int DataHandler::clockout_user(User* user)
{
int seconds = 0;
if( user->clockedin ) {
auto res = dserver->command( new ClockoutEmployeeCmd( user->id ) );
user->clockedin = false;
//add the resulting timecard
for( auto& tm : res->items ) {
seconds = tm->property<int>("seconds");
user->add_timecard( std::move( tm ) );
/*
user->timecard.label = user->first_name;
user->timecard.start = tm->property<std::string>("start");
user->timecard.end = tm->property<std::string>("end");
user->timecard.start_e = tm->property<int>("start_epoch");
user->timecard.end_e = tm->property<int>("end_epoch");
*/
}
//printer.print(&user->timecard);
save_user_data( user );
}
return seconds;
}
int main()
{
int type;
char pw1[20], pw2[20], pw3[20];
init_all();
if(!loginok)
http_fatal("����δ��¼, ���ȵ�¼");
modify_mode(u_info,USERDEF+20000); //bluetent
type=atoi(getparm("type"));
if(type==0) {
printf("%s -- ������ [�û�: %s]<hr color=green>\n",
BBSNAME, currentuser.userid);
printf("<form action=bbspwd?type=1 method=post>\n");
printf("��ľ�����: <input maxlength=12 size=12 type=password name=pw1><br>\n");
printf("���������: <input maxlength=12 size=12 type=password name=pw2><br>\n");
printf("������һ��: <input maxlength=12 size=12 type=password name=pw3><br><br>\n");
printf("<input type=submit value=ȷ����>\n");
http_quit();
}
strsncpy(pw1, getparm("pw1"), 13);
strsncpy(pw2, getparm("pw2"), 13);
strsncpy(pw3, getparm("pw3"), 13);
if(strcmp(pw2, pw3))
http_fatal("�������벻��ͬ");
if(strlen(pw2)<2)
http_fatal("������̫��");
if(!checkpasswd(currentuser.passwd, pw1))
http_fatal("���벻��ȷ");
strcpy(currentuser.passwd, crypt1(pw2, pw2));
save_user_data(¤tuser);
printf("[%s] �����ijɹ�.", currentuser.userid);
}
void DataHandler::clockin_user(User* user)
{
if( !user->clockedin ) {
auto res = dserver->command( new ClockinEmployeeCmd( user->id ) );
user->clockedin = true;
save_user_data(user);
}
}
static int set_password(const char *orig, const char *new1, const char *new2)
{
if (!checkpasswd(currentuser.passwd, orig))
return BBS_EWPSWD;
if (strcmp(new1, new2))
return BBS_EINVAL;
if (strlen(new1) < 2)
return BBS_EINVAL;
strlcpy(currentuser.passwd, crypt(new1, new1), sizeof(currentuser.passwd));
save_user_data(¤tuser);
return 0;
}
int
read_form()
{
int i, perm = 1, def = 0;
char var[100];
for (i = 0; i < 32; i++) {
sprintf(var, "perm%d", i);
if (strlen(getparm(var)) == 2)
def += perm;
perm = perm * 2;
}
currentuser.userdefine = def;
save_user_data(¤tuser);
printf("个人参数设置成功.<br><a href=bbsparm>返回个人参数设置选单</a>");
return 0;
}
/**
* Check user info validity.
* @return empty string on success, error msg otherwise.
*/
static char *check_info(void)
{
unsigned char *nick;
nick = (unsigned char *)getparm("nick");
unsigned char *t2 = nick;
while (*t2 != '\0') {
if (*t2 < 0x20 || *t2 == 0xFF)
return "êdzÆÌ«¶Ì»ò°üº¬·Ç·¨×Ö·û";
t2++;
}
strlcpy(currentuser.username, (char *)nick, sizeof(currentuser.username));
// TODO: more accurate birthday check.
