/* FILE $Id: tuserfunc.h 6 2005-11-24 00:02:59Z ggw $ PURPOSE Schema independent application functionality that revolves mainly around tUser table. This file is an extension of tuser.c. AUTHOR (C) 2001-2004 Gary Wallis. GPL License applies, see www.fsf.org for details. See LICENSE file included in distribution. */ #include "mail.h" void ImportUsers(void); void CheckActiveUsers(void); static char cSearch[100]={""}; static char cTargetEmail[256]={""}; static unsigned uChangeAlias=0; static unsigned uDelAlias=0; //Enhanced searching static char cuMailFilterSelectPullDown[256]={""}; static unsigned uMailFilterSelect=0; //uPermLevel==5 experimental feature functions static char cPasswd1[65]={""}; static char cPasswd2[65]={""}; typedef struct t_template { char *name[8];//pointers to var_name strings char *value[8];//pointers to substitution strings } t_template ; void tUserChangePasswd(char *cMsg); void tUserChangedPasswdOk(char *cMsg); void tUserChangePasswdLogin(char *cMsg); int htmlStructTemplate(char *cTemplateName,struct t_template *ptrTemplate); void Template(char *cTemplate, struct t_template *template, FILE *fp); void htmlTemplatePage(char *cPage); void GetuUseruServer(char *cUser,unsigned *uUser,unsigned *uServer); extern MYSQL mysqlext;//mail.c void ExtConnectDb(unsigned uHtml);//mail.c void tUserAliasList(void); void tUserVUTList(void); void tUserNavList(void); void CheckMaxUsersQuota(unsigned uLoginClient); #ifndef DEBUG_REPORT_STATS_OFF int UpdateInfo(); #endif //Extern mail.c void GetConfiguration(const char *cName, char *cValue, unsigned uHtml); void ScheduleJob(unsigned uUser, unsigned uServer, const char *cJobName, const char *cJobData); //Will overwrite cClearTextPasswd needs at least 36 chars for MD5 void EncryptPasswd(char *cClearTextPasswd); void tUserChangePasswd(char *cMsg); void tUserChangedPasswdOk(char *cMsg); void ExtProcesstUserVars(pentry entries[], int x) { register int i; for(i=0;i5 && strchr(cTargetEmail,'@') && strchr(cTargetEmail,'.')) { time(&clock); sprintf(query,"SELECT uAlias FROM tAlias WHERE cUser='%s' AND uServer=%u",cLogin,uServer); mysql_query(&mysql,query); if(mysql_errno(&mysql)) mysqlSendmail(mysql_error(&mysql)); res=mysql_store_result(&mysql); if(mysql_num_rows(res)) { if(uDelAlias) { sprintf(query,"DELETE FROM tAlias WHERE cTargetEmail='%s' AND cUser='%s' AND uServer=%u",cTargetEmail,cLogin,uServer); mysql_query(&mysql,query); if(mysql_errno(&mysql)) ScheduleJob(uUser,uServer,"DelAliasError", TextAreaSave(mysql_error(&mysql))); else ScheduleJob(uUser,uServer,"DelAlias",cTargetEmail); } else if(uChangeAlias) { sprintf(query,"UPDATE tAlias SET cTargetEmail='%s',uModBy=%u,uModDate=%lu WHERE cUser='%s' AND uServer=%u",cTargetEmail,uLoginClient,(long unsigned)(long unsigned)clock,cLogin,uServer); mysql_query(&mysql,query); if(mysql_errno(&mysql)) ScheduleJob(uUser,uServer,"ModAliasError", TextAreaSave(mysql_error(&mysql))); else ScheduleJob(uUser,uServer,"ModAlias",cTargetEmail); } } else { sprintf(query,"INSERT INTO tAlias SET cUser='%s',cTargetEmail='%s',uOwner=%u,uCreatedBy=%u,uCreatedDate=%lu,uServer=%u", cLogin,cTargetEmail,uLoginClient,uLoginClient,(long unsigned)(long unsigned)clock,uServer); mysql_query(&mysql,query); if(mysql_errno(&mysql)) ScheduleJob(uUser,uServer,"NewAliasError", TextAreaSave(mysql_error(&mysql))); else ScheduleJob(uUser,uServer,"NewAlias",cTargetEmail); } } }//void MailFwdOptionProcess(void) void NotifyISPSupport(const char *cLogin,const char *cMsg); void NotifyISPSupport(const char *cLogin, const char *cMsg) { char cMTA[256]={""}; char cISPContactEmail[256]={""}; char cISPFromEmail[256]={""}; FILE *fp; GetConfiguration("cMTA",cMTA,0); GetConfiguration("cISPContactEmail",cISPContactEmail,0); GetConfiguration("cISPFromEmail",cISPFromEmail,0); if(cISPContactEmail[0] && cMTA[0] && cLogin[0] && cISPFromEmail[0]) { if((fp=popen(cMTA,"w"))) { fprintf(fp,"To: %s\n",cISPContactEmail); fprintf(fp,"From: %s\n",cISPFromEmail); fprintf(fp,"Subject: %s-%s\n",cLogin,cMsg); fprintf(fp,"\n"); fprintf(fp,"NotifyISPSupport() %s %s\n",cLogin,cMsg); pclose(fp); } } }//void NotifyISPSupport(const char *cLogin,const char *cMsg) void ExttUserCommands(pentry entries[], int x) { if(!strcmp(function,"tUserTools")) { MYSQL_RES *res; unsigned uFound; if(!strcmp(command,LANG_NB_NEW)) { if(uPermLevel>6) { ProcesstUserVars(entries,x); //Check