lbbs/src/user_priv.c

/***************************************************************************
                                                  user_priv.c  -  description
                                                         -------------------
        Copyright            : (C) 2004-2025 by Leaflet
        Email                : leaflet@leafok.com
 ***************************************************************************/

/***************************************************************************
 *                                                                         *
 *   This program is free software; you can redistribute it and/or modify  *
 *   it under the terms of the GNU General Public License as published by  *
 *   the Free Software Foundation; either version 3 of the License, or     *
 *   (at your option) any later version.                                   *
 *                                                                         *
 ***************************************************************************/

#include "user_priv.h"
#include "bbs.h"
#include "common.h"
#include "database.h"
#include "log.h"
#include <stdio.h>
#include <mysql.h>
#include <stdlib.h>

BBS_user_priv BBS_priv;

inline static int search_priv(BBS_user_priv *p_priv, int sid, int *p_offset)
{
        int left = 0;
        int right = p_priv->s_count - 1;
        int mid = 0;

        while (left < right)
        {
                mid = (left + right) / 2;

                if (sid <= p_priv->s_priv_list[mid].sid)
                {
                        right = mid;
                }
                else
                {
                        left = mid + 1;
                }
        }

        *p_offset = left;

        return (left == right && sid == p_priv->s_priv_list[left].sid);
}

int setpriv(BBS_user_priv *p_priv, int sid, int priv, int is_favor)
{
        int offset;
        int i;

        if (sid == 0)
        {
                p_priv->g_priv = priv;
                return 0;
        }

        if (search_priv(p_priv, sid, &offset)) //found
        {
                p_priv->s_priv_list[offset].s_priv = priv;
                p_priv->s_priv_list[offset].is_favor = is_favor;
                return 0;
        }

        // not found
        if (p_priv->s_count >= BBS_max_section)
        {
                return -1;
        }

        // move items at [left, p_priv->s_count - 1] to [left + 1, p_priv->s_count]
        for (i = p_priv->s_count - 1; i >= offset; i--)
        {
                p_priv->s_priv_list[i + 1] = p_priv->s_priv_list[i];
        }
        p_priv->s_count++;

        // insert new item at offset left
        p_priv->s_priv_list[offset].sid = sid;
        p_priv->s_priv_list[offset].s_priv = priv;
        p_priv->s_priv_list[offset].is_favor = is_favor;

        return 0;
}

int getpriv(BBS_user_priv *p_priv, int sid, int *p_is_favor)
{
        int offset;

        if (search_priv(p_priv, sid, &offset)) //found
        {
                *p_is_favor = p_priv->s_priv_list[offset].is_favor;
                return p_priv->s_priv_list[offset].s_priv;
        }

        *p_is_favor = 0;
        return (sid >= 0 ? p_priv->g_priv : S_NONE);
}

int load_priv(MYSQL *db, BBS_user_priv *p_priv, long int uid)
{
        MYSQL_RES *rs;
        MYSQL_ROW row;
        char sql[SQL_BUFFER_LEN];
        int priv;
        int is_favor;

        p_priv->uid = uid;
        p_priv->level = (uid == 0 ? P_GUEST : P_USER);
        p_priv->g_priv = S_DEFAULT;
        p_priv->s_count = 0;

        if (db == NULL)
                return 1;

        // Permission
        snprintf(sql, sizeof(sql),
                         "SELECT p_post, p_msg FROM user_list WHERE UID = %ld AND verified",
                         uid);
        if (mysql_query(db, sql) != 0)
        {
                log_error("Query user_list error: %s\n", mysql_error(db));
                return -1;
        }
        if ((rs = mysql_store_result(db)) == NULL)
        {
                log_error("Get user_list data failed\n");
                return -1;
        }
        if ((row = mysql_fetch_row(rs)))
        {
                p_priv->g_priv |= (atoi(row[0]) ? S_POST : 0);
                p_priv->g_priv |= (atoi(row[1]) ? S_MSG : 0);
        }
        mysql_free_result(rs);

