/[LeafOK_CVS]/lbbs/src/login.c
ViewVC logotype

Annotation of /lbbs/src/login.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1.76 - (hide annotations)
Sun Dec 21 12:45:47 2025 UTC (2 months, 3 weeks ago) by sysadm
Branch: MAIN
Changes since 1.75: +12 -7 lines
Content type: text/x-csrc 
Fix bug: checklevel2() should be called after load_user_info()
User with special privilege is not allowed to re-confirm EULA in plain telnet mode.
1 sysadm 1.65 /* SPDX-License-Identifier: GPL-3.0-or-later */
2     /*
3     * login
4     * - user authentication and online status manager
5     *
6 sysadm 1.66 * Copyright (C) 2004-2025 Leaflet <leaflet@leafok.com>
7 sysadm 1.65 */
8 sysadm 1.1
9 sysadm 1.68 #ifdef HAVE_CONFIG_H
10     #include "config.h"
11     #endif
12    
13 sysadm 1.1 #include "bbs.h"
14     #include "common.h"
15 sysadm 1.48 #include "database.h"
16     #include "io.h"
17 sysadm 1.50 #include "ip_mask.h"
18 sysadm 1.14 #include "log.h"
19 sysadm 1.48 #include "login.h"
20 sysadm 1.14 #include "screen.h"
21 sysadm 1.48 #include "user_priv.h"
22     #include <ctype.h>
23 sysadm 1.34 #include <errno.h>
24 sysadm 1.48 #include <stdlib.h>
25 sysadm 1.14 #include <string.h>
26 sysadm 1.3 #include <regex.h>
27 sysadm 1.14 #include <unistd.h>
28 sysadm 1.69 #include <mysql.h>
29 sysadm 1.56 #include <sys/param.h>
30 sysadm 1.1
31 sysadm 1.64 static const int BBS_username_min_len = 3; // common len = 5, special len = 3
32     static const int BBS_password_min_len = 5; // legacy len = 5, current len = 6
33    
34 sysadm 1.67 static const int BBS_allowed_login_failures_within_interval = 10;
35     static const int BBS_login_failures_count_interval = 10; // minutes
36     static const int BBS_allowed_login_failures_per_account = 3;
37    
38     const int BBS_login_retry_times = 3;
39    
40 sysadm 1.41 int bbs_login(void)
41 sysadm 1.1 {
42 sysadm 1.15 char username[BBS_username_max_len + 1];
43     char password[BBS_password_max_len + 1];
44 sysadm 1.37 int i = 0;
45 sysadm 1.16 int ok = 0;
46 sysadm 1.74 int ret;
47 sysadm 1.2
48 sysadm 1.37 for (; !SYS_server_exit && !ok && i < BBS_login_retry_times; i++)
49 sysadm 1.11 {
50 sysadm 1.49 prints("\033[1;33m请输入帐号\033[m(试用请输入`\033[1;36mguest\033[m', "
51     "注册请输入`\033[1;31mnew\033[m'): ");
52 sysadm 1.11 iflush();
53    
54 sysadm 1.24 if (str_input(username, sizeof(username), DOECHO) < 0)
55     {
56     continue;
57     }
58 sysadm 1.11
59     if (strcmp(username, "guest") == 0)
60     {
61 sysadm 1.41 load_guest_info();
62 sysadm 1.14
63 sysadm 1.11 return 0;
64     }
65    
66     if (strcmp(username, "new") == 0)
67     {
68 sysadm 1.42 display_file(DATA_REGISTER, 1);
69 sysadm 1.30
70 sysadm 1.51 return -1;
71 sysadm 1.11 }
72    
73 sysadm 1.17 if (username[0] != '\0')
74 sysadm 1.11 {
75 sysadm 1.49 prints("\033[1;37m请输入密码\033[m: ");
76 sysadm 1.11 iflush();
77    
78 sysadm 1.24 if (str_input(password, sizeof(password), NOECHO) < 0)
79     {
80     continue;
81     }
82 sysadm 1.11
83 sysadm 1.74 ret = check_user(username, password);
84     if (ret == 2) // Enforce update user agreement
85     {
