* fix_scrollbar_bug is now a class instead of an id. Fixes validator warnings.
[citadel.git] / webcit / auth.c
index 78f15f23924a72c445da8cef7dc76b8a956ff049..139ccda49dde88f6ac442d4a1bb1d92ad1a91066 100644 (file)
@@ -5,38 +5,22 @@
  *
  */
 
-
-#include <ctype.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include <stdio.h>
-#include <fcntl.h>
-#include <signal.h>
-#include <sys/types.h>
-#include <sys/wait.h>
-#include <sys/socket.h>
-#include <sys/time.h>
-#include <limits.h>
-#include <netinet/in.h>
-#include <netdb.h>
-#include <string.h>
-#include <pwd.h>
-#include <errno.h>
-#include <stdarg.h>
-#include <pthread.h>
-#include <signal.h>
 #include "webcit.h"
 
-char *axdefs[] =
-{
-       "Deleted",
-       "New User",
-       "Problem User",
-       "Local User",
-       "Network User",
-       "Preferred User",
-       "Aide"
-};
+char *axdefs[7];
+
+void initialize_axdefs(void) {
+       axdefs[0] = _("Deleted");
+       axdefs[1] = _("New User");
+       axdefs[2] = _("Problem User");
+       axdefs[3] = _("Local User");
+       axdefs[4] = _("Network User");
+       axdefs[5] = _("Preferred User");
+       axdefs[6] = _("Aide");
+}
+
+
+
 
 /*
  * Display the login screen
@@ -45,7 +29,7 @@ void display_login(char *mesg)
 {
        char buf[SIZ];
 
-       output_headers(1, 1, 2, 0, 0, 0, 0);
+       output_headers(1, 1, 2, 0, 0, 0);
        wprintf("<div style=\"position:absolute; top:20px; left:20px; right:20px\">\n");
 
        if (mesg != NULL) if (strlen(mesg) > 0) {
@@ -53,9 +37,33 @@ void display_login(char *mesg)
                svprintf("mesg", WCS_STRING, "%s", buf);
        }
 
+       svprintf("LOGIN_INSTRUCTIONS", WCS_STRING,
+               _("<ul>"
+               "<li><b>If you already have an account on %s</b>, "
+               "enter your user name and password and click &quot;Login.&quot; "
+               "<li><b>If you are a new user</b>, enter the name and password "
+               "you wish to use, "
+               "and click &quot;New User.&quot; "
+               "<li>Please log off properly when finished. "
+               "<li>You must use a browser that supports <i>frames</i> and "
+               "<i>cookies</i>. "
+               "<li>Also keep in mind that if your browser is "
+               "configured to block pop-up windows, you will not be able "
+               "to receive any instant messages.<br />"
+               "</ul>"),
+               serv_info.serv_humannode
+       );
+
+       svprintf("USERNAME_BOX", WCS_STRING, "%s", _("User name:"));
+       svprintf("PASSWORD_BOX", WCS_STRING, "%s", _("Password:"));
+       svprintf("LANGUAGE_BOX", WCS_STRING, "%s", _("Language:"));
+       svprintf("LOGIN_BUTTON", WCS_STRING, "%s", _("Login"));
+       svprintf("NEWUSER_BUTTON", WCS_STRING, "%s", _("New User"));
+       svprintf("EXIT_BUTTON", WCS_STRING, "%s", _("Exit"));
        svprintf("hello", WCS_SERVCMD, "MESG hello");
-       svprintf("BOXTITLE", WCS_STRING, "%s - powered by Citadel",
+       svprintf("BOXTITLE", WCS_STRING, _("%s - powered by Citadel"),
                serv_info.serv_humannode);
+       svcallback("DO_LANGUAGE_BOX", offer_languages);
 
        do_template("login");
 
@@ -77,8 +85,9 @@ void become_logged_in(char *user, char *pass, char *serv_response)
        char buf[SIZ];
 
