lbbs/src/user_priv.c

/***************************************************************************
                                                  user_priv.c  -  description
                                                         -------------------
        begin                : Mon Oct 22 2004
        copyright            : (C) 2004 by Leaflet
        email                : leaflet@leafok.com
 ***************************************************************************/

/***************************************************************************
 *                                                                         *
 *   This program is free software; you can redistribute it and/or modify  *
 *   it under the terms of the GNU General Public License as published by  *
 *   the Free Software Foundation; either version 2 of the License, or     *
 *   (at your option) any later version.                                   *
 *                                                                         *
 ***************************************************************************/

#include "user_priv.h"
#include "bbs.h"
#include "common.h"
#include "database.h"
#include "log.h"
#include <stdio.h>
#include <mysql.h>

BBS_user_priv BBS_priv;

int checklevel(BBS_user_priv *p_priv, int level)
{
        if (level == P_GUEST)
        {
                return 1;
        }

        return ((p_priv->level & level) ? 1 : 0);
}

int setpriv(BBS_user_priv *p_priv, int sid, int priv)
{
        int i;
        if (sid > 0)
        {
                for (i = 0; i < p_priv->s_count; i++)
                {
                        if (p_priv->s_priv_list[i].sid == sid)
                        {
                                p_priv->s_priv_list[i].s_priv = priv;
                                return 0;
                        }
                }
                if (i < BBS_max_section)
                {
                        p_priv->s_priv_list[i].s_priv = priv;
                }
                else
                {
                        return -1;
                }
        }
        else
        {
                p_priv->g_priv = priv;
        }

        return 0;
}

int getpriv(BBS_user_priv *p_priv, int sid)
{
        int i;
        for (i = 0; i < p_priv->s_count; i++)
        {
                if (p_priv->s_priv_list[i].sid == sid)
                        return p_priv->s_priv_list[i].s_priv;
        }

        return (sid >= 0 ? p_priv->g_priv : S_NONE);
}

int checkpriv(BBS_user_priv *p_priv, int sid, int priv)
{
        return (((getpriv(p_priv, sid) & priv)) == priv ? 1 : 0);
}

int load_priv(MYSQL *db, BBS_user_priv *p_priv, long int uid)
{
        MYSQL_RES *rs;
        MYSQL_ROW row;
        char sql[SQL_BUFFER_LEN];

        p_priv->uid = uid;
        p_priv->level = (uid == 0 ? P_GUEST : P_USER);
        p_priv->g_priv = S_DEFAULT;

        if (db == NULL)
                return 1;

        // Permission
        snprintf(sql, sizeof(sql), "SELECT p_post, p_msg FROM user_list WHERE UID = %ld AND verified",
                        uid);
        if (mysql_query(db, sql) != 0)
        {
                log_error("Query user_list failed\n");
                return -1;
        }
        if ((rs = mysql_store_result(db)) == NULL)
        {
                log_error("Get user_list data failed\n");
                return -1;
        }
        if ((row = mysql_fetch_row(rs)))
        {
                p_priv->g_priv |= (atoi(row[0]) ? S_POST : 0);
                p_priv->g_priv |= (atoi(row[1]) ? S_MSG : 0);
        }
        mysql_free_result(rs);

        // Admin
        snprintf(sql, sizeof(sql), "SELECT major FROM admin_config WHERE UID = %ld "
                                 "AND enable AND (NOW() BETWEEN begin_dt AND end_dt)",
                        uid);
        if (mysql_query(db, sql) != 0)
        {
                log_error("Query admin_config failed\n");
                return -1;
        }
        if ((rs = mysql_store_result(db)) == NULL)
        {
                log_error("Get admin_config data failed\n");
                return -1;
        }
        if ((row = mysql_fetch_row(rs)))
        {
                p_priv->level |= (atoi(row[0]) ? P_ADMIN_M : P_ADMIN_S);
                p_priv->g_priv |= (atoi(row[0]) ? S_ALL : S_ADMIN);
        }
        mysql_free_result(rs);