86     BBS_update_eula = 1;
87     ret = 0;
88     }
89    
90     ok = (ret == 0);
91 sysadm 1.31 iflush();
92 sysadm 1.11 }
93 sysadm 1.24 }
94    
95     if (!ok)
96     {
97 sysadm 1.42 display_file(DATA_LOGIN_ERROR, 1);
98 sysadm 1.24 return -1;
99 sysadm 1.11 }
100 sysadm 1.2
101 sysadm 1.11 return 0;
102     }
103 sysadm 1.2
104 sysadm 1.41 int check_user(const char *username, const char *password)
105 sysadm 1.11 {
106 sysadm 1.44 MYSQL *db = NULL;
107     MYSQL_RES *rs = NULL;
108 sysadm 1.11 MYSQL_ROW row;
109 sysadm 1.15 char sql[SQL_BUFFER_LEN];
110 sysadm 1.44 int ret = 0;
111 sysadm 1.40 int BBS_uid = 0;
112 sysadm 1.22 char client_addr[IP_ADDR_LEN];
113 sysadm 1.27 int i;
114     int ok = 1;
115 sysadm 1.34 char user_tz_env[BBS_user_tz_max_len + 2];
116 sysadm 1.11
117 sysadm 1.41 db = db_open();
118     if (db == NULL)
119     {
120 sysadm 1.44 ret = -1;
121     goto cleanup;
122 sysadm 1.41 }
123    
124 sysadm 1.11 // Verify format
125 sysadm 1.27 for (i = 0; ok && username[i] != '\0'; i++)
126     {
127 sysadm 1.70 if (!(isalpha((int)username[i]) || (i > 0 && (isdigit((int)username[i]) || username[i] == '_'))))
128 sysadm 1.27 {
129     ok = 0;
130     }
131     }
132 sysadm 1.64 if (ok && (i < BBS_username_min_len || i > BBS_username_max_len))
133 sysadm 1.27 {
134     ok = 0;
135     }
136     for (i = 0; ok && password[i] != '\0'; i++)
137     {
138 sysadm 1.70 if (!isalnum((int)password[i]))
139 sysadm 1.27 {
140     ok = 0;
141     }
142     }
143 sysadm 1.64 if (ok && (i < BBS_password_min_len || i > BBS_password_max_len))
144 sysadm 1.27 {
145     ok = 0;
146     }
147    
148     if (!ok)
149 sysadm 1.5 {
150 sysadm 1.49 prints("\033[1;31m用户名或密码格式错误...\033[m\r\n");
151 sysadm 1.44 ret = 1;
152     goto cleanup;
153 sysadm 1.5 }
154    
155 sysadm 1.13 // Begin transaction
156     if (mysql_query(db, "SET autocommit=0") != 0)
157     {
158 sysadm 1.75 log_error("SET autocommit=0 error: %s", mysql_error(db));
159 sysadm 1.44 ret = -1;
160     goto cleanup;
161 sysadm 1.13 }
162    
163     if (mysql_query(db, "BEGIN") != 0)
164     {
165 sysadm 1.75 log_error("Begin transaction error: %s", mysql_error(db));
166 sysadm 1.44 ret = -1;
167     goto cleanup;
168 sysadm 1.13 }
169    
170 sysadm 1.22 // Failed login attempts from the same source (subnet /24) during certain time period
171     strncpy(client_addr, hostaddr_client, sizeof(client_addr) - 1);
172     client_addr[sizeof(client_addr) - 1] = '\0';
173    
174     snprintf(sql, sizeof(sql),
175     "SELECT COUNT(*) AS err_count FROM user_err_login_log "
176 sysadm 1.44 "WHERE login_dt >= SUBDATE(NOW(), INTERVAL %d MINUTE) "
177 sysadm 1.22 "AND login_ip LIKE '%s'",
178 sysadm 1.44 BBS_login_failures_count_interval,
179 sysadm 1.22 ip_mask(client_addr, 1, '%'));
180     if (mysql_query(db, sql) != 0)
181     {
182 sysadm 1.75 log_error("Query user_list error: %s", mysql_error(db));
183 sysadm 1.44 ret = -1;
184     goto cleanup;
185 sysadm 1.22 }
186     if ((rs = mysql_store_result(db)) == NULL)
187     {
188 sysadm 1.75 log_error("Get user_list data failed");
189 sysadm 1.44 ret = -1;