global conditions for new record here mode=2000; if(uPermLevel<10) { //Allow tConfiguration setup of defaults char cuAPop[256]={""},cuHDQuota[256]={""}; char cuTrafficQuota[256]={""},cuMailFilter[256]={""}; uAPop=0; uHDQuota=0; uTrafficQuota=0; uMailFilter=0; uServer=1; GetConfiguration("cuAPop",cuAPop,0); GetConfiguration("cuHDQuota",cuHDQuota,0); GetConfiguration("cuTrafficQuota",cuTrafficQuota,0); GetConfiguration("cuMailFilter",cuMailFilter,0); sscanf(cuAPop,"%u",&uAPop); sscanf(cuHDQuota,"%u",&uHDQuota); sscanf(cuTrafficQuota,"%u",&uTrafficQuota); sscanf(cuMailFilter,"%u",&uMailFilter); //We need to check uMaxUsers for end-users adding //their alloted quota. And resellers max also: This //is much more complicated of course. CheckMaxUsersQuota(uLoginClient); } tUser(LANG_NB_CONFIRMNEW); } } else if(!strcmp(command,LANG_NB_CONFIRMNEW)) { if(uPermLevel>6) { char cOnlyClearText[256]={""}; char cNoAliasIfInUser[256]={""}; ProcesstUserVars(entries,x); mode=2000; //Resellers and end users defaults if(uPermLevel<10) { //Allow tConfiguration setup of defaults char cuAPop[256]={""},cuHDQuota[256]={""}; char cuTrafficQuota[256]={""},cuMailFilter[256]={""}; uAPop=0; uHDQuota=0; uTrafficQuota=0; uMailFilter=0; uServer=1; GetConfiguration("cuAPop",cuAPop,0); GetConfiguration("cuHDQuota",cuHDQuota,0); GetConfiguration("cuTrafficQuota",cuTrafficQuota,0); GetConfiguration("cuMailFilter",cuMailFilter,0); sscanf(cuAPop,"%u",&uAPop); sscanf(cuHDQuota,"%u",&uHDQuota); sscanf(cuTrafficQuota,"%u",&uTrafficQuota); sscanf(cuMailFilter,"%u",&uMailFilter); CheckMaxUsersQuota(uLoginClient); } //Valid cLogin if(!cLogin[0] || strlen(cLogin)<2) tUser("Valid cLogin must be specified"); GetConfiguration("cOnlyClearText",cOnlyClearText,0); if(cOnlyClearText[0]=='Y') { //Valid cPasswd if(!cEnterPasswd[0] || strlen(cEnterPasswd)<3) tUser("Valid cEnterPasswd must be specified"); strcpy(cPasswd,cEnterPasswd); EncryptPasswd(cPasswd); } else { //Valid cPasswd if(cEnterPasswd[0]) { if(!cEnterPasswd[0] || strlen(cEnterPasswd)<3) tUser("Valid cEnterPasswd must be specified"); strcpy(cPasswd,cEnterPasswd); EncryptPasswd(cPasswd); } else { if(strlen(cPasswd)<13 || strlen(cPasswd)>35) tUser("Valid DES/MD5 passwd cPasswd must be specified OR clear text cEnterPasswd."); cEnterPasswd[0]=0; } } //Valid uServer if(!uServer) tUser("Valid uServer must be specified"); GetConfiguration("cNoAliasIfInUser",cNoAliasIfInUser,0); if(cNoAliasIfInUser[0]=='Y') { //No same tAlias.cUser on same server sprintf(query,"SELECT uAlias FROM tAlias WHERE cUser='%s' AND uServer=%u" ,cLogin,uServer); mysql_query(&mysql,query); if(mysql_errno(&mysql)) mysqlSendmail(mysql_error(&mysql)); res=mysql_store_result(&mysql); uFound=mysql_num_rows(res); mysql_free_result(res); if(uFound) tUser("cLogin already used as tAlias.cUser on selected server"); } if(uServer==1) //No same cLogin on same server sprintf(query,"SELECT uUser FROM tUser WHERE cLogin='%s' AND uServer=%u" ,cLogin,uServer); mysql_query(&mysql,query); if(mysql_errno(&mysql)) mysqlSendmail(mysql_error(&mysql)); res=mysql_store_result(&mysql); uFound=mysql_num_rows(res); mysql_free_result(res); if(uFound) tUser("cLogin already used on selected server"); //TODO Hack uServer==1 always the local server? if(uServer==1) { struct passwd *structPasswd; if((structPasswd=getpwnam(cLogin))) tUser("cLogin already used on this local server"); } uStatus=US_AWAITACT; uUser=0; mode=0; uCreatedBy=uLoginClient; uOwner=uLoginClient; uModBy=0;//Never modified uModDate=0; NewtUser(1); ScheduleJob(uUser,uServer,"NewUser",cLogin); MailFwdOptionProcess(); #ifndef DEBUG_REPORT_STATS_OFF UpdateInfo(); #endif tUser("New user added and scheduled for activation"); } } else if(!strcmp(command,LANG_NB_DELETE)) { ProcesstUserVars(entries,x); if(uOwner) GetClientOwner(uOwner,&uReseller); if( (uPermLevel>=7 && uOwner==uLoginClient) || (uPermLevel>9 && uOwner!=1) || (uPermLevel==8 && uReseller==uLoginClient) ) { mode=2001; tUser(LANG_NB_CONFIRMDEL); } } else if(!strcmp(command,LANG_NB_CONFIRMDEL)) { ProcesstUserVars(entries,x); if(uOwner) GetClientOwner(uOwner,&uReseller); if( (uPermLevel>=7 && uOwner==uLoginClient) || (uPermLevel>9 && uOwner!