citadel/user_ops.c

   1 /* needed to properly enable crypt() stuff on some systems */
   2 #define _XOPEN_SOURCE
   3
   4 #include <stdlib.h>
   5 #include <unistd.h>
   6 #include <stdio.h>
   7 #include <fcntl.h>
   8 #include <signal.h>
   9 #include <pwd.h>
  10 #include <sys/types.h>
  11 #include <sys/time.h>
  12 #include <string.h>
  13 #include <syslog.h>
  14 #include <pthread.h>
  15 #include "citadel.h"
  16 #include "server.h"
  17 #include "proto.h"
  18
  19 extern struct config config;
  20
  21
  22 /*
  23  * pwcrypt()  -  simple password encryption
  24  */
  25 void pwcrypt(char *text, int code)
  26 {
  27         int a;
  28         for (a=0; a<strlen(text); ++a) text[a]=(text[a]^(((code|128)^a)&0xFF));
  29         }
  30
  31
  32 /*
  33  * hash()  -  hash table function for user lookup
  34  */
  35 int hash(char *str)
  36 {
  37         int h = 0;
  38         int i;
  39
  40         for (i=0; i<strlen(str); ++i) h=h+((i+1)*tolower(str[i]));
  41         return(h);
  42         }
  43
  44
  45 /*
  46  * getuser()  -  retrieve named user into supplied buffer.
  47  *               returns 0 on success
  48  */
  49 int getuser(struct usersupp *usbuf, char name[]) {
  50
  51         char lowercase_name[32];
  52         int a;
  53         struct cdbdata *cdbus;
  54
  55         bzero(usbuf, sizeof(struct usersupp));
  56         for (a=0; a<=strlen(name); ++a) {
  57                 lowercase_name[a] = tolower(name[a]);
  58                 }
  59
  60         cdbus = cdb_fetch(CDB_USERSUPP, lowercase_name, strlen(lowercase_name));
  61         if (cdbus == NULL) {    /* not found */
  62                 return(1);
  63                 }
  64
  65         memcpy(usbuf, cdbus->ptr, cdbus->len);
  66         cdb_free(cdbus);
  67         return(0);
  68         }
  69
  70
  71 /*
  72  * lgetuser()  -  same as getuser() but locks the record
  73  */
  74 int lgetuser(struct usersupp *usbuf, char *name)
  75 {
  76         int retcode;
  77
  78         retcode = getuser(usbuf,name);
  79         if (retcode == 0) {
  80                 begin_critical_section(S_USERSUPP);
  81                 }
  82         return(retcode);
  83         }
  84
  85
  86 /*
  87  * putuser()  -  write user buffer into the correct place on disk
  88  */
  89 void putuser(struct usersupp *usbuf, char *name)
  90 {
  91         char lowercase_name[32];
  92         int a;
  93
  94         for (a=0; a<=strlen(name); ++a) {
  95                 lowercase_name[a] = tolower(name[a]);
  96                 }
  97
  98         cdb_store(CDB_USERSUPP, lowercase_name, strlen(lowercase_name),
  99                 usbuf, sizeof(struct usersupp));
 100
 101         }
 102
 103
 104 /*
 105  * lputuser()  -  same as putuser() but locks the record
 106  */
 107 void lputuser(struct usersupp *usbuf, char *name)
 108 {
 109         putuser(usbuf,name);
 110         end_critical_section(S_USERSUPP);
 111         }
 112
 113
 114 /*
 115  * Is the user currently logged in an Aide?
 116  */
 117 int is_aide(void) {
 118         if (CC->usersupp.axlevel >= 6) return(1);
 119         else return(0);
 120         }
 121
 122
 123 /*
 124  * Is the user currently logged in an Aide *or* the room aide for this room?