        // Section Master
        snprintf(sql, sizeof(sql), "SELECT section_master.SID, major FROM section_master "
                                 "INNER JOIN section_config ON section_master.SID = section_config.SID "
                                 "WHERE UID = %ld AND section_master.enable AND section_config.enable "
                                 "AND (NOW() BETWEEN begin_dt AND end_dt)",
                        uid);
        if (mysql_query(db, sql) != 0)
        {
                log_error("Query section_master failed\n");
                return -1;
        }
        if ((rs = mysql_store_result(db)) == NULL)
        {
                log_error("Get section_master data failed\n");
                return -1;
        }
        while ((row = mysql_fetch_row(rs)))
        {
                p_priv->level |= (atoi(row[1]) ? P_MAN_M : P_MAN_S);
                setpriv(p_priv, atoi(row[0]), getpriv(p_priv, atoi(row[0])) | (atoi(row[1]) ? S_MAN_M : S_MAN_S));
        }
        mysql_free_result(rs);

        // Section status
        snprintf(sql, sizeof(sql), "SELECT SID, exp_get, read_user_level, write_user_level FROM section_config "
                                 "INNER JOIN section_class ON section_config.CID = section_class.CID "
                                 "WHERE section_config.enable AND section_class.enable "
                                 "ORDER BY SID");
        if (mysql_query(db, sql) != 0)
        {
                log_error("Query section_config failed\n");
                return -1;
        }
        if ((rs = mysql_store_result(db)) == NULL)
        {
                log_error("Get section_config data failed\n");
                return -1;
        }
        while ((row = mysql_fetch_row(rs)))
        {
                int priv = getpriv(p_priv, atoi(row[0]));
                if (p_priv->level < atoi(row[2]))
                {
                        priv &= (~S_LIST);
                }
                if (p_priv->level < atoi(row[3]))
                {
                        priv &= (~S_POST);
                }
                if (!atoi(row[1]))
                {
                        priv &= (~S_GETEXP);
                }
                setpriv(p_priv, atoi(row[0]), priv);
        }
        mysql_free_result(rs);

        // Section ban
        snprintf(sql, sizeof(sql), "SELECT SID FROM ban_user_list WHERE UID = %ld AND enable "
                                 "AND (NOW() BETWEEN ban_dt AND unban_dt)",
                        uid);
        if (mysql_query(db, sql) != 0)
        {
                log_error("Query ban_user_list failed\n");
                return -1;
        }
        if ((rs = mysql_store_result(db)) == NULL)
        {
                log_error("Get ban_user_list data failed\n");
                return -1;
        }
        while ((row = mysql_fetch_row(rs)))
        {
                setpriv(p_priv, atoi(row[0]),
                                getpriv(p_priv, atoi(row[0])) & (~S_POST));
        }
        mysql_free_result(rs);