190     goto cleanup;
191 sysadm 1.22 }
192     if ((row = mysql_fetch_row(rs)))
193     {
194 sysadm 1.52 if (atoi(row[0]) >= BBS_allowed_login_failures_within_interval)
195 sysadm 1.22 {
196 sysadm 1.52 prints("\033[1;31m来源存在多次失败登陆尝试,请稍后再试,或使用Web方式访问\033[m\r\n");
197 sysadm 1.44 ret = 1;
198     goto cleanup;
199 sysadm 1.22 }
200     }
201     mysql_free_result(rs);
202 sysadm 1.44 rs = NULL;
203 sysadm 1.22
204 sysadm 1.52 // Failed login attempts against the current username since last successful login
205 sysadm 1.22 snprintf(sql, sizeof(sql),
206     "SELECT COUNT(*) AS err_count FROM user_err_login_log "
207 sysadm 1.52 "LEFT JOIN user_list ON user_err_login_log.username = user_list.username "
208     "LEFT JOIN user_pubinfo ON user_list.UID = user_pubinfo.UID "
209     "WHERE user_err_login_log.username = '%s' "
210     "AND (user_err_login_log.login_dt >= user_pubinfo.last_login_dt "
211     "OR user_pubinfo.last_login_dt IS NULL)",
212 sysadm 1.22 username);
213     if (mysql_query(db, sql) != 0)
214     {
215 sysadm 1.75 log_error("Query user_list error: %s", mysql_error(db));
216 sysadm 1.44 ret = -1;
217     goto cleanup;
218 sysadm 1.22 }
219     if ((rs = mysql_store_result(db)) == NULL)
220     {
221 sysadm 1.75 log_error("Get user_list data failed");
222 sysadm 1.44 ret = -1;
223     goto cleanup;
224 sysadm 1.22 }
225     if ((row = mysql_fetch_row(rs)))
226     {
227 sysadm 1.53 if (atoi(row[0]) >= BBS_allowed_login_failures_per_account)
228 sysadm 1.22 {
229 sysadm 1.52 prints("\033[1;31m账户存在多次失败登陆尝试,请使用Web方式登录解锁\033[m\r\n");
230 sysadm 1.44 ret = 1;
231     goto cleanup;
232 sysadm 1.22 }
233     }
234     mysql_free_result(rs);
235 sysadm 1.44 rs = NULL;
236 sysadm 1.22
237 sysadm 1.18 snprintf(sql, sizeof(sql),
238 sysadm 1.22 "SELECT UID, username, p_login FROM user_list "
239     "WHERE username = '%s' AND password = SHA2('%s', 256) AND enable",
240     username, password);
241 sysadm 1.11 if (mysql_query(db, sql) != 0)
242     {
243 sysadm 1.75 log_error("Query user_list error: %s", mysql_error(db));
244 sysadm 1.44 ret = -1;
245     goto cleanup;
246 sysadm 1.11 }
247     if ((rs = mysql_store_result(db)) == NULL)
248 sysadm 1.2 {
249 sysadm 1.75 log_error("Get user_list data failed");
250 sysadm 1.44 ret = -1;
251     goto cleanup;
252 sysadm 1.11 }
253 sysadm 1.15 if ((row = mysql_fetch_row(rs)))
254 sysadm 1.11 {
255 sysadm 1.40 BBS_uid = atoi(row[0]);
256 sysadm 1.17 strncpy(BBS_username, row[1], sizeof(BBS_username) - 1);
257     BBS_username[sizeof(BBS_username) - 1] = '\0';
258 sysadm 1.13 int p_login = atoi(row[2]);
259    
260     mysql_free_result(rs);
261 sysadm 1.44 rs = NULL;
262 sysadm 1.13
263     // Add user login log
264 sysadm 1.18 snprintf(sql, sizeof(sql),
265 sysadm 1.22 "INSERT INTO user_login_log(UID, login_dt, login_ip) "
266 sysadm 1.40 "VALUES(%d, NOW(), '%s')",
267 sysadm 1.22 BBS_uid, hostaddr_client);
268 sysadm 1.13 if (mysql_query(db, sql) != 0)
269     {
270 sysadm 1.75 log_error("Insert into user_login_log error: %s", mysql_error(db));
271 sysadm 1.44 ret = -1;
272     goto cleanup;