 125  */
 126 int is_room_aide(void) {
 127         if ( (CC->usersupp.axlevel >= 6)
 128                 || (CC->quickroom.QRroomaide == CC->usersupp.usernum) ) return(1);
 129         else return(0);
 130         }
 131
 132 /*
 133  * getuserbynumber()  -  get user by number
 134  *                       returns 0 if user was found
 135  */
 136 int getuserbynumber(struct usersupp *usbuf, long int number)
 137 {
 138         struct cdbdata *cdbus;
 139
 140         cdb_rewind(CDB_USERSUPP);
 141
 142         while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 143                 bzero(usbuf, sizeof(struct usersupp));
 144                 memcpy(usbuf, cdbus->ptr, cdbus->len);
 145                 cdb_free(cdbus);
 146                 if (usbuf->usernum == number) {
 147                         return(0);
 148                         }
 149                 }
 150         return(-1);
 151         }
 152
 153
 154 /*
 155  * USER cmd
 156  */
 157 void cmd_user(char *cmdbuf)
 158 {
 159         char username[256];
 160         char autoname[256];
 161         int found_user = 0;
 162         struct passwd *p;
 163         int a;
 164
 165         extract(username,cmdbuf,0);
 166         username[25] = 0;
 167         strproc(username);
 168
 169         if ((CC->logged_in)) {
 170                 cprintf("%d Already logged in.\n",ERROR);
 171                 return;
 172                 }
 173
 174         found_user = getuser(&CC->usersupp,username);
 175         if (found_user != 0) {
 176                 p = (struct passwd *)getpwnam(username);
 177                 if (p!=NULL) {
 178                         strcpy(autoname,p->pw_gecos);
 179                         for (a=0; a<strlen(autoname); ++a)
 180                                 if (autoname[a]==',') autoname[a]=0;
 181                         found_user = getuser(&CC->usersupp,autoname);
 182                         }
 183                 }
 184         if (found_user == 0) {
 185                 if (((CC->nologin)) && (CC->usersupp.axlevel < 6)) {
 186                         cprintf("%d %s: Too many users are already online (maximum is %d)\n",
 187                         ERROR+MAX_SESSIONS_EXCEEDED,
 188                         config.c_nodename,config.c_maxsessions);
 189                         }
 190                 else {
 191                         strcpy(CC->curr_user,CC->usersupp.fullname);
 192                         cprintf("%d Password required for %s\n",
 193                                 MORE_DATA,CC->curr_user);
 194                         }
 195                 }
 196         else {
 197                 cprintf("%d %s not found.\n",ERROR,username);
 198                 }
 199         }
 200
 201
 202
 203 /*
 204  * session startup code which is common to both cmd_pass() and cmd_newu()
 205  */
 206 void session_startup(void) {
 207         int a;
 208         struct quickroom qr;
 209
 210         syslog(LOG_NOTICE,"user <%s> logged in",CC->curr_user);
 211         hook_user_login(CC->cs_pid, CC->curr_user);
 212         lgetuser(&CC->usersupp,CC->curr_user);
 213         ++(CC->usersupp.timescalled);
 214         CC->fake_username[0] = '\0';
 215         CC->fake_postname[0] = '\0';
 216         CC->fake_hostname[0] = '\0';
 217         CC->fake_roomname[0] = '\0';
 218         CC->last_pager[0] = '\0';
 219         time(&CC->usersupp.lastcall);
 220
 221         /* If this user's name is the name of the system administrator
 222          * (as specified in setup), automatically assign access level 6.
 223          */
 224         if (!strucmp(CC->usersupp.fullname, config.c_sysadm)) {
 225                 CC->usersupp.axlevel = 6;
 226                 }
 227
 228 /* A room's generation number changes each time it is recycled. Users are kept
 229  * out of private rooms or forget rooms by matching the generation numbers. To
 230  * avoid an accidental matchup, unmatched numbers are set to -1 here.
 231  */
 232         for (a=0; a<MAXROOMS; ++a) {
 233                 getroom(&qr,a);
 234                 if (CC->usersupp.generation[a] != qr.QRgen)
 235                                         CC->usersupp.generation[a]=(-1);
 236                 if (CC->usersupp.forget[a] != qr.QRgen)
 237                                         CC->usersupp.forget[a]=(-1);
 238                 }
 239
 240         lputuser(&CC->usersupp,CC->curr_user);
 241
 242         cprintf("%d %s|%d|%d|%d|%u|%ld\n",OK,CC->usersupp.fullname,CC->usersupp.axlevel,
 243                 CC->usersupp.timescalled,CC->usersupp.posted,CC->usersupp.flags,
 244                 CC->usersupp.usernum);
 245         usergoto(0,0);          /* Enter the lobby */
 246         rec_log(CL_LOGIN,CC->curr_user);
 247         }
 248
 249
 250
 251 /*
 252  * misc things to be taken care of when a user is logged out
 253  */
 254 void logout(struct CitContext *who)
 255 {
 256         who->logged_in = 0;
 257         if (who->download_fp != NULL) {
 258                 fclose(who->download_fp);
 259                 who->download_fp = NULL;
 260                 }
 261         if (who->upload_fp != NULL) {
 262                 abort_upl(who);
 263                 }
 264         }
 265
 266
