static int addressbookmode(char *me, char *him) { if (!strcasecmp(me, him)) return 3; if (inoverride(him, me, "friends")) return 2; if (inoverride(me, him, "friends")) return 1; return 0; }
int bbssndmail_main() { char mymaildir[80], userid[80], filename[80], filename2[80], title[80], title2[80], *content; char *ptr; int i, sig, backup, allfriend, mark = 0, reply = 0, num = 0, use_ubb; struct userec *u; struct fileheader fh; html_header(1); strsncpy(userid, getparm("userid"), 40); if (!loginok || (isguest && strcmp(userid, "SYSOP"))) http_fatal("匆匆过客不能写信,请先登录"); sprintf(mymaildir, "mail/%c/%s/.DIR", mytoupper(currentuser->userid[0]), currentuser->userid); if ((ptr=check_mailperm(currentuser))) http_fatal(ptr); changemode(SMAIL); strsncpy(title, getparm("title"), 50); backup = strlen(getparm("backup")); allfriend = strlen(getparm("allfriend")); reply = atoi(getparm("reply")); num = atoi(getparm("num")); use_ubb = strlen(getparm("useubb")); if (!strstr(userid, "@") && !allfriend) { if (getuser(userid, &u) <= 0) http_fatal("错误的收信人帐号 %s", userid); strcpy(userid, u->userid); if (inoverride(currentuser->userid, userid, "rejects")) http_fatal("无法发信给这个人"); } if (!USERPERM(currentuser, PERM_LOGINOK) && strcmp(userid, "SYSOP")) http_fatal("未通过注册用户只能给SYSOP写信!"); for (i = 0; i < strlen(title); i++) if (title[i] <= 27 && title[i] >= -1) title[i] = ' '; sig = atoi(getparm("signature")); content = getparm("text"); if (title[0] == 0) strcpy(title, "没主题"); sprintf(filename, "bbstmpfs/tmp/%d.tmp", thispid); sprintf(filename2, "bbstmpfs/tmp/%d.tmp2", thispid); if (use_ubb) ubb2ansi(content, filename2); else f_write(filename2, content); if (insertattachments_byfile(filename, filename2, currentuser->userid) > 0) mark |= FH_ATTACHED; unlink(filename2); if (!allfriend) { snprintf(title2, sizeof (title2), "{%s} %s", userid, title); post_mail(userid, title, filename, currentuser->userid, currentuser->username, fromhost, sig - 1, mark); } else { loadfriend(currentuser->userid); snprintf(title2, sizeof (title2), "[群体信件] %.60s", title); for (i = 0; i < friendnum; i++) { if (getuser(fff[i].id, &u) <= 0) { u = NULL; continue; } if (inoverride (currentuser->userid, fff[i].id, "rejects")) continue; post_mail(fff[i].id, title2, filename, currentuser->userid, currentuser->username, fromhost, sig - 1, mark); } } if (backup) post_mail(currentuser->userid, title2, filename, currentuser->userid, currentuser->username, fromhost, sig - 1, mark); unlink(filename); if (reply > 0) { /* churinga - add reply mark 'R' */ if (get_record(&fh, sizeof(struct fileheader), num, mymaildir) > 0) { fh.accessed |= FH_REPLIED; put_record(&fh, sizeof (struct fileheader), num, mymaildir); } } if(!(u->userdefine & DEF_SEEWELC1)) printf("发送失败,此用户已经关闭信箱。"); else printf("信件已寄给%s.<br>\n", allfriend ? "所有好友" : userid); if (backup) printf("信件已经备份.<br>\n"); printf("<a href='javascript:history.go(-2)'>返回</a>"); http_quit(); return 0; }
static int api_mail_do_post(ONION_FUNC_PROTO_STR, int mode) { const char * userid = onion_request_get_query(req, "userid"); const char * appkey = onion_request_get_query(req, "appkey"); const char * sessid = onion_request_get_query(req, "sessid"); const char * token = onion_request_get_query(req, "token"); const char * to_userid = onion_request_get_query(req, "to_userid"); const char * title = onion_request_get_query(req, "title"); const char * backup = onion_request_get_query(req, "backup"); if(!userid || !appkey || !sessid || !title || !to_userid || !token) return api_error(p, req, res, API_RT_WRONGPARAM); struct userec *ue = getuser(userid); if(!ue) return api_error(p, req, res, API_RT_NOSUCHUSER); struct userec currentuser; memcpy(¤tuser, ue, sizeof(currentuser)); free(ue); int r = check_user_session(¤tuser, sessid, appkey); if(r != API_RT_SUCCESSFUL) { return api_error(p, req, res, r); } if(HAS_PERM(PERM_DENYMAIL)) { return api_error(p, req, res, API_RT_MAILNOPPERM); } int uent_index = get_user_utmp_index(sessid); struct user_info *ui = &(shm_utmp->uinfo[uent_index]); if(strcmp(ui->token, token) != 0) { return api_error(p, req, res, API_RT_WRONGTOKEN); } // 更新 token 和来源 IP getrandomstr_r(ui->token, TOKENLENGTH+1); const char * fromhost = onion_request_get_header(req, "X-Real-IP"); memset(ui->from, 0, 20); strncpy(ui->from, fromhost, 20); if(check_user_maxmail(currentuser)) { return api_error(p, req, res, API_RT_MAILFULL); } struct userec *to_user = getuser(to_userid); if(!to_user) { return api_error(p, req, res, API_RT_NOSUCHUSER); } if(inoverride(currentuser.userid, to_user->userid, "rejects")) { free(to_user); return api_error(p, req, res, API_RT_INUSERBLIST); } const char * data = onion_request_get_post(req, "content"); char filename[80]; sprintf(filename, "bbstmpfs/tmp/%s_%s.tmp", currentuser.userid, ui->token); char * data2 = strdup(data); while(strstr(data2, "[ESC]") != NULL) data2 = string_replace(data2, "[ESC]", "\033"); char * data_gbk = (char *)malloc(strlen(data2)*2); u2g(data2, strlen(data2), data_gbk, strlen(data2)*2); f_write(filename, data_gbk); free(data2); int mark=0; // 文件标记 //if(insertattachments(filename, data_gbk, currentuser->userid)>0) //mark |= FH_ATTACHED; free(data_gbk); char * title_tmp = (char *)malloc(strlen(title)*2); u2g(title, strlen(title), title_tmp, strlen(title)*2); char title_gbk[80], title_tmp2[80]; strncpy(title_gbk, title_tmp[0]==0 ? "No Subject" : title_tmp, 80); snprintf(title_tmp2, 80, "{%s} %s", to_user->userid, title); free(title_tmp); r = do_mail_post(to_user->userid, title, filename, currentuser.userid, currentuser.username, fromhost, 0, mark); if(backup && strcasecmp(backup, "true")==0) { do_mail_post_to_sent_box(currentuser.userid, title_tmp2, filename, currentuser.userid, currentuser.username, fromhost, 0, mark); } unlink(filename); free(to_user); if(r<0) { return api_error(p, req, res, API_RT_MAILINNERR); } api_set_json_header(res); onion_response_printf(res, "{ \"errcode\":0, \"token\":\"%s\" }", ui->token); return OCS_PROCESSED; }
int bbssendmsg_main() { int pos, mode, destpid = 0; int usernum, direct_reply; char destid[20], msg[MAX_MSG_SIZE]; struct userec *u; struct user_info *ui; int offline = 0; html_header(1); changemode(MSG); if (!loginok || isguest) http_fatal("匆匆过客不能发短消息, 请先登录!"); strsncpy(destid, getparm("destid"), 13); strsncpy(msg, getparm("msg"), MAX_MSG_SIZE); direct_reply = atoi(getparm("dr")); destpid = atoi(getparm("destpid")); if (destid[0] == 0 || msg[0] == 0) { char buf3[256]; strcpy(buf3, "<body onload='document.form0.msg.focus()'>"); if (destid[0] == 0) strcpy(buf3, "<body onload='document.form0.destid.focus()'>"); printf("%s\n", buf3); printf("<form name=form0 action=bbssendmsg method=post>" "<input type=hidden name=destpid value=%d>" "送短消息给: <input name=destid maxlength=12 value='%s' size=12><br>" "短消息内容:\n<br>", destpid, destid); printf("<table><tr><td><textarea name=msg rows=7 cols=76>" "%s" "</textarea></td><td>", nohtml(void1(msg))); print_emote_table("form0", "msg"); printf("</td></tr></table><br>" "<input type=submit value=确认 width=6></form>"); http_quit(); } if (checkmsgbuf(msg)) http_fatal("消息太长了?最多11行(每行最多80个字符)哦"); usernum = getuser(destid, &u); if (usernum <= 0) http_fatal("错误的帐号"); strcpy(destid, u->userid); if (!strcasecmp(destid, currentuser->userid)) http_fatal("你不能给自己发短消息!"); if (!strcasecmp(destid, "guest") || !strcmp(destid, "SYSOP")) http_fatal("无法发短消息给这个人 1"); if (!((u->userdefine & DEF_ALLMSG) || ((u->userdefine & DEF_FRIENDMSG) && inoverride(currentuser->userid, destid, "friends")))) http_fatal("无法发短消息给这个人 2"); if (!strcmp(destid, "SYSOP")) http_fatal("无法发短消息给这个人 3"); if (inoverride(currentuser->userid, destid, "rejects")) http_fatal("无法发短消息给这个人 4"); if (get_unreadcount(destid) > MAXMESSAGE) http_fatal ("对方尚有一些短消息未处理,请稍候再发或给他(她)写信..."); printf("<body>\n"); ui = queryUIndex(usernum, NULL, destpid, &pos); if (ui == NULL) ui = queryUIndex(usernum, NULL, 0, &pos); if (ui != NULL) { destpid = ui->pid; mode = ui->mode; if (mode == BBSNET || mode == PAGE || mode == LOCKSCREEN) offline = 1; if (send_msg(currentuser->userid, pos - 1, destid, destpid, msg, offline) == 1) { char buf[64]; sprintf(buf, "4 %s %s", currentuser->userid, destid); friendslog(buf); printf("已经帮你送出%s消息, %d", offline ? "离线" : "", pos); } else printf("发送消息失败"); printf("<script>top.fmsg.location='bbsgetmsg'</script>\n"); if (!direct_reply) { printf ("<br><form name=form1><input name=b1 type=button onclick='history.go(-2)' value='[返回]'>"); printf("</form>"); } http_quit(); } if (send_msg(currentuser->userid, 0,destid, destpid, msg, 1) == 1) printf("已经帮你送出离线消息"); else printf("发送消息失败"); printf("<script>top.fmsg.location='bbsgetmsg'</script>\n"); if (!direct_reply) { printf ("<br><form name=form1><input name=b1 type=button onclick='history.go(-2)' value='[返回]'>"); printf("</form>"); } http_quit(); return 0; }