citadel/user_ops.c

   1 /* needed to properly enable crypt() stuff on some systems */
   2 #define _XOPEN_SOURCE
   3 /* needed for str[n]casecmp() on some systems if the above is defined */
   4 #define _XOPEN_SOURCE_EXTENDED
   5 /* needed to enable threads on some systems if the above are defined */
   6 #define _POSIX_C_SOURCE 199506L
   7
   8 #include <stdlib.h>
   9 #include <unistd.h>
  10 #include <stdio.h>
  11 #include <fcntl.h>
  12 #include <signal.h>
  13 #include <pwd.h>
  14 #include <sys/types.h>
  15 #include <sys/time.h>
  16 #include <string.h>
  17 #include <syslog.h>
  18 #include <limits.h>
  19 #include <pthread.h>
  20 #include "citadel.h"
  21 #include "server.h"
  22 #include "database.h"
  23 #include "user_ops.h"
  24 #include "sysdep_decls.h"
  25 #include "support.h"
  26 #include "room_ops.h"
  27 #include "logging.h"
  28 #include "file_ops.h"
  29 #include "control.h"
  30 #include "msgbase.h"
  31 #include "config.h"
  32 #include "dynloader.h"
  33 #include "sysdep.h"
  34
  35
  36 /*
  37  * getuser()  -  retrieve named user into supplied buffer.
  38  *               returns 0 on success
  39  */
  40 int getuser(struct usersupp *usbuf, char name[]) {
  41
  42         char lowercase_name[32];
  43         int a;
  44         struct cdbdata *cdbus;
  45
  46         bzero(usbuf, sizeof(struct usersupp));
  47         for (a=0; a<=strlen(name); ++a) {
  48                 lowercase_name[a] = tolower(name[a]);
  49                 }
  50
  51         cdbus = cdb_fetch(CDB_USERSUPP, lowercase_name, strlen(lowercase_name));
  52         if (cdbus == NULL) {
  53                 return(1);      /* user not found */
  54                 }
  55
  56         memcpy(usbuf, cdbus->ptr,
  57                 ( (cdbus->len > sizeof(struct usersupp)) ?
  58                 sizeof(struct usersupp) : cdbus->len) );
  59         cdb_free(cdbus);
  60         return(0);
  61         }
  62
  63
  64 /*
  65  * lgetuser()  -  same as getuser() but locks the record
  66  */
  67 int lgetuser(struct usersupp *usbuf, char *name)
  68 {
  69         int retcode;
  70
  71         retcode = getuser(usbuf,name);
  72         if (retcode == 0) {
  73                 begin_critical_section(S_USERSUPP);
  74                 }
  75         return(retcode);
  76         }
  77
  78
  79 /*
  80  * putuser()  -  write user buffer into the correct place on disk
  81  */
  82 void putuser(struct usersupp *usbuf, char *name)
  83 {
  84         char lowercase_name[32];
  85         int a;
  86
  87         for (a=0; a<=strlen(name); ++a) {
  88                 lowercase_name[a] = tolower(name[a]);
  89                 }
  90
  91         cdb_store(CDB_USERSUPP,
  92                 lowercase_name, strlen(lowercase_name),
  93                 usbuf, sizeof(struct usersupp));
  94
  95         }
  96
  97
  98 /*
  99  * lputuser()  -  same as putuser() but locks the record
 100  */
 101 void lputuser(struct usersupp *usbuf, char *name) {
 102         putuser(usbuf,name);
 103         end_critical_section(S_USERSUPP);
 104         }
 105
 106
 107 /*
 108  * Define a relationship between a user and a room
 109  */
 110 void CtdlSetRelationship(struct visit *newvisit,
 111                         struct usersupp *rel_user,
 112                         struct quickroom *rel_room) {
 113
 114         struct cdbdata *cdbvisit;
 115         struct visit *visits;
 116         int num_visits;
 117         int a;
 118         int replaced = 0;
 119
 120         cdbvisit = cdb_fetch(CDB_VISIT, &rel_user->usernum, sizeof(long));
 121         if (cdbvisit != NULL) {
 122                 num_visits = cdbvisit->len / sizeof(struct visit);
 123                 visits = (struct visit *)
 124                         malloc(num_visits * sizeof(struct visit));
 125                 memcpy(visits, cdbvisit->ptr,
 126                         (num_visits * sizeof(struct visit)));
 127                 cdb_free(cdbvisit);
 128                 }
 129         else {
 130                 num_visits = 0;
 131                 visits = NULL;
 132                 }
 133
 134         /* Replace an existing relationship if possible */
 135         if (num_visits > 0) for (a=0; a<num_visits; ++a) {
 136                 if ( (!strcasecmp(visits[a].v_roomname, rel_room->QRname))
 137                    && (visits[a].v_generation == rel_room->QRgen) ) {
 138                         memcpy(&visits[a], newvisit, sizeof(struct visit));
 139                         replaced = 1;
 140                         }
 141                 }
 142
 143         /* Otherwise, define a new one */
 144         if (replaced == 0) {
 145                 ++num_visits;
 146                 visits = realloc(visits,
 147                         (num_visits * sizeof(struct visit)));
 148                 memcpy(&visits[num_visits-1], newvisit, sizeof(struct visit));
 149                 }
 150
 151         /* Now write the relationship back to disk */
 152         cdb_store(CDB_VISIT,
 153                 &rel_user->usernum, sizeof(long),
 154                 visits,
 155                 (num_visits * sizeof(struct visit)));
 156         free(visits);
 157         }
 158
 159 /*
 160  * Locate a relationship between a user and a room
 161  */
 162 void CtdlGetRelationship(struct visit *vbuf,
 163                         struct usersupp *rel_user,
 164                         struct quickroom *rel_room) {
 165
 166         struct cdbdata *cdbvisit;
 167         struct visit *visits;
 168         int num_visits;
 169         int a;
 170
 171         bzero(vbuf, sizeof(struct visit));
 172         strcpy(vbuf->v_roomname, rel_room->QRname);
 173         vbuf->v_generation = rel_room->QRgen;
 174
 175         cdbvisit = cdb_fetch(CDB_VISIT, &rel_user->usernum, sizeof(long));
 176         if (cdbvisit != NULL) {
 177                 if ((num_visits = cdbvisit->len / sizeof(struct visit)) == 0) {
 178                         cdb_free(cdbvisit);
 179                         return;
 180                 }
 181                 visits = (struct visit *)
 182                         malloc(num_visits * sizeof(struct visit));
 183                 memcpy(visits, cdbvisit->ptr,
 184                         (num_visits * sizeof(struct visit)));
 185                 cdb_free(cdbvisit);
 186                 }
 187         else return;
 188
 189         for (a=0; a<num_visits; ++a) {
 190
 191                 if ( (!strcasecmp(visits[a].v_roomname, rel_room->QRname))
 192                    && (visits[a].v_generation == rel_room->QRgen) ) {
 193                         memcpy(vbuf, &visits[a], sizeof(struct visit));
 194                         }
 195                 }
 196
 197         free(visits);
 198         }
 199
 200
 201 /*
 202  * Is the user currently logged in an Aide?