273 sysadm 1.13 }
274    
275     // Commit transaction
276     if (mysql_query(db, "COMMIT") != 0)
277     {
278 sysadm 1.75 log_error("Commit transaction error: %s", mysql_error(db));
279 sysadm 1.44 ret = -1;
280     goto cleanup;
281 sysadm 1.13 }
282    
283     if (p_login == 0)
284 sysadm 1.11 {
285 sysadm 1.49 prints("\033[1;31m您目前无权登陆...\033[m\r\n");
286 sysadm 1.44 ret = 1;
287     goto cleanup;
288 sysadm 1.11 }
289     }
290     else
291     {
292     mysql_free_result(rs);
293 sysadm 1.44 rs = NULL;
294 sysadm 1.2
295 sysadm 1.18 snprintf(sql, sizeof(sql),
296 sysadm 1.22 "INSERT INTO user_err_login_log(username, password, login_dt, login_ip) "
297     "VALUES('%s', '%s', NOW(), '%s')",
298     username, password, hostaddr_client);
299 sysadm 1.11 if (mysql_query(db, sql) != 0)
300     {
301 sysadm 1.75 log_error("Insert into user_err_login_log error: %s", mysql_error(db));
302 sysadm 1.44 ret = -1;
303     goto cleanup;
304 sysadm 1.11 }
305    
306 sysadm 1.13 // Commit transaction
307     if (mysql_query(db, "COMMIT") != 0)
308     {
309 sysadm 1.75 log_error("Commit transaction error: %s", mysql_error(db));
310 sysadm 1.44 ret = -1;
311     goto cleanup;
312 sysadm 1.13 }
313    
314 sysadm 1.49 prints("\033[1;31m错误的用户名或密码...\033[m\r\n");
315 sysadm 1.44 ret = 1;
316     goto cleanup;
317 sysadm 1.11 }
318 sysadm 1.13
319     // Set AUTOCOMMIT = 1
320     if (mysql_query(db, "SET autocommit=1") != 0)
321     {
322 sysadm 1.75 log_error("SET autocommit=1 error: %s", mysql_error(db));
323 sysadm 1.44 ret = -1;
324     goto cleanup;
325 sysadm 1.13 }
326 sysadm 1.2
327 sysadm 1.11 ret = load_user_info(db, BBS_uid);
328    
329     switch (ret)
330 sysadm 1.2 {
331 sysadm 1.11 case 0: // Login successfully
332 sysadm 1.76 if (!SSH_v2 && checklevel2(&BBS_priv, P_MAN_S))
333     {
334     prints("\033[1;31m非普通账户必须使用SSH方式登录\033[m\r\n");
335     ret = 1;
336     goto cleanup;
337     }
338 sysadm 1.11 break;
339     case -1: // Load data error
340 sysadm 1.49 prints("\033[1;31m读取用户数据错误...\033[m\r\n");
341 sysadm 1.44 ret = -1;
342     goto cleanup;
343 sysadm 1.74 case -2: // Enforce update user agreement
344 sysadm 1.76 if (!SSH_v2 && checklevel2(&BBS_priv, P_MAN_S))
345     {
346     prints("\033[1;31m非普通账户必须使用SSH方式登录\033[m\r\n");
347     ret = 1;
348     goto cleanup;
349     }
350 sysadm 1.74 ret = 2;
351 sysadm 1.44 goto cleanup;
352 sysadm 1.11 case -3: // Dead
353 sysadm 1.49 prints("\033[1;31m很遗憾,您已经永远离开了我们的世界!\033[m\r\n");
354 sysadm 1.44 ret = 1;
355     goto cleanup;
356 sysadm 1.11 default:
357 sysadm 1.44 ret = -2;
358     goto cleanup;
359 sysadm 1.2 }
360    
361 sysadm 1.18 snprintf(sql, sizeof(sql),
362 sysadm 1.22 "UPDATE user_pubinfo SET visit_count = visit_count + 1, "
363 sysadm 1.40 "last_login_dt = NOW() WHERE UID = %d",
364 sysadm 1.22 BBS_uid);
365 sysadm 1.13 if (mysql_query(db, sql) != 0)
366     {
367 sysadm 1.75 log_error("Update user_pubinfo error: %s", mysql_error(db));
368 sysadm 1.44 ret = -1;
369     goto cleanup;
370 sysadm 1.13 }
371    
372 sysadm 1.15 if (user_online_add(db) != 0)
373     {
374 sysadm 1.44 ret = -1;