        // Admin
        snprintf(sql, sizeof(sql),
                         "SELECT major FROM admin_config WHERE UID = %ld "
                         "AND enable AND (NOW() BETWEEN begin_dt AND end_dt)",
                         uid);
        if (mysql_query(db, sql) != 0)
        {
                log_error("Query admin_config error: %s\n", mysql_error(db));
                return -1;
        }
        if ((rs = mysql_store_result(db)) == NULL)
        {
                log_error("Get admin_config data failed\n");
                return -1;
        }
        if ((row = mysql_fetch_row(rs)))
        {
                p_priv->level |= (atoi(row[0]) ? P_ADMIN_M : P_ADMIN_S);
                p_priv->g_priv |= (atoi(row[0]) ? S_ALL : S_ADMIN);
        }
        mysql_free_result(rs);

        // Section Master
        snprintf(sql, sizeof(sql),
                         "SELECT section_master.SID, major FROM section_master "
                         "INNER JOIN section_config ON section_master.SID = section_config.SID "
                         "WHERE UID = %ld AND section_master.enable AND section_config.enable "
                         "AND (NOW() BETWEEN begin_dt AND end_dt)",
                         uid);
        if (mysql_query(db, sql) != 0)
        {
                log_error("Query section_master error: %s\n", mysql_error(db));
                return -1;
        }
        if ((rs = mysql_store_result(db)) == NULL)
        {
                log_error("Get section_master data failed\n");
                return -1;
        }
        while ((row = mysql_fetch_row(rs)))
        {
                p_priv->level |= (atoi(row[1]) ? P_MAN_M : P_MAN_S);
                priv = (getpriv(p_priv, atoi(row[0]), &is_favor) | (atoi(row[1]) ? S_MAN_M : S_MAN_S));
                setpriv(p_priv, atoi(row[0]), priv, is_favor);
        }
        mysql_free_result(rs);

        // Section status
        snprintf(sql, sizeof(sql),
                         "SELECT SID, exp_get, read_user_level, write_user_level FROM section_config "
                         "INNER JOIN section_class ON section_config.CID = section_class.CID "
                         "WHERE section_config.enable AND section_class.enable "
                         "ORDER BY SID");
        if (mysql_query(db, sql) != 0)
        {
                log_error("Query section_config error: %s\n", mysql_error(db));
                return -1;
        }
        if ((rs = mysql_store_result(db)) == NULL)
        {
                log_error("Get section_config data failed\n");
                return -1;
        }
        while ((row = mysql_fetch_row(rs)))
        {
                int priv = getpriv(p_priv, atoi(row[0]), &is_favor);
                if (p_priv->level < atoi(row[2]))
                {
                        priv &= (~S_LIST);
                }
                if (p_priv->level < atoi(row[3]))
                {
                        priv &= (~S_POST);
                }
                if (!atoi(row[1]))
                {
                        priv &= (~S_GETEXP);
                }
                setpriv(p_priv, atoi(row[0]), priv, is_favor);
        }
        mysql_free_result(rs);

        // Section ban
        snprintf(sql, sizeof(sql),
                         "SELECT SID FROM ban_user_list WHERE UID = %ld AND enable "
                         "AND (NOW() BETWEEN ban_dt AND unban_dt)",
                         uid);
        if (mysql_query(db, sql) != 0)
        {
                log_error("Query ban_user_list error: %s\n", mysql_error(db));
                return -1;
        }
        if ((rs = mysql_store_result(db)) == NULL)
        {
                log_error("Get ban_user_list data failed\n");
                return -1;
        }
        while ((row = mysql_fetch_row(rs)))
        {
                priv = getpriv(p_priv, atoi(row[0]), &is_favor) & (~S_POST);
                setpriv(p_priv, atoi(row[0]), priv, is_favor);
        }
        mysql_free_result(rs);

