4 * This module handles self-service subscription/unsubscription to mail lists.
6 * Copyright (c) 2002-2009 by the citadel.org team
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
33 #include <sys/types.h>
35 #if TIME_WITH_SYS_TIME
36 # include <sys/time.h>
40 # include <sys/time.h>
49 #include <libcitadel.h>
52 #include "citserver.h"
60 #include "internet_addressing.h"
61 #include "clientsocket.h"
70 #include "ctdl_module.h"
74 * Generate a randomizationalisticized token to use for authentication of
75 * a subscribe or unsubscribe request.
77 void listsub_generate_token(char *buf) {
81 /* Theo, please sit down and shut up. This key doesn't have to be
82 * tinfoil-hat secure, it just needs to be reasonably unguessable
85 sprintf(sourcebuf, "%lx",
86 (long) (++seq + getpid() + time(NULL))
89 /* Convert it to base64 so it looks cool */
90 CtdlEncodeBase64(buf, sourcebuf, strlen(sourcebuf), 0);
95 * Enter a subscription request
97 void do_subscribe(char *room, char *email, char *subtype, char *webpage) {
98 struct ctdlroom qrbuf;
102 char confirmation_request[2048];
104 char urlroom[ROOMNAMELEN];
109 if (getroom(&qrbuf, room) != 0) {
110 cprintf("%d There is no list called '%s'\n", ERROR + ROOM_NOT_FOUND, room);
114 if ((qrbuf.QRflags2 & QR2_SELFLIST) == 0) {
116 "does not accept subscribe/unsubscribe requests.\n",
117 ERROR + HIGHER_ACCESS_REQUIRED, qrbuf.QRname);
121 listsub_generate_token(token);
123 assoc_file_name(filename, sizeof filename, &qrbuf, ctdl_netcfg_dir);
126 * Make sure the requested address isn't already subscribed
128 begin_critical_section(S_NETCONFIGS);
129 ncfp = fopen(filename, "r");
131 while (fgets(buf, sizeof buf, ncfp) != NULL) {
132 buf[strlen(buf)-1] = 0;
133 extract_token(scancmd, buf, 0, '|', sizeof scancmd);
134 extract_token(scanemail, buf, 1, '|', sizeof scanemail);
135 if ((!strcasecmp(scancmd, "listrecp"))
136 || (!strcasecmp(scancmd, "digestrecp"))) {
137 if (!strcasecmp(scanemail, email)) {
144 end_critical_section(S_NETCONFIGS);
146 if (found_sub != 0) {
147 cprintf("%d '%s' is already subscribed to '%s'.\n",
148 ERROR + ALREADY_EXISTS,
149 email, qrbuf.QRname);
154 * Now add it to the file
156 begin_critical_section(S_NETCONFIGS);
157 ncfp = fopen(filename, "a");
159 fprintf(ncfp, "subpending|%s|%s|%s|%ld|%s\n",
168 end_critical_section(S_NETCONFIGS);
170 /* Generate and send the confirmation request */
172 urlesc(urlroom, ROOMNAMELEN, qrbuf.QRname);
174 snprintf(confirmation_request, sizeof confirmation_request,
176 "MIME-Version: 1.0\n"
177 "Content-Type: multipart/alternative; boundary=\"__ctdlmultipart__\"\n"
179 "This is a multipart message in MIME format.\n"
181 "--__ctdlmultipart__\n"
182 "Content-type: text/plain\n"
184 "Someone (probably you) has submitted a request to subscribe\n"
185 "<%s> to the '%s' mailing list.\n"
187 "Please go here to confirm this request:\n"
188 " %s?room=%s&token=%s&cmd=confirm \n"
190 "If this request has been submitted in error and you do not\n"
191 "wish to receive the '%s' mailing list, simply do nothing,\n"
192 "and you will not receive any further mailings.\n"
194 "--__ctdlmultipart__\n"
195 "Content-type: text/html\n"
198 "Someone (probably you) has submitted a request to subscribe\n"
199 "<%s> to the <B>%s</B> mailing list.<BR><BR>\n"
200 "Please click here to confirm this request:<BR>\n"
201 "<A HREF=\"%s?room=%s&token=%s&cmd=confirm\">"
202 "%s?room=%s&token=%s&cmd=confirm</A><BR><BR>\n"
203 "If this request has been submitted in error and you do not\n"
