added user registered event, tidied up helper functions and added automatic auth...

[NeonServV5.git] / src / DBHelper.c

/* DBHelper.c - NeonServ v5.2
 * Copyright (C) 2011  Philipp Kreil (pk910)
 * 
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 * 
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License 
 * along with this program. If not, see <http://www.gnu.org/licenses/>. 
 */

#include "DBHelper.h"
#include "UserNode.h"
#include "ChanNode.h"
#include "ChanUser.h"
#include "mysqlConn.h"
#include "lang.h"
#include "tools.h"
#include "IRCEvents.h"
#include "HandleInfoHandler.h"

void _loadUserSettings(struct UserNode *user) {
    MYSQL_RES *res;
    MYSQL_ROW row;
    printf_mysql_query("SELECT `user_lang`, `user_reply_privmsg`, `user_god` FROM `users` WHERE `user_user` = '%s'", escape_string(user->auth));
    res = mysql_use();
    if ((row = mysql_fetch_row(res)) != NULL) {
        user->language = get_language_by_tag(row[0]);
        if(user->language == NULL) user->language = get_default_language();
        if(strcmp(row[1], "0"))
            user->flags |= USERFLAG_REPLY_PRIVMSG;
        if(strcmp(row[2], "0"))
            user->flags |= USERFLAG_GOD_MODE;
    } else
        user->language = get_default_language();
    user->flags |= USERFLAG_LOADED_SETTINGS;
}

int isGodMode(struct UserNode *user) {
    loadUserSettings(user);
    return (user->flags & USERFLAG_GOD_MODE);
}

int getChannelAccess(struct UserNode *user, struct ChanNode *chan) {
    if(!(user->flags & USERFLAG_ISAUTHED)) return 0;
    loadChannelSettings(chan);
    if(!(chan->flags & CHANFLAG_CHAN_REGISTERED)) return 0;
    MYSQL_RES *res;
    MYSQL_ROW row;
    int caccess = 0;
    printf_mysql_query("SELECT `user_id`, `user_access`, `user_god` FROM `users` WHERE `user_user` = '%s'", escape_string(user->auth));
    res = mysql_use();
    if ((row = mysql_fetch_row(res)) != NULL) {
        printf_mysql_query("SELECT `chanuser_access`, `chanuser_flags` FROM `chanusers` WHERE `chanuser_uid` = '%s' AND `chanuser_cid` = '%d'", row[0], chan->channel_id);
        res = mysql_use();
        if ((row = mysql_fetch_row(res)) != NULL) {
            int cflags = atoi(row[1]);
            if(!(cflags & DB_CHANUSER_SUSPENDED) && atoi(row[0]) > caccess)
                caccess = atoi(row[0]);
        }
        return caccess;
    }
    return 0;
}

char *getChanDefault(char *channel_setting) {
    MYSQL_RES *res;
    MYSQL_ROW row;
    printf_mysql_query("SELECT `%s` FROM `channels` WHERE `channel_name` = 'defaults'", channel_setting);
    res = mysql_use();
    if ((row = mysql_fetch_row(res)) == NULL) return "";
    return row[0];
}

int checkChannelAccess(struct UserNode *user, struct ChanNode *chan, char *channel_setting, int allow_501) {
    loadChannelSettings(chan);
    if(!(chan->flags & CHANFLAG_CHAN_REGISTERED)) return 0;
    if((user->flags & USERFLAG_ISIRCOP)) return 1;
    MYSQL_RES *res;
    MYSQL_ROW row;
    printf_mysql_query("SELECT `%s` FROM `channels` WHERE `channel_id` = '%d'", channel_setting, chan->channel_id);
    res = mysql_use();
    if ((row = mysql_fetch_row(res)) == NULL) return 0;
    int require_access = atoi((row[0] ? row[0] : getChanDefault(channel_setting)));
    if(require_access == 0) return 1;
    if(!(user->flags & USERFLAG_ISAUTHED)) return 0;
    int caccess = 0;
    printf_mysql_query("SELECT `user_id`, `user_access`, `user_god` FROM `users` WHERE `user_user` = '%s'", escape_string(user->auth));
    res = mysql_use();
    if ((row = mysql_fetch_row(res)) != NULL) {
        printf_mysql_query("SELECT `chanuser_access`, `chanuser_flags` FROM `chanusers` WHERE `chanuser_uid` = '%s' AND `chanuser_cid` = '%d'", row[0], chan->channel_id);
        res = mysql_use();
        if ((row = mysql_fetch_row(res)) != NULL) {
            int cflags = atoi(row[1]);
            if(!(cflags & DB_CHANUSER_SUSPENDED))
                caccess = atoi(row[0]);
        }
    }
    if(caccess >= require_access) return 1;
    if(caccess == 500 && require_access == 501 && allow_501) return 1;
    return 0;
}