char *tmp = getparm("year");
long num = strtol(tmp, NULL, 10);
if (num < 1910 || num > 1998)
return "´íÎóµÄ³öÉúÄê·Ý";
else
currentuser.birthyear = num - 1900;
tmp = getparm("month");
num = strtol(tmp, NULL, 10);
if (num <= 0 || num > 12)
return "´íÎóµÄ³öÉúÔ·Ý";
else
currentuser.birthmonth = num;
tmp = getparm("day");
num = strtol(tmp, NULL, 10);
if (num <= 0 || num > 31)
return "´íÎóµÄ³öÉúÈÕÆÚ";
else
currentuser.birthday = num;
tmp = getparm("gender");
if (*tmp == 'M')
currentuser.gender = 'M';
else
currentuser.gender = 'F';
save_user_data(¤tuser);
return "";
}
int
bbslogout_main()
{
struct userec *tmp;
int st;
char buf[50];
int uid;
html_header(1);
//modified by safari@20091222
if (!loginok) {
redirect(FIRST_PAGE);
http_quit();
//http_fatal("你没有登录");
}
if (isguest)
http_fatal("guest不带注销的");
tmp = getuser(currentuser.userid);
currentuser.numposts = tmp->numposts;
currentuser.userlevel = tmp->userlevel;
currentuser.numlogins = tmp->numlogins;
currentuser.stay = tmp->stay;
if (now_t > w_info->login_start_time) {
st = now_t - w_info->login_start_time;
if (st > 86400)
errlog("Strange long stay time,%d!, logout, %s", st, currentuser.userid);
else {
currentuser.stay += st;
sprintf(buf, "%s exitbbs %d", currentuser.userid, st);
newtrace(buf);
}
}
save_user_data(¤tuser);
uid = u_info->uid;
remove_uindex(u_info->uid, utmpent);
bzero(u_info, sizeof (struct user_info));
if ((currentuser.userlevel & PERM_BOARDS) && count_uindex(uid)==0)
setbmstatus(¤tuser, 0);
redirect(FIRST_PAGE);
return 0;
}
int
bbslogin_main()
{
int n, t;
time_t dtime;
char filename[128], buf[256], id[20], pw[20], url[10], *ub = FIRST_PAGE; // main_page[STRLEN];
struct userec *x;
int ipmask;
html_header(3);
strsncpy(id, getparm("id"), 13);
strsncpy(pw, getparm("pw"), 13);
strsncpy(url, getparm("url"), 3);
ipmask = atoi(getparm("ipmask"));
if (loginok && strcasecmp(id, currentuser.userid) && !isguest) {
http_fatal
("系统检测到目前你的计算机上已经登录有一个帐号 %s,请先退出.(选择正常logout)",
currentuser.userid);
}
if (!strcmp(id, "")) {
strcpy(id, "guest");
}
x = getuser(id);
if (x == 0) {
printf("%s<br>", id);
http_fatal("错误的使用者帐号");
}
strcpy(id, x->userid);
if (strcasecmp(id, "guest")) {
if (checkbansite(fromhost)) {
http_fatal
("对不起, 本站不欢迎来自 [%s] 的登录. <br>若有疑问, 请与SYSOP联系.",
fromhost);
}
if (userbansite(x->userid, fromhost))
http_fatal("本ID已设置禁止从%s登录", fromhost);
if (!checkpasswd(x->passwd, pw)) {
logattempt(x->userid, fromhost, "WWW", now_t);
http_fatal("密码错误");
}
if (!user_perm(x, PERM_BASIC))
http_fatal
("此帐号已被停机, 若有疑问, 请用其他帐号在sysop版询问.");
if (file_has_word(MY_BBS_HOME "/etc/prisonor", x->userid))
http_fatal("安心改造,不要胡闹");
if (x->dietime)
http_fatal("死了?还要做什么? :)");
t = x->lastlogin;
x->lastlogin = now_t;
if (abs(t - now_t) < 20) {
http_fatal("两次登录间隔过密!");
}
dtime = t - 4 * 3600;
t = localtime(&dtime)->tm_mday;
dtime = now_t - 4 * 3600;
if (t < localtime(&dtime)->tm_mday && x->numdays < 800)
x->numdays++;
x->numlogins++;
strsncpy(x->lasthost, fromhost, 16);
save_user_data(x);
currentuser = *x;
}
sprintf(buf, "%s enter %s www", x->userid, fromhost);
newtrace(buf);
n = 0;
if (loginok && isguest) {
bzero(u_info, sizeof (struct user_info));
}
if (strcasecmp(id, "guest")) {
sethomepath(filename, x->userid);
