citadel/user_ops.c

   1 /* needed to properly enable crypt() stuff on some systems */
   2 #define _XOPEN_SOURCE
   3 /* needed for str[n]casecmp() on some systems if the above is defined */
   4 #define _XOPEN_SOURCE_EXTENDED
   5
   6 #include <stdlib.h>
   7 #include <unistd.h>
   8 #include <stdio.h>
   9 #include <fcntl.h>
  10 #include <signal.h>
  11 #include <pwd.h>
  12 #include <sys/types.h>
  13 #include <sys/time.h>
  14 #include <string.h>
  15 #include <syslog.h>
  16 #include <pthread.h>
  17 #include "citadel.h"
  18 #include "server.h"
  19 #include "proto.h"
  20 #include "database.h"
  21
  22 extern struct config config;
  23
  24
  25 /*
  26  * hash()  -  hash table function for user lookup
  27  */
  28 int hash(char *str)
  29 {
  30         int h = 0;
  31         int i;
  32
  33         for (i=0; i<strlen(str); ++i) h=h+((i+1)*tolower(str[i]));
  34         return(h);
  35         }
  36
  37
  38 /*
  39  * getuser()  -  retrieve named user into supplied buffer.
  40  *               returns 0 on success
  41  */
  42 int getuser(struct usersupp *usbuf, char name[]) {
  43
  44         char lowercase_name[32];
  45         int a;
  46         struct cdbdata *cdbus;
  47
  48         bzero(usbuf, sizeof(struct usersupp));
  49         for (a=0; a<=strlen(name); ++a) {
  50                 lowercase_name[a] = tolower(name[a]);
  51                 }
  52
  53         cdbus = cdb_fetch(CDB_USERSUPP, lowercase_name, strlen(lowercase_name));
  54         if (cdbus == NULL) {
  55                 return(1);      /* user not found */
  56                 }
  57
  58         memcpy(usbuf, cdbus->ptr,
  59                 ( (cdbus->len > sizeof(struct usersupp)) ?
  60                 sizeof(struct usersupp) : cdbus->len) );
  61         cdb_free(cdbus);
  62         return(0);
  63         }
  64
  65
  66 /*
  67  * lgetuser()  -  same as getuser() but locks the record
  68  */
  69 int lgetuser(struct usersupp *usbuf, char *name)
  70 {
  71         int retcode;
  72
  73         retcode = getuser(usbuf,name);
  74         if (retcode == 0) {
  75                 begin_critical_section(S_USERSUPP);
  76                 }
  77         return(retcode);
  78         }
  79
  80
  81 /*
  82  * putuser()  -  write user buffer into the correct place on disk
  83  */
  84 void putuser(struct usersupp *usbuf, char *name)
  85 {
  86         char lowercase_name[32];
  87         int a;
  88
  89         for (a=0; a<=strlen(name); ++a) {
  90                 lowercase_name[a] = tolower(name[a]);
  91                 }
  92
  93         cdb_store(CDB_USERSUPP,
  94                 lowercase_name, strlen(lowercase_name),
  95                 usbuf, sizeof(struct usersupp));
  96
  97         }
  98
  99
 100 /*
 101  * lputuser()  -  same as putuser() but locks the record
 102  */
 103 void lputuser(struct usersupp *usbuf, char *name) {
 104         putuser(usbuf,name);
 105         end_critical_section(S_USERSUPP);
 106         }
 107
 108
 109 /*
 110  * Is the user currently logged in an Aide?
 111  */
 112 int is_aide(void) {
 113         if (CC->usersupp.axlevel >= 6) return(1);
 114         else return(0);
 115         }
 116
 117
 118 /*
 119  * Is the user currently logged in an Aide *or* the room aide for this room?
 120  */
 121 int is_room_aide(void) {
 122         if ( (CC->usersupp.axlevel >= 6)
 123            || (CC->quickroom.QRroomaide == CC->usersupp.usernum) ) {
 124                 return(1);
 125                 }
 126         else {
 127                 return(0);
 128                 }
 129         }
 130
 131 /*
 132  * getuserbynumber()  -  get user by number
 133  *                       returns 0 if user was found
 134  */
 135 int getuserbynumber(struct usersupp *usbuf, long int number)
 136 {
 137         struct cdbdata *cdbus;
 138
 139         cdb_rewind(CDB_USERSUPP);
 140
 141         while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 142                 bzero(usbuf, sizeof(struct usersupp));
 143                 memcpy(usbuf, cdbus->ptr,
 144                         ( (cdbus->len > sizeof(struct usersupp)) ?