 267 void cmd_pass(char *buf)
 268 {
 269         char password[256];
 270         int code;
 271         struct passwd *p;
 272
 273         extract(password,buf,0);
 274
 275         if ((CC->logged_in)) {
 276                 cprintf("%d Already logged in.\n",ERROR);
 277                 return;
 278                 }
 279         if (!strcmp(CC->curr_user,"")) {
 280                 cprintf("%d You must send a name with USER first.\n",ERROR);
 281                 return;
 282                 }
 283         if (getuser(&CC->usersupp,CC->curr_user)) {
 284                 cprintf("%d Can't find user record!\n",ERROR+INTERNAL_ERROR);
 285                 return;
 286                 }
 287
 288         code = (-1);
 289         if (CC->usersupp.USuid == BBSUID) {
 290                 strproc(password);
 291                 pwcrypt(CC->usersupp.password,config.c_pwcrypt);
 292                 strproc(CC->usersupp.password);
 293                 code = strucmp(CC->usersupp.password,password);
 294                 pwcrypt(CC->usersupp.password,config.c_pwcrypt);
 295                 }
 296         else {
 297                 p = (struct passwd *)getpwuid(CC->usersupp.USuid);
 298 #ifdef ENABLE_AUTOLOGIN
 299                 if (p!=NULL) {
 300                         if (!strcmp(p->pw_passwd,
 301                            (char *)crypt(password,p->pw_passwd))) {
 302                                 code = 0;
 303                                 lgetuser(&CC->usersupp, CC->curr_user);
 304                                 strcpy(CC->usersupp.password, password);
 305                                 pwcrypt(CC->usersupp.password, config.c_pwcrypt);
 306                                 lputuser(&CC->usersupp, CC->curr_user);
 307                                 }
 308                         }
 309 #endif
 310                 }
 311
 312         if (!code) {
 313                 (CC->logged_in) = 1;
 314                 session_startup();
 315                 }
 316         else {
 317                 cprintf("%d Wrong password.\n",ERROR);
 318                 rec_log(CL_BADPW,CC->curr_user);
 319                 }
 320         }
 321
 322
 323 /*
 324  * purge related files when removing or overwriting a user record
 325  */
 326 void purge_user(char *pname) {
 327         char filename[64];
 328         struct usersupp usbuf;
 329         int a;
 330         struct cdbdata *cdbmb;
 331         long *mailbox;
 332         int num_mails;
 333
 334         if (getuser(&usbuf, pname) != 0) {
 335                 lprintf(5, "Cannot purge user <%s> - not found\n", pname);
 336                 return;
 337                 }
 338
 339         /* delete any messages in the user's mailbox */
 340         cdbmb = cdb_fetch(CDB_MAILBOXES, &usbuf.usernum, sizeof(long));
 341         if (cdbmb != NULL) {
 342                 num_mails = cdbmb->len / sizeof(long);
 343                 mailbox = (long *) cdbmb->ptr;
 344                 if (num_mails > 0) for (a=0; a<num_mails; ++a) {
 345                         cdb_delete(CDB_MSGMAIN, &mailbox[a], sizeof(long));
 346                         }
 347                 cdb_free(cdbmb);
 348                 /* now delete the mailbox itself */
 349                 cdb_delete(CDB_MAILBOXES, &usbuf.usernum, sizeof(long));
 350                 }
 351
 352
 353         /* delete the userlog entry */
 354         cdb_delete(CDB_USERSUPP, pname, strlen(pname));
 355
 356         /* remove the user's bio file */
 357         sprintf(filename, "./bio/%ld", usbuf.usernum);
 358         unlink(filename);
 359
 360         /* remove the user's picture */
 361         sprintf(filename, "./userpics/%ld.gif", usbuf.usernum);
 362         unlink(filename);
 363
 364         }
 365
 366
 367 /*
 368  * create_user()  -  back end processing to create a new user
 369  */
 370 int create_user(char *newusername)
 371 {
 372         struct usersupp usbuf;
 373         int a;
 374         struct passwd *p = NULL;
 375         char username[64];
 376
 377         strcpy(username, newusername);
 378         strproc(username);
 379
 380 #ifdef ENABLE_AUTOLOGIN
 381         p = (struct passwd *)getpwnam(username);
 382 #endif
 383         if (p != NULL) {
 384                 strcpy(username, p->pw_gecos);
 385                 for (a=0; a<strlen(username); ++a) {
 386                         if (username[a] == ',') username[a] = 0;
 387                         }
 388                 CC->usersupp.USuid = p->pw_uid;
 389                 }
 390         else {
 391                 CC->usersupp.USuid = BBSUID;
 392                 }
 393
 394         if (!getuser(&usbuf,username)) {
 395                 return(ERROR+ALREADY_EXISTS);
 396                 }
 397
 398         strcpy(CC->curr_user,username);
 399         strcpy(CC->usersupp.fullname,username);
 400         (CC->logged_in) = 1;
 401
 402         for (a=0; a<MAXROOMS; ++a) {
 403                 CC->usersupp.lastseen[a]=0L;
 404                 CC->usersupp.generation[a]=(-1);
 405                 CC->usersupp.forget[a]=(-1);
 406                 }
 407         strcpy(CC->usersupp.password,"");
 408
 409         /* These are the default flags on new accounts */