 203  */
 204 int is_aide(void) {
 205         if (CC->usersupp.axlevel >= 6) return(1);
 206         else return(0);
 207         }
 208
 209
 210 /*
 211  * Is the user currently logged in an Aide *or* the room aide for this room?
 212  */
 213 int is_room_aide(void) {
 214         if ( (CC->usersupp.axlevel >= 6)
 215            || (CC->quickroom.QRroomaide == CC->usersupp.usernum) ) {
 216                 return(1);
 217                 }
 218         else {
 219                 return(0);
 220                 }
 221         }
 222
 223 /*
 224  * getuserbynumber()  -  get user by number
 225  *                       returns 0 if user was found
 226  */
 227 int getuserbynumber(struct usersupp *usbuf, long int number)
 228 {
 229         struct cdbdata *cdbus;
 230
 231         cdb_rewind(CDB_USERSUPP);
 232
 233         while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 234                 bzero(usbuf, sizeof(struct usersupp));
 235                 memcpy(usbuf, cdbus->ptr,
 236                         ( (cdbus->len > sizeof(struct usersupp)) ?
 237                         sizeof(struct usersupp) : cdbus->len) );
 238                 cdb_free(cdbus);
 239                 if (usbuf->usernum == number) {
 240                         return(0);
 241                         }
 242                 }
 243         return(-1);
 244         }
 245
 246
 247 /*
 248  * USER cmd
 249  */
 250 void cmd_user(char *cmdbuf)
 251 {
 252         char username[256];
 253         char autoname[256];
 254         int found_user = 0;
 255         struct passwd *p;
 256         int a;
 257
 258         extract(username,cmdbuf,0);
 259         username[25] = 0;
 260         strproc(username);
 261
 262         if ((CC->logged_in)) {
 263                 cprintf("%d Already logged in.\n",ERROR);
 264                 return;
 265                 }
 266
 267         found_user = getuser(&CC->usersupp,username);
 268         if (found_user != 0) {
 269                 p = (struct passwd *)getpwnam(username);
 270                 if (p!=NULL) {
 271                         strcpy(autoname,p->pw_gecos);
 272                         for (a=0; a<strlen(autoname); ++a)
 273                                 if (autoname[a]==',') autoname[a]=0;
 274                         found_user = getuser(&CC->usersupp,autoname);
 275                         }
 276                 }
 277         if (found_user == 0) {
 278                 if (((CC->nologin)) && (CC->usersupp.axlevel < 6)) {
 279                         cprintf("%d %s: Too many users are already online (maximum is %d)\n",
 280                         ERROR+MAX_SESSIONS_EXCEEDED,
 281                         config.c_nodename,config.c_maxsessions);
 282                         }
 283                 else {
 284                         strcpy(CC->curr_user,CC->usersupp.fullname);
 285                         cprintf("%d Password required for %s\n",
 286                                 MORE_DATA,CC->curr_user);
 287                         }
 288                 }
 289         else {
 290                 cprintf("%d %s not found.\n",ERROR,username);
 291                 }
 292         }
 293
 294
 295
 296 /*
 297  * session startup code which is common to both cmd_pass() and cmd_newu()
 298  */
 299 void session_startup(void) {
 300         syslog(LOG_NOTICE,"user <%s> logged in",CC->curr_user);
 301
 302         lgetuser(&CC->usersupp,CC->curr_user);
 303         ++(CC->usersupp.timescalled);
 304         CC->fake_username[0] = '\0';
 305         CC->fake_postname[0] = '\0';
 306         CC->fake_hostname[0] = '\0';
 307         CC->fake_roomname[0] = '\0';
 308         CC->last_pager[0] = '\0';
 309         time(&CC->usersupp.lastcall);
 310
 311         /* If this user's name is the name of the system administrator
 312          * (as specified in setup), automatically assign access level 6.