375     goto cleanup;
376 sysadm 1.15 }
377    
378 sysadm 1.45 BBS_last_access_tm = BBS_login_tm = time(NULL);
379 sysadm 1.13
380 sysadm 1.34 // Set user tz to process env
381     if (BBS_user_tz[0] != '\0')
382     {
383     user_tz_env[0] = ':';
384     strncpy(user_tz_env + 1, BBS_user_tz, sizeof(user_tz_env) - 2);
385     user_tz_env[sizeof(user_tz_env) - 1] = '\0';
386    
387     if (setenv("TZ", user_tz_env, 1) == -1)
388     {
389 sysadm 1.75 log_error("setenv(TZ = %s) error %d", user_tz_env, errno);
390 sysadm 1.34 return -3;
391     }
392    
393     tzset();
394     }
395    
396 sysadm 1.44 cleanup:
397     mysql_free_result(rs);
398 sysadm 1.41 mysql_close(db);
399    
400 sysadm 1.44 return ret;
401 sysadm 1.1 }
402 sysadm 1.2
403 sysadm 1.40 int load_user_info(MYSQL *db, int BBS_uid)
404 sysadm 1.3 {
405 sysadm 1.44 MYSQL_RES *rs = NULL;
406 sysadm 1.11 MYSQL_ROW row;
407 sysadm 1.15 char sql[SQL_BUFFER_LEN];
408 sysadm 1.11 int life;
409     time_t last_login_dt;
410 sysadm 1.44 int ret = 0;
411 sysadm 1.11
412 sysadm 1.18 snprintf(sql, sizeof(sql),
413 sysadm 1.43 "SELECT life, UNIX_TIMESTAMP(last_login_dt), user_timezone, exp, nickname "
414 sysadm 1.40 "FROM user_pubinfo WHERE UID = %d",
415 sysadm 1.22 BBS_uid);
416 sysadm 1.11 if (mysql_query(db, sql) != 0)
417     {
418 sysadm 1.75 log_error("Query user_pubinfo error: %s", mysql_error(db));
419 sysadm 1.44 ret = -1;
420     goto cleanup;
421 sysadm 1.11 }
422     if ((rs = mysql_store_result(db)) == NULL)
423     {
424 sysadm 1.75 log_error("Get user_pubinfo data failed");
425 sysadm 1.44 ret = -1;
426     goto cleanup;
427 sysadm 1.11 }
428 sysadm 1.15 if ((row = mysql_fetch_row(rs)))
429 sysadm 1.11 {
430     life = atoi(row[0]);
431     last_login_dt = (time_t)atol(row[1]);
432 sysadm 1.34
433     strncpy(BBS_user_tz, row[2], sizeof(BBS_user_tz) - 1);
434     BBS_user_tz[sizeof(BBS_user_tz) - 1] = '\0';
435 sysadm 1.43
436     BBS_user_exp = atoi(row[3]);
437    
438     strncpy(BBS_nickname, row[4], sizeof(BBS_nickname));
439     BBS_nickname[sizeof(BBS_nickname) - 1] = '\0';
440 sysadm 1.11 }
441     else
442     {
443 sysadm 1.44 ret = -1; // Data not found
444     goto cleanup;
445 sysadm 1.11 }
446     mysql_free_result(rs);
447 sysadm 1.44 rs = NULL;
448 sysadm 1.3
449 sysadm 1.13 if (life != 333 && life != 365 && life != 666 && life != 999 && // Not immortal
450 sysadm 1.45 time(NULL) - last_login_dt > 60 * 60 * 24 * life)
451 sysadm 1.11 {
452 sysadm 1.44 ret = -3; // Dead
453     goto cleanup;
454 sysadm 1.11 }
455 sysadm 1.5
456 sysadm 1.15 if (load_priv(db, &BBS_priv, BBS_uid) != 0)
457     {
458 sysadm 1.74 ret = -1; // Data not found
459 sysadm 1.44 goto cleanup;
460 sysadm 1.15 }
461 sysadm 1.11
462 sysadm 1.73 if (last_login_dt < BBS_eula_tm)
463     {
464     ret = -2; // require update agreement first
465     goto cleanup;
466     }
467    
468 sysadm 1.44 cleanup:
469     mysql_free_result(rs);
470    
471     return ret;
472 sysadm 1.2 }
473 sysadm 1.5
474 sysadm 1.41 int load_guest_info(void)
475 sysadm 1.5 {
476 sysadm 1.44 MYSQL *db = NULL;
477     int ret = 0;