 410         CC->usersupp.flags =
 411                 US_NEEDVALID|US_LASTOLD|US_DISAPPEAR|US_PAGINATOR|US_FLOORS;
 412
 413         CC->usersupp.timescalled = 0;
 414         CC->usersupp.posted = 0;
 415         CC->usersupp.axlevel = INITAX;
 416         CC->usersupp.USscreenwidth = 80;
 417         CC->usersupp.USscreenheight = 24;
 418         time(&CC->usersupp.lastcall);
 419         strcpy(CC->usersupp.USname, "");
 420         strcpy(CC->usersupp.USaddr, "");
 421         strcpy(CC->usersupp.UScity, "");
 422         strcpy(CC->usersupp.USstate, "");
 423         strcpy(CC->usersupp.USzip, "");
 424         strcpy(CC->usersupp.USphone, "");
 425
 426         /* fetch a new user number */
 427         CC->usersupp.usernum = get_new_user_number();
 428
 429         if (CC->usersupp.usernum == 1L) {
 430                 CC->usersupp.axlevel = 6;
 431                 }
 432
 433         /* add user to userlog */
 434         putuser(&CC->usersupp,CC->curr_user);
 435         if (getuser(&CC->usersupp,CC->curr_user)) {
 436                 return(ERROR+INTERNAL_ERROR);
 437                 }
 438         rec_log(CL_NEWUSER,CC->curr_user);
 439         return(0);
 440         }
 441
 442
 443
 444
 445 /*
 446  * cmd_newu()  -  create a new user account
 447  */
 448 void cmd_newu(char *cmdbuf)
 449 {
 450         int a;
 451         char username[256];
 452
 453         if ((CC->logged_in)) {
 454                 cprintf("%d Already logged in.\n",ERROR);
 455                 return;
 456                 }
 457
 458         if ((CC->nologin)) {
 459                 cprintf("%d %s: Too many users are already online (maximum is %d)\n",
 460                 ERROR+MAX_SESSIONS_EXCEEDED,
 461                 config.c_nodename,config.c_maxsessions);
 462                 }
 463
 464         extract(username,cmdbuf,0);
 465         username[25] = 0;
 466         strproc(username);
 467
 468         if (strlen(username)==0) {
 469                 cprintf("%d You must supply a user name.\n",ERROR);
 470                 return;
 471                 }
 472
 473         a = create_user(username);
 474         if ((!strucmp(username, "bbs")) ||
 475             (!strucmp(username, "new")) ||
 476             (!strucmp(username, ".")))
 477         {
 478            cprintf("%d '%s' is an invalid login name.\n", ERROR);
 479            return;
 480         }
 481         if (a==ERROR+ALREADY_EXISTS) {
 482                 cprintf("%d '%s' already exists.\n",
 483                         ERROR+ALREADY_EXISTS,username);
 484                 return;
 485                 }
 486         else if (a==ERROR+INTERNAL_ERROR) {
 487                 cprintf("%d Internal error - user record disappeared?\n",
 488                         ERROR+INTERNAL_ERROR);
 489                 return;
 490                 }
 491         else if (a==0) {
 492                 session_startup();
 493                 }
 494         else {
 495                 cprintf("%d unknown error\n",ERROR);
 496                 }
 497         rec_log(CL_NEWUSER,CC->curr_user);
 498         }
 499
 500
 501
 502 /*
 503  * set password
 504  */
 505 void cmd_setp(char *new_pw)
 506 {
 507         if (!(CC->logged_in)) {
 508                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 509                 return;
 510                 }
 511         if (CC->usersupp.USuid != BBSUID) {
 512                 cprintf("%d Not allowed.  Use the 'passwd' command.\n",ERROR);
 513                 return;
 514                 }
 515         strproc(new_pw);
 516         if (strlen(new_pw)==0) {
 517                 cprintf("%d Password unchanged.\n",OK);
 518                 return;
 519                 }
 520         lgetuser(&CC->usersupp,CC->curr_user);
 521         strcpy(CC->usersupp.password,new_pw);
 522         pwcrypt(CC->usersupp.password,config.c_pwcrypt);
 523         lputuser(&CC->usersupp,CC->curr_user);
 524         cprintf("%d Password changed.\n",OK);
 525         rec_log(CL_PWCHANGE,CC->curr_user);
 526         }
 527
 528 /*
 529  * get user parameters
 530  */
 531 void cmd_getu(void) {
 532         if (!(CC->logged_in)) {
 533                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 534                 return;
 535                 }
 536         getuser(&CC->usersupp,CC->curr_user);
 537         cprintf("%d %d|%d|%d\n",OK,CC->usersupp.USscreenwidth,
 538                 CC->usersupp.USscreenheight,(CC->usersupp.flags & US_USER_SET));
 539         }
 540
 541 /*
 542  * set user parameters
 543  */
 544 void cmd_setu(char *new_parms)
 545 {
 546
 547         if (num_parms(new_parms)!=3) {
 548                 cprintf("%d Usage error.\n",ERROR);
 549                 return;
 550                 }
 551         if (!(CC->logged_in)) {
 552                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 553                 return;
 554                 }
 555         lgetuser(&CC->usersupp,CC->curr_user);
 556         CC->usersupp.USscreenwidth = extract_int(new_parms,0);
 557         CC->usersupp.USscreenheight = extract_int(new_parms,1);
 558         CC->usersupp.flags = CC->usersupp.flags & (~US_USER_SET);
 559         CC->usersupp.flags = CC->usersupp.flags |