 313          */
 314         if (!strcasecmp(CC->usersupp.fullname, config.c_sysadm)) {
 315                 CC->usersupp.axlevel = 6;
 316                 }
 317
 318         lputuser(&CC->usersupp,CC->curr_user);
 319
 320         /* Run any cleanup routines registered by loadable modules */
 321         PerformSessionHooks(EVT_LOGIN);
 322
 323         cprintf("%d %s|%d|%d|%d|%u|%ld\n",OK,CC->usersupp.fullname,CC->usersupp.axlevel,
 324                 CC->usersupp.timescalled,CC->usersupp.posted,CC->usersupp.flags,
 325                 CC->usersupp.usernum);
 326         usergoto(0,0);          /* Enter the lobby */
 327         rec_log(CL_LOGIN,CC->curr_user);
 328         }
 329
 330
 331 /*
 332  * misc things to be taken care of when a user is logged out
 333  */
 334 void logout(struct CitContext *who)
 335 {
 336         who->logged_in = 0;
 337         if (who->download_fp != NULL) {
 338                 fclose(who->download_fp);
 339                 who->download_fp = NULL;
 340                 }
 341         if (who->upload_fp != NULL) {
 342                 abort_upl(who);
 343                 }
 344
 345         /* Do modular stuff... */
 346         PerformSessionHooks(EVT_LOGOUT);
 347         }
 348
 349
 350 void cmd_pass(char *buf)
 351 {
 352         char password[256];
 353         int code;
 354         struct passwd *p;
 355
 356         extract(password,buf,0);
 357
 358         if ((CC->logged_in)) {
 359                 cprintf("%d Already logged in.\n",ERROR);
 360                 return;
 361                 }
 362         if (!strcmp(CC->curr_user,"")) {
 363                 cprintf("%d You must send a name with USER first.\n",ERROR);
 364                 return;
 365                 }
 366         if (getuser(&CC->usersupp,CC->curr_user)) {
 367                 cprintf("%d Can't find user record!\n",ERROR+INTERNAL_ERROR);
 368                 return;
 369                 }
 370
 371         code = (-1);
 372         if (CC->usersupp.USuid == BBSUID) {
 373                 strproc(password);
 374                 strproc(CC->usersupp.password);
 375                 code = strcasecmp(CC->usersupp.password,password);
 376                 }
 377         else {
 378                 p = (struct passwd *)getpwuid(CC->usersupp.USuid);
 379 #ifdef ENABLE_AUTOLOGIN
 380                 if (p!=NULL) {
 381                         if (!strcmp(p->pw_passwd,
 382                            (char *)crypt(password,p->pw_passwd))) {
 383                                 code = 0;
 384                                 lgetuser(&CC->usersupp, CC->curr_user);
 385                                 strcpy(CC->usersupp.password, password);
 386                                 lputuser(&CC->usersupp, CC->curr_user);
 387                                 }
 388                         }
 389 #endif
 390                 }
 391
 392         if (!code) {
 393                 (CC->logged_in) = 1;
 394                 session_startup();
 395                 }
 396         else {
 397                 cprintf("%d Wrong password.\n",ERROR);
 398                 rec_log(CL_BADPW,CC->curr_user);
 399                 }
 400         }
 401
 402
 403 /*
 404  * Delete a user record *and* all of its related resources.
 405  */
 406 int purge_user(char *pname) {
 407         char filename[64];
 408         struct usersupp usbuf;
 409         int a;
 410         struct cdbdata *cdbmb;
 411         long *mailbox;
 412         int num_mails;
 413
 414         if (getuser(&usbuf, pname) != 0) {
 415                 lprintf(5, "Cannot purge user <%s> - not found\n", pname);
 416                 return(ERROR+NO_SUCH_USER);
 417                 }
 418
 419         /* FIX   Don't delete a user who is currently logged in. */
 420
 421         /* Perform any purge functions registered by server extensions */
 422         PerformUserHooks(usbuf.fullname, usbuf.usernum, EVT_PURGEUSER);
 423
 424         /* delete any messages in the user's mailbox */
 425         cdbmb = cdb_fetch(CDB_MAILBOXES, &usbuf.usernum, sizeof(long));
 426         if (cdbmb != NULL) {
 427                 num_mails = cdbmb->len / sizeof(long);
 428                 mailbox = (long *) cdbmb->ptr;
 429                 if (num_mails > 0) for (a=0; a<num_mails; ++a) {
 430                         cdb_delete(CDB_MSGMAIN, &mailbox[a], sizeof(long));
 431                         }
 432                 cdb_free(cdbmb);
 433                 /* now delete the mailbox itself */
 434                 cdb_delete(CDB_MAILBOXES, &usbuf.usernum, sizeof(long));
 435                 }
 436
 437         /* delete any existing user/room relationships */
 438         cdb_delete(CDB_VISIT, &usbuf.usernum, sizeof(long));
 439
 440         /* delete the userlog entry */
 441         cdb_delete(CDB_USERSUPP, pname, strlen(pname));
 442
 443         /* remove the user's bio file */
 444         sprintf(filename, "./bio/%ld", usbuf.usernum);
 445         unlink(filename);
 446
 447         /* remove the user's picture */
 448         sprintf(filename, "./userpics/%ld.gif", usbuf.usernum);
 449         unlink(filename);
 450
 451         return(0);
 452         }
 453
 454
 455 /*
 456  * create_user()  -  back end processing to create a new user
 457  */
 458 int create_user(char *newusername)
 459 {
 460         struct usersupp usbuf;
 461         int a;
 462         struct passwd *p = NULL;
 463         char username[64];
 464
 465         strcpy(username, newusername);
 466         strproc(username);
 467
 468 #ifdef ENABLE_AUTOLOGIN
 469         p = (struct passwd *)getpwnam(username);
 470 #endif
 471         if (p != NULL) {
 472                 strcpy(username, p->pw_gecos);
 473                 for (a=0; a<strlen(username); ++a) {
 474                         if (username[a] == ',') username[a] = 0;
 475                         }
 476                 CC->usersupp.USuid = p->pw_uid;
 477                 }
 478         else {
 479                 CC->usersupp.USuid = BBSUID;
