int DataHandler::clockout_user(User* user) { int seconds = 0; if( user->clockedin ) { auto res = dserver->command( new ClockoutEmployeeCmd( user->id ) ); user->clockedin = false; //add the resulting timecard for( auto& tm : res->items ) { seconds = tm->property<int>("seconds"); user->add_timecard( std::move( tm ) ); /* user->timecard.label = user->first_name; user->timecard.start = tm->property<std::string>("start"); user->timecard.end = tm->property<std::string>("end"); user->timecard.start_e = tm->property<int>("start_epoch"); user->timecard.end_e = tm->property<int>("end_epoch"); */ } //printer.print(&user->timecard); save_user_data( user ); } return seconds; }
int main() { int type; char pw1[20], pw2[20], pw3[20]; init_all(); if(!loginok) http_fatal("����δ��¼, ���ȵ�¼"); modify_mode(u_info,USERDEF+20000); //bluetent type=atoi(getparm("type")); if(type==0) { printf("%s -- ������ [�û�: %s]<hr color=green>\n", BBSNAME, currentuser.userid); printf("<form action=bbspwd?type=1 method=post>\n"); printf("��ľ�����: <input maxlength=12 size=12 type=password name=pw1><br>\n"); printf("���������: <input maxlength=12 size=12 type=password name=pw2><br>\n"); printf("������һ��: <input maxlength=12 size=12 type=password name=pw3><br><br>\n"); printf("<input type=submit value=ȷ����>\n"); http_quit(); } strsncpy(pw1, getparm("pw1"), 13); strsncpy(pw2, getparm("pw2"), 13); strsncpy(pw3, getparm("pw3"), 13); if(strcmp(pw2, pw3)) http_fatal("�������벻��ͬ"); if(strlen(pw2)<2) http_fatal("������̫��"); if(!checkpasswd(currentuser.passwd, pw1)) http_fatal("���벻��ȷ"); strcpy(currentuser.passwd, crypt1(pw2, pw2)); save_user_data(¤tuser); printf("[%s] �����ijɹ�.", currentuser.userid); }
void DataHandler::clockin_user(User* user) { if( !user->clockedin ) { auto res = dserver->command( new ClockinEmployeeCmd( user->id ) ); user->clockedin = true; save_user_data(user); } }
static int set_password(const char *orig, const char *new1, const char *new2) { if (!checkpasswd(currentuser.passwd, orig)) return BBS_EWPSWD; if (strcmp(new1, new2)) return BBS_EINVAL; if (strlen(new1) < 2) return BBS_EINVAL; strlcpy(currentuser.passwd, crypt(new1, new1), sizeof(currentuser.passwd)); save_user_data(¤tuser); return 0; }
int read_form() { int i, perm = 1, def = 0; char var[100]; for (i = 0; i < 32; i++) { sprintf(var, "perm%d", i); if (strlen(getparm(var)) == 2) def += perm; perm = perm * 2; } currentuser.userdefine = def; save_user_data(¤tuser); printf("个人参数设置成功.<br><a href=bbsparm>返回个人参数设置选单</a>"); return 0; }
/** * Check user info validity. * @return empty string on success, error msg otherwise. */ static char *check_info(void) { unsigned char *nick; nick = (unsigned char *)getparm("nick"); unsigned char *t2 = nick; while (*t2 != '\0') { if (*t2 < 0x20 || *t2 == 0xFF) return "êdzÆÌ«¶Ì»ò°üº¬·Ç·¨×Ö·û"; t2++; } strlcpy(currentuser.username, (char *)nick, sizeof(currentuser.username)); // TODO: more accurate birthday check. char *tmp = getparm("year"); long num = strtol(tmp, NULL, 10); if (num < 1910 || num > 1998) return "´íÎóµÄ³öÉúÄê·Ý"; else currentuser.birthyear = num - 1900; tmp = getparm("month"); num = strtol(tmp, NULL, 10); if (num <= 0 || num > 12) return "´íÎóµÄ³öÉúÔ·Ý"; else currentuser.birthmonth = num; tmp = getparm("day"); num = strtol(tmp, NULL, 10); if (num <= 0 || num > 31) return "´íÎóµÄ³öÉúÈÕÆÚ"; else currentuser.birthday = num; tmp = getparm("gender"); if (*tmp == 'M') currentuser.gender = 'M'; else currentuser.gender = 'F'; save_user_data(¤tuser); return ""; }
int bbslogout_main() { struct userec *tmp; int st; char buf[50]; int uid; html_header(1); //modified by safari@20091222 if (!loginok) { redirect(FIRST_PAGE); http_quit(); //http_fatal("你没有登录"); } if (isguest) http_fatal("guest不带注销的"); tmp = getuser(currentuser.userid); currentuser.numposts = tmp->numposts; currentuser.userlevel = tmp->userlevel; currentuser.numlogins = tmp->numlogins; currentuser.stay = tmp->stay; if (now_t > w_info->login_start_time) { st = now_t - w_info->login_start_time; if (st > 86400) errlog("Strange long stay time,%d!, logout, %s", st, currentuser.userid); else { currentuser.stay += st; sprintf(buf, "%s exitbbs %d", currentuser.userid, st); newtrace(buf); } } save_user_data(¤tuser); uid = u_info->uid; remove_uindex(u_info->uid, utmpent); bzero(u_info, sizeof (struct user_info)); if ((currentuser.userlevel & PERM_BOARDS) && count_uindex(uid)==0) setbmstatus(¤tuser, 0); redirect(FIRST_PAGE); return 0; }
int bbslogin_main() { int n, t; time_t dtime; char filename[128], buf[256], id[20], pw[20], url[10], *ub = FIRST_PAGE; // main_page[STRLEN]; struct userec *x; int ipmask; html_header(3); strsncpy(id, getparm("id"), 13); strsncpy(pw, getparm("pw"), 13); strsncpy(url, getparm("url"), 3); ipmask = atoi(getparm("ipmask")); if (loginok && strcasecmp(id, currentuser.userid) && !isguest) { http_fatal ("系统检测到目前你的计算机上已经登录有一个帐号 %s,请先退出.(选择正常logout)", currentuser.userid); } if (!strcmp(id, "")) { strcpy(id, "guest"); } x = getuser(id); if (x == 0) { printf("%s<br>", id); http_fatal("错误的使用者帐号"); } strcpy(id, x->userid); if (strcasecmp(id, "guest")) { if (checkbansite(fromhost)) { http_fatal ("对不起, 本站不欢迎来自 [%s] 的登录. <br>若有疑问, 请与SYSOP联系.", fromhost); } if (userbansite(x->userid, fromhost)) http_fatal("本ID已设置禁止从%s登录", fromhost); if (!checkpasswd(x->passwd, pw)) { logattempt(x->userid, fromhost, "WWW", now_t); http_fatal("密码错误"); } if (!user_perm(x, PERM_BASIC)) http_fatal ("此帐号已被停机, 若有疑问, 请用其他帐号在sysop版询问."); if (file_has_word(MY_BBS_HOME "/etc/prisonor", x->userid)) http_fatal("安心改造,不要胡闹"); if (x->dietime) http_fatal("死了?还要做什么? :)"); t = x->lastlogin; x->lastlogin = now_t; if (abs(t - now_t) < 20) { http_fatal("两次登录间隔过密!"); } dtime = t - 4 * 3600; t = localtime(&dtime)->tm_mday; dtime = now_t - 4 * 3600; if (t < localtime(&dtime)->tm_mday && x->numdays < 800) x->numdays++; x->numlogins++; strsncpy(x->lasthost, fromhost, 16); save_user_data(x); currentuser = *x; } sprintf(buf, "%s enter %s www", x->userid, fromhost); newtrace(buf); n = 0; if (loginok && isguest) { bzero(u_info, sizeof (struct user_info)); } if (strcasecmp(id, "guest")) { sethomepath(filename, x->userid); mkdir(filename, 0755); strsncpy(buf, getparm("style"), 3); wwwstylenum = -1; if (isdigit(buf[0])) wwwstylenum = atoi(buf); if ((wwwstylenum > NWWWSTYLE || wwwstylenum < 0)) if (!readuservalue (x->userid, "wwwstyle", buf, sizeof (buf))) wwwstylenum = atoi(buf); if (wwwstylenum < 0 || wwwstylenum >= NWWWSTYLE) wwwstylenum = 1; currstyle = &wwwstyle[wwwstylenum]; } else { wwwstylenum = 1; currstyle = &wwwstyle[wwwstylenum]; } ub = wwwlogin(x, ipmask); if (!strcmp(url, "1")) /*printf("<link href=\"images/@byron.css\" rel=stylesheet type=\"text/css\">\n <frameset cols=135,* frameSpacing=0 frameborder=no id=fs0>\n <frame src=\"%sbbsleft?t=%ld\" name=f2 frameborder=no scrolling=no>\n <frameset id=fs1 rows=0,*,18 frameSpacing=0 frameborder=no border=0>\n <frame scrolling=no name=fmsg src=\"%sbbsmsg\">\n <frame name=f3 src=\"%sbbsfoot\">\n <frame scrolling=no name=f4 src=\"%sbbsfoot.htm\">\n </frameset>\n </frameset>\n", ub, now_t, ub, ub, ub);*/ //add by mintbaggio 040411 for new www // html_header(3); printf ("<script>opener.parent.f2.location.href=\"%sbbsleft?t=%ld\";\n" "opener.parent.fmsg.location.href=\"%sbbsgetmsg\";\n" //"opener.parent.f4.location.href=\"%sbbsfoot\";\n" "a=window.opener.location.href;\n" "l=a.length;\n" "t=a.indexOf('/" SMAGIC "',1);\n" "t=a.indexOf('/',t+1);\n" "nu=\"%s\"+a.substring(t+1,l);\n" "window.opener.location.href=nu;window.close();</script>", ub, now_t, ub, ub, ub); //} else redirect(ub); //else { // print_session_string(ub); // html_header(3); // // sprintf(main_page, "/%s/", SMAGIC); // redirect(main_page); //} http_quit(); return 0; }
//struct file_to_appendix a; int main() { FILE *fp; char filename[80], dir[80], board[80], title[80], buf[80], *content, vfrom[80]; char tmpbuf [5], title2 [10]; char redirfile[80]; int r, i=0, length=0, sig, mode=0, accessed=0; struct fileheader x; struct shortfile *brd; init_all(); if(!loginok) http_fatal("匆匆过客不能发表文章,请先登录"); mode=atoi(getparm("mode")); if(mode) strsncpy(redirfile, getparm("redir"), 20); strsncpy(board, getparm("board"), 18); strsncpy(vfrom, getparm("vfrom"), 18); if (!*vfrom) { strcpy(vfrom, board); } if(dashf("NOPOST")&&!HAS_PERM(PERM_OBOARDS) && insec(1,board) ) http_fatal("对不起,系统进入只读状态,暂停发表文章.你先四处看看吧"); /* efan: very faint */ if (dashf ("NOPOST.2") && ! HAS_PERM (PERM_OBOARDS) && ( !strcmp (board, "VoiceofNankai") || !strcmp (board, "Military") || !strcmp (board, "TaiWan") || !strcmp (board, "Salon")) ) http_fatal("对不起,本板进入只读状态,暂停发表文章"); if(!(currentuser.userlevel & PERM_POST)&&strcmp(board, "appeal")&&strcmp(board, "sysop")) http_fatal("您尚未通过注册,暂无发表文章权限"); if(check_post_limit(board)) return 0; strsncpy(title, getparm("title"), 50); strsncpy (tmpbuf, getparm ("title2"), 5); if (tmpbuf [0] != 0) sprintf (title2, "【%s】", tmpbuf); else title2[0] = 0; content=getparm("text"); brd=getbcache(board); /* add by wzk for outgo post */ //out=strlen(getparm("out")); //if (!(brd->flag & OUT_FLAG)) out=0; /* end */ if(brd==0) http_fatal("错误的讨论区名称"); strcpy(board, brd->filename); //huangxu@070217:no_word_filter flag int bd=0; char temp[80]; if(!