 145                         sizeof(struct usersupp) : cdbus->len) );
 146                 cdb_free(cdbus);
 147                 if (usbuf->usernum == number) {
 148                         return(0);
 149                         }
 150                 }
 151         return(-1);
 152         }
 153
 154
 155 /*
 156  * USER cmd
 157  */
 158 void cmd_user(char *cmdbuf)
 159 {
 160         char username[256];
 161         char autoname[256];
 162         int found_user = 0;
 163         struct passwd *p;
 164         int a;
 165
 166         extract(username,cmdbuf,0);
 167         username[25] = 0;
 168         strproc(username);
 169
 170         if ((CC->logged_in)) {
 171                 cprintf("%d Already logged in.\n",ERROR);
 172                 return;
 173                 }
 174
 175         found_user = getuser(&CC->usersupp,username);
 176         if (found_user != 0) {
 177                 p = (struct passwd *)getpwnam(username);
 178                 if (p!=NULL) {
 179                         strcpy(autoname,p->pw_gecos);
 180                         for (a=0; a<strlen(autoname); ++a)
 181                                 if (autoname[a]==',') autoname[a]=0;
 182                         found_user = getuser(&CC->usersupp,autoname);
 183                         }
 184                 }
 185         if (found_user == 0) {
 186                 if (((CC->nologin)) && (CC->usersupp.axlevel < 6)) {
 187                         cprintf("%d %s: Too many users are already online (maximum is %d)\n",
 188                         ERROR+MAX_SESSIONS_EXCEEDED,
 189                         config.c_nodename,config.c_maxsessions);
 190                         }
 191                 else {
 192                         strcpy(CC->curr_user,CC->usersupp.fullname);
 193                         cprintf("%d Password required for %s\n",
 194                                 MORE_DATA,CC->curr_user);
 195                         }
 196                 }
 197         else {
 198                 cprintf("%d %s not found.\n",ERROR,username);
 199                 }
 200         }
 201
 202
 203
 204 /*
 205  * session startup code which is common to both cmd_pass() and cmd_newu()
 206  */
 207 void session_startup(void) {
 208         int a;
 209         struct quickroom qr;
 210
 211         syslog(LOG_NOTICE,"user <%s> logged in",CC->curr_user);
 212         hook_user_login(CC->cs_pid, CC->curr_user);
 213         lgetuser(&CC->usersupp,CC->curr_user);
 214         ++(CC->usersupp.timescalled);
 215         CC->fake_username[0] = '\0';
 216         CC->fake_postname[0] = '\0';
 217         CC->fake_hostname[0] = '\0';
 218         CC->fake_roomname[0] = '\0';
 219         CC->last_pager[0] = '\0';
 220         time(&CC->usersupp.lastcall);
 221
 222         /* If this user's name is the name of the system administrator
 223          * (as specified in setup), automatically assign access level 6.
 224          */
 225         if (!strcasecmp(CC->usersupp.fullname, config.c_sysadm)) {
 226                 CC->usersupp.axlevel = 6;
 227                 }
 228
 229 /* A room's generation number changes each time it is recycled. Users are kept
 230  * out of private rooms or forget rooms by matching the generation numbers. To
 231  * avoid an accidental matchup, unmatched numbers are set to -1 here.
 232  */
 233         for (a=0; a<MAXROOMS; ++a) {
 234                 getroom(&qr,a);
 235                 if (CC->usersupp.generation[a] != qr.QRgen)
 236                                         CC->usersupp.generation[a]=(-1);
 237                 if (CC->usersupp.forget[a] != qr.QRgen)
 238                                         CC->usersupp.forget[a]=(-1);
 239                 }
 240
 241         lputuser(&CC->usersupp,CC->curr_user);
 242
 243         cprintf("%d %s|%d|%d|%d|%u|%ld\n",OK,CC->usersupp.fullname,CC->usersupp.axlevel,
 244                 CC->usersupp.timescalled,CC->usersupp.posted,CC->usersupp.flags,
 245                 CC->usersupp.usernum);
 246         usergoto(0,0);          /* Enter the lobby */
 247         rec_log(CL_LOGIN,CC->curr_user);
 248         }
 249
 250
 251
 252 /*
 253  * misc things to be taken care of when a user is logged out
 254  */
 255 void logout(struct CitContext *who)
 256 {
 257         who->logged_in = 0;
 258         if (who->download_fp != NULL) {
 259                 fclose(who->download_fp);
 260                 who->download_fp = NULL;
 261                 }
 262         if (who->upload_fp != NULL) {
 263                 abort_upl(who);
 264                 }
 265         }
 266
 267
 268 void cmd_pass(char *buf)
 269 {
 270         char password[256];
 271         int code;
 272         struct passwd *p;
 273
 274         extract(password,buf,0);
 275
 276         if ((CC->logged_in)) {
 277                 cprintf("%d Already logged in.\n",ERROR);
 278                 return;
 279                 }
 280         if (!strcmp(CC->curr_user,"")) {
 281                 cprintf("%d You must send a name with USER first.\n",ERROR);
 282                 return;
 283                 }
 284         if (getuser(&CC->usersupp,CC->curr_user)) {
 285                 cprintf("%d Can't find user record!\n",ERROR+INTERNAL_ERROR);
 286                 return;
 287                 }
 288
 289         code = (-1);
 290         if (CC->usersupp.USuid == BBSUID) {
 291                 strproc(password);
 292                 strproc(CC->usersupp.password);
 293                 code = strcasecmp(CC->usersupp.password,password);
 294                 }
 295         else {
 296                 p = (struct passwd *)getpwuid(CC->usersupp.USuid);
 297 #ifdef ENABLE_AUTOLOGIN
 298                 if (p!=NULL) {
 299                         if (!strcmp(p->pw_passwd,
 300                            (char *)crypt(password,p->pw_passwd))) {
 301                                 code = 0;
 302                                 lgetuser(&CC->usersupp, CC->curr_user);
 303                                 strcpy(CC->usersupp.password, password);
 304                                 lputuser(&CC->usersupp, CC->curr_user);
 305                                 }
 306                         }
 307 #endif
 308                 }
 309
 310         if (!code) {
 311                 (CC->logged_in) = 1;
 312                 session_startup();
 313                 }
 314         else {
 315                 cprintf("%d Wrong password.\n",ERROR);
 316                 rec_log(CL_BADPW,CC->curr_user);
 317                 }
 318         }
 319
 320
 321 /*
 322  * Delete a user record *and* all of its related resources.