        WC->logged_in = 1;
-       extract(WC->wc_username, &serv_response[4], 0);
-       strcpy(WC->wc_password, pass);
+       extract_token(WC->wc_fullname, &serv_response[4], 0, '|', sizeof WC->wc_fullname);
+       safestrncpy(WC->wc_username, user, sizeof WC->wc_username);
+       safestrncpy(WC->wc_password, pass, sizeof WC->wc_password);
        WC->axlevel = extract_int(&serv_response[4], 1);
        if (WC->axlevel >= 6) {
                WC->is_aide = 1;
@@ -87,13 +96,18 @@ void become_logged_in(char *user, char *pass, char *serv_response)
        load_preferences();
 
        serv_puts("CHEK");
-       serv_gets(buf);
+       serv_getln(buf, sizeof buf);
        if (buf[0] == '2') {
                WC->new_mail = extract_int(&buf[4], 0);
                WC->need_regi = extract_int(&buf[4], 1);
                WC->need_vali = extract_int(&buf[4], 2);
-               extract(WC->cs_inet_email, &buf[4], 3);
+               extract_token(WC->cs_inet_email, &buf[4], 3, '|', sizeof WC->cs_inet_email);
        }
+
+       get_preference("current_iconbar", buf, sizeof buf);
+       WC->current_iconbar = atoi(buf);
+
+       get_preference("floordiv_expanded", WC->floordiv_expanded, sizeof WC->floordiv_expanded);
 }
 
 
@@ -101,16 +115,21 @@ void do_login(void)
 {
        char buf[SIZ];
 
-       if (!strcasecmp(bstr("action"), "Exit")) {
+       if (strlen(bstr("language")) > 0) {
+               set_selected_language(bstr("language"));
+               go_selected_language();
+       }
+
+       if (strlen(bstr("exit_action")) > 0) {
                do_logout();
                return;
        }
-       if (!strcasecmp(bstr("action"), "Login")) {
+       if (strlen(bstr("login_action")) > 0) {
                serv_printf("USER %s", bstr("name"));
-               serv_gets(buf);
+               serv_getln(buf, sizeof buf);
                if (buf[0] == '3') {
                        serv_printf("PASS %s", bstr("pass"));
-                       serv_gets(buf);
+                       serv_getln(buf, sizeof buf);
                        if (buf[0] == '2') {
                                become_logged_in(bstr("name"),
                                                 bstr("pass"), buf);
@@ -123,17 +142,17 @@ void do_login(void)
                        return;
                }
        }
-       if (!strcasecmp(bstr("action"), "New User")) {
+       if (strlen(bstr("newuser_action")) > 0) {
                if (strlen(bstr("pass")) == 0) {
-                       display_login("Blank passwords are not allowed.");
+                       display_login(_("Blank passwords are not allowed."));
                        return;
                }
                serv_printf("NEWU %s", bstr("name"));
-               serv_gets(buf);
+               serv_getln(buf, sizeof buf);
                if (buf[0] == '2') {
                        become_logged_in(bstr("name"), bstr("pass"), buf);
                        serv_printf("SETP %s", bstr("pass"));
-                       serv_gets(buf);
+                       serv_getln(buf, sizeof buf);
                } else {
                        display_login(&buf[4]);
                        return;
@@ -146,7 +165,7 @@ void do_login(void)
                        do_welcome();
                }
        } else {
-               display_login("Your password was not accepted.");
+               display_login(_("Your password was not accepted."));
        }
 
 }
@@ -154,6 +173,7 @@ void do_login(void)
 void do_welcome(void)
 {
        char buf[SIZ];
+#ifdef XXX_NOT_FINISHED_YET_XXX
        FILE *fp;
        int i;
 
@@ -184,17 +204,21 @@ void do_welcome(void)
                }
 
                if (!setup_wizard) {
-                       http_redirect("/setup_wizard");
+                       http_redirect("setup_wizard");
                }
        }
+#endif
 