(brd->flag2&NOFILTER_FLAG)&&(bad_words(title) || bad_words (tmpbuf) || bad_words(content) )){ bd=1; printf("您的文章可能包含不便显示的内容,已经提交审核。请返回并进行修改。"); sprintf(temp,"TEMP-%s",board); strcpy(board,"TEMP"); }else strcpy(temp,board); for(i=0; i<strlen(title); i++) if(title[i]<=27 && title[i]>=-1) title[i]=' '; sig=atoi(getparm("signature")); if(title[0]==0) http_fatal("文章必须要有标题"); if (title2 [0] == 0 && !strcmp (board, "Secondhand")) http_fatal ("在Secondhand板请说清楚您的需要!"); if (tmpbuf [0] != ' ') { char tmptmpbuf [80]; sprintf (tmptmpbuf, "%s%s", title2, title); strcpy (title, tmptmpbuf); } sprintf(dir, "boards/%s/.DIR", board); if(bd==0) if(!has_post_perm(¤tuser, board)) http_fatal("此讨论区是唯读的, 或是您尚无权限在此发表文章."); sprintf(filename, "boards/%s/deny_users", board); if(file_has_word(filename, currentuser.userid)) http_fatal("很抱歉, 你被板务人员停止了本板的post权利."); if(abs(time(0) - *(int*)(u_info->from+36))<6) { *(int*)(u_info->from+36)=time(0); http_fatal("两次发文间隔过密, 请休息几秒后再试"); } *(int*)(u_info->from+36)=time(0); sprintf(filename, "tmp/%d.%s.tmp", getpid(),currentuser.userid); f_append(filename, content); accessed=0; if(strlen(getparm("noreply"))>0) accessed=FILE_NOREPLY; int outgo=0; if(strlen(getparm("outgo"))>0) outgo=1; int attach=atoi(getparm("attach")); r=0; r=post_article2(temp, title, filename, currentuser.userid, currentuser.username, fromhost, sig-1, accessed, attach,outgo); if(r<=0) http_fatal("内部错误,无法发文"); char path[STRLEN]; /* while( appendix != NULL ) { bzero(&a,sizeof(struct appendix)); strcpy(a.appendixname,appendix); a.filename=r; a.sign=0; strcpy(a.path,board); sprintf(path,"%s/file_appendix",UPLOAD_PATH); append_record(&a,sizeof(struct appendix),path); appendix = strtok( NULL, "," ); } */ sprintf(buf,"M.%d.A",r); brc_init(currentuser.userid, board); brc_add_read(buf); brc_update(currentuser.userid, board); unlink(filename); sprintf(buf, "posted WWW '%s' on '%s'", title, board); report(buf); if(mode==0) sprintf(buf, "bbsdoc?board=%s#bottom", vfrom); else if(mode==1) sprintf(buf, "bbstcon?board=%s&file=%s&vfrom=%s#bottom", board, redirfile, vfrom); else if(mode==2) sprintf(buf, "bbstdoc?board=%s#bottom", vfrom); if(!junkboard(board)) { currentuser.numposts++; save_user_data(¤tuser); // write_posts(currentuser.userid, board, title); } if(toptenboard(board)) { write_posts(currentuser.userid, board, title); } else if(!strcmp("Blessing",board)) write_posts(currentuser.userid, board, title); // return 0; if(bd==0) redirect(buf); }
int bbssnd_main(void) { if (!loginok) return BBS_ELGNREQ; if (parse_post_data() < 0) return BBS_EINVAL; int bid = strtol(getparm("bid"), NULL, 10); struct boardheader *bp = getbcache2(bid); if (bp == NULL || !haspostperm(¤tuser, bp)) return BBS_ENOBRD; if (bp->flag & BOARD_DIR_FLAG) return BBS_EINVAL; bool isedit = (*(getparm("e")) == '1'); unsigned int fid; struct fileheader fh; char *f = getparm("f"); bool reply = !