204 "wish to receive the '%s' mailing list, simply do nothing,\n"
205 "and you will not receive any further mailings.\n"
208 "--__ctdlmultipart__--\n",
211 webpage, urlroom, token,
215 webpage, urlroom, token,
216 webpage, urlroom, token,
220 quickie_message( /* This delivers the message */
225 confirmation_request,
227 "Please confirm your list subscription"
230 cprintf("%d Subscription entered; confirmation request sent\n", CIT_OK);
235 * Enter an unsubscription request
237 void do_unsubscribe(char *room, char *email, char *webpage) {
238 struct ctdlroom qrbuf;
243 char confirmation_request[2048];
244 char urlroom[ROOMNAMELEN];
249 if (getroom(&qrbuf, room) != 0) {
250 cprintf("%d There is no list called '%s'\n",
251 ERROR + ROOM_NOT_FOUND, room);
255 if ((qrbuf.QRflags2 & QR2_SELFLIST) == 0) {
257 "does not accept subscribe/unsubscribe requests.\n",
258 ERROR + HIGHER_ACCESS_REQUIRED, qrbuf.QRname);
262 listsub_generate_token(token);
264 assoc_file_name(filename, sizeof filename, &qrbuf, ctdl_netcfg_dir);
267 * Make sure there's actually a subscription there to remove
269 begin_critical_section(S_NETCONFIGS);
270 ncfp = fopen(filename, "r");
272 while (fgets(buf, sizeof buf, ncfp) != NULL) {
273 buf[strlen(buf)-1] = 0;
274 extract_token(scancmd, buf, 0, '|', sizeof scancmd);
275 extract_token(scanemail, buf, 1, '|', sizeof scanemail);
276 if ((!strcasecmp(scancmd, "listrecp"))
277 || (!strcasecmp(scancmd, "digestrecp"))) {
278 if (!strcasecmp(scanemail, email)) {
285 end_critical_section(S_NETCONFIGS);
287 if (found_sub == 0) {
288 cprintf("%d '%s' is not subscribed to '%s'.\n",
289 ERROR + NO_SUCH_USER,
290 email, qrbuf.QRname);
295 * Ok, now enter the unsubscribe-pending entry.
297 begin_critical_section(S_NETCONFIGS);
298 ncfp = fopen(filename, "a");
300 fprintf(ncfp, "unsubpending|%s|%s|%ld|%s\n",
308 end_critical_section(S_NETCONFIGS);
310 /* Generate and send the confirmation request */
312 urlesc(urlroom, ROOMNAMELEN, qrbuf.QRname);
314 snprintf(confirmation_request, sizeof confirmation_request,
316 "MIME-Version: 1.0\n"
317 "Content-Type: multipart/alternative; boundary=\"__ctdlmultipart__\"\n"
319 "This is a multipart message in MIME format.\n"
321 "--__ctdlmultipart__\n"
322 "Content-type: text/plain\n"
324 "Someone (probably you) has submitted a request to unsubscribe\n"
325 "<%s> from the '%s' mailing list.\n"
327 "Please go here to confirm this request:\n"
328 " %s?room=%s&token=%s&cmd=confirm \n"
330 "If this request has been submitted in error and you do not\n"
331 "wish to unsubscribe from the '%s' mailing list, simply do nothing,\n"
332 "and the request will not be processed.\n"
334 "--__ctdlmultipart__\n"
335 "Content-type: text/html\n"
338 "Someone (probably you) has submitted a request to unsubscribe\n"
339 "<%s> from the <B>%s</B> mailing list.<BR><BR>\n"
340 "Please click here to confirm this request:<BR>\n"
341 "<A HREF=\"%s?room=%s&token=%s&cmd=confirm\">"
342 "%s?room=%s&token=%s&cmd=confirm</A><BR><BR>\n"
343 "If this request has been submitted in error and you do not\n"
344 "wish to unsubscribe from the '%s' mailing list, simply do nothing,\n"
345 "and the request will not be processed.\n"
348 "--__ctdlmultipart__--\n",
351 webpage, urlroom, token,
355 webpage, urlroom, token,
356 webpage, urlroom, token,
360 quickie_message( /* This delivers the message */
365 confirmation_request,
367 "Please confirm your unsubscribe request"
370 cprintf("%d Unubscription noted; confirmation request sent\n", CIT_OK);
375 * Confirm a subscribe/unsubscribe request.