 480                 }
 481
 482         if (!getuser(&usbuf,username)) {
 483                 return(ERROR+ALREADY_EXISTS);
 484                 }
 485
 486         strcpy(CC->curr_user,username);
 487         strcpy(CC->usersupp.fullname,username);
 488         strcpy(CC->usersupp.password,"");
 489         (CC->logged_in) = 1;
 490
 491         /* These are the default flags on new accounts */
 492         CC->usersupp.flags =
 493                 US_NEEDVALID|US_LASTOLD|US_DISAPPEAR|US_PAGINATOR|US_FLOORS;
 494
 495         CC->usersupp.timescalled = 0;
 496         CC->usersupp.posted = 0;
 497         CC->usersupp.axlevel = config.c_initax;
 498         CC->usersupp.USscreenwidth = 80;
 499         CC->usersupp.USscreenheight = 24;
 500         time(&CC->usersupp.lastcall);
 501         strcpy(CC->usersupp.USname, "");
 502         strcpy(CC->usersupp.USaddr, "");
 503         strcpy(CC->usersupp.UScity, "");
 504         strcpy(CC->usersupp.USstate, "");
 505         strcpy(CC->usersupp.USzip, "");
 506         strcpy(CC->usersupp.USphone, "");
 507
 508         /* fetch a new user number */
 509         CC->usersupp.usernum = get_new_user_number();
 510
 511         if (CC->usersupp.usernum == 1L) {
 512                 CC->usersupp.axlevel = 6;
 513                 }
 514
 515         /* add user to userlog */
 516         putuser(&CC->usersupp,CC->curr_user);
 517         if (getuser(&CC->usersupp,CC->curr_user)) {
 518                 return(ERROR+INTERNAL_ERROR);
 519                 }
 520         rec_log(CL_NEWUSER,CC->curr_user);
 521         return(0);
 522         }
 523
 524
 525
 526
 527 /*
 528  * cmd_newu()  -  create a new user account
 529  */
 530 void cmd_newu(char *cmdbuf)
 531 {
 532         int a;
 533         char username[256];
 534
 535         if ((CC->logged_in)) {
 536                 cprintf("%d Already logged in.\n",ERROR);
 537                 return;
 538                 }
 539
 540         if ((CC->nologin)) {
 541                 cprintf("%d %s: Too many users are already online (maximum is %d)\n",
 542                 ERROR+MAX_SESSIONS_EXCEEDED,
 543                 config.c_nodename,config.c_maxsessions);
 544                 }
 545
 546         extract(username,cmdbuf,0);
 547         username[25] = 0;
 548         strproc(username);
 549
 550         if (strlen(username)==0) {
 551                 cprintf("%d You must supply a user name.\n",ERROR);
 552                 return;
 553                 }
 554
 555         a = create_user(username);
 556         if ((!strcasecmp(username, "bbs")) ||
 557             (!strcasecmp(username, "new")) ||
 558             (!strcasecmp(username, ".")))
 559         {
 560            cprintf("%d '%s' is an invalid login name.\n", ERROR);
 561            return;
 562         }
 563         if (a==ERROR+ALREADY_EXISTS) {
 564                 cprintf("%d '%s' already exists.\n",
 565                         ERROR+ALREADY_EXISTS,username);
 566                 return;
 567                 }
 568         else if (a==ERROR+INTERNAL_ERROR) {
 569                 cprintf("%d Internal error - user record disappeared?\n",
 570                         ERROR+INTERNAL_ERROR);
 571                 return;
 572                 }
 573         else if (a==0) {
 574                 session_startup();
 575                 }
 576         else {
 577                 cprintf("%d unknown error\n",ERROR);
 578                 }
 579         rec_log(CL_NEWUSER,CC->curr_user);
 580         }
 581
 582
 583
 584 /*
 585  * set password
 586  */
 587 void cmd_setp(char *new_pw)
 588 {
 589         if (!(CC->logged_in)) {
 590                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 591                 return;
 592                 }
 593         if (CC->usersupp.USuid != BBSUID) {
 594                 cprintf("%d Not allowed.  Use the 'passwd' command.\n",ERROR);
 595                 return;
 596                 }
 597         strproc(new_pw);
 598         if (strlen(new_pw)==0) {
 599                 cprintf("%d Password unchanged.\n",OK);
 600                 return;
 601                 }
 602         lgetuser(&CC->usersupp,CC->curr_user);
 603         strcpy(CC->usersupp.password,new_pw);
 604         lputuser(&CC->usersupp,CC->curr_user);
 605         cprintf("%d Password changed.\n",OK);
 606         rec_log(CL_PWCHANGE,CC->curr_user);
 607         PerformSessionHooks(EVT_SETPASS);
 608         }
 609
 610 /*
 611  * get user parameters
 612  */
 613 void cmd_getu(void) {
 614         if (!(CC->logged_in)) {
 615                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 616                 return;
 617                 }
 618         getuser(&CC->usersupp,CC->curr_user);
 619         cprintf("%d %d|%d|%d\n",
 620                 OK,
 621                 CC->usersupp.USscreenwidth,
 622                 CC->usersupp.USscreenheight,
 623                 (CC->usersupp.flags & US_USER_SET)
 624                 );
 625         }
 626
 627 /*
 628  * set user parameters
 629  */
 630 void cmd_setu(char *new_parms)
 631 {
 632
 633         if (num_parms(new_parms)!=3) {
 634                 cprintf("%d Usage error.\n",ERROR);
 635                 return;
 636                 }
 637         if (!(CC->logged_in)) {
 638                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 639                 return;
 640                 }
 641         lgetuser(&CC->usersupp,CC->curr_user);
 642         CC->usersupp.USscreenwidth = extract_int(new_parms,0);
 643         CC->usersupp.USscreenheight = extract_int(new_parms,1);
 644         CC->usersupp.flags = CC->usersupp.flags & (~US_USER_SET);
 645         CC->usersupp.flags = CC->usersupp.flags |
 646                 (extract_int(new_parms,2) & US_USER_SET);
 647         lputuser(&CC->usersupp,CC->curr_user);
 648         cprintf("%d Ok\n",OK);
 649         }
 650
 651 /*
 652  * set last read pointer
 653  */
 654 void cmd_slrp(char *new_ptr)
 655 {
 656         long newlr;