=1) || (uPermLevel==8 && uReseller==uLoginClient) ) { sprintf(query,"UPDATE tUser SET uStatus=%u WHERE cLogin='%s' AND uServer=%u" ,(uStatus=US_AWAITDEL),cLogin,uServer); mysql_query(&mysql,query); if(mysql_errno(&mysql)) mysqlSendmail(mysql_error(&mysql)); ScheduleJob(uUser,uServer,"DeleteUser",cLogin); tUser("User scheduled for deletion"); } } else if(!strcmp(command,LANG_NB_MODIFY)) { ProcesstUserVars(entries,x); if(uOwner) GetClientOwner(uOwner,&uReseller); if( (uPermLevel>9) || (uPermLevel>=7 && uOwner==uLoginClient) || (uPermLevel==8 && uReseller==uLoginClient) || (uPermLevel==5 && !strcmp(cLogin,cUser)) ) { mode=2002; tUser(LANG_NB_CONFIRMMOD); } } else if(!strcmp(command,LANG_NB_CONFIRMMOD)) { ProcesstUserVars(entries,x); if(uOwner) GetClientOwner(uOwner,&uReseller); if( (uPermLevel>9) || (uPermLevel>=7 && uOwner==uLoginClient) || (uPermLevel==8 && uReseller==uLoginClient) || (uPermLevel==5 && !strcmp(cLogin,cUser)) ) { MYSQL_ROW field; unsigned uCurrentAPop=0; unsigned uCurrentMailFilter=0; unsigned uCurrentHDQuota=0; unsigned uCurrentTrafficQuota=0; unsigned uCurrentServer=0; unsigned uCurrentStatus=0; unsigned uChanged=0; char cCurrentEnterPasswd[100]={""}; mode=2002; if(!uServer) tUser("Must specify valid uServer"); if(!cEnterPasswd[0] && !cPasswd[0]) tUser("Must enter new passwd or valid encrypted passwd"); //No cLogin modification allowed sprintf(query,"SELECT uAPop,uMailFilter,uHDQuota,uTrafficQuota,cEnterPasswd,uServer,uStatus FROM tUser WHERE cLogin='%s' AND uUser=%u" ,cLogin,uUser); mysql_query(&mysql,query); if(mysql_errno(&mysql)) mysqlSendmail(mysql_error(&mysql)); res=mysql_store_result(&mysql); uFound=mysql_num_rows(res); mysql_free_result(res); if(!uFound) tUser("Not allowed to modify cLogin"); if((field=mysql_fetch_row(res))) { sscanf(field[0],"%u",&uCurrentAPop); sscanf(field[1],"%u",&uCurrentMailFilter); sscanf(field[2],"%u",&uCurrentHDQuota); sscanf(field[3],"%u",&uCurrentTrafficQuota); sprintf(cCurrentEnterPasswd,"%.99s",field[4]); sscanf(field[5],"%u",&uCurrentServer); sscanf(field[6],"%u",&uCurrentStatus); } if(uPermLevel<12) { if(uServer!=uCurrentServer) tUser("Not allowed to change servers with this version!"); if(uStatus!=uCurrentStatus) tUser("Not allowed to change uStatus, done by system only."); } if(uAPop!=uCurrentAPop) { uStatus=US_AWAITMOD; if(uAPop) ScheduleJob(uUser,uServer,"ModUserAPopOn" ,cLogin); else ScheduleJob(uUser,uServer,"ModUserAPopOff" ,cLogin); uChanged=1; } if(uMailFilter!=uCurrentMailFilter) { uStatus=US_AWAITMOD; if(uMailFilter) ScheduleJob(uUser,uServer,"ModUserMailFilterOn" ,cLogin); else ScheduleJob(uUser,uServer,"ModUserMailFilterOff" ,cLogin); uChanged=1; } if(uHDQuota!=uCurrentHDQuota) { uStatus=US_AWAITMOD; if(uHDQuota) ScheduleJob(uUser,uServer,"ModUserHDQuotaOn" ,cLogin); else ScheduleJob(uUser,uServer,"ModUserHDQuotaOff" ,cLogin); uChanged=1; } if(uTrafficQuota!=uCurrentTrafficQuota) { uStatus=US_AWAITMOD; if(uTrafficQuota) ScheduleJob(uUser,uServer,"ModUserTrafficQuotaOn" ,cLogin); else ScheduleJob(uUser,uServer,"ModUserTrafficQuotaOff" ,cLogin); uChanged=1; } if(strcmp(cEnterPasswd,cCurrentEnterPasswd)) { //Allow hiding of clear text passwd if(strcmp(cEnterPasswd,"_private")) { uStatus=US_AWAITMOD; if(cEnterPasswd[0]) { strcpy(cPasswd,cEnterPasswd); EncryptPasswd(cPasswd); //cEnterPasswd[0]=0; } else { if(strlen(cPasswd)<13 || strlen(cPasswd)>35) tUser("Valid DES/MD5 passwd cPasswd must be specified OR clear text cEnterPasswd."); } ScheduleJob(uUser,uServer,"ModUserPwd",cLogin); uChanged=1; } else { uChanged=1; cEnterPasswd[0]=0; } } MailFwdOptionProcess(); mode=0; uModBy=uLoginClient; if(uChanged) ModtUser(); else tUser("Nothing changed"); } } else if(!strcmp(command,"Make Home Dir")) { if(uPermLevel>=8) { ProcesstUserVars(entries,x); mode=2002; if(!uUser || !uServer) tUser("Must supply valid uUser/uServer"); mode=0; ScheduleJob(uUser,uServer,"MakeHomeDir",cLogin); tUser("MakeHomeDir job scheduled"); } } else if(!strcmp(command,"Import Users")) { if(uPermLevel>=12) { ImportUsers(); tUser("ImportUsers()"); } } else if(!strcmp(command,"Set Passwd")) { ProcesstUserVars(entries,x); if(uOwner) GetClientOwner(uOwner,&uReseller); if( (uPermLevel>=8 && uOwner==uLoginClient) || (uPermLevel>9 && uOwner!