULL;
260 cprintf("%d '%s' already exists\n", ERROR + ALREADY_EXISTS, CC->upl_path);
264 CC->upload_fp = fopen(CC->upl_path, "wb");
265 if (CC->upload_fp == NULL) {
266 cprintf("%d Cannot open %s: %s\n", ERROR + INTERNAL_ERROR, CC->upl_path, strerror(errno));
269 cprintf("%d Ok\n", CIT_OK);
273 // open an image file for uploading
274 void cmd_uimg(char *cmdbuf) {
275 int is_this_for_real;
279 if (num_parms(cmdbuf) < 2) {
280 cprintf("%d Usage error.\n", ERROR + ILLEGAL_VALUE);
284 is_this_for_real = extract_int(cmdbuf, 0);
285 extract_token(CC->upl_mimetype, cmdbuf, 1, '|', sizeof CC->upl_mimetype);
286 extract_token(basenm, cmdbuf, 2, '|', sizeof basenm);
287 if (CC->upload_fp != NULL) {
288 cprintf("%d You already have an upload file open.\n", ERROR + RESOURCE_BUSY);
292 strcpy(CC->upl_path, "");
294 for (a = 0; !IsEmptyStr(&basenm[a]); ++a) {
295 basenm[a] = tolower(basenm[a]);
296 if ((basenm[a] == '/') || (basenm[a] == '\\')) {
301 if (CC->user.axlevel >= AxAideU) {
302 snprintf(CC->upl_path, sizeof CC->upl_path, "%s/%s", ctdl_image_dir, basenm);
305 if (IsEmptyStr(CC->upl_path)) {
306 cprintf("%d Higher access required.\n", ERROR + HIGHER_ACCESS_REQUIRED);
310 if (is_this_for_real == 0) {
311 cprintf("%d Ok to send image\n", CIT_OK);
315 CC->upload_fp = fopen(CC->upl_path, "wb");
316 if (CC->upload_fp == NULL) {
317 cprintf("%d Cannot open %s: %s\n", ERROR + INTERNAL_ERROR, CC->upl_path, strerror(errno));
320 cprintf("%d Ok\n", CIT_OK);
324 // close the download file
325 void cmd_clos(char *cmdbuf) {
326 if (CC->download_fp == NULL) {
327 cprintf("%d You don't have a download file open.\n", ERROR + RESOURCE_NOT_OPEN);
331 fclose(CC->download_fp);
332 CC->download_fp = NULL;
333 cprintf("%d Ok\n", CIT_OK);
338 void abort_upl(CitContext * who) {
339 if (who->upload_fp != NULL) {
340 fclose(who->upload_fp);
341 who->upload_fp = NULL;
342 unlink(CC->upl_path);
347 // close the upload file
348 void cmd_ucls(char *cmd) {
350 char upload_notice[SIZ];
352 if (CC->upload_fp == NULL) {
353 cprintf("%d You don't have an upload file open.\n", ERROR + RESOURCE_NOT_OPEN);
357 fclose(CC->upload_fp);
358 CC->upload_fp = NULL;
360 if (!strcasecmp(cmd, "1")) {
361 cprintf("%d File '%s' saved.\n", CIT_OK, CC->upl_path);
362 fp = fopen(CC->upl_filedir, "a");
364 fp = fopen(CC->upl_filedir, "w");
367 fprintf(fp, "%s %s %s\n", CC->upl_file, CC->upl_mimetype, CC->upl_comment);
371 if ((CC->room.QRflags2 & QR2_NOUPLMSG) == 0) {
372 // put together an upload notice
373 snprintf(upload_notice, sizeof upload_notice,
374 "NEW UPLOAD: '%s'\n %s\n%s\n", CC->upl_file, CC->upl_comment, CC->upl_mimetype);
375 quickie_message(CC->curr_user, NULL, NULL, CC->room.QRname, upload_notice, 0, NULL);
380 cprintf("%d File '%s' aborted.\n", CIT_OK, CC->upl_path);
385 // read from the download file
386 void cmd_read(char *cmdbuf) {
392 // The client will transmit its requested offset and byte count
393 start_pos = extract_long(cmdbuf, 0);
394 bytes = extract_int(cmdbuf, 1);
395 if ((start_pos < 0) || (bytes <= 0)) {
396 cprintf("%d you have to specify a value > 0.\n", ERROR + ILLEGAL_VALUE);
400 if (CC->download_fp == NULL) {
401 cprintf("%d You don't have a download file open.\n", ERROR + RESOURCE_NOT_OPEN);
405 // If necessary, reduce the byte count to the size of our buffer
406 if (bytes > sizeof(buf)) {
410 rc = fseek(CC->download_fp, start_pos, 0);
412 cprintf("%d your file is smaller than %ld.\n", ERROR + ILLEGAL_VALUE, start_pos);
413 syslog(LOG_ERR, "serv_file: your file %s is smaller than %ld [%s]", CC->upl_path, start_pos, strerror(errno)
418 bytes = fread(buf, 1, bytes, CC->download_fp);
420 // Tell the client the actual byte count and transmit it
421 cprintf("%d %d\n", BINARY_FOLLOWS, (int) bytes);
422 client_write(buf, bytes);
425 cprintf("%d %s\n", ERROR, strerror(errno));
430 // write to the upload file
431 void cmd_writ(char *cmdbuf) {
438 bytes = extract_int(cmdbuf, 0);
440 if (CC->upload_fp == NULL) {
441 cprintf("%d You don't have an upload file open.\n", ERROR + RESOURCE_NOT_OPEN);
445 cprintf("%d you have to specify a value > 0.\n", ERROR + ILLEGAL_VALUE);
449 if (bytes > 100000) {
453 cprintf("%d %d\n", SEND_BINARY, bytes);
454 buf = malloc(bytes + 1);
455 client_read(buf, bytes);
456 rv = fwrite(buf, bytes, 1, CC->upload_fp);
458 syslog(LOG_ERR, "serv_file: %s", strerror(errno));
464 void files_logout_hook(void) {
465 CitContext *CCC = MyContext();
467 // If there is a download in progress, abort it.