 657         struct visit vbuf;
 658
 659         if (!(CC->logged_in)) {
 660                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 661                 return;
 662                 }
 663
 664         if (CC->curr_rm < 0) {
 665                 cprintf("%d No current room.\n",ERROR);
 666                 return;
 667                 }
 668
 669         if (!strncasecmp(new_ptr,"highest",7)) {
 670                 newlr = CC->quickroom.QRhighest;
 671 /* FIX ... if the current room is 1 (Mail), newlr needs to be set to the
 672  * number of the highest mail message
 673  */
 674                 }
 675         else {
 676                 newlr = atol(new_ptr);
 677                 }
 678
 679         lgetuser(&CC->usersupp, CC->curr_user);
 680
 681         CtdlGetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
 682         vbuf.v_lastseen = newlr;
 683         CtdlSetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
 684
 685         lputuser(&CC->usersupp, CC->curr_user);
 686         cprintf("%d %ld\n",OK,newlr);
 687         }
 688
 689
 690 /*
 691  * INVT and KICK commands
 692  */
 693 void cmd_invt_kick(char *iuser, int op)
 694                         /* user name */
 695         {               /* 1 = invite, 0 = kick out */
 696         struct usersupp USscratch;
 697         char bbb[256];
 698         struct visit vbuf;
 699
 700         if (!(CC->logged_in)) {
 701                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 702                 return;
 703                 }
 704
 705         if (CC->curr_rm < 0) {
 706                 cprintf("%d No current room.\n",ERROR);
 707                 return;
 708                 }
 709
 710         if (is_room_aide()==0) {
 711                 cprintf("%d Higher access required.\n",
 712                         ERROR+HIGHER_ACCESS_REQUIRED);
 713                 return;
 714                 }
 715
 716         /* FIX - with the new relationships scheme we can lock users out,
 717            so it'll make sense to remove this routine */
 718         if ( (op==1) && ((CC->quickroom.QRflags&QR_PRIVATE)==0) ) {
 719                 cprintf("%d Not a private room.\n",ERROR+NOT_HERE);
 720                 return;
 721                 }
 722
 723         if (lgetuser(&USscratch,iuser)!=0) {
 724                 cprintf("%d No such user.\n",ERROR);
 725                 return;
 726                 }
 727
 728         CtdlGetRelationship(&vbuf, &USscratch, &CC->quickroom);
 729
 730         if (op==1) {
 731                 vbuf.v_flags = vbuf.v_flags & ~V_FORGET & ~V_LOCKOUT;
 732                 vbuf.v_flags = vbuf.v_flags | V_ACCESS;
 733                 }
 734
 735         if (op==0) {
 736                 vbuf.v_flags = vbuf.v_flags & ~V_ACCESS;
 737                 vbuf.v_flags = vbuf.v_flags | V_FORGET | V_LOCKOUT;
 738                 }
 739
 740         CtdlSetRelationship(&vbuf, &USscratch, &CC->quickroom);
 741
 742         lputuser(&USscratch,iuser);
 743
 744         /* post a message in Aide> saying what we just did */
 745         sprintf(bbb,"%s %s %s> by %s",
 746                 iuser,
 747                 ((op == 1) ? "invited to" : "kicked out of"),
 748                 CC->quickroom.QRname,
 749                 CC->usersupp.fullname);
 750         aide_message(bbb);
 751
 752         if ((op==0)&&((CC->quickroom.QRflags&QR_PRIVATE)==0)) {
 753                 cprintf("%d Ok. (Not a private room, <Z>ap effect only)\n",OK);
 754                 }
 755         else {
 756                 cprintf("%d Ok.\n",OK);
 757                 }
 758         return;
 759         }
 760
 761
 762 /*
 763  * forget (Zap) the current room
 764  */
 765 void cmd_forg(void) {
 766         struct visit vbuf;
 767
 768         if (!(CC->logged_in)) {
 769                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 770                 return;
 771                 }
 772
 773         if (CC->curr_rm < 0) {
 774                 cprintf("%d No current room.\n",ERROR);
 775                 return;
 776                 }
 777
 778         if (CC->curr_rm < 3) {
 779                 cprintf("%d You cannot forget this room.\n",ERROR+NOT_HERE);
 780                 return;
 781                 }
 782
 783         if (is_aide()) {
 784                 cprintf("%d Aides cannot forget rooms.\n",ERROR);
 785                 return;
 786                 }
 787
 788         lgetuser(&CC->usersupp,CC->curr_user);
 789         CtdlGetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
 790
 791         vbuf.v_flags = vbuf.v_flags | V_FORGET;
 792
 793         CtdlSetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
 794         lputuser(&CC->usersupp,CC->curr_user);
 795         cprintf("%d Ok\n",OK);
 796         CC->curr_rm = (-1);
 797         }
 798
 799 /*
 800  * Get Next Unregistered User
 801  */
 802 void cmd_gnur(void) {
 803         struct cdbdata *cdbus;
 804         struct usersupp usbuf;
 805
 806         if (!(CC->logged_in)) {
 807                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 808                 return;
 809                 }
 810
 811         if (CC->usersupp.axlevel < 6) {
 812                 cprintf("%d Higher access required.\n",
 813                         ERROR+HIGHER_ACCESS_REQUIRED);
 814                 return;
 815                 }
 816
 817         if ((CitControl.MMflags&MM_VALID)==0) {
 818                 cprintf("%d There are no unvalidated users.\n",OK);
 819                 return;
 820                 }
 821
 822         /* There are unvalidated users.  Traverse the usersupp database,
 823          * and return the first user we find that needs validation.
 824          */
 825         cdb_rewind(CDB_USERSUPP);
 826         while (cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 827                 bzero(&usbuf, sizeof(struct usersupp));
 828                 memcpy(&usbuf, cdbus->ptr,
 829                         ( (cdbus->len > sizeof(struct usersupp)) ?