mkdir(filename, 0755);
strsncpy(buf, getparm("style"), 3);
wwwstylenum = -1;
if (isdigit(buf[0]))
wwwstylenum = atoi(buf);
if ((wwwstylenum > NWWWSTYLE || wwwstylenum < 0))
if (!readuservalue
(x->userid, "wwwstyle", buf, sizeof (buf)))
wwwstylenum = atoi(buf);
if (wwwstylenum < 0 || wwwstylenum >= NWWWSTYLE)
wwwstylenum = 1;
currstyle = &wwwstyle[wwwstylenum];
} else {
wwwstylenum = 1;
currstyle = &wwwstyle[wwwstylenum];
}
ub = wwwlogin(x, ipmask);
if (!strcmp(url, "1"))
/*printf("<link href=\"images/@byron.css\" rel=stylesheet type=\"text/css\">\n
<frameset cols=135,* frameSpacing=0 frameborder=no id=fs0>\n
<frame src=\"%sbbsleft?t=%ld\" name=f2 frameborder=no scrolling=no>\n
<frameset id=fs1 rows=0,*,18 frameSpacing=0 frameborder=no border=0>\n
<frame scrolling=no name=fmsg src=\"%sbbsmsg\">\n
<frame name=f3 src=\"%sbbsfoot\">\n
<frame scrolling=no name=f4 src=\"%sbbsfoot.htm\">\n
</frameset>\n
</frameset>\n", ub, now_t, ub, ub, ub);*/ //add by mintbaggio 040411 for new www
// html_header(3);
printf
("<script>opener.parent.f2.location.href=\"%sbbsleft?t=%ld\";\n"
"opener.parent.fmsg.location.href=\"%sbbsgetmsg\";\n"
//"opener.parent.f4.location.href=\"%sbbsfoot\";\n"
"a=window.opener.location.href;\n" "l=a.length;\n"
"t=a.indexOf('/" SMAGIC "',1);\n" "t=a.indexOf('/',t+1);\n"
"nu=\"%s\"+a.substring(t+1,l);\n"
"window.opener.location.href=nu;window.close();</script>",
ub, now_t, ub, ub, ub);
//}
else
redirect(ub);
//else {
// print_session_string(ub);
// html_header(3);
//
// sprintf(main_page, "/%s/", SMAGIC);
// redirect(main_page);
//}
http_quit();
return 0;
}
//struct file_to_appendix a;
int main()
{
FILE *fp;
char filename[80], dir[80], board[80], title[80], buf[80], *content, vfrom[80];
char tmpbuf [5], title2 [10];
char redirfile[80];
int r, i=0, length=0, sig, mode=0, accessed=0;
struct fileheader x;
struct shortfile *brd;
init_all();
if(!loginok)
http_fatal("匆匆过客不能发表文章,请先登录");
mode=atoi(getparm("mode"));
if(mode)
strsncpy(redirfile, getparm("redir"), 20);
strsncpy(board, getparm("board"), 18);
strsncpy(vfrom, getparm("vfrom"), 18);
if (!*vfrom)
{
strcpy(vfrom, board);
}
if(dashf("NOPOST")&&!HAS_PERM(PERM_OBOARDS)
&& insec(1,board)
)
http_fatal("对不起,系统进入只读状态,暂停发表文章.你先四处看看吧");
/* efan: very faint */
if (dashf ("NOPOST.2") && ! HAS_PERM (PERM_OBOARDS) && (
!strcmp (board, "VoiceofNankai") ||
!strcmp (board, "Military") ||
!strcmp (board, "TaiWan") ||
!strcmp (board, "Salon"))
)
http_fatal("对不起,本板进入只读状态,暂停发表文章");
if(!(currentuser.userlevel & PERM_POST)&&strcmp(board, "appeal")&&strcmp(board, "sysop"))
http_fatal("您尚未通过注册,暂无发表文章权限");
if(check_post_limit(board)) return 0;
strsncpy(title, getparm("title"), 50);
strsncpy (tmpbuf, getparm ("title2"), 5);
if (tmpbuf [0] != 0)
sprintf (title2, "【%s】", tmpbuf);
else
title2[0] = 0;
content=getparm("text");
brd=getbcache(board);
/* add by wzk for outgo post */
//out=strlen(getparm("out"));
//if (!(brd->flag & OUT_FLAG)) out=0;
/* end */
if(brd==0)
http_fatal("错误的讨论区名称");
strcpy(board, brd->filename);
//huangxu@070217:no_word_filter flag
int bd=0;
char temp[80];
if(!(brd->flag2&NOFILTER_FLAG)&&(bad_words(title) || bad_words (tmpbuf) || bad_words(content) )){
bd=1;
printf("您的文章可能包含不便显示的内容,已经提交审核。请返回并进行修改。");