        /*
         * Go to the user's preferred start page
         */
-       get_preference("startpage", buf);
+       get_preference("startpage", buf, sizeof buf);
        if (strlen(buf)==0) {
-               strcpy(buf, "/dotskip&room=_BASEROOM_");
-               set_preference("startpage", buf);
+               safestrncpy(buf, "dotskip&room=_BASEROOM_", sizeof buf);
+               set_preference("startpage", buf, 1);
+       }
+       if (buf[0] == '/') {
+               strcpy(buf, &buf[1]);
        }
        http_redirect(buf);
 }
@@ -204,6 +228,14 @@ void do_welcome(void)
  * Disconnect from the Citadel server, and end this WebCit session
  */
 void end_webcit_session(void) {
+       char buf[256];
+
+       if (WC->logged_in) {
+               sprintf(buf, "%d", WC->current_iconbar);
+               set_preference("current_iconbar", buf, 0);
+               set_preference("floordiv_expanded", WC->floordiv_expanded, 1);
+       }
+
        serv_puts("QUIT");
        WC->killthis = 1;
        /* close() of citadel socket will be done by do_housekeeping() */
@@ -214,34 +246,38 @@ void do_logout(void)
 {
        char buf[SIZ];
 
-       strcpy(WC->wc_username, "");
-       strcpy(WC->wc_password, "");
-       strcpy(WC->wc_roomname, "");
+       safestrncpy(WC->wc_username, "", sizeof WC->wc_username);
+       safestrncpy(WC->wc_password, "", sizeof WC->wc_password);
+       safestrncpy(WC->wc_roomname, "", sizeof WC->wc_roomname);
+       safestrncpy(WC->wc_fullname, "", sizeof WC->wc_fullname);
 
        /* Calling output_headers() this way causes the cookies to be un-set */
-       output_headers(1, 1, 0, 1, 0, 0, 0);
+       output_headers(1, 1, 0, 1, 0, 0);
 
        wprintf("<center>");
        serv_puts("MESG goodbye");
-       serv_gets(buf);
+       serv_getln(buf, sizeof buf);
 
        if (WC->serv_sock >= 0) {
                if (buf[0] == '1') {
-                       fmout(NULL, "CENTER");
+                       fmout("CENTER");
                } else {
                        wprintf("Goodbye\n");
                }
        }
        else {
-               wprintf("This program was unable to connect or stay "
+               wprintf(_("This program was unable to connect or stay "
                        "connected to the Citadel server.  Please report "
-                       "this problem to your system administrator."
+                       "this problem to your system administrator.")
                );
        }
 
-       wprintf("<hr /><a href=\"/\">Log in again</A>&nbsp;&nbsp;&nbsp;"
-               "<a href=\"javascript:window.close();\">Close window</A>"
-               "</center>\n");
+       wprintf("<hr /><a href=\".\">");
+       wprintf(_("Log in again"));
+       wprintf("</A>&nbsp;&nbsp;&nbsp;"
+               "<a href=\"javascript:window.close();\">");
+       wprintf(_("Close window"));
+       wprintf("</a></center>\n");
        wDumpContent(2);
        end_webcit_session();
 }
@@ -257,46 +293,55 @@ void validate(void)
        char buf[SIZ];
        int a;
 
-       output_headers(1, 1, 2, 0, 0, 0, 0);
+       output_headers(1, 1, 2, 0, 0, 0);
        wprintf("<div id=\"banner\">\n"
                "<TABLE WIDTH=100%% BORDER=0 BGCOLOR=\"#444455\"><TR><TD>"
-               "<SPAN CLASS=\"titlebar\">Validate new users</SPAN>"
-               "</TD></TR></TABLE>\n"
-               "</div>\n<div id=\"content\">\n"
-       );
-                                                                                                                            
-       strcpy(buf, bstr("user"));
-       if (strlen(buf) > 0)
+               "<SPAN CLASS=\"titlebar\">");
+       wprintf(_("Validate new users"));
+       wprintf("</SPAN></TD></TR></TABLE>\n</div>\n<div id=\"content\">\n");
+
+       /* If the user just submitted a validation, process it... */
+       safestrncpy(buf, bstr("user"), sizeof buf);
+       if (strlen(buf) > 0) {
                if (strlen(bstr("axlevel")) > 0) {
                        serv_printf("VALI %s|%s", buf, bstr("axlevel"));
-                       serv_gets(buf);
+                       serv_getln(buf, sizeof buf);
                        if (buf[0] != '2') {
                                wprintf("<b>%s</b><br />\n", &buf[4]);
                        }
                }
-       serv_puts("GNUR");
-       serv_gets(buf);
+       }
 