 830                         sizeof(struct usersupp) : cdbus->len) );
 831                 cdb_free(cdbus);
 832                 if ((usbuf.flags & US_NEEDVALID)
 833                    &&(usbuf.axlevel > 0)) {
 834                         cprintf("%d %s\n",MORE_DATA,usbuf.fullname);
 835                         return;
 836                         }
 837                 }
 838
 839         /* If we get to this point, there are no more unvalidated users.
 840          * Therefore we clear the "users need validation" flag.
 841          */
 842
 843         begin_critical_section(S_CONTROL);
 844         get_control();
 845         CitControl.MMflags = CitControl.MMflags&(~MM_VALID);
 846         put_control();
 847         end_critical_section(S_CONTROL);
 848         cprintf("%d *** End of registration.\n",OK);
 849
 850
 851         }
 852
 853
 854 /*
 855  * get registration info for a user
 856  */
 857 void cmd_greg(char *who)
 858 {
 859         struct usersupp usbuf;
 860         int a,b;
 861         char pbuf[32];
 862
 863         if (!(CC->logged_in)) {
 864                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 865                 return;
 866                 }
 867
 868         if (!strcasecmp(who,"_SELF_")) strcpy(who,CC->curr_user);
 869
 870         if ((CC->usersupp.axlevel < 6) && (strcasecmp(who,CC->curr_user))) {
 871                 cprintf("%d Higher access required.\n",
 872                         ERROR+HIGHER_ACCESS_REQUIRED);
 873                 return;
 874                 }
 875
 876         if (getuser(&usbuf,who) != 0) {
 877                 cprintf("%d '%s' not found.\n",ERROR+NO_SUCH_USER,who);
 878                 return;
 879                 }
 880
 881         cprintf("%d %s\n",LISTING_FOLLOWS,usbuf.fullname);
 882         cprintf("%ld\n",usbuf.usernum);
 883         cprintf("%s\n",usbuf.password);
 884         cprintf("%s\n",usbuf.USname);
 885         cprintf("%s\n",usbuf.USaddr);
 886         cprintf("%s\n%s\n%s\n",
 887                 usbuf.UScity,usbuf.USstate,usbuf.USzip);
 888         strcpy(pbuf,usbuf.USphone);
 889         usbuf.USphone[0]=0;
 890         for (a=0; a<strlen(pbuf); ++a) {
 891                 if ((pbuf[a]>='0')&&(pbuf[a]<='9')) {
 892                         b=strlen(usbuf.USphone);
 893                         usbuf.USphone[b]=pbuf[a];
 894                         usbuf.USphone[b+1]=0;
 895                         }
 896                 }
 897         while(strlen(usbuf.USphone)<10) {
 898                 strcpy(pbuf,usbuf.USphone);
 899                 strcpy(usbuf.USphone," ");
 900                 strcat(usbuf.USphone,pbuf);
 901                 }
 902
 903         cprintf("(%c%c%c) %c%c%c-%c%c%c%c\n",
 904                 usbuf.USphone[0],usbuf.USphone[1],
 905                 usbuf.USphone[2],usbuf.USphone[3],
 906                 usbuf.USphone[4],usbuf.USphone[5],
 907                 usbuf.USphone[6],usbuf.USphone[7],
 908                 usbuf.USphone[8],usbuf.USphone[9]);
 909
 910         cprintf("%d\n",usbuf.axlevel);
 911         cprintf("%s\n",usbuf.USemail);
 912         cprintf("000\n");
 913         }
 914
 915 /*
 916  * validate a user
 917  */
 918 void cmd_vali(char *v_args)
 919 {
 920         char user[256];
 921         int newax;
 922         struct usersupp userbuf;
 923
 924         extract(user,v_args,0);
 925         newax = extract_int(v_args,1);
 926
 927         if (!(CC->logged_in)) {
 928                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 929                 return;
 930                 }
 931
 932         if (CC->usersupp.axlevel < 6) {
 933                 cprintf("%d Higher access required.\n",
 934                         ERROR+HIGHER_ACCESS_REQUIRED);
 935                 return;
 936                 }
 937
 938         if (lgetuser(&userbuf,user)!=0) {
 939                 cprintf("%d '%s' not found.\n",ERROR+NO_SUCH_USER,user);
 940                 return;
 941                 }
 942
 943         userbuf.axlevel = newax;
 944         userbuf.flags = (userbuf.flags & ~US_NEEDVALID);
 945
 946         lputuser(&userbuf,user);
 947
 948         /* If the access level was set to zero, delete the user */
 949         if (newax == 0) {
 950                 if (purge_user(user)==0) {
 951                         cprintf("%d %s Deleted.\n", OK, userbuf.fullname);
 952                         return;
 953                         }
 954                 }
 955
 956         cprintf("%d ok\n",OK);
 957         }
 958
 959
 960
 961 /*
 962  *  Traverse the user file...
 963  */
 964 void ForEachUser(void (*CallBack)(struct usersupp *EachUser)) {
 965         struct usersupp usbuf;
 966         struct cdbdata *cdbus;
 967
 968         cdb_rewind(CDB_USERSUPP);
 969
 970         while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 971                 bzero(&usbuf, sizeof(struct usersupp));
 972                 memcpy(&usbuf, cdbus->ptr,
 973                         ( (cdbus->len > sizeof(struct usersupp)) ?