 323  */
 324 int purge_user(char *pname) {
 325         char filename[64];
 326         struct usersupp usbuf;
 327         int a;
 328         struct cdbdata *cdbmb;
 329         long *mailbox;
 330         int num_mails;
 331
 332         if (getuser(&usbuf, pname) != 0) {
 333                 lprintf(5, "Cannot purge user <%s> - not found\n", pname);
 334                 return(1);
 335                 }
 336
 337         /* FIX   Don't delete a user who is currently logged in. */
 338
 339         /* delete any messages in the user's mailbox */
 340         cdbmb = cdb_fetch(CDB_MAILBOXES, &usbuf.usernum, sizeof(long));
 341         if (cdbmb != NULL) {
 342                 num_mails = cdbmb->len / sizeof(long);
 343                 mailbox = (long *) cdbmb->ptr;
 344                 if (num_mails > 0) for (a=0; a<num_mails; ++a) {
 345                         cdb_delete(CDB_MSGMAIN, &mailbox[a], sizeof(long));
 346                         }
 347                 cdb_free(cdbmb);
 348                 /* now delete the mailbox itself */
 349                 cdb_delete(CDB_MAILBOXES, &usbuf.usernum, sizeof(long));
 350                 }
 351
 352
 353         /* delete the userlog entry */
 354         cdb_delete(CDB_USERSUPP, pname, strlen(pname));
 355
 356         /* remove the user's bio file */
 357         sprintf(filename, "./bio/%ld", usbuf.usernum);
 358         unlink(filename);
 359
 360         /* remove the user's picture */
 361         sprintf(filename, "./userpics/%ld.gif", usbuf.usernum);
 362         unlink(filename);
 363
 364         return(0);
 365         }
 366
 367
 368 /*
 369  * create_user()  -  back end processing to create a new user
 370  */
 371 int create_user(char *newusername)
 372 {
 373         struct usersupp usbuf;
 374         int a;
 375         struct passwd *p = NULL;
 376         char username[64];
 377
 378         strcpy(username, newusername);
 379         strproc(username);
 380
 381 #ifdef ENABLE_AUTOLOGIN
 382         p = (struct passwd *)getpwnam(username);
 383 #endif
 384         if (p != NULL) {
 385                 strcpy(username, p->pw_gecos);
 386                 for (a=0; a<strlen(username); ++a) {
 387                         if (username[a] == ',') username[a] = 0;
 388                         }
 389                 CC->usersupp.USuid = p->pw_uid;
 390                 }
 391         else {
 392                 CC->usersupp.USuid = BBSUID;
 393                 }
 394
 395         if (!getuser(&usbuf,username)) {
 396                 return(ERROR+ALREADY_EXISTS);
 397                 }
 398
 399         strcpy(CC->curr_user,username);
 400         strcpy(CC->usersupp.fullname,username);
 401         (CC->logged_in) = 1;
 402
 403         for (a=0; a<MAXROOMS; ++a) {
 404                 CC->usersupp.lastseen[a]=0L;
 405                 CC->usersupp.generation[a]=(-1);
 406                 CC->usersupp.forget[a]=(-1);
 407                 }
 408         strcpy(CC->usersupp.password,"");
 409
 410         /* These are the default flags on new accounts */
 411         CC->usersupp.flags =
 412                 US_NEEDVALID|US_LASTOLD|US_DISAPPEAR|US_PAGINATOR|US_FLOORS;
 413
 414         CC->usersupp.timescalled = 0;
 415         CC->usersupp.posted = 0;
 416         CC->usersupp.axlevel = INITAX;
 417         CC->usersupp.USscreenwidth = 80;
 418         CC->usersupp.USscreenheight = 24;
 419         time(&CC->usersupp.lastcall);
 420         strcpy(CC->usersupp.USname, "");
 421         strcpy(CC->usersupp.USaddr, "");
 422         strcpy(CC->usersupp.UScity, "");
 423         strcpy(CC->usersupp.USstate, "");
 424         strcpy(CC->usersupp.USzip, "");
 425         strcpy(CC->usersupp.USphone, "");
 426
 427         /* fetch a new user number */
 428         CC->usersupp.usernum = get_new_user_number();
 429
 430         if (CC->usersupp.usernum == 1L) {
 431                 CC->usersupp.axlevel = 6;
 432                 }
 433
 434         /* add user to userlog */
 435         putuser(&CC->usersupp,CC->curr_user);
 436         if (getuser(&CC->usersupp,CC->curr_user)) {
 437                 return(ERROR+INTERNAL_ERROR);
 438                 }
 439         rec_log(CL_NEWUSER,CC->curr_user);
 440         return(0);
 441         }
 442
 443
 444
 445
 446 /*
 447  * cmd_newu()  -  create a new user account
 448  */
 449 void cmd_newu(char *cmdbuf)
 450 {
 451         int a;
 452         char username[256];
 453
 454         if ((CC->logged_in)) {
 455                 cprintf("%d Already logged in.\n",ERROR);
 456                 return;
 457                 }
 458
 459         if ((CC->nologin)) {
 460                 cprintf("%d %s: Too many users are already online (maximum is %d)\n",
 461                 ERROR+MAX_SESSIONS_EXCEEDED,
 462                 config.c_nodename,config.c_maxsessions);
 463                 }
 464
 465         extract(username,cmdbuf,0);
 466         username[25] = 0;
 467         strproc(username);
 468
 469         if (strlen(username)==0) {
 470                 cprintf("%d You must supply a user name.\n",ERROR);
 471                 return;
 472                 }
 473
 474         a = create_user(username);
 475         if ((!strcasecmp(username, "bbs")) ||
 476             (!strcasecmp(username, "new")) ||
 477             (!strcasecmp(username, ".")))