 560                 (extract_int(new_parms,2) & US_USER_SET);
 561         lputuser(&CC->usersupp,CC->curr_user);
 562         cprintf("%d Ok\n",OK);
 563         }
 564
 565 /*
 566  * set last read pointer
 567  */
 568 void cmd_slrp(char *new_ptr)
 569 {
 570         long newlr;
 571
 572         if (!(CC->logged_in)) {
 573                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 574                 return;
 575                 }
 576
 577         if (CC->curr_rm < 0) {
 578                 cprintf("%d No current room.\n",ERROR);
 579                 return;
 580                 }
 581
 582         if (!struncmp(new_ptr,"highest",7)) {
 583                 newlr = CC->quickroom.QRhighest;
 584                 }
 585         else {
 586                 newlr = atol(new_ptr);
 587                 }
 588
 589         lgetuser(&CC->usersupp, CC->curr_user);
 590         CC->usersupp.lastseen[CC->curr_rm] = newlr;
 591         lputuser(&CC->usersupp, CC->curr_user);
 592         cprintf("%d %ld\n",OK,newlr);
 593         }
 594
 595
 596 /*
 597  * INVT and KICK commands
 598  */
 599 void cmd_invt_kick(char *iuser, int op)
 600                         /* user name */
 601         {               /* 1 = invite, 0 = kick out */
 602         struct usersupp USscratch;
 603         char bbb[256];
 604
 605         if (!(CC->logged_in)) {
 606                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 607                 return;
 608                 }
 609
 610         if (CC->curr_rm < 0) {
 611                 cprintf("%d No current room.\n",ERROR);
 612                 return;
 613                 }
 614
 615         if (is_room_aide()==0) {
 616                 cprintf("%d Higher access required.\n",
 617                         ERROR+HIGHER_ACCESS_REQUIRED);
 618                 return;
 619                 }
 620
 621         if ( (op==1) && ((CC->quickroom.QRflags&QR_PRIVATE)==0) ) {
 622                 cprintf("%d Not a private room.\n",ERROR+NOT_HERE);
 623                 return;
 624                 }
 625
 626         if (lgetuser(&USscratch,iuser)!=0) {
 627                 cprintf("%d No such user.\n",ERROR);
 628                 return;
 629                 }
 630
 631         if (op==1) {
 632                 USscratch.generation[CC->curr_rm]=CC->quickroom.QRgen;
 633                 USscratch.forget[CC->curr_rm]=(-1);
 634                 }
 635
 636         if (op==0) {
 637                 USscratch.generation[CC->curr_rm]=(-1);
 638                 USscratch.forget[CC->curr_rm]=CC->quickroom.QRgen;
 639                 }
 640
 641         lputuser(&USscratch,iuser);
 642
 643         /* post a message in Aide> saying what we just did */
 644         sprintf(bbb,"%s %s %s> by %s",
 645                 iuser,
 646                 ((op == 1) ? "invited to" : "kicked out of"),
 647                 CC->quickroom.QRname,
 648                 CC->usersupp.fullname);
 649         aide_message(bbb);
 650
 651         if ((op==0)&&((CC->quickroom.QRflags&QR_PRIVATE)==0)) {
 652                 cprintf("%d Ok. (Not a private room, <Z>ap effect only)\n",OK);
 653                 }
 654         else {
 655                 cprintf("%d Ok.\n",OK);
 656                 }
 657         return;
 658         }
 659
 660
 661 /*
 662  * forget (Zap) the current room
 663  */
 664 void cmd_forg(void) {
 665         if (!(CC->logged_in)) {
 666                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 667                 return;
 668                 }
 669
 670         if (CC->curr_rm < 0) {
 671                 cprintf("%d No current room.\n",ERROR);
 672                 return;
 673                 }
 674
 675         if (CC->curr_rm < 3) {
 676                 cprintf("%d You cannot forget this room.\n",ERROR+NOT_HERE);
 677                 return;
 678                 }
 679
 680         if (is_aide()) {
 681                 cprintf("%d Aides cannot forget rooms.\n",ERROR);
 682                 return;
 683                 }
 684
 685         lgetuser(&CC->usersupp,CC->curr_user);
 686         CC->usersupp.forget[CC->curr_rm] = CC->quickroom.QRgen;
 687         CC->usersupp.generation[CC->curr_rm] = (-1);
 688         lputuser(&CC->usersupp,CC->curr_user);
 689         cprintf("%d Ok\n",OK);
 690         CC->curr_rm = (-1);
 691         }
 692
 693 /*
 694  * Get Next Unregistered User
 695  */
 696 void cmd_gnur(void) {
 697         struct cdbdata *cdbus;
 698         struct usersupp usbuf;
 699
 700         if (!(CC->logged_in)) {
 701                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 702                 return;
 703                 }
 704
 705         if (CC->usersupp.axlevel < 6) {
 706                 cprintf("%d Higher access required.\n",
 707                         ERROR+HIGHER_ACCESS_REQUIRED);
 708                 return;
 709                 }
 710
 711         if ((CitControl.MMflags&MM_VALID)==0) {
 712                 cprintf("%d There are no unvalidated users.\n",OK);
 713                 return;
 714                 }
 715
 716         /* There are unvalidated users.  Traverse the usersupp database,
 717          * and return the first user we find that needs validation.