void _loadChannelSettings(struct ChanNode *chan) {
    MYSQL_RES *res;
    MYSQL_ROW row;
    printf_mysql_query("SELECT `channel_id` FROM `channels` WHERE `channel_name` = '%s'", escape_string(chan->name));
    res = mysql_use();
    if ((row = mysql_fetch_row(res)) != NULL) {
        chan->flags |= CHANFLAG_CHAN_REGISTERED;
        chan->channel_id = atoi(row[0]);
    }
    chan->flags |= CHANFLAG_REQUESTED_CHANINFO;
}

//TODO: fix performance: we should cache the user access
int isUserProtected(struct ChanNode *chan, struct UserNode *victim, struct UserNode *issuer) {
    /* Don't protect if someone is attacking himself, or if the aggressor is an IRC Operator. */
    if(victim == issuer || (issuer->flags & USERFLAG_ISIRCOP)) return 0;
    
    /* Don't protect if no one is to be protected. */
    MYSQL_RES *res;
    MYSQL_ROW row;
    char protection;
    loadChannelSettings(chan);
    if(!(chan->flags & CHANFLAG_CHAN_REGISTERED)) return 0;
    printf_mysql_query("SELECT `channel_protect` FROM `channels` WHERE `channel_id` = '%d'", chan->channel_id);
    res = mysql_use();
    if(!(row = mysql_fetch_row(res))) return 0;
    if(row[0]) {
        protection = (char) atoi(row[0]);
    } else {
         printf_mysql_query("SELECT `channel_protect` FROM `channels` WHERE `channel_name` = 'defaults'");
        res = mysql_use();
        row = mysql_fetch_row(res);
        protection = (char) atoi(row[0]);
    }
    if(protection == 3) return 0;
    
    /* Don't protect if the victim isn't added to the channel, unless we are to protect non-users also. */
    int victim_access = getChannelAccess(victim, chan);
    if (!victim_access && protection != 0) return 0;
    
    /* Protect if the aggressor isn't a user because at this point, the aggressor can only be less than or equal to the victim. */
    int issuer_access = getChannelAccess(issuer, chan);
    if (!issuer_access) return 1;
    
    /* If the aggressor was a user, then the victim can't be helped. */
    if(!victim_access) return 0;
    
    switch(protection) {
        case 0:
        case 1:
            if(victim_access >= issuer_access) return 1;
            break;
        case 2:
            if(victim_access > issuer_access) return 1;
            break;
    }
    return 0;
}

char *getBanAffectingMask(struct ChanNode *chan, char *mask) {
    loadChannelSettings(chan);
    if(!(chan->flags & CHANFLAG_CHAN_REGISTERED)) return 0;
    MYSQL_RES *res;
    MYSQL_ROW row;
    printf_mysql_query("SELECT `ban_mask` FROM `bans` WHERE `ban_channel` = '%d'", chan->channel_id);
    res = mysql_use();
    while ((row = mysql_fetch_row(res)) != NULL) {
        if(!match(row[0], mask))
            return row[0];
    }
    return NULL;
}