 478         {
 479            cprintf("%d '%s' is an invalid login name.\n", ERROR);
 480            return;
 481         }
 482         if (a==ERROR+ALREADY_EXISTS) {
 483                 cprintf("%d '%s' already exists.\n",
 484                         ERROR+ALREADY_EXISTS,username);
 485                 return;
 486                 }
 487         else if (a==ERROR+INTERNAL_ERROR) {
 488                 cprintf("%d Internal error - user record disappeared?\n",
 489                         ERROR+INTERNAL_ERROR);
 490                 return;
 491                 }
 492         else if (a==0) {
 493                 session_startup();
 494                 }
 495         else {
 496                 cprintf("%d unknown error\n",ERROR);
 497                 }
 498         rec_log(CL_NEWUSER,CC->curr_user);
 499         }
 500
 501
 502
 503 /*
 504  * set password
 505  */
 506 void cmd_setp(char *new_pw)
 507 {
 508         if (!(CC->logged_in)) {
 509                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 510                 return;
 511                 }
 512         if (CC->usersupp.USuid != BBSUID) {
 513                 cprintf("%d Not allowed.  Use the 'passwd' command.\n",ERROR);
 514                 return;
 515                 }
 516         strproc(new_pw);
 517         if (strlen(new_pw)==0) {
 518                 cprintf("%d Password unchanged.\n",OK);
 519                 return;
 520                 }
 521         lgetuser(&CC->usersupp,CC->curr_user);
 522         strcpy(CC->usersupp.password,new_pw);
 523         lputuser(&CC->usersupp,CC->curr_user);
 524         cprintf("%d Password changed.\n",OK);
 525         rec_log(CL_PWCHANGE,CC->curr_user);
 526         }
 527
 528 /*
 529  * get user parameters
 530  */
 531 void cmd_getu(void) {
 532         if (!(CC->logged_in)) {
 533                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 534                 return;
 535                 }
 536         getuser(&CC->usersupp,CC->curr_user);
 537         cprintf("%d %d|%d|%d\n",
 538                 OK,
 539                 CC->usersupp.USscreenwidth,
 540                 CC->usersupp.USscreenheight,
 541                 (CC->usersupp.flags & US_USER_SET)
 542                 );
 543         }
 544
 545 /*
 546  * set user parameters
 547  */
 548 void cmd_setu(char *new_parms)
 549 {
 550
 551         if (num_parms(new_parms)!=3) {
 552                 cprintf("%d Usage error.\n",ERROR);
 553                 return;
 554                 }
 555         if (!(CC->logged_in)) {
 556                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 557                 return;
 558                 }
 559         lgetuser(&CC->usersupp,CC->curr_user);
 560         CC->usersupp.USscreenwidth = extract_int(new_parms,0);
 561         CC->usersupp.USscreenheight = extract_int(new_parms,1);
 562         CC->usersupp.flags = CC->usersupp.flags & (~US_USER_SET);
 563         CC->usersupp.flags = CC->usersupp.flags |
 564                 (extract_int(new_parms,2) & US_USER_SET);
 565         lputuser(&CC->usersupp,CC->curr_user);
 566         cprintf("%d Ok\n",OK);
 567         }
 568
 569 /*
 570  * set last read pointer
 571  */
 572 void cmd_slrp(char *new_ptr)
 573 {
 574         long newlr;
 575
 576         if (!(CC->logged_in)) {
 577                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 578                 return;
 579                 }
 580
 581         if (CC->curr_rm < 0) {
 582                 cprintf("%d No current room.\n",ERROR);
 583                 return;
 584                 }
 585
 586         if (!strncasecmp(new_ptr,"highest",7)) {
 587                 newlr = CC->quickroom.QRhighest;
 588                 }
 589         else {
 590                 newlr = atol(new_ptr);
 591                 }
 592
 593         lgetuser(&CC->usersupp, CC->curr_user);
 594         CC->usersupp.lastseen[CC->curr_rm] = newlr;
 595         lputuser(&CC->usersupp, CC->curr_user);
 596         cprintf("%d %ld\n",OK,newlr);
 597         }
 598
 599
 600 /*
 601  * INVT and KICK commands
 602  */
 603 void cmd_invt_kick(char *iuser, int op)
 604                         /* user name */
 605         {               /* 1 = invite, 0 = kick out */
 606         struct usersupp USscratch;
 607         char bbb[256];
 608
 609         if (!(CC->logged_in)) {
 610                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 611                 return;
 612                 }
 613
 614         if (CC->curr_rm < 0) {