        // User favor section
        snprintf(sql, sizeof(sql),
                         "SELECT SID FROM section_favorite WHERE UID = %ld",
                         uid);
        if (mysql_query(db, sql) != 0)
        {
                log_error("Query section_favorite error: %s\n", mysql_error(db));
                return -1;
        }
        if ((rs = mysql_store_result(db)) == NULL)
        {
                log_error("Get section_favorite data failed\n");
                return -1;
        }
        while ((row = mysql_fetch_row(rs)))
        {
                priv = getpriv(p_priv, atoi(row[0]), &is_favor);
                if (!is_favor)
                {
                        setpriv(p_priv, atoi(row[0]), priv, 1);
                        priv = getpriv(p_priv, atoi(row[0]), &is_favor);
                }
        }
        mysql_free_result(rs);

        return 0;
}
1	sysadm	1.1	/***************************************************************************
2	sysadm	1.5	user_priv.c - description
3			-------------------
4	sysadm	1.12	Copyright : (C) 2004-2025 by Leaflet
5			Email : leaflet@leafok.com
6	sysadm	1.1	***************************************************************************/
7
8			/***************************************************************************
9			* *
10			* This program is free software; you can redistribute it and/or modify *
11			* it under the terms of the GNU General Public License as published by *
12	sysadm	1.12	* the Free Software Foundation; either version 3 of the License, or *
13	sysadm	1.1	* (at your option) any later version. *
14			* *
15			***************************************************************************/
16
17	sysadm	1.8	#include "user_priv.h"
18	sysadm	1.1	#include "bbs.h"
19	sysadm	1.2	#include "common.h"
20	sysadm	1.10	#include "database.h"
21	sysadm	1.8	#include "log.h"
22			#include <stdio.h>
23	sysadm	1.1	#include <mysql.h>
24	sysadm	1.15	#include <stdlib.h>
25	sysadm	1.1
26	sysadm	1.8	BBS_user_priv BBS_priv;
27
28	sysadm	1.18	inline static int search_priv(BBS_user_priv p_priv, int sid, int p_offset)
29	sysadm	1.2	{
30	sysadm	1.16	int left = 0;
31			int right = p_priv->s_count - 1;
32	sysadm	1.17	int mid = 0;
33	sysadm	1.16
34			while (left < right)
35			{
36			mid = (left + right) / 2;
37
38			if (sid <= p_priv->s_priv_list[mid].sid)
39	sysadm	1.5	{
40	sysadm	1.16	right = mid;
41	sysadm	1.5	}
42			else
43			{
44	sysadm	1.16	left = mid + 1;
45	sysadm	1.5	}
46	sysadm	1.2	}
47	sysadm	1.16
48	sysadm	1.18	*p_offset = left;
49
50			return (left == right && sid == p_priv->s_priv_list[left].sid);
51			}
52
53			int setpriv(BBS_user_priv *p_priv, int sid, int priv, int is_favor)
54			{
55			int offset;
56			int i;
57
58			if (sid == 0)
59			{
60			p_priv->g_priv = priv;
61			return 0;
62			}
63
64			if (search_priv(p_priv, sid, &offset)) //found
65	sysadm	1.2	{
66	sysadm	1.18	p_priv->s_priv_list[offset].s_priv = priv;
67			p_priv->s_priv_list[offset].is_favor = is_favor;
68	sysadm	1.16	return 0;
69			}
70
71			// not found
72			if (p_priv->s_count >= BBS_max_section)
73			{
74			return -1;
75			}
76
77			// move items at [left, p_priv->s_count - 1] to [left + 1, p_priv->s_count]
78	sysadm	1.18	for (i = p_priv->s_count - 1; i >= offset; i--)
