static void fill_new_userec(struct userec *user, const char *userid,
const char *passwd, bool usegbk)
{
memset(user, 0, sizeof(*user));
strlcpy(user->userid, userid, sizeof(user->userid));
strlcpy(user->passwd, genpasswd(passwd), ENCPASSLEN);
user->gender = 'X';
#ifdef ALLOWGAME
user->money = 1000;
#endif
user->userdefine = ~0;
if (!strcmp(userid, "guest")) {
user->userlevel = 0;
user->userdefine &= ~(DEF_FRIENDCALL | DEF_ALLMSG | DEF_FRIENDMSG);
} else {
user->userlevel = PERM_LOGIN;
user->flags[0] = PAGER_FLAG;
}
user->userdefine &= ~(DEF_NOLOGINSEND);
if (!usegbk)
user->userdefine &= ~DEF_USEGB;
user->flags[1] = 0;
user->firstlogin = user->lastlogin = time(NULL);
}
int main(int argc, char *argv[])
{
char password[DISCUZ_PASSWD_LENGTH];
int salt;
int i;
char md5password[MD5LEN];
char md5hexpasswd[DISCUZ_PASSWD_LENGTH+1]; // 32 is defined in discuz and add \0 at the end
if(argc != 3)
{
printf("Usage: discuzgenpasswd <salt> <input_password>\n");
exit(0);
}
strcpy(password, argv[2]);
salt = atoi(argv[1]);
genpasswd(md5password, salt, password);
if(ascii2hex(md5password, md5hexpasswd) == -1)
{
printf("convert password error \n");
exit(0);
}
for(i=0; i<DISCUZ_PASSWD_LENGTH; i++)
printf("%c",md5hexpasswd[i]);
return 1;
}
//�������ܱ���¼����
int b_notes_passwd() {
FILE *pass;
char passbuf[20], prepass[20];
char buf[STRLEN];
if (!chkBM(currbp, ¤tuser))
return 0;
clear();
move(1, 0);
prints("�趨/����/ȡ�������ܱ���¼������...");
setvfile(buf, currboard, "secnotes");
if (!dashf(buf)) {
move(3, 0);
prints("�����������ޡ����ܱ���¼����\n\n");
prints("������ W ��á����ܱ���¼�������趨����...");
pressanykey();
return FULLUPDATE;
}
if (!check_notespasswd())
return FULLUPDATE;
getdata(3, 0, "�������µ����ܱ���¼����(Enter ȡ������): ", passbuf, 19, NOECHO, YEA);
if (passbuf[0] == '\0') {
setvfile(buf, currboard, "notespasswd");
unlink(buf);
prints("�Ѿ�ȡ������¼���롣");
pressanykey();
return FULLUPDATE;
}
getdata(4, 0, "ȷ���µ����ܱ���¼����: ", prepass, 19, NOECHO, YEA);
if (strcmp(passbuf, prepass)) {
prints("\n���벻���, ���趨�����....");
pressanykey();
return FULLUPDATE;
}
setvfile(buf, currboard, "notespasswd");
if ((pass = fopen(buf, "w")) == NULL) {
move(5, 0);
prints("����¼�������趨....");
pressanykey();
return FULLUPDATE;
}
fprintf(pass, "%s\n", genpasswd(passbuf));
fclose(pass);
move(5, 0);
prints("���ܱ���¼�����趨���...");
pressanykey();
return FULLUPDATE;
}
int uinfo_query(struct userec *u, int real, int unum)
{
struct userec newinfo;
char ans[3], buf[STRLEN], genbuf[128];
char src[STRLEN], dst[STRLEN];
int i, fail = 0 ;
#ifdef MAILCHANGED
int netty_check = 0;
#endif
time_t now;
struct tm *tmnow;
memcpy(&newinfo, u, sizeof(currentuser));
getdata(t_lines - 1, 0, real ?