 615                 cprintf("%d No current room.\n",ERROR);
 616                 return;
 617                 }
 618
 619         if (is_room_aide()==0) {
 620                 cprintf("%d Higher access required.\n",
 621                         ERROR+HIGHER_ACCESS_REQUIRED);
 622                 return;
 623                 }
 624
 625         if ( (op==1) && ((CC->quickroom.QRflags&QR_PRIVATE)==0) ) {
 626                 cprintf("%d Not a private room.\n",ERROR+NOT_HERE);
 627                 return;
 628                 }
 629
 630         if (lgetuser(&USscratch,iuser)!=0) {
 631                 cprintf("%d No such user.\n",ERROR);
 632                 return;
 633                 }
 634
 635         if (op==1) {
 636                 USscratch.generation[CC->curr_rm]=CC->quickroom.QRgen;
 637                 USscratch.forget[CC->curr_rm]=(-1);
 638                 }
 639
 640         if (op==0) {
 641                 USscratch.generation[CC->curr_rm]=(-1);
 642                 USscratch.forget[CC->curr_rm]=CC->quickroom.QRgen;
 643                 }
 644
 645         lputuser(&USscratch,iuser);
 646
 647         /* post a message in Aide> saying what we just did */
 648         sprintf(bbb,"%s %s %s> by %s",
 649                 iuser,
 650                 ((op == 1) ? "invited to" : "kicked out of"),
 651                 CC->quickroom.QRname,
 652                 CC->usersupp.fullname);
 653         aide_message(bbb);
 654
 655         if ((op==0)&&((CC->quickroom.QRflags&QR_PRIVATE)==0)) {
 656                 cprintf("%d Ok. (Not a private room, <Z>ap effect only)\n",OK);
 657                 }
 658         else {
 659                 cprintf("%d Ok.\n",OK);
 660                 }
 661         return;
 662         }
 663
 664
 665 /*
 666  * forget (Zap) the current room
 667  */
 668 void cmd_forg(void) {
 669         if (!(CC->logged_in)) {
 670                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 671                 return;
 672                 }
 673
 674         if (CC->curr_rm < 0) {
 675                 cprintf("%d No current room.\n",ERROR);
 676                 return;
 677                 }
 678
 679         if (CC->curr_rm < 3) {
 680                 cprintf("%d You cannot forget this room.\n",ERROR+NOT_HERE);
 681                 return;
 682                 }
 683
 684         if (is_aide()) {
 685                 cprintf("%d Aides cannot forget rooms.\n",ERROR);
 686                 return;
 687                 }
 688
 689         lgetuser(&CC->usersupp,CC->curr_user);
 690         CC->usersupp.forget[CC->curr_rm] = CC->quickroom.QRgen;
 691         CC->usersupp.generation[CC->curr_rm] = (-1);
 692         lputuser(&CC->usersupp,CC->curr_user);
 693         cprintf("%d Ok\n",OK);
 694         CC->curr_rm = (-1);
 695         }
 696
 697 /*
 698  * Get Next Unregistered User
 699  */
 700 void cmd_gnur(void) {
 701         struct cdbdata *cdbus;
 702         struct usersupp usbuf;
 703
 704         if (!(CC->logged_in)) {
 705                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 706                 return;
 707                 }
 708
 709         if (CC->usersupp.axlevel < 6) {
 710                 cprintf("%d Higher access required.\n",
 711                         ERROR+HIGHER_ACCESS_REQUIRED);
 712                 return;
 713                 }
 714
 715         if ((CitControl.MMflags&MM_VALID)==0) {
 716                 cprintf("%d There are no unvalidated users.\n",OK);
 717                 return;
 718                 }
 719
 720         /* There are unvalidated users.  Traverse the usersupp database,
 721          * and return the first user we find that needs validation.
 722          */
 723         cdb_rewind(CDB_USERSUPP);
 724         while (cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 725                 bzero(&usbuf, sizeof(struct usersupp));
 726                 memcpy(&usbuf, cdbus->ptr,
 727                         ( (cdbus->len > sizeof(struct usersupp)) ?
 728                         sizeof(struct usersupp) : cdbus->len) );
 729                 cdb_free(cdbus);
 730                 if ((usbuf.flags & US_NEEDVALID)
 731                    &&(usbuf.axlevel > 0)) {
 732                         cprintf("%d %s\n",MORE_DATA,usbuf.fullname);
 733                         return;
 734                         }
 735                 }
 736
 737         /* If we get to this point, there are no more unvalidated users.
 738          * Therefore we clear the "users need validation" flag.