(*f == '\0'); if (reply) { fid = strtoul(f, NULL, 10); if (!bbscon_search(bp, fid, 0, &fh)) return BBS_ENOFILE; if (!isedit && fh.accessed[0] & FILE_NOREPLY) return BBS_EPST; if (isedit && !chkBM(bp, ¤tuser) && strcmp(fh.owner, currentuser.userid)) return BBS_EACCES; } char title[sizeof(fh.title)]; if (!isedit) { strlcpy(title, getparm("title"), sizeof(title)); printable_filter(title); if (*title == '\0') return BBS_EINVAL; } // TODO: ... #ifdef SPARC if(abs(time(0) - *(int*)(u_info->from+34))<6) { //modified from 36 to 34 for sparc solaris by roly 02.02.28 *(int*)(u_info->from+34)=time(0); //modified from 36 to 34 for sparc solaris by roly 02.02.28 return BBS_EPFREQ; } *(int*)(u_info->from+34)=time(0);//modified from 36 to 34 for sparc solaris by roly 02.02.28 #else if(abs(time(0) - *(int*)(u_info->from+36))<6) { //modified from 36 to 34 for sparc solaris by roly 02.02.28 *(int*)(u_info->from+36)=time(0); //modified from 36 to 34 for sparc solaris by roly 02.02.28 return BBS_EPFREQ; } *(int*)(u_info->from+36)=time(0);//modified from 36 to 34 for sparc solaris by roly 02.02.28 #endif if (isedit) { char file[HOMELEN]; setbfile(file, bp->filename, fh.filename); if (edit_article(file, getparm("text"), mask_host(fromhost)) < 0) return BBS_EINTNL; } else { post_request_t pr = { .autopost = false, .crosspost = false, .userid = NULL, .nick = NULL, .user = ¤tuser, .bp = bp, .title = title, .content = getparm("text"), .sig = strtol(getparm("sig"), NULL, 0), .ip = mask_host(fromhost), .o_fp = reply ? &fh : NULL, .noreply = false, .mmark = false }; if (do_post_article(&pr) < 0) return BBS_EINTNL; } if (!isedit && !junkboard(bp)) { currentuser.numposts++; save_user_data(¤tuser); } char buf[sizeof(fh.title) + sizeof(bp->filename)]; snprintf(buf, sizeof(buf), "%sed '%s' on %s", isedit ? "edit" : "post", title, bp->filename); report(buf, currentuser.userid); snprintf(buf, sizeof(buf), "doc?board=%s", bp->filename); http_header(); refreshto(1, buf); printf("</head>\n<body>发表成功,1秒钟后自动转到<a href='%s'>版面</a>\n" "</body>\n</html>\n", buf); return 0; }
static int wwwlogin(struct userec *user, const char *ref) { if (!(currentuser.userlevel & PERM_REGISTER)) { char file[HOMELEN]; sethomefile(file, currentuser.userid, "register"); if (dashf(file)) { currentuser.userlevel |= PERM_DEFAULT; save_user_data(¤tuser); } } struct user_info info; memset(&info, 0, sizeof(info)); info.active = 1; info.uid = searchuser(user->userid); info.pid = getpid(); info.mode = WWW | LOGIN; if (HAS_PERM(PERM_LOGINCLOAK) && (currentuser.flags[0] & CLOAK_FLAG)) info.invisible = YEA; info.pager = 0; if (DEFINE(DEF_FRIENDCALL)) info.pager |= FRIEND_PAGER; if (DEFINE(PAGER_FLAG)) { info.pager |= ALL_PAGER; info.pager |= FRIEND_PAGER; } if (DEFINE(DEF_FRIENDMSG)) info.pager |= FRIENDMSG_PAGER; if (DEFINE(DEF_ALLMSG)) { info.pager |= ALLMSG_PAGER; info.pager |= FRIENDMSG_PAGER; } // TODO:... strlcpy(info.from, fromhost, 24); // login start.. #ifdef SPARC *(int*)(info.from + 30) = time(NULL); #else *(int*)(info.from + 32) = time(NULL); #endif info.from[22] = DEFINE(DEF_NOTHIDEIP) ? 