        return 0;
}
1	sysadm	1.1	/***************************************************************************
2	sysadm	1.5	user_priv.c - description
3			-------------------
4			begin : Mon Oct 22 2004
5			copyright : (C) 2004 by Leaflet
6			email : leaflet@leafok.com
7	sysadm	1.1	***************************************************************************/
8
9			/***************************************************************************
10			* *
11			* This program is free software; you can redistribute it and/or modify *
12			* it under the terms of the GNU General Public License as published by *
13			* the Free Software Foundation; either version 2 of the License, or *
14			* (at your option) any later version. *
15			* *
16			***************************************************************************/
17
18	sysadm	1.8	#include "user_priv.h"
19	sysadm	1.1	#include "bbs.h"
20	sysadm	1.2	#include "common.h"
21	sysadm	1.10	#include "database.h"
22	sysadm	1.8	#include "log.h"
23			#include <stdio.h>
24	sysadm	1.1	#include <mysql.h>
25
26	sysadm	1.8	BBS_user_priv BBS_priv;
27
28	sysadm	1.5	int checklevel(BBS_user_priv *p_priv, int level)
29	sysadm	1.1	{
30	sysadm	1.9	if (level == P_GUEST)
31			{
32			return 1;
33			}
34
35			return ((p_priv->level & level) ? 1 : 0);
36	sysadm	1.2	}
37
38	sysadm	1.5	int setpriv(BBS_user_priv *p_priv, int sid, int priv)
39	sysadm	1.2	{
40	sysadm	1.5	int i;
41			if (sid > 0)
42	sysadm	1.2	{
43	sysadm	1.5	for (i = 0; i < p_priv->s_count; i++)
44			{
45			if (p_priv->s_priv_list[i].sid == sid)
46			{
47			p_priv->s_priv_list[i].s_priv = priv;
48			return 0;
49			}
50			}
51			if (i < BBS_max_section)
52			{
53			p_priv->s_priv_list[i].s_priv = priv;
54			}
55			else
56			{
57			return -1;
58			}
59	sysadm	1.2	}
60	sysadm	1.5	else
61	sysadm	1.2	{
62	sysadm	1.5	p_priv->g_priv = priv;
63	sysadm	1.2	}
64	sysadm	1.5
65			return 0;
66			}
67
68			int getpriv(BBS_user_priv *p_priv, int sid)
69			{
70			int i;
71			for (i = 0; i < p_priv->s_count; i++)
72	sysadm	1.2	{
73	sysadm	1.5	if (p_priv->s_priv_list[i].sid == sid)
74			return p_priv->s_priv_list[i].s_priv;
75	sysadm	1.2	}
76
77	sysadm	1.5	return (sid >= 0 ? p_priv->g_priv : S_NONE);
78	sysadm	1.2	}
79
80	sysadm	1.5	int checkpriv(BBS_user_priv *p_priv, int sid, int priv)
81	sysadm	1.2	{
82	sysadm	1.9	return (((getpriv(p_priv, sid) & priv)) == priv ? 1 : 0);
83	sysadm	1.2	}
84
85	sysadm	1.6	int load_priv(MYSQL db, BBS_user_priv p_priv, long int uid)
86	sysadm	1.2	{
87	sysadm	1.5	MYSQL_RES *rs;
88			MYSQL_ROW row;
89	sysadm	1.10	char sql[SQL_BUFFER_LEN];
90	sysadm	1.5
91			p_priv->uid = uid;
92			p_priv->level = (uid == 0 ? P_GUEST : P_USER);
93			p_priv->g_priv = S_DEFAULT;
94
95			if (db == NULL)
96			return 1;
97
98	sysadm	1.7	// Permission
99	sysadm	1.11	snprintf(sql, sizeof(sql), "SELECT p_post, p_msg FROM user_list WHERE UID = %ld AND verified",
100	sysadm	1.5	uid);
101			if (mysql_query(db, sql) != 0)
102			{
103	sysadm	1.7	log_error("Query user_list failed\n");
104	sysadm	1.5	return -1;
105			}
106			if ((rs = mysql_store_result(db)) == NULL)
107			{
108	sysadm	1.7	log_error("Get user_list data failed\n");
109	sysadm	1.5	return -1;
110			}
111	sysadm	1.10	if ((row = mysql_fetch_row(rs)))
112	sysadm	1.5	{
113	sysadm	1.7	p_priv->g_priv \|= (atoi(row[0]) ? S_POST : 0);
114			p_priv->g_priv \|= (atoi(row[1]) ? S_MSG : 0);
115	sysadm	1.5	}
116			mysql_free_result(rs);
117
118	sysadm	1.7	// Admin