 974                         sizeof(struct usersupp) : cdbus->len) );
 975                 cdb_free(cdbus);
 976                 (*CallBack)(&usbuf);
 977                 }
 978         }
 979
 980
 981 /*
 982  * List one user (this works with cmd_list)
 983  */
 984 void ListThisUser(struct usersupp *usbuf) {
 985         if (usbuf->axlevel > 0) {
 986                 if ((CC->usersupp.axlevel>=6)
 987                    ||((usbuf->flags&US_UNLISTED)==0)
 988                    ||((CC->internal_pgm))) {
 989                         cprintf("%s|%d|%ld|%ld|%d|%d|",
 990                                 usbuf->fullname,
 991                                 usbuf->axlevel,
 992                                 usbuf->usernum,
 993                                 usbuf->lastcall,
 994                                 usbuf->timescalled,
 995                                 usbuf->posted);
 996                         if (CC->usersupp.axlevel >= 6)
 997                                 cprintf("%s",usbuf->password);
 998                         cprintf("\n");
 999                         }
1000                 }
1001         }
1002
1003 /*
1004  *  List users
1005  */
1006 void cmd_list(void) {
1007         cprintf("%d \n",LISTING_FOLLOWS);
1008         ForEachUser(ListThisUser);
1009         cprintf("000\n");
1010         }
1011
1012
1013 /*
1014  * enter registration info
1015  */
1016 void cmd_regi(void) {
1017         int a,b,c;
1018         char buf[256];
1019
1020         char tmpname[256];
1021         char tmpaddr[256];
1022         char tmpcity[256];
1023         char tmpstate[256];
1024         char tmpzip[256];
1025         char tmpphone[256];
1026         char tmpemail[256];
1027
1028         if (!(CC->logged_in)) {
1029                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
1030                 return;
1031                 }
1032
1033         strcpy(tmpname,"");
1034         strcpy(tmpaddr,"");
1035         strcpy(tmpcity,"");
1036         strcpy(tmpstate,"");
1037         strcpy(tmpzip,"");
1038         strcpy(tmpphone,"");
1039         strcpy(tmpemail,"");
1040
1041         cprintf("%d Send registration...\n",SEND_LISTING);
1042         a=0;
1043         while (client_gets(buf), strcmp(buf,"000")) {
1044                 if (a==0) strcpy(tmpname,buf);
1045                 if (a==1) strcpy(tmpaddr,buf);
1046                 if (a==2) strcpy(tmpcity,buf);
1047                 if (a==3) strcpy(tmpstate,buf);
1048                 if (a==4) {
1049                         for (c=0; c<strlen(buf); ++c) {
1050                                 if ((buf[c]>='0')&&(buf[c]<='9')) {
1051                                         b=strlen(tmpzip);
1052                                         tmpzip[b]=buf[c];
1053                                         tmpzip[b+1]=0;
1054                                         }
1055                                 }
1056                         }
1057                 if (a==5) {
1058                         for (c=0; c<strlen(buf); ++c) {
1059                                 if ((buf[c]>='0')&&(buf[c]<='9')) {
1060                                         b=strlen(tmpphone);
1061                                         tmpphone[b]=buf[c];
1062                                         tmpphone[b+1]=0;
1063                                         }
1064                                 }
1065                         }
1066                 if (a==6) strncpy(tmpemail,buf,31);
1067                 ++a;
1068                 }
1069
1070         tmpname[29]=0;
1071         tmpaddr[24]=0;
1072         tmpcity[14]=0;
1073         tmpstate[2]=0;
1074         tmpzip[9]=0;
1075         tmpphone[10]=0;
1076         tmpemail[31]=0;
1077
1078         lgetuser(&CC->usersupp,CC->curr_user);
1079         strcpy(CC->usersupp.USname,tmpname);
1080         strcpy(CC->usersupp.USaddr,tmpaddr);
1081         strcpy(CC->usersupp.UScity,tmpcity);
1082         strcpy(CC->usersupp.USstate,tmpstate);
1083         strcpy(CC->usersupp.USzip,tmpzip);
1084         strcpy(CC->usersupp.USphone,tmpphone);
1085         strcpy(CC->usersupp.USemail,tmpemail);
1086         CC->usersupp.flags=(CC->usersupp.flags|US_REGIS|US_NEEDVALID);
1087         lputuser(&CC->usersupp,CC->curr_user);
1088
1089         /* set global flag calling for validation */
1090         begin_critical_section(S_CONTROL);
1091         get_control();
1092         CitControl.MMflags = CitControl.MMflags | MM_VALID ;
1093         put_control();
1094         end_critical_section(S_CONTROL);
1095         cprintf("%d *** End of registration.\n",OK);
1096         }
1097
1098
1099 /*
1100  * assorted info we need to check at login
1101  */
1102 void cmd_chek(void) {
1103         int mail = 0;
1104         int regis = 0;
1105         int vali = 0;
1106
1107         if (!(CC->logged_in)) {
1108                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
1109                 return;
1110                 }
1111
1112         getuser(&CC->usersupp,CC->curr_user); /* no lock is needed here */
1113         if ((REGISCALL!=0)&&((CC->usersupp.flags&US_REGIS)==0)) regis = 1;
1114
1115         if (CC->usersupp.axlevel >= 6) {
1116                 get_control();
1117                 if (CitControl.MMflags&MM_VALID) vali = 1;
1118                 }
1119
1120
1121         /* check for mail */
1122         mail = NewMailCount();
1123
1124         cprintf("%d %d|%d|%d\n",OK,mail,regis,vali);
1125         }
1126
1127
1128 /*
1129  * check to see if a user exists
1130  */
1131 void cmd_qusr(char *who)
1132 {
1133         struct usersupp usbuf;
1134
1135         if (getuser(&usbuf,who) == 0) {
1136                 cprintf("%d %s\n",OK,usbuf.fullname);
1137                 }
1138         else {
1139                 cprintf("%d No such user.\n",ERROR+NO_SUCH_USER);
1140                 }
1141         }
1142
1143