'S' : 'H'; info.idle_time = time(NULL); strlcpy(info.username, user->username, sizeof(info.username)); strlcpy(info.userid, user->userid, sizeof(info.userid)); int utmpkey = rand() % 100000000; info.utmpkey = utmpkey; int fd = open("tmp/.UTMP.lock", O_RDWR | O_CREAT, 0600); if (fd < 0) return BBS_EINTNL; if (fb_flock(fd, LOCK_EX) == -1) { close(fd); return BBS_EINTNL; } struct user_info *up = utmpshm->uinfo; int n; for (n = 0; n < MAXACTIVE; n++, up++) { if (!up->active) { *up = info; uidshm->status[up->uid - 1]++; break; } } fb_flock(fd, LOCK_UN); close(fd); if (n >= MAXACTIVE) return BBS_E2MANY; const char *referer = ref; if (*referer == '\0') referer = "sec"; // TODO: these cookies should be merged into one. printf("Content-type: text/html; charset=%s\n" "Set-cookie: utmpnum=%d\nSet-cookie: utmpkey=%d\n" "Set-cookie: utmpuserid=%s\nLocation: %s\n\n", CHARSET, n + 1, utmpkey, currentuser.userid, referer); return 0; }
int bbslogin_main(void) { char fname[STRLEN]; char buf[256], id[IDLEN + 1], pw[PASSLEN]; struct userec user; if (parse_post_data() < 0) return BBS_EINVAL; strlcpy(id, getparm("id"), sizeof(id)); if (*id == '\0') return login_screen(); strlcpy(pw, getparm("pw"), sizeof(pw)); if (loginok && !strcasecmp(id, currentuser.userid)) { const char *ref = get_login_referer(); printf("Location: %s\n\n", ref); return 0; } if (getuserec(id, &user) == 0) return BBS_ENOUSR; user.numlogins++; if (strcasecmp(id, "guest")) { int total; time_t stay, recent, now, t; if (!checkpasswd(user.passwd, pw)) { sprintf(buf, "%-12.12s %s @%s\n", user.userid, getdatestring(time(NULL), DATE_ZH), fromhost); sethomefile(fname, user.userid, "logins.bad"); file_append(fname, buf); file_append("logins.bad", buf); return BBS_EWPSWD; } total = check_multi(&user); if (!HAS_PERM2(PERM_SYSOPS, &user) && total >= 2) return BBS_ELGNQE; if (!HAS_PERM2(PERM_LOGIN, &user)) return BBS_EACCES; now = time(NULL); // Do not count frequent logins. if (now - user.lastlogin < 20 * 60 && user.numlogins >= 100) user.numlogins--; if (total > 1) { recent = user.lastlogout; if (user.lastlogin > recent) recent = user.lastlogin; stay = now - recent; if (stay < 0) stay = 0; } else { stay = 0; } t = user.lastlogin; user.lastlogin = now; user.stay += stay; #ifdef CHECK_FREQUENTLOGIN if (!HAS_PERM(PERM_SYSOPS) && abs(t - time(NULL)) < 10) { report("Too Frequent", user.userid); return BBS_ELFREQ; } #endif strlcpy(user.lasthost, fromhost, sizeof(user.lasthost)); save_user_data(&user); currentuser = user; } log_usies("ENTER", fromhost, &user); if (!loginok && strcasecmp(id, "guest")) wwwlogin(&user, getparm("ref")); return 0; }
void DataHandler::save_user_data(const int& user_id) { save_user_data( find_user(user_id) ); }