 718          */
 719         cdb_rewind(CDB_USERSUPP);
 720         while (cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 721                 bzero(&usbuf, sizeof(struct usersupp));
 722                 memcpy(&usbuf, cdbus->ptr, cdbus->len);
 723                 cdb_free(cdbus);
 724                 if ((usbuf.flags & US_NEEDVALID)
 725                    &&(usbuf.axlevel > 0)) {
 726                         cprintf("%d %s\n",MORE_DATA,usbuf.fullname);
 727                         return;
 728                         }
 729                 }
 730
 731         /* If we get to this point, there are no more unvalidated users.
 732          * Therefore we clear the "users need validation" flag.
 733          */
 734
 735         begin_critical_section(S_CONTROL);
 736         get_control();
 737         CitControl.MMflags = CitControl.MMflags&(~MM_VALID);
 738         put_control();
 739         end_critical_section(S_CONTROL);
 740         cprintf("%d *** End of registration.\n",OK);
 741
 742
 743         }
 744
 745
 746 /*
 747  * get registration info for a user
 748  */
 749 void cmd_greg(char *who)
 750 {
 751         struct usersupp usbuf;
 752         int a,b;
 753         char pbuf[32];
 754
 755         if (!(CC->logged_in)) {
 756                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 757                 return;
 758                 }
 759
 760         if (!strucmp(who,"_SELF_")) strcpy(who,CC->curr_user);
 761
 762         if ((CC->usersupp.axlevel < 6) && (strucmp(who,CC->curr_user))) {
 763                 cprintf("%d Higher access required.\n",
 764                         ERROR+HIGHER_ACCESS_REQUIRED);
 765                 return;
 766                 }
 767
 768         if (getuser(&usbuf,who) != 0) {
 769                 cprintf("%d '%s' not found.\n",ERROR+NO_SUCH_USER,who);
 770                 return;
 771                 }
 772
 773         cprintf("%d %s\n",LISTING_FOLLOWS,usbuf.fullname);
 774         cprintf("%ld\n",usbuf.usernum);
 775         pwcrypt(usbuf.password,PWCRYPT);
 776         cprintf("%s\n",usbuf.password);
 777         cprintf("%s\n",usbuf.USname);
 778         cprintf("%s\n",usbuf.USaddr);
 779         cprintf("%s\n%s\n%s\n",
 780                 usbuf.UScity,usbuf.USstate,usbuf.USzip);
 781         strcpy(pbuf,usbuf.USphone);
 782         usbuf.USphone[0]=0;
 783         for (a=0; a<strlen(pbuf); ++a) {
 784                 if ((pbuf[a]>='0')&&(pbuf[a]<='9')) {
 785                         b=strlen(usbuf.USphone);
 786                         usbuf.USphone[b]=pbuf[a];
 787                         usbuf.USphone[b+1]=0;
 788                         }
 789                 }
 790         while(strlen(usbuf.USphone)<10) {
 791                 strcpy(pbuf,usbuf.USphone);
 792                 strcpy(usbuf.USphone," ");
 793                 strcat(usbuf.USphone,pbuf);
 794                 }
 795
 796         cprintf("(%c%c%c) %c%c%c-%c%c%c%c\n",
 797                 usbuf.USphone[0],usbuf.USphone[1],
 798                 usbuf.USphone[2],usbuf.USphone[3],
 799                 usbuf.USphone[4],usbuf.USphone[5],
 800                 usbuf.USphone[6],usbuf.USphone[7],
 801                 usbuf.USphone[8],usbuf.USphone[9]);
 802
 803         cprintf("%d\n",usbuf.axlevel);
 804         cprintf("%s\n",usbuf.USemail);
 805         cprintf("000\n");
 806         }
 807
 808 /*
 809  * validate a user
 810  */
 811 void cmd_vali(char *v_args)
 812 {
 813         char user[256];
 814         int newax;
 815         struct usersupp userbuf;
 816
 817         extract(user,v_args,0);
 818         newax = extract_int(v_args,1);
 819
 820         if (!(CC->logged_in)) {
 821                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 822                 return;
 823                 }
 824
 825         if (CC->usersupp.axlevel < 6) {
 826                 cprintf("%d Higher access required.\n",
 827                         ERROR+HIGHER_ACCESS_REQUIRED);
 828                 return;
 829                 }
 830
 831         if (lgetuser(&userbuf,user)!=0) {
 832                 cprintf("%d '%s' not found.\n",ERROR+NO_SUCH_USER,user);
 833                 return;
 834                 }
 835
 836         userbuf.axlevel = newax;
 837         userbuf.flags = (userbuf.flags & ~US_NEEDVALID);
 838
 839         lputuser(&userbuf,user);
 840
 841         /* If the access level was set to zero, delete the user */
 842         if (newax == 0) {
 843                 purge_user(user);