1144 /*
1145  * enter user bio
1146  */
1147 void cmd_ebio(void) {
1148         char buf[256];
1149         FILE *fp;
1150
1151         if (!(CC->logged_in)) {
1152                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
1153                 return;
1154                 }
1155
1156         sprintf(buf,"./bio/%ld",CC->usersupp.usernum);
1157         fp = fopen(buf,"w");
1158         if (fp == NULL) {
1159                 cprintf("%d Cannot create file\n",ERROR);
1160                 return;
1161                 }
1162         cprintf("%d  \n",SEND_LISTING);
1163         while(client_gets(buf), strcmp(buf,"000")) {
1164                 fprintf(fp,"%s\n",buf);
1165                 }
1166         fclose(fp);
1167         }
1168
1169 /*
1170  * read user bio
1171  */
1172 void cmd_rbio(char *cmdbuf)
1173 {
1174         struct usersupp ruser;
1175         char buf[256];
1176         FILE *fp;
1177
1178         extract(buf,cmdbuf,0);
1179         if (getuser(&ruser,buf)!=0) {
1180                 cprintf("%d No such user.\n",ERROR+NO_SUCH_USER);
1181                 return;
1182                 }
1183         sprintf(buf,"./bio/%ld",ruser.usernum);
1184
1185         fp = fopen(buf,"r");
1186         if (fp == NULL) {
1187                 cprintf("%d %s has no bio on file.\n",
1188                         ERROR+FILE_NOT_FOUND,ruser.fullname);
1189                 return;
1190                 }
1191         cprintf("%d  \n",LISTING_FOLLOWS);
1192         while (fgets(buf,256,fp)!=NULL) cprintf("%s",buf);
1193         fclose(fp);
1194         cprintf("000\n");
1195         }
1196
1197 /*
1198  * list of users who have entered bios
1199  */
1200 void cmd_lbio(void) {
1201         char buf[256];
1202         FILE *ls;
1203         struct usersupp usbuf;
1204
1205         ls=popen("cd ./bio; ls","r");
1206         if (ls==NULL) {
1207                 cprintf("%d Cannot open listing.\n",ERROR+FILE_NOT_FOUND);
1208                 return;
1209                 }
1210
1211         cprintf("%d\n",LISTING_FOLLOWS);
1212         while (fgets(buf,255,ls)!=NULL)
1213                 if (getuserbynumber(&usbuf,atol(buf))==0)
1214                         cprintf("%s\n",usbuf.fullname);
1215         pclose(ls);
1216         cprintf("000\n");
1217         }
1218
1219
1220 /*
1221  * Administrative Get User Parameters
1222  */
1223 void cmd_agup(char *cmdbuf) {
1224         struct usersupp usbuf;
1225         char requested_user[256];
1226
1227         if ( (CC->internal_pgm==0)
1228            && ( (CC->logged_in == 0) || (is_aide()==0) ) ) {
1229                 cprintf("%d Higher access required.\n",
1230                         ERROR + HIGHER_ACCESS_REQUIRED);
1231                 return;
1232                 }
1233
1234         extract(requested_user, cmdbuf, 0);
1235         if (getuser(&usbuf, requested_user) != 0) {
1236                 cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
1237                 return;
1238                 }
1239
1240         cprintf("%d %s|%s|%u|%d|%d|%d|%ld\n",
1241                 OK,
1242                 usbuf.fullname,
1243                 usbuf.password,
1244                 usbuf.flags,
1245                 usbuf.timescalled,
1246                 usbuf.posted,
1247                 (int)usbuf.axlevel,
1248                 usbuf.usernum);
1249
1250         }
1251
1252
1253
1254 /*
1255  * Administrative Set User Parameters
1256  */
1257 void cmd_asup(char *cmdbuf) {
1258         struct usersupp usbuf;
1259         char requested_user[256];
1260         int np;
1261         int newax;
1262
1263         if ( (CC->internal_pgm==0)
1264            && ( (CC->logged_in == 0) || (is_aide()==0) ) ) {
1265                 cprintf("%d Higher access required.\n",
1266                         ERROR + HIGHER_ACCESS_REQUIRED);
1267                 return;
1268                 }
1269
1270         extract(requested_user, cmdbuf, 0);
1271         if (lgetuser(&usbuf, requested_user) != 0) {
1272                 cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
1273                 return;
1274                 }
1275
1276         np = num_parms(cmdbuf);
1277         if (np > 1) extract(usbuf.password, cmdbuf, 1);
1278         if (np > 2) usbuf.flags = extract_int(cmdbuf, 2);
1279         if (np > 3) usbuf.timescalled = extract_int(cmdbuf, 3);
1280         if (np > 4) usbuf.posted = extract_int(cmdbuf, 4);
1281         if (np > 5) {
1282                 newax = extract_int(cmdbuf, 5);
1283                 if ((newax >=0) && (newax <= 6)) {
1284                         usbuf.axlevel = extract_int(cmdbuf, 5);
1285                         }
1286                 }
1287
1288         lputuser(&usbuf, requested_user);
1289         if (usbuf.axlevel == 0) {
1290                 if (purge_user(requested_user)==0) {
1291                         cprintf("%d %s deleted.\n", OK, requested_user);
1292                         }
1293                 }
1294         cprintf("%d Ok\n", OK);
1295         }
1296
1297
1298 /*
1299  * Count the number of new mail messages the user has
1300  */
1301 int NewMailCount() {
1302         int num_newmsgs = 0;
1303         struct cdbdata *cdbmb;
1304         int num_mails;
1305         long *mailbox;
1306         int a;
1307
1308         cdbmb = cdb_fetch(CDB_MAILBOXES, &CC->usersupp.usernum, sizeof(long));
1309         if (cdbmb != NULL) {
1310                 num_mails = cdbmb->len / sizeof(long);
1311                 mailbox = (long *) cdbmb->ptr;
1312                 if (num_mails > 0) for (a=0; a<num_mails; ++a) {
1313                         /*
1314                         if (message is new FIX FIX FIX)
1315                                 ++num_newmsgs;
1316                         */
1317                         }
1318                 cdb_free(cdbmb);
1319                 }
1320         return(num_newmsgs);
1321         }