sprintf(temp,"TEMP-%s",board);
strcpy(board,"TEMP");
}else
strcpy(temp,board);
for(i=0; i<strlen(title); i++)
if(title[i]<=27 && title[i]>=-1)
title[i]=' ';
sig=atoi(getparm("signature"));
if(title[0]==0)
http_fatal("文章必须要有标题");
if (title2 [0] == 0 && !strcmp (board, "Secondhand"))
http_fatal ("在Secondhand板请说清楚您的需要!");
if (tmpbuf [0] != ' ') {
char tmptmpbuf [80];
sprintf (tmptmpbuf, "%s%s", title2, title);
strcpy (title, tmptmpbuf);
}
sprintf(dir, "boards/%s/.DIR", board);
if(bd==0)
if(!has_post_perm(¤tuser, board))
http_fatal("此讨论区是唯读的, 或是您尚无权限在此发表文章.");
sprintf(filename, "boards/%s/deny_users", board);
if(file_has_word(filename, currentuser.userid))
http_fatal("很抱歉, 你被板务人员停止了本板的post权利.");
if(abs(time(0) - *(int*)(u_info->from+36))<6) {
*(int*)(u_info->from+36)=time(0);
http_fatal("两次发文间隔过密, 请休息几秒后再试");
}
*(int*)(u_info->from+36)=time(0);
sprintf(filename, "tmp/%d.%s.tmp", getpid(),currentuser.userid);
f_append(filename, content);
accessed=0;
if(strlen(getparm("noreply"))>0)
accessed=FILE_NOREPLY;
int outgo=0;
if(strlen(getparm("outgo"))>0)
outgo=1;
int attach=atoi(getparm("attach"));
r=0;
r=post_article2(temp, title, filename, currentuser.userid, currentuser.username, fromhost, sig-1, accessed, attach,outgo);
if(r<=0)
http_fatal("内部错误,无法发文");
char path[STRLEN];
/* while( appendix != NULL ) {
bzero(&a,sizeof(struct appendix));
strcpy(a.appendixname,appendix);
a.filename=r;
a.sign=0;
strcpy(a.path,board);
sprintf(path,"%s/file_appendix",UPLOAD_PATH);
append_record(&a,sizeof(struct appendix),path);
appendix = strtok( NULL, "," );
}
*/
sprintf(buf,"M.%d.A",r);
brc_init(currentuser.userid, board);
brc_add_read(buf);
brc_update(currentuser.userid, board);
unlink(filename);
sprintf(buf, "posted WWW '%s' on '%s'", title, board);
report(buf);
if(mode==0)
sprintf(buf, "bbsdoc?board=%s#bottom", vfrom);
else if(mode==1)
sprintf(buf, "bbstcon?board=%s&file=%s&vfrom=%s#bottom", board, redirfile, vfrom);
else if(mode==2)
sprintf(buf, "bbstdoc?board=%s#bottom", vfrom);
if(!junkboard(board))
{
currentuser.numposts++;
save_user_data(¤tuser);
// write_posts(currentuser.userid, board, title);
}
if(toptenboard(board))
{
write_posts(currentuser.userid, board, title);
}
else if(!strcmp("Blessing",board)) write_posts(currentuser.userid, board, title);
// return 0;
if(bd==0) redirect(buf);
}
int bbssnd_main(void)
{
if (!loginok)
return BBS_ELGNREQ;
if (parse_post_data() < 0)
return BBS_EINVAL;
int bid = strtol(getparm("bid"), NULL, 10);
struct boardheader *bp = getbcache2(bid);
if (bp == NULL || !haspostperm(¤tuser, bp))
return BBS_ENOBRD;
if (bp->flag & BOARD_DIR_FLAG)
return BBS_EINVAL;
bool isedit = (*(getparm("e")) == '1');
unsigned int fid;
struct fileheader fh;
char *f = getparm("f");
bool reply = !(*f == '\0');
if (reply) {
fid = strtoul(f, NULL, 10);
if (!bbscon_search(bp, fid, 0, &fh))
return BBS_ENOFILE;
if (!isedit && fh.accessed[0] & FILE_NOREPLY)
return BBS_EPST;
if (isedit && !chkBM(bp, ¤tuser)
&& strcmp(fh.owner, currentuser.userid))
return BBS_EACCES;
}
char title[sizeof(fh.title)];
if (!isedit) {
strlcpy(title, getparm("title"), sizeof(title));
printable_filter(title);
if (*title == '\0')
return BBS_EINVAL;
}
// TODO: ...