 844                 cprintf("%d %s Deleted.\n", OK, userbuf.fullname);
 845                 return;
 846                 }
 847
 848         cprintf("%d ok\n",OK);
 849         }
 850
 851
 852
 853 /*
 854  *  List users
 855  */
 856 void cmd_list(void) {
 857         struct usersupp usbuf;
 858         struct cdbdata *cdbus;
 859
 860         cdb_rewind(CDB_USERSUPP);
 861         cprintf("%d \n",LISTING_FOLLOWS);
 862
 863         while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 864                 bzero(&usbuf, sizeof(struct usersupp));
 865                 memcpy(&usbuf, cdbus->ptr, cdbus->len);
 866                 cdb_free(cdbus);
 867
 868             if (usbuf.axlevel > 0) {
 869                 if ((CC->usersupp.axlevel>=6)
 870                    ||((usbuf.flags&US_UNLISTED)==0)
 871                    ||((CC->internal_pgm))) {
 872                         cprintf("%s|%d|%ld|%ld|%d|%d|",
 873                                 usbuf.fullname,
 874                                 usbuf.axlevel,
 875                                 usbuf.usernum,
 876                                 usbuf.lastcall,
 877                                 usbuf.timescalled,
 878                                 usbuf.posted);
 879                         pwcrypt(usbuf.password,config.c_pwcrypt);
 880                         if (CC->usersupp.axlevel >= 6) cprintf("%s",usbuf.password);
 881                         cprintf("\n");
 882                         }
 883                     }
 884                 }
 885         cprintf("000\n");
 886         }
 887
 888 /*
 889  * enter registration info
 890  */
 891 void cmd_regi(void) {
 892         int a,b,c;
 893         char buf[256];
 894
 895         char tmpname[256];
 896         char tmpaddr[256];
 897         char tmpcity[256];
 898         char tmpstate[256];
 899         char tmpzip[256];
 900         char tmpphone[256];
 901         char tmpemail[256];
 902
 903         if (!(CC->logged_in)) {
 904                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 905                 return;
 906                 }
 907
 908         strcpy(tmpname,"");
 909         strcpy(tmpaddr,"");
 910         strcpy(tmpcity,"");
 911         strcpy(tmpstate,"");
 912         strcpy(tmpzip,"");
 913         strcpy(tmpphone,"");
 914         strcpy(tmpemail,"");
 915
 916         cprintf("%d Send registration...\n",SEND_LISTING);
 917         a=0;
 918         while (client_gets(buf), strcmp(buf,"000")) {
 919                 if (a==0) strcpy(tmpname,buf);
 920                 if (a==1) strcpy(tmpaddr,buf);
 921                 if (a==2) strcpy(tmpcity,buf);
 922                 if (a==3) strcpy(tmpstate,buf);
 923                 if (a==4) {
 924                         for (c=0; c<strlen(buf); ++c) {
 925                                 if ((buf[c]>='0')&&(buf[c]<='9')) {
 926                                         b=strlen(tmpzip);
 927                                         tmpzip[b]=buf[c];
 928                                         tmpzip[b+1]=0;
 929                                         }
 930                                 }
 931                         }
 932                 if (a==5) {
 933                         for (c=0; c<strlen(buf); ++c) {
 934                                 if ((buf[c]>='0')&&(buf[c]<='9')) {
 935                                         b=strlen(tmpphone);
 936                                         tmpphone[b]=buf[c];
 937                                         tmpphone[b+1]=0;
 938                                         }
 939                                 }
 940                         }
 941                 if (a==6) strncpy(tmpemail,buf,31);
 942                 ++a;
 943                 }
 944
 945         tmpname[29]=0;
 946         tmpaddr[24]=0;
 947         tmpcity[14]=0;
 948         tmpstate[2]=0;
 949         tmpzip[9]=0;
 950         tmpphone[10]=0;
 951         tmpemail[31]=0;
 952
 953         lgetuser(&CC->usersupp,CC->curr_user);
 954         strcpy(CC->usersupp.USname,tmpname);
 955         strcpy(CC->usersupp.USaddr,tmpaddr);
 956         strcpy(CC->usersupp.UScity,tmpcity);
 957         strcpy(CC->usersupp.USstate,tmpstate);
 958         strcpy(CC->usersupp.USzip,tmpzip);
 959         strcpy(CC->usersupp.USphone,tmpphone);
 960         strcpy(CC->usersupp.USemail,tmpemail);
 961         CC->usersupp.flags=(CC->usersupp.flags|US_REGIS|US_NEEDVALID);
 962         lputuser(&CC->usersupp,CC->curr_user);