=1) || (uPermLevel>7 && uReseller==uLoginClient) ) { if(!uUser || !uServer) tUser("Must specify valid uServer and uUser"); ScheduleJob(uUser,uServer,"ModUserPwd",cPasswd); tUser("User scheduled for passwd update"); } } else if(!strcmp(command,"Add")) { ProcesstUserVars(entries,x); if(uPermLevel>=12) { if(!strcmp(cLogin,".addallusers.")) { MYSQL_RES *res; MYSQL_ROW field; sprintf(query,"SELECT uUser,uServer,cLogin FROM tUser"); mysql_query(&mysql,query); if(mysql_errno(&mysql)) tUser(mysql_error(&mysql)); res=mysql_store_result(&mysql); while((field=mysql_fetch_row(res))) { sscanf(field[0],"%u",&uUser); sscanf(field[1],"%u",&uServer); if(uServer && uUser) ScheduleJob(uUser,uServer,"NewUser", field[2]); } mysql_free_result(res); tUser("All users scheduled for addition"); } else if(cLogin[0]) { if(!uUser || !uServer) tUser("Must specify valid uServer and uUser"); ScheduleJob(uUser,uServer,"NewUser",cLogin); tUser("User scheduled for addition"); } tUser("Unexpected aborted Add operation"); } } else if(!strcmp(command,"Check Active Users")) { if(uPermLevel>=10) { ExtProcesstUserVars(entries,x); CheckActiveUsers(); } } else if(!strcmp(command,"Change Password")) { ProcesstUserVars(entries,x); if(uPermLevel==5 && cUser[0] ) { char cISPParameter[256]={""}; if(!cPasswd1[0] || !cPasswd2[0]) tUserChangePasswd("Missing a password..."); if(strcmp(cPasswd1,cPasswd2)) tUserChangePasswd("Passwords do not match..."); if(!uUser || !uServer) tUserChangePasswd("Internal technical error: Must specify valid uServer and uUser. Contact your ISP support about this problem if it happens again."); //Update mysqlSendmail tUser entry EncryptPasswd(cPasswd1); sprintf(query,"UPDATE tUser SET cPasswd='%s', cEnterPasswd='%s' WHERE uUser=%u AND uServer=%u",cPasswd1,cPasswd2,uUser,uServer); mysql_query(&mysql,query); if(mysql_errno(&mysql)) tUserChangePasswd("Internal technical error: UPDATE tUser. Contact your ISP support about this problem if it happens again."); //Very experimental and customer related //Study issue further for global solution //Update if needed mysqlISP service parameter GetConfiguration("cISPParameter",cISPParameter,0); if(cISPParameter[0]) { MYSQL_RES *res; MYSQL_ROW field; unsigned uGroup=0; unsigned uNumRows=0; unsigned uParameter=0; ExtConnectDb(1);//mail.c sprintf(query,"SELECT uParameter FROM tParameter WHERE tParameter.cParameter='%s'",cISPParameter); mysql_query(&mysqlext,query); if(mysql_errno(&mysqlext)) tUserChangePasswd("Internal technical error: SELECT tParameter. Contact your ISP support about this problem if it happens again."); res=mysql_store_result(&mysqlext); uNumRows=mysql_num_rows(res); if(uNumRows!=1) tUserChangePasswd("mysqlISP technical error: SELECT tParameter. Contact your ISP support about this problem if it happens again."); if((field=mysql_fetch_row(res))) sscanf(field[0],"%u",&uParameter); mysql_free_result(res); sprintf(query,"SELECT tClientConfig.uGroup FROM tClientConfig,tParameter WHERE tClientConfig.uParameter=tParameter.uParameter AND tParameter.cParameter='mysqlSendmail.Login' AND tClientConfig.cValue='%s'",cUser); mysql_query(&mysqlext,query); if(mysql_errno(&mysqlext)) tUserChangePasswd("Internal technical error: SELECT tClientConfig. Contact your ISP support about this problem if it happens again."); res=mysql_store_result(&mysqlext); uNumRows=mysql_num_rows(res); if(uNumRows!=1) tUserChangePasswd("mysqlISP technical error: SELECT tClientConfig. Contact your ISP support about this problem if it happens again."); if((field=mysql_fetch_row(res))) sscanf(field[0],"%u",&uGroup); mysql_free_result(res); sprintf(query,"UPDATE tClientConfig SET cValue='%s' WHERE uGroup=%u AND uParameter=%u",cPasswd2,uGroup,uParameter); mysql_query(&mysqlext,query); if(mysql_errno(&mysqlext)) tUserChangePasswd("Internal technical error: UPDATE tClientConfig. Contact your ISP support about this problem if it happens again."); if(!mysql_affected_rows(&mysqlext)) tUserChangePasswd("Internal technical error: NO UPDATE tClientConfig. Contact your ISP support about this problem if it happens again."); }//End of external mysqlISP update try ScheduleJob(uUser,uServer,"ModUserPwd",cPasswd); NotifyISPSupport(cUser,"Ok"); tUserChangedPasswdOk("User scheduled for password update. Please wait for this change to take effect usually max of 10 mins."); } NotifyISPSupport("Unknown","Error"); tUserChangePasswd("Unexpected error: Contact your ISP support."); } } }//void ExttUserCommands(pentry entries[], int x) void MailFwdOption(void) { if(uPermLevel>9) { printf(""); printf("