+       /* Now see if any more users require validation. */
+       serv_puts("GNUR");
+       serv_getln(buf, sizeof buf);
+       if (buf[0] == '2') {
+               wprintf("<b>");
+               wprintf(_("No users require validation at this time."));
+               wprintf("</b><br />\n");
+               wDumpContent(1);
+               return;
+       }
        if (buf[0] != '3') {
                wprintf("<b>%s</b><br />\n", &buf[4]);
                wDumpContent(1);
                return;
        }
 
-       wprintf("<div id=\"fix_scrollbar_bug\">"
+       wprintf("<div class=\"fix_scrollbar_bug\">"
                "<table border=0 width=100%% bgcolor=\"#ffffff\"><tr><td>\n");
        wprintf("<center>");
 
-       strcpy(user, &buf[4]);
+       safestrncpy(user, &buf[4], sizeof user);
        serv_printf("GREG %s", user);
-       serv_gets(cmd);
+       serv_getln(cmd, sizeof cmd);
        if (cmd[0] == '1') {
                a = 0;
                do {
-                       serv_gets(buf);
+                       serv_getln(buf, sizeof buf);
                        ++a;
                        if (a == 1)
-                               wprintf("User #%s<br /><H1>%s</H1>",
+                               wprintf("#%s<br /><H1>%s</H1>",
                                        buf, &cmd[4]);
                        if (a == 2)
                                wprintf("PW: %s<br />\n", buf);
@@ -313,16 +358,18 @@ void validate(void)
                        if (a == 8)
                                wprintf("%s<br />\n", buf);
                        if (a == 9)
-                               wprintf("Current access level: %d (%s)\n",
+                               wprintf(_("Current access level: %d (%s)\n"),
                                        atoi(buf), axdefs[atoi(buf)]);
                } while (strcmp(buf, "000"));
        } else {
                wprintf("<H1>%s</H1>%s<br />\n", user, &cmd[4]);
        }
 
-       wprintf("<hr />Select access level for this user:<br />\n");
+       wprintf("<hr />");
+       wprintf(_("Select access level for this user:"));
+       wprintf("<br />\n");
        for (a = 0; a <= 6; ++a) {
-               wprintf("<A HREF=\"/validate&user=");
+               wprintf("<a href=\"validate&user=");
                urlescputs(user);
                wprintf("&axlevel=%d\">%s</A>&nbsp;&nbsp;&nbsp;\n",
                        a, axdefs[a]);
@@ -351,7 +398,7 @@ void display_reg(int during_login)
                return;
        }
 
-       vcard_msgnum = locate_user_vcard(WC->wc_username, -1);
+       vcard_msgnum = locate_user_vcard(WC->wc_fullname, -1);
        if (vcard_msgnum < 0L) {
                if (during_login) do_welcome();
                else display_main_menu();
@@ -359,10 +406,10 @@ void display_reg(int during_login)
        }
 
        if (during_login) {
-               do_edit_vcard(vcard_msgnum, "1", "/do_welcome");
+               do_edit_vcard(vcard_msgnum, "1", "do_welcome");
        }
        else {
-               do_edit_vcard(vcard_msgnum, "1", "/display_main_menu");
+               do_edit_vcard(vcard_msgnum, "1", "display_main_menu");
        }
 
 }
@@ -377,10 +424,12 @@ void display_changepw(void)
 {
        char buf[SIZ];
 
-       output_headers(1, 1, 2, 0, 0, 0, 0);
+       output_headers(1, 1, 2, 0, 0, 0);
        wprintf("<div id=\"banner\">\n"
                "<TABLE WIDTH=100%% BORDER=0 BGCOLOR=\"#444455\"><TR><TD>"
-               "<SPAN CLASS=\"titlebar\">Change your password</SPAN>"
+               "<SPAN CLASS=\"titlebar\">");
+       wprintf(_("Change your password"));
+       wprintf("</SPAN>"
                "</TD></TR></TABLE>\n"
                "</div>\n<div id=\"content\">\n"
        );
@@ -390,32 +439,36 @@ void display_changepw(void)
                wprintf("<SPAN CLASS=\"errormsg\">"
                        "%s</SPAN><br />\n", WC->ImportantMessage);
                do_template("endbox");
-               strcpy(WC->ImportantMessage, "");
+               safestrncpy(WC->ImportantMessage, "", sizeof WC->ImportantMessage);
        }
 