79	sysadm	1.16	{
80	sysadm	1.18	p_priv->s_priv_list[i + 1] = p_priv->s_priv_list[i];
81	sysadm	1.2	}
82	sysadm	1.17	p_priv->s_count++;
83
84	sysadm	1.16	// insert new item at offset left
85	sysadm	1.18	p_priv->s_priv_list[offset].sid = sid;
86			p_priv->s_priv_list[offset].s_priv = priv;
87			p_priv->s_priv_list[offset].is_favor = is_favor;
88	sysadm	1.5
89			return 0;
90			}
91
92	sysadm	1.17	int getpriv(BBS_user_priv p_priv, int sid, int p_is_favor)
93	sysadm	1.5	{
94	sysadm	1.18	int offset;
95	sysadm	1.2
96	sysadm	1.18	if (search_priv(p_priv, sid, &offset)) //found
97	sysadm	1.17	{
98	sysadm	1.18	*p_is_favor = p_priv->s_priv_list[offset].is_favor;
99			return p_priv->s_priv_list[offset].s_priv;
100	sysadm	1.17	}
101
102	sysadm	1.18	*p_is_favor = 0;
103	sysadm	1.5	return (sid >= 0 ? p_priv->g_priv : S_NONE);
104	sysadm	1.2	}
105
106	sysadm	1.6	int load_priv(MYSQL db, BBS_user_priv p_priv, long int uid)
107	sysadm	1.2	{
108	sysadm	1.5	MYSQL_RES *rs;
109			MYSQL_ROW row;
110	sysadm	1.10	char sql[SQL_BUFFER_LEN];
111	sysadm	1.17	int priv;
112			int is_favor;
113	sysadm	1.5
114			p_priv->uid = uid;
115			p_priv->level = (uid == 0 ? P_GUEST : P_USER);
116			p_priv->g_priv = S_DEFAULT;
117	sysadm	1.14	p_priv->s_count = 0;
118	sysadm	1.5
119			if (db == NULL)
120			return 1;
121
122	sysadm	1.7	// Permission
123	sysadm	1.17	snprintf(sql, sizeof(sql),
124			"SELECT p_post, p_msg FROM user_list WHERE UID = %ld AND verified",
125	sysadm	1.16	uid);
126	sysadm	1.5	if (mysql_query(db, sql) != 0)
127			{
128	sysadm	1.15	log_error("Query user_list error: %s\n", mysql_error(db));
129	sysadm	1.5	return -1;
130			}
131			if ((rs = mysql_store_result(db)) == NULL)
132			{
133	sysadm	1.7	log_error("Get user_list data failed\n");
134	sysadm	1.5	return -1;
135			}
136	sysadm	1.10	if ((row = mysql_fetch_row(rs)))
137	sysadm	1.5	{
138	sysadm	1.7	p_priv->g_priv \|= (atoi(row[0]) ? S_POST : 0);
139			p_priv->g_priv \|= (atoi(row[1]) ? S_MSG : 0);
140	sysadm	1.5	}
141			mysql_free_result(rs);
142
143	sysadm	1.7	// Admin
144	sysadm	1.17	snprintf(sql, sizeof(sql),
145			"SELECT major FROM admin_config WHERE UID = %ld "
146			"AND enable AND (NOW() BETWEEN begin_dt AND end_dt)",
147	sysadm	1.16	uid);
148	sysadm	1.5	if (mysql_query(db, sql) != 0)
149			{
150	sysadm	1.15	log_error("Query admin_config error: %s\n", mysql_error(db));
151	sysadm	1.5	return -1;
152			}
153			if ((rs = mysql_store_result(db)) == NULL)
154			{
155	sysadm	1.7	log_error("Get admin_config data failed\n");
156	sysadm	1.5	return -1;
157			}
158	sysadm	1.10	if ((row = mysql_fetch_row(rs)))
159	sysadm	1.5	{
160	sysadm	1.9	p_priv->level \|= (atoi(row[0]) ? P_ADMIN_M : P_ADMIN_S);
161			p_priv->g_priv \|= (atoi(row[0]) ? S_ALL : S_ADMIN);
162	sysadm	1.5	}
163			mysql_free_result(rs);
164
165			// Section Master
166	sysadm	1.17	snprintf(sql, sizeof(sql),
167			"SELECT section_master.SID, major FROM section_master "
168			"INNER JOIN section_config ON section_master.SID = section_config.SID "
169			"WHERE UID = %ld AND section_master.enable AND section_config.enable "
170			"AND (NOW() BETWEEN begin_dt AND end_dt)",
171	sysadm	1.16	uid);
172	sysadm	1.5	if (mysql_query(db, sql) != 0)
173			{
174	sysadm	1.15	log_error("Query section_master error: %s\n", mysql_error(db));