Optional mail forward (tAlias)
"); printf("\n",cTargetEmail); if(cTargetEmail[0]) { printf("
uChangeAlias\n"); printf(" uDelAlias\n"); } } }//void MailFwdOption(void) void ExttUserButtons(void) { printf("\n"); printf("\n"); printf("
"); printf(""); printf(""); if(uPermLevel>5) { printf("Search Tools
\n"); printf(" cLogin\n
"); printf("",cSearch); if(uPermLevel>9) { printf("
Restrict on uMailFilter
\n"); tTablePullDown("tMailFilter","cLabel","cLabel",uMailFilterSelect); } printf("

\n"); } switch(mode) { case 2000: printf("

Enter required data
"); printf(""); printf(LANG_NBB_CONFIRMNEW); MailFwdOption(); printf("
\n"); break; case 2001: printf("

"); printf(LANG_NBB_CONFIRMDEL); printf("
\n"); break; case 2002: printf("

Review record data
"); printf(""); printf(LANG_NBB_CONFIRMMOD); tUserAliasList(); MailFwdOption(); printf("
\n"); if(uPermLevel>=8) { printf(""); printf("\n"); } if(uPermLevel>11) { printf(""); printf("

\n"); printf("
\n"); } break; default: tUserAliasList(); tUserVUTList(); } if(uPermLevel>=12) { printf("

"); printf("
\n"); } printf("

\n"); }//void ExttUserButtons(void) void ExttUserAuxTable(void) { }//void ExttUserAuxTable(void) void ExttUserGetHook(entry gentries[], int x) { register int i; for(i=0;i9) { if(cSearch[0] && !uMailFilterSelect) sprintf(query,"SELECT %s FROM tUser WHERE cLogin LIKE '%s%%' ORDER BY uUser",VAR_LIST_tUser,cSearch); else if(cSearch[0] && uMailFilterSelect) sprintf(query,"SELECT %s FROM tUser WHERE cLogin LIKE '%s%%' AND uMailFilter=%u ORDER BY uUser",VAR_LIST_tUser,cSearch,uMailFilterSelect); else if(!cSearch[0] && uMailFilterSelect) sprintf(query,"SELECT %s FROM tUser WHERE uMailFilter=%u ORDER BY uUser",VAR_LIST_tUser,uMailFilterSelect); else if(1) sprintf(query,"SELECT %s FROM tUser ORDER BY uUser",VAR_LIST_tUser); } else if(uPermLevel==5) { sprintf(query,"SELECT %s FROM tUser WHERE cLogin='%s'",VAR_LIST_tUser,cUser); } else if(1) { if(cSearch[0]) sprintf(query,"SELECT %s FROM tUser,tClient WHERE tUser.uOwner=tClient.uClient AND (tClient.uOwner=%u OR tClient.uClient=%u) AND tUser.cLogin LIKE '%s%%'",VAR_LIST_tUser,uLoginClient,uLoginClient,cSearch); else sprintf(query,"SELECT %s FROM tUser,tClient WHERE tUser.uOwner=tClient.uClient AND (tClient.uOwner=%u OR tClient.uClient=%u)",VAR_LIST_tUser,uLoginClient,uLoginClient); } }//void ExttUserSelect(void) void ExttUserSelectRow(void) { if(uPermLevel==5) sprintf(query,"SELECT %s FROM tUser WHERE cLogin='%s'",VAR_LIST_tUser,cUser); else if(uPermLevel<10) sprintf(query,"SELECT %s FROM tUser,tClient \ WHERE tUser.uOwner=tClient.uClient\ AND (tClient.uOwner=%u OR tClient.uClient=%u)\ AND tUser.uUser=%u", VAR_LIST_tUser, uLoginClient,uLoginClient,uUser); else if(1) sprintf(query,"SELECT %s FROM tUser WHERE uUser=%u", VAR_LIST_tUser,uUser); }//void ExttUserSelectRow(void) void ExttUserListSelect(void) { char cCat[512]; if(uPermLevel==5) sprintf(query,"SELECT %s FROM tUser WHERE cLogin='%s'",VAR_LIST_tUser,cUser); else if(uPermLevel<10) sprintf(query,"SELECT %s FROM tUser,tClient \ WHERE tUser.uOwner=tClient.uClient \ AND (tClient.uOwner=%u OR tClient.uClient=%u)", VAR_LIST_tUser, uLoginClient, uLoginClient); else if(1) sprintf(query,"SELECT %s FROM tUser", VAR_LIST_tUser); //Changes here must be reflected below in ExttUserListFilter() if(!strcmp(filter,"uUser")) { sscanf(command,"%u",&uUser); if(uPermLevel<10) strcat(query," AND "); else strcat(query," WHERE "); sprintf(cCat,"tUser.uUser=%u \ ORDER BY uUser", uUser); strcat(query,cCat); } else if(1) { //None NO FILTER strcpy(filter,"None"); strcat(query," ORDER BY uUser"); } }//void ExttUserListSelect(void) void ExttUserListFilter(void) { //Filter printf("Select "); printf(""); }//void ExttUserListFilter(void) void ExttUserNavBar(void) { if(uOwner) GetClientOwner(uOwner,&uReseller); if(uPermLevel>5) { printf(LANG_NBB_SKIPFIRST); printf(LANG_NBB_SKIPBACK); printf(LANG_NBB_SEARCH); } //Allow any authorized user to add new email accounts if(uPermLevel>6) printf(LANG_NBB_NEW); //Allow admin or root users to modify any email account OR //Allow any authorized end user (customer==7) to modify her account OR //Allow reseller=8 to modify his or his customers email accounts if( (uPermLevel>9) || (uPermLevel>=7 && uOwner==uLoginClient) || (uPermLevel==8 && uReseller==uLoginClient) || (uPermLevel==5 && !strcmp(cLogin,cUser)) ) printf(LANG_NBB_MODIFY); //Allow reseller,admin or root to delete their own owned accounts only OR //Allow admin and above to delete any email account except those created by root OR //Allow reseller to delete his customers email accounts. if( (uPermLevel>=7 && uOwner==uLoginClient) || (uPermLevel>9 && uOwner!=1) || (uPermLevel==8 && uReseller==uLoginClient) ) printf(LANG_NBB_DELETE); if(uPermLevel>5) { printf(LANG_NBB_LIST); printf(LANG_NBB_SKIPNEXT); printf(LANG_NBB_SKIPLAST); } }//void ExttUserNavBar(void) void tUserAliasList(void) { MYSQL_RES *res; MYSQL_ROW field; if(!cLogin[0] || !uServer) return; sprintf(query,"SELECT uAlias,cTargetEmail FROM tAlias WHERE cUser='%s' AND uServer=%u",cLogin,uServer); mysql_query(&mysql,query); if(mysql_errno(&mysql)) { printf("%s",mysql_error(&mysql)); return; } res=mysql_store_result(&mysql); if((field=mysql_fetch_row(res))) { if(mode!=2000) strcpy(cTargetEmail,field[1]); if(mode<2000 && mode!=2001) { printf(""); printf("