"��ѡ�� (0)���� (1)������ (2)�趨���� (3) �� ID ==> [0]" :
"��ѡ�� (0)���� (1)������ (2)�趨���� (3) ѡǩ���� ==> [0]",
ans, 2, DOECHO, YEA);
clear();
refresh();
now = time(0);
tmnow = localtime(&now);
i = 3;
move(i++, 0);
if (ans[0] != '3' || real)
prints("ʹ���ߴ���: %s\n", u->userid);
switch (ans[0])
{
case '1':
move(1, 0);
prints("��������,ֱ�Ӱ� <ENTER> ����ʹ�� [] �ڵ����ϡ�\n");
sprintf(genbuf, "�dz� [%s]: ", u->username);
getdata(i++, 0, genbuf, buf, NAMELEN, DOECHO, YEA);
if (buf[0])
strncpy(newinfo.username, buf, NAMELEN);
sprintf(genbuf, "��ʵ���� [%s]: ", u->realname);
getdata(i++, 0, genbuf, buf, NAMELEN, DOECHO, YEA);
if (buf[0])
strncpy(newinfo.realname, buf, NAMELEN);
sprintf(genbuf, "��ס��ַ [%s]: ", u->address);
getdata(i++, 0, genbuf, buf, STRLEN - 10, DOECHO, YEA);
if (buf[0])
strncpy(newinfo.address, buf, NAMELEN);
sprintf(genbuf, "�������� [%s]: ", u->email);
getdata(i++, 0, genbuf, buf, 48, DOECHO, YEA);
if (buf[0])
{
#ifdef MAILCHECK
#ifdef MAILCHANGED
if(u->uid == usernum)
netty_check = 1;
#endif
#endif
strncpy(newinfo.email, buf, 48);
}
sprintf(genbuf, "�ն˻���̬ [%s]: ", u->termtype);
getdata(i++, 0, genbuf, buf, 16, DOECHO, YEA);
if (buf[0])
strncpy(newinfo.termtype, buf, 16);
sprintf(genbuf, "������ [%d]: ", u->birthyear + 1900);
getdata(i++, 0, genbuf, buf, 5, DOECHO, YEA);
if ( buf[0] && atoi(buf) > 1920 && atoi(buf) < 1998)
newinfo.birthyear = atoi(buf) - 1900;
sprintf(genbuf, "������ [%d]: ", u->birthmonth);
getdata(i++, 0, genbuf, buf, 3, DOECHO, YEA);
if (buf[0] && atoi(buf) >= 1 && atoi(buf) <= 12)
newinfo.birthmonth = atoi(buf);
sprintf(genbuf, "������ [%d]: ", u->birthday);
getdata(i++, 0, genbuf, buf, 3, DOECHO, YEA);
if (buf[0] && atoi(buf) >= 1 && atoi(buf) <= 31)
newinfo.birthday = atoi(buf);
sprintf(genbuf, "�Ա�(M.��)(F.Ů) [%c]: ", u->gender);
getdata(i++, 0, genbuf, buf, 2, DOECHO, YEA);
if (buf[0])
{
if (strchr("MmFf", buf[0]))
newinfo.gender = toupper(buf[0]);
}
if (real)
uinfo_change1(i,u,&newinfo);
break;
case '2':
if (!real)
{
getdata(i++, 0, "������ԭ����: ", buf, PASSLEN, NOECHO, YEA);
if (*buf == '\0' || !checkpasswd(u->passwd, buf))
{
prints("\n\n�ܱ�Ǹ, ����������벻��ȷ��\n");
fail++;
break;
}
}
getdata(i++, 0, "���趨������: ", buf, PASSLEN, NOECHO, YEA);
if (buf[0] == '\0')
{
prints("\n\n�����趨ȡ��, ����ʹ�þ�����\n");
fail++;
break;
}
strncpy(genbuf, buf, PASSLEN);
getdata(i++, 0, "����������������: ", buf, PASSLEN, NOECHO, YEA);
if (strncmp(buf, genbuf, PASSLEN))
{
prints("\n\n������ȷ��ʧ��, ���趨�����롣\n");
fail++;
break;
}
buf[8] = '\0';
strncpy(newinfo.passwd, genpasswd(buf), ENCPASSLEN);
break;
case '3':
if (!real)
{
sprintf(genbuf, "Ŀǰʹ��ǩ���� [%d]: ", u->signature);
getdata(i++, 0, genbuf, buf, 16, DOECHO, YEA);
if (atoi(buf) > 0)
newinfo.signature = atoi(buf);
}
else
{
struct user_info uin;
extern int t_cmpuids();