 963
 964         /* set global flag calling for validation */
 965         begin_critical_section(S_CONTROL);
 966         get_control();
 967         CitControl.MMflags = CitControl.MMflags | MM_VALID ;
 968         put_control();
 969         end_critical_section(S_CONTROL);
 970         cprintf("%d *** End of registration.\n",OK);
 971         }
 972
 973
 974 /*
 975  * assorted info we need to check at login
 976  */
 977 void cmd_chek(void) {
 978         int mail = 0;
 979         int regis = 0;
 980         int vali = 0;
 981         int a;
 982         struct cdbdata *cdbmb;
 983         long *mailbox;
 984         int num_mails;
 985
 986
 987         if (!(CC->logged_in)) {
 988                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 989                 return;
 990                 }
 991
 992         getuser(&CC->usersupp,CC->curr_user); /* no lock is needed here */
 993         if ((REGISCALL!=0)&&((CC->usersupp.flags&US_REGIS)==0)) regis = 1;
 994
 995         if (CC->usersupp.axlevel >= 6) {
 996                 get_control();
 997                 if (CitControl.MMflags&MM_VALID) vali = 1;
 998                 }
 999
1000
1001         /* check for mail */
1002         mail = 0;
1003         cdbmb = cdb_fetch(CDB_MAILBOXES, &CC->usersupp.usernum, sizeof(long));
1004         if (cdbmb != NULL) {
1005                 num_mails = cdbmb->len / sizeof(long);
1006                 mailbox = (long *) cdbmb->ptr;
1007                 if (num_mails > 0) for (a=0; a<num_mails; ++a) {
1008                         if (mailbox[a] > (CC->usersupp.lastseen[1])) ++mail;
1009                         }
1010                 cdb_free(cdbmb);
1011                 }
1012
1013
1014         cprintf("%d %d|%d|%d\n",OK,mail,regis,vali);
1015         }
1016
1017
1018 /*
1019  * check to see if a user exists
1020  */
1021 void cmd_qusr(char *who)
1022 {
1023         struct usersupp usbuf;
1024
1025         if (getuser(&usbuf,who) == 0) {
1026                 cprintf("%d %s\n",OK,usbuf.fullname);
1027                 }
1028         else {
1029                 cprintf("%d No such user.\n",ERROR+NO_SUCH_USER);
1030                 }
1031         }
1032
1033
1034 /*
1035  * enter user bio
1036  */
1037 void cmd_ebio(void) {
1038         char buf[256];
1039         FILE *fp;
1040
1041         if (!(CC->logged_in)) {
1042                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
1043                 return;
1044                 }
1045
1046         sprintf(buf,"./bio/%ld",CC->usersupp.usernum);
1047         fp = fopen(buf,"w");
1048         if (fp == NULL) {
1049                 cprintf("%d Cannot create file\n",ERROR);
1050                 return;
1051                 }
1052         cprintf("%d  \n",SEND_LISTING);
1053         while(client_gets(buf), strcmp(buf,"000")) {
1054                 fprintf(fp,"%s\n",buf);
1055                 }
1056         fclose(fp);
1057         }
1058
1059 /*
1060  * read user bio
1061  */
1062 void cmd_rbio(char *cmdbuf)
1063 {
1064         struct usersupp ruser;
1065         char buf[256];
1066         FILE *fp;
1067
1068         extract(buf,cmdbuf,0);
1069         if (getuser(&ruser,buf)!=0) {
1070                 cprintf("%d No such user.\n",ERROR+NO_SUCH_USER);
1071                 return;
1072                 }
1073         sprintf(buf,"./bio/%ld",ruser.usernum);
1074
1075         fp = fopen(buf,"r");
1076         if (fp == NULL) {
1077                 cprintf("%d %s has no bio on file.\n",
1078                         ERROR+FILE_NOT_FOUND,ruser.fullname);
1079                 return;
1080                 }
1081         cprintf("%d  \n",LISTING_FOLLOWS);
1082         while (fgets(buf,256,fp)!=NULL) cprintf("%s",buf);
1083         fclose(fp);
1084         cprintf("000\n");
1085         }
1086
1087 /*
1088  * list of users who have entered bios
1089  */
1090 void cmd_lbio(void) {
1091         char buf[256];
1092         FILE *ls;
1093         struct usersupp usbuf;
1094
1095         ls=popen("cd ./bio; ls","r");
1096         if (ls==NULL) {
1097                 cprintf("%d Cannot open listing.\n",ERROR+FILE_NOT_FOUND);
1098                 return;
1099                 }
1100
1101         cprintf("%d\n",LISTING_FOLLOWS);
1102         while (fgets(buf,255,ls)!=NULL)
1103                 if (getuserbynumber(&usbuf,atol(buf))==0)
1104                         cprintf("%s\n",usbuf.fullname);
1105         pclose(ls);
1106         cprintf("000\n");
1107         }