#ifdef SPARC
if(abs(time(0) - *(int*)(u_info->from+34))<6) { //modified from 36 to 34 for sparc solaris by roly 02.02.28
*(int*)(u_info->from+34)=time(0); //modified from 36 to 34 for sparc solaris by roly 02.02.28
return BBS_EPFREQ;
}
*(int*)(u_info->from+34)=time(0);//modified from 36 to 34 for sparc solaris by roly 02.02.28
#else
if(abs(time(0) - *(int*)(u_info->from+36))<6) { //modified from 36 to 34 for sparc solaris by roly 02.02.28
*(int*)(u_info->from+36)=time(0); //modified from 36 to 34 for sparc solaris by roly 02.02.28
return BBS_EPFREQ;
}
*(int*)(u_info->from+36)=time(0);//modified from 36 to 34 for sparc solaris by roly 02.02.28
#endif
if (isedit) {
char file[HOMELEN];
setbfile(file, bp->filename, fh.filename);
if (edit_article(file, getparm("text"), mask_host(fromhost)) < 0)
return BBS_EINTNL;
} else {
post_request_t pr = { .autopost = false, .crosspost = false,
.userid = NULL, .nick = NULL, .user = ¤tuser,
.bp = bp, .title = title, .content = getparm("text"),
.sig = strtol(getparm("sig"), NULL, 0), .ip = mask_host(fromhost),
.o_fp = reply ? &fh : NULL, .noreply = false, .mmark = false };
if (do_post_article(&pr) < 0)
return BBS_EINTNL;
}
if (!isedit && !junkboard(bp)) {
currentuser.numposts++;
save_user_data(¤tuser);
}
char buf[sizeof(fh.title) + sizeof(bp->filename)];
snprintf(buf, sizeof(buf), "%sed '%s' on %s", isedit ? "edit" : "post",
title, bp->filename);
report(buf, currentuser.userid);
snprintf(buf, sizeof(buf), "doc?board=%s", bp->filename);
http_header();
refreshto(1, buf);
printf("</head>\n<body>发表成功,1秒钟后自动转到<a href='%s'>版面</a>\n"
"</body>\n</html>\n", buf);
return 0;
}
static int wwwlogin(struct userec *user, const char *ref)
{
if (!(currentuser.userlevel & PERM_REGISTER)) {
char file[HOMELEN];
sethomefile(file, currentuser.userid, "register");
if (dashf(file)) {
currentuser.userlevel |= PERM_DEFAULT;
save_user_data(¤tuser);
}
}
struct user_info info;
memset(&info, 0, sizeof(info));
info.active = 1;
info.uid = searchuser(user->userid);
info.pid = getpid();
info.mode = WWW | LOGIN;
if (HAS_PERM(PERM_LOGINCLOAK)
&& (currentuser.flags[0] & CLOAK_FLAG))
info.invisible = YEA;
info.pager = 0;
if (DEFINE(DEF_FRIENDCALL))
info.pager |= FRIEND_PAGER;
if (DEFINE(PAGER_FLAG)) {
info.pager |= ALL_PAGER;
info.pager |= FRIEND_PAGER;
}
if (DEFINE(DEF_FRIENDMSG))
info.pager |= FRIENDMSG_PAGER;
if (DEFINE(DEF_ALLMSG)) {
info.pager |= ALLMSG_PAGER;
info.pager |= FRIENDMSG_PAGER;
}
// TODO:...
strlcpy(info.from, fromhost, 24);
// login start..