int wmllogin(char * buf) { char id[IDLEN + 2], pw[20]; struct userec *x; struct user_info * uol[MULTI_LOGINS]; char buf2[256], filename[256]; int i, kick; page_init(NULL); strncpy(id, getparm("id"), IDLEN + 1); strncpy(pw, getparm("pw"), 19); if (!*pw) { strncpy(pw, getparm("pw2"), 19); } kick = atoi(getparm("kick")) - 1; if (!strcasecmp(id, "SYSOP")) { strcpy (buf, "用户SYSOP登录受限。"); return -65536; } if(file_has_word(".bad_host", fromhost)) { sprintf (buf, "对不起, 本站不欢迎来自 [%s] 的登录。 若有疑问, 请与SYSOP联系,", fromhost); return -256; } if(loginok && strcasecmp(id, currentuser.userid)) { sprintf (buf, "系统检测到目前你的计算机上已经登录有一个帐号 %s,请先退出。", currentuser.userid); return 1; } x = getuser(id); if (!x) { strcpy (buf, "错误的使用者帐号"); return -1; } sprintf(buf2, "home/%c/%s/badhost", toupper(x->userid[0]), x->userid); if(bad_host(fromhost,buf2)) { sprintf (buf, "对不起,此帐号已被设定为不可从 [%s] 登录本站。",fromhost); return -257; } if(strcasecmp(id, "guest")) { if(!checkpasswd(x->passwd, pw)) { if(*pw) { sleep(2); getdatestring (time(0), NA); sprintf(buf2, "%-12.12s %-30s %s[Wap]\n",id, datestring, fromhost); sprintf(filename, "home/%c/%s/logins.bad", toupper(x->userid[0]), x->userid); f_append(filename, buf2); } sprintf (buf, "密码错误"); return -2; } if (check_login_limit(x)) { strcpy (buf, "此ID在24小时内上站次数过多,请稍候再来。"); return -4; } if(!user_perm(x, PERM_BASIC)) { strcpy (buf, "此帐号已被停机。若有疑问,请用其他帐号在sysop版询问。"); return -5; } if (check_multi_d(x, uol, kick)) { wml_httpheader(); wml_head(); printf ("<card title=\"登录 -- %s\">", BBSNAME); printf ("<p>用户%s已经在本站登录了%d个线程,你需要踢掉一个才能登录。<br />", x->userid, MULTI_LOGINS); for (i = 0; i < MULTI_LOGINS; i++) { printf ("#%d %s %s%s 发呆%d分<br />", i, uol[i]->from, uol[i]->mode >= 20000 ? "@" : "", ModeType(uol[i]->mode >= 20000 ? uol[i]->mode - 20000 : uol[i]->mode), (time(0) - uol[i]->idle_time) / 60); } printf ("踢掉哪个:<select name=\"inp_kick\">"); for (i = 0; i < MULTI_LOGINS; i++) { printf ("<option value=\"%d\">%d</option>", i + 1, i + 1); } printf ("</select><br />"); printf ("您的密码:<input type=\"password\" maxlength=\"8\" name=\"inp_pw\" /><br />"); printf ("<anchor><go href=\"login.wml?id=%s\" method=\"post\"><postfield name=\"pw\" value=\"$(inp_pw)\" /><postfield name=\"kick\" value=\"$(inp_kick)\" /></go>登录</anchor></p>", x->userid); return 0; } x->lastlogin = time(0); x->numlogins++; strsncpy(x->lasthost, fromhost, 17); save_user_data(x); currentuser = *x; } report("WapEnter"); int iutmpnum, iutmpkey; if (!wwwlogin(x, &iutmpnum, &iutmpkey))//0 : succeed { encodingtest(); sprintf(buf2, "%d", iutmpnum); headerCookie("utmpnum", buf2); sprintf(buf2, "%d", iutmpkey); headerCookie("utmpkey", buf2); headerCookie("utmpuserid", currentuser.userid); wml_httpheader(); } else { strcpy (buf, "抱歉,登录人数太多,请稍候再来:("); return -65537; } sprintf (buf, "用户 %s 登录成功。", x->userid); wml_head(); printf ("<card title=\"登录 -- %s\" ontimer=\"%s\">", BBSNAME, "bbsboa.wml"); printf ("<timer value=\"50\" />"); printf ("<p>"); w_hprintf(buf); printf ("</p>"); printf ("<p>跳转中……</p>"); printf ("<p><anchor><go href=\"%s\" />如果不能自动跳转,请使用此链接。</anchor></p>", "bbsboa.wml"); return 0; }