int renameAccount(char *oldauth, char *newauth) {
    MYSQL_RES *res, *res2;
    MYSQL_ROW row, row2;
    printf_mysql_query("SELECT `user_id` FROM `users` WHERE `user_user` = '%s'", escape_string(oldauth));
    res = mysql_use();
    if ((row = mysql_fetch_row(res)) != NULL) {
        int userid = atoi(row[0]);
        printf_mysql_query("SELECT `user_id` FROM `users` WHERE `user_user` = '%s'", escape_string(newauth));
        res = mysql_use();
        if((row = mysql_fetch_row(res)) != NULL) {
            //merge
            int newuid = atoi(row[0]);
            printf_mysql_query("SELECT `chanuser_id`, `chanuser_access`, `chanuser_flags` FROM `chanusers` WHERE `chanuser_uid` = '%d'", newuid);
            res = mysql_use();
            while((row = mysql_fetch_row(res)) != NULL) {
                printf_mysql_query("SELECT `chanuser_id`, `chanuser_access`, `chanuser_flags` FROM `chanusers` WHERE `chanuser_uid` = '%d'", userid);
                res2 = mysql_use();
                if((row2 = mysql_fetch_row(res2)) != NULL) {
                    if(atoi(row[0]) > atoi(row2[0])) {
                        printf_mysql_query("UPDATE `chanusers` SET `chanuser_access` = '%s' WHERE `chanuser_id` = '%s'", row[0], row2[0]);
                    }
                    printf_mysql_query("DELETE FROM `chanusers` WHERE `chanuser_id` = '%s'", row[0]);
                } else
                    printf_mysql_query("UPDATE `chanusers` SET `chanuser_uid` = '%d' WHERE `chanuser_id` = '%s'", userid, row[0]);
            }
            printf_mysql_query("UPDATE `channels` SET `channel_registrator` = '%d' WHERE `channel_registrator` = '%d'", userid, newuid);
            printf_mysql_query("UPDATE `bans` SET `ban_owner` = '%d' WHERE `ban_owner` = '%d'", userid, newuid);
            printf_mysql_query("UPDATE `events` SET `auth` = '%s' WHERE `auth` = '%s'", escape_string(newauth), escape_string(oldauth));
            printf_mysql_query("UPDATE `godlog` SET `godlog_uid` = '%d' WHERE `godlog_uid` = '%d'", userid, newuid);
            printf_mysql_query("UPDATE `owner_history` SET `owner_history_to_uid` = '%d' WHERE `owner_history_to_uid` = '%d'", userid, newuid);
            printf_mysql_query("UPDATE `owner_history` SET `owner_history_from_uid` = '%d' WHERE `owner_history_from_uid` = '%d'", userid, newuid);
            printf_mysql_query("UPDATE `owner_history` SET `owner_history_from_uid` = '%d' WHERE `owner_history_from_uid` = '%d'", userid, newuid);
            printf_mysql_query("UPDATE `noinvite` SET `uid` = '%d' WHERE `uid` = '%d'", userid, newuid);
            printf_mysql_query("DELETE FROM `users` WHERE `chanuser_id` = '%d'", newuid);
        } else {
            //simply rename the account
            printf_mysql_query("UPDATE `users` SET `user_user` = '%s' WHERE `user_id` = '%d'", escape_string(newauth), userid);
        }
        return 1;
    }
    return 0;
}

static AUTHLOOKUP_CALLBACK(event_user_registered_auth_lookup);

struct event_user_registered_cache {
    struct UserNode *new_user;
    char *oldauth;
};

static int event_user_registered(struct UserNode *old_user, struct UserNode *new_user) {
    //check if there is a fakehost on both sides...
    if(!isFakeHost(old_user->host) || !isFakeHost(new_user->host)) return 0;
    //extract user names
    char oldauth[AUTHLEN], newauth[AUTHLEN];
    char *p;
    if((p = strstr(old_user->host, "."))) {
        *p = '\0';
        strcpy(oldauth, old_user->host);
        *p = '.';
    }
    if((p = strstr(new_user->host, "."))) {
        *p = '\0';
        strcpy(newauth, new_user->host);
        *p = '.';
    }
    //check if we know this user; then check the new auth
    MYSQL_RES *res;
    MYSQL_ROW row;
    printf_mysql_query("SELECT `user_id` FROM `users` WHERE `user_user` = '%s'", escape_string(oldauth));
    res = mysql_use();
    if ((row = mysql_fetch_row(res)) != NULL) {
        struct event_user_registered_cache *cache = malloc(sizeof(*cache));
        if (!cache) {
            perror("malloc() failed");
            return 1;
        }
        cache->new_user = new_user;
        cache->oldauth = strdup(oldauth);
        lookup_authname(newauth, event_user_registered_auth_lookup, cache);
    }
    return 1;
}

static AUTHLOOKUP_CALLBACK(event_user_registered_auth_lookup) {
    struct event_user_registered_cache *cache = data;
    if(exists) {
        renameAccount(cache->oldauth, auth);
        strcpy(cache->new_user->auth, auth);
        cache->new_user->flags |= USERFLAG_ISAUTHED;
    }
    free(cache->oldauth);
}

void init_DBHelper() {
    bind_registered(event_user_registered);
}