 739          */
 740
 741         begin_critical_section(S_CONTROL);
 742         get_control();
 743         CitControl.MMflags = CitControl.MMflags&(~MM_VALID);
 744         put_control();
 745         end_critical_section(S_CONTROL);
 746         cprintf("%d *** End of registration.\n",OK);
 747
 748
 749         }
 750
 751
 752 /*
 753  * get registration info for a user
 754  */
 755 void cmd_greg(char *who)
 756 {
 757         struct usersupp usbuf;
 758         int a,b;
 759         char pbuf[32];
 760
 761         if (!(CC->logged_in)) {
 762                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 763                 return;
 764                 }
 765
 766         if (!strcasecmp(who,"_SELF_")) strcpy(who,CC->curr_user);
 767
 768         if ((CC->usersupp.axlevel < 6) && (strcasecmp(who,CC->curr_user))) {
 769                 cprintf("%d Higher access required.\n",
 770                         ERROR+HIGHER_ACCESS_REQUIRED);
 771                 return;
 772                 }
 773
 774         if (getuser(&usbuf,who) != 0) {
 775                 cprintf("%d '%s' not found.\n",ERROR+NO_SUCH_USER,who);
 776                 return;
 777                 }
 778
 779         cprintf("%d %s\n",LISTING_FOLLOWS,usbuf.fullname);
 780         cprintf("%ld\n",usbuf.usernum);
 781         cprintf("%s\n",usbuf.password);
 782         cprintf("%s\n",usbuf.USname);
 783         cprintf("%s\n",usbuf.USaddr);
 784         cprintf("%s\n%s\n%s\n",
 785                 usbuf.UScity,usbuf.USstate,usbuf.USzip);
 786         strcpy(pbuf,usbuf.USphone);
 787         usbuf.USphone[0]=0;
 788         for (a=0; a<strlen(pbuf); ++a) {
 789                 if ((pbuf[a]>='0')&&(pbuf[a]<='9')) {
 790                         b=strlen(usbuf.USphone);
 791                         usbuf.USphone[b]=pbuf[a];
 792                         usbuf.USphone[b+1]=0;
 793                         }
 794                 }
 795         while(strlen(usbuf.USphone)<10) {
 796                 strcpy(pbuf,usbuf.USphone);
 797                 strcpy(usbuf.USphone," ");
 798                 strcat(usbuf.USphone,pbuf);
 799                 }
 800
 801         cprintf("(%c%c%c) %c%c%c-%c%c%c%c\n",
 802                 usbuf.USphone[0],usbuf.USphone[1],
 803                 usbuf.USphone[2],usbuf.USphone[3],
 804                 usbuf.USphone[4],usbuf.USphone[5],
 805                 usbuf.USphone[6],usbuf.USphone[7],
 806                 usbuf.USphone[8],usbuf.USphone[9]);
 807
 808         cprintf("%d\n",usbuf.axlevel);
 809         cprintf("%s\n",usbuf.USemail);
 810         cprintf("000\n");
 811         }
 812
 813 /*
 814  * validate a user
 815  */
 816 void cmd_vali(char *v_args)
 817 {
 818         char user[256];
 819         int newax;
 820         struct usersupp userbuf;
 821
 822         extract(user,v_args,0);
 823         newax = extract_int(v_args,1);
 824
 825         if (!(CC->logged_in)) {
 826                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 827                 return;
 828                 }
 829
 830         if (CC->usersupp.axlevel < 6) {
 831                 cprintf("%d Higher access required.\n",
 832                         ERROR+HIGHER_ACCESS_REQUIRED);
 833                 return;
 834                 }
 835
 836         if (lgetuser(&userbuf,user)!=0) {
 837                 cprintf("%d '%s' not found.\n",ERROR+NO_SUCH_USER,user);
 838                 return;
 839                 }
 840
 841         userbuf.axlevel = newax;
 842         userbuf.flags = (userbuf.flags & ~US_NEEDVALID);
 843
 844         lputuser(&userbuf,user);
 845
 846         /* If the access level was set to zero, delete the user */
 847         if (newax == 0) {
 848                 if (purge_user(user)==0) {
 849                         cprintf("%d %s Deleted.\n", OK, userbuf.fullname);
 850                         return;
 851                         }
 852                 }
 853
 854         cprintf("%d ok\n",OK);
 855         }
 856
 857
 858
 859 /*
 860  *  List users
 861  */
 862 void cmd_list(void) {
 863         struct usersupp usbuf;
 864         struct cdbdata *cdbus;
 865
 866         cdb_rewind(CDB_USERSUPP);
 867         cprintf("%d \n",LISTING_FOLLOWS);
 868
 869         while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 870                 bzero(&usbuf, sizeof(struct usersupp));
 871                 memcpy(&usbuf, cdbus->ptr,
 872                         ( (cdbus->len > sizeof(struct usersupp)) ?