119	sysadm	1.11	snprintf(sql, sizeof(sql), "SELECT major FROM admin_config WHERE UID = %ld "
120	sysadm	1.7	"AND enable AND (NOW() BETWEEN begin_dt AND end_dt)",
121	sysadm	1.5	uid);
122			if (mysql_query(db, sql) != 0)
123			{
124	sysadm	1.7	log_error("Query admin_config failed\n");
125	sysadm	1.5	return -1;
126			}
127			if ((rs = mysql_store_result(db)) == NULL)
128			{
129	sysadm	1.7	log_error("Get admin_config data failed\n");
130	sysadm	1.5	return -1;
131			}
132	sysadm	1.10	if ((row = mysql_fetch_row(rs)))
133	sysadm	1.5	{
134	sysadm	1.9	p_priv->level \|= (atoi(row[0]) ? P_ADMIN_M : P_ADMIN_S);
135			p_priv->g_priv \|= (atoi(row[0]) ? S_ALL : S_ADMIN);
136	sysadm	1.5	}
137			mysql_free_result(rs);
138
139			// Section Master
140	sysadm	1.11	snprintf(sql, sizeof(sql), "SELECT section_master.SID, major FROM section_master "
141	sysadm	1.7	"INNER JOIN section_config ON section_master.SID = section_config.SID "
142			"WHERE UID = %ld AND section_master.enable AND section_config.enable "
143			"AND (NOW() BETWEEN begin_dt AND end_dt)",
144	sysadm	1.5	uid);
145			if (mysql_query(db, sql) != 0)
146			{
147			log_error("Query section_master failed\n");
148			return -1;
149			}
150			if ((rs = mysql_store_result(db)) == NULL)
151			{
152			log_error("Get section_master data failed\n");
153			return -1;
154			}
155	sysadm	1.10	while ((row = mysql_fetch_row(rs)))
156	sysadm	1.5	{
157			p_priv->level \|= (atoi(row[1]) ? P_MAN_M : P_MAN_S);
158			setpriv(p_priv, atoi(row[0]), getpriv(p_priv, atoi(row[0])) \| (atoi(row[1]) ? S_MAN_M : S_MAN_S));
159			}
160			mysql_free_result(rs);
161
162			// Section status
163	sysadm	1.11	snprintf(sql, sizeof(sql), "SELECT SID, exp_get, read_user_level, write_user_level FROM section_config "
164	sysadm	1.7	"INNER JOIN section_class ON section_config.CID = section_class.CID "
165			"WHERE section_config.enable AND section_class.enable "
166			"ORDER BY SID");
167	sysadm	1.5	if (mysql_query(db, sql) != 0)
168			{
169			log_error("Query section_config failed\n");
170			return -1;
171			}
172			if ((rs = mysql_store_result(db)) == NULL)
173			{
174			log_error("Get section_config data failed\n");
175			return -1;
176			}
177	sysadm	1.10	while ((row = mysql_fetch_row(rs)))
178	sysadm	1.5	{
179	sysadm	1.7	int priv = getpriv(p_priv, atoi(row[0]));
180	sysadm	1.5	if (p_priv->level < atoi(row[2]))
181	sysadm	1.7	{
182			priv &= (~S_LIST);
183			}
184	sysadm	1.5	if (p_priv->level < atoi(row[3]))
185	sysadm	1.7	{
186			priv &= (~S_POST);
187			}
188	sysadm	1.5	if (!atoi(row[1]))
189	sysadm	1.7	{
190			priv &= (~S_GETEXP);
191			}
192			setpriv(p_priv, atoi(row[0]), priv);
193	sysadm	1.5	}
194			mysql_free_result(rs);
195	sysadm	1.2
196	sysadm	1.5	// Section ban
197	sysadm	1.11	snprintf(sql, sizeof(sql), "SELECT SID FROM ban_user_list WHERE UID = %ld AND enable "
198	sysadm	1.7	"AND (NOW() BETWEEN ban_dt AND unban_dt)",
199	sysadm	1.5	uid);
200			if (mysql_query(db, sql) != 0)
201			{
202			log_error("Query ban_user_list failed\n");
203			return -1;
204			}
205			if ((rs = mysql_store_result(db)) == NULL)
206			{
207			log_error("Get ban_user_list data failed\n");
208			return -1;
209			}
210	sysadm	1.10	while ((row = mysql_fetch_row(rs)))
211	sysadm	1.5	{
212			setpriv(p_priv, atoi(row[0]),
213			getpriv(p_priv, atoi(row[0])) & (~S_POST));
214			}
215			mysql_free_result(rs);
216
217			return 0;
218	sysadm	1.1	}
webmaster@leafok.com	ViewVC Help
Powered by ViewVC 1.3.0-beta1