--- lbbs/src/user_priv.c	2025/04/28 12:45:57	1.7
+++ lbbs/src/user_priv.c	2025/05/05 11:46:04	1.11
@@ -15,13 +15,24 @@
  *                                                                         *
  ***************************************************************************/
 
+#include "user_priv.h"
 #include "bbs.h"
 #include "common.h"
+#include "database.h"
+#include "log.h"
+#include <stdio.h>
 #include <mysql.h>
 
+BBS_user_priv BBS_priv;
+
 int checklevel(BBS_user_priv *p_priv, int level)
 {
-	return (((p_priv->level & level)) ^ level ? 0 : 1);
+	if (level == P_GUEST)
+	{
+		return 1;
+	}
+
+	return ((p_priv->level & level) ? 1 : 0);
 }
 
 int setpriv(BBS_user_priv *p_priv, int sid, int priv)
@@ -68,15 +79,14 @@ int getpriv(BBS_user_priv *p_priv, int s
 
 int checkpriv(BBS_user_priv *p_priv, int sid, int priv)
 {
-	return (((getpriv(p_priv, sid) & priv)) ^ priv ? 0 : 1);
+	return (((getpriv(p_priv, sid) & priv)) == priv ? 1 : 0);
 }
 
 int load_priv(MYSQL *db, BBS_user_priv *p_priv, long int uid)
 {
 	MYSQL_RES *rs;
 	MYSQL_ROW row;
-	char sql[1024];
-	int i;
+	char sql[SQL_BUFFER_LEN];
 
 	p_priv->uid = uid;
 	p_priv->level = (uid == 0 ? P_GUEST : P_USER);
@@ -86,7 +96,7 @@ int load_priv(MYSQL *db, BBS_user_priv *
 		return 1;
 
 	// Permission
-	sprintf(sql, "SELECT p_post, p_msg FROM user_list WHERE UID = %ld AND verified",
+	snprintf(sql, sizeof(sql), "SELECT p_post, p_msg FROM user_list WHERE UID = %ld AND verified",
 			uid);
 	if (mysql_query(db, sql) != 0)
 	{
@@ -98,7 +108,7 @@ int load_priv(MYSQL *db, BBS_user_priv *
 		log_error("Get user_list data failed\n");
 		return -1;
 	}
-	if (row = mysql_fetch_row(rs))
+	if ((row = mysql_fetch_row(rs)))
 	{
 		p_priv->g_priv |= (atoi(row[0]) ? S_POST : 0);
 		p_priv->g_priv |= (atoi(row[1]) ? S_MSG : 0);
@@ -106,7 +116,7 @@ int load_priv(MYSQL *db, BBS_user_priv *
 	mysql_free_result(rs);
 
 	// Admin
-	sprintf(sql, "SELECT major FROM admin_config WHERE UID = %ld "
+	snprintf(sql, sizeof(sql), "SELECT major FROM admin_config WHERE UID = %ld "
 				 "AND enable AND (NOW() BETWEEN begin_dt AND end_dt)",
 			uid);
 	if (mysql_query(db, sql) != 0)
@@ -119,15 +129,15 @@ int load_priv(MYSQL *db, BBS_user_priv *
 		log_error("Get admin_config data failed\n");
 		return -1;
 	}
-	if (row = mysql_fetch_row(rs))
+	if ((row = mysql_fetch_row(rs)))
 	{
-		p_priv->level |= (atoi(row[1]) ? P_ADMIN_M : P_ADMIN_S);
-		p_priv->g_priv |= (atoi(row[1]) ? S_ALL : S_ADMIN);
+		p_priv->level |= (atoi(row[0]) ? P_ADMIN_M : P_ADMIN_S);
+		p_priv->g_priv |= (atoi(row[0]) ? S_ALL : S_ADMIN);
 	}
 	mysql_free_result(rs);
 
 	// Section Master
-	sprintf(sql, "SELECT section_master.SID, major FROM section_master "
+	snprintf(sql, sizeof(sql), "SELECT section_master.SID, major FROM section_master "
 				 "INNER JOIN section_config ON section_master.SID = section_config.SID "
 				 "WHERE UID = %ld AND section_master.enable AND section_config.enable "
 				 "AND (NOW() BETWEEN begin_dt AND end_dt)",
@@ -142,7 +152,7 @@ int load_priv(MYSQL *db, BBS_user_priv *
 		log_error("Get section_master data failed\n");
 		return -1;
 	}
-	while (row = mysql_fetch_row(rs))
+	while ((row = mysql_fetch_row(rs)))
 	{
 		p_priv->level |= (atoi(row[1]) ? P_MAN_M : P_MAN_S);
 		setpriv(p_priv, atoi(row[0]), getpriv(p_priv, atoi(row[0])) | (atoi(row[1]) ? S_MAN_M : S_MAN_S));
@@ -150,7 +160,7 @@ int load_priv(MYSQL *db, BBS_user_priv *
 	mysql_free_result(rs);
 
 	// Section status
-	sprintf(sql, "SELECT SID, exp_get, read_user_level, write_user_level FROM section_config "
+	snprintf(sql, sizeof(sql), "SELECT SID, exp_get, read_user_level, write_user_level FROM section_config "
 				 "INNER JOIN section_class ON section_config.CID = section_class.CID "
 				 "WHERE section_config.enable AND section_class.enable "
 				 "ORDER BY SID");
@@ -164,7 +174,7 @@ int load_priv(MYSQL *db, BBS_user_priv *
 		log_error("Get section_config data failed\n");
 		return -1;
 	}
-	while (row = mysql_fetch_row(rs))
+	while ((row = mysql_fetch_row(rs)))
 	{
 		int priv = getpriv(p_priv, atoi(row[0]));
 		if (p_priv->level < atoi(row[2]))
@@ -184,7 +194,7 @@ int load_priv(MYSQL *db, BBS_user_priv *
 	mysql_free_result(rs);
 
 	// Section ban
-	sprintf(sql, "SELECT SID FROM ban_user_list WHERE UID = %ld AND enable "
+	snprintf(sql, sizeof(sql), "SELECT SID FROM ban_user_list WHERE UID = %ld AND enable "
 				 "AND (NOW() BETWEEN ban_dt AND unban_dt)",
 			uid);
 	if (mysql_query(db, sql) != 0)
@@ -197,7 +207,7 @@ int load_priv(MYSQL *db, BBS_user_priv *
 		log_error("Get ban_user_list data failed\n");
 		return -1;
 	}
-	while (row = mysql_fetch_row(rs))
+	while ((row = mysql_fetch_row(rs)))
 	{
 		setpriv(p_priv, atoi(row[0]),
 				getpriv(p_priv, atoi(row[0])) & (~S_POST));