tAlias Entry
"); printf("%s
\n",field[0],field[1]); } } mysql_free_result(res); }//void tUserAliasList(void) void tUserVUTList(void) { MYSQL_RES *res; MYSQL_ROW field; if(!cLogin[0] || !uServer) return; sprintf(query,"SELECT tVUT.uVUT,tVUT.cDomain,tVUTEntries.cVirtualEmail,tVUTEntries.cTargetEmail FROM tVUT,tVUTEntries WHERE tVUT.uVUT=tVUTEntries.uVUT AND tVUTEntries.cTargetEmail LIKE '%s@%%' AND tVUT.uServer=%u",cLogin,uServer); mysql_query(&mysql,query); if(mysql_errno(&mysql)) { printf("%s",mysql_error(&mysql)); return; } res=mysql_store_result(&mysql); if(mysql_num_rows(res)) { printf(""); printf("

tVUT Entries
"); while((field=mysql_fetch_row(res))) { printf("%s@%s:%s
\n",field[0],field[2],field[1],field[3]); } } mysql_free_result(res); }//void tUserVUTList(void) void tUserNavList(void) { MYSQL_RES *res; MYSQL_ROW field; if(uPermLevel<10) sprintf(query,"SELECT tUser.uUser\ ,tUser.cLabel\ FROM tUser,tClient\ WHERE tUser.uOwner=tClient.uClient\ AND (tClient.uOwner=%u OR tClient.uClient=%u)", uLoginClient,uLoginClient); else sprintf(query,"SELECT uUser,cLabel FROM tUser"); mysql_query(&mysql,query); if(mysql_errno(&mysql)) { printf("%s",mysql_error(&mysql)); return; } res=mysql_store_result(&mysql); while((field=mysql_fetch_row(res))) { printf("%s
\n",field[0],field[1]); } mysql_free_result(res); }//void tUserNavList(void) /* Current customization: /etc/users must have two tabs per line optional cleartext passwd ex. joe\tpasswd\tencpasswd\n ex2. joe\tpasswd\t\n */ void ImportUsers(void) { FILE *fp; char *cp; time_t clock; if(!(fp=fopen("/etc/users","r"))) tUser("Could not open /etc/users"); Header_ism3("ImportUsers",0); printf("

\n");
	time(&clock);
	while(fgets(query,1024,fp)!=NULL)
	{
		if(query[0]=='#') continue;

		if((cp=strchr(query,'\t')))
		{

			char qstr[512];
			char cUser[64];
			char cPasswd[65];
			char *cp2;
			*cp=0;
			cp++;
			if((cp2=strchr(cp,'\t')))
			{
				char cEnterPasswd[17]={""};

				*cp2=0;
				cp2++;
				sprintf(cUser,"%.63s",query);
				sprintf(cPasswd,"%.64s",cp);
				sprintf(cEnterPasswd,"%.15s",cp2);
				cEnterPasswd[strlen(cEnterPasswd)-1]=0;


sprintf(qstr,"INSERT INTO tUser SET cLogin='%s',cPasswd='%s',cEnterPasswd='%s',uServer=1,uStatus=6,uOwner=%u,uCreatedBy=%u,uCreatedDate=%lu",cUser,cPasswd,cEnterPasswd,uLoginClient,uLoginClient,(long unsigned)clock);

			printf("%s %s/%s\n",cUser,cPasswd,cEnterPasswd);
				
			mysql_query(&mysql,qstr);
			if(mysql_errno(&mysql))
			{
                		printf("%s\n",
								mysql_error(&mysql));
			}
			else
			{
				uUser=mysql_insert_id(&mysql);
				ScheduleJob(uUser,1,"NewUser",cUser);
			}