478 sysadm 1.41
479     db = db_open();
480     if (db == NULL)
481     {
482 sysadm 1.44 ret = -1;
483     goto cleanup;
484 sysadm 1.41 }
485    
486 sysadm 1.17 strncpy(BBS_username, "guest", sizeof(BBS_username) - 1);
487     BBS_username[sizeof(BBS_username) - 1] = '\0';
488 sysadm 1.5
489 sysadm 1.43 BBS_user_exp = 0;
490    
491     strncpy(BBS_nickname, "Guest", sizeof(BBS_nickname));
492     BBS_nickname[sizeof(BBS_nickname) - 1] = '\0';
493    
494 sysadm 1.15 if (load_priv(db, &BBS_priv, 0) != 0)
495     {
496 sysadm 1.44 ret = -1;
497     goto cleanup;
498 sysadm 1.15 }
499 sysadm 1.6
500 sysadm 1.15 if (user_online_add(db) != 0)
501     {
502 sysadm 1.44 ret = -1;
503     goto cleanup;
504 sysadm 1.15 }
505 sysadm 1.5
506 sysadm 1.45 BBS_last_access_tm = BBS_login_tm = time(NULL);
507 sysadm 1.5
508 sysadm 1.44 cleanup:
509 sysadm 1.41 mysql_close(db);
510 sysadm 1.44
511     return ret;
512 sysadm 1.5 }
513 sysadm 1.15
514     int user_online_add(MYSQL *db)
515     {
516     char sql[SQL_BUFFER_LEN];
517    
518 sysadm 1.60 snprintf(sql, sizeof(sql),
519     "INSERT INTO visit_log(dt, IP) VALUES(NOW(), '%s')",
520     hostaddr_client);
521     if (mysql_query(db, sql) != 0)
522     {
523 sysadm 1.75 log_error("Add visit log error: %s", mysql_error(db));
524 sysadm 1.60 return -1;
525     }
526    
527 sysadm 1.15 if (user_online_del(db) != 0)
528     {
529 sysadm 1.60 return -2;
530 sysadm 1.15 }
531    
532 sysadm 1.18 snprintf(sql, sizeof(sql),
533 sysadm 1.61 "INSERT INTO user_online(SID, UID, ip, current_action, login_tm, last_tm) "
534     "VALUES('Telnet_Process_%d', %d, '%s', 'LOGIN', NOW(), NOW())",
535 sysadm 1.22 getpid(), BBS_priv.uid, hostaddr_client);
536 sysadm 1.15 if (mysql_query(db, sql) != 0)
537     {
538 sysadm 1.75 log_error("Add user_online error: %s", mysql_error(db));
539 sysadm 1.60 return -3;
540 sysadm 1.15 }
541    
542     return 0;
543     }
544    
545     int user_online_del(MYSQL *db)
546     {
547     char sql[SQL_BUFFER_LEN];
548    
549 sysadm 1.57 snprintf(sql, sizeof(sql),
550     "DELETE FROM user_online WHERE SID = 'Telnet_Process_%d'",
551     getpid());
552     if (mysql_query(db, sql) != 0)
553     {
554 sysadm 1.75 log_error("Delete user_online error: %s", mysql_error(db));
555 sysadm 1.57 return -1;
556     }
557    
558     return 0;
559     }
560    
561     int user_online_exp(MYSQL *db)
562     {
563     char sql[SQL_BUFFER_LEN];
564    
565 sysadm 1.56 // +1 exp for every 5 minutes online since last logout
566     // but at most 24 hours worth of exp can be gained in Telnet session
567     snprintf(sql, sizeof(sql),
568 sysadm 1.60 "UPDATE user_pubinfo SET exp = exp + FLOOR(LEAST(TIMESTAMPDIFF("
569     "SECOND, GREATEST(last_login_dt, IF(last_logout_dt IS NULL, last_login_dt, last_logout_dt)), NOW()"
570     ") / 60 / 5, 12 * 24)), last_logout_dt = NOW() "
571     "WHERE UID = %d",
572     BBS_priv.uid);
573 sysadm 1.56 if (mysql_query(db, sql) != 0)
574     {
575 sysadm 1.75 log_error("Update user_pubinfo error: %s", mysql_error(db));
576 sysadm 1.56 return -1;
577     }
578 sysadm 1.15