175	sysadm	1.5	return -1;
176			}
177			if ((rs = mysql_store_result(db)) == NULL)
178			{
179			log_error("Get section_master data failed\n");
180			return -1;
181			}
182	sysadm	1.10	while ((row = mysql_fetch_row(rs)))
183	sysadm	1.5	{
184			p_priv->level \|= (atoi(row[1]) ? P_MAN_M : P_MAN_S);
185	sysadm	1.17	priv = (getpriv(p_priv, atoi(row[0]), &is_favor) \| (atoi(row[1]) ? S_MAN_M : S_MAN_S));
186			setpriv(p_priv, atoi(row[0]), priv, is_favor);
187	sysadm	1.5	}
188			mysql_free_result(rs);
189
190			// Section status
191	sysadm	1.17	snprintf(sql, sizeof(sql),
192			"SELECT SID, exp_get, read_user_level, write_user_level FROM section_config "
193			"INNER JOIN section_class ON section_config.CID = section_class.CID "
194			"WHERE section_config.enable AND section_class.enable "
195			"ORDER BY SID");
196	sysadm	1.5	if (mysql_query(db, sql) != 0)
197			{
198	sysadm	1.15	log_error("Query section_config error: %s\n", mysql_error(db));
199	sysadm	1.5	return -1;
200			}
201			if ((rs = mysql_store_result(db)) == NULL)
202			{
203			log_error("Get section_config data failed\n");
204			return -1;
205			}
206	sysadm	1.10	while ((row = mysql_fetch_row(rs)))
207	sysadm	1.5	{
208	sysadm	1.17	int priv = getpriv(p_priv, atoi(row[0]), &is_favor);
209	sysadm	1.5	if (p_priv->level < atoi(row[2]))
210	sysadm	1.7	{
211			priv &= (~S_LIST);
212			}
213	sysadm	1.5	if (p_priv->level < atoi(row[3]))
214	sysadm	1.7	{
215			priv &= (~S_POST);
216			}
217	sysadm	1.5	if (!atoi(row[1]))
218	sysadm	1.7	{
219			priv &= (~S_GETEXP);
220			}
221	sysadm	1.17	setpriv(p_priv, atoi(row[0]), priv, is_favor);
222	sysadm	1.5	}
223			mysql_free_result(rs);
224	sysadm	1.2
225	sysadm	1.5	// Section ban
226	sysadm	1.17	snprintf(sql, sizeof(sql),
227			"SELECT SID FROM ban_user_list WHERE UID = %ld AND enable "
228			"AND (NOW() BETWEEN ban_dt AND unban_dt)",
229	sysadm	1.16	uid);
230	sysadm	1.5	if (mysql_query(db, sql) != 0)
231			{
232	sysadm	1.15	log_error("Query ban_user_list error: %s\n", mysql_error(db));
233	sysadm	1.5	return -1;
234			}
235			if ((rs = mysql_store_result(db)) == NULL)
236			{
237			log_error("Get ban_user_list data failed\n");
238			return -1;
239			}
240	sysadm	1.10	while ((row = mysql_fetch_row(rs)))
241	sysadm	1.5	{
242	sysadm	1.17	priv = getpriv(p_priv, atoi(row[0]), &is_favor) & (~S_POST);
243			setpriv(p_priv, atoi(row[0]), priv, is_favor);
244			}
245			mysql_free_result(rs);
246
247			// User favor section
248			snprintf(sql, sizeof(sql),
249			"SELECT SID FROM section_favorite WHERE UID = %ld",
250			uid);
251			if (mysql_query(db, sql) != 0)
252			{
253			log_error("Query section_favorite error: %s\n", mysql_error(db));
254			return -1;
255			}
256			if ((rs = mysql_store_result(db)) == NULL)
257			{
258			log_error("Get section_favorite data failed\n");
259			return -1;
260			}
261			while ((row = mysql_fetch_row(rs)))
262			{
263			priv = getpriv(p_priv, atoi(row[0]), &is_favor);
264			if (!is_favor)
265			{
266			setpriv(p_priv, atoi(row[0]), priv, 1);
267			priv = getpriv(p_priv, atoi(row[0]), &is_favor);
268			}
269	sysadm	1.5	}
270			mysql_free_result(rs);
271
272			return 0;
273	sysadm	1.1	}
webmaster@leafok.com	ViewVC Help
Powered by ViewVC 1.3.0-beta1