			}

		}
	}
	printf("
\n"); Footer_ism3(); }//void ImportUsers(void) void CheckActiveUsers(void) { MYSQL_RES *res; MYSQL_ROW field; struct passwd *structPassInfo; unsigned uErrorsOnly=0; Header_ism3("CheckActiveUsers",0); printf("
\n");

	if(cSearch[0] && !strcmp(cSearch,"ERRORS ONLY"))
		uErrorsOnly=1;

	if(cSearch[0] && !uErrorsOnly)
		sprintf(query,"SELECT uUser,cLogin FROM tUser WHERE uStatus=1 AND cLogin LIKE '%s%%' ORDER BY cLogin",cSearch);
	else
		sprintf(query,"SELECT uUser,cLogin FROM tUser WHERE uStatus=1 ORDER BY cLogin");
	mysql_query(&mysql,query);
	if(mysql_errno(&mysql))
	{
		printf("%s\n",mysql_error(&mysql));
		printf("
\n"); Footer_ism3(); } res=mysql_store_result(&mysql); while((field=mysql_fetch_row(res))) { if((structPassInfo=getpwnam(field[1]))) { if(uErrorsOnly && structPassInfo->pw_uid<=SU_BASE_ID) { printf("%s\n",field[0],field[1]); printf("uid=%u, gid=%u\n", structPassInfo->pw_uid, structPassInfo->pw_gid); printf("shell=%s, dir=%s, name=%s\n", structPassInfo->pw_shell, structPassInfo->pw_dir, structPassInfo->pw_gecos); printf("uid<=%u\n",SU_BASE_ID); //This can only work if apache runs as root! // //sprintf(query,"/bin/sh ls /var/mail/%s > /dev/null 2>&1",field[1]); //if(system(query)) // printf("No /var/mail/%s file\n",field[1]); //else // printf("/var/mail/%s file\n",field[1]); printf("\n"); } else if(!uErrorsOnly) { printf("%s\n",field[0],field[1]); printf("uid=%u, gid=%u\n", structPassInfo->pw_uid, structPassInfo->pw_gid); printf("shell=%s, dir=%s, name=%s\n", structPassInfo->pw_shell, structPassInfo->pw_dir, structPassInfo->pw_gecos); if(structPassInfo->pw_uid<=SU_BASE_ID) printf("uid<=%u\n",SU_BASE_ID); printf("\n"); } } else { printf("%s Not in system!\n",field[0],field[1]); } } mysql_free_result(res); printf("\n"); Footer_ism3(); }//void CheckActiveUsers(void) void CheckMaxUsersQuota(unsigned uLoginClient) { MYSQL_RES *res; MYSQL_ROW field; unsigned uMaxUsers=0; unsigned uActualUsers=0; unsigned uOwner=0; //Should work for both resellers and end-users. sprintf(query,"SELECT uMaxUsers,uOwner FROM tClient WHERE uClient=%u",uLoginClient); mysql_query(&mysql,query); if(mysql_errno(&mysql)) tUser(mysql_error(&mysql)); res=mysql_store_result(&mysql); if((field=mysql_fetch_row(res))) { sscanf(field[0],"%u",&uMaxUsers); sscanf(field[1],"%u",&uOwner); } mysql_free_result(res); //Notes //Reseller case or end user case //Reseller owner is mandatory Root uClient==1 if(uOwner==1) sprintf(query,"SELECT COUNT(tUser.uUser) FROM tUser,tClient WHERE tUser.uOwner=tClient.uOwner AND (tUser.uOwner=%u OR tClient.uOwner=%u)",uLoginClient,uLoginClient); //Reseller case sum of all reseller's customers logins else sprintf(query,"SELECT COUNT(uUser) FROM tUser WHERE uOwner=%u", uLoginClient); mysql_query(&mysql,query); if(mysql_errno(&mysql)) tUser(mysql_error(&mysql)); res=mysql_store_result(&mysql); if((field=mysql_fetch_row(res))) sscanf(field[0],"%u",&uActualUsers); mysql_free_result(res); if(uActualUsers>=uMaxUsers) { mode=0; tUser("Sorry your limit for tUser logins has been reached. Contact ISP admin."); } }//void CheckMaxUsersQuota(unsigned uLoginClient) #ifndef DEBUG_REPORT_STATS_OFF int UpdateInfo(void) { register int sd, rc; struct sockaddr_in cliAddr, remoteServAddr; struct hostent *h; time_t luClock=0,luModDate=0; MYSQL_RES *res; MYSQL_ROW field; char cInfo[128]={"Emtpy"}; unsigned uMaxuUser=0; time(&luClock); sprintf(query,"SELECT uModDate FROM tConfiguration WHERE cLabel='UpdateInfo'"); mysql_query(&mysql,query); if(mysql_errno(&mysql)) return(1); res=mysql_store_result(&mysql); if((field=mysql_fetch_row(res))) sscanf(field[0],"%lu",&luModDate); mysql_free_result(res); if(luModDate && ( luClock < (luModDate + 86400) ) ) return(2); sprintf(query,"SELECT MAX(uUser) FROM tUser"); mysql_query(&mysql,query); if(mysql_errno(&mysql)) return(3); res=mysql_store_result(&mysql); if((field=mysql_fetch_row(res))) { if(field[0]!