 873                         sizeof(struct usersupp) : cdbus->len) );
 874                 cdb_free(cdbus);
 875
 876             if (usbuf.axlevel > 0) {
 877                 if ((CC->usersupp.axlevel>=6)
 878                    ||((usbuf.flags&US_UNLISTED)==0)
 879                    ||((CC->internal_pgm))) {
 880                         cprintf("%s|%d|%ld|%ld|%d|%d|",
 881                                 usbuf.fullname,
 882                                 usbuf.axlevel,
 883                                 usbuf.usernum,
 884                                 usbuf.lastcall,
 885                                 usbuf.timescalled,
 886                                 usbuf.posted);
 887                         if (CC->usersupp.axlevel >= 6) cprintf("%s",usbuf.password);
 888                         cprintf("\n");
 889                         }
 890                     }
 891                 }
 892         cprintf("000\n");
 893         }
 894
 895 /*
 896  * enter registration info
 897  */
 898 void cmd_regi(void) {
 899         int a,b,c;
 900         char buf[256];
 901
 902         char tmpname[256];
 903         char tmpaddr[256];
 904         char tmpcity[256];
 905         char tmpstate[256];
 906         char tmpzip[256];
 907         char tmpphone[256];
 908         char tmpemail[256];
 909
 910         if (!(CC->logged_in)) {
 911                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 912                 return;
 913                 }
 914
 915         strcpy(tmpname,"");
 916         strcpy(tmpaddr,"");
 917         strcpy(tmpcity,"");
 918         strcpy(tmpstate,"");
 919         strcpy(tmpzip,"");
 920         strcpy(tmpphone,"");
 921         strcpy(tmpemail,"");
 922
 923         cprintf("%d Send registration...\n",SEND_LISTING);
 924         a=0;
 925         while (client_gets(buf), strcmp(buf,"000")) {
 926                 if (a==0) strcpy(tmpname,buf);
 927                 if (a==1) strcpy(tmpaddr,buf);
 928                 if (a==2) strcpy(tmpcity,buf);
 929                 if (a==3) strcpy(tmpstate,buf);
 930                 if (a==4) {
 931                         for (c=0; c<strlen(buf); ++c) {
 932                                 if ((buf[c]>='0')&&(buf[c]<='9')) {
 933                                         b=strlen(tmpzip);
 934                                         tmpzip[b]=buf[c];
 935                                         tmpzip[b+1]=0;
 936                                         }
 937                                 }
 938                         }
 939                 if (a==5) {
 940                         for (c=0; c<strlen(buf); ++c) {
 941                                 if ((buf[c]>='0')&&(buf[c]<='9')) {
 942                                         b=strlen(tmpphone);
 943                                         tmpphone[b]=buf[c];
 944                                         tmpphone[b+1]=0;
 945                                         }
 946                                 }
 947                         }
 948                 if (a==6) strncpy(tmpemail,buf,31);
 949                 ++a;
 950                 }
 951
 952         tmpname[29]=0;
 953         tmpaddr[24]=0;
 954         tmpcity[14]=0;
 955         tmpstate[2]=0;
 956         tmpzip[9]=0;
 957         tmpphone[10]=0;
 958         tmpemail[31]=0;
 959
 960         lgetuser(&CC->usersupp,CC->curr_user);
 961         strcpy(CC->usersupp.USname,tmpname);
 962         strcpy(CC->usersupp.USaddr,tmpaddr);
 963         strcpy(CC->usersupp.UScity,tmpcity);
 964         strcpy(CC->usersupp.USstate,tmpstate);
 965         strcpy(CC->usersupp.USzip,tmpzip);
 966         strcpy(CC->usersupp.USphone,tmpphone);
 967         strcpy(CC->usersupp.USemail,tmpemail);
 968         CC->usersupp.flags=(CC->usersupp.flags|US_REGIS|US_NEEDVALID);
 969         lputuser(&CC->usersupp,CC->curr_user);
 970
 971         /* set global flag calling for validation */
 972         begin_critical_section(S_CONTROL);
 973         get_control();
 974         CitControl.MMflags = CitControl.MMflags | MM_VALID ;
 975         put_control();
 976         end_critical_section(S_CONTROL);
 977         cprintf("%d *** End of registration.\n",OK);
 978         }
 979
 980
 981 /*
 982  * assorted info we need to check at login
 983  */
 984 void cmd_chek(void) {
 985         int mail = 0;
 986         int regis = 0;
 987         int vali = 0;
 988         int a;
 989         struct cdbdata *cdbmb;
 990         long *mailbox;
 991         int num_mails;
 992
 993
 994         if (!(CC->logged_in)) {
 995                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 996                 return;
 997                 }
 998
 999         getuser(&CC->usersupp,CC->curr_user); /* no lock is needed here */
1000         if ((REGISCALL!=0)&&((CC->usersupp.flags&US_REGIS)==0)) regis = 1;
1001
1002         if (CC->usersupp.axlevel >= 6) {
1003                 get_control();
1004                 if (CitControl.MMflags&MM_VALID) vali = 1;
1005                 }
1006
1007
1008         /* check for mail */
1009         mail = 0;
1010         cdbmb = cdb_fetch(CDB_MAILBOXES, &CC->usersupp.usernum, sizeof(long));
1011         if (cdbmb != NULL) {
1012                 num_mails = cdbmb->len / sizeof(long);
1013                 mailbox = (long *) cdbmb->ptr;
1014                 if (num_mails > 0) for (a=0; a<num_mails; ++a) {
1015                         if (mailbox[a] > (CC->usersupp.lastseen[1])) ++mail;
1016                         }
1017                 cdb_free(cdbmb);