377 void do_confirm(char *room, char *token) {
378 struct ctdlroom qrbuf;
381 char line_token[256];
389 char address_to_unsubscribe[256];
392 char *holdbuf = NULL;
396 strcpy(address_to_unsubscribe, "");
398 if (getroom(&qrbuf, room) != 0) {
399 cprintf("%d There is no list called '%s'\n",
400 ERROR + ROOM_NOT_FOUND, room);
404 if ((qrbuf.QRflags2 & QR2_SELFLIST) == 0) {
406 "does not accept subscribe/unsubscribe requests.\n",
407 ERROR + HIGHER_ACCESS_REQUIRED, qrbuf.QRname);
412 * Now start scanning this room's netconfig file for the
415 assoc_file_name(filename, sizeof filename, &qrbuf, ctdl_netcfg_dir);
416 begin_critical_section(S_NETCONFIGS);
417 ncfp = fopen(filename, "r+");
419 while (line_offset = ftell(ncfp),
420 (fgets(buf, sizeof buf, ncfp) != NULL) ) {
421 buf[strlen(buf)-1] = 0;
422 line_length = strlen(buf);
423 extract_token(cmd, buf, 0, '|', sizeof cmd);
424 if (!strcasecmp(cmd, "subpending")) {
425 extract_token(email, buf, 1, '|', sizeof email);
426 extract_token(subtype, buf, 2, '|', sizeof subtype);
427 extract_token(line_token, buf, 3, '|', sizeof line_token);
428 if (!strcasecmp(token, line_token)) {
429 if (!strcasecmp(subtype, "digest")) {
430 safestrncpy(buf, "digestrecp|", sizeof buf);
433 safestrncpy(buf, "listrecp|", sizeof buf);
437 /* SLEAZY HACK: pad the line out so
438 * it's the same length as the line
441 while (strlen(buf) < line_length) {
444 fseek(ncfp, line_offset, SEEK_SET);
445 fprintf(ncfp, "%s\n", buf);
449 if (!strcasecmp(cmd, "unsubpending")) {
450 extract_token(line_token, buf, 2, '|', sizeof line_token);
451 if (!strcasecmp(token, line_token)) {
452 extract_token(address_to_unsubscribe, buf, 1, '|',
453 sizeof address_to_unsubscribe);
459 end_critical_section(S_NETCONFIGS);
462 * If "address_to_unsubscribe" contains something, then we have to
463 * make another pass at the file, stripping out lines referring to
466 if (!IsEmptyStr(address_to_unsubscribe)) {
467 holdbuf = malloc(SIZ);
468 begin_critical_section(S_NETCONFIGS);
469 ncfp = fopen(filename, "r+");
471 while (line_offset = ftell(ncfp),
472 (fgets(buf, sizeof buf, ncfp) != NULL) ) {
473 buf[strlen(buf)-1]=0;
474 extract_token(scancmd, buf, 0, '|', sizeof scancmd);
475 extract_token(scanemail, buf, 1, '|', sizeof scanemail);
476 if ( (!strcasecmp(scancmd, "listrecp"))
477 && (!strcasecmp(scanemail,
478 address_to_unsubscribe)) ) {
481 else if ( (!strcasecmp(scancmd, "digestrecp"))
482 && (!strcasecmp(scanemail,
483 address_to_unsubscribe)) ) {
486 else if ( (!strcasecmp(scancmd, "subpending"))
487 && (!strcasecmp(scanemail,
488 address_to_unsubscribe)) ) {
491 else if ( (!strcasecmp(scancmd, "unsubpending"))
492 && (!strcasecmp(scanemail,
493 address_to_unsubscribe)) ) {
496 else { /* Not relevant, so *keep* it! */
497 linelen = strlen(buf);
498 holdbuf = realloc(holdbuf,
499 (buflen + linelen + 2) );
500 strcpy(&holdbuf[buflen], buf);
502 strcpy(&holdbuf[buflen], "\n");
508 ncfp = fopen(filename, "w");
510 fwrite(holdbuf, buflen+1, 1, ncfp);
513 end_critical_section(S_NETCONFIGS);
518 * Did we do anything useful today?
521 cprintf("%d %d operation(s) confirmed.\n", CIT_OK, success);
522 CtdlLogPrintf(CTDL_NOTICE,
523 "Mailing list: %s %ssubscribed to %s with token %s\n",
525 (!IsEmptyStr(address_to_unsubscribe)) ? "un" : "",
530 cprintf("%d Invalid token.\n", ERROR + ILLEGAL_VALUE);
538 * process subscribe/unsubscribe requests and confirmations
540 void cmd_subs(char *cmdbuf) {
543 char room[ROOMNAMELEN];
549 extract_token(opr, cmdbuf, 0, '|', sizeof opr);
550 if (!strcasecmp(opr, "subscribe")) {
551 extract_token(subtype, cmdbuf, 3, '|', sizeof subtype);
552 if ( (strcasecmp(subtype, "list"))
553 && (strcasecmp(subtype, "digest")) ) {
554 cprintf("%d Invalid subscription type '%s'\n",
555 ERROR + ILLEGAL_VALUE, subtype);
558 extract_token(room, cmdbuf, 1, '|', sizeof room);
559 extract_token(email, cmdbuf, 2, '|', sizeof email);
560 extract_token(webpage, cmdbuf, 4, '|', sizeof webpage);
561 do_subscribe(room, email, subtype, webpage);
564 else if (!strcasecmp(opr, "unsubscribe")) {
565 extract_token(room, cmdbuf, 1, '|', sizeof room);
566 extract_token(email, cmdbuf, 2, '|', sizeof email);
567 extract_token(webpage, cmdbuf, 3, '|', sizeof webpage);
568 do_unsubscribe(room, email, webpage);
570 else if (!strcasecmp(opr, "confirm")) {
571 extract_token(room, cmdbuf, 1, '|', sizeof room);
572 extract_token(token, cmdbuf, 2, '|', sizeof token);
573 do_confirm(room, token);
576 cprintf("%d Invalid command\n", ERROR + ILLEGAL_VALUE);
584 CTDL_MODULE_INIT(listsub)
588 CtdlRegisterProtoHook(cmd_subs, "SUBS", "List subscribe/unsubscribe");
591 /* return our Subversion id for the Log */