if(t_search_ulist(&uin, t_cmpuids, unum, NA, NA)!=0)
{
prints("\n�Բ��𣬸��û�Ŀǰ�������ϡ�");
fail++;
}
else if(!strcmp(lookupuser.userid,"SYSOP"))
{
prints("\n�Բ����㲻������ SYSOP �� ID��");
fail++;
}
else
{
getdata(i++,0,"�µ�ʹ���ߴ���: ",genbuf,IDLEN+1,DOECHO, YEA);
if (*genbuf != '\0')
{
if (getuser(genbuf))
{
prints("\n�Բ���! �Ѿ���ͬ�� ID ��ʹ����\n");
fail++;
}
else
{
strncpy(newinfo.userid, genbuf, IDLEN + 2);
}
}
else
fail ++;
}
}
break;
default:
clear();
return 0;
}
if (fail != 0)
{
pressreturn();
clear();
return 0;
}
if (askyn("ȷ��Ҫ�ı���", NA, YEA) == YEA)
{
if (real)
{
char secu[STRLEN];
sprintf(secu, "�� %s �Ļ������ϻ����롣", u->userid);
securityreport1(secu);
}
if (strcmp(u->userid, newinfo.userid))
{
sprintf(src, "mail/%c/%s", toupper(u->userid[0]), u->userid);
sprintf(dst, "mail/%c/%s", toupper(newinfo.userid[0]), newinfo.userid);
rename(src, dst);
sethomepath(src, u->userid);
sethomepath(dst, newinfo.userid);
rename(src, dst);
sethomefile(src, u->userid, "register");
unlink(src);
sethomefile(src, u->userid, "register.old");
unlink(src);
setuserid(unum, newinfo.userid);
}
if(!strcmp(u->userid, currentuser.userid))
{
extern int WishNum;
strncpy(uinfo.username,newinfo.username,NAMELEN);
WishNum = 9999;
}
#ifdef MAILCHECK
#ifdef MAILCHANGED
if ((netty_check == 1)&&!HAS_PERM(PERM_SYSOP))
{
sprintf(genbuf, "%s", BBSHOST);
if ( (!strstr(newinfo.email, genbuf)) &&
(!invalidaddr(newinfo.email)) &&
(!invalid_email(newinfo.email)))
{
strcpy(u->email, newinfo.email);
send_regmail(u);
}
else
{
move(t_lines - 5, 0);
prints("\n������ĵ����ʼ���ַ ��[1;33m%s[m��\n",newinfo.email);
prints("ˡ���ܱ�վ���ϣ�ϵͳ����Ͷ��ע���ţ������������...\n");
pressanykey();
return 0;
}
}
#endif
#endif
memcpy(u, &newinfo, (size_t)sizeof(currentuser));
#ifdef MAILCHECK
#ifdef MAILCHANGED
if ((netty_check == 1)&&!HAS_PERM(PERM_SYSOP))
{
newinfo.userlevel &= ~(PERM_LOGINOK | PERM_PAGE | PERM_MESSAGE);
sethomefile(src, newinfo.userid, "register");
sethomefile(dst, newinfo.userid, "register.old");
rename(src, dst);
}
#endif
#endif
substitute_record(PASSFILE, &newinfo, sizeof(newinfo), unum);
}
clear();
return 0;
}
int
bbslpassport_main()
{
int uid, infochanged = 0;
char id[IDLEN + 1], pw[PASSLEN], site[256], md5pass[MD5LEN], buf[384];
struct userec *x, tmpu;
time_t t, dtime;
html_header(3);
strsncpy(id, strtrim(getparm("id")), IDLEN + 1);
strsncpy(pw, getparm("pw"), PASSLEN);
strsncpy(site, getparm("site"), 256);
if (!id[0])
http_fatal("请输入帐号");
if (!site[0])
http_fatal("no...");
if (key_fail)
http_fatal("内部错误, 联系维护!\n");
if ((uid = getuser(id, &x)) <= 0) {
printf("%s<br>", id);
http_fatal("错误的使用者帐号");
}
strcpy(id, x->userid);
if (!strcasecmp(id, "guest"))
http_fatal("错误的使用者帐号");
if (checkbansite(fromhost)) {
http_fatal
("对不起, 本站不欢迎来自 [%s] 的登录. <br>若有疑问, 请与SYSOP联系.",
fromhost);
}
if (userbansite(x->userid, fromhost))