1018                 }
1019
1020
1021         cprintf("%d %d|%d|%d\n",OK,mail,regis,vali);
1022         }
1023
1024
1025 /*
1026  * check to see if a user exists
1027  */
1028 void cmd_qusr(char *who)
1029 {
1030         struct usersupp usbuf;
1031
1032         if (getuser(&usbuf,who) == 0) {
1033                 cprintf("%d %s\n",OK,usbuf.fullname);
1034                 }
1035         else {
1036                 cprintf("%d No such user.\n",ERROR+NO_SUCH_USER);
1037                 }
1038         }
1039
1040
1041 /*
1042  * enter user bio
1043  */
1044 void cmd_ebio(void) {
1045         char buf[256];
1046         FILE *fp;
1047
1048         if (!(CC->logged_in)) {
1049                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
1050                 return;
1051                 }
1052
1053         sprintf(buf,"./bio/%ld",CC->usersupp.usernum);
1054         fp = fopen(buf,"w");
1055         if (fp == NULL) {
1056                 cprintf("%d Cannot create file\n",ERROR);
1057                 return;
1058                 }
1059         cprintf("%d  \n",SEND_LISTING);
1060         while(client_gets(buf), strcmp(buf,"000")) {
1061                 fprintf(fp,"%s\n",buf);
1062                 }
1063         fclose(fp);
1064         }
1065
1066 /*
1067  * read user bio
1068  */
1069 void cmd_rbio(char *cmdbuf)
1070 {
1071         struct usersupp ruser;
1072         char buf[256];
1073         FILE *fp;
1074
1075         extract(buf,cmdbuf,0);
1076         if (getuser(&ruser,buf)!=0) {
1077                 cprintf("%d No such user.\n",ERROR+NO_SUCH_USER);
1078                 return;
1079                 }
1080         sprintf(buf,"./bio/%ld",ruser.usernum);
1081
1082         fp = fopen(buf,"r");
1083         if (fp == NULL) {
1084                 cprintf("%d %s has no bio on file.\n",
1085                         ERROR+FILE_NOT_FOUND,ruser.fullname);
1086                 return;
1087                 }
1088         cprintf("%d  \n",LISTING_FOLLOWS);
1089         while (fgets(buf,256,fp)!=NULL) cprintf("%s",buf);
1090         fclose(fp);
1091         cprintf("000\n");
1092         }
1093
1094 /*
1095  * list of users who have entered bios
1096  */
1097 void cmd_lbio(void) {
1098         char buf[256];
1099         FILE *ls;
1100         struct usersupp usbuf;
1101
1102         ls=popen("cd ./bio; ls","r");
1103         if (ls==NULL) {
1104                 cprintf("%d Cannot open listing.\n",ERROR+FILE_NOT_FOUND);
1105                 return;
1106                 }
1107
1108         cprintf("%d\n",LISTING_FOLLOWS);
1109         while (fgets(buf,255,ls)!=NULL)
1110                 if (getuserbynumber(&usbuf,atol(buf))==0)
1111                         cprintf("%s\n",usbuf.fullname);
1112         pclose(ls);
1113         cprintf("000\n");
1114         }
1115
1116
1117 /*
1118  * Administrative Get User Parameters
1119  */
1120 void cmd_agup(char *cmdbuf) {
1121         struct usersupp usbuf;
1122         char requested_user[256];
1123
1124         if ( (CC->internal_pgm==0)
1125            && ( (CC->logged_in == 0) || (is_aide()==0) ) ) {
1126                 cprintf("%d Higher access required.\n",
1127                         ERROR + HIGHER_ACCESS_REQUIRED);
1128                 return;
1129                 }
1130
1131         extract(requested_user, cmdbuf, 0);
1132         if (getuser(&usbuf, requested_user) != 0) {
1133                 cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
1134                 return;
1135                 }
1136
1137         cprintf("%d %s|%s|%u|%d|%d|%d|%ld\n",
1138                 OK,
1139                 usbuf.fullname,
1140                 usbuf.password,
1141                 usbuf.flags,
1142                 usbuf.timescalled,
1143                 usbuf.posted,
1144                 (int)usbuf.axlevel,
1145                 usbuf.usernum);
1146
1147         }
1148
1149
1150
1151 /*
1152  * Administrative Set User Parameters
1153  */
1154 void cmd_asup(char *cmdbuf) {
1155         struct usersupp usbuf;
1156         char requested_user[256];
1157         int np;
1158         int newax;
1159
1160         if ( (CC->internal_pgm==0)
1161            && ( (CC->logged_in == 0) || (is_aide()==0) ) ) {
1162                 cprintf("%d Higher access required.\n",
1163                         ERROR + HIGHER_ACCESS_REQUIRED);
1164                 return;
1165                 }
1166
1167         extract(requested_user, cmdbuf, 0);
1168         if (lgetuser(&usbuf, requested_user) != 0) {
1169                 cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
1170                 return;
1171                 }
1172
1173         np = num_parms(cmdbuf);
1174         if (np > 1) extract(usbuf.password, cmdbuf, 1);
1175         if (np > 2) usbuf.flags = extract_int(cmdbuf, 2);
1176         if (np > 3) usbuf.timescalled = extract_int(cmdbuf, 3);
1177         if (np > 4) usbuf.posted = extract_int(cmdbuf, 4);
1178         if (np > 5) {
1179                 newax = extract_int(cmdbuf, 5);
1180                 if ((newax >=0) && (newax <= 6)) {
1181                         usbuf.axlevel = extract_int(cmdbuf, 5);
1182                         }
1183                 }
1184
1185         lputuser(&usbuf, requested_user);
1186         if (usbuf.axlevel == 0) {
1187                 if (purge_user(requested_user)==0) {
1188                         cprintf("%d %s deleted.\n", OK, requested_user);
1189                         }
1190                 }
1191         cprintf("%d Ok\n", OK);
1192         }