579     return 0;
580     }
581 sysadm 1.47
582     int user_online_update(const char *action)
583     {
584     MYSQL *db = NULL;
585     char sql[SQL_BUFFER_LEN];
586    
587 sysadm 1.55 if ((action == NULL || strcmp(BBS_current_action, action) == 0) &&
588 sysadm 1.54 time(NULL) - BBS_current_action_tm < BBS_current_action_refresh_interval) // No change
589 sysadm 1.47 {
590     return 0;
591     }
592    
593 sysadm 1.55 if (action != NULL)
594     {
595     strncpy(BBS_current_action, action, sizeof(BBS_current_action) - 1);
596     BBS_current_action[sizeof(BBS_current_action) - 1] = '\0';
597     }
598    
599 sysadm 1.54 BBS_current_action_tm = time(NULL);
600 sysadm 1.47
601     db = db_open();
602     if (db == NULL)
603     {
604 sysadm 1.75 log_error("db_open() error: %s", mysql_error(db));
605 sysadm 1.47 return -1;
606     }
607    
608     snprintf(sql, sizeof(sql),
609 sysadm 1.62 "UPDATE user_online SET current_action = '%s', last_tm = NOW() "
610 sysadm 1.47 "WHERE SID = 'Telnet_Process_%d'",
611     BBS_current_action, getpid());
612     if (mysql_query(db, sql) != 0)
613     {
614 sysadm 1.75 log_error("Update user_online error: %s", mysql_error(db));
615 sysadm 1.47 return -2;
616     }
617    
618     mysql_close(db);
619    
620     return 1;
621     }
622 sysadm 1.74
623     int user_update_agreement(void)
624     {
625     MYSQL *db = NULL;
626     char sql[SQL_BUFFER_LEN];
627     int ch;
628     int ret = 0;
629    
630     clearscr();
631     moveto(2, 1);
632     prints("尊敬的用户:");
633     moveto(3, 1);
634     prints(" 本站的《用户许可协议》已更新,您必须在仔细阅读并接受后,才能继续使用本站提供的服务。");
635     press_any_key();
636    
637     clearscr();
638     display_file(DATA_EULA, 1);
639    
640     while (!SYS_server_exit)
641     {
642     clearscr();
643     moveto(2, 1);
644    
645     ch = press_any_key_ex("您是否接受本站的《用户许可协议》? (A)接受, (D)拒绝, (R)再看看协议 [D]", 60);
646     switch (toupper(ch))
647     {
648     case KEY_NULL:
649     return -1;
650     case KEY_TIMEOUT:
651     case CR:
652     case 'D':
653     moveto(3, 1);
654     prints("您已拒绝《用户许可协议》,再见!");
655     press_any_key();
656     return 0;
657     case 'R':
658     clearscr();
659     display_file(DATA_EULA, 1);
660     continue;
661     case 'A':
662     db = db_open();
663     if (db == NULL)
664     {
665     ret = -1;
666     goto cleanup;
667     }
668    
669     snprintf(sql, sizeof(sql),
670     "UPDATE user_pubinfo SET visit_count = visit_count + 1, "
671     "last_login_dt = NOW() WHERE UID = %d",
672     BBS_priv.uid);
673     if (mysql_query(db, sql) != 0)
674     {
675 sysadm 1.75 log_error("Update user_pubinfo error: %s", mysql_error(db));
676 sysadm 1.74 ret = -1;
677     goto cleanup;
678     }
679    
680     mysql_close(db);
681     db = NULL;
682    
683     moveto(3, 1);
684     prints("您已接受《用户许可协议》,请重新登陆。");
685     press_any_key();
686     return 1;
687     default:
688     continue;
689     }
690    
691     break;
692     }
693    
694     cleanup:
695     mysql_close(db);
696    
697     return ret;
698     }
webmaster@leafok.com
 ViewVC Help
Powered by ViewVC 1.3.0-beta1