#ifdef SPARC
*(int*)(info.from + 30) = time(NULL);
#else
*(int*)(info.from + 32) = time(NULL);
#endif
info.from[22] = DEFINE(DEF_NOTHIDEIP) ? 'S' : 'H';
info.idle_time = time(NULL);
strlcpy(info.username, user->username, sizeof(info.username));
strlcpy(info.userid, user->userid, sizeof(info.userid));
int utmpkey = rand() % 100000000;
info.utmpkey = utmpkey;
int fd = open("tmp/.UTMP.lock", O_RDWR | O_CREAT, 0600);
if (fd < 0)
return BBS_EINTNL;
if (fb_flock(fd, LOCK_EX) == -1) {
close(fd);
return BBS_EINTNL;
}
struct user_info *up = utmpshm->uinfo;
int n;
for (n = 0; n < MAXACTIVE; n++, up++) {
if (!up->active) {
*up = info;
uidshm->status[up->uid - 1]++;
break;
}
}
fb_flock(fd, LOCK_UN);
close(fd);
if (n >= MAXACTIVE)
return BBS_E2MANY;
const char *referer = ref;
if (*referer == '\0')
referer = "sec";
// TODO: these cookies should be merged into one.
printf("Content-type: text/html; charset=%s\n"
"Set-cookie: utmpnum=%d\nSet-cookie: utmpkey=%d\n"
"Set-cookie: utmpuserid=%s\nLocation: %s\n\n",
CHARSET, n + 1, utmpkey, currentuser.userid, referer);
return 0;
}
int bbslogin_main(void)
{
char fname[STRLEN];
char buf[256], id[IDLEN + 1], pw[PASSLEN];
struct userec user;
if (parse_post_data() < 0)
return BBS_EINVAL;
strlcpy(id, getparm("id"), sizeof(id));
if (*id == '\0')
return login_screen();
strlcpy(pw, getparm("pw"), sizeof(pw));
if (loginok && !strcasecmp(id, currentuser.userid)) {
const char *ref = get_login_referer();
printf("Location: %s\n\n", ref);
return 0;
}
if (getuserec(id, &user) == 0)
return BBS_ENOUSR;
user.numlogins++;
if (strcasecmp(id, "guest")) {
int total;
time_t stay, recent, now, t;
if (!checkpasswd(user.passwd, pw)) {
sprintf(buf, "%-12.12s %s @%s\n", user.userid,
getdatestring(time(NULL), DATE_ZH), fromhost);
sethomefile(fname, user.userid, "logins.bad");
file_append(fname, buf);
file_append("logins.bad", buf);
return BBS_EWPSWD;
}
total = check_multi(&user);
if (!HAS_PERM2(PERM_SYSOPS, &user) && total >= 2)
return BBS_ELGNQE;
if (!HAS_PERM2(PERM_LOGIN, &user))
return BBS_EACCES;
now = time(NULL);
// Do not count frequent logins.
if (now - user.lastlogin < 20 * 60
&& user.numlogins >= 100)
user.numlogins--;
if (total > 1) {
recent = user.lastlogout;
if (user.lastlogin > recent)
recent = user.lastlogin;
stay = now - recent;
if (stay < 0)
stay = 0;
} else {
stay = 0;
}
t = user.lastlogin;
user.lastlogin = now;
user.stay += stay;
#ifdef CHECK_FREQUENTLOGIN
if (!HAS_PERM(PERM_SYSOPS)
&& abs(t - time(NULL)) < 10) {
report("Too Frequent", user.userid);
return BBS_ELFREQ;
}
#endif
strlcpy(user.lasthost, fromhost, sizeof(user.lasthost));
save_user_data(&user);
currentuser = user;
}
log_usies("ENTER", fromhost, &user);
if (!loginok && strcasecmp(id, "guest"))
wwwlogin(&user, getparm("ref"));
return 0;
}
void DataHandler::save_user_data(const int& user_id)
{
save_user_data( find_user(user_id) );
}
int wmllogin(char * buf)
{
char id[IDLEN + 2], pw[20];
struct userec *x;
struct user_info * uol[MULTI_LOGINS];
char buf2[256], filename[256];
int i, kick;
page_init(NULL);
strncpy(id, getparm("id"), IDLEN + 1);
strncpy(pw, getparm("pw"), 19);
if (!*pw)
{
strncpy(pw, getparm("pw2"), 19);
}
kick = atoi(getparm("kick")) - 1;