468 if (CCC->download_fp != NULL) {
469 fclose(CCC->download_fp);
470 CCC->download_fp = NULL;
473 // If there is an upload in progress, abort it.
474 if (CCC->upload_fp != NULL) {
481 // help_subst() - support routine for help file viewer
482 void help_subst(char *strbuf, char *source, char *dest) {
486 while (p = pattern2(strbuf, source), (p >= 0)) {
487 strcpy(workbuf, &strbuf[p + strlen(source)]);
488 strcpy(&strbuf[p], dest);
489 strcat(strbuf, workbuf);
494 void do_help_subst(char *buffer) {
497 help_subst(buffer, "^nodename", CtdlGetConfigStr("c_nodename"));
498 help_subst(buffer, "^humannode", CtdlGetConfigStr("c_humannode"));
499 help_subst(buffer, "^fqdn", CtdlGetConfigStr("c_fqdn"));
500 help_subst(buffer, "^username", CC->user.fullname);
501 snprintf(buf2, sizeof buf2, "%ld", CC->user.usernum);
502 help_subst(buffer, "^usernum", buf2);
503 help_subst(buffer, "^sysadm", CtdlGetConfigStr("c_sysadm"));
504 help_subst(buffer, "^variantname", CITADEL);
505 help_subst(buffer, "^maxsessions", CtdlGetConfigStr("c_maxsessions")); // yes it's numeric but str is ok here
506 help_subst(buffer, "^bbsdir", ctdl_message_dir);
510 typedef const char *ccharp;
512 // display system messages or help
513 void cmd_mesg(char *mname) {
520 extract_token(buf, mname, 0, '|', sizeof buf);
522 // If the client requested "?" then produce a listing
523 if (!strcmp(buf, "?")) {
524 cprintf("%d %s\n", LISTING_FOLLOWS, buf);
525 dp = opendir(ctdl_message_dir);
527 while (d = readdir(dp), d != NULL) {
528 if (d->d_name[0] != '.') {
529 cprintf(" %s\n", d->d_name);
538 // Otherwise, look for the requested file by name.
539 snprintf(targ, sizeof targ, "%s/%s", ctdl_message_dir, buf);
540 mfp = fopen(targ, "r");
542 cprintf("%d Cannot open '%s': %s\n", ERROR + FILE_NOT_FOUND, targ, strerror(errno));
545 cprintf("%d %s\n", LISTING_FOLLOWS, buf);
547 while (fgets(buf, (sizeof buf - 1), mfp) != NULL) {
548 buf[strlen(buf) - 1] = 0;
550 cprintf("%s\n", buf);
558 // enter system messages or help
559 void cmd_emsg(char *mname) {
567 if (CtdlAccessCheck(ac_aide))
570 extract_token(buf, mname, 0, '|', sizeof buf);
571 for (a = 0; !IsEmptyStr(&buf[a]); ++a) { // security measure
576 if (IsEmptyStr(targ)) {
577 snprintf(targ, sizeof targ, "%s/%s", ctdl_message_dir, buf);
580 mfp = fopen(targ, "w");
582 cprintf("%d Cannot open '%s': %s\n", ERROR + INTERNAL_ERROR, targ, strerror(errno));
585 cprintf("%d %s\n", SEND_LISTING, targ);
587 while (client_getln(buf, sizeof buf) >= 0 && strcmp(buf, "000")) {
588 fprintf(mfp, "%s\n", buf);
595 // Initialization function, called from modules_init.c
596 char *ctdl_module_init_file_ops(void) {
598 CtdlRegisterSessionHook(files_logout_hook, EVT_LOGOUT, PRIO_LOGOUT + 8);
599 CtdlRegisterProtoHook(cmd_delf, "DELF", "Delete a file");
600 CtdlRegisterProtoHook(cmd_movf, "MOVF", "Move a file");
601 CtdlRegisterProtoHook(cmd_open, "OPEN", "Open a download file transfer");
602 CtdlRegisterProtoHook(cmd_clos, "CLOS", "Close a download file transfer");
603 CtdlRegisterProtoHook(cmd_uopn, "UOPN", "Open an upload file transfer");
604 CtdlRegisterProtoHook(cmd_ucls, "UCLS", "Close an upload file transfer");
605 CtdlRegisterProtoHook(cmd_read, "READ", "File transfer read operation");
606 CtdlRegisterProtoHook(cmd_writ, "WRIT", "File transfer write operation");
607 CtdlRegisterProtoHook(cmd_oimg, "OIMG", "Open an image file for download");
608 CtdlRegisterProtoHook(cmd_uimg, "UIMG", "Upload an image file");
609 CtdlRegisterProtoHook(cmd_mesg, "MESG", "fetch system banners");
610 CtdlRegisterProtoHook(cmd_emsg, "EMSG", "submit system banners");
612 // return a module name for the log