-       wprintf("<div id=\"fix_scrollbar_bug\">"
+       wprintf("<div class=\"fix_scrollbar_bug\">"
                "<table border=0 width=100%% bgcolor=\"#ffffff\"><tr><td>\n");
 
        wprintf("<CENTER><br />");
        serv_puts("MESG changepw");
-       serv_gets(buf);
+       serv_getln(buf, sizeof buf);
        if (buf[0] == '1') {
-               fmout(NULL, "CENTER");
+               fmout("CENTER");
        }
 
        wprintf("<form name=\"changepwform\" action=\"changepw\" method=\"post\">\n");
        wprintf("<CENTER>"
                "<table border=\"0\" cellspacing=\"5\" cellpadding=\"5\" "
                "BGCOLOR=\"#EEEEEE\">"
-               "<TR><TD>Enter new password:</TD>\n");
+               "<TR><TD>");
+       wprintf(_("Enter new password:"));
+       wprintf("</TD>\n");
        wprintf("<TD><INPUT TYPE=\"password\" NAME=\"newpass1\" VALUE=\"\" MAXLENGTH=\"20\"></TD></TR>\n");
-       wprintf("<TR><TD>Enter it again to confirm:</TD>\n");
+       wprintf("<TR><TD>");
+       wprintf(_("Enter it again to confirm:"));
+       wprintf("</TD>\n");
        wprintf("<TD><INPUT TYPE=\"password\" NAME=\"newpass2\" VALUE=\"\" MAXLENGTH=\"20\"></TD></TR>\n");
 
        wprintf("</TABLE><br />\n");
-       wprintf("<INPUT type=\"submit\" name=\"action\" value=\"Change\">"
-               "&nbsp;"
-               "<INPUT type=\"submit\" name=\"action\" value=\"Cancel\">\n");
+       wprintf("<INPUT type=\"submit\" name=\"change_action\" value=\"%s\">", _("Change password"));
+       wprintf("&nbsp;");
+       wprintf("<INPUT type=\"submit\" name=\"cancel_action\" value=\"%s\">\n", _("Cancel"));
        wprintf("</form></center>\n");
        wprintf("</td></tr></table></div>\n");
        wDumpContent(1);
@@ -429,32 +482,35 @@ void changepw(void)
        char buf[SIZ];
        char newpass1[32], newpass2[32];
 
-       if (strcmp(bstr("action"), "Change")) {
-               strcpy(WC->ImportantMessage, 
-                       "Cancelled.  Password was not changed.");
+       if (strlen(bstr("change_action")) == 0) {
+               safestrncpy(WC->ImportantMessage, 
+                       _("Cancelled.  Password was not changed."),
+                       sizeof WC->ImportantMessage);
                display_main_menu();
                return;
        }
 
-       strcpy(newpass1, bstr("newpass1"));
-       strcpy(newpass2, bstr("newpass2"));
+       safestrncpy(newpass1, bstr("newpass1"), sizeof newpass1);
+       safestrncpy(newpass2, bstr("newpass2"), sizeof newpass2);
 
        if (strcasecmp(newpass1, newpass2)) {
-               strcpy(WC->ImportantMessage, 
-                       "They don't match.  Password was not changed.");
+               safestrncpy(WC->ImportantMessage, 
+                       _("They don't match.  Password was not changed."),
+                       sizeof WC->ImportantMessage);
                display_changepw();
                return;
        }
 
        if (strlen(newpass1) == 0) {
-               strcpy(WC->ImportantMessage, 
-                       "Blank passwords are not allowed.");
+               safestrncpy(WC->ImportantMessage, 
+                       _("Blank passwords are not allowed."),
+                       sizeof WC->ImportantMessage);
                display_changepw();
                return;
        }
 
        serv_printf("SETP %s", newpass1);
-       serv_gets(buf);
+       serv_getln(buf, sizeof buf);
        sprintf(WC->ImportantMessage, "%s", &buf[4]);
        if (buf[0] == '2') {
                safestrncpy(WC->wc_password, buf, sizeof WC->wc_password);