if (!strcasecmp(id, "SYSOP"))
{
strcpy (buf, "用户SYSOP登录受限。");
return -65536;
}
if(file_has_word(".bad_host", fromhost))
{
sprintf (buf, "对不起, 本站不欢迎来自 [%s] 的登录。 若有疑问, 请与SYSOP联系,", fromhost);
return -256;
}
if(loginok && strcasecmp(id, currentuser.userid))
{
sprintf (buf, "系统检测到目前你的计算机上已经登录有一个帐号 %s,请先退出。", currentuser.userid);
return 1;
}
x = getuser(id);
if (!x)
{
strcpy (buf, "错误的使用者帐号");
return -1;
}
sprintf(buf2, "home/%c/%s/badhost", toupper(x->userid[0]), x->userid);
if(bad_host(fromhost,buf2))
{
sprintf (buf, "对不起,此帐号已被设定为不可从 [%s] 登录本站。",fromhost);
return -257;
}
if(strcasecmp(id, "guest"))
{
if(!checkpasswd(x->passwd, pw))
{
if(*pw)
{
sleep(2);
getdatestring (time(0), NA);
sprintf(buf2, "%-12.12s %-30s %s[Wap]\n",id, datestring, fromhost);
sprintf(filename, "home/%c/%s/logins.bad", toupper(x->userid[0]), x->userid);
f_append(filename, buf2);
}
sprintf (buf, "密码错误");
return -2;
}
if (check_login_limit(x))
{
strcpy (buf, "此ID在24小时内上站次数过多,请稍候再来。");
return -4;
}
if(!user_perm(x, PERM_BASIC))
{
strcpy (buf, "此帐号已被停机。若有疑问,请用其他帐号在sysop版询问。");
return -5;
}
if (check_multi_d(x, uol, kick))
{
wml_httpheader();
wml_head();
printf ("<card title=\"登录 -- %s\">", BBSNAME);
printf ("<p>用户%s已经在本站登录了%d个线程,你需要踢掉一个才能登录。<br />", x->userid, MULTI_LOGINS);
for (i = 0; i < MULTI_LOGINS; i++)
{
printf ("#%d %s %s%s 发呆%d分<br />", i, uol[i]->from, uol[i]->mode >= 20000 ? "@" : "", ModeType(uol[i]->mode >= 20000 ? uol[i]->mode - 20000 : uol[i]->mode), (time(0) - uol[i]->idle_time) / 60);
}
printf ("踢掉哪个:<select name=\"inp_kick\">");
for (i = 0; i < MULTI_LOGINS; i++)
{
printf ("<option value=\"%d\">%d</option>", i + 1, i + 1);
}
printf ("</select><br />");
printf ("您的密码:<input type=\"password\" maxlength=\"8\" name=\"inp_pw\" /><br />");
printf ("<anchor><go href=\"login.wml?id=%s\" method=\"post\"><postfield name=\"pw\" value=\"$(inp_pw)\" /><postfield name=\"kick\" value=\"$(inp_kick)\" /></go>登录</anchor></p>", x->userid);
return 0;
}
x->lastlogin = time(0);
x->numlogins++;
strsncpy(x->lasthost, fromhost, 17);
save_user_data(x);
currentuser = *x;
}
report("WapEnter");
int iutmpnum, iutmpkey;
if (!wwwlogin(x, &iutmpnum, &iutmpkey))//0 : succeed
{
encodingtest();
sprintf(buf2, "%d", iutmpnum);
headerCookie("utmpnum", buf2);
sprintf(buf2, "%d", iutmpkey);
headerCookie("utmpkey", buf2);
headerCookie("utmpuserid", currentuser.userid);
wml_httpheader();
}
else
{
strcpy (buf, "抱歉,登录人数太多,请稍候再来:(");
return -65537;
}
sprintf (buf, "用户 %s 登录成功。", x->userid);
wml_head();
printf ("<card title=\"登录 -- %s\" ontimer=\"%s\">", BBSNAME, "bbsboa.wml");
printf ("<timer value=\"50\" />");
printf ("<p>");
w_hprintf(buf);
printf ("</p>");
printf ("<p>跳转中……</p>");
printf ("<p><anchor><go href=\"%s\" />如果不能自动跳转,请使用此链接。</anchor></p>", "bbsboa.wml");
return 0;
}
int main()
{
FILE *fp,*fp2;
struct shortfile *brd;
struct fileheader f;
struct userec *u;
char buf[80], dir[80], path[80], board[80], file[80], *id;
char jdir[80];
int num=0;
init_all();
if(!loginok)
http_fatal("请先登录");
id=currentuser.userid;
strsncpy(board, getparm("board"), 60);
strsncpy(file, getparm("file"), 20);
brd=getbcache(board);
if(strncmp(file, "M.", 2) && strncmp(file, "G.", 2))
http_fatal("错误的参数");
if(strstr(file, ".."))