int main() { FILE *fp,*fp2; struct shortfile *brd; struct fileheader f; struct userec *u; char buf[80], dir[80], path[80], board[80], file[80], *id; char jdir[80]; int num=0; init_all(); if(!loginok) http_fatal("请先登录"); id=currentuser.userid; strsncpy(board, getparm("board"), 60); strsncpy(file, getparm("file"), 20); brd=getbcache(board); if(strncmp(file, "M.", 2) && strncmp(file, "G.", 2)) http_fatal("错误的参数"); if(strstr(file, "..")) http_fatal("错误的参数"); if(brd==0) http_fatal("板面错误"); if(!has_post_perm(¤tuser, board)) http_fatal("错误的讨论区"); sprintf(dir, "boards/%s/.DIR", board); sprintf(path, "boards/%s/%s", board, file); sprintf(jdir, "boards/%s/.junk", board); fp=fopen(dir, "r"); if(fp==0) http_fatal("错误的参数"); while(1) { if(fread(&f, sizeof(struct fileheader), 1, fp)<=0) break; if(!strcmp(f.filename, file)) {//huangxu@060715:web下删除m文章 if((strcasecmp(id, f.owner)||(f.accessed[0]&FILE_MARKED)) && !has_BM_perm(¤tuser, board)) http_fatal("你无权删除该文"); fp2=fopen(jdir, "a"); fwrite(&f, sizeof(struct fileheader), 1, fp2); fclose(fp2); if(!HAS_PERM(PERM_SYSOP))//huangxu@060406:deleted、junk已经无用 if(strstr(board,"syssecurity")||(!strcmp(board,"Punishment")&&!HAS_PERM(PERM_BLEVELS))) http_fatal("你无权删除该文"); del_record(dir, sizeof(struct fileheader), num); sprintf(buf, "\n※ %s 于 %s 删除·Web[FROM: %s]", currentuser.userid, Ctime(time(0))+4, fromhost); f_append(path, buf); /* if(!strcmp(f.owner, currentuser.userid)) { post_article("junk", f.title, path, f.owner, "", fromhost, -1); } else { post_article("deleted", f.title, path, f.owner, "", fromhost, -1); }*/ //unlink(path); printf("删除成功.<br><a href='bbsdoc?board=%s'>返回本讨论区</a>", board); u=getuser(f.owner); if(!junkboard(board) && u) { if(u->numposts>0) u->numposts--; save_user_data(u); } sprintf(buf, "%s %-12s bbsdel %s\n", Ctime(time(0))+4, id, board); f_append("trace", buf); http_quit(); } num++; } fclose(fp); printf("文件不存在, 删除失败.<br>\n"); printf("<a href='bbsdoc?board=%s'>返回本讨论区</a>", board); http_quit(); }
int check_info() { int m; char buf[256]; strsncpy(buf, getparm("nick"), 30); for (m = 0; m < strlen(buf); m++) if ((buf[m] < 32 && buf[m] > 0) || buf[m] == -1) buf[m] = ' '; if (strlen(buf) > 1) { strcpy(currentuser.username, buf); } else { printf("警告: 昵称太短!<br>\n"); } strsncpy(buf, getparm("realname"), 9); if (strlen(buf) > 1) { strcpy(currentuser.realname, buf); } else { printf("警告: 真实姓名太短!<br>\n"); } strsncpy(buf, getparm("address"), 40); if (strlen(buf) > 8) { strcpy(currentuser.address, buf); } else { printf("警告: 居住地址太短!<br>\n"); } /* strsncpy(buf, getparm("email"), 32); if (strlen(buf) > 8 && strchr(buf, '@')) { strcpy(currentuser.email, buf); } else { printf("警告: email地址不合法!<br>\n"); }*/ #if 0 strsncpy(buf, getparm("year"), 5); if (atoi(buf) > 1910 && atoi(buf) < 1998) { currentuser.birthyear = atoi(buf) - 1900; } else { printf("警告: 错误的出生年份!<br>\n"); } strsncpy(buf, getparm("month"), 3); if (atoi(buf) > 0 && atoi(buf) <= 12) { currentuser.birthmonth = atoi(buf); } else { printf("警告: 错误的出生月份!<br>\n"); } strsncpy(buf, getparm("day"), 3); if (atoi(buf) > 0 && atoi(buf) <= 31) { currentuser.birthday = atoi(buf); } else { printf("警告: 错误的出生日期!<br>\n"); } strsncpy(buf, getparm("gender"), 2); if (!strcasecmp(buf, "F")) currentuser.gender = 'F'; if (!strcasecmp(buf, "M")) currentuser.gender = 'M'; #endif save_user_data(¤tuser); printf("[%s] 个人资料修改成功.", currentuser.userid); return 0; }