http_fatal("本ID已设置禁止从%s登录", fromhost);
if (!checkpasswd(x->passwd, x->salt, pw)) {
logattempt(x->userid, fromhost, "PASSPORT", now_t);
http_fatal
("密码错误,如有疑问请联系站务组,提供注册资料找回密码");
}
#if 0
if (!user_perm(x, PERM_BASIC))
http_fatal
("由于本帐号名称不符合帐号管理办法,已经被管理员禁止继续上站。<br>请用其他帐号登录在 <font color=red>"
DEFAULTBOARD "</font> 版询问.");
if (file_has_word(MY_BBS_HOME "/etc/prisonor", x->userid)) {
if (x->inprison == 0) {
memcpy(&tmpu, x, sizeof (tmpu));
tmpu.inprison = 1;
tmpu.dieday = 2;
updateuserec(&tmpu, 0);
}
http_fatal("安心改造,不要胡闹");
}
if (x->dieday)
http_fatal("死了?还要做什么? :)");
#endif
t = x->lastlogin;
memcpy(&tmpu, x, sizeof (tmpu));
if (tmpu.salt == 0) {
tmpu.salt = getsalt_md5();
genpasswd(md5pass, tmpu.salt, pw);
memcpy(tmpu.passwd, md5pass, MD5LEN);
infochanged = 1;
}
#if 1
if (count_uindex(uid) == 0) {
if (now_t - t > 1800)
tmpu.numlogins++;
infochanged = 1;
tmpu.lastlogin = now_t;
dtime = t - 4 * 3600;
t = localtime(&dtime)->tm_mday;
dtime = now_t - 4 * 3600;
if (t < localtime(&dtime)->tm_mday && x->numdays < 60000) {
tmpu.numdays++;
}
}
#endif
if (abs(t - now_t) < 20) {
http_fatal("两次登录间隔过密!");
}
if (x->lasthost != from_addr.s_addr) {
tmpu.lasthost = from_addr.s_addr;
infochanged = 1;
}
if (infochanged)
updateuserec(&tmpu, 0);
tracelog("%s enter %s passport %d %s", x->userid, fromhost, infochanged,
getsenv("HTTP_X_FORWARDED_FOR"));
printf
("<script>exDate = new Date; exDate.setMonth(exDate.getMonth()+9);"
"document.cookie='pp=%s;path=/;expires=' + exDate.toGMTString();</script>",
des3_encode(id, 0));
snprintf(buf, sizeof (buf), "http://%s?q=%s", site, des3_encode(id, 1));
redirect(buf);
http_quit();
return 0;
}
int
bbslogin_main()
{
int n, t, infochanged = 0;
time_t dtime;
char filename[128], buf[256], id[20], pw[PASSLEN], url[10], *ub =
FIRST_PAGE;
char *ptr;
char md5pass[MD5LEN];
struct userec *x, tmpu;
int ipmask;
int uid;
html_header(3);
if (loginok && !isguest) {
sprintf(buf, "/" SMAGIC "/?t=%d", (int) now_t);
redirect(buf);
}
strsncpy(id, strtrim(getparm("id")), 13);
strsncpy(pw, getparm("pw"), PASSLEN);
strsncpy(url, getparm("url"), 3);
ipmask = atoi(getparm("ipmask"));
if (!id[0]) {
strcpy(id, "guest");
ipmask = 8;
}
if (!strcmp(MY_BBS_ID, "YTHT") && !strcmp(id, "guest")) {
http_fatal("请输入用户名和密码以登录。");
}
if (strcmp(id, "guest")) {
ipmask = extandipmask(ipmask, getparm("lastip1"), realfromhost);
ipmask = extandipmask(ipmask, getparm("lastip2"), realfromhost);
}
if ((uid = getuser(id, &x)) <= 0) {
printf("%s<br>", id);
http_fatal("错误的使用者帐号");
}
strcpy(id, x->userid);
if (strcasecmp(id, "guest")) {
if (checkbansite(realfromhost)) {
http_fatal
("对不起, 本站不欢迎来自 [%s] 的登录. <br>若有疑问, 请与SYSOP联系.",
realfromhost);
}
if (userbansite(x->userid, realfromhost))
http_fatal("本ID已设置禁止从%s登录", realfromhost);
if (!checkpasswd(x->passwd, x->salt, pw)) {