http_fatal("错误的参数");
if(brd==0)
http_fatal("板面错误");
if(!has_post_perm(¤tuser, board))
http_fatal("错误的讨论区");
sprintf(dir, "boards/%s/.DIR", board);
sprintf(path, "boards/%s/%s", board, file);
sprintf(jdir, "boards/%s/.junk", board);
fp=fopen(dir, "r");
if(fp==0)
http_fatal("错误的参数");
while(1) {
if(fread(&f, sizeof(struct fileheader), 1, fp)<=0)
break;
if(!strcmp(f.filename, file)) {//huangxu@060715:web下删除m文章
if((strcasecmp(id, f.owner)||(f.accessed[0]&FILE_MARKED)) && !has_BM_perm(¤tuser, board))
http_fatal("你无权删除该文");
fp2=fopen(jdir, "a");
fwrite(&f, sizeof(struct fileheader), 1, fp2);
fclose(fp2);
if(!HAS_PERM(PERM_SYSOP))//huangxu@060406:deleted、junk已经无用
if(strstr(board,"syssecurity")||(!strcmp(board,"Punishment")&&!HAS_PERM(PERM_BLEVELS)))
http_fatal("你无权删除该文");
del_record(dir, sizeof(struct fileheader), num);
sprintf(buf, "\n※ %s 于 %s 删除·Web[FROM: %s]", currentuser.userid, Ctime(time(0))+4, fromhost);
f_append(path, buf);
/* if(!strcmp(f.owner, currentuser.userid)) {
post_article("junk", f.title, path, f.owner, "", fromhost, -1);
} else {
post_article("deleted", f.title, path, f.owner, "", fromhost, -1);
}*/
//unlink(path);
printf("删除成功.<br><a href='bbsdoc?board=%s'>返回本讨论区</a>", board);
u=getuser(f.owner);
if(!junkboard(board) && u) {
if(u->numposts>0)
u->numposts--;
save_user_data(u);
}
sprintf(buf, "%s %-12s bbsdel %s\n", Ctime(time(0))+4, id, board);
f_append("trace", buf);
http_quit();
}
num++;
}
fclose(fp);
printf("文件不存在, 删除失败.<br>\n");
printf("<a href='bbsdoc?board=%s'>返回本讨论区</a>", board);
http_quit();
}
int
check_info()
{
int m;
char buf[256];
strsncpy(buf, getparm("nick"), 30);
for (m = 0; m < strlen(buf); m++)
if ((buf[m] < 32 && buf[m] > 0) || buf[m] == -1)
buf[m] = ' ';
if (strlen(buf) > 1) {
strcpy(currentuser.username, buf);
} else {
printf("警告: 昵称太短!<br>\n");
}
strsncpy(buf, getparm("realname"), 9);
if (strlen(buf) > 1) {
strcpy(currentuser.realname, buf);
} else {
printf("警告: 真实姓名太短!<br>\n");
}
strsncpy(buf, getparm("address"), 40);
if (strlen(buf) > 8) {
strcpy(currentuser.address, buf);
} else {
printf("警告: 居住地址太短!<br>\n");
}
/*
strsncpy(buf, getparm("email"), 32);
if (strlen(buf) > 8 && strchr(buf, '@')) {
strcpy(currentuser.email, buf);
} else {
printf("警告: email地址不合法!<br>\n");
}*/
#if 0
strsncpy(buf, getparm("year"), 5);
if (atoi(buf) > 1910 && atoi(buf) < 1998) {
currentuser.birthyear = atoi(buf) - 1900;
} else {
printf("警告: 错误的出生年份!<br>\n");
}
strsncpy(buf, getparm("month"), 3);
if (atoi(buf) > 0 && atoi(buf) <= 12) {
currentuser.birthmonth = atoi(buf);
} else {
printf("警告: 错误的出生月份!<br>\n");
}
strsncpy(buf, getparm("day"), 3);
if (atoi(buf) > 0 && atoi(buf) <= 31) {
currentuser.birthday = atoi(buf);
} else {
printf("警告: 错误的出生日期!<br>\n");
}
strsncpy(buf, getparm("gender"), 2);
if (!strcasecmp(buf, "F"))
currentuser.gender = 'F';
if (!strcasecmp(buf, "M"))
currentuser.gender = 'M';
#endif
save_user_data(¤tuser);
printf("[%s] 个人资料修改成功.", currentuser.userid);
return 0;
}