=NULL) sscanf(field[0],"%u",&uMaxuUser); } mysql_free_result(res); sprintf(cInfo,"mysqlSendmail%s %u %u %u",RELEASESHORT,uLoginClient,uPermLevel,uMaxuUser); if(!cInfo[0]) return(4); h=gethostbyname("saturn.openisp.net"); if(h==NULL) return(5); remoteServAddr.sin_family = h->h_addrtype; memcpy((char *) &remoteServAddr.sin_addr.s_addr,h->h_addr_list[0], h->h_length); remoteServAddr.sin_port=htons(53); sd=socket(AF_INET,SOCK_DGRAM,0); if(sd<0) return(6); cliAddr.sin_family = AF_INET; cliAddr.sin_addr.s_addr = htonl(INADDR_ANY); cliAddr.sin_port = htons(0); rc=bind(sd, (struct sockaddr *) &cliAddr, sizeof(cliAddr)); if(rc<0) return(7); rc=sendto(sd,cInfo,strlen(cInfo)+1,0,(struct sockaddr *)&remoteServAddr, sizeof(remoteServAddr)); if(rc<0) return(8); if(luModDate) sprintf(query,"UPDATE tConfiguration SET uModBy=1,uModDate=%lu,cComment='%s' WHERE cLabel='UpdateInfo'",(long unsigned)luClock,cInfo); else sprintf(query,"INSERT INTO tConfiguration SET cLabel='UpdateInfo',cValue='uModDate',cComment='%s',uCreatedBy=1,uCreatedDate=%lu,uModDate=%lu,uModBy=1",cInfo,(long unsigned)luClock,luClock); mysql_query(&mysql,query); if(mysql_errno(&mysql)) { tUser(query); return(9); } return(0); }//int UpdateInfo(void) #endif int htmlStructTemplate(char *cTemplateName,struct t_template *ptrTemplate) { MYSQL_RES *res; MYSQL_ROW field; char query[256]; printf("Content-type: text/html\n\n"); printf("\n\n", cTemplateName); sprintf(query,"SELECT cComment FROM tConfiguration WHERE cLabel='%s'", cTemplateName); mysql_query(&mysql,query); if(mysql_errno(&mysql)) { printf("%s\n",mysql_error(&mysql)); goto outfast; } res=mysql_store_result(&mysql); if((field=mysql_fetch_row(res))) Template(field[0], ptrTemplate, stdout); else printf("Template %s not found. htmlStructTemplate()
\n", cTemplateName); mysql_free_result(res); outfast: printf("\n\n", cTemplateName); return(0); }//int htmlStructTemplate() void Template(char *cTemplate, struct t_template *template, FILE *fp) { register int i,uState=0,j=0; char cVarName[100]={""}; for(i=0;iname[n][0]) { if(!strcmp(template->name[n],cVarName)) { fprintf(fp,"%s",template->value[n]); //uMatch=1; } n++; } /* if(!uMatch) { //As fast as possible if(cVarName[0]=='f') { if(!strcmp("NoFunctionsYet",cVarName)) printf("\n"); } } */ j=0; continue; } if(uState==2) { cVarName[j++]=cTemplate[i]; continue; } fputc((int)cTemplate[i],fp); } }//int Template() void htmlUserTemplatePage(char *cPage, char *cMsg, unsigned uUser, unsigned uServer) { struct t_template template; char cuUser[16]={""}; char cuServer[16]={""}; template.name[0]="cMsg"; template.value[0]=cMsg; template.name[1]="cUser"; template.value[1]=cUser; template.name[2]="uUser"; sprintf(cuUser,"%u",uUser); template.value[2]=cuUser; template.name[3]="uServer"; sprintf(cuServer,"%u",uServer); template.value[3]=cuServer; template.name[4]=""; htmlStructTemplate(cPage,&template); }//void htmlTemplatePage(char *cPage) void tUserChangePasswd(char *cMsg) { unsigned uUser=0,uServer=0; GetuUseruServer(cUser,&uUser,&uServer); htmlUserTemplatePage("cChangeMailPasswdForm",cMsg,uUser,uServer); exit(0); }//void tUserChangePasswd(char *cMsg) void tUserChangedPasswdOk(char *cMsg) { unsigned uUser=0,uServer=0; GetuUseruServer(cUser,&uUser,&uServer); htmlUserTemplatePage("cChangeMailPasswdOk",cMsg,uUser,uServer); exit(0); }//void tUserChangedPasswdOk(char *cMsg) void tUserChangePasswdLogin(char *cMsg) { htmlUserTemplatePage("cChangeMailLoginForm",cMsg,0,0); exit(0); }//void tUserChangePasswdLogin(char *cMsg) void GetuUseruServer(char *cUser,unsigned *uUser,unsigned *uServer) { MYSQL_RES *res; MYSQL_ROW field; sprintf(query,"SELECT uUser,uServer FROM tUser WHERE cLogin='%s'",cUser); mysql_query(&mysql,query); if(mysql_errno(&mysql)) mysqlSendmail(mysql_error(&mysql)); res=mysql_store_result(&mysql); if(mysql_num_rows(res)) { field=mysql_fetch_row(res); sscanf(field[0],"%u",uUser); sscanf(field[1],"%u",uServer); } mysql_free_result(res); }//void GetuUseruServer(char *cUser,unsigned *uUser,unsigned *uServer) // vim:tw=78 //sedall patch1 //sedall patch2