logattempt(x->userid, realfromhost, "WWW", now_t);
http_fatal
("密码错误,如有疑问请联系站务组,提供注册资料找回密码");
}
if (!user_perm(x, PERM_BASIC))
http_fatal
("由于本帐号名称不符合帐号管理办法,已经被管理员禁止继续上站。<br>请用其他帐号登录在 <font color=red>"
DEFAULTBOARD "</font> 版询问.");
if (file_has_word(MY_BBS_HOME "/etc/prisonor", x->userid)) {
if (x->inprison == 0) {
memcpy(&tmpu, x, sizeof (tmpu));
tmpu.inprison = 1;
tmpu.dieday = 2;
updateuserec(&tmpu, 0);
}
http_fatal("安心改造,不要胡闹");
}
if (x->dieday)
http_fatal("死了?还要做什么? :)");
t = x->lastlogin;
memcpy(&tmpu, x, sizeof (tmpu));
if (tmpu.salt == 0) {
tmpu.salt = getsalt_md5();
genpasswd(md5pass, tmpu.salt, pw);
memcpy(tmpu.passwd, md5pass, MD5LEN);
infochanged = 1;
}
if (count_uindex(uid) == 0) {
if (now_t - t > 1800)
tmpu.numlogins++;
infochanged = 1;
tmpu.lastlogin = now_t;
dtime = t - 4 * 3600;
t = localtime(&dtime)->tm_mday;
dtime = now_t - 4 * 3600;
if (t < localtime(&dtime)->tm_mday
&& x->numdays < 60000) {
tmpu.numdays++;
}
}
if (abs(t - now_t) < 5) {
http_fatal("两次登录间隔过密!");
}
if (x->lasthost != from_addr.s_addr) {
tmpu.lasthost = from_addr.s_addr;
infochanged = 1;
}
if (infochanged)
updateuserec(&tmpu, 0);
currentuser = x;
}
ptr = getsenv("HTTP_X_FORWARDED_FOR");
tracelog("%s enter %s www %d %s", x->userid, realfromhost, infochanged,
ptr);
n = 0;
if (loginok && isguest) {
u_info->wwwinfo.iskicked = 1;
}
if (strcasecmp(id, "guest")) {
sethomepath(filename, x->userid);
mkdir(filename, 0755);
strsncpy(buf, getparm("style"), 3);
wwwstylenum = -1;
if (isdigit(buf[0]))
wwwstylenum = atoi(buf);
if ((wwwstylenum > NWWWSTYLE || wwwstylenum < 0))
if (!readuservalue
(x->userid, "wwwstyle", buf, sizeof (buf)))
wwwstylenum = atoi(buf);
if (wwwstylenum < 0 || wwwstylenum >= NWWWSTYLE)
wwwstylenum = 1;
currstyle = &wwwstyle[wwwstylenum];
} else {
wwwstylenum = 1;
currstyle = &wwwstyle[wwwstylenum];
}
ub = wwwlogin(x, ipmask);
#ifdef USESESSIONCOOKIE
{
extern char sessionCookie[];
printf
("<script>document.cookie='SESSION=%s; path=/';</script>",
urlencode(sessionCookie));
}
#endif
if (!strcmp(url, "1")) {
#if 1
printf
("<script>\n"
"function URLencode(sStr) {\n"
"return escape(sStr).replace(/\\+/g, '%%2C').replace(/\\\"/g,'%%22').replace(/\\'/g, '%%27');\n"
"}\n"
"a=window.opener.location.href;\n" "l=a.length;\n"
"t=a.indexOf('/" SMAGIC "',1);\n" "t=a.indexOf('/',t+1);\n"
//"nu=\"%s\"+\"?t=%ld&b=\"+URLencode(a.substring(t+1,l));\n"
"nu=\"%s\"+\"?t=%ld&b=\"+a.substring(t+1,l);\n"
"opener.top.location.href=nu;window.close();</script>",
ub, now_t);
#else
printf
("<script>opener.top.location.href='%s?t=%d';window.close();</script>",
ub, now_t);
#endif
} else {
char buf[256];
if (strcmp(x->userid, "guest") && shouldbroadcast(uid))
sprintf(buf, "%s?t=%d&b=ooo", ub, (int) now_t);
else
sprintf(buf, "%s?t=%d", ub, (int) now_t);
redirect(buf);